last executing test programs: 5.405607671s ago: executing program 2 (id=3): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@nomblk_io_submit}]}, 0x1, 0xbac, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5nGdGaOSX8/eHPe97wn8zxPTmfOe2BOA3hqTWc/0ohDEXE2iZis708jYqjaG4nYrB13/+7l+awlUam8/VsSSUTcu3t5vvFaSX07Xh+MRMTN15L490etcVfXN5bnyuXSSn18dO38paOr6xuvLJ2fO1c6V7pwYvbVE7MnZ2e7WOvtS+998cwPbzx/9frHM29+fuC7JE7HRH2uuY5umY7prb9Js0JEzHU7WE4G6vU015kUckwIAICO0qY13H9jMgbi4eJtMr79MdfkAAAAgK6oDERUAAAAgH0ucf8PAAAA+1zjewD37l6eb7R8v5HQX3fORMRUrf7G8821mUJsVrcjMRgRY78n0fxYa1L7tSc2nUX6+vtS1qJHzyF3snklIv6/3flPqvVPVZ/ibq0/jYiZLsSffmS8l+o/3YX4edcPwNPpxpnahaz1+pdurX9im+tfYZtr127kff1rrP/ut6z/HtY/0Gb999YOYxx+8NLNdnPN6793P/l5IYufbZ+oqL/hzpWIw4Xt6k+26k/a1H92hzHG529fazeX1Z/V22j9rr9yPeJIdTXXWn9D0un/Jzq6uFQuzdR+bvP66yc7x28+/1nL4jfuBfohO/9jsbvzf2mHMab+9+uhdnOPrz/9ZSh5p9obqu/5cG5tbeVYxFDyeuv+451zaRzTeI2s/hef6/z+367+7DNhs/53yP71XKlvs/HVR2KOHzn+1e7r762s/oVdnv9Pdxjjy2+uvd9uLu/6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgb0oiYiCQtbvXTtFiMGI+I/8RYWr64uvby4sUPLixkcxFTMZguLpVLMxExWRsn2fhYtf9wfPyR8WxEHIyIzyZHq+Pi/MXyQt7FAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGU8IiYiSYsRkUbEH5NpWizmnRUAAADQdVN5JwAAAAD0nPt/AAAA2P9a7v8LfxmN9DMXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9qWDz964lUTE5qnRassM1ecGc80M6LV0Z4eN9ToPoP8G8k4AyE2hqV+pVCo5pgL0mXt8IHnM/EjbmeGu5wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP9cLh27cSiJi89RotWWG6nODuWYG9FqadwJAbgY6TSaP3QHsYYW8EwBy4x4fqK3sH1RqWudH2v7m8BNHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvmKi2JC1GRFrtp2mxGPGviJiKwWRxqVyaiYgDEfHT5OBwNj6Wd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB03er6xvJcuVxa0dHR6WJnNPoWa7T+Zm5zzHD7qQ6dnD+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIxer6xvJcuVxaWc07EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBvq+sby3Plcmmlh528awQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID9/BgAA///GyAmy") r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0) pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) 4.804453013s ago: executing program 1 (id=6): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x1}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x41, &(0x7f0000000100)={[{@lazytime}, {@noload}, {@bh}, {@noquota}, {@noblock_validity}, {}, {@mblk_io_submit}, {@acl}, {@discard}], [], 0x3d}, 0x1, 0x522, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HHu72U2bFDhAJUqhRdkVrJ00tI16KEVCcKoElPsSEieK4sRR7LSbqIKsOHBEQgiQOJULFyROnJBQJS4cEVIlOIMAgRBs4YAEdCrb43Q3GSfZjWNn4++TJvPmeeb97zma8byZp5kARtZTEfFyRLybpun1iJjM8gvZFHudqbXeO3feWGxNSaTpq/9IIsnyumWlbY/E1WyzyxHxlS9GfD05HLexs7u2UKtVt7LlSnN9s9LY2b2xur6wUl2pbszNzT4//8L8c/MzfWnnRES89Pm/fP87P/nCS7/89Ot/vPm3a99Isvw40I77VDzqw07TS+3v4u4Nth4w2HlUbLcwM563xtihnNtnXCcAAHr7QER8IiKux2SMHX06CwAAADyE0s9OxP+S7r27Qy71yAcAAAAeIoX2GNikUM7G+05EoVAuR3sM74fiSqFWbzQ/tVzf3ljqjJWdilJhebVWncnGCk9FKWktz7bT7y8/e2B5LiIej4jvTY63l8uL9drSsC9+AAAAwIi4eqD//+/JTv8fAAAAuGCmhl0BAAAA4Mzp/wMAAMDFp/8PAAAAF9qXXnmlNaXd918vvbazvVZ/7cZStbFWXt9eLC/WtzbLK/X6SvuZfevHlVer1zc/ExvbtyrNaqNZaezs3lyvb280b67e8wpsAAAAYIAe/9hbv08iYu/F8fbUculkm55wNeC8Ku6nkmyes1v/4bHO/M8DqhQwEGPDrgAwNMVhVwAYmtKwKwAMXXLM5z0H7/wmm3+8v/UBAAD6b/oj+ff/j78uuFcYQPWAM+T+H4wu+z+MrvZ5/klH8jrjhwul5AwARt6p7/8fK03vq0IAAEDfTbSnpFDOLu9NRKFQLkc82n4tQClZXq1VZyLisYj43WTpkdbybHvL5Ng+AwAAAAAAAAAAAAAAAAAAAAAAAADQkaZJpAAAAMCFFlH4a/KrzrP8pyefmTh4feBS8p/JyF4R+vqPXv3BrYVmc2u2lf/P/fzmD7P8Z4dxBQMAAABGQvF+Vu7207v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADop3fuvLHYnQYZ9++fi4ipvPjFuNyeX45SRFz5VxLFu7ZLImKsD/HHW38+nBc/aVVrP2Re/PE3Tx9/7/aR8WMq+xby4l89fXgYaW+1jj8v5+1/hXiqPc/f/4oR9yw/qN7Hv9g//o312P8fPWGMJ97+WaVn/NsRTxTzjz/d+EmP+E/nFfjzbx/K+tpXd3d7xU/fjJjO/f1J7olVaa5vVho7uzdW1xdWqivVjbm52efnX5h/bn6msrxaq2Z/c2N896O/ePeo9l/pEX/qmPY/k1PepZy8/799684HO8lSXvxrT+fE//WPszUOxy9kv32fzNKtz6e76b1O+m5P/vS3Tx7V/qUe7T/u/3+tV6EHXP/yt/50wlUBgAFo7OyuLdRq1a3zkXgx+l5yq4c/9HY9fIn/pueiGmeb+GZfC0zTNG3tU6coJ4nBfQnJ0VUd9pEJAADot/dP+oddEwAAAAAAAAAAAAAAAAAAABhdg3jS2MGYe/uppB+P0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iv3AgAA//8ZWuAG") 4.310817187s ago: executing program 2 (id=7): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x74, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0xffff}, [@CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_MASTER={0x24, 0xe, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x93}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @rand_addr=0x64010102}}}]}]}, 0x74}}, 0x0) 3.862830863s ago: executing program 2 (id=8): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$kcm(0x29, 0x2, 0x0) sendmmsg$inet(r2, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)='/', 0x1}], 0x1}}], 0x2, 0x0) close(r2) 3.535489893s ago: executing program 2 (id=9): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB="000000008a"], 0x48) 3.535086638s ago: executing program 0 (id=1): syz_mount_image$vfat(&(0x7f0000000880), &(0x7f0000003200)='./file2\x00', 0x4204, &(0x7f0000003240)=ANY=[], 0x3, 0x335, &(0x7f0000000a40)="$eJzs3M9rG0cUwPEnWZYlGVs6lJYWiof20l4WW+25VBQbSgU1tlVqFwxre9UKbSWjFS4qpbZPvZbccwrkYHz0zZD4H/Alt+SSS266BHKICSEb9pf107asyJFjfz8QdjQzTzujGYW3i1f1X///s5i3tLxelXBMSUhE5EQkJWEJhPxj2C1HpdmOfD3+4vHni8srP2Wy2dkFpeYyS9+klVKTUw/++ifudzsck+PUav15+tnxx8ef1t8s/VGwVMFSpXJV6Wqt/LSqr5mG2ihYRU2pedPQLUMVSpZR8drLXnveLG9u1pRe2phIbFYMy1J6qaaKRk1Vy6paqSn9d71QUpqmqYmE4ALOgi7omT6j1wc8GlyRSiWjj4hIvKMltzeUAQEAgKFqz//DTkrfV/4vk27+73Ru5P/7XxxVx385mDx0Ylfrh9Fu+f+3T7z3asn/YyLST/5/Vy6R/3dmRLdLbm+h//wf18NUtKMq1PLKyf8T/vfXtfvb/rRbIP8HAAAAAAAAAAAAAAAAAAAAAOBDcGLbSdu2k8Ex+Nd4hMB/jRvprPUfE5GYs/o263+TLS6vSMx9cM9ZY/O/rdxWzjv6HY5ExBRDpiUpr9394HPKwZNHypGSh+a2G//KOY64LZm8FNz4GUlKqj3etud+zM7OKI8ff/qYUqI5Pi1J+ah7fLo13hn/9lYuKl992RSvSVIerUtZTNlw93Uj/t8ZpX74OdsWH/dOAgAAAADADaApFfIvn1Ot17/e9bumKdW93fuVkUzevU10xv0B7/p6uuv1eST5WWTYswcAAAAA4Hawan8XddM0KucU4nJxn/4Lkd46R9tqRs/rPNI0w17HE3VvZIi867zu9fipthSCP6RoaYr5lf2NJ5j/wNZrp7kmLD1ERdoHP+VUqEuefdefyGlNcNsoesbnLPOd7xM+ZyeMDmw/f3Ln/svBfUG+Owh2wMWdd/s9V6x917mF0av+fwcAAADA+9dI+oOa75ubQ0MZFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAt8yV/KRfW2HYcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACui7cBAAD//5Oa+gc=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) fdatasync(r0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000002840)=@nat={'nat\x00', 0x1b, 0x5, 0x338, 0x0, 0x1e8, 0xffffffff, 0xf4, 0x1e8, 0x3ac, 0x3ac, 0xffffffff, 0x3ac, 0x3ac, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x10, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id=0x65, @icmp_id=0x66}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x19, @empty, @multicast2, @port=0x4e22, @port=0x4e24}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x4, @broadcast, @multicast2, @icmp_id=0x64, @gre_key=0x5}}}}, {{@ip={@multicast1, @multicast1, 0xff, 0xffffffff, 'ipvlan1\x00', 'caif0\x00', {0xff}, {0xff}, 0x21, 0x6, 0x1}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x3, @broadcast, @remote, @icmp_id=0x67, @icmp_id=0x65}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x60) fadvise64(r0, 0x2, 0x0, 0x4) 3.355810374s ago: executing program 1 (id=10): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10) close(r0) 3.355491552s ago: executing program 3 (id=4): syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x24004080) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r3}, 0x18) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x303}, "3f69f5593d99b5b9", "ad19b9f81b7051508702a27013f65558c8a01f2ae65a25a4c4580daf90219442", "d78279e4", "ba02af61de6197b6"}, 0x38) r4 = syz_io_uring_setup(0xbda, &(0x7f0000000640)={0x0, 0x356e, 0x800, 0x2001, 0x40000334}, &(0x7f00000006c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1}) sendmmsg$inet6(r1, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000017540)="ff71829fe4a1c2b69161eb22301834c078051bf08c354ed79b422579c4f0028b231d2f66efe9fa31dfcc7d80923afb2ce209b6b2305f3ba55267a1927b76934c8c6e934eebf3dcc1aef7ea48d181dd69812fc6cd6103f0def060ff9d83775072deae1e4774b92f8fef33c8c2eb96023f0d7ce140c4df3e21a53f2341a941ab02c3abc724cc99a0dedd5f2918831bde14de8a8526f4000f2ee3424ee12f4eddb55cac2d8405261da648a9b048171be79909ae07d64d56645f04a784437468873fccd912d6e1768b0a5b07f9d9ae8a222d33db09222bc6b147028564c1edd12edd7dba141e69250d84697999bef065fc0a7326be5383ee0b374453b020446c2c12519837084ab888aae575531d4d527c6718ff6851a50d3bb125267b40b41c5a6ca053c17f1479c369339962329165461119d5123c2e17897c1b00054edf20eb85721aa5e447c26a2cea06651165151c9bac78d141b9b0974fbe2d0d080f53a9bdf0f0342bba32e5e18e5f0bf3fff60f97ea1962a9ba6a5fedbe378970dc4a35dbd19f80ef0c951c6e6943b7879fcd33054d4d3f1cfb93a7841279778ffb074c6b7b8f0986cce8d1c1e49c710fbd5a5a65d2eb9209a76a0b1e123c7864f4fed1b2ca77b355816cb47101fcf8d8d067645e287b5dc237c438d967cb8550c8d00017adc072fb5bf96deb9efb2a0d7431b02be050cfbe89ffafef354d0dca814fc15d60a7b4f0f26c7c715144a181ace6debf7aec4437c99f4ae2284bdc6ab99867c1039db1f0f92ea4d96e078cde653551e988287708fc7104db33a9d7dea654bf0f379a70fd145c17a2ed50b8207b1a2b8d1a268500fff8372e5f491968d3e15e1b0d2e18b5e27c6728b1a9503d20441422c30be1c06009098123b4d9d0e4028232b41a805293b49c3eb93bb81cabd77617e58852b14e473a6fd50ad533fd321ac073e09b2a0fd854567cfdc14910d971ce9a415c6b89bdc6c122e339f4870dcd3813f13307c2d7f9fa51dbff64faf63ede2facb77734c08e59b1253ea21a7c692709ef9f2a5bd7a2163990e3086ca7e5dfa133e666fc6b28512decdd595b52e70dd80dd5d4e4a6a6f899e69525e668e8ca0b687e014756cc8018d58715ea3426ab988cc226ad55aaa6ea22258af4dbc59b9d0dbfdcb7ab75a75ed3c879b09313cea39c47e12e09f56e55cc68c844a35e3236f5eef4eb20935bf69e70fd8da82c7c26522fd0b988a21da4b26666bb5048761b7680bdc21e2e8c4f2cea045a7ab0b475858bf53a24723c1a86e66a352b139b07c756af6a1c30b83fbf8a973c965de9328b6d9a73b97425753b1c3a481acec639442255dba72712848a05d19cb99762becf6c179d6f9e55202ed739eb97a4b852769aed7222c4b832db4cdbae30d20f7eb09bc30d512ef79c68addd6f4e81b774480c9bbd035cb58fb01fdf10b813606eaab9b24ecd2d0ded9efc9bb3b6b8baf86b177c3eefc5b935124a8a23b71bb342bebd006efcc8cd7d11ad577d4e924e26f64ffaeae62e11716f72ed5bf5f2735b0f091bd6249614a289e13daa60bff31e725ad0e1def92bbb6397e9170500bfdaeae6e0616891e49f971f1de36b68a7686b89f96f036acb68801c20fe23114c14cc667aeb67f79d93db0b4f3aab6438dded8e87663f00a6e6f2648dbff43b4a3678c46b0c81be1e08f7df06b167247810b88b6d92abe8d36e8ea3ef1ba735dbf551fa04d242cfd9bcd4c82615b0db5b6e9f8fcd20a6f1c209f9febb3b6dc959d2d3c82ea20e607df4eaf8f7b32548b898d161ea0b48c00402729bab108a0ef49810731b731259d9b251f930b88286ada2cb164370158e4ff1269384a981eecbab2b72da5338ea16943476458162964a60fa36f2c0fc5679f3bcb3c7d4e7769c3ec620abd28dfc67a25578de9540d594a642750586ff75c30180e23d8f926e9701f4473f7787d6931251887e5100d00c2759ec2e372de8a9ba27ad0952091700332b91374e1aa955ed8d0b11fbc4beaf5ad3a81d25610e56705c55bbe24d7907d424cfbc915cad56734fbaa8311e27713f256caf8b9fdcb5bc79f46daedee44bca3f8844f535c88c86d5f55e40641e5051750ebd2200cf1f05a6d922a1c56551e0f995caf293e30c48f06433e64e08d1202882334ad3c69f3d7f81358e100e7a44056cd4a3806d363f1eace4c5de504739ba654fc29b25dd63b72296e94fe5457d0fe2b3b30e6aaf7ec8607e1b4e3941424619e4fc17f11df2e10f2575547115fafcbe4443eef4f3e1a09a2316559febe54a61deae2f428c18c2358997a8a0433f60f5c4d3b30c6362fe1b96f3484c66021970852f3c400ca55ddcac356db413cbe4595b2afffb66bb687f2a58e4583ef783267b1e7c2c1bc5607b6607ee371abe63ef7e42bc76b1df519a001ca14198792ff5b09b8a8769b90a38d2ae32dd025b2505ce171c847c4cdb96d8d816854cb65438f8486000310da3f5f48251b1321cb8f0f9241a9d63fb10f513cd05fd423e6f80fb09f239cafead7d242721993f49e4938fb409f1cf961d85339cb3881e33d072ff7f8c53dcc5e30ec88cfbb9459833bf37919274e1b22bdd3846c5aa53e50cdc025aa4d174a97c849bebe5a70b140b74bbf35c95e607ead8c34abe0d0ae75ce6ca8c04f3f6657d4baaad244a37fb5866d5f00708f5dd11f2ed0c1e56420f55a365d96103fe8af582c517e214f89275f3c4be1a53d5401ca25d0eccb8140e02d719578178ee236f305312ce819604172ef8091ae4ce713e3f11a6dc82de5c3469757db87f7731c18e2a928a39438cc06f6c37711d9aba42888ad27f3e045b48533dfb00c63fa3f9e5e8e1f017b978478b8613f1b5eebe18b4f1b840010b06c5d5155b32700ec050ccd761470cd2660d2b1158b648ac19b956af424f93d864b6941f2e91bead488b8a331280fe535ebc1568344818dab1ba424e2daa4b0bbba6f0e13861b279878b4e7efeab178b4d7ad7cf963db01a650daf6aeaf4b7c834973ebf8ebafcd265891f67d45939510f53308a4afa3a3315126111b7fe6c83f161a8297015e56cad00a7dc3df163d352f1085674441181c6ea739e135023563eab5af0dbaf3746b6504118b180e1b210cc461a084c74598fbd9246a9b1ba66e166f5dc284ba6fc91a6c8d6b94720c13e52f93c298a1be1754d588272def13c5cfd469ea9787ec3f797efbef787930ae9b5a37e3cf66782a722243ecd3a2e0e3c9fc3a9033f0d7a4f3a7fbcdff05abf6ff54418d2d1e3505f5a50e879a3df86015bbec79ce02002b7518b04e12051effe6a84ac3bb30d0b89df63624a98cdb4a796b45dc83579257da7afc4a0dedc68c3aba014fbd6c4ad8a7c9e1b84fced56facd76e0c1cf08afc7e332d78c833400adc826f3c97f8993efeabdbc1a5d776c218253b0169ed6001623dbed0c424404b7b09839bce4f697988b38eea2e74448e02ff462fb46b9bafe4a855f84bb5c3762b3664d4d71953f318f148cd6bf8ac80ef797d31ffb42dad7da68406af4e8b5bf473be6e43141840e8494d4f5108a2f17e2b7d29e2d88a5d7f8126f6486d683b150c104b9fd4dbedf99f4fe8baf9ba10cc0cefbffb4e58af1d776360c4ed033266b98ccc4e80d7eb98e4c269862ceb7f4d86bc1d151491511ee84e373b3e66c4771c8f538ba7adb4440dc5e842025ac3752a77fac02f2b0056ec84553615146fc331dc74f7d24383e32996705a1e9e22d99c1fc476ce484fe5654006390ce546426dfce970a7c21681d9274271f5c98b742e75584882cd21e791ecf3d19b0d52837ea88f82f7888bb58710898584dffaba792d19b6e5e7d22e60a379ab97391c2b7fe8aa0ac601ec8aeb570543b8490cfa073f5074943fbc851f6e8e50f109a1c3f82e1ce5a2f57ed38ecf13ed677da176771acfbc99dee84b560d1c558e4dc201f392c17afaf4f904b9626c088dd152f0b409db4f044030f21b2a67f6d62ac6e53dbd747740e7448841d1fe8c7b5b1991c47c0186be49e258165066db9240c09ed14944cec33be626970f6c165ef43698e0f726eb77d717234ffd3e5172a0e62dad1e376148499d329ac957f81708ee6c0dd21065cf87372bdee7957606158d772b193ce2abc44df4f3fcea34217d0b022ed7caeb70c3373f3227394780e5a023bee23089193b6b181dc68680bce586cdd94b2bd7154f5306a1d12e674c010ab4cbc8ea7601ce8fac1028e33870f6d5f3998bf5aa85b2701fb8542f3883c3158f5933c7491dc33e5850e11455d7c321d6ff0987fa55a457bc826f83383db2f8bb0a12d91f2613579bda403b90aa1c40b15823472d06aad9a16aa1be11cbf3fc896598d0e4a2f759323ae89650a3671a40527fbd38a4ee54fb0c48813d07d74f9d5022bf159eff223b9555a16f7e83ceec1c0b2c2d5920bb675d9d57d98e9a1932a93c970bb755c0a66328a8380b837cf31d6d0985b9e75714960b9e44fb496f97e8ca10914dbb202bee387db25175631423382e5173fce326332b38189af5e4178182636289351744f51a693ba2546adaabb9b25fb41982579c72fcab952cb8b8aa5e430e2a99328c9d2", 0xcab}], 0x1}}], 0x1, 0xc001) io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0) 3.349987303s ago: executing program 2 (id=11): bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) ioctl$RTC_EPOCH_SET(r3, 0x4008700e, 0x6) 2.63997771s ago: executing program 1 (id=12): r0 = socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) socket$inet(0x2, 0x1, 0x0) fgetxattr(r0, &(0x7f00000000c0)=@known='user.incfs.metadata\x00', &(0x7f0000000500)=""/213, 0xd5) mkdir(&(0x7f0000000400)='./file1\x00', 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c) listen(r3, 0x4) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000001000000280001801400040000000000000002000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094) 2.4635751s ago: executing program 4 (id=13): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0xe8}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000140)={0x16b, @time={0x6fd, 0x7}, 0x0, {0x0, 0xff}, 0x0, 0x0, 0x2}) 2.345273706s ago: executing program 0 (id=14): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x200a}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "fa"}]}, @NFTA_CMP_OP={0x8}, @NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0xe}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xcc}}, 0x0) 2.072234833s ago: executing program 0 (id=15): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{}, &(0x7f0000000500), &(0x7f0000000540)}, 0x20) pselect6(0x40, &(0x7f0000000240)={0xffffffffffff4557, 0x4, 0xfffffffffffffff7, 0x1, 0x62a, 0x1, 0x7, 0x2}, &(0x7f0000000280)={0x3, 0x3e, 0x4, 0x7, 0x3, 0x1ccc200000000, 0x1, 0x3ec4d2c1}, &(0x7f0000000300)={0x9, 0xfffffffffffffffe, 0x8, 0xb, 0xb, 0x3, 0x8000, 0x7f}, &(0x7f0000000340), &(0x7f00000003c0)={&(0x7f0000000380)={[0x5]}, 0x8}) r4 = getpid() r5 = syz_pidfd_open(r4, 0x0) r6 = pidfd_getfd(r5, r5, 0x0) setns(r6, 0x66020000) r7 = syz_pidfd_open(0x0, 0x0) setns(r7, 0x24020000) syz_clone(0xf5982500, 0x0, 0x0, 0x0, 0x0, 0x0) 1.853580321s ago: executing program 4 (id=16): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000400000000000000000000850000002c000000850000002a00000095"], &(0x7f0000000200)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000001680)={r2, r1, 0x25, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x4, 0x0, 0x1}}, 0x3c) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_emit_ethernet(0xfdef, 0x0, 0x0) 1.80739546s ago: executing program 3 (id=17): syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r4, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20) 1.020065579s ago: executing program 4 (id=18): r0 = syz_open_dev$usbfs(0x0, 0xffffffffffffffff, 0x121a02) r1 = dup(r0) ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000400)={0x23, 0x3, 0x18, 0x6, 0x0, 0xffffffff, 0x0}) 946.667311ms ago: executing program 1 (id=19): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 587.17814ms ago: executing program 4 (id=20): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000140)={0x4200, 0x3, 0x5}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001600010a00000000000000", @ANYRES8], 0x20}, 0x1, 0x0, 0x0, 0x10000841}, 0x0) 351.42754ms ago: executing program 1 (id=21): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0x2, 0x0, &(0x7f0000000000)="259a", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) r0 = socket(0x2, 0x80805, 0x0) getsockopt$bt_hci(r0, 0x84, 0x82, &(0x7f0000000000)=""/4087, &(0x7f0000001080)=0xff7) 219.406359ms ago: executing program 4 (id=22): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r1, 0x40047459, 0x0) 39.836056ms ago: executing program 0 (id=23): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast1}, 0x10) sendmmsg$inet(r0, &(0x7f0000002300)=[{{&(0x7f0000000000)={0x2, 0x4e24, @empty}, 0x10, 0x0}}], 0x1, 0x2000c000) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000280)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff000000000000000458000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5000000000800030006", 0x4d}], 0x1) 39.539297ms ago: executing program 1 (id=24): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00000018"], 0x50}}, 0x0) 38.431036ms ago: executing program 3 (id=25): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r4, 0x0, r1, 0x0, 0x8000001000f38, 0x4) write(r1, &(0x7f0000000240)="94", 0x1) tee(r0, r5, 0x8f5, 0x100000000000000) write(r3, 0x0, 0x0) 0s ago: executing program 4 (id=26): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0xe8}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000140)={0x16b, @time={0x6fd, 0x7}, 0x0, {0x0, 0xff}, 0x0, 0x0, 0x2}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.231' (ED25519) to the list of known hosts. [ 82.240402][ T5812] cgroup: Unknown subsys name 'net' [ 82.430613][ T5812] cgroup: Unknown subsys name 'cpuset' [ 82.440199][ T5812] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 84.150614][ T5812] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 87.975735][ T5828] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 87.984697][ T5828] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.994568][ T5828] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.002953][ T5828] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.011697][ T5828] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.014304][ T5838] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.021367][ T5828] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.034825][ T5828] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.037011][ T5838] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.044313][ T5828] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.051580][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.065160][ T5838] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.068842][ T5828] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.073507][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.080805][ T5828] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.098147][ T5828] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.108363][ T5828] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.116285][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.116465][ T5828] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.131076][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.138862][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.146421][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.154799][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 88.167334][ T5833] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.168855][ T5835] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.705997][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 89.053834][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.062185][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.069761][ T5823] bridge_slave_0: entered allmulticast mode [ 89.077519][ T5823] bridge_slave_0: entered promiscuous mode [ 89.087680][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.094863][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.102434][ T5823] bridge_slave_1: entered allmulticast mode [ 89.110286][ T5823] bridge_slave_1: entered promiscuous mode [ 89.118211][ T5824] chnl_net:caif_netlink_parms(): no params data found [ 89.130480][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 89.240554][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.253800][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.286245][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 89.355067][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 89.369087][ T5823] team0: Port device team_slave_0 added [ 89.405188][ T5823] team0: Port device team_slave_1 added [ 89.522318][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.529653][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.537377][ T5824] bridge_slave_0: entered allmulticast mode [ 89.544793][ T5824] bridge_slave_0: entered promiscuous mode [ 89.599222][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.606461][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.613694][ T5824] bridge_slave_1: entered allmulticast mode [ 89.621612][ T5824] bridge_slave_1: entered promiscuous mode [ 89.630191][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.637267][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 89.663836][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.676080][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.683528][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.691696][ T5836] bridge_slave_0: entered allmulticast mode [ 89.699853][ T5836] bridge_slave_0: entered promiscuous mode [ 89.708254][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.715417][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.722819][ T5836] bridge_slave_1: entered allmulticast mode [ 89.730225][ T5836] bridge_slave_1: entered promiscuous mode [ 89.775482][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.782598][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 89.809207][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.911891][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.919499][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.926927][ T5825] bridge_slave_0: entered allmulticast mode [ 89.934314][ T5825] bridge_slave_0: entered promiscuous mode [ 89.942790][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.950549][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.958202][ T5825] bridge_slave_1: entered allmulticast mode [ 89.966533][ T5825] bridge_slave_1: entered promiscuous mode [ 89.973812][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.981311][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.989126][ T5826] bridge_slave_0: entered allmulticast mode [ 89.996776][ T5826] bridge_slave_0: entered promiscuous mode [ 90.007651][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.020293][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.034047][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.056247][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.063774][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.071405][ T5826] bridge_slave_1: entered allmulticast mode [ 90.078922][ T5826] bridge_slave_1: entered promiscuous mode [ 90.115197][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.147579][ T5835] Bluetooth: hci0: command tx timeout [ 90.226712][ T5835] Bluetooth: hci3: command tx timeout [ 90.227122][ T5833] Bluetooth: hci4: command tx timeout [ 90.232745][ T5835] Bluetooth: hci1: command tx timeout [ 90.238765][ T5833] Bluetooth: hci2: command tx timeout [ 90.254014][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.279087][ T5824] team0: Port device team_slave_0 added [ 90.288191][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.303883][ T5823] hsr_slave_0: entered promiscuous mode [ 90.310670][ T5823] hsr_slave_1: entered promiscuous mode [ 90.320495][ T5836] team0: Port device team_slave_0 added [ 90.329520][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.342173][ T5824] team0: Port device team_slave_1 added [ 90.350696][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.377542][ T5836] team0: Port device team_slave_1 added [ 90.495597][ T5826] team0: Port device team_slave_0 added [ 90.517077][ T5825] team0: Port device team_slave_0 added [ 90.523808][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.531095][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.557353][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.584980][ T5826] team0: Port device team_slave_1 added [ 90.591683][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.598969][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.625054][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.639119][ T5825] team0: Port device team_slave_1 added [ 90.645621][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.652877][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.678934][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.710826][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.718226][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.744299][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.819273][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.826265][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.852659][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.884829][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 90.891925][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.918751][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.932872][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.939921][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.966193][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.985539][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.992784][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.019089][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.093980][ T5824] hsr_slave_0: entered promiscuous mode [ 91.100747][ T5824] hsr_slave_1: entered promiscuous mode [ 91.107887][ T5824] debugfs: 'hsr0' already exists in 'hsr' [ 91.113804][ T5824] Cannot create hsr debugfs directory [ 91.154524][ T5836] hsr_slave_0: entered promiscuous mode [ 91.161763][ T5836] hsr_slave_1: entered promiscuous mode [ 91.168464][ T5836] debugfs: 'hsr0' already exists in 'hsr' [ 91.174443][ T5836] Cannot create hsr debugfs directory [ 91.287771][ T5826] hsr_slave_0: entered promiscuous mode [ 91.294761][ T5826] hsr_slave_1: entered promiscuous mode [ 91.303405][ T5826] debugfs: 'hsr0' already exists in 'hsr' [ 91.316868][ T5826] Cannot create hsr debugfs directory [ 91.366872][ T5825] hsr_slave_0: entered promiscuous mode [ 91.373657][ T5825] hsr_slave_1: entered promiscuous mode [ 91.382081][ T5825] debugfs: 'hsr0' already exists in 'hsr' [ 91.388090][ T5825] Cannot create hsr debugfs directory [ 91.876544][ T5823] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 91.913898][ T5823] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 91.931272][ T5823] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 91.951143][ T5823] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 92.023860][ T5824] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 92.035060][ T5824] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 92.047105][ T5824] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 92.059816][ T5824] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 92.145619][ T5836] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 92.178505][ T5836] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 92.192756][ T5836] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 92.219298][ T5836] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 92.226775][ T5833] Bluetooth: hci0: command tx timeout [ 92.303572][ T5825] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 92.310978][ T5833] Bluetooth: hci1: command tx timeout [ 92.311038][ T52] Bluetooth: hci4: command tx timeout [ 92.318192][ T5833] Bluetooth: hci2: command tx timeout [ 92.322610][ T5835] Bluetooth: hci3: command tx timeout [ 92.339036][ T5825] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 92.365336][ T5825] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 92.409768][ T5825] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 92.494793][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.506017][ T5826] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 92.520754][ T5826] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 92.532828][ T5826] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 92.544064][ T5826] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 92.563452][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.620053][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.668038][ T3561] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.675558][ T3561] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.691229][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.698698][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.720017][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.753916][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.761151][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.804722][ T3561] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.811967][ T3561] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.847206][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.916186][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.970730][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.977995][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.008312][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.015600][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.087477][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.173854][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.203551][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.287487][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.294780][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.324204][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.331497][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.365571][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.424459][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.431699][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.454466][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.506382][ T37] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.513635][ T37] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.531733][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.719619][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.754630][ T5823] veth0_vlan: entered promiscuous mode [ 93.855447][ T5823] veth1_vlan: entered promiscuous mode [ 93.881773][ T5824] veth0_vlan: entered promiscuous mode [ 93.947696][ T5824] veth1_vlan: entered promiscuous mode [ 94.125669][ T5823] veth0_macvtap: entered promiscuous mode [ 94.159429][ T5824] veth0_macvtap: entered promiscuous mode [ 94.185568][ T5824] veth1_macvtap: entered promiscuous mode [ 94.199382][ T5823] veth1_macvtap: entered promiscuous mode [ 94.214540][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.296324][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.307476][ T5835] Bluetooth: hci0: command tx timeout [ 94.345064][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.360087][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.380473][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.387960][ T5835] Bluetooth: hci4: command tx timeout [ 94.388008][ T5835] Bluetooth: hci1: command tx timeout [ 94.398719][ T5833] Bluetooth: hci3: command tx timeout [ 94.404238][ T5833] Bluetooth: hci2: command tx timeout [ 94.415574][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.442096][ T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.478892][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.488385][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.516155][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.525183][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.551474][ T5836] veth0_vlan: entered promiscuous mode [ 94.567154][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.576028][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.606104][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.624904][ T5825] veth0_vlan: entered promiscuous mode [ 94.697396][ T5836] veth1_vlan: entered promiscuous mode [ 94.705198][ T5825] veth1_vlan: entered promiscuous mode [ 94.778624][ T5826] veth0_vlan: entered promiscuous mode [ 94.792981][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.807211][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.870236][ T5826] veth1_vlan: entered promiscuous mode [ 94.870560][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.892329][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.906022][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.914441][ T5825] veth0_macvtap: entered promiscuous mode [ 94.921015][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.976008][ T5825] veth1_macvtap: entered promiscuous mode [ 94.989599][ T5836] veth0_macvtap: entered promiscuous mode [ 95.030688][ T5823] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 95.035104][ T5836] veth1_macvtap: entered promiscuous mode [ 95.063255][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.077656][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.080078][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.136213][ T5826] veth0_macvtap: entered promiscuous mode [ 95.178977][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.204558][ T5826] veth1_macvtap: entered promiscuous mode [ 95.245223][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.286133][ T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.297338][ T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.311598][ T5945] loop2: detected capacity change from 0 to 4096 [ 95.337408][ T5947] loop1: detected capacity change from 0 to 512 [ 95.351174][ T5945] EXT4-fs: Ignoring removed nomblk_io_submit option [ 95.372711][ T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.401450][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.410841][ T5945] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.450694][ T5947] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.458598][ T37] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.484244][ T5947] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.563018][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.581210][ T5947] EXT4-fs (loop1): shut down requested (0) [ 95.585355][ T153] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.611358][ T5947] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 95.652314][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.679837][ T153] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.699924][ T153] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.729617][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.886814][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.895815][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.957650][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.970912][ T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.017972][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.122817][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.156795][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.192166][ T5954] loop1: detected capacity change from 0 to 512 [ 96.225266][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.237433][ T5954] ======================================================= [ 96.237433][ T5954] WARNING: The mand mount option has been deprecated and [ 96.237433][ T5954] and is ignored by this kernel. Remove the mand [ 96.237433][ T5954] option from the mount to silence this warning. [ 96.237433][ T5954] ======================================================= [ 96.283928][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.312044][ T5954] EXT4-fs: Ignoring removed bh option [ 96.332868][ T5823] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.342235][ T5954] EXT4-fs: Ignoring removed mblk_io_submit option [ 96.358736][ T5954] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 96.383831][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.397487][ T5833] Bluetooth: hci0: command tx timeout [ 96.413400][ T5954] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 96.429817][ T5954] EXT4-fs (loop1): orphan cleanup on readonly fs [ 96.436484][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.458700][ T5954] Quota error (device loop1): do_insert_tree: Free block already used in tree: block 4 [ 96.480450][ T5835] Bluetooth: hci3: command tx timeout [ 96.480481][ T5144] Bluetooth: hci4: command tx timeout [ 96.485928][ T5833] Bluetooth: hci2: command tx timeout [ 96.492650][ T52] Bluetooth: hci1: command tx timeout [ 96.519516][ T5954] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota [ 96.559636][ T5950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.576498][ T5950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.582348][ T5954] EXT4-fs error (device loop1): ext4_acquire_dquot:6946: comm syz.1.6: Failed to acquire dquot type 1 [ 96.615754][ T153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.628542][ T5954] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.6: Invalid block bitmap block 0 in block_group 0 [ 96.636515][ T153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.661915][ T5954] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.6: Invalid block bitmap block 0 in block_group 0 [ 96.678244][ T5954] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.6: Invalid block bitmap block 0 in block_group 0 [ 96.702594][ T5954] Quota error (device loop1): write_blk: dquota write failed [ 96.711158][ T5954] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 96.726771][ T5954] EXT4-fs error (device loop1): ext4_acquire_dquot:6946: comm syz.1.6: Failed to acquire dquot type 1 [ 96.770133][ T5954] Quota error (device loop1): write_blk: dquota write failed [ 96.787632][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.790679][ T5954] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 96.812838][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.839905][ T5954] EXT4-fs error (device loop1): ext4_acquire_dquot:6946: comm syz.1.6: Failed to acquire dquot type 1 [ 96.856829][ T5954] EXT4-fs (loop1): 1 orphan inode deleted [ 96.912402][ T5954] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 97.172229][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.195883][ T5968] loop4: detected capacity change from 0 to 256 [ 97.198719][ T794] cfg80211: failed to load regulatory.db [ 97.257979][ T5967] loop0: detected capacity change from 0 to 128 [ 97.317486][ T5967] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 97.534663][ T5976] syz.0.1: attempt to access beyond end of device [ 97.534663][ T5976] loop0: rw=2049, sector=137, nr_sectors = 8 limit=128 [ 97.604743][ T5967] syz.0.1: attempt to access beyond end of device [ 97.604743][ T5967] loop0: rw=1, sector=169, nr_sectors = 8 limit=128 [ 97.682218][ T5976] syz.0.1: attempt to access beyond end of device [ 97.682218][ T5976] loop0: rw=2049, sector=153, nr_sectors = 8 limit=128 [ 97.749677][ T5976] syz.0.1: attempt to access beyond end of device [ 97.749677][ T5976] loop0: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 97.825289][ T5967] syz.0.1: attempt to access beyond end of device [ 97.825289][ T5967] loop0: rw=1, sector=185, nr_sectors = 8 limit=128 [ 97.855032][ T5976] syz.0.1: attempt to access beyond end of device [ 97.855032][ T5976] loop0: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 97.908708][ T5967] syz.0.1: attempt to access beyond end of device [ 97.908708][ T5967] loop0: rw=1, sector=233, nr_sectors = 8 limit=128 [ 98.006553][ T30] audit: type=1326 audit(1762605227.568:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5978 comm="syz.1.12" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5aee78f6c9 code=0x0 [ 98.028245][ T5976] syz.0.1: attempt to access beyond end of device [ 98.028245][ T5976] loop0: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 98.028397][ T5967] syz.0.1: attempt to access beyond end of device [ 98.028397][ T5967] loop0: rw=1, sector=265, nr_sectors = 8 limit=128 [ 98.236257][ T3561] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 100.185011][ T6005] netlink: 8 bytes leftover after parsing attributes in process `syz.4.20'. [ 100.539048][ C0] ------------[ cut here ]------------ [ 100.544811][ C0] WARNING: ./include/linux/ns_common.h:255 at delayed_free_pidns+0x118/0x150, CPU#0: syz-executor/5826 [ 100.555982][ C0] Modules linked in: [ 100.560165][ C0] CPU: 0 UID: 0 PID: 5826 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 100.569747][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 100.579892][ C0] RIP: 0010:delayed_free_pidns+0x118/0x150 [ 100.585841][ C0] Code: 85 ed 7e 2b e8 99 9f 03 00 48 83 c3 a8 48 8b 3d 5e be c7 17 48 89 de 5b 41 5c 41 5e 41 5f 5d e9 1e 1e 5f 00 e8 79 9f 03 00 90 <0f> 0b 90 eb b4 e8 6e 9f 03 00 4c 89 ff be 03 00 00 00 e8 01 fb d2 [ 100.605707][ C0] RSP: 0018:ffffc90000007bb0 EFLAGS: 00010246 [ 100.612270][ C0] RAX: ffffffff81bde0b7 RBX: ffff8880320185b8 RCX: ffff888032eb8000 [ 100.619460][ T6014] netlink: 8 bytes leftover after parsing attributes in process `syz.1.24'. [ 100.620322][ C0] RDX: 0000000000000100 RSI: 0000000000000002 RDI: 0000000000000000 [ 100.637126][ C0] RBP: 0000000000000002 R08: ffff8880584d4193 R09: 1ffff1100b09a832 [ 100.645148][ C0] R10: dffffc0000000000 R11: ffffed100b09a833 R12: dffffc0000000000 [ 100.653232][ C0] R13: ffffffff81a903d7 R14: ffff8880584d4000 R15: ffff8880584d4190 [ 100.661281][ C0] FS: 000055556d700500(0000) GS:ffff888125ec2000(0000) knlGS:0000000000000000 [ 100.670308][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 100.676967][ C0] CR2: 00007fd35c1156c0 CR3: 0000000067e7c000 CR4: 00000000003526f0 [ 100.684991][ C0] Call Trace: [ 100.688383][ C0] [ 100.691272][ C0] ? __pfx_delayed_free_pidns+0x10/0x10 [ 100.696905][ C0] rcu_core+0xcab/0x1770 [ 100.701275][ C0] ? __pfx_rcu_core+0x10/0x10 [ 100.706120][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 100.711452][ C0] ? sched_clock_cpu+0x74/0x430 [ 100.716405][ C0] ? seqcount_lockdep_reader_access+0x15e/0x1c0 [ 100.722698][ C0] ? __pfx_sched_clock_cpu+0x10/0x10 [ 100.728082][ C0] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 100.734048][ C0] handle_softirqs+0x286/0x870 [ 100.738922][ C0] ? __irq_exit_rcu+0xca/0x1f0 [ 100.743764][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 100.749176][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 100.754452][ C0] __irq_exit_rcu+0xca/0x1f0 [ 100.759155][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 100.764501][ C0] irq_exit_rcu+0x9/0x30 [ 100.768859][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 100.774566][ C0] [ 100.777594][ C0] [ 100.780616][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 100.786672][ C0] RIP: 0010:debug_lockdep_rcu_enabled+0x2a/0x40 [ 100.793165][ C0] Code: f3 0f 1e fa 31 c0 83 3d 47 72 21 04 00 74 1e 83 3d 4a a1 21 04 00 74 15 65 48 8b 0c 25 08 e0 75 92 31 c0 83 b9 2c 0b 00 00 00 <0f> 94 c0 e9 be e5 02 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc [ 100.813426][ C0] RSP: 0018:ffffc90003f9f328 EFLAGS: 00000246 [ 100.819595][ C0] RAX: 0000000000000000 RBX: ffffffff8234457a RCX: ffff888032eb8000 [ 100.827674][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000 [ 100.835708][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8234457a [ 100.843743][ C0] R10: dffffc0000000000 R11: fffff94000363e21 R12: dffffc0000000000 [ 100.851794][ C0] R13: 0000000000000008 R14: 000000000006c7c4 R15: ffff88813fffa5a0 [ 100.859875][ C0] ? pfn_valid+0xba/0x490 [ 100.864266][ C0] ? pfn_valid+0xba/0x490 [ 100.868719][ C0] pfn_valid+0x32a/0x490 [ 100.873036][ C0] page_table_check_set+0x25/0x730 [ 100.878276][ C0] ? __page_table_check_ptes_set+0x2df/0x350 [ 100.884329][ C0] copy_pmd_range+0x5075/0x7f70 [ 100.889299][ C0] ? unwind_get_return_address+0x4d/0x90 [ 100.894988][ C0] ? arch_stack_walk+0xfc/0x150 [ 100.899936][ C0] ? stack_trace_save+0x9c/0xe0 [ 100.905117][ C0] ? __pfx_copy_pmd_range+0x10/0x10 [ 100.910451][ C0] copy_page_range+0xc14/0x1270 [ 100.915361][ C0] ? __lock_acquire+0xab9/0xd20 [ 100.920355][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 100.925789][ C0] ? up_write+0x1c4/0x420 [ 100.930199][ C0] ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10 [ 100.937072][ C0] dup_mmap+0xf4c/0x1b10 [ 100.941379][ C0] ? __pfx_dup_mmap+0x10/0x10 [ 100.946106][ C0] ? mm_init+0xd74/0xfa0 [ 100.950446][ C0] copy_mm+0x13c/0x4b0 [ 100.954568][ C0] copy_process+0x1663/0x3930 [ 100.959362][ C0] ? copy_process+0x915/0x3930 [ 100.964202][ C0] ? __pfx_copy_process+0x10/0x10 [ 100.969345][ C0] ? count_memcg_event_mm+0x21/0x260 [ 100.974687][ C0] kernel_clone+0x21e/0x840 [ 100.979314][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 100.984410][ C0] __x64_sys_clone+0x18b/0x1e0 [ 100.989307][ C0] ? __pfx___x64_sys_clone+0x10/0x10 [ 100.994670][ C0] ? do_syscall_64+0xbe/0xfa0 [ 100.999433][ C0] do_syscall_64+0xfa/0xfa0 [ 101.003994][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.010169][ C0] ? clear_bhb_loop+0x60/0xb0 [ 101.014900][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.020867][ C0] RIP: 0033:0x7f464a585e13 [ 101.025334][ C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 101.045050][ C0] RSP: 002b:00007ffd08587fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 101.053557][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f464a585e13 [ 101.061723][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 101.069808][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 101.077981][ C0] R10: 000055556d7007d0 R11: 0000000000000246 R12: 0000000000000000 [ 101.085994][ C0] R13: 00000000000927c0 R14: 0000000000018820 R15: 00007ffd08588140 [ 101.094277][ C0] [ 101.097372][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 101.104700][ C0] CPU: 0 UID: 0 PID: 5826 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 101.114229][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 101.124331][ C0] Call Trace: [ 101.127649][ C0] [ 101.130537][ C0] dump_stack_lvl+0x99/0x250 [ 101.135205][ C0] ? __asan_memcpy+0x40/0x70 [ 101.139858][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 101.145121][ C0] ? __pfx__printk+0x10/0x10 [ 101.149786][ C0] vpanic+0x237/0x6d0 [ 101.153814][ C0] ? __pfx_vpanic+0x10/0x10 [ 101.158358][ C0] ? is_bpf_text_address+0x26/0x2b0 [ 101.163619][ C0] panic+0xb9/0xc0 [ 101.167373][ C0] ? __pfx_panic+0x10/0x10 [ 101.171918][ C0] __warn+0x334/0x4c0 [ 101.176024][ C0] ? delayed_free_pidns+0x118/0x150 [ 101.181252][ C0] ? delayed_free_pidns+0x118/0x150 [ 101.186492][ C0] report_bug+0x2be/0x4f0 [ 101.190855][ C0] ? delayed_free_pidns+0x118/0x150 [ 101.196076][ C0] ? delayed_free_pidns+0x118/0x150 [ 101.201317][ C0] ? delayed_free_pidns+0x11a/0x150 [ 101.206553][ C0] handle_bug+0x84/0x160 [ 101.210827][ C0] exc_invalid_op+0x1a/0x50 [ 101.215360][ C0] asm_exc_invalid_op+0x1a/0x20 [ 101.220221][ C0] RIP: 0010:delayed_free_pidns+0x118/0x150 [ 101.226040][ C0] Code: 85 ed 7e 2b e8 99 9f 03 00 48 83 c3 a8 48 8b 3d 5e be c7 17 48 89 de 5b 41 5c 41 5e 41 5f 5d e9 1e 1e 5f 00 e8 79 9f 03 00 90 <0f> 0b 90 eb b4 e8 6e 9f 03 00 4c 89 ff be 03 00 00 00 e8 01 fb d2 [ 101.246000][ C0] RSP: 0018:ffffc90000007bb0 EFLAGS: 00010246 [ 101.252083][ C0] RAX: ffffffff81bde0b7 RBX: ffff8880320185b8 RCX: ffff888032eb8000 [ 101.260086][ C0] RDX: 0000000000000100 RSI: 0000000000000002 RDI: 0000000000000000 [ 101.268068][ C0] RBP: 0000000000000002 R08: ffff8880584d4193 R09: 1ffff1100b09a832 [ 101.276057][ C0] R10: dffffc0000000000 R11: ffffed100b09a833 R12: dffffc0000000000 [ 101.284039][ C0] R13: ffffffff81a903d7 R14: ffff8880584d4000 R15: ffff8880584d4190 [ 101.292028][ C0] ? rcu_core+0xc37/0x1770 [ 101.296501][ C0] ? delayed_free_pidns+0x117/0x150 [ 101.301742][ C0] ? __pfx_delayed_free_pidns+0x10/0x10 [ 101.307310][ C0] rcu_core+0xcab/0x1770 [ 101.311612][ C0] ? __pfx_rcu_core+0x10/0x10 [ 101.316314][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 101.321540][ C0] ? sched_clock_cpu+0x74/0x430 [ 101.326414][ C0] ? seqcount_lockdep_reader_access+0x15e/0x1c0 [ 101.332696][ C0] ? __pfx_sched_clock_cpu+0x10/0x10 [ 101.337999][ C0] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 101.343837][ C0] handle_softirqs+0x286/0x870 [ 101.348621][ C0] ? __irq_exit_rcu+0xca/0x1f0 [ 101.353409][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 101.358723][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 101.363966][ C0] __irq_exit_rcu+0xca/0x1f0 [ 101.368579][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 101.373803][ C0] irq_exit_rcu+0x9/0x30 [ 101.378085][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 101.383760][ C0] [ 101.386700][ C0] [ 101.389665][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 101.395766][ C0] RIP: 0010:debug_lockdep_rcu_enabled+0x2a/0x40 [ 101.402053][ C0] Code: f3 0f 1e fa 31 c0 83 3d 47 72 21 04 00 74 1e 83 3d 4a a1 21 04 00 74 15 65 48 8b 0c 25 08 e0 75 92 31 c0 83 b9 2c 0b 00 00 00 <0f> 94 c0 e9 be e5 02 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc [ 101.421701][ C0] RSP: 0018:ffffc90003f9f328 EFLAGS: 00000246 [ 101.427813][ C0] RAX: 0000000000000000 RBX: ffffffff8234457a RCX: ffff888032eb8000 [ 101.435805][ C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000 [ 101.443798][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8234457a [ 101.451791][ C0] R10: dffffc0000000000 R11: fffff94000363e21 R12: dffffc0000000000 [ 101.459788][ C0] R13: 0000000000000008 R14: 000000000006c7c4 R15: ffff88813fffa5a0 [ 101.467800][ C0] ? pfn_valid+0xba/0x490 [ 101.472178][ C0] ? pfn_valid+0xba/0x490 [ 101.476585][ C0] pfn_valid+0x32a/0x490 [ 101.480857][ C0] page_table_check_set+0x25/0x730 [ 101.485989][ C0] ? __page_table_check_ptes_set+0x2df/0x350 [ 101.491992][ C0] copy_pmd_range+0x5075/0x7f70 [ 101.497031][ C0] ? unwind_get_return_address+0x4d/0x90 [ 101.502791][ C0] ? arch_stack_walk+0xfc/0x150 [ 101.507697][ C0] ? stack_trace_save+0x9c/0xe0 [ 101.512628][ C0] ? __pfx_copy_pmd_range+0x10/0x10 [ 101.517874][ C0] copy_page_range+0xc14/0x1270 [ 101.522831][ C0] ? __lock_acquire+0xab9/0xd20 [ 101.527721][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 101.533034][ C0] ? up_write+0x1c4/0x420 [ 101.537374][ C0] ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10 [ 101.544154][ C0] dup_mmap+0xf4c/0x1b10 [ 101.548428][ C0] ? __pfx_dup_mmap+0x10/0x10 [ 101.553156][ C0] ? mm_init+0xd74/0xfa0 [ 101.557452][ C0] copy_mm+0x13c/0x4b0 [ 101.561568][ C0] copy_process+0x1663/0x3930 [ 101.566328][ C0] ? copy_process+0x915/0x3930 [ 101.571138][ C0] ? __pfx_copy_process+0x10/0x10 [ 101.576280][ C0] ? count_memcg_event_mm+0x21/0x260 [ 101.581700][ C0] kernel_clone+0x21e/0x840 [ 101.586326][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 101.591396][ C0] __x64_sys_clone+0x18b/0x1e0 [ 101.596210][ C0] ? __pfx___x64_sys_clone+0x10/0x10 [ 101.601632][ C0] ? do_syscall_64+0xbe/0xfa0 [ 101.606364][ C0] do_syscall_64+0xfa/0xfa0 [ 101.610929][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.617196][ C0] ? clear_bhb_loop+0x60/0xb0 [ 101.621910][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.627814][ C0] RIP: 0033:0x7f464a585e13 [ 101.632251][ C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 101.651866][ C0] RSP: 002b:00007ffd08587fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 101.660301][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f464a585e13 [ 101.668319][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 101.676323][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 101.684319][ C0] R10: 000055556d7007d0 R11: 0000000000000246 R12: 0000000000000000 [ 101.692473][ C0] R13: 00000000000927c0 R14: 0000000000018820 R15: 00007ffd08588140 [ 101.700556][ C0] [ 101.703894][ C0] Kernel Offset: disabled [ 101.708242][ C0] Rebooting in 86400 seconds..