last executing test programs: 7.309588857s ago: executing program 1 (id=69): socket$can_bcm(0x1d, 0x2, 0x2) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x3, 0x4, 0x9, 0x0, r0}, 0x50) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a030200020000000000000200000009"], 0x80}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0) 7.076945862s ago: executing program 1 (id=70): r0 = socket$netlink(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000040340000000000000800000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000357500007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) 5.433046794s ago: executing program 3 (id=77): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect$cdc_ncm(0x3, 0x6e, &(0x7f0000000080)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x41015500, &(0x7f0000000500)) 5.10779804s ago: executing program 0 (id=79): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000940)={[{@barrier_val}, {@resuid}, {@block_validity}, {@errors_remount}]}, 0x1, 0x79b, &(0x7f0000000180)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm") bpf$OBJ_GET_PROG(0x7, &(0x7f0000001540)=@generic={&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'}, 0x18) 4.991912533s ago: executing program 1 (id=80): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000007100000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000780)=r2, 0x4) sendmsg$inet(r1, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x40000) 4.768055587s ago: executing program 0 (id=81): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) memfd_secret(0x0) 4.767228556s ago: executing program 1 (id=82): socket(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0) preadv(r2, &(0x7f0000004ec0)=[{0x0}], 0x1, 0x8000, 0x0) 4.537168212s ago: executing program 0 (id=83): setsockopt(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000080)="01000000000006", 0x7) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={0x0, 0x1, 0x6, @local}, 0x10) setsockopt$packet_buf(r0, 0x107, 0x2, &(0x7f0000000080)="5ec78db485c534bd", 0x8) 4.536895721s ago: executing program 1 (id=84): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c) 4.476425623s ago: executing program 0 (id=85): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='\x00'/15, @ANYRES32], 0x50) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, 0x0, 0x0) setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, 0x0, 0x310) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) dup2(r3, r3) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r6, 0x0, 0x5}, 0x18) mknod$loop(0x0, 0x6000, 0x0) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90) 2.929343643s ago: executing program 2 (id=87): bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) sendmmsg(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f00000004c0)=[{0x0}], 0x1}}], 0x1, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b}, 0x94) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000140), r1) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100000008000100030000002c0004800500030080ff00000500030080ff00000500030000000000050003000100000005000300800000000800020003"], 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x0) r3 = open_tree(0xffffffffffffff9c, 0x0, 0x89901) r4 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r4) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x13, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000008000000180100002520732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000f98500000006000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair(0x1, 0x80001, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', r5, 0x0, 0x8, 0xfe, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x35}, 0x0, 0x0, 0x2}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'ip6tnl0\x00', r7, 0x0, 0xff, 0x64, 0x7, 0x0, @dev, @private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x8000, 0xfffffffe}}) move_mount(r3, 0x0, r0, 0x0, 0x46) fsetxattr$trusted_overlay_redirect(r6, &(0x7f0000000800), &(0x7f0000000840)='./file0\x00', 0x8, 0x2) close(r0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000780)={[], [{@dont_hash}, {@dont_hash}, {@smackfstransmute={'smackfstransmute', 0x3d, '[}@'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'ip6tnl0\x00'}}, {@audit}]}, 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r9, 0x0, 0x2}, 0x18) r10 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="280000002100210100000000000000000a0000000000000200"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0) 2.211476006s ago: executing program 2 (id=88): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1002002, 0x0) r1 = dup(r0) r2 = open(&(0x7f0000000380)='./bus\x00', 0x40542, 0x0) ftruncate(r2, 0xee72) sendfile(r1, r2, 0x0, 0x8000fffffffe) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0x19) 2.141135938s ago: executing program 3 (id=89): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000001480)={'syzkaller0\x00', 0x7101}) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x18) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) stat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}, {&(0x7f00000009c0)=ANY=[@ANYRES8, @ANYBLOB], 0x2cc}], 0x2, 0x0, 0x0, 0x20000001}, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000040)=0xc) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r3, {r5, r6}}, './file0\x00'}) setresuid(r5, r5, r7) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000ae000000b703000007000000850000000e000000850000000800000095"], 0x0, 0x100000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYRESOCT=r1], 0x0, 0x1, 0x0, 0x0, 0x0, 0x70, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000b80)={{r8}, 0x0, &(0x7f0000000b40)}, 0x20) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r9}, 0x10) r10 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r10, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSACTIVE(r10, 0x40107446, &(0x7f0000001000)={0x2, &(0x7f0000000140)=[{0x48, 0x9, 0x0, 0x80000001}, {0x6, 0x1, 0xf7}]}) write(r10, &(0x7f0000000080)="3aa0", 0x2) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r11}, 0x10) r12 = socket$nl_route(0x10, 0x3, 0x0) r13 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000100)={'bridge0\x00', 0x0}) sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r14, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0) 1.896819833s ago: executing program 2 (id=90): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20) r3 = socket$rds(0x15, 0x5, 0x0) bind$rds(r3, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r3, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, 0x0}}], 0x90}, 0x0) 1.722440046s ago: executing program 0 (id=91): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e25, 0x6, @local, 0xb}, 0x1c) 1.653199287s ago: executing program 2 (id=92): r0 = syz_io_uring_setup(0x3b52, &(0x7f0000000140)={0x0, 0x5883, 0x1000, 0x8003, 0x1c2}, &(0x7f0000000040)=0x0, &(0x7f0000000680)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1}) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10) io_uring_enter(r0, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0) 1.652977797s ago: executing program 3 (id=93): socket(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0) preadv(r2, &(0x7f0000004ec0)=[{0x0}], 0x1, 0x8000, 0x0) 1.481715721s ago: executing program 0 (id=94): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001200)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000fa890f35570000000000000000000000ba3b9204d983710ac799f9079f1fa6d0f7c0086a2d95449e6a0f98c1924a35301972c86bf8b444644aa4e97039070c4973c8df295067a3b5c558da22e5ab98a5d9af5cdce28769a2657363fe2b06f59d69ef50ef4aeff4b6b2b9ca5a67fc970dadcbd590a1cd84d0dca51cc3895eeeb1a98a8a6d11b48e42e99c537703"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$yama_ptrace_scope(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$F2FS_IOC_RESIZE_FS(0xffffffffffffffff, 0x4008f510, &(0x7f0000000080)=0x7) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() r2 = syz_usb_connect$printer(0x2, 0x2d, &(0x7f00000000c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x3f0, 0x4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0xff, 0x80, 0xc, [{{0x9, 0x4, 0x0, 0xfd, 0x4, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x4, 0x20, 0xb}}}}}]}}]}}, 0x0) syz_usb_control_io$printer(r2, &(0x7f0000001100)={0x14, 0x0, &(0x7f0000000300)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0) syz_usb_control_io(r2, 0x0, 0x0) syz_usb_control_io(r2, 0x0, 0x0) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000) write$char_usb(r3, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0) r6 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f0000000540)="85372b9df444b974c604409df98688f557b0c2154d816bd93d65019c3942d0217a285929b5b673f96f37d5d91f08b9a7b6feebcf95737877ba38ce8f2ff3cfd6e36ff8445d2f", 0x46, 0xfffffffffffffffd) keyctl$read(0xb, r6, &(0x7f0000000240)=""/112, 0x349b7f55) socket$packet(0x11, 0x2, 0x300) r7 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$netlink(r7, 0x10e, 0x5, &(0x7f0000000040)=""/162, &(0x7f0000000100)=0xa2) 1.406357582s ago: executing program 2 (id=95): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x14, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000077cb0000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 1.285241355s ago: executing program 3 (id=96): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x1}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x1b, &(0x7f0000000cc0)=ANY=[@ANYBLOB="1830000075000000000000000500000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000020b703000003000000850000000600000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000030000008500000006000000180100002020692500000000002020207b1af8ff00000000bfe79c000000000007010000f8ffffffb702000008000000b703000005000000850000000600000095"], &(0x7f00000000c0)='GPL\x00', 0x5, 0xf8, &(0x7f0000000100)=""/248, 0x0, 0x2c}, 0x24) 1.03766509s ago: executing program 3 (id=97): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0a00000004000000dd0000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0xa) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000007}, [@call={0x85, 0x0, 0x0, 0x27}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 972.26818ms ago: executing program 2 (id=98): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000200b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10) 373.199602ms ago: executing program 1 (id=99): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) socketpair(0x2c, 0x2a659023deba4719, 0x10000, 0x0) 0s ago: executing program 3 (id=100): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000010000000000000000000000711229000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fd}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000011c0)={r0, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000001240), 0x0, 0x4068, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): syzkaller login: [ 97.455420][ T1195] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.250' (ED25519) to the list of known hosts. [ 101.471260][ T5777] cgroup: Unknown subsys name 'net' [ 101.616717][ T5777] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 104.171883][ T5777] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 106.358002][ T5791] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 106.368228][ T5791] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 106.379383][ T5791] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 106.389910][ T5791] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 106.399937][ T5801] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 106.409086][ T5801] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 106.424430][ T5798] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 106.435831][ T5799] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 106.436069][ T5798] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 106.448707][ T5799] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 106.461398][ T5798] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 106.468118][ T5799] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 106.480445][ T5798] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 106.486029][ T5791] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 106.497826][ T5798] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 106.512057][ T5799] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 106.519684][ T5798] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 106.526009][ T5799] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 106.541894][ T5791] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 106.550557][ T5798] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 106.560193][ T5798] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 106.598306][ T5801] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 106.612623][ T5103] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 106.621918][ T5103] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 107.321200][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 107.336109][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 107.478020][ T5787] chnl_net:caif_netlink_parms(): no params data found [ 107.587565][ T5788] chnl_net:caif_netlink_parms(): no params data found [ 107.647514][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.656232][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.666586][ T5789] bridge_slave_0: entered allmulticast mode [ 107.676750][ T5789] bridge_slave_0: entered promiscuous mode [ 107.704294][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.712492][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.726022][ T5786] bridge_slave_0: entered allmulticast mode [ 107.735571][ T5786] bridge_slave_0: entered promiscuous mode [ 107.774224][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.784947][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.795334][ T5789] bridge_slave_1: entered allmulticast mode [ 107.804797][ T5789] bridge_slave_1: entered promiscuous mode [ 107.832266][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.841005][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.849380][ T5786] bridge_slave_1: entered allmulticast mode [ 107.861216][ T5786] bridge_slave_1: entered promiscuous mode [ 107.907346][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.915861][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.926887][ T5787] bridge_slave_0: entered allmulticast mode [ 107.944737][ T5787] bridge_slave_0: entered promiscuous mode [ 107.991423][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.000966][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.010280][ T5787] bridge_slave_1: entered allmulticast mode [ 108.026040][ T5787] bridge_slave_1: entered promiscuous mode [ 108.060559][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.092965][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.109172][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.130072][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.230178][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.248199][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.299096][ T5786] team0: Port device team_slave_0 added [ 108.310540][ T5786] team0: Port device team_slave_1 added [ 108.355392][ T5789] team0: Port device team_slave_0 added [ 108.367872][ T5789] team0: Port device team_slave_1 added [ 108.375950][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.385032][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.395941][ T5788] bridge_slave_0: entered allmulticast mode [ 108.405948][ T5788] bridge_slave_0: entered promiscuous mode [ 108.433928][ T5787] team0: Port device team_slave_0 added [ 108.446301][ T5787] team0: Port device team_slave_1 added [ 108.472183][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.480156][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.489500][ T5788] bridge_slave_1: entered allmulticast mode [ 108.501608][ T5788] bridge_slave_1: entered promiscuous mode [ 108.589287][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.597255][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.633167][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.651820][ T5103] Bluetooth: hci1: command tx timeout [ 108.653745][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.661428][ T5103] Bluetooth: hci2: command tx timeout [ 108.668226][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.675183][ T5797] Bluetooth: hci0: command tx timeout [ 108.675349][ T5797] Bluetooth: hci3: command tx timeout [ 108.721874][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.754115][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.762820][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.804414][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.821654][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.830746][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.862404][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.884044][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.910086][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.928129][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.963780][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.993935][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 109.003384][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.040873][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 109.068049][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.197927][ T5788] team0: Port device team_slave_0 added [ 109.250025][ T5786] hsr_slave_0: entered promiscuous mode [ 109.259471][ T5786] hsr_slave_1: entered promiscuous mode [ 109.273228][ T5788] team0: Port device team_slave_1 added [ 109.325319][ T5789] hsr_slave_0: entered promiscuous mode [ 109.337612][ T5789] hsr_slave_1: entered promiscuous mode [ 109.347500][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 109.363326][ T5789] Cannot create hsr debugfs directory [ 109.439572][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.447961][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.487589][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.516244][ T5787] hsr_slave_0: entered promiscuous mode [ 109.528125][ T5787] hsr_slave_1: entered promiscuous mode [ 109.540104][ T5787] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 109.560929][ T5787] Cannot create hsr debugfs directory [ 109.610110][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 109.632807][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.678234][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 109.894591][ T5788] hsr_slave_0: entered promiscuous mode [ 109.906355][ T5788] hsr_slave_1: entered promiscuous mode [ 109.919838][ T5788] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 109.932581][ T5788] Cannot create hsr debugfs directory [ 110.646045][ T5789] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 110.668586][ T5789] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 110.693618][ T5789] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 110.713034][ T5789] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 110.732345][ T5103] Bluetooth: hci2: command tx timeout [ 110.740166][ T5103] Bluetooth: hci3: command tx timeout [ 110.751260][ T5794] Bluetooth: hci0: command tx timeout [ 110.761931][ T5797] Bluetooth: hci1: command tx timeout [ 110.881285][ T5786] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 110.907497][ T5786] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 110.926048][ T5786] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 110.952790][ T5786] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 111.090393][ T5787] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 111.119803][ T5787] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 111.138525][ T5787] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 111.165975][ T5787] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 111.320440][ T5788] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 111.337613][ T5788] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 111.350386][ T5788] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 111.377484][ T5788] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 111.548607][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.632757][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.708806][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.749808][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.769733][ T3431] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.779423][ T3431] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.805555][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.833606][ T3431] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.845843][ T3431] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.905987][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.914736][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.024410][ T5787] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.038054][ T3431] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.046723][ T3431] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.075405][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0 [ 112.133495][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.148349][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.187559][ T3461] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.198699][ T3461] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.278642][ T5788] 8021q: adding VLAN 0 to HW filter on device team0 [ 112.327789][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.337633][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 112.387844][ T3431] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.397244][ T3431] bridge0: port 2(bridge_slave_1) entered forwarding state [ 112.812014][ T5103] Bluetooth: hci0: command tx timeout [ 112.822039][ T5801] Bluetooth: hci3: command tx timeout [ 112.828156][ T5801] Bluetooth: hci2: command tx timeout [ 112.836380][ T5797] Bluetooth: hci1: command tx timeout [ 112.880490][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.050312][ T5789] veth0_vlan: entered promiscuous mode [ 113.122843][ T5789] veth1_vlan: entered promiscuous mode [ 113.248933][ T5789] veth0_macvtap: entered promiscuous mode [ 113.296753][ T5789] veth1_macvtap: entered promiscuous mode [ 113.344227][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.386087][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 113.398724][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.431583][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 113.464319][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.503567][ T5789] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.514204][ T5789] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.525514][ T5789] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.536415][ T5789] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.617734][ T5786] veth0_vlan: entered promiscuous mode [ 113.715172][ T5786] veth1_vlan: entered promiscuous mode [ 113.745835][ T5788] veth0_vlan: entered promiscuous mode [ 113.785124][ T5787] veth0_vlan: entered promiscuous mode [ 113.847079][ T5788] veth1_vlan: entered promiscuous mode [ 113.875645][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 113.885596][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 113.885870][ T5787] veth1_vlan: entered promiscuous mode [ 113.983991][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.009709][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.052083][ T5786] veth0_macvtap: entered promiscuous mode [ 114.079836][ T5787] veth0_macvtap: entered promiscuous mode [ 114.116456][ T5786] veth1_macvtap: entered promiscuous mode [ 114.133882][ T5788] veth0_macvtap: entered promiscuous mode [ 114.146222][ T5787] veth1_macvtap: entered promiscuous mode [ 114.203021][ T5788] veth1_macvtap: entered promiscuous mode [ 114.230203][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.244875][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.266579][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.282220][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.296348][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.319324][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.345011][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.365371][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 114.422761][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.461749][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.484608][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.502924][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.525988][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.540076][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 114.559209][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.576995][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 114.626708][ T5786] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.648475][ T5786] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.669201][ T5786] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.689827][ T5786] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.709147][ T5787] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.725812][ T5787] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.743081][ T5787] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.757037][ T5787] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.885824][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.901169][ T5103] Bluetooth: hci0: command tx timeout [ 114.901194][ T5801] Bluetooth: hci2: command tx timeout [ 114.907462][ T5103] Bluetooth: hci1: command tx timeout [ 114.914123][ T5797] Bluetooth: hci3: command tx timeout [ 114.934129][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.946408][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.961571][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 114.973827][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 114.987135][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.006669][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 115.129636][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.161365][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.173347][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.185865][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.198280][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.210185][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.231674][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 115.276700][ T5788] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.322182][ T5788] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.334507][ T5788] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.344620][ T5788] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.636466][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.649161][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.964629][ T5894] syz.3.9[5894]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 116.041968][ T5894] loop3: detected capacity change from 0 to 512 [ 116.291963][ T5894] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.312557][ T5894] ext4 filesystem being mounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 116.570455][ T2966] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.619391][ T2966] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.781501][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 116.821673][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.864066][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.986539][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.010940][ T2966] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.020339][ T2966] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.020684][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.159263][ T5901] macvtap0: refused to change device tx_queue_len [ 117.189239][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.211298][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.232211][ T5903] loop1: detected capacity change from 0 to 2048 [ 117.352254][ T5903] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 117.592596][ T5911] loop3: detected capacity change from 0 to 128 [ 117.642095][ T5911] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 117.758703][ T27] audit: type=1800 audit(1759209151.169:2): pid=5911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.11" name="file2" dev="loop3" ino=1048592 res=0 errno=0 [ 117.777884][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.831207][ T5911] syz.3.11: attempt to access beyond end of device [ 117.831207][ T5911] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 118.591599][ T5931] loop0: detected capacity change from 0 to 128 [ 120.306020][ T5949] loop3: detected capacity change from 0 to 128 [ 120.572098][ T5949] syz.3.22: attempt to access beyond end of device [ 120.572098][ T5949] loop3: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 121.661158][ T5952] netlink: 'syz.2.24': attribute type 1 has an invalid length. [ 121.697886][ T5952] netlink: 4 bytes leftover after parsing attributes in process `syz.2.24'. [ 123.020491][ T5974] hub 9-0:1.0: USB hub found [ 123.029485][ T5974] hub 9-0:1.0: 1 port detected [ 123.671712][ T5975] netlink: 16 bytes leftover after parsing attributes in process `syz.2.31'. [ 123.740451][ T5975] netlink: 20 bytes leftover after parsing attributes in process `syz.2.31'. [ 123.780612][ C1] sched: RT throttling activated [ 124.078361][ T5158] udevd[5158]: worker [5899] terminated by signal 33 (Unknown signal 33) [ 124.119585][ T5158] udevd[5158]: worker [5899] failed while handling '/devices/virtual/block/loop2' [ 124.378135][ T5985] syz.2.37[5985] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 124.378374][ T5985] syz.2.37[5985] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 124.445066][ T5985] loop2: detected capacity change from 0 to 164 [ 124.563555][ T5898] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 124.821790][ T5993] syz.2.40[5993] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 124.823438][ T5993] syz.2.40[5993] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.267964][ T6002] loop2: detected capacity change from 0 to 512 [ 125.313127][ T6002] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 125.329321][ T6002] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 125.413135][ T6002] EXT4-fs (loop2): 1 truncate cleaned up [ 125.423785][ T6002] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.503567][ T27] audit: type=1800 audit(1759209158.919:3): pid=6002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.45" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 125.897568][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.025287][ T6025] syz.0.54[6025] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 126.025441][ T6025] syz.0.54[6025] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 126.292563][ T27] audit: type=1326 audit(1759209159.709:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a16f8eec9 code=0x7ffc0000 [ 126.353729][ T6035] netlink: 12 bytes leftover after parsing attributes in process `syz.2.58'. [ 126.368845][ T27] audit: type=1326 audit(1759209159.709:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a16f8eec9 code=0x7ffc0000 [ 126.428552][ T27] audit: type=1326 audit(1759209159.759:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a16f8eec9 code=0x7ffc0000 [ 126.534171][ T27] audit: type=1326 audit(1759209159.759:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a16f8eec9 code=0x7ffc0000 [ 126.565764][ T27] audit: type=1326 audit(1759209159.769:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a16f8eec9 code=0x7ffc0000 [ 126.639775][ T27] audit: type=1326 audit(1759209159.789:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a16f8eec9 code=0x7ffc0000 [ 126.698798][ T27] audit: type=1326 audit(1759209159.789:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a16f8eec9 code=0x7ffc0000 [ 126.727126][ T27] audit: type=1326 audit(1759209159.789:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1a16f8eec9 code=0x7ffc0000 [ 126.755818][ T27] audit: type=1326 audit(1759209159.829:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.57" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a16f8eec9 code=0x7ffc0000 [ 127.111276][ T9] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 127.230161][ T6056] tipc: Started in network mode [ 127.236145][ T6056] tipc: Node identity 1e3e4aed7a39, cluster identity 4711 [ 127.246687][ T6056] tipc: Enabled bearer , priority 0 [ 127.283073][ T6056] tipc: Resetting bearer [ 127.352418][ T6055] tipc: Disabling bearer [ 127.376888][ T9] usb 3-1: config 1 interface 0 altsetting 253 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 127.421446][ T9] usb 3-1: config 1 interface 0 has no altsetting 0 [ 127.452662][ T9] usb 3-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40 [ 127.469120][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.479210][ T9] usb 3-1: Product: syz [ 127.493917][ T9] usb 3-1: Manufacturer: syz [ 127.505245][ T9] usb 3-1: SerialNumber: syz [ 127.791751][ T9] usblp0: Disabling reads from problematic bidirectional printer [ 127.907557][ T6064] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.001272][ T9] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 253 proto 1 vid 0x03F0 pid 0x0004 [ 128.270202][ T6064] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.693519][ T6064] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.831577][ T6072] syz.0.73[6072] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 128.831728][ T6072] syz.0.73[6072] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 128.927340][ T6064] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.150657][ T6079] syz.3.74 uses obsolete (PF_INET,SOCK_PACKET) [ 129.572195][ T6064] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.635802][ T6064] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.699020][ T6064] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 129.760519][ T6064] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 130.060716][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 130.251365][ T9] usb 4-1: device descriptor read/64, error -71 [ 130.532001][ T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 130.716123][ T9] usb 4-1: device descriptor read/64, error -71 [ 130.861953][ T9] usb usb4-port1: attempt power cycle [ 131.016118][ T8] usb 3-1: USB disconnect, device number 2 [ 131.091521][ T8] usblp0: removed [ 131.327866][ T6102] syz.1.84: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 131.348681][ T6102] CPU: 1 PID: 6102 Comm: syz.1.84 Not tainted syzkaller #0 [ 131.357824][ T6102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 131.369388][ T6102] Call Trace: [ 131.373292][ T6102] [ 131.376834][ T6102] dump_stack_lvl+0x16c/0x230 [ 131.382225][ T6102] ? show_regs_print_info+0x20/0x20 [ 131.388295][ T6102] ? load_image+0x3b0/0x3b0 [ 131.393123][ T6102] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 131.401266][ T6102] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 131.404055][ T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 131.408531][ T6102] warn_alloc+0x210/0x300 [ 131.422619][ T6102] ? zone_watermark_ok_safe+0x230/0x230 [ 131.429582][ T6102] ? _raw_spin_unlock+0x28/0x40 [ 131.435506][ T6102] __vmalloc_node_range+0x662/0x1320 [ 131.441662][ T6102] ? __alloc_pages+0xa1/0x460 [ 131.448948][ T6102] ? free_vm_area+0x50/0x50 [ 131.454033][ T6102] ? packet_set_ring+0x712/0x2380 [ 131.460107][ T6102] vzalloc+0x79/0x90 [ 131.464970][ T6102] ? packet_set_ring+0x712/0x2380 [ 131.470820][ T6102] packet_set_ring+0x712/0x2380 [ 131.476882][ T6102] ? packet_mmap+0x4e0/0x4e0 [ 131.482705][ T6102] ? __lock_acquire+0x7c80/0x7c80 [ 131.488940][ T6102] ? __local_bh_enable_ip+0x12e/0x1c0 [ 131.495679][ T6102] ? lockdep_hardirqs_on+0x98/0x150 [ 131.501601][ T6102] ? __might_fault+0xaa/0x120 [ 131.506797][ T6102] ? __might_fault+0xc6/0x120 [ 131.512246][ T6102] ? __might_fault+0xaa/0x120 [ 131.518072][ T6102] ? _copy_from_user+0xa5/0xe0 [ 131.523276][ T6102] packet_setsockopt+0xc58/0x12a0 [ 131.529266][ T6102] ? packet_ioctl+0x340/0x340 [ 131.534665][ T6102] ? aa_sk_perm+0x7fc/0x930 [ 131.539931][ T6102] ? aa_af_perm+0x2b0/0x2b0 [ 131.545636][ T6102] ? __fget_files+0x28/0x4d0 [ 131.550544][ T6102] ? aa_sock_opt_perm+0x74/0x100 [ 131.556163][ T6102] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 131.562461][ T6102] ? security_socket_setsockopt+0x7e/0xa0 [ 131.569530][ T6102] ? packet_ioctl+0x340/0x340 [ 131.575197][ T6102] do_sock_setsockopt+0x175/0x1a0 [ 131.580719][ T6102] ? __fdget+0x180/0x210 [ 131.588962][ T6102] __x64_sys_setsockopt+0x184/0x200 [ 131.594596][ T6102] do_syscall_64+0x55/0xb0 [ 131.599781][ T6102] ? clear_bhb_loop+0x40/0x90 [ 131.605127][ T6102] ? clear_bhb_loop+0x40/0x90 [ 131.610827][ T6102] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 131.619582][ T6102] RIP: 0033:0x7fc03678eec9 [ 131.624529][ T6102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 131.648985][ T6102] RSP: 002b:00007fc037568038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 131.658522][ T6102] RAX: ffffffffffffffda RBX: 00007fc0369e5fa0 RCX: 00007fc03678eec9 [ 131.667914][ T6102] RDX: 0000000000000005 RSI: 0000000000000107 RDI: 0000000000000006 [ 131.677514][ T6102] RBP: 00007fc036811f91 R08: 000000000000001c R09: 0000000000000000 [ 131.688687][ T6102] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 131.699758][ T6102] R13: 00007fc0369e6038 R14: 00007fc0369e5fa0 R15: 00007ffea2da5f58 [ 131.709217][ T6102] [ 131.713729][ T9] usb 4-1: device descriptor read/8, error -71 [ 131.720926][ T6102] Mem-Info: [ 131.724747][ T6102] active_anon:5343 inactive_anon:0 isolated_anon:0 [ 131.724747][ T6102] active_file:1144 inactive_file:39876 isolated_file:0 [ 131.724747][ T6102] unevictable:768 dirty:661 writeback:0 [ 131.724747][ T6102] slab_reclaimable:9947 slab_unreclaimable:91495 [ 131.724747][ T6102] mapped:24355 shmem:1372 pagetables:546 [ 131.724747][ T6102] sec_pagetables:0 bounce:0 [ 131.724747][ T6102] kernel_misc_reclaimable:0 [ 131.724747][ T6102] free:1345422 free_pcp:13335 free_cma:0 [ 131.826368][ T6102] Node 0 active_anon:21372kB inactive_anon:0kB active_file:4576kB inactive_file:159300kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97420kB dirty:2632kB writeback:0kB shmem:3952kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11100kB pagetables:2184kB sec_pagetables:0kB all_unreclaimable? no [ 131.940810][ T6102] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:12kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 132.027928][ T6102] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 132.061771][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 132.077602][ T6102] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 132.084555][ T6102] Node 0 DMA32 free:1501396kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:21324kB inactive_anon:0kB active_file:4576kB inactive_file:157988kB unevictable:1536kB writepending:2628kB present:3129332kB managed:2589600kB mlocked:0kB bounce:0kB free_pcp:8720kB local_pcp:7996kB free_cma:0kB [ 132.138874][ T9] usb 4-1: device descriptor read/8, error -71 [ 132.146768][ T6102] lowmem_reserve[]: 0 0 1 1 1 [ 132.169702][ T6102] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:4kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB [ 132.236780][ T6102] lowmem_reserve[]: 0 0 0 0 0 [ 132.249719][ T6102] Node 1 Normal free:3885252kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:12kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:24172kB local_pcp:10216kB free_cma:0kB [ 132.287954][ T9] usb usb4-port1: unable to enumerate USB device [ 132.319745][ T6107] loop2: detected capacity change from 0 to 1024 [ 132.328528][ T6102] lowmem_reserve[]: 0 0 0 0 0 [ 132.329821][ T6107] ext4: Unknown parameter 'dont_hash' [ 132.371144][ T6102] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 132.410752][ T6102] Node 0 DMA32: 253*4kB (ME) 178*8kB (UME) 134*16kB (UME) 154*32kB (UME) 61*64kB (UME) 15*128kB (UME) 11*256kB (ME) 5*512kB (UM) 1*1024kB (M) 4*2048kB (ME) 359*4096kB (M) = 1500388kB [ 132.440814][ T6107] netlink: 12 bytes leftover after parsing attributes in process `syz.2.87'. [ 132.449546][ T6102] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 132.500498][ T6102] Node 1 Normal: 281*4kB (UE) 52*8kB (UME) 50*16kB (UME) 51*32kB (UME) 23*64kB (UE) 5*128kB (UME) 1*256kB (E) 2*512kB (ME) 1*1024kB (E) 1*2048kB (E) 946*4096kB (M) = 3885252kB [ 132.564208][ T6102] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 132.619901][ T6102] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 132.652310][ T6102] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 132.669788][ T6102] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 132.720896][ T6102] 42402 total pagecache pages [ 132.736496][ T6102] 0 pages in swap cache [ 132.756229][ T6102] Free swap = 124996kB [ 132.771990][ T6102] Total swap = 124996kB [ 132.777038][ T6102] 2097051 pages RAM [ 132.813789][ T6102] 0 pages HighMem/MovableOnly [ 132.826439][ T6112] syz.3.89[6112] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 132.826592][ T6112] syz.3.89[6112] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 132.845783][ T6102] 416137 pages reserved [ 132.869960][ T6112] netlink: 'syz.3.89': attribute type 1 has an invalid length. [ 132.880958][ T6102] 0 pages cma reserved [ 132.890735][ T6112] netlink: 224 bytes leftover after parsing attributes in process `syz.3.89'. [ 132.986037][ T6112] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 133.321555][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.329796][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 239.910555][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 239.923002][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5158/1:b..l P5789/1:b..l P6132/1:b..l P5830/1:b..l [ 239.938828][ C0] rcu: (detected by 0, t=10504 jiffies, g=15665, q=545 ncpus=2) [ 239.948742][ C0] task:udevd state:R running task stack:24424 pid:5830 ppid:5158 flags:0x00004002 [ 239.964431][ C0] Call Trace: [ 239.969501][ C0] [ 239.973013][ C0] __schedule+0x14d2/0x44d0 [ 239.979858][ C0] ? mark_lock+0x94/0x320 [ 239.984942][ C0] ? asan.module_dtor+0x20/0x20 [ 239.990251][ C0] ? mark_lock+0x94/0x320 [ 239.995005][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 240.002919][ C0] ? preempt_schedule_irq+0xaa/0x140 [ 240.009009][ C0] preempt_schedule_irq+0xb5/0x140 [ 240.014406][ C0] ? preempt_schedule_notrace+0x110/0x110 [ 240.021083][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 240.028127][ C0] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 240.034539][ C0] irqentry_exit+0x67/0x70 [ 240.039980][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 240.048077][ C0] RIP: 0010:lock_acquire+0x1f2/0x410 [ 240.053896][ C0] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00 [ 240.077477][ C0] RSP: 0018:ffffc9000466fc00 EFLAGS: 00000206 [ 240.086517][ C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 102b1e1a5e6eff00 [ 240.095975][ C0] RDX: 0000000000000000 RSI: ffffffff8aaace20 RDI: ffffffff8afc71c0 [ 240.107140][ C0] RBP: ffffc9000466fd18 R08: dffffc0000000000 R09: 1ffffffff21b4ca0 [ 240.116006][ C0] R10: dffffc0000000000 R11: fffffbfff21b4ca1 R12: 1ffff920008cdf8c [ 240.125803][ C0] R13: ffffffff8cd2fe20 R14: 0000000000000246 R15: dffffc0000000000 [ 240.135617][ C0] ? __might_sleep+0xe0/0xe0 [ 240.140906][ C0] ? read_lock_is_recursive+0x20/0x20 [ 240.147298][ C0] ? inode_maybe_inc_iversion+0x14c/0x1a0 [ 240.155171][ C0] ? generic_set_encrypted_ci_d_ops+0x100/0x100 [ 240.161922][ C0] ? dput+0x3b/0x1e0 [ 240.166186][ C0] dput+0x57/0x1e0 [ 240.171303][ C0] ? dput+0x3b/0x1e0 [ 240.176430][ C0] shmem_unlink+0x287/0x2e0 [ 240.182902][ C0] vfs_unlink+0x389/0x600 [ 240.187979][ C0] do_unlinkat+0x328/0x570 [ 240.194877][ C0] ? fsnotify_link_count+0xf0/0xf0 [ 240.201303][ C0] ? getname_flags+0x20a/0x500 [ 240.206680][ C0] __x64_sys_unlink+0x49/0x50 [ 240.212151][ C0] do_syscall_64+0x55/0xb0 [ 240.217369][ C0] ? clear_bhb_loop+0x40/0x90 [ 240.222634][ C0] ? clear_bhb_loop+0x40/0x90 [ 240.227920][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 240.234901][ C0] RIP: 0033:0x7fd55bb15937 [ 240.239645][ C0] RSP: 002b:00007ffe89a1bd08 EFLAGS: 00000202 ORIG_RAX: 0000000000000057 [ 240.249151][ C0] RAX: ffffffffffffffda RBX: 000055f1388b6ba0 RCX: 00007fd55bb15937 [ 240.259021][ C0] RDX: 0000000000000001 RSI: 000055f11955c67f RDI: 00007ffe89a1bd10 [ 240.267387][ C0] RBP: 000000000000009d R08: 0000000000000064 R09: 0000000000000000 [ 240.277393][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffe89a1bd10 [ 240.287900][ C0] R13: 0000000003938700 R14: 000055f119577100 R15: 000055f119577140 [ 240.297016][ C0] [ 240.300716][ C0] task:syz.2.98 state:R running task stack:26632 pid:6132 ppid:5786 flags:0x00004000 [ 240.314762][ C0] Call Trace: [ 240.318585][ C0] [ 240.321779][ C0] __schedule+0x14d2/0x44d0 [ 240.326932][ C0] ? mark_lock+0x94/0x320 [ 240.331717][ C0] ? asan.module_dtor+0x20/0x20 [ 240.337546][ C0] ? preempt_schedule+0xab/0xc0 [ 240.342666][ C0] preempt_schedule_common+0x82/0xc0 [ 240.349753][ C0] preempt_schedule+0xab/0xc0 [ 240.356004][ C0] ? schedule_preempt_disabled+0x20/0x20 [ 240.362350][ C0] ? __lock_acquire+0x7c80/0x7c80 [ 240.367738][ C0] preempt_schedule_thunk+0x1a/0x30 [ 240.374076][ C0] _raw_spin_unlock+0x3a/0x40 [ 240.379237][ C0] unmap_page_range+0x236f/0x2fe0 [ 240.385295][ C0] ? copy_page_range+0x3600/0x3600 [ 240.391017][ C0] ? unmap_single_vma+0x1b0/0x2a0 [ 240.396999][ C0] unmap_vmas+0x25e/0x3a0 [ 240.402315][ C0] ? unmap_page_range+0x2fe0/0x2fe0 [ 240.408164][ C0] ? __lock_acquire+0x7c80/0x7c80 [ 240.414325][ C0] exit_mmap+0x200/0xb50 [ 240.418760][ C0] ? exit_mm_release+0x1a/0x30 [ 240.424253][ C0] ? vm_brk+0x30/0x30 [ 240.428935][ C0] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 240.435813][ C0] ? uprobe_clear_state+0x278/0x290 [ 240.441576][ C0] ? mm_update_next_owner+0x562/0x6c0 [ 240.447547][ C0] __mmput+0x118/0x3c0 [ 240.453388][ C0] exit_mm+0x1da/0x2c0 [ 240.458190][ C0] ? do_exit+0x23c0/0x23c0 [ 240.462774][ C0] ? taskstats_exit+0x35e/0x9e0 [ 240.467994][ C0] do_exit+0x88e/0x23c0 [ 240.472855][ C0] ? preempt_schedule+0xab/0xc0 [ 240.478057][ C0] ? put_task_struct+0xc0/0xc0 [ 240.483189][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 240.490077][ C0] ? lock_chain_count+0x20/0x20 [ 240.495624][ C0] ? preempt_schedule_thunk+0x1a/0x30 [ 240.502145][ C0] do_group_exit+0x21b/0x2d0 [ 240.507413][ C0] __x64_sys_exit_group+0x3f/0x40 [ 240.512826][ C0] do_syscall_64+0x55/0xb0 [ 240.519303][ C0] ? clear_bhb_loop+0x40/0x90 [ 240.524681][ C0] ? clear_bhb_loop+0x40/0x90 [ 240.529780][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 240.537684][ C0] RIP: 0033:0x7f8c7698eec9 [ 240.542708][ C0] RSP: 002b:00007ffe2b7bca28 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 240.551986][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8c7698eec9 [ 240.560289][ C0] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 240.569798][ C0] RBP: 00007ffe2b7bca8c R08: 000000042b7bcb1f R09: 00000000000927c0 [ 240.579768][ C0] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000014 [ 240.588768][ C0] R13: 00000000000927c0 R14: 0000000000020a2f R15: 00007ffe2b7bcae0 [ 240.597482][ C0] [ 240.601628][ C0] task:syz-executor state:R running task stack:20776 pid:5789 ppid:5785 flags:0x00004000 [ 240.614234][ C0] Call Trace: [ 240.618099][ C0] [ 240.621421][ C0] __schedule+0x14d2/0x44d0 [ 240.626730][ C0] ? mark_lock+0x94/0x320 [ 240.633347][ C0] ? asan.module_dtor+0x20/0x20 [ 240.639279][ C0] ? preempt_schedule+0xab/0xc0 [ 240.645732][ C0] preempt_schedule_common+0x82/0xc0 [ 240.651500][ C0] preempt_schedule+0xab/0xc0 [ 240.657060][ C0] ? schedule_preempt_disabled+0x20/0x20 [ 240.662856][ C0] ? __lock_acquire+0x7c80/0x7c80 [ 240.668415][ C0] preempt_schedule_thunk+0x1a/0x30 [ 240.674843][ C0] _raw_spin_unlock+0x3a/0x40 [ 240.680530][ C0] ? copy_page_range+0x2b4b/0x3600 [ 240.686866][ C0] copy_page_range+0x2b7c/0x3600 [ 240.692556][ C0] ? pfn_valid+0x450/0x450 [ 240.697060][ C0] ? mas_wr_store_entry+0x151/0x340 [ 240.702783][ C0] ? mas_store+0x34d/0x500 [ 240.708375][ C0] ? mas_empty_area_rev+0x1880/0x1880 [ 240.714507][ C0] ? up_write+0x1c3/0x410 [ 240.719629][ C0] ? anon_vma_interval_tree_verify+0x150/0x150 [ 240.726463][ C0] copy_mm+0x112a/0x1c20 [ 240.731011][ C0] ? copy_signal+0x680/0x680 [ 240.736137][ C0] ? lockdep_init_map_type+0xa1/0x880 [ 240.741864][ C0] ? __init_rwsem+0x122/0x160 [ 240.747280][ C0] ? copy_signal+0x556/0x680 [ 240.752508][ C0] copy_process+0x16d3/0x3d70 [ 240.757668][ C0] ? copy_process+0x945/0x3d70 [ 240.763155][ C0] ? __pidfd_prepare+0x140/0x140 [ 240.769297][ C0] ? vma_end_read+0x18/0x170 [ 240.774514][ C0] kernel_clone+0x21b/0x840 [ 240.779568][ C0] ? create_io_thread+0x140/0x140 [ 240.784964][ C0] __x64_sys_clone+0x18c/0x1e0 [ 240.790535][ C0] ? __ia32_sys_vfork+0x100/0x100 [ 240.795811][ C0] ? lock_chain_count+0x20/0x20 [ 240.800881][ C0] ? lock_chain_count+0x20/0x20 [ 240.806036][ C0] ? trace_sys_enter+0x1f/0x80 [ 240.811670][ C0] do_syscall_64+0x55/0xb0 [ 240.816716][ C0] ? clear_bhb_loop+0x40/0x90 [ 240.821644][ C0] ? clear_bhb_loop+0x40/0x90 [ 240.827268][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 240.834036][ C0] RIP: 0033:0x7f05c3785613 [ 240.839930][ C0] RSP: 002b:00007ffc4e389678 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 240.849785][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f05c3785613 [ 240.858448][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 240.867558][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 240.877767][ C0] R10: 00005555792677d0 R11: 0000000000000246 R12: 0000000000000000 [ 240.888183][ C0] R13: 00000000000927c0 R14: 0000000000020add R15: 00007ffc4e389810 [ 240.897300][ C0] [ 240.900573][ C0] task:udevd state:R running task stack:25160 pid:5158 ppid:1 flags:0x00004002 [ 240.913085][ C0] Call Trace: [ 240.916601][ C0] [ 240.920374][ C0] __schedule+0x14d2/0x44d0 [ 240.925438][ C0] ? ep_poll_callback+0x664/0xae0 [ 240.932176][ C0] ? asan.module_dtor+0x20/0x20 [ 240.938710][ C0] ? __wake_up_sync+0x118/0x180 [ 240.944105][ C0] ? do_raw_read_unlock+0x3d/0x80 [ 240.949926][ C0] ? preempt_schedule+0xab/0xc0 [ 240.955033][ C0] preempt_schedule_common+0x82/0xc0 [ 240.960947][ C0] preempt_schedule+0xab/0xc0 [ 240.966186][ C0] ? schedule_preempt_disabled+0x20/0x20 [ 240.972340][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 240.979512][ C0] ? lock_chain_count+0x20/0x20 [ 240.984992][ C0] preempt_schedule_thunk+0x1a/0x30 [ 240.991680][ C0] _raw_spin_unlock_irqrestore+0xfa/0x110 [ 240.997998][ C0] ? _raw_spin_unlock+0x40/0x40 [ 241.003602][ C0] ? __wake_up_common+0x2a4/0x4e0 [ 241.009852][ C0] __wake_up_sync_key+0x11f/0x190 [ 241.015933][ C0] ? __wake_up_locked_key_bookmark+0x20/0x20 [ 241.022958][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 241.028614][ C0] ? sock_def_readable+0xad/0x430 [ 241.035310][ C0] sock_def_readable+0x1e1/0x430 [ 241.041689][ C0] netlink_sendskb+0x9b/0x130 [ 241.047238][ C0] netlink_sendmsg+0x8c1/0xbe0 [ 241.053110][ C0] ? netlink_getsockopt+0x580/0x580 [ 241.059043][ C0] ? aa_sock_msg_perm+0x94/0x150 [ 241.064263][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 241.069817][ C0] ? security_socket_sendmsg+0x80/0xa0 [ 241.076100][ C0] ? netlink_getsockopt+0x580/0x580 [ 241.084116][ C0] ____sys_sendmsg+0x5bf/0x950 [ 241.091300][ C0] ? __asan_memset+0x22/0x40 [ 241.097627][ C0] ? __sys_sendmsg_sock+0x30/0x30 [ 241.105170][ C0] ? __import_iovec+0x3fa/0x860 [ 241.114301][ C0] ? import_iovec+0x73/0xa0 [ 241.120170][ C0] ___sys_sendmsg+0x220/0x290 [ 241.128231][ C0] ? __sys_sendmsg+0x270/0x270 [ 241.133226][ C0] __se_sys_sendmsg+0x1a5/0x270 [ 241.138367][ C0] ? __x64_sys_sendmsg+0x80/0x80 [ 241.146334][ C0] ? trace_sys_enter+0x1f/0x80 [ 241.153547][ C0] do_syscall_64+0x55/0xb0 [ 241.160320][ C0] ? clear_bhb_loop+0x40/0x90 [ 241.166218][ C0] ? clear_bhb_loop+0x40/0x90 [ 241.172274][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 241.179162][ C0] RIP: 0033:0x7fd55baa7407 [ 241.185668][ C0] RSP: 002b:00007ffe89a1c260 EFLAGS: 00000202 ORIG_RAX: 000000000000002e [ 241.196157][ C0] RAX: ffffffffffffffda RBX: 00007fd55c295880 RCX: 00007fd55baa7407 [ 241.208995][ C0] RDX: 0000000000000000 RSI: 00007ffe89a1c2c0 RDI: 0000000000000004 [ 241.218751][ C0] RBP: 000055f1388c4f40 R08: 0000000000000000 R09: 0000000000000000 [ 241.227433][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000000000b3 [ 241.236742][ C0] R13: 000055f1388a29e0 R14: 0000000000000000 R15: 0000000000000000 [ 241.246233][ C0] [ 241.250349][ C0] rcu: rcu_preempt kthread starved for 10635 jiffies! g15665 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 241.263525][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 241.275745][ C0] rcu: RCU grace-period kthread stack dump: [ 241.283269][ C0] task:rcu_preempt state:R running task stack:27752 pid:17 ppid:2 flags:0x00004000 [ 241.295527][ C0] Call Trace: [ 241.299827][ C0] [ 241.303277][ C0] __schedule+0x14d2/0x44d0 [ 241.309456][ C0] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 241.316753][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 241.323512][ C0] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 241.330442][ C0] ? asan.module_dtor+0x20/0x20 [ 241.337342][ C0] ? enqueue_timer+0x225/0x530 [ 241.344246][ C0] ? __mod_timer+0x984/0xdb0 [ 241.349197][ C0] schedule+0xbd/0x170 [ 241.353977][ C0] schedule_timeout+0x160/0x280 [ 241.360658][ C0] ? console_conditional_schedule+0x40/0x40 [ 241.367781][ C0] ? update_process_times+0x1b0/0x1b0 [ 241.374316][ C0] ? prepare_to_swait_event+0x339/0x360 [ 241.380401][ C0] rcu_gp_fqs_loop+0x302/0x1560 [ 241.386004][ C0] ? rcu_gp_init+0x110e/0x1510 [ 241.392157][ C0] ? rcu_gp_kthread+0x380/0x380 [ 241.397796][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 241.403972][ C0] ? rcu_gp_init+0x1510/0x1510 [ 241.409103][ C0] ? rcu_gp_cleanup+0xb4c/0xca0 [ 241.414870][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 241.420767][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 241.427210][ C0] rcu_gp_kthread+0x99/0x380 [ 241.433035][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 241.439773][ C0] ? __kthread_parkme+0x7a/0x1c0 [ 241.445330][ C0] ? __kthread_parkme+0x162/0x1c0 [ 241.451130][ C0] kthread+0x2fa/0x390 [ 241.455657][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 241.461568][ C0] ? kthread_blkcg+0xd0/0xd0 [ 241.467016][ C0] ret_from_fork+0x48/0x80 [ 241.472198][ C0] ? kthread_blkcg+0xd0/0xd0 [ 241.477477][ C0] ret_from_fork_asm+0x11/0x20 [ 241.482995][ C0] [ 241.486884][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 241.494683][ C0] CPU: 0 PID: 6128 Comm: syz.0.94 Not tainted syzkaller #0 [ 241.503414][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 241.514886][ C0] RIP: 0010:raw_spin_rq_unlock_irq+0x13/0x90 [ 241.522374][ C0] Code: 0f 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 52 8b 10 09 66 90 41 57 41 56 53 66 90 e8 b4 33 1a 09 e8 8f 3d 2e 00 fb 5b <41> 5e 41 5f c3 f3 0f 1e fa 49 be 00 00 00 00 00 fc ff df 49 89 ff [ 241.546117][ C0] RSP: 0018:ffffc9000ba7f8e8 EFLAGS: 00000282 [ 241.553786][ C0] RAX: faf845f5cece7c00 RBX: ffff8880b8e3cf48 RCX: faf845f5cece7c00 [ 241.563068][ C0] RDX: dffffc0000000000 RSI: ffffffff8aaabca0 RDI: ffffffff8afc71c0 [ 241.572175][ C0] RBP: ffffc9000ba7fae8 R08: ffffffff8e4a7fef R09: 1ffffffff1c94ffd [ 241.580646][ C0] R10: dffffc0000000000 R11: fffffbfff1c94ffe R12: dffffc0000000000 [ 241.590177][ C0] R13: ffff8880b8e3c200 R14: ffff88807e4d1e00 R15: ffff88807e4d1e00 [ 241.599083][ C0] FS: 00007f1a151f66c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 241.611080][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.619000][ C0] CR2: 00007f05c45156c0 CR3: 000000002ac67000 CR4: 00000000003506f0 [ 241.627695][ C0] Call Trace: [ 241.631194][ C0] [ 241.634345][ C0] __schedule+0x171e/0x44d0 [ 241.639915][ C0] ? asan.module_dtor+0x20/0x20 [ 241.644957][ C0] ? futex_wait_queue+0x9d/0x1b0 [ 241.651888][ C0] ? plist_add+0x3d8/0x490 [ 241.656611][ C0] schedule+0xbd/0x170 [ 241.660948][ C0] ? futex_wait_queue+0x27/0x1b0 [ 241.667365][ C0] futex_wait_queue+0x138/0x1b0 [ 241.672876][ C0] futex_wait+0x19f/0x530 [ 241.677635][ C0] ? futex_wait_setup+0x260/0x260 [ 241.683033][ C0] do_futex+0x2ff/0x3e0 [ 241.687722][ C0] ? bpf_trace_run2+0xde/0x3c0 [ 241.694050][ C0] ? __ia32_sys_get_robust_list+0x90/0x90 [ 241.700801][ C0] ? arch_do_signal_or_restart+0x2d1/0x780 [ 241.707314][ C0] __se_sys_futex+0x36f/0x3f0 [ 241.715108][ C0] ? bpf_trace_run2+0xde/0x3c0 [ 241.720993][ C0] ? __x64_sys_futex+0xf0/0xf0 [ 241.726730][ C0] ? __x64_sys_futex+0x21/0xf0 [ 241.732205][ C0] do_syscall_64+0x55/0xb0 [ 241.737238][ C0] ? clear_bhb_loop+0x40/0x90 [ 241.743300][ C0] ? clear_bhb_loop+0x40/0x90 [ 241.748766][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 241.755958][ C0] RIP: 0033:0x7f1a16f8eec9 [ 241.760541][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.785115][ C0] RSP: 002b:00007f1a151f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 241.795175][ C0] RAX: ffffffffffffffda RBX: 00007f1a171e6098 RCX: 00007f1a16f8eec9 [ 241.804412][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1a171e6098 [ 241.814040][ C0] RBP: 00007f1a171e6090 R08: 0000000000000000 R09: 0000000000000000 [ 241.825214][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.835705][ C0] R13: 00007f1a171e6128 R14: 00007ffdc971d610 R15: 00007ffdc971d6f8 [ 241.848233][ C0]