last executing test programs:

4.794865709s ago: executing program 2 (id=1974):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_ifreq(r0, 0x8932, &(0x7f0000000040)={'wg1\x00', @ifru_data=&(0x7f0000000000)="6ce455ac9fd60702802bb87c1100fdddb7044a25aeb6eeda5348e79ee6ba37b2"})
setsockopt$inet_int(r0, 0x0, 0x7, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x4002, &(0x7f00000046c0), 0x4, 0x4d1, &(0x7f0000004140)="$eJzs3c1vE2caAPDHdgJJCF+7i7RwWNCyu+yHiImjwGrFZbUHDiuqtki90pCYCMWJo9ihJOIQeuNWVZVaqaf+Af0fkHrroedW6qGHnpBQQVSklSq5mrENIYnBtIldZX4/acg78479vC/W83o+PQFk1qnkn1zEaER8ERGHm7PPr3Cq+efJo9vT649uT+ei0bjyXS5dL1nWXrX9ugMRsRYRQxHx5qWIa7mtcWsrq3NTlUp5qTVfrM8vFmsrq2dvzE/NlmfLC6Xzk6XxC5MTpZ3r67WLn392993/N9Ye/u+9xUuvHUqaNdqq29iPndTs+mAc3bBsICIu7kawPii0+jPc1dp3dr09vJrk8/t9RJxO8/9wFNJPE8iCRqPR+Kmxv1P1WgPYs/LpNnAuPxYRzXI+PzbW3Ib/Q4zkK9Va/V/Xq8sLM81t5SMxmL9+o1I+19pXOBKDuWR+PC0/my9tmp+ISLeBPygMp/Nj09XKTG+HOmCTA5vy//tCM/+BjLDLD9kl/yG75D9kl/yH7JL/kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2TS65cvJ1NjvXX/+8zNleW56s2zM+Xa3Nj88vTYdHVpcWy2Wp1N79mZf9n7VarVxfFSLN8q1su1erG2snp1vrq8UL+a3td/tTzYk14B3Th68t5XuYhY+89wOiX2terkKuxtjUYu+n0PMtAfhX4PQEDfbDn0t81v9QF7k3184GVf+0OdKhZ3vi1Ab+T73QCgb84cd/4Pssrxf8gul/5CdtnGB3bz+P8bv6A9wO7rdPz/YI/bAfTeaIfnfx3c8OyucxFxKCK+LAzubz/rC9gL8vdzre3/M4f/Mrq5dl/uh/QUwb6IeOfjKx/emqrXl8aT5Q+fLq9/1Fq+g8/qBnZeO0/beQwAZNeTR7en21Mv4z74b/MihCTuemtq1gy0jk0OpecoRx7nnrtWIbdD1y6s3YmIP27X/1zreefNMx8jjwtb4v+u9TfXfIu0vQPpc9N7E//4hvh/2hD/xK/+X4FsuJeMP+e2y798mtPxNP+eH39Gd+jaiXT8i6FY3zL+5Z+Of4UO49/JLmMcG13+umP8OxEnBmKb+O14Q2mszfGTtp3pMv74+5enOtU1Pon4W2wfvy0pFevzi8XayurZ9HfkZssLpfOTpfELkxOlYnqIutg+UL2Nu9/8eO9F/R/pEP9F/U+W/aPL/r/17eD9UzHcMf7fT28XP59+v3SKn7zbP7uM/9e3y8c61SXxZzr0P/+C+MmyiS7jP/jz3U+7XBUA6IHayurcVKVSXlJQeGkh2RP5DTRD4ZUK/x6NePVX9XtkAnbbs6Tvd0sAAAAAAAAAAACAbvXiIuR+9xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYC/4OQAA//+HAtH2")
socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
dup(r1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'team0\x00'})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bond0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d6163766c616e000400028008000500", @ANYBLOB='\b\x00', @ANYRES32=r3], 0x44}}, 0x0)
r4 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_QUERY(0x8, &(0x7f0000000140)={@map=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
futex(&(0x7f000000cffc)=0xfffffffe, 0xd, 0x0, 0x0, 0x0, 0x0)
clock_getres(0x3, &(0x7f0000000040))
r5 = semget$private(0x0, 0x2, 0x80)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r6=>0x0)
timer_settime(r6, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_gettime(0x5, &(0x7f0000000140)={<r7=>0x0, <r8=>0x0})
timer_settime(r6, 0x0, &(0x7f0000000180)={{}, {r7, r8+10000000}}, &(0x7f00000001c0))
semtimedop(r5, &(0x7f0000000080)=[{0x3, 0x1}, {0x4, 0x3, 0x800}, {0x3, 0x81, 0x1000}], 0x3, &(0x7f00000000c0)={0x0, 0x3938700})
timer_create(0x9, &(0x7f0000000100)={0x0, 0x12, 0x1}, &(0x7f0000000500)=<r9=>0x0)
timer_settime(r9, 0x1, &(0x7f00000002c0), 0x0)
timer_settime(r9, 0x0, &(0x7f0000000640)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0xc, 0x100000, 0x0, &(0x7f0000000000), 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000001c0)={0x0, 0x0}, 0x10)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, 0xffffffffffffffff)
set_mempolicy(0x3, &(0x7f0000000200)=0x400, 0x3ff)
socket$netlink(0x10, 0x3, 0xf)
syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)

4.6658231s ago: executing program 2 (id=1980):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
connect$l2tp6(r0, &(0x7f0000000400)={0xa, 0xc00, 0x0, @loopback={0xe0}}, 0x20)

4.633176003s ago: executing program 2 (id=1982):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x17, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff15)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, &(0x7f00000007c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x5, 0x59, &(0x7f0000000580)=""/195, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r1, &(0x7f00000001c0)=ANY=[@ANYRES16=r0, @ANYRES8=r2, @ANYRES8=r0], 0x34)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='timer_expire_entry\x00', r0}, 0x10)
ioprio_set$pid(0x1, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x20000023896)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000780), 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
r7 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
fchdir(r7)
r8 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r8, &(0x7f0000000100)=""/76, 0x4c)
getdents(r8, &(0x7f0000001fc0)=""/178, 0xb2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=ANY=[], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)

1.223092541s ago: executing program 4 (id=2043):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x16, 0x0, 0x0, 0x8000, 0x0, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4}, 0x48)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
sendto$inet(r1, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x0, @local}, 0x10)
r2 = socket(0x1d, 0x2, 0x6)
bind$can_j1939(r2, 0x0, 0x0)
socket(0x10, 0x80002, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00'})

1.22243285s ago: executing program 4 (id=2044):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000140), 0xe9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r0, 0x0)
r1 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
io_submit(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, [@jmp={0x5, 0x1, 0x5, 0x6, 0xa, 0x30, 0xfffffffffffffffc}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_generic(0x11, 0x3, 0x10)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000040)=0x5)
r2 = socket(0x28, 0x5, 0x0)
r3 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r3, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080), 0x10)
write$binfmt_script(r2, &(0x7f0000001000)={'#! ', '', [{0x20, '['}, {0x20, '%\\.!(./,'}, {0x20, '\x00'}, {0x20, ',/}@(!}-'}, {}]}, 0x1b)

1.218941291s ago: executing program 4 (id=2045):
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x58, &(0x7f0000000300)}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x700000000000000, &(0x7f00000017c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48)

1.167045695s ago: executing program 3 (id=2046):
r0 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r2 = dup3(r0, r1, 0x0)
preadv(r2, &(0x7f0000000540)=[{&(0x7f00000029c0)=""/4096, 0x1000}], 0x1, 0x600, 0x0)

1.165701745s ago: executing program 3 (id=2048):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="146400001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003"], 0x64}}, 0x0)

1.165573695s ago: executing program 3 (id=2049):
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000000)='./file1\x00', 0x1500, &(0x7f0000000180)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c646973636172642c756d61736b3d30313030303030303030303030303030303133363033332c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c756e695f3480c51019917e8d54a33b786c6174653d312c6e6f6e756d7461696c3d302c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c3d3078303030303030303030303030303466adfd91bb726f72733d636f6e74696e75652c756e695f786c6174653d302c73686f72746e00"/254], 0x6, 0x2a6, &(0x7f0000000440)="$eJzs3T9rW1cUAPDzbFlS20EaOpVCH7RDJ2N77SJTbDDV1KKh7dCa2oZiiYINhv6hqqeuXTr2ExQC2fIlsmTIHsgayBYPhhee9F4kO7JsBcvOn99v8fV999x77vXFxoPO+/Hj3v5OGnvHfzyKej2JhVa04iSJZixE6a84o/VPAABvspMsi6fZ0CxxSUTU55cWADBHM//9vzv3lACAOfvm2+++Wm+3N75O03ps9v4+6uT/2edfh8/X9+Ln6MZurEQjTiOyF4btzSzL+pU014zPev2jTh7Z++F+Mf/6k4hB/Go0ojnoOhu/1d5YTYfG4vt5Hu8X67fy+LVoxIcT1t9qb6xNiI9ONT7/dCz/5WjEg5/il+jGziCJUfyfq2n6Zfbvs9+/z9PL45P+Uac2GDeSLd7wjwYAAAAAAAAAAAAAAAAAAAAAgLfYclE7pxaD+j15V1F/Z/E0/2Yp0lLzbH2eYXxSTnSuPlA/i//K+joraZpmxcBRfCU+qkTldnYNAAAAAAAAAAAAAAAAAAAAr5fDX3/b3+52dw+upVFWAyg/1v+q87TGej6J6YNro7UWiuaUmWOxHJNETE0j38Q1Hctljfcuyvn/O7NOWL98zNK087meRnm79reTyWdYi7KnXl6Se+NjqnHFtaoXPcpmun7ViY8aM++9+sGg0Z8yJpJpiX3xeHhyRU9yfhfVwalODF8qGmPh5+7GTPf55d8ViWodAAAAAAAAAAAAAAAAAAAwV6MP/U54eHxB0MOt4Uv+a3NODgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuyOj9/zM0+kXwFQZX4+DwlrcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAO+B5AAAA///S9mga")

1.165182575s ago: executing program 4 (id=2050):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x11201, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)=[@mark={{0x14, 0x1, 0x24, 0x63e0}}, @timestamping={{0x14}}], 0x30}, 0x44000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000001380)={0xfffffffffffff800, [], 0x6, "49b16ab3bf8235"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000002380)={{0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffff, 0x0, 0xf19, 0xc7c, 0x0, 0x0, 0x0, 0x2}})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=ANY=[@ANYBLOB="340000001a000100000000000000000002000000000000000000000008000300", @ANYRES32=r2, @ANYBLOB="080001001a"], 0x34}}, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_dccp(0xa, 0x6, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), 0xffffffffffffffff)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)={0x30000009})
r5 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'ip6gre0\x00', <r6=>0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01ce901ede9dc3a4e397a281ad9778d200000000020000000000000000000004000000030000000000"], 0xffffffffffffffff, 0x3e, 0x0, 0x8}, 0x20)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2800000013000100000000070000000000000000", @ANYRES32=r6, @ANYBLOB="0860000000000000080029009a8a06"], 0x28}}, 0x0)
epoll_pwait2(r4, &(0x7f0000000180)=[{}], 0x1, 0x0, 0x0, 0x0)
r8 = io_uring_setup(0x6503, &(0x7f0000001300))
dup3(r8, r4, 0x0)
r9 = open$dir(&(0x7f0000000080)='./file0\x00', 0x7e, 0x0)
writev(r9, &(0x7f0000000280), 0x0)

1.131623658s ago: executing program 3 (id=2051):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, 0x0, 0x0, 0x0, 0x1000, &(0x7f0000000300)=""/4096}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0xc1)
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
fsopen(0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000a40)='./cgroup.cpu/cpuset.cpus\x00', &(0x7f00000002c0), 0x0, 0x0, 0x2000000)

1.10318173s ago: executing program 3 (id=2052):
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_io_uring_setup(0x66de, &(0x7f00000005c0)={0x0, 0x0, 0x10100}, &(0x7f0000000380), &(0x7f0000000440)=<r2=>0x0)
syz_io_uring_setup(0x1868, &(0x7f00000003c0)={0x0, 0x0, 0x80, 0x2, 0x325}, &(0x7f0000000040), &(0x7f0000000180))
syz_io_uring_submit(0x0, r2, &(0x7f0000000240)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x10, 0x6000, @fd_index=0x4, 0x3, 0x0, 0x0, 0x19})
io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40044591, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000280)=ANY=[@ANYRESDEC], &(0x7f0000000200)='GPL\x00', 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='rpcgss_svc_authenticate\x00'}, 0x10)
sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x8, 0xb88}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$VT_OPENQRY(0xffffffffffffffff, 0x5600, &(0x7f0000001480))
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000001680)=0x9ac)
ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0x0)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r5 = mq_open(&(0x7f0000001840)='[!\x00', 0x40, 0x4, 0x0)
open$dir(0x0, 0x0, 0x0)
getresuid(&(0x7f00000017c0), 0x0, 0x0)
sendmsg$unix(r4, 0x0, 0x0)
readv(r5, &(0x7f0000003b40)=[{0x0}, {0x0}, {&(0x7f00000002c0)=""/65, 0x41}, {0x0}, {0x0}], 0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x0, 0x0)

766.722487ms ago: executing program 1 (id=2057):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000f3ffffb015000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x1021000, 0xffffffffffffffff, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0) (async)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
dup(r2) (async)
r3 = dup(r2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0}, 0x10)
getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@loopback, @in=@dev}}, {{}, 0x0, @in6=@dev}}, &(0x7f0000000080)=0xe8)
mount$9p_fd(0x20000000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000040), 0x42008, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})
ioctl$sock_netdev_private(r3, 0x89f1, &(0x7f0000000180)="d0a5a42d22ad3b3a10e9d6dae050b06ece2b3bdf76b03cbae1848937baf0f4198365b2d90fb423f196b390cbb9a49e4df80d3561fd07e0d1517343cd58e98cd23ed2dae3dc3eb6489737778a9b4ef3ed7f683b5fb0bbb0bbd5faeef11d689977741d5165bce7c87277809d908672176b74babd3c537c44732b71ec64d0b5d2")

755.368598ms ago: executing program 1 (id=2058):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r0, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r0, 0x0)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r1, 0x10d, 0xea, 0x0, &(0x7f00000000c0))

687.150044ms ago: executing program 1 (id=2059):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x14, 0x3b, 0x9, 0x0, 0x5000000, {0x1}}, 0x14}}, 0x0)

686.551324ms ago: executing program 1 (id=2060):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0xe8, 0xe8, 0x1f0, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f0}}, {{@uncond, 0xc0, 0x108, 0x0, {0x0, 0x1e03}}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@arp={@dev, @private, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {@mac=@multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bond_slave_1\x00', 'vlan0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @multicast2, @multicast2}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
openat$vsock(0xffffffffffffff9c, &(0x7f00000005c0), 0x220000, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={<r2=>0xffffffffffffffff})
r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
dup3(r2, r3, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000380)=@urb_type_iso={0x0, {0x1, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, [{}]})
dup(0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80, &(0x7f0000000700)={[{@oldalloc}, {@min_batch_time}, {@min_batch_time={'min_batch_time', 0x3d, 0x8e}}, {@errors_remount}, {@jqfmt_vfsv0}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000000}}, {@debug}, {@nombcache}, {@data_err_abort}, {@data_writeback}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@nogrpid}], [], 0x2c}, 0x0, 0x4bb, &(0x7f0000000140)="$eJzs3MtvVNUfAPDvnT6gP+DXik8eyigaGx8tLc+FG40mbExMNAaXY1sIUsDQmgBppBqDiQsNf4GPnYl/gSvdGHWlcatxa0yI6QZ0Ya65M3fKlJlpO3TaAebzSQbOmXvuPefcc097HrkNoGsVs3+SiK0R8WtEDFaiSxMUK/9dX5ib+HthbiKJNH31r6Sc7trC3EQ1afW8LXlkuBBR+CCJXQ3ynblw8VRpenrqXB4fnT399ujMhYvPnjxdOjF1YurM+JEjB/YPHD40frAt9czKdG3nu2d37zj6xpWXJ45defOHr7Lypvnx2npUDLWYQ0/dN8UoLr2XNZ5o8eq3u2014aS3gwWhJdlTmzVXX7n/D0ZP3Gi8wXjp/Y4WDlhXaZqmm+q+XfxdNp/WSpLKCcBdItGloUtVf9FfW8hmqnMT9fPgu9vV56M8A8rqfT3/VI70RiGbww9V5kZ965T/fRFxbP6fT7NPNFyHAABor2+y8c8zlXFH9VM5UogHatL9P98bGoqIeyJie0Tcm49f7o8op30wIh6qOScbUdavLS1VvCleP/75eWBNFVxBNv57Lt/bWjr+K1STDPXksW3l+vclx09OT+3L78lw9G3K4mP1l16s+rcv/vJJs/yLNeO/7JPlXx0L5uX4s/emmzhZmi2ttd5VV98rL+ldqq9/srgTkLXjjojYeQvXz+7Zyae+3N3s+Mr1/7j5xduwz5R+HvFkpf3n46b6Z/rzUOP9ybHDh8YPjm6O6al9o9Wnot6PP11+JQ/WTSNWrv/6ytr/fw2f/8Wdy6Gkdr92pvU8Lv/2YdM5za0+//3Ja+Vwf/7d+dLs7LmxiP5kvv778Rvnni8NLEmf1X94b+P+vz3i38/y83ZFRPYQPxwRj0TEnrzsj0bEYxGxd5n6f//C4281m0LeDu0/2VL7tx7oOfXd13UZf1RcZf2z9j9QDg3n30yWZjevVK/VFnDNNxAAAADuAHsiYmskhZF8jXNrFAojIxFbFldQZmafPn72nTOTlXcEhqKvUF3pGqxZDx3L14azeHbWeE08O76/vG6cpmk6UI6PTJyd3tbZqkPX29Kk/2f+qH+lBbjbtLSP1uyNNuCOdOv76GlbywFsPO9rQ/fS/6F7rbr/r9dbcEDHNOr/lyKud6AowAZr1P9f70A5gI1n/g/dS/+H7qX/Q1day3v9ywW2H10mTdK7Ppk2DxRi+b8CMBTR2gV/L0S0p4Q9ba3pwCradHO0I68orJimt4U/xLCxgcLtUYxKYFNErPD0Lj5sl6qBi+tdsPKPhy86/fMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgrf4LAAD//8E921o=")
socket$netlink(0x10, 0x3, 0x0)
sendmsg$SOCK_DESTROY(0xffffffffffffffff, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}})
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
r7 = socket$key(0xf, 0x3, 0x2)
pidfd_getfd(r5, r7, 0x0)
perf_event_open(&(0x7f0000000100)={0x6, 0x80, 0x6, 0x9, 0xf8, 0x3f, 0x0, 0xfffffffffffffffe, 0xc0804, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xc100, 0x1, @perf_config_ext={0x2, 0x8000000000000000}, 0x4200, 0x8000000000000001, 0x5, 0x0, 0xffffffffffffff81, 0x8001, 0x3, 0x0, 0x3ff, 0x0, 0x2}, 0xffffffffffffffff, 0xd, r5, 0x1)
prctl$PR_SET_MM(0x23, 0x2, &(0x7f0000ffd000/0x3000)=nil)

552.360615ms ago: executing program 1 (id=2061):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0x2, 0x4000000000000001, 0x0)
dup(r0)
mount$9p_rdma(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="070600000000000000002d00000005002e00000000000c0005000000000000000000", @ANYRES32=r1, @ANYBLOB="08002f000000000005002b"], 0x40}}, 0x0)

543.707466ms ago: executing program 1 (id=2062):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f00000000c0))
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000200)={[{@data_err_abort}, {@nodelalloc}]}, 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r3, 0x8004587d, &(0x7f0000000140)={0x2, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
setxattr$system_posix_acl(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780)='system.posix_acl_access\x00', &(0x7f00000007c0)=ANY=[], 0x24, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01010000000000000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000008140000a1939ab1f01321637bf624304b53001100"], 0x64}}, 0x0)

479.017631ms ago: executing program 0 (id=2063):
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
shutdown(0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x2000000)

467.077842ms ago: executing program 0 (id=2064):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x600)

454.457053ms ago: executing program 0 (id=2065):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x24, 0x3, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}}, 0x0)
recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x140, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4091, 0x102b}, {&(0x7f0000001580)=""/238, 0xf0}], 0x5, 0x0, 0x353}}], 0x40000000000002e, 0x0, 0x0)

402.992097ms ago: executing program 0 (id=2066):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x16, 0x0, 0x0, 0x8000, 0x0, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4}, 0x48)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
sendto$inet(r1, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x0, @local}, 0x10)
r2 = socket(0x1d, 0x2, 0x6)
bind$can_j1939(r2, 0x0, 0x0)
socket(0x10, 0x80002, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00'})

174.480426ms ago: executing program 3 (id=2067):
r0 = socket$pppoe(0x18, 0x1, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f00000001c0)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}, 'veth1_vlan\x00'}}, 0x1e)
connect$pppoe(r1, &(0x7f0000000140)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, 'syz_tun\x00'}}, 0x1e)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006000d00036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='devices.list\x00', 0x275a, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f582db44b904021d080006007c09e8fe55a10a0015400100140b03600e120800060000000401a8001600a400014003e00200036010faa94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52ff0716277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006fcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mbind(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x4005, &(0x7f0000000000)=0x5, 0x4, 0x0)
set_mempolicy_home_node(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
dup(r4)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r5, 0x84, 0x1e, &(0x7f0000000100)=0x5f8, 0x4)

118.34533ms ago: executing program 2 (id=2068):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0xd000, &(0x7f0000000000)={&(0x7f0000000800)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}]}, @NFT_MSG_NEWSETELEM={0x58, 0xc, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x2c, 0x3, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x1c, 0xb, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x4}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xdc}}, 0x0)

115.609051ms ago: executing program 4 (id=2069):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0xd00, &(0x7f0000000000)={&(0x7f0000000280)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@loopback}, {@in=@remote, 0x0, 0x32}, @in=@local, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x7}}]}, 0x154}}, 0x0)

98.425422ms ago: executing program 0 (id=2070):
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f00000000c0)=0x7f)
r0 = inotify_init1(0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={<r1=>0x0}, 0x0)
setuid(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0xb, 0x0, 0x0}, 0x90)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4548, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x20000000, 0x6, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000180)=ANY=[@ANYRESDEC=r1, @ANYRESHEX=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000000)='GPL\x00', 0xfa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r4, 0x1, 0x10, &(0x7f0000000080)=0x9, 0x4)
bind$bt_hci(r4, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r4, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
rseq(&(0x7f0000000540), 0x20, 0x0, 0x0)
socket$kcm(0xa, 0x0, 0x3a)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0x20000008b}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x8000000, 0x238, 0xf8, 0x720d, 0x148, 0xf8, 0x148, 0x1c8, 0x240, 0x240, 0x1c8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)
msgget$private(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000300)=ANY=[], 0x8, 0x800)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000f00f88)={{0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
msgsnd(0x0, &(0x7f0000000900)=ANY=[@ANYRESHEX], 0x1, 0x0)
msgrcv(0x0, 0x0, 0x66, 0x0, 0x3f000000)
unlinkat(0xffffffffffffff9c, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

97.675892ms ago: executing program 4 (id=2071):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
socket(0x0, 0x3, 0x0)
write$RDMA_USER_CM_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x10, 0x3, &(0x7f00000002c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0xf}, 0x90)
r1 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r2 = socket$inet6(0xa, 0x800000000000002, 0xfffffffe)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000002c0)="8e79ff439fed87bfa66701811c6a7252e6f4b3a9", 0x14}, {&(0x7f0000000640)="e864f392596de4868e6ec7138fb04c311ba7f8b9aabe", 0x16}, {&(0x7f0000000340)="13e1aab75b72553399f914da258f57", 0xf}, {&(0x7f0000000380)="109183e5473d3ed013d8dd1e8a5b17a64b910acca9ed8447da63bf3f22524b34680806b72d3c739c5dbb8e3994d1fb13e0309a360633bb32ecad6d411ab41c47365639aa96544022fb3ae32179de4c45df8a85ac8cd5c005051b4efaf3295596f0dd13e52674c243df11f26eae7bb9779470edf109e826b3d399f9348213ea8d53cc54ac5a91bb827bb7c12593a1cca8d03cc74f592a3c2a3aebdfe5ae05e829f19bd7b10e2d7cf9e216cfd9b347580c4a2ceb01d1b3c8c70e6f8c6365b9d6dc55421a77bf2b99b7de284b8b87eb5d0fb183160e8ddef1d18dbd", 0xda}, {&(0x7f0000000480)="9586839bdcb1b82f94f7e2afbbebef06e439488e468cdc2ae8c93e19f98bd3b18ba088762b0e71c66879e5e9ce626acae0b64830a945812c04d77389f6288631b2747c5c75b486b6ad825576e13bb026be1b9664b1bd0ca879f79bacaed54a1a4ca7f88341af3b6bf3a802d4408edcd91494bab2f82d35ea0bc8f118d932f94619d3bb51c3656302836e5374bad1e2fbfb32d83f34947289d80db097263134c8d2886ba6fce2e814454566475b7b", 0xae}], 0x5, 0x0, 0x0, 0x20000000}, 0xa}], 0x1, 0x4000300)
r3 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
pwritev(r3, &(0x7f0000000600)=[{&(0x7f0000000180)="10", 0x1}], 0x1, 0x800000, 0x0)
lsetxattr$security_capability(&(0x7f00000001c0)='./bus\x00', &(0x7f0000000200), &(0x7f0000000280)=@v2={0x2000000, [{0x3, 0x7fffff8b}, {0x42, 0x8}]}, 0x14, 0x3)
write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r3)
sendfile(r1, r1, 0x0, 0x24002de8)
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x800)
ioctl$LOOP_CLR_FD(r1, 0x4c01)
ioctl$BLKIOMIN(r1, 0x1278, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_create(r4, &(0x7f0000000700)=@objname={'system_u:object_r:console_device_t:s0', 0x20, '/usr/sbin/ntpd', 0x20, 0x4, 0x20, './bus\x00'}, 0x50)
pwritev2(r4, &(0x7f0000000240), 0x0, 0x7a00, 0x0, 0x3)
r5 = syz_io_uring_setup(0x732f, &(0x7f0000000940)={0x0, 0x100}, &(0x7f0000000240), &(0x7f0000000a00))
io_uring_register$IORING_REGISTER_BUFFERS2(r5, 0xf, &(0x7f0000001c80)={0x2, 0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000a40)=""/4096, 0x1000}, {0x0}], &(0x7f0000001c40)}, 0x20)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)

35.025807ms ago: executing program 2 (id=2072):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0x2, 0x4000000000000001, 0x0)
dup(r0)
mount$9p_rdma(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="070600000000000000002d00000005002e00000000000c0005000000000000000000", @ANYRES32=r1, @ANYBLOB="08002f000000000005002b"], 0x40}}, 0x0)

34.625607ms ago: executing program 2 (id=2073):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a4b78c660e677df701908b9aaa3f6a00400", "036c47c6780820d1cbe78969e3fdcf335263bdbcef549ba197fce47ddfc2553abd9501ce721b6ae9b49600002a00", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})
write$binfmt_script(r1, &(0x7f0000000140), 0xfcb8)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0xfe, 0x100000001})

0s ago: executing program 0 (id=2074):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x0, @private2}], 0x1c)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$sock_buf(r1, 0x1, 0x4b, &(0x7f0000001340)=""/4096, &(0x7f0000000340)=0x1000)
setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000100), 0x4)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000080)='./file0\x00', 0x2010050, &(0x7f0000000580)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="574ebc0e94989fcde4c7e6c29d5b7d84ea1d3b850bb44bd48bb9519bc17acbb165391925581f91c0647c1d56315d4d044e055c5842362d6e3547a65f0d1dc45f590e08b80c1182db21b765ab93d407000000a9415a11b2facb5efbeda5c99dab23a7176fd9bdcc116a308a7b3a9e3562550da7ba26451b761e0bc1c92c045eee"], 0xff, 0x2ce, &(0x7f0000000640)="$eJzs3M9LFH8cx/G3uu6uK7p7+PL98i2iN3UpgkG3e7CEUrRQqBtZEIw6W8tOu7IzGBuhduoa/REdxKM3oTp09dKtU5duHgo6JPRjYmdnddUVk9od0+cDdN7OzNvP58OM8hrBWb/17EEx7xh505XueK90iyzKhkiqVolUa5+6RCQudV0SlWaLcr7/87tT45O3r2Wy2ZEx1dHMxMW0qg6efvnw8fKZ127/zZXB1Zispe6uf0p/WPt37f/1HxP3C44WHC2VXTV1qvzejU7Zls4UnKKhesPzTMfSQunNpIh/vOyateN5uzw7W1WzNDOQmK1YjqNmqapFq6oSEalU1bxnFkpqGIYOJAT7iS2NjZkZv4wfuHm6DRPCb7uy68avVDJmj4j07To3t9SpWQEAgMNje/7Xnfnf1xVsa3u+e57X3H+w/L8a3SP/B/m+kf9tq57/Havi/lr+d8vq1vJ/hPx/ALmt/I8jq5b/E8HPr+/JneUhvyD/AwAAAAAAAAAAAAAAAAAAAADwN9jwvKTnecnGtvERC/4lvPF12PNEe3D9j7dxDQrVuIj9dC43lxOxe+s7N6+7JUOSlG/+/RCo16NXsyND6kvJK3sh6F+Yy/X4jZm8FMQWS4YlKanW/cP1ft3e3yuJ5v60JOWf1v3plv1ROXe2qd+QpLydlrLYMuPf11v988Oql69nd/T3+ecBAAAAAHAUGLqp5fO7Yex1vN6fyYv4z9f7/31gx/N1RE5Ewl07AAAAAADHhVN9VDRt26p0sIiLSPvHqq2us+tqUcxfCHP0sItk057GS6Q7Po1I86CxYBZtGuu/5y++/LlveGnl5NfwrmB4v5MAAAAAtMdW6N/7HO9jJ2cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx04nXiYW9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCw+BkAAP//0b8mQA==")
r2 = open(&(0x7f0000000100)='./bus\x00', 0x400145042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r2, 0x0)
r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ftruncate(r3, 0x8)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$bt_hci(r4, 0x0, 0x3, &(0x7f0000001140)=""/4086, &(0x7f0000000180)=0xff6)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x42240, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r5, 0xc018937c, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0x1}}, './file0\x00'})
recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

sim3: renamed from eth3
[  112.709845][ T8459] 8021q: adding VLAN 0 to HW filter on device bond0
[  112.738526][ T8459] 8021q: adding VLAN 0 to HW filter on device team0
[  112.756519][ T5156] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.763588][ T5156] bridge0: port 1(bridge_slave_0) entered forwarding state
[  112.786926][ T5152] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.794039][ T5152] bridge0: port 2(bridge_slave_1) entered forwarding state
[  112.810088][ T8459] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  112.820575][ T8459] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  112.866039][ T3348] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.955451][ T3348] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.966725][ T8539] loop3: detected capacity change from 0 to 1024
[  113.008561][ T8539] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  113.018262][ T8539] EXT4-fs (loop3): group descriptors corrupted!
[  113.175612][ T3348] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.216198][ T8459] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.284588][ T3348] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.301102][ T5143] IPVS: starting estimator thread 0...
[  113.410156][ T8515] chnl_net:caif_netlink_parms(): no params data found
[  113.483503][ T8556] IPVS: using max 2832 ests per chain, 141600 per kthread
[  113.508732][ T3348] bridge_slave_1: left allmulticast mode
[  113.514482][ T3348] bridge_slave_1: left promiscuous mode
[  113.520142][ T3348] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.530070][ T3348] bridge_slave_0: left allmulticast mode
[  113.535744][ T3348] bridge_slave_0: left promiscuous mode
[  113.541410][ T3348] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.637805][ T3348] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  113.648394][ T3348] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  113.659450][ T3348] bond0 (unregistering): Released all slaves
[  113.682760][ T8515] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.689868][ T8515] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.703057][ T8515] bridge_slave_0: entered allmulticast mode
[  113.717463][ T8515] bridge_slave_0: entered promiscuous mode
[  113.727286][ T8515] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.734389][ T8515] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.741544][ T8515] bridge_slave_1: entered allmulticast mode
[  113.748847][ T8515] bridge_slave_1: entered promiscuous mode
[  113.761253][ T3348] hsr_slave_0: left promiscuous mode
[  113.767929][ T3348] hsr_slave_1: left promiscuous mode
[  113.773767][ T3348] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  113.781193][ T3348] batman_adv: batadv0: Removing interface: batadv_slave_0
[  113.788692][ T3348] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  113.796154][ T3348] batman_adv: batadv0: Removing interface: batadv_slave_1
[  113.807630][ T3348] veth1_macvtap: left allmulticast mode
[  113.813239][ T3348] veth1_macvtap: left promiscuous mode
[  113.818729][ T3348] veth0_macvtap: left promiscuous mode
[  113.824264][ T3348] veth1_vlan: left promiscuous mode
[  113.829511][ T3348] veth0_vlan: left promiscuous mode
[  113.930907][ T8578] loop4: detected capacity change from 0 to 128
[  113.949733][ T3348] team0 (unregistering): Port device team_slave_1 removed
[  113.963968][ T3348] team0 (unregistering): Port device team_slave_0 removed
[  114.007996][ T8580] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1529'.
[  114.034898][ T8515] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  114.057597][ T8459] veth0_vlan: entered promiscuous mode
[  114.057742][ T8582] loop3: detected capacity change from 0 to 128
[  114.070904][ T8515] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.095419][ T8459] veth1_vlan: entered promiscuous mode
[  114.102372][ T8515] team0: Port device team_slave_0 added
[  114.113575][ T8515] team0: Port device team_slave_1 added
[  114.145302][ T8515] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.152247][ T8515] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.178181][ T8515] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  114.196877][ T8459] veth0_macvtap: entered promiscuous mode
[  114.204469][ T8459] veth1_macvtap: entered promiscuous mode
[  114.210875][ T8515] batman_adv: batadv0: Adding interface: batadv_slave_1
[  114.218058][ T8515] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.243926][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88811362b400: rx timeout, send abort
[  114.252223][ T8515] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  114.269644][ T8592] loop4: detected capacity change from 0 to 512
[  114.286406][ T8459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.296964][ T8459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.306830][ T8459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.317305][ T8459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.327173][ T8459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.337584][ T8459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.348605][ T8592] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz.4.1533: corrupted in-inode xattr: invalid ea_ino
[  114.349154][ T8459] batman_adv: batadv0: Interface activated: batadv_slave_0
[  114.375851][ T8592] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.1533: couldn't read orphan inode 15 (err -117)
[  114.388396][ T8592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.402987][ T8515] hsr_slave_0: entered promiscuous mode
[  114.410088][ T8515] hsr_slave_1: entered promiscuous mode
[  114.419057][ T8459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.429596][ T8459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.439519][ T8459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.450015][ T8459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.459834][ T8459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  114.470319][ T8459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.482224][   T29] audit: type=1400 audit(1720754512.061:1063): avc:  denied  { setattr } for  pid=8591 comm="syz.4.1533" path="/15/file1/memory.events" dev="loop4" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  114.508794][ T8459] batman_adv: batadv0: Interface activated: batadv_slave_1
[  114.539019][ T8459] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.547777][ T8459] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.556525][ T8459] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.565263][ T8459] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.728209][ T8609] loop1: detected capacity change from 0 to 128
[  114.736833][ T8609] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  114.748840][    C1] vxcan0: j1939_tp_rxtimer: 0xffff88811362b400: abort rx timeout. Force session deactivation
[  114.759921][ T8609] ext4 filesystem being mounted at /4/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  114.833620][ T8609] loop1: detected capacity change from 128 to 127
[  114.840465][ T8609] EXT4-fs error (device loop1): ext4_dx_csum_verify:501: inode #2: comm syz.1.1537: dir seems corrupt?  Run e2fsck -D.
[  114.857311][ T8609] EXT4-fs error (device loop1): dx_probe:822: inode #2: comm syz.1.1537: Directory index failed checksum
[  114.869080][ T8609] EXT4-fs error (device loop1): ext4_dx_csum_verify:501: inode #2: comm syz.1.1537: dir seems corrupt?  Run e2fsck -D.
[  114.882356][ T8609] EXT4-fs error (device loop1): dx_probe:822: inode #2: comm syz.1.1537: Directory index failed checksum
[  114.900349][ T8459] EXT4-fs error (device loop1): ext4_dx_csum_verify:501: inode #2: comm syz-executor: dir seems corrupt?  Run e2fsck -D.
[  114.928140][ T8515] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  114.935744][ T8459] EXT4-fs error (device loop1): dx_probe:822: inode #2: comm syz-executor: Directory index failed checksum
[  114.949440][ T8515] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  114.962979][ T8515] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  114.975854][ T8459] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  114.987048][ T8515] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  115.012859][ T8612] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1539'.
[  115.053065][ T8515] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.082712][ T8515] 8021q: adding VLAN 0 to HW filter on device team0
[  115.106287][ T5143] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.113425][ T5143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.140589][ T8615] loop3: detected capacity change from 0 to 128
[  115.145926][ T5143] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.153876][ T5143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.162294][ T8615] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978)
[  115.162698][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.195832][ T8615] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  115.226877][ T8615] EXT4-fs error (device loop3): __ext4_find_entry:1695: inode #2: comm syz.3.1540: checksumming directory block 0
[  115.232828][ T8515] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.248471][   T29] audit: type=1400 audit(1720754512.891:1064): avc:  denied  { lock } for  pid=8614 comm="syz.3.1540" path="socket:[28050]" dev="sockfs" ino=28050 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  115.266629][ T8615] EXT4-fs error (device loop3): __ext4_find_entry:1695: inode #2: comm syz.3.1540: checksumming directory block 0
[  115.315372][ T7509] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  115.359774][ T8515] veth0_vlan: entered promiscuous mode
[  115.371830][ T8515] veth1_vlan: entered promiscuous mode
[  115.389410][ T8515] veth0_macvtap: entered promiscuous mode
[  115.397836][ T8515] veth1_macvtap: entered promiscuous mode
[  115.409693][ T8515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.420178][ T8515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.429984][ T8515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.440418][ T8515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.450242][ T8515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.460773][ T8515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.470648][ T8515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.481075][ T8515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.496466][ T8515] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.508526][ T8515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.518964][ T8515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.528780][ T8515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.539197][ T8515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.549073][ T8515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.559510][ T8515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.569327][ T8515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.579739][ T8515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.594331][ T8515] batman_adv: batadv0: Interface activated: batadv_slave_1
[  115.622596][ T8633] loop3: detected capacity change from 0 to 2048
[  115.633021][ T8515] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.641786][ T8515] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.650738][ T8515] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.659580][ T8515] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.755614][ T8633] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.769237][ T8633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1542'.
[  116.097694][ T8646] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1545'.
[  116.131997][ T8650] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1547'.
[  116.188729][ T8652] loop4: detected capacity change from 0 to 512
[  116.245517][ T8652] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  116.255267][ T8652] System zones: 0-2, 18-18, 34-34
[  116.261012][ T8652] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1548: bg 0: block 248: padding at end of block bitmap is not set
[  116.282058][ T8652] Quota error (device loop4): write_blk: dquota write failed
[  116.289568][ T8652] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  116.302790][ T8656] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1549'.
[  116.312836][ T8652] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz.4.1548: Failed to acquire dquot type 1
[  116.326643][ T8652] EXT4-fs (loop4): 1 truncate cleaned up
[  116.332708][ T8652] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.435300][ T8664] netlink: 204 bytes leftover after parsing attributes in process `syz.4.1550'.
[  116.468258][   T29] audit: type=1400 audit(1720754514.111:1065): avc:  denied  { getopt } for  pid=8667 comm="syz.4.1553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  116.488170][ T8668] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1553'.
[  116.502786][ T8668] netlink: 'syz.4.1553': attribute type 16 has an invalid length.
[  116.510785][ T8668] netlink: 'syz.4.1553': attribute type 16 has an invalid length.
[  116.530779][ T8671] loop4: detected capacity change from 0 to 128
[  116.548705][ T8671] syz.4.1554: attempt to access beyond end of device
[  116.548705][ T8671] loop4: rw=0, sector=121, nr_sectors = 112 limit=128
[  116.634560][ T8682] loop4: detected capacity change from 0 to 512
[  116.642375][ T8682] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  116.651941][ T8682] EXT4-fs (loop4): 1 truncate cleaned up
[  116.715165][ T8684] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1558'.
[  117.041156][ T8688] loop2: detected capacity change from 0 to 2048
[  117.125399][ T8688] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.139543][ T8688] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1559'.
[  117.370219][   T29] audit: type=1326 audit(1720754515.011:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8698 comm="syz.3.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f314d16fbd9 code=0x7ffc0000
[  117.419172][   T29] audit: type=1400 audit(1720754515.061:1067): avc:  denied  { ioctl } for  pid=8705 comm="syz.3.1565" path="/79/file0" dev="configfs" ino=248 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  117.446463][   T29] audit: type=1400 audit(1720754515.061:1068): avc:  denied  { mounton } for  pid=8705 comm="syz.3.1565" path="/79/file0" dev="configfs" ino=248 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  117.527767][   T29] audit: type=1400 audit(1720754515.171:1069): avc:  denied  { write } for  pid=8720 comm="syz.4.1567" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  117.763824][ T8722] chnl_net:caif_netlink_parms(): no params data found
[  117.806412][ T8722] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.813552][ T8722] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.820437][   T29] audit: type=1400 audit(1720754515.461:1070): avc:  denied  { bind } for  pid=8752 comm="syz.2.1574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  117.820714][ T8722] bridge_slave_0: entered allmulticast mode
[  117.846405][ T8722] bridge_slave_0: entered promiscuous mode
[  117.853114][ T8722] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.860322][ T8722] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.867713][ T8722] bridge_slave_1: entered allmulticast mode
[  117.874200][ T8722] bridge_slave_1: entered promiscuous mode
[  117.902127][ T8722] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.918136][ T8722] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.938524][ T8722] team0: Port device team_slave_0 added
[  117.945128][ T8722] team0: Port device team_slave_1 added
[  117.976077][ T8722] batman_adv: batadv0: Adding interface: batadv_slave_0
[  117.983015][ T8722] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.993645][   T29] audit: type=1400 audit(1720754515.621:1071): avc:  denied  { ioctl } for  pid=8766 comm="syz.2.1580" path="socket:[28305]" dev="sockfs" ino=28305 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  118.008984][ T8722] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  118.048622][   T28] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.065907][ T8722] batman_adv: batadv0: Adding interface: batadv_slave_1
[  118.072853][ T8722] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.098822][ T8722] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.116568][   T28] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.140380][ T8722] hsr_slave_0: entered promiscuous mode
[  118.146346][ T8722] hsr_slave_1: entered promiscuous mode
[  118.152251][ T8722] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  118.160803][ T8722] Cannot create hsr debugfs directory
[  118.179951][   T28] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.218385][ T8739] chnl_net:caif_netlink_parms(): no params data found
[  118.240135][   T28] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.292727][ T8722] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.308285][ T8739] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.315535][ T8739] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.322836][ T8739] bridge_slave_0: entered allmulticast mode
[  118.329193][ T8739] bridge_slave_0: entered promiscuous mode
[  118.335758][ T8739] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.342867][ T8739] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.350141][ T8739] bridge_slave_1: entered allmulticast mode
[  118.356889][ T8739] bridge_slave_1: entered promiscuous mode
[  118.367312][ T8722] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.413793][ T8739] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  118.444584][ T8722] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.446997][ T8794] loop4: detected capacity change from 0 to 512
[  118.464185][ T8794] EXT4-fs (loop4): Can't support bigalloc feature without extents feature
[  118.464185][ T8794] 
[  118.466050][ T8739] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  118.474872][ T8794] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[  118.499814][   T28] bridge_slave_1: left allmulticast mode
[  118.505514][   T28] bridge_slave_1: left promiscuous mode
[  118.511221][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.521654][   T28] bridge_slave_0: left allmulticast mode
[  118.527336][   T28] bridge_slave_0: left promiscuous mode
[  118.532976][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.645391][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.655612][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.665609][   T28] bond0 (unregistering): Released all slaves
[  118.680316][ T8722] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.734271][ T8739] team0: Port device team_slave_0 added
[  118.743346][ T8739] team0: Port device team_slave_1 added
[  118.780202][   T28] hsr_slave_0: left promiscuous mode
[  118.787308][   T28] hsr_slave_1: left promiscuous mode
[  118.794677][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.802104][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.810146][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.817639][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.826486][   T28] veth1_macvtap: left promiscuous mode
[  118.832063][   T28] veth0_macvtap: left promiscuous mode
[  118.837656][   T28] veth1_vlan: left promiscuous mode
[  118.843030][   T28] veth0_vlan: left promiscuous mode
[  118.937069][   T28] team0 (unregistering): Port device team_slave_1 removed
[  118.948504][   T28] team0 (unregistering): Port device team_slave_0 removed
[  118.961365][ T8845] loop2: detected capacity change from 0 to 128
[  118.969478][ T8845] ext4 filesystem being mounted at /25/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  119.002245][ T8739] batman_adv: batadv0: Adding interface: batadv_slave_0
[  119.009532][ T8739] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.035503][ T8739] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  119.053642][ T8739] batman_adv: batadv0: Adding interface: batadv_slave_1
[  119.060585][ T8739] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.086624][ T8739] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  119.128361][ T8722] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  119.144508][ T8722] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  119.156045][ T8739] hsr_slave_0: entered promiscuous mode
[  119.162114][ T8739] hsr_slave_1: entered promiscuous mode
[  119.168514][ T8739] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  119.178338][ T8739] Cannot create hsr debugfs directory
[  119.196188][ T8722] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  119.214663][ T8722] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  119.265260][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  119.345792][ T8722] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.365060][ T8722] 8021q: adding VLAN 0 to HW filter on device team0
[  119.391315][ T8885] No such timeout policy "syz0"
[  119.411677][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.418757][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.432821][ T8887] No such timeout policy "syz0"
[  119.443618][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.450840][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.463037][ T8892] loop2: detected capacity change from 0 to 512
[  119.476592][ T8892] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.491616][ T8822] chnl_net:caif_netlink_parms(): no params data found
[  119.511245][ T8722] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  119.521630][ T8722] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  119.545147][   T28] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.602250][ T8822] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.609411][ T8822] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.617982][ T8822] bridge_slave_0: entered allmulticast mode
[  119.624550][ T8822] bridge_slave_0: entered promiscuous mode
[  119.635721][ T8822] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.642831][ T8822] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.663538][ T8822] bridge_slave_1: entered allmulticast mode
[  119.670055][ T8822] bridge_slave_1: entered promiscuous mode
[  119.693098][ T8822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  119.707076][ T8722] 8021q: adding VLAN 0 to HW filter on device batadv0
[  119.717007][ T8822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  119.769900][ T8822] team0: Port device team_slave_0 added
[  119.782709][ T8822] team0: Port device team_slave_1 added
[  119.817830][ T8822] batman_adv: batadv0: Adding interface: batadv_slave_0
[  119.824800][ T8822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.850701][ T8822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  119.863192][ T8822] batman_adv: batadv0: Adding interface: batadv_slave_1
[  119.870174][ T8822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.896182][ T8822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  119.910085][   T28] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.930339][ T8739] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  119.939985][ T8739] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  119.959276][ T8739] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  119.969028][ T8739] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  119.981665][   T28] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.996426][ T8722] veth0_vlan: entered promiscuous mode
[  120.027980][   T28] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.067892][ T8822] hsr_slave_0: entered promiscuous mode
[  120.074379][ T8822] hsr_slave_1: entered promiscuous mode
[  120.081398][ T8822] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  120.088997][ T8822] Cannot create hsr debugfs directory
[  120.104426][ T8722] veth1_vlan: entered promiscuous mode
[  120.157446][ T8722] veth0_macvtap: entered promiscuous mode
[  120.169461][   T28] bridge_slave_1: left allmulticast mode
[  120.175150][   T28] bridge_slave_1: left promiscuous mode
[  120.180832][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.189555][   T28] bridge_slave_0: left allmulticast mode
[  120.195317][   T28] bridge_slave_0: left promiscuous mode
[  120.201035][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.285768][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  120.295792][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  120.305796][   T28] bond0 (unregistering): Released all slaves
[  120.324639][ T8722] veth1_macvtap: entered promiscuous mode
[  120.367230][ T8739] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.375879][ T8722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.386357][ T8722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.396217][ T8722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.406648][ T8722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.416510][ T8722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.426942][ T8722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.436737][ T8722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  120.447253][ T8722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.459086][ T8722] batman_adv: batadv0: Interface activated: batadv_slave_0
[  120.468064][   T28] hsr_slave_0: left promiscuous mode
[  120.474959][   T28] hsr_slave_1: left promiscuous mode
[  120.480912][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  120.488345][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.490554][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  120.490564][   T29] audit: type=1400 audit(1720754518.131:1073): avc:  denied  { write } for  pid=8923 comm="syz.2.1624" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  120.526739][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  120.534165][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.544082][   T28] veth1_macvtap: left promiscuous mode
[  120.549577][   T28] veth0_macvtap: left promiscuous mode
[  120.555151][   T28] veth1_vlan: left promiscuous mode
[  120.560397][   T28] veth0_vlan: left promiscuous mode
[  120.614404][ T8927] loop2: detected capacity change from 0 to 512
[  120.648770][   T28] team0 (unregistering): Port device team_slave_1 removed
[  120.658733][   T28] team0 (unregistering): Port device team_slave_0 removed
[  120.693518][ T8722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.704018][ T8722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.713941][ T8722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.724397][ T8722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.734249][ T8722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  120.744711][ T8722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  120.755810][ T8722] batman_adv: batadv0: Interface activated: batadv_slave_1
[  120.767693][ T8739] 8021q: adding VLAN 0 to HW filter on device team0
[  120.803218][ T5140] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.810302][ T5140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.818088][ T8929] loop4: detected capacity change from 0 to 2048
[  120.820239][ T5140] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.831484][ T5140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.838848][ T8929] EXT4-fs (loop4): blocks per group (768) and clusters per group (16384) inconsistent
[  120.851170][ T8722] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.859944][ T8722] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.868662][ T8722] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.877364][ T8722] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.969466][ T8739] 8021q: adding VLAN 0 to HW filter on device batadv0
[  120.999527][ T8822] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  121.013051][ T8943] loop4: detected capacity change from 0 to 1024
[  121.026713][ T8822] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  121.037740][ T8938] loop3: detected capacity change from 0 to 512
[  121.041349][ T8822] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  121.062391][ T8822] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  121.079867][ T8953] loop4: detected capacity change from 0 to 512
[  121.098823][ T8938] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  121.107923][ T8953] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.1630: attempt to clear invalid blocks 1 len 1
[  121.134887][ T8938] System zones: 0-2, 18-18, 34-34
[  121.140728][ T8938] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1571: bg 0: block 248: padding at end of block bitmap is not set
[  121.160183][ T8964] loop2: detected capacity change from 0 to 4096
[  121.173463][ T8822] 8021q: adding VLAN 0 to HW filter on device bond0
[  121.180450][ T8938] Quota error (device loop3): write_blk: dquota write failed
[  121.181628][ T8953] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1630: bg 0: block 343: padding at end of block bitmap is not set
[  121.187855][ T8938] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  121.188055][ T8938] EXT4-fs error (device loop3): ext4_acquire_dquot:6860: comm syz.3.1571: Failed to acquire dquot type 1
[  121.212287][ T8953] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  121.237917][ T8953] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1630: invalid indirect mapped block 1819239214 (level 0)
[  121.238026][ T8938] EXT4-fs (loop3): 1 truncate cleaned up
[  121.260145][ T8953] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1630: invalid indirect mapped block 1819239214 (level 1)
[  121.265170][ T8739] veth0_vlan: entered promiscuous mode
[  121.280047][ T8938] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.286480][ T8953] EXT4-fs (loop4): 1 truncate cleaned up
[  121.297763][ T8822] 8021q: adding VLAN 0 to HW filter on device team0
[  121.311588][ T8739] veth1_vlan: entered promiscuous mode
[  121.324926][ T3155] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.331968][ T3155] bridge0: port 1(bridge_slave_0) entered forwarding state
[  121.347900][ T3155] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.355012][ T3155] bridge0: port 2(bridge_slave_1) entered forwarding state
[  121.367120][ T8739] veth0_macvtap: entered promiscuous mode
[  121.378784][ T8739] veth1_macvtap: entered promiscuous mode
[  121.411074][ T8822] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  121.421583][ T8822] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  121.429552][ T8977] loop3: detected capacity change from 0 to 2048
[  121.447010][ T8977] EXT4-fs (loop3): blocks per group (768) and clusters per group (16384) inconsistent
[  121.457746][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.468333][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.478294][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.488880][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.498819][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.503607][   T29] audit: type=1400 audit(1720754519.121:1074): avc:  denied  { read } for  pid=8971 comm="syz.2.1635" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  121.509220][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.532132][   T29] audit: type=1400 audit(1720754519.121:1075): avc:  denied  { open } for  pid=8971 comm="syz.2.1635" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  121.541949][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.541965][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.591606][ T8739] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.633124][ T8822] 8021q: adding VLAN 0 to HW filter on device batadv0
[  121.647830][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.658265][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.668080][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.678539][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.688356][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.698777][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.708626][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.719124][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.731659][ T8739] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.740213][ T8739] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.749025][ T8739] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.757759][ T8739] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.766476][ T8739] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.810818][ T8987] loop3: detected capacity change from 0 to 2048
[  121.846784][ T8987] EXT4-fs (loop3): blocks per group (768) and clusters per group (16384) inconsistent
[  121.934867][ T8995] __nla_validate_parse: 5 callbacks suppressed
[  121.934880][ T8995] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1572'.
[  121.990347][ T8822] veth0_vlan: entered promiscuous mode
[  122.000034][ T9003] loop3: detected capacity change from 0 to 512
[  122.012166][ T8822] veth1_vlan: entered promiscuous mode
[  122.021748][ T9003] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1643: bg 0: block 35: padding at end of block bitmap is not set
[  122.041783][ T8822] veth0_macvtap: entered promiscuous mode
[  122.048613][ T9003] EXT4-fs (loop3): Remounting filesystem read-only
[  122.061785][ T8822] veth1_macvtap: entered promiscuous mode
[  122.067559][ T9003] EXT4-fs (loop3): 1 truncate cleaned up
[  122.076120][ T9003] SELinux: (dev loop3, type ext4) getxattr errno 5
[  122.077811][ T8822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.093058][ T8822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.102858][ T8822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.113342][ T8822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.123200][ T8822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.133677][ T8822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.143557][ T8822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.153970][ T8822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.163792][ T8822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.174243][ T8822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.186995][ T8822] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.198499][ T8822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.208973][ T8822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.218845][ T8822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.229297][ T8822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.239162][ T8822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.249697][ T8822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.259527][ T8822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.270107][ T8822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.280006][ T8822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.290568][ T8822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.303179][ T8822] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.314855][ T8822] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.320514][ T9016] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1649'.
[  122.323573][ T8822] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.341222][ T8822] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.350017][ T8822] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.361436][ T9003] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1643'.
[  122.383486][ T9016] veth0_vlan: entered allmulticast mode
[  122.420820][ T9026] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1651'.
[  122.476436][ T9029] loop2: detected capacity change from 0 to 256
[  122.512501][ T9039] loop1: detected capacity change from 0 to 512
[  122.542071][ T9039] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.555040][ T9039] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  122.565461][ T9039] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 64512
[  122.575246][ T9039] EXT4-fs error (device loop1): ext4_acquire_dquot:6860: comm syz.1.1603: Failed to acquire dquot type 0
[  122.666595][ T9053] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1658'.
[  122.675614][ T9053] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1658'.
[  122.707002][ T9052] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1658'.
[  122.716022][ T9052] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1658'.
[  122.907681][ T9071] loop1: detected capacity change from 0 to 512
[  122.938496][ T9071] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  122.968181][ T9071] EXT4-fs (loop1): orphan cleanup on readonly fs
[  122.976859][ T9071] EXT4-fs warning (device loop1): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  122.993178][ T9071] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  122.996729][ T9087] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1670'.
[  123.010498][ T9071] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1663: bg 0: block 40: padding at end of block bitmap is not set
[  123.026331][ T9071] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  123.035466][ T9071] EXT4-fs (loop1): 1 truncate cleaned up
[  123.042150][ T9071] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #16: comm syz.1.1663: corrupted xattr block 31: invalid header
[  123.056273][ T9071] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  123.066750][ T9071] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #16: comm syz.1.1663: corrupted xattr block 31: invalid header
[  123.080757][ T9071] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  123.090137][ T9071] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.1663: bad symlink.
[  123.090905][ T9091] loop2: detected capacity change from 0 to 256
[  123.100445][   T29] audit: type=1400 audit(1720754520.731:1076): avc:  denied  { read } for  pid=9070 comm="syz.1.1663" name="file2" dev="loop1" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  123.157266][   T29] audit: type=1400 audit(1720754520.801:1077): avc:  denied  { mount } for  pid=9104 comm="syz.3.1675" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  123.181428][ T9105] loop3: detected capacity change from 0 to 1024
[  123.188437][ T9105] cgroup2: Unknown parameter 'journal_path'
[  123.195749][   T29] audit: type=1400 audit(1720754520.831:1078): avc:  denied  { remount } for  pid=9104 comm="syz.3.1675" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  123.269117][ T9115] loop0: detected capacity change from 0 to 512
[  123.316598][ T9115] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.329636][ T9105] loop3: detected capacity change from 0 to 8192
[  123.344832][ T9123] netlink: 380 bytes leftover after parsing attributes in process `syz.4.1681'.
[  123.363509][ T9115] loop0: detected capacity change from 512 to 64
[  123.372422][ T9115] EXT4-fs warning (device loop0): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 18
[  123.386904][ T9127] loop4: detected capacity change from 0 to 512
[  123.395987][ T9105]  loop3: p1 p2[DM] p4
[  123.400065][ T9105] loop3: p1 size 196608 extends beyond EOD, truncated
[  123.409096][ T9105] loop3: p2 size 150994946 extends beyond EOD, truncated
[  123.428660][ T9105] loop3: p4 size 50331648 extends beyond EOD, truncated
[  123.438013][ T9105] SELinux:  Context system_u:object_r:policy_config_t:s0 is not valid (left unmapped).
[  123.449406][ T9127] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.1683: attempt to clear invalid blocks 1 len 1
[  123.462894][ T9127] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1683: bg 0: block 343: padding at end of block bitmap is not set
[  123.478076][ T9127] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  123.490089][ T9127] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1683: invalid indirect mapped block 1819239214 (level 0)
[  123.526388][ T9132] loop3: detected capacity change from 0 to 164
[  123.536805][ T9132] rock: directory entry would overflow storage
[  123.543017][ T9132] rock: sig=0x4f50, size=4, remaining=3
[  123.548630][ T9132] iso9660: Corrupted directory entry in block 4 of inode 1792
[  123.577057][ T9133] loop1: detected capacity change from 0 to 2048
[  123.603208][ T8739] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5731: Out of memory
[  123.625699][ T9133] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.639082][ T9133] EXT4-fs (loop1): shut down requested (2)
[  123.650350][ T9127] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1683: invalid indirect mapped block 1819239214 (level 1)
[  123.665985][ T9127] EXT4-fs (loop4): 1 truncate cleaned up
[  123.693364][ T8739] EXT4-fs error (device loop0): ext4_dirty_inode:5935: inode #2: comm syz-executor: mark_inode_dirty error
[  123.789374][ T9143] loop3: detected capacity change from 0 to 512
[  123.797084][ T9143] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2234: inode #15: comm syz.3.1690: corrupted in-inode xattr: e_value size too large
[  123.811298][ T9143] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.1690: couldn't read orphan inode 15 (err -117)
[  123.935911][ T9164] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  123.935911][ T9164]    program syz.3.1696 not setting count and/or reply_len properly
[  124.228648][ T9180] loop3: detected capacity change from 0 to 2048
[  124.282179][ T9191] loop1: detected capacity change from 0 to 1024
[  124.308233][ T9196] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  124.310618][ T9196] loop3: detected capacity change from 0 to 512
[  124.415420][ T9196] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.428042][ T9196] EXT4-fs error (device loop3): ext4_do_update_inode:5075: inode #2: comm syz.3.1706: corrupted inode contents
[  124.440813][ T9196] EXT4-fs error (device loop3): ext4_dirty_inode:5935: inode #2: comm syz.3.1706: mark_inode_dirty error
[  124.453072][ T9196] EXT4-fs error (device loop3): ext4_do_update_inode:5075: inode #2: comm syz.3.1706: corrupted inode contents
[  124.466467][ T9196] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.1706: mark_inode_dirty error
[  124.600531][ T9210] gretap0: entered promiscuous mode
[  124.612110][ T9210] 0ªX¹¦D: renamed from gretap0
[  124.618195][ T9210] 0ªX¹¦D: left promiscuous mode
[  124.623089][ T9210] 0ªX¹¦D: entered allmulticast mode
[  124.629888][ T9210] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  124.884978][ T9226] loop4: detected capacity change from 0 to 2048
[  124.918705][ T9225] loop3: detected capacity change from 0 to 512
[  124.932213][ T9220] Invalid ELF header magic: != ELF
[  124.968282][ T9226] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.980937][ T9226] EXT4-fs (loop4): shut down requested (2)
[  124.990644][ T9225] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[  125.030345][ T9230] loop2: detected capacity change from 0 to 2048
[  125.048521][ T9230] EXT4-fs: Ignoring removed bh option
[  125.054011][ T9230] EXT4-fs: Ignoring removed nomblk_io_submit option
[  125.061738][ T9230] EXT4-fs: quotafile must be on filesystem root
[  125.198495][ T9239] loop2: detected capacity change from 0 to 512
[  125.215180][ T9239] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  125.223256][ T9239] System zones: 0-2, 18-18, 34-34
[  125.229011][ T9239] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1717: bg 0: block 248: padding at end of block bitmap is not set
[  125.243498][ T9239] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz.2.1717: Failed to acquire dquot type 1
[  125.255809][ T9239] EXT4-fs (loop2): 1 truncate cleaned up
[  125.261875][ T9239] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.265157][ T9245] netlink: 'syz.3.1719': attribute type 7 has an invalid length.
[  125.280003][ T9245] netlink: 'syz.3.1719': attribute type 39 has an invalid length.
[  125.297999][ T9245] bridge1: port 1(gretap1) entered blocking state
[  125.304591][ T9245] bridge1: port 1(gretap1) entered disabled state
[  125.311305][ T9245] gretap1: entered allmulticast mode
[  125.317093][ T9245] gretap1: entered promiscuous mode
[  125.549483][ T8358] EXT4-fs unmount: 43 callbacks suppressed
[  125.549498][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.662054][ T9277] loop4: detected capacity change from 0 to 764
[  125.795163][ T9280] loop4: detected capacity change from 0 to 512
[  125.816733][ T9280] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  125.824940][ T9280] System zones: 0-2, 18-18, 34-34
[  125.831257][ T9280] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1731: bg 0: block 248: padding at end of block bitmap is not set
[  125.847298][ T9280] __quota_error: 18 callbacks suppressed
[  125.847311][ T9280] Quota error (device loop4): write_blk: dquota write failed
[  125.860456][ T9280] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  125.871893][ T9280] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz.4.1731: Failed to acquire dquot type 1
[  125.883953][ T9280] EXT4-fs (loop4): 1 truncate cleaned up
[  125.890486][ T9280] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.904697][ T9280] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.958751][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.304469][ T9297] loop2: detected capacity change from 0 to 512
[  126.348238][ T9297] loop2: detected capacity change from 0 to 256
[  126.429575][   T29] audit: type=1400 audit(1720754524.071:1095): avc:  denied  { read } for  pid=9305 comm="syz.1.1738" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  126.498836][   T29] audit: type=1400 audit(1720754524.141:1096): avc:  denied  { mount } for  pid=9307 comm="syz.2.1739" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  126.720179][   T29] audit: type=1400 audit(1720754524.361:1097): avc:  denied  { nlmsg_read } for  pid=9294 comm="syz.3.1736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  126.899497][ T9317] loop4: detected capacity change from 0 to 512
[  126.915242][ T9317] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  126.923654][ T9317] System zones: 0-2, 18-18, 34-34
[  126.930897][ T9317] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1742: bg 0: block 248: padding at end of block bitmap is not set
[  126.947244][ T9317] Quota error (device loop4): write_blk: dquota write failed
[  126.954748][ T9317] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  126.964727][ T9317] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz.4.1742: Failed to acquire dquot type 1
[  126.965009][ T9325] syz.3.1745[9325] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.977382][ T9325] syz.3.1745[9325] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  126.988345][ T9317] EXT4-fs (loop4): 1 truncate cleaned up
[  126.988455][ T9325] 9pnet_fd: Insufficient options for proto=fd
[  127.001088][ T9317] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.025110][ T9317] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.059960][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.162775][ T9343] __nla_validate_parse: 9 callbacks suppressed
[  127.162789][ T9343] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1749'.
[  127.183288][ T9343] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  127.194257][ T9343] gretap1: entered promiscuous mode
[  127.199464][ T9343] gretap1: entered allmulticast mode
[  127.220431][ T9352] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1752'.
[  127.254696][ T8739] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.266709][   T28] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.296089][   T29] audit: type=1400 audit(1720754524.941:1098): avc:  denied  { unmount } for  pid=8515 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  127.337536][   T28] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.438072][   T28] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.476026][ T9377] loop3: detected capacity change from 0 to 2048
[  127.494747][ T9381] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1764'.
[  127.504393][ T9377] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.527631][   T28] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.550556][ T8722] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.581906][   T29] audit: type=1400 audit(1720754525.221:1099): avc:  denied  { bind } for  pid=9395 comm="syz.1.1769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  127.601142][   T29] audit: type=1400 audit(1720754525.221:1100): avc:  denied  { listen } for  pid=9395 comm="syz.1.1769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  127.631586][   T28] bridge_slave_1: left allmulticast mode
[  127.637261][   T28] bridge_slave_1: left promiscuous mode
[  127.642934][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.653674][   T28] bridge_slave_0: left allmulticast mode
[  127.659313][   T28] bridge_slave_0: left promiscuous mode
[  127.665090][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.689230][ T9403] loop3: detected capacity change from 0 to 2048
[  127.696212][ T9403] EXT4-fs (loop3): invalid inodes per group: 63264
[  127.696212][ T9403] 
[  127.718395][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.725924][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.733453][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.740885][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.748271][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.755750][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.763142][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.770604][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.778000][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x1
[  127.785461][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.792812][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.800236][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.808016][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.815633][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.822986][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.830404][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.837842][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.845355][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.852752][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.860137][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.867547][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.874909][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.882258][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.889751][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.897173][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.904562][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.911965][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.919326][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.926703][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.934078][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.941440][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.948895][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.956262][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.963830][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.971192][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.978638][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.986045][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  127.993492][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  128.000863][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  128.008242][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  128.015620][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  128.023037][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  128.030472][    T9] hid-generic 0000:0000:0035.0001: unknown main item tag 0x0
[  128.039463][    T9] hid-generic 0000:0000:0035.0001: hidraw0: <UNKNOWN> HID v7.f0 Device [syz0] on syz0
[  128.066541][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  128.077001][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  128.087383][   T28] bond0 (unregistering): Released all slaves
[  128.218369][ T9373] chnl_net:caif_netlink_parms(): no params data found
[  128.257324][   T28] hsr_slave_0: left promiscuous mode
[  128.279913][   T28] hsr_slave_1: left promiscuous mode
[  128.286495][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  128.293940][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  128.302813][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.310263][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  128.338650][ T9448] loop1: detected capacity change from 0 to 2048
[  128.350302][ T9450] loop4: detected capacity change from 0 to 128
[  128.371357][   T28] veth1_macvtap: left promiscuous mode
[  128.376843][   T28] veth0_macvtap: left promiscuous mode
[  128.382396][   T28] veth1_vlan: left promiscuous mode
[  128.387710][   T28] veth0_vlan: left promiscuous mode
[  128.403880][ T9448] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.415994][ T9448] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.428539][ T9448] EXT4-fs (loop1): shut down requested (2)
[  128.435095][ T9448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1778'.
[  128.581699][ T9470] loop4: detected capacity change from 0 to 1024
[  128.588297][ T9470] EXT4-fs: Ignoring removed bh option
[  128.595101][ T9470] EXT4-fs: Ignoring removed nomblk_io_submit option
[  128.602110][   T28] team0 (unregistering): Port device team_slave_1 removed
[  128.612274][   T28] team0 (unregistering): Port device team_slave_0 removed
[  128.615064][ T9470] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.642037][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.658375][ T9453] tun0: tun_chr_ioctl cmd 1074025677
[  128.663855][ T9453] tun0: linktype set to 0
[  128.672826][ T9373] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.680037][ T9373] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.688590][ T9373] bridge_slave_0: entered allmulticast mode
[  128.694902][ T9373] bridge_slave_0: entered promiscuous mode
[  128.701619][ T9373] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.708746][ T9373] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.715887][ T9373] bridge_slave_1: entered allmulticast mode
[  128.722346][ T9373] bridge_slave_1: entered promiscuous mode
[  128.739213][ T9373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.749452][ T9373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.766852][ T9373] team0: Port device team_slave_0 added
[  128.773120][ T9373] team0: Port device team_slave_1 added
[  128.787878][ T9373] batman_adv: batadv0: Adding interface: batadv_slave_0
[  128.794901][ T9373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.820772][ T9373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  128.831739][ T9373] batman_adv: batadv0: Adding interface: batadv_slave_1
[  128.838683][ T9373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  128.864637][ T9373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  128.888787][ T9373] hsr_slave_0: entered promiscuous mode
[  128.895129][ T9373] hsr_slave_1: entered promiscuous mode
[  128.901249][ T9373] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  128.908855][ T9373] Cannot create hsr debugfs directory
[  128.995628][ T8822] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.060636][ T9482] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1794'.
[  129.088323][ T9486] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  129.128167][ T9490] loop4: detected capacity change from 0 to 2048
[  129.145664][ T9373] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  129.157387][ T9373] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  129.169241][ T9373] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  129.180594][ T9373] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  129.187682][ T9490]  loop4: p2 < >
[  129.200864][ T9373] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.207944][ T9373] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.249921][ T9373] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.304114][ T5154] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.315143][ T9508] loop2: detected capacity change from 0 to 164
[  129.317254][ T9495] program syz.1.1800 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  129.336146][ T9373] 8021q: adding VLAN 0 to HW filter on device team0
[  129.371208][ T5154] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.378336][ T5154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.421538][ T5154] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.428716][ T5154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.448169][ T9524] sch_tbf: burst 65535 is lower than device lo mtu (65550) !
[  129.458852][ T9528] loop1: detected capacity change from 0 to 512
[  129.475582][ T9528] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.493147][ T9528] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.506644][ T9528] FAULT_INJECTION: forcing a failure.
[  129.506644][ T9528] name failslab, interval 1, probability 0, space 0, times 0
[  129.519351][ T9528] CPU: 1 PID: 9528 Comm: syz.1.1809 Not tainted 6.10.0-rc7-syzkaller-00139-g8a18fda0febb #0
[  129.529402][ T9528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  129.539502][ T9528] Call Trace:
[  129.542784][ T9528]  <TASK>
[  129.545697][ T9528]  dump_stack_lvl+0xf2/0x150
[  129.550289][ T9528]  dump_stack+0x15/0x20
[  129.554514][ T9528]  should_fail_ex+0x229/0x230
[  129.559169][ T9528]  ? __es_insert_extent+0x575/0xf60
[  129.564409][ T9528]  __should_failslab+0x92/0xa0
[  129.569189][ T9528]  should_failslab+0x9/0x20
[  129.573744][ T9528]  kmem_cache_alloc_noprof+0x4c/0x290
[  129.579114][ T9528]  __es_insert_extent+0x575/0xf60
[  129.584137][ T9528]  ext4_es_insert_extent+0x3e5/0x1c10
[  129.589500][ T9528]  ? ext4_es_is_delayed+0x16/0x30
[  129.594618][ T9528]  ext4_ext_map_blocks+0x1641/0x33b0
[  129.599895][ T9528]  ? avc_has_perm+0xd4/0x160
[  129.604480][ T9528]  ? selinux_file_open+0x34c/0x3b0
[  129.609643][ T9528]  ext4_map_blocks+0x2b1/0xf50
[  129.614409][ T9528]  ? path_openat+0x1a6f/0x1fa0
[  129.619169][ T9528]  ext4_iomap_begin_report+0x1d9/0x290
[  129.624615][ T9528]  iomap_iter+0x3cc/0x800
[  129.628992][ T9528]  ? __pfx_ext4_iomap_begin_report+0x10/0x10
[  129.634966][ T9528]  iomap_seek_data+0xa7/0x230
[  129.639738][ T9528]  ext4_llseek+0x113/0x190
[  129.644139][ T9528]  ext4_dir_llseek+0x1fc/0x2e0
[  129.648891][ T9528]  __x64_sys_lseek+0xed/0x150
[  129.653557][ T9528]  x64_sys_call+0x29f7/0x2d70
[  129.658298][ T9528]  do_syscall_64+0xc9/0x1c0
[  129.662802][ T9528]  ? clear_bhb_loop+0x55/0xb0
[  129.667471][ T9528]  ? clear_bhb_loop+0x55/0xb0
[  129.672136][ T9528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.678099][ T9528] RIP: 0033:0x7fa647fb4bd9
[  129.682539][ T9528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.702141][ T9528] RSP: 002b:00007fa647236048 EFLAGS: 00000246 ORIG_RAX: 0000000000000008
[  129.710540][ T9528] RAX: ffffffffffffffda RBX: 00007fa648142f60 RCX: 00007fa647fb4bd9
[  129.718580][ T9528] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000004
[  129.726556][ T9528] RBP: 00007fa6472360a0 R08: 0000000000000000 R09: 0000000000000000
[  129.734515][ T9528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.742586][ T9528] R13: 000000000000000b R14: 00007fa648142f60 R15: 00007ffc581e3b48
[  129.750544][ T9528]  </TASK>
[  129.753587][ T9528] EXT4-fs error (device loop1): ext4_map_blocks:580: inode #2: block 3: comm syz.1.1809: lblock 8 mapped to illegal pblock 3 (length 26)
[  129.772335][ T9528] EXT4-fs (loop1): Remounting filesystem read-only
[  129.786157][ T9373] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.798012][ T8822] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.851010][ T9373] veth0_vlan: entered promiscuous mode
[  129.859055][ T9373] veth1_vlan: entered promiscuous mode
[  129.873897][ T9373] veth0_macvtap: entered promiscuous mode
[  129.880994][ T9373] veth1_macvtap: entered promiscuous mode
[  129.891375][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.901919][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.911791][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.922194][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.932034][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.942540][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.952394][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.962816][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.962829][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  129.962843][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.994725][ T9373] batman_adv: batadv0: Interface activated: batadv_slave_0
[  130.002882][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.013411][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.023206][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.033647][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.043457][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.053876][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.063670][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.074132][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.084044][ T9373] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.094467][ T9373] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.104930][ T9373] batman_adv: batadv0: Interface activated: batadv_slave_1
[  130.116934][ T9373] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.125769][ T9373] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  130.134614][ T9373] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  130.139502][ T9551] loop1: detected capacity change from 0 to 512
[  130.143330][ T9373] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  130.173089][ T9553] loop4: detected capacity change from 0 to 512
[  130.181406][ T9553] EXT4-fs error (device loop4): ext4_orphan_get:1420: comm syz.4.1813: bad orphan inode 17
[  130.189168][ T9551] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.192349][ T9553] ext4_test_bit(bit=16, block=4) = 1
[  130.209201][ T9553] is_bad_inode(inode)=0
[  130.213183][ T9551] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.213343][ T9553] NEXT_ORPHAN(inode)=0
[  130.213350][ T9553] max_ino=32
[  130.227764][ T9551] EXT4-fs error (device loop1): ext4_map_blocks:580: inode #2: block 3: comm syz.1.1812: lblock 8 mapped to illegal pblock 3 (length 26)
[  130.230952][ T9553] i_nlink=1
[  130.253342][ T9553] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.265813][ T9551] EXT4-fs (loop1): Remounting filesystem read-only
[  130.278608][ T8822] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.382884][ T9590] loop7: detected capacity change from 0 to 16384
[  130.415880][ T9587] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1813: bg 0: block 7: invalid block bitmap
[  130.433144][ T9574] program syz.3.1814 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  130.485663][ T9609] loop1: detected capacity change from 0 to 512
[  130.502830][ T9609] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal
[  130.506948][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.538734][ T9612] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2131 sclass=netlink_route_socket pid=9612 comm=syz.3.1824
[  130.578238][ T9614] loop3: detected capacity change from 0 to 1024
[  130.585214][ T9614] EXT4-fs: Ignoring removed orlov option
[  130.590879][ T9614] EXT4-fs: Ignoring removed nomblk_io_submit option
[  130.605880][ T9614] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.625339][ T9620] loop4: detected capacity change from 0 to 2048
[  130.639730][ T8722] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.704683][ T9626] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1829'.
[  130.717422][ T9626] veth1_macvtap: left promiscuous mode
[  130.746724][ T9629] loop3: detected capacity change from 0 to 512
[  130.765156][ T9629] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.778159][ T9629] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.800339][ T9629] No such timeout policy "syz0"
[  130.801944][ T9639] loop4: detected capacity change from 0 to 2048
[  130.815457][ T8722] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.815675][ T9639] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.853230][   T11] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  130.868084][   T11] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  130.880343][   T11] EXT4-fs (loop4): This should not happen!! Data will be lost
[  130.880343][   T11] 
[  130.889987][   T11] EXT4-fs (loop4): Total free blocks count 0
[  130.896025][   T11] EXT4-fs (loop4): Free/Dirty block details
[  130.901903][   T11] EXT4-fs (loop4): free_blocks=2415919104
[  130.907650][   T11] EXT4-fs (loop4): dirty_blocks=16
[  130.912749][   T11] EXT4-fs (loop4): Block reservation details
[  130.918730][   T11] EXT4-fs (loop4): i_reserved_data_blocks=1
[  130.927889][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.981300][ T9654] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  131.102853][ T9668] loop4: detected capacity change from 0 to 128
[  131.116622][   T29] kauditd_printk_skb: 124 callbacks suppressed
[  131.116670][   T29] audit: type=1400 audit(1720754528.761:1225): avc:  denied  { write } for  pid=9667 comm="syz.4.1842" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  131.207848][ T9679] loop0: detected capacity change from 0 to 1024
[  131.224642][ T9679] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=2843c118, mo2=0002]
[  131.232802][ T9679] System zones: 0-1, 3-12
[  131.237694][ T9679] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.255607][ T9679] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  131.266084][ T9679] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  131.380722][ T9709] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1855'.
[  131.404872][ T9712] loop1: detected capacity change from 0 to 1024
[  131.412244][ T9712] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  131.423129][ T9712] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  131.431221][ T9712] EXT4-fs (loop1): orphan cleanup on readonly fs
[  131.438142][ T9712] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.1856: Invalid inode table block 0 in block_group 0
[  131.450980][ T9712] EXT4-fs (loop1): Remounting filesystem read-only
[  131.457574][ T9712] Quota error (device loop1): write_blk: dquota write failed
[  131.464948][ T9712] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  131.475331][ T9712] EXT4-fs (loop1): 1 truncate cleaned up
[  131.475471][ T9373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.490442][ T9712] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  131.502888][ T9712] SELinux: (dev loop1, type ext4) getxattr errno 5
[  131.509915][ T9712] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.553405][   T29] audit: type=1400 audit(1720754529.191:1226): avc:  denied  { accept } for  pid=9719 comm="syz.0.1858" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  131.576344][ T9725] loop1: detected capacity change from 0 to 2048
[  131.584056][ T9730] loop0: detected capacity change from 0 to 1024
[  131.628324][ T9730] loop0: detected capacity change from 0 to 256
[  131.678281][ T9730] loop0: detected capacity change from 0 to 512
[  131.687352][ T9730] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.1860: invalid block
[  131.699908][ T9730] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.1860: invalid indirect mapped block 4294967295 (level 1)
[  131.715031][ T9730] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.1860: invalid indirect mapped block 4294967295 (level 1)
[  131.729411][ T9730] EXT4-fs (loop0): 2 truncates cleaned up
[  131.736812][ T9730] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.757609][ T9373] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.788337][ T9744] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1867'.
[  131.832202][ T9756] tmpfs: Bad value for 'nr_inodes'
[  131.838574][   T29] audit: type=1400 audit(1720754529.481:1227): avc:  denied  { map } for  pid=9753 comm="syz.2.1870" path="socket:[33504]" dev="sockfs" ino=33504 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  131.838762][ T9755] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1870'.
[  131.872292][ T9758] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1872'.
[  131.874411][ T9756] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  131.890886][ T9756] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  131.899168][ T9762] loop1: detected capacity change from 0 to 128
[  131.939772][   T29] audit: type=1326 audit(1720754529.581:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.0.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1435f27bd9 code=0x7fc00000
[  131.963846][   T29] audit: type=1326 audit(1720754529.581:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.0.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1435f27bd9 code=0x7fc00000
[  131.987268][   T29] audit: type=1326 audit(1720754529.581:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9749 comm="syz.0.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1435f27bd9 code=0x7fc00000
[  132.027593][ T9773] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[  132.034956][ T5153] IPVS: starting estimator thread 0...
[  132.102499][   T29] audit: type=1326 audit(1720754529.741:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.2.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f66f6bd9 code=0x7ffc0000
[  132.123609][ T9774] IPVS: using max 2928 ests per chain, 146400 per kthread
[  132.125972][   T29] audit: type=1326 audit(1720754529.741:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9785 comm="syz.2.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6f66f6bd9 code=0x7ffc0000
[  132.241012][ T9800] loop2: detected capacity change from 0 to 512
[  132.249833][ T9800] ext2: Unknown parameter 'euid>00000000000000000000'
[  132.279357][ T9806] loop3: detected capacity change from 0 to 1024
[  132.294818][ T9806] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.315886][ T8722] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.346023][ T9815] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'.
[  132.355012][ T9815] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1894'.
[  132.394212][ T9823] loop3: detected capacity change from 0 to 512
[  132.404408][ T9821] loop2: detected capacity change from 0 to 2048
[  132.573014][ T9831] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1899'.
[  132.582142][ T9831] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1899'.
[  132.589140][ T9826] loop3: detected capacity change from 0 to 4096
[  132.599235][ T9826] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.608879][ T9834] loop2: detected capacity change from 0 to 1024
[  132.618733][ T9834] EXT4-fs: Ignoring removed bh option
[  132.634607][ T9834] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.653147][ T8515] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.019151][ T9843] loop0: detected capacity change from 0 to 512
[  133.026258][ T9843] ext2: Unknown parameter 'euid'
[  133.160791][ T9853] loop1: detected capacity change from 0 to 128
[  133.170134][ T9853] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.182506][ T9853] ext4 filesystem being mounted at /54/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  133.223874][ T8822] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  133.225807][ T9851] loop4: detected capacity change from 0 to 512
[  133.239827][ T9851] EXT4-fs: Ignoring removed mblk_io_submit option
[  133.248338][ T9851] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #15: comm syz.4.1906: casefold flag without casefold feature
[  133.261511][ T9851] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.1906: couldn't read orphan inode 15 (err -117)
[  133.275239][ T9851] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.289200][ T8722] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.292752][ T9860] loop1: detected capacity change from 0 to 128
[  133.315701][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.343347][ T9862] loop3: detected capacity change from 0 to 256
[  133.369479][ T9864] loop4: detected capacity change from 0 to 512
[  133.376325][ T9864] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 64)!
[  133.386542][ T9864] EXT4-fs (loop4): group descriptors corrupted!
[  133.436600][ T9864] loop4: detected capacity change from 0 to 2048
[  133.446439][ T9864] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  133.457358][ T9864] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  133.467959][ T9864] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002]
[  133.476123][ T9864] System zones: 0-19
[  133.480787][ T9864] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.504370][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.589932][ T9883] loop2: detected capacity change from 0 to 1024
[  133.596936][ T9883] EXT4-fs: Ignoring removed nomblk_io_submit option
[  133.599342][ T9884] loop1: detected capacity change from 0 to 2048
[  133.605355][ T9883] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  133.631343][ T9883] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.646800][ T9884] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.664607][ T9896] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1919'.
[  133.693795][ T9883] loop2: detected capacity change from 1024 to 0
[  133.695422][ T9904] loop3: detected capacity change from 0 to 512
[  133.702688][ T9883] syz.2.1915: attempt to access beyond end of device
[  133.702688][ T9883] loop2: rw=12288, sector=6, nr_sectors = 2 limit=0
[  133.721395][ T9883] EXT4-fs error (device loop2): ext4_wait_block_bitmap:584: comm syz.2.1915: Cannot read block bitmap - block_group = 0, block_bitmap = 3
[  133.738513][ T9904] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.739519][ T9883] syz.2.1915: attempt to access beyond end of device
[  133.739519][ T9883] loop2: rw=145409, sector=2, nr_sectors = 2 limit=0
[  133.751259][ T9904] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.764226][ T9883] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[  133.766312][ T9883] EXT4-fs (loop2): I/O error while writing superblock
[  133.783798][ T9912] syz.2.1915: attempt to access beyond end of device
[  133.783798][ T9912] loop2: rw=12288, sector=32, nr_sectors = 2 limit=0
[  133.789723][ T9883] EXT4-fs (loop2): Remounting filesystem read-only
[  133.827381][ T8515] syz-executor: attempt to access beyond end of device
[  133.827381][ T8515] loop2: rw=12288, sector=32, nr_sectors = 2 limit=0
[  133.831849][ T9915] loop4: detected capacity change from 0 to 512
[  133.847954][ T9915] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  133.857004][ T9915] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  133.866197][ T8515] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.868098][ T8722] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.884195][ T9888] kmmpd-loop2: attempt to access beyond end of device
[  133.884195][ T9888] loop2: rw=14337, sector=128, nr_sectors = 2 limit=0
[  133.884265][ T9888] Buffer I/O error on dev loop2, logical block 64, lost sync page write
[  133.895347][ T9915] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  133.915297][ T9915] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  133.923362][ T9915] System zones: 0-2, 18-18, 34-34
[  133.928899][ T9915] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  133.944304][ T9915] EXT4-fs (loop4): 1 truncate cleaned up
[  133.950244][ T9915] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.973867][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.023313][ T9924] loop3: detected capacity change from 0 to 2048
[  134.037452][ T9924] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  134.091542][ T9931] loop4: detected capacity change from 0 to 512
[  134.104962][ T9931] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  134.111370][ T9938] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1932'.
[  134.130520][ T9931] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.158950][ T9931] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.169192][ T9952] FAULT_INJECTION: forcing a failure.
[  134.169192][ T9952] name failslab, interval 1, probability 0, space 0, times 0
[  134.177637][ T9918] chnl_net:caif_netlink_parms(): no params data found
[  134.182091][ T9952] CPU: 0 PID: 9952 Comm: syz.0.1937 Not tainted 6.10.0-rc7-syzkaller-00139-g8a18fda0febb #0
[  134.198874][ T9952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  134.208968][ T9952] Call Trace:
[  134.212267][ T9952]  <TASK>
[  134.215210][ T9952]  dump_stack_lvl+0xf2/0x150
[  134.219839][ T9952]  dump_stack+0x15/0x20
[  134.224091][ T9952]  should_fail_ex+0x229/0x230
[  134.228804][ T9952]  ? nft_trans_table_add+0x35/0x140
[  134.233995][ T9952]  __should_failslab+0x92/0xa0
[  134.238839][ T9952]  should_failslab+0x9/0x20
[  134.243407][ T9952]  kmalloc_trace_noprof+0x4b/0x2a0
[  134.248529][ T9952]  nft_trans_table_add+0x35/0x140
[  134.253543][ T9952]  nf_tables_newtable+0x985/0xec0
[  134.258555][ T9952]  nfnetlink_rcv+0xb1d/0x15b0
[  134.263334][ T9952]  netlink_unicast+0x58d/0x660
[  134.268124][ T9952]  netlink_sendmsg+0x5ca/0x6e0
[  134.272873][ T9952]  ? __pfx_netlink_sendmsg+0x10/0x10
[  134.278142][ T9952]  __sock_sendmsg+0x140/0x180
[  134.282845][ T9952]  ____sys_sendmsg+0x312/0x410
[  134.287600][ T9952]  __sys_sendmsg+0x1e9/0x280
[  134.292185][ T9952]  __x64_sys_sendmsg+0x46/0x50
[  134.296962][ T9952]  x64_sys_call+0xb25/0x2d70
[  134.301586][ T9952]  do_syscall_64+0xc9/0x1c0
[  134.306143][ T9952]  ? clear_bhb_loop+0x55/0xb0
[  134.310817][ T9952]  ? clear_bhb_loop+0x55/0xb0
[  134.315485][ T9952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.321478][ T9952] RIP: 0033:0x7f1435f27bd9
[  134.325894][ T9952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.345536][ T9952] RSP: 002b:00007f14351a9048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  134.353984][ T9952] RAX: ffffffffffffffda RBX: 00007f14360b5f60 RCX: 00007f1435f27bd9
[  134.361967][ T9952] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  134.369920][ T9952] RBP: 00007f14351a90a0 R08: 0000000000000000 R09: 0000000000000000
[  134.377939][ T9952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  134.385894][ T9952] R13: 000000000000000b R14: 00007f14360b5f60 R15: 00007ffdfd697728
[  134.393864][ T9952]  </TASK>
[  134.417249][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.450240][ T9918] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.457323][ T9918] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.464534][ T9918] bridge_slave_0: entered allmulticast mode
[  134.470968][ T9918] bridge_slave_0: entered promiscuous mode
[  134.478933][ T9918] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.486046][ T9918] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.493263][ T9918] bridge_slave_1: entered allmulticast mode
[  134.499782][ T9918] bridge_slave_1: entered promiscuous mode
[  134.507835][ T8822] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.526651][ T9918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  134.539168][ T9918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  134.571689][ T9918] team0: Port device team_slave_0 added
[  134.582886][ T9918] team0: Port device team_slave_1 added
[  134.592846][ T9974] netlink: 'syz.0.1945': attribute type 5 has an invalid length.
[  134.627654][ T9918] batman_adv: batadv0: Adding interface: batadv_slave_0
[  134.634758][ T9918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  134.637798][ T9978] netlink: 'syz.1.1946': attribute type 7 has an invalid length.
[  134.660665][ T9918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  134.661323][ T9918] batman_adv: batadv0: Adding interface: batadv_slave_1
[  134.686173][ T9918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  134.690432][ T9978] loop1: detected capacity change from 0 to 128
[  134.712247][ T9918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  134.752826][ T9918] hsr_slave_0: entered promiscuous mode
[  134.760000][ T9918] hsr_slave_1: entered promiscuous mode
[  134.767035][ T9918] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  134.776133][ T9918] Cannot create hsr debugfs directory
[  134.791268][ T9981] serio: Serial port pts0
[  134.846772][ T9993] sg_write: data in/out 68/14 bytes for SCSI command 0x0-- guessing data in;
[  134.846772][ T9993]    program syz.0.1951 not setting count and/or reply_len properly
[  134.873984][ T9995] loop4: detected capacity change from 0 to 512
[  134.882470][ T9999] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=9 sclass=netlink_route_socket pid=9999 comm=syz.1.1952
[  134.894401][ T9995] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  134.907395][ T9918] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.928590][ T9995] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.941978][ T9995] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.968939][ T9918] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.991325][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.035403][ T9918] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.068689][ T9998] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1953'.
[  135.080575][ T9918] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.089057][ T9998] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1953'.
[  135.145398][ T9918] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  135.153466][ T9918] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  135.162381][ T9918] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  135.181874][ T9918] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  135.226335][ T9918] 8021q: adding VLAN 0 to HW filter on device bond0
[  135.240500][ T9918] 8021q: adding VLAN 0 to HW filter on device team0
[  135.250902][ T3155] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.257989][ T3155] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.274940][ T5154] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.282034][ T5154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.299243][ T9918] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  135.309637][ T9918] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  135.369276][ T9918] 8021q: adding VLAN 0 to HW filter on device batadv0
[  135.438494][ T9918] veth0_vlan: entered promiscuous mode
[  135.446833][ T9918] veth1_vlan: entered promiscuous mode
[  135.462406][ T9918] veth0_macvtap: entered promiscuous mode
[  135.470524][ T9918] veth1_macvtap: entered promiscuous mode
[  135.481187][ T9918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.492122][ T9918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.502254][ T9918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.512663][ T9918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.522449][ T9918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.532843][ T9918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.542718][ T9918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.553133][ T9918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.562987][ T9918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.573415][ T9918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.583197][ T9918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.593681][ T9918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.605275][ T9918] batman_adv: batadv0: Interface activated: batadv_slave_0
[  135.616756][ T9918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.627201][ T9918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.637113][ T9918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.647627][ T9918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.657440][ T9918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.667917][ T9918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.677781][ T9918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.688211][ T9918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.698029][ T9918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.708603][ T9918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.719367][ T9918] batman_adv: batadv0: Interface activated: batadv_slave_1
[  135.730536][ T9918] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  135.739450][ T9918] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  135.748151][ T9918] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  135.756924][ T9918] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  135.821637][T10031] syzkaller0: entered promiscuous mode
[  135.827145][T10031] syzkaller0: entered allmulticast mode
[  135.846129][T10031] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  135.930035][T10050] sg_write: data in/out 68/14 bytes for SCSI command 0x0-- guessing data in;
[  135.930035][T10050]    program syz.2.1963 not setting count and/or reply_len properly
[  135.950497][T10054] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1965'.
[  135.968815][T10056] loop2: detected capacity change from 0 to 2048
[  135.985334][T10056] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.007468][ T9918] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.101455][T10082] loop2: detected capacity change from 0 to 512
[  136.103056][T10078] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1973'.
[  136.108556][T10082] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  136.235610][T10094] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10094 comm=syz.3.1978
[  136.336683][T10103] loop4: detected capacity change from 0 to 2048
[  136.355867][T10101] loop0: detected capacity change from 0 to 512
[  136.378075][T10104] syzkaller1: entered promiscuous mode
[  136.383715][T10104] syzkaller1: entered allmulticast mode
[  136.400363][T10103] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.412611][T10103] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.425270][T10103] EXT4-fs (loop4): shut down requested (2)
[  136.437730][T10101] EXT4-fs: Ignoring removed orlov option
[  136.465558][T10101] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  136.477176][T10101] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it
[  136.487314][T10101] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz.0.1981: Corrupt directory, running e2fsck is recommended
[  136.547459][T10111] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_team, syncid = 0, id = 0
[  136.584862][T10101] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  136.602631][T10101] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2234: inode #15: comm syz.0.1981: corrupted in-inode xattr: overlapping e_value 
[  136.635299][T10101] EXT4-fs (loop0): Remounting filesystem read-only
[  136.642281][T10101] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.656232][T10101] SELinux: (dev loop0, type ext4) getxattr errno 5
[  136.663064][T10101] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.009820][ T8358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.033119][T10131] loop3: detected capacity change from 0 to 2048
[  137.044654][T10131] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.052282][T10135] SELinux: security_context_str_to_sid (ñ£) failed with errno=-22
[  137.062432][T10130] Process accounting resumed
[  137.065268][   T29] kauditd_printk_skb: 31 callbacks suppressed
[  137.065279][   T29] audit: type=1400 audit(1720754534.701:1264): avc:  denied  { append } for  pid=10130 comm="syz.3.1990" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  137.075514][T10130] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  137.113207][T10130] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  137.114220][T10137] loop4: detected capacity change from 0 to 128
[  137.125437][T10130] EXT4-fs (loop3): This should not happen!! Data will be lost
[  137.125437][T10130] 
[  137.125452][T10130] EXT4-fs (loop3): Total free blocks count 0
[  137.125464][T10130] EXT4-fs (loop3): Free/Dirty block details
[  137.134993][T10137] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  137.141283][T10130] EXT4-fs (loop3): free_blocks=2415919104
[  137.141296][T10130] EXT4-fs (loop3): dirty_blocks=16
[  137.141306][T10130] EXT4-fs (loop3): Block reservation details
[  137.141315][T10130] EXT4-fs (loop3): i_reserved_data_blocks=1
[  137.191269][ T8722] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  137.191347][T10137] ext4 filesystem being mounted at /132/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  137.216609][T10137] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz.4.1991: No space for directory leaf checksum. Please run e2fsck -D.
[  137.231946][T10137] EXT4-fs error (device loop4): __ext4_find_entry:1695: inode #2: comm syz.4.1991: checksumming directory block 0
[  137.249897][ T8358] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  137.295047][T10146] loop3: detected capacity change from 0 to 512
[  137.306292][T10146] ext4 filesystem being mounted at /100/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  137.322540][T10152] loop4: detected capacity change from 0 to 764
[  137.329695][T10152] rock: directory entry would overflow storage
[  137.335980][T10152] rock: sig=0x4654, size=5, remaining=4
[  137.369127][T10154] __nla_validate_parse: 7 callbacks suppressed
[  137.369135][T10154] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1998'.
[  137.396770][T10154] veth3: entered promiscuous mode
[  137.401859][T10154] veth3: entered allmulticast mode
[  137.407453][T10154] bridge2: port 1(veth3) entered blocking state
[  137.413924][T10154] bridge2: port 1(veth3) entered disabled state
[  137.451139][T10160] loop3: detected capacity change from 0 to 1024
[  137.465562][T10160] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.479025][T10160] EXT4-fs (loop3): Online resizing not supported with bigalloc
[  137.547309][T10166] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2003'.
[  137.610628][T10169] loop4: detected capacity change from 0 to 2048
[  137.641227][T10172] loop0: detected capacity change from 0 to 512
[  137.678876][T10175] loop3: detected capacity change from 0 to 512
[  137.690417][T10169] ext4 filesystem being mounted at /136/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.702823][T10169] EXT4-fs (loop4): shut down requested (2)
[  137.709303][T10169] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2000'.
[  137.720317][T10175] EXT4-fs (loop3): Invalid log cluster size: 67108864
[  137.732407][T10172] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.835525][T10181] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  137.840293][   T29] audit: type=1400 audit(1720754535.481:1265): avc:  denied  { relabelfrom } for  pid=10174 comm="syz.3.2006" name="" dev="pipefs" ino=35237 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  137.868396][   T29] audit: type=1400 audit(1720754535.491:1266): avc:  denied  { relabelto } for  pid=10174 comm="syz.3.2006" name="" dev="pipefs" ino=35237 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:dhcp_state_t:s0"
[  138.551419][   T29] audit: type=1400 audit(1720754536.191:1267): avc:  denied  { connect } for  pid=10227 comm="syz.4.2026" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  138.566852][T10231] loop1: detected capacity change from 0 to 256
[  138.578837][T10231] FAT-fs (loop1): Unrecognized mount option "" or missing value
[  138.624149][T10237] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2029'.
[  138.643346][T10239] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2030'.
[  138.650659][T10232] FAULT_INJECTION: forcing a failure.
[  138.650659][T10232] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.665336][T10232] CPU: 1 PID: 10232 Comm: syz.4.2028 Not tainted 6.10.0-rc7-syzkaller-00139-g8a18fda0febb #0
[  138.675497][T10232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  138.685533][T10232] Call Trace:
[  138.688913][T10232]  <TASK>
[  138.691883][T10232]  dump_stack_lvl+0xf2/0x150
[  138.696459][T10232]  dump_stack+0x15/0x20
[  138.700598][T10232]  should_fail_ex+0x229/0x230
[  138.705261][T10232]  should_fail+0xb/0x10
[  138.709408][T10232]  should_fail_usercopy+0x1a/0x20
[  138.714486][T10232]  copy_page_from_iter_atomic+0x22a/0xda0
[  138.720270][T10232]  ? shmem_write_begin+0xa0/0x1c0
[  138.725277][T10232]  ? shmem_write_begin+0x10c/0x1c0
[  138.730411][T10232]  generic_perform_write+0x21a/0x410
[  138.735683][T10232]  ? __pfx_shmem_write_end+0x10/0x10
[  138.741012][T10232]  shmem_file_write_iter+0xc8/0xf0
[  138.746133][T10232]  vfs_write+0x78f/0x900
[  138.750361][T10232]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  138.756152][T10232]  ksys_write+0xeb/0x1b0
[  138.760441][T10232]  __x64_sys_write+0x42/0x50
[  138.765091][T10232]  x64_sys_call+0x27ef/0x2d70
[  138.769757][T10232]  do_syscall_64+0xc9/0x1c0
[  138.774252][T10232]  ? clear_bhb_loop+0x55/0xb0
[  138.779005][T10232]  ? clear_bhb_loop+0x55/0xb0
[  138.783732][T10232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.789755][T10232] RIP: 0033:0x7f9759d2875f
[  138.794218][T10232] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  138.813862][T10232] RSP: 002b:00007f9758faad50 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  138.822367][T10232] RAX: ffffffffffffffda RBX: 0000000001000000 RCX: 00007f9759d2875f
[  138.830372][T10232] RDX: 0000000001000000 RSI: 00007f9750b8b000 RDI: 0000000000000004
[  138.838405][T10232] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000004038
[  138.846361][T10232] R10: 0000000000000002 R11: 0000000000000293 R12: 0000000000000004
[  138.854383][T10232] R13: 00007f9758faadfc R14: 00007f9758faae00 R15: 00007f9750b8b000
[  138.862341][T10232]  </TASK>
[  138.894739][T10245] loop3: detected capacity change from 0 to 164
[  138.912591][T10245] Unsupported NM flag settings (8)
[  138.930414][T10232] loop4: detected capacity change from 0 to 32768
[  138.939187][T10247] FAULT_INJECTION: forcing a failure.
[  138.939187][T10247] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.952361][T10247] CPU: 1 PID: 10247 Comm: syz.0.2033 Not tainted 6.10.0-rc7-syzkaller-00139-g8a18fda0febb #0
[  138.962680][T10247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  138.972829][T10247] Call Trace:
[  138.976099][T10247]  <TASK>
[  138.979024][T10247]  dump_stack_lvl+0xf2/0x150
[  138.983687][T10247]  dump_stack+0x15/0x20
[  138.987924][T10247]  should_fail_ex+0x229/0x230
[  138.992709][T10247]  should_fail+0xb/0x10
[  138.996863][T10247]  should_fail_usercopy+0x1a/0x20
[  139.001945][T10247]  _copy_from_user+0x1e/0xd0
[  139.006585][T10247]  memdup_user+0x64/0xc0
[  139.010835][T10247]  strndup_user+0x68/0xa0
[  139.015170][T10247]  __se_sys_mount+0x4e/0x2d0
[  139.019767][T10247]  ? fput+0x13b/0x180
[  139.023749][T10247]  ? ksys_write+0x178/0x1b0
[  139.028271][T10247]  __x64_sys_mount+0x67/0x80
[  139.032866][T10247]  x64_sys_call+0x25c9/0x2d70
[  139.037543][T10247]  do_syscall_64+0xc9/0x1c0
[  139.042056][T10247]  ? clear_bhb_loop+0x55/0xb0
[  139.046738][T10247]  ? clear_bhb_loop+0x55/0xb0
[  139.051419][T10247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.057383][T10247] RIP: 0033:0x7f1435f27bd9
[  139.061791][T10247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.081399][T10247] RSP: 002b:00007f14351a9048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  139.089815][T10247] RAX: ffffffffffffffda RBX: 00007f14360b5f60 RCX: 00007f1435f27bd9
[  139.097828][T10247] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  139.105903][T10247] RBP: 00007f14351a90a0 R08: 0000000020000440 R09: 0000000000000000
[  139.113891][T10247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.121855][T10247] R13: 000000000000000b R14: 00007f14360b5f60 R15: 00007ffdfd697728
[  139.129894][T10247]  </TASK>
[  139.142258][T10249] loop0: detected capacity change from 0 to 512
[  139.149542][T10232]  loop4: p1 p3 < p5 >
[  139.157031][T10249] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.192436][T10255] FAULT_INJECTION: forcing a failure.
[  139.192436][T10255] name failslab, interval 1, probability 0, space 0, times 0
[  139.205083][T10255] CPU: 1 PID: 10255 Comm: syz.3.2037 Not tainted 6.10.0-rc7-syzkaller-00139-g8a18fda0febb #0
[  139.215252][T10255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  139.225334][T10255] Call Trace:
[  139.228599][T10255]  <TASK>
[  139.231514][T10255]  dump_stack_lvl+0xf2/0x150
[  139.236145][T10255]  dump_stack+0x15/0x20
[  139.240354][T10255]  should_fail_ex+0x229/0x230
[  139.245018][T10255]  ? skb_clone+0x154/0x1f0
[  139.249436][T10255]  __should_failslab+0x92/0xa0
[  139.254190][T10255]  should_failslab+0x9/0x20
[  139.258692][T10255]  kmem_cache_alloc_noprof+0x4c/0x290
[  139.264059][T10255]  skb_clone+0x154/0x1f0
[  139.268312][T10255]  netlink_trim+0xd9/0x140
[  139.272720][T10255]  netlink_broadcast_filtered+0x4e/0xbe0
[  139.278346][T10255]  ? tc_fill_qdisc+0x97a/0x9a0
[  139.283109][T10255]  nlmsg_notify+0xca/0x170
[  139.287518][T10255]  rtnetlink_send+0x4a/0x60
[  139.292009][T10255]  qdisc_notify+0x259/0x290
[  139.296582][T10255]  qdisc_graft+0xaef/0xbd0
[  139.301014][T10255]  ? qdisc_create+0x913/0xae0
[  139.305682][T10255]  tc_modify_qdisc+0x73b/0x1050
[  139.310593][T10255]  ? ns_capable+0x7d/0xb0
[  139.314910][T10255]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  139.320311][T10255]  rtnetlink_rcv_msg+0x85e/0x910
[  139.325241][T10255]  ? xas_load+0x3ae/0x3d0
[  139.329579][T10255]  ? xas_load+0x3ae/0x3d0
[  139.333939][T10255]  ? __rcu_read_unlock+0x4e/0x70
[  139.338942][T10255]  ? xa_load+0xb9/0xe0
[  139.342993][T10255]  ? skb_release_data+0x583/0x5a0
[  139.348005][T10255]  ? kmem_cache_free+0xd8/0x280
[  139.352927][T10255]  ? nlmon_xmit+0x51/0x60
[  139.357242][T10255]  ? __kfree_skb+0x102/0x150
[  139.361880][T10255]  ? consume_skb+0x57/0x180
[  139.366382][T10255]  ? nlmon_xmit+0x51/0x60
[  139.370696][T10255]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  139.376002][T10255]  ? __dev_queue_xmit+0xb21/0x1e50
[  139.381102][T10255]  ? ref_tracker_free+0x3a5/0x410
[  139.386207][T10255]  netlink_rcv_skb+0x12c/0x230
[  139.391074][T10255]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  139.396564][T10255]  rtnetlink_rcv+0x1c/0x30
[  139.401023][T10255]  netlink_unicast+0x58d/0x660
[  139.405786][T10255]  netlink_sendmsg+0x5ca/0x6e0
[  139.410538][T10255]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.415807][T10255]  __sock_sendmsg+0x140/0x180
[  139.420505][T10255]  ____sys_sendmsg+0x312/0x410
[  139.425260][T10255]  __sys_sendmmsg+0x269/0x500
[  139.430018][T10255]  __x64_sys_sendmmsg+0x57/0x70
[  139.434860][T10255]  x64_sys_call+0xa87/0x2d70
[  139.439502][T10255]  do_syscall_64+0xc9/0x1c0
[  139.444100][T10255]  ? clear_bhb_loop+0x55/0xb0
[  139.448806][T10255]  ? clear_bhb_loop+0x55/0xb0
[  139.453543][T10255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.459506][T10255] RIP: 0033:0x7fd93d4cdbd9
[  139.463905][T10255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.483501][T10255] RSP: 002b:00007fd93c74f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  139.491955][T10255] RAX: ffffffffffffffda RBX: 00007fd93d65bf60 RCX: 00007fd93d4cdbd9
[  139.500011][T10255] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[  139.507975][T10255] RBP: 00007fd93c74f0a0 R08: 0000000000000000 R09: 0000000000000000
[  139.515930][T10255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  139.523886][T10255] R13: 000000000000000b R14: 00007fd93d65bf60 R15: 00007ffe392a9ec8
[  139.531843][T10255]  </TASK>
[  139.547483][T10257] loop1: detected capacity change from 0 to 128
[  139.562298][T10257] ext4 filesystem being mounted at /75/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  139.647712][ T3348] bridge_slave_1: left allmulticast mode
[  139.653353][ T3348] bridge_slave_1: left promiscuous mode
[  139.658977][ T3348] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.671542][ T3348] bridge_slave_0: left allmulticast mode
[  139.677337][ T3348] bridge_slave_0: left promiscuous mode
[  139.683008][ T3348] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.750468][T10287] loop3: detected capacity change from 0 to 256
[  139.760749][T10289] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2050'.
[  139.845902][ T3348] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  139.857878][ T3348] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  139.868383][ T3348] bond0 (unregistering): Released all slaves
[  139.877564][T10285] IPv6: NLM_F_REPLACE set, but no existing node found!
[  139.901164][T10297] loop1: detected capacity change from 0 to 512
[  139.907698][T10297] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  139.986042][ T3348] hsr_slave_0: left promiscuous mode
[  139.991658][ T3348] hsr_slave_1: left promiscuous mode
[  139.997394][ T3348] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  139.997623][T10304] loop1: detected capacity change from 0 to 512
[  140.004864][ T3348] batman_adv: batadv0: Removing interface: batadv_slave_0
[  140.011289][T10304] EXT4-fs: Ignoring removed bh option
[  140.024060][ T3348] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  140.024570][T10304] EXT4-fs (loop1): orphan cleanup on readonly fs
[  140.031435][ T3348] batman_adv: batadv0: Removing interface: batadv_slave_1
[  140.045405][T10304] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  140.053655][T10304] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2056: invalid indirect mapped block 8 (level 2)
[  140.054844][ T3348] veth1_macvtap: left promiscuous mode
[  140.066852][T10304] EXT4-fs (loop1): Remounting filesystem read-only
[  140.072215][ T3348] veth0_macvtap: left promiscuous mode
[  140.078742][T10304] EXT4-fs (loop1): 1 truncate cleaned up
[  140.084195][ T3348] veth1_vlan: left promiscuous mode
[  140.092193][T10304] SELinux: (dev loop1, type ext4) getxattr errno 5
[  140.171513][ T3348] team0 (unregistering): Port device team_slave_1 removed
[  140.180446][T10312] loop1: detected capacity change from 0 to 128
[  140.188652][ T3348] team0 (unregistering): Port device team_slave_0 removed
[  140.251211][T10316] loop1: detected capacity change from 0 to 512
[  140.257527][T10316] EXT4-fs: Ignoring removed oldalloc option
[  140.264199][T10316] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b842e02d, mo2=0002]
[  140.272092][T10316] System zones: 1-12
[  140.276366][T10316] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.2060: invalid indirect mapped block 1 (level 1)
[  140.289658][T10316] EXT4-fs (loop1): Remounting filesystem read-only
[  140.296356][T10316] EXT4-fs (loop1): 1 truncate cleaned up
[  140.302338][T10316] SELinux: (dev loop1, type ext4) getxattr errno 5
[  140.584740][T10332] loop1: detected capacity change from 0 to 2048
[  140.680054][T10332] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.692052][T10332] EXT4-fs (loop1): shut down requested (2)
[  140.698569][T10332] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2062'.
[  140.791000][T10336] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  140.823184][T10336] netlink: 'syz.3.2067': attribute type 21 has an invalid length.
[  140.878527][T10351] loop2: detected capacity change from 0 to 2048
[  140.943464][T10351] loop2: detected capacity change from 2048 to 2047
[  140.952811][T10343] I/O error, dev loop7, sector 4608 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 0
[  140.963001][T10360] ==================================================================
[  140.971079][T10360] BUG: KCSAN: data-race in __bio_queue_enter / blk_mq_unfreeze_queue
[  140.979144][T10360] 
[  140.981451][T10360] read-write to 0xffff888101248a24 of 4 bytes by task 10351 on cpu 1:
[  140.989585][T10360]  blk_mq_unfreeze_queue+0x38/0xc0
[  140.994687][T10360]  loop_set_status+0x414/0x550
[  140.999441][T10360]  lo_ioctl+0x892/0x1330
[  141.003671][T10360]  blkdev_ioctl+0x35f/0x450
[  141.008165][T10360]  __se_sys_ioctl+0xd3/0x150
[  141.012741][T10360]  __x64_sys_ioctl+0x43/0x50
[  141.017321][T10360]  x64_sys_call+0x1581/0x2d70
[  141.021992][T10360]  do_syscall_64+0xc9/0x1c0
[  141.026486][T10360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.032368][T10360] 
[  141.034674][T10360] read to 0xffff888101248a24 of 4 bytes by task 10360 on cpu 0:
[  141.042284][T10360]  __bio_queue_enter+0x164/0x500
[  141.047211][T10360]  blk_mq_submit_bio+0x1a5/0xd90
[  141.052138][T10360]  __submit_bio+0xf2/0x470
[  141.056537][T10360]  submit_bio_noacct_nocheck+0x295/0x6e0
[  141.062162][T10360]  submit_bio_noacct+0x6b9/0x870
[  141.067093][T10360]  submit_bio+0x218/0x230
[  141.071415][T10360]  submit_bh_wbc+0x2de/0x320
[  141.075992][T10360]  submit_bh+0x1e/0x30
[  141.080046][T10360]  ext4_sb_breadahead_unmovable+0x169/0x190
[  141.085935][T10360]  __ext4_get_inode_loc+0x6d4/0x910
[  141.091128][T10360]  ext4_get_inode_loc+0x65/0xe0
[  141.095967][T10360]  ext4_xattr_ibody_get+0x99/0x430
[  141.101075][T10360]  ext4_xattr_get+0xd4/0x580
[  141.105658][T10360]  ext4_xattr_security_get+0x32/0x40
[  141.110928][T10360]  __vfs_getxattr+0x29f/0x2b0
[  141.115596][T10360]  cap_inode_need_killpriv+0x2e/0x50
[  141.120875][T10360]  security_inode_need_killpriv+0x3a/0x70
[  141.126589][T10360]  file_remove_privs_flags+0x144/0x340
[  141.132036][T10360]  file_modified_flags+0x38/0x340
[  141.137050][T10360]  file_modified+0x17/0x20
[  141.141460][T10360]  ext4_buffered_write_iter+0x1d8/0x380
[  141.146999][T10360]  ext4_file_write_iter+0x29f/0xe30
[  141.152182][T10360]  vfs_write+0x78f/0x900
[  141.156422][T10360]  ksys_write+0xeb/0x1b0
[  141.160659][T10360]  __x64_sys_write+0x42/0x50
[  141.165240][T10360]  x64_sys_call+0x27ef/0x2d70
[  141.169912][T10360]  do_syscall_64+0xc9/0x1c0
[  141.174411][T10360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.180301][T10360] 
[  141.182609][T10360] value changed: 0x00000001 -> 0x00000000
[  141.188312][T10360] 
[  141.190631][T10360] Reported by Kernel Concurrency Sanitizer on:
[  141.196758][T10360] CPU: 0 PID: 10360 Comm: syz.2.2073 Not tainted 6.10.0-rc7-syzkaller-00139-g8a18fda0febb #0
[  141.206892][T10360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  141.216931][T10360] ==================================================================
[  141.234004][T10361] loop0: detected capacity change from 0 to 128
[  141.248965][T10360] EXT4-fs error (device loop2): ext4_xattr_ibody_get:653: inode #18: comm syz.2.2073: corrupted in-inode xattr: bad magic number in in-inode xattr
[  141.266667][T10351] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2073: bg 0: block 15315: padding at end of block bitmap is not set
[  141.285319][T10351] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 117
[  141.297695][T10351] EXT4-fs (loop2): This should not happen!! Data will be lost
[  141.297695][T10351] 
[  141.313131][ T9918] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /11/file1: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=1937076323, rec_len=29797, size=2048 fake=0
[  143.438454][   T40] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.487073][   T40] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.536552][   T40] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.586771][   T40] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.666640][   T40] bridge_slave_1: left allmulticast mode
[  143.672359][   T40] bridge_slave_1: left promiscuous mode
[  143.678047][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.686981][   T40] bridge_slave_0: left allmulticast mode
[  143.692639][   T40] bridge_slave_0: left promiscuous mode
[  143.698318][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.806400][   T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  143.818043][   T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  143.830187][   T40] bond0 (unregistering): Released all slaves
[  143.945619][   T40] hsr_slave_0: left promiscuous mode
[  143.951198][   T40] hsr_slave_1: left promiscuous mode
[  143.957877][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.965270][   T40] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.972703][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.980104][   T40] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.990113][   T40] veth1_macvtap: left promiscuous mode
[  143.995682][   T40] veth0_macvtap: left promiscuous mode
[  144.001239][   T40] veth1_vlan: left promiscuous mode
[  144.006465][   T40] veth0_vlan: left promiscuous mode
[  144.092670][   T40] team0 (unregistering): Port device team_slave_1 removed
[  144.105738][   T40] team0 (unregistering): Port device team_slave_0 removed