last executing test programs:

2.993374028s ago: executing program 1 (id=1518):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x20}]})
socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000480)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x2100, 0xab00, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty=0x700, @dev}}}})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x873, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

2.940944261s ago: executing program 2 (id=1519):
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x11}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1}, &(0x7f0000000440), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
fcntl$setlease(r0, 0x400, 0x1)
fremovexattr(r0, &(0x7f0000000040)=@known='system.posix_acl_default\x00')

2.856581918s ago: executing program 2 (id=1521):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000a80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000541f4d270c017403f5274bf6cdda2e18dbb0c3012f785381582e9c85a7e947214296455a8122fb8bc49a88cb850e59dd759e80ba625931522cc091e0ab8bf4f20cee5d97bd253c175c43d15791d7a77f34ba68686d284dc34f5bcf74f6248ee6215032eee055a5c03edf98823d64697cd2334857d1bcd5a5b18f2e171c1c8c6c309fe46d118fcdcf10c12a196d34dec6fbbbdb374187aea3c2ce18d90db3b29d05b896dedc764732c29daaca1214991ff76c0e6c3f7268097c3d3acc97392f43a127e79890647eefb1ab5decc2f685f2c194701a4f84b906264ae16b61101f556bf19044d3ad54195db5f456a391bb115d0842f88f1b536e47c7c66509ba6e0df9fc3404b81a1429afa39361d51694f36d2b2a", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000080)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX], 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140000001000010000000000000000000000000a79f1dc5efea57a626c629d57b5bad0322686d41dbd4253f42b2b1217ee80ab2b66a6ddcc2ee09610e0e644dce9dcaaf32d04a61f0c83c4b5d4df4157bf7171548ee702650c40e1948e3b1913fe117fbcd278219000392f510892c7d5823d4c683e865ef328efa0730ba4990633abfa3d8761d9c1e0d01f022ee06ba091c60638bed741d79c9301254b7ebe4d4ef3277a8c8fd8ad9a339d38a07a6e4f036d7c4175d2bb6095f2cb8c618e10fd09f2d5f9ba7c285989c1d74901341015b3101a6f22cd2ad25c58b1a290bdd2fd152b95f7eaddfb1d0fa340d7723e96636a9d292395813a6a12cdfc2417697856a1500b10b02a33c484af5aef2f5e48c3aebc7b9b925d14673c84da"], 0x28}}, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='net_dev_xmit_timeout\x00', r9}, 0x10)
r10 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r11 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r11, &(0x7f0000000140)='asymmetric\x00', &(0x7f0000000440)=@secondary)
keyctl$KEYCTL_MOVE(0x1e, r10, 0xffffffffffffffff, r11, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18010100800000ffffffff757200000018110000", @ANYRES32=r12, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000400), 0x81, 0x79e, &(0x7f00000018c0)="$eJzs3ctrXGUbAPDnTG5N2u9LPvhA6yogaKB0YmpsFVxUXIhgoaBr2zCZhjaTTMlMShMCbRHBjaDFhaCb7gQvdefWy1b/CxfSUmwajLiQkTOZaSfNTDppbo35/eC07zvnTJ73OZf3vDPnMCeAfWsw/ScTcTgiPkoi+muvJxHRVS11RpxcWW55cSGXTklUKm//nlSXWVpcyEXDe1IHa5WnI+LH9yOOZNbGLc3NT44VCvmZWn24PHVxuDQ3f/T81NhEfiI/fXxkdPTYiZdOHN+6XP/4Zf7Q7Y/feP6bk3+999TND39K4mQcqs1rzGOrDMZgbZ10patwlde3OtguS9aZd2AH28HGpIdmx8pRHoejPzqqpRZ6d7JlAMB2uRIRFQBgn0mc/wFgn6l/D7C0uJCrT+t8XbDOxYG96c5rKxeolmrXNpfv599Zu2Z3oHodtG8pWZV8EhEDWxB/MCI+/+7dr9Iptuk6JEAzV69FxNmBwbX9f7LmnoWNeqGNZQYfqjf0f92bDA88wvfp+OflZuO/zP3xTzQZ//Q0OXYfxzrHf03m1haEaSkd/73acG/bckP+NQMdtdp/qmO+ruTc+UI+7dv+GxFD0dWT1kfWiTF07+97reY1jv/uXr+Q9nm5u9cvfPlgicytzp7V7xkfK49tJudGd65FPNPZLP96/79yD1uz8e/pNmO8+coHn7Wal+af5luf0vir899elRsRzzXd/g/uaEvWvT9xuLo7DNd3iia+/fXTvlbxG7d/OqXx658FdkK6/fvWz38gabxfs7TxGD/f6P+h1bxH5998/+9O3qmW64OEy2Pl8sxIRHfy1trXjz14b71eXz7Nf+jZ7qbHf73/a7b/p58Jz7aZf+fta18/fv7bK81/fEPbf+OFm8uTHa3it7f9R6ulodor7fR/7TZwM+sOAAAAAAAAAAAAAAAAAAAAAAAAANqViYhDkWSy98uZTDa78gzv/0dfplAslY+cK85Oj0f1WdkD0ZWp/9Rlf8PvoY7Ufg+/Xj/2UP3FiPhfRHzS01utZ3PFwvhuJw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANQdbPP8/9VvPbrcOANg2B3a7AQDAjnP+B4D9Z2Pn/95tawcAsHN8/geA/cf5HwD2H+d/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAttnpU6fSqfLn4kIurY9fmpudLF46Op4vTWanZnPZXHHmYnaiWJwo5LO54lTLP3R15b9CsXhxNKZnLw+X86XycGlu/sxUcXa6fOb81NhE/ky+a8cyAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID2lebmJ8cKhfzMnilUKpUrT0Az/g2FjtpO8KS0Z88VMptYdV/sduMfUWjsJXp3p3MCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2AP+CQAA//+qiiUU")
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000cc0)=ANY=[@ANYRES32=r0, @ANYRESOCT=0x0, @ANYRESOCT=r0, @ANYRES8=r10, @ANYRESOCT, @ANYRES8=r2, @ANYBLOB="c4c538033e06e21b66d251baf38bf9a9089950381fbc7316f57dbb40", @ANYRESOCT=r8, @ANYRESDEC=r6], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='ext4_mb_discard_preallocations\x00', r13}, 0x10)
r14 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="7a0a00ff000967f44fef5a25000000c45ede0bb3cfd2c2950000"], &(0x7f0000000480)='syzkaller\x00'}, 0x80)
pwritev2(r14, &(0x7f00000003c0)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'bond0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
getpeername$packet(r4, &(0x7f0000000280), &(0x7f00000002c0)=0x14)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000380)={@private0}, &(0x7f00000004c0)=0x14)
perf_event_open(0x0, 0x0, 0x3, 0xffffffffffffffff, 0x0)

2.627250955s ago: executing program 2 (id=1526):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)

2.605911876s ago: executing program 4 (id=1528):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r0 = socket(0x0, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90324fc60100c028010000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
r2 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600))
r3 = socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x6}, 0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, 0x0, 0x0)
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r5, &(0x7f0000000000)=0x3, 0x12)
r6 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600)={'team0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r7, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4], [0x0, 0x8]}}]}}]}, 0x8c}}, 0x0)

2.55172111s ago: executing program 2 (id=1529):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1], 0x0}, 0x90)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0])
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x3c, r3, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}]}, 0x3c}}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000040)=0x1c)
clock_gettime(0x0, &(0x7f00000001c0))
utimensat(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x100)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f0000000240)='./bus\x00', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)

2.277955681s ago: executing program 4 (id=1530):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x6e, &(0x7f0000000080)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000086dd6002adf700383a00fe880000000200000000000000000001ff020000000000000000000000000001"], 0x0)

2.248299543s ago: executing program 4 (id=1531):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r0, &(0x7f0000000400)=[{0x0}], 0x1)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/../file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x11}, 0x18)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
r1 = syz_pidfd_open(0x0, 0x0)
r2 = socket(0x200000100000011, 0x803, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r4=>0x0})
sendto$packet(r2, &(0x7f0000000100)="4dcdc7d96a760000000100050000000000060000", 0x34, 0x0, &(0x7f0000000000)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14)
r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000340)=@o_path={&(0x7f0000000300)='./file0/file0\x00', 0x0, 0x4008, r1}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1839000500000000000008000000000095000000a6406f3a23a45b4feb9bb66f01680400000000"], &(0x7f0000000040)='GPL\x00', 0xd1, 0xe4, &(0x7f00000001c0)=""/228, 0x7a08c2bee99e3603, 0x12, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x4, 0x4, 0x383, 0x256f168a}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000380)=[r5], &(0x7f00000003c0)=[{0x2, 0x5, 0x2}, {0x1, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x4, 0x6}, {0x3, 0x5, 0xd, 0x9}], 0x10, 0xffffffff}, 0x90)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'pim6reg1\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000f80)=@newtfilter={0x1644, 0x2c, 0x400, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x9, 0x1}, {0xfff2}, {0xfff3, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_MASK={0x8, 0x5, 0x1}]}}, @TCA_CHAIN={0x8, 0xb, 0x4}, @TCA_RATE={0x6, 0x5, {0x0, 0x40}}, @filter_kind_options=@f_u32={{0x8}, {0x15dc, 0x2, [@TCA_U32_ACT={0x15d8, 0x7, [@m_csum={0x1f4, 0xe, 0x0, 0x0, {{0x9}, {0xc8, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x3, 0xb9069c2175124531, 0x200, 0x3}, 0x7}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x6, 0x4, 0x109, 0xf9}, 0x77}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x8, 0x2, 0x7, 0xff, 0x6}, 0x2c}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x3, 0x101, 0x20000000, 0x4, 0xfffffff7}, 0x19}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x22, 0xfff, 0x20000000, 0x8, 0xbfb3}, 0x1a}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xaca, 0xe2, 0x7, 0x6ada, 0xd46}, 0x78}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0xb1, 0x7, 0xc2}, 0x78}}]}, {0x102, 0x6, "7addc81af8ebf8600ae10843831c948546056aa9c1fc81ce3d4af505a9fa268ed519b03bac253bb55e6b068a96b1d7f9e26033bc6422370990f4e98b514eec1e6ad68a81f3257cff8d2742282e82ab7f1cdb6763a7278cb89c5068a64d7d633c702ac681ac6495599188f639c1ad1b5b6b51ff72babbe5877ec2e072d8ff1d5513557c14ed5288e48c7d87b9d6b2fa6e372599d5922da813b62235dfbe3e98936ef8e0d040091ea897c685bfdc7edb2c5b5a47089b570cea83632b3f694e5df8b0625ee136ed5740ec56c90585e963d4d99438cf690b6fc7d6011bc6efbf3e2718487e687b8f50118868ca646bfb10c1149c8b2470597c7dd914dea90bfd"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}, @m_mirred={0x1c8, 0xa, 0x0, 0x0, {{0xb}, {0x104, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x7, 0x3, 0x5, 0x3}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x2, 0x8, 0x3, 0x9, 0xed3}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x80, 0x5, 0x2, 0x3, 0x4}, 0x2, r4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x6efe7571, 0x9, 0x10000000, 0xa436, 0xe}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x7ff, 0x9, 0x8, 0x31bb, 0x2}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x7, 0x5486d045, 0x20000000, 0xfa1, 0x2}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xa, 0x2, 0x8, 0x10000, 0x2}, 0x3, r6}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x401, 0x4, 0x1, 0xfffff2cc, 0x82a}, 0x4}}]}, {0x9b, 0x6, "da282964eb9f64a3045977e8d5d0df54045b0af989ddb82abeab80d349d728c6048400643d54f95f1c2b5fe6cc4e4c021c822a5aaa28a36333d82c6208b00627d7f8e4c10cc5cadeb5403347613ad874717b68eb76b536d4f1a7cebd15bf126f28d7d432f5f4fd1cd4bae2ff952af038ae86c6d35d42a63d78eb2fcf276f18df80e15229996fc3770930be03dadd61613d3f0e6ea83fea"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_tunnel_key={0x108, 0x5, 0x0, 0x0, {{0xf}, {0x14, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x1}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}]}, {0xc7, 0x6, "a2508c58c7a09d85ed73ee4e546d2bdb4410d4b42554b780b769b3b0fba91661b8d1454b4af9d1d71e3912dec4839a1bf6fe39ed33770b30d8241a95dee264e0bafd908b03c99a0f776bbe3aa797cd4f7d55aa2d5f0e69fb08d623deeacd762a8f3ad6fc31c0d4b0b4e2a0254f962d8e35057d3360bd9dff40e4c10f22b7d4d11f3edf9edc40f3b298ff945b2db37ed12f02e5c9a80e87af5668487322160117f5346c42c8b74e3afe62b487aa0d20675f64ea3409e2b0a5bdf9d950ecbe63eea1fa5f"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_skbmod={0x1060, 0x1b, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SKBMOD_DMAC={0xa, 0x3, @remote}, @TCA_SKBMOD_SMAC={0xa, 0x4, @multicast}, @TCA_SKBMOD_SMAC={0xa, 0x4, @multicast}, @TCA_SKBMOD_DMAC={0xa}]}, {0x1004, 0x6, "7322f4d0b90f6a92e2ae27e3281710f2d58ed6f4032f354182c0445b6e3e6264ea860fc35169051f9eba7d14734e451f58a2ae16b1a939ea10acce31f0b65d78cab12dc2d027fb48af2b3ad1478aa8bc01f71f74ddbbe31b58fe600bc3cea84440c2fa73a5747b4ac467b0c0519f10fa6954254a11c4685e2ee11fff2140039a5baae4f39729d67a48d928b9f91d70448068a504db44d5b3034907fc07e7cb81c72f4070630334775ec6edf05ab26dd78e17905b14483e5748ac41ceac8f5bfe2d21b22796d7601d624bc4a2ebf2e29f9185192d38ec27740516dcfdfcb4ca6b9e49128eaf536e3f128ac58bb447e81672d69bd9c6111cd773af9025b498f93d71e1208ad661f66fb8487810a971d049518741454b25c4c0f7acceaaee9f663584fbb3adcef7a18d5d1c6a89446920b6b24264f1c514fcb1ccaf650b896a83943f5dd882c573e3b85431133fa6ebaf417613b80685737788a076ccd85634fe960b56644a4f21cbb8d07d53178b7b375cf43c6b10d55e45c0960e6082976fd822d92dd8c06607c3a14c62582b2ffa641d2f398d49d4522666064ca3c2c971882e7e28ff7254589980e1625871f80fbdef60b2fcb79bf23e0b739086c1a00e950dfcdeadbdea494dbb8aa869deceed731d0d50d887f8b6153fbc3e8bb85484f276fabf3997fe68ef0c3eae2564ac521c12dec06013a5a487da81da4114c5b3aa9c9d1de4bc402575070b7c9240cb7291d38e5ea08479785b56bea5fd9601a134994dbfadbe44e756a8a601ab669f9e5ab1b2e8bace6c874357f5a62a74fa6eab272a1cf0978dba3583a882a186fa961c61daedd2d73cf51dbc8725f1c3ef920c22646be47116ef055a36c759f5f06727d325e24b677984634e7914d9c255eee021e303ffbd7ada7de47b1323d3d0dc8f31c587438969a0f2d44e1a9349e28d722ece5cfb5d70cf9ad591411eea4d712d8a269d9cdc2e3873f27f416e1c3fa054feb15a25a22b163c02722450d861b109fe622229be8152a87b9da9a78b1ed187cec7f24470b0ce305e19e5f784d5c5c872dea0c314dcd31cf25645ab2c4b78d4e4411f31c317da1ce6a16fcb9bc6328a39b42d79f8047f7cbdb34d4b3fd02671bff44085375bd996bda18247e989e340c61f66ece6aa6b5c5cbf82fea81b6909f9fbc4776a22dbc656e2bb31debce2851efec6f5b7a8a992a83238a8561ef4d48e43fb77a9393265d505ff359a34c0dc5ea9a5b02f97daaffd0705724794579dabced88f1a5f1a12c16be39e1d2b76a4926448f5c4d1778c4a93e01eac3d5370ce8e9d0a09fd4d584605625a393591cfe941876380d0e8573a4c5e19751f4b0739e18ae8ebfefaf04470d259fa9776fc483b1d6bfb0071d6d311d2a6e84739d4e22b3ae38fc644f4f4ddf6d5d78583efb708543b18c2d73437aabda7c0f55ef4479ade12186d7554fd55aeb7a33c096834963ed6cdb555e5907628306caa5b3f861761ea6341513a07651c2b192c43437e0fcdc87ded701952fb2d3a9c6e7b5a3a8558feea4e9a789a0ae4e6abfb377ce8ba5bd81c0faab5483124cff692667f223be28236dc1eb09d25c57973c9b0c762ece37ff0219489237b0396373b6959291d5664f417ed8256feb36b11e5ef084f9489a7fca1a37207679657988cd79ecfae54df827f06fa34cd356719435ab54bbb617446ff1a0adf6bf6254acc41b3335425f97970d6438e02a5540add461f2c1b2df2616f614969584994aee87798e04c3bdae5d57d5552e634a677c4d66b996a6fc44d2fb818430e7140b765f8b2be1404b2ace85cadc678c9a7f53223e91ae537bb4150e168d33fc3caf74391071a8ebce001e4f25858b4c600911eb359a2a941206bb5eaccd8b10da74aebb4120b71533d784c1dce3237f3b1106137ee38da496ddabd6a8ccee0b5113223cf1cbe07eb1ef0f72b9056b7fdbf96281ca0334fb4da86b559db64ea7104499a3a6fbba3711adacab8522ba6c3ec1f1b7b2f798f093d0f60734941d9fd5b867befe903140bf3c9d768f955c29875137a11f59c96a30c882c11af2d6c758b860d17e8f846330aae7965f00fdfa191590aa89f5dd9045590531fd44a9474ede8617af2ee05aa47517b8123b54cf666bf258d09fc284100ac5d61c7e83205e1e4ca35a5f9367478c19a88ff1ea569ab754834e1f446778483953f97f925923ec641395ccaa5cd22b93b4125d8a598bd616d40d94338fab7e072bbc56a2b5bae48cbf39685dc8cd0e6b0aadeaace86e42dcedb6b1b60ad6bff4f815579efdfb4a76e567e8917ed62da501268e27c97594e3b8c04b3fcddb8d446ddbc077ee86a6af168a3b89439171cd8f0604181168a318ddeb97e896bef074be30a4e58e1605b9b75b6b5d28ef38ba9d80d5426c0a857bef7d7a35fed2802748cb12b79928e077afa33307e18dae8a6dcafd4f2e6e95436d47ad4dbc5242c4202896b1276d9ccc264d1bcb43df96c7dd676d3fdff86d3d869ca8777ada7e9f4ee898a4ba48ff397c35db75107c37fb35796951e9a1e253f8081615aabba77dba4686b15cab377b6fc67351a3ff1f459d8ce9a9f799c1b0d606677f8982e921b85ab7e213a47a6d80620257e13e08d5ec70dac9ed1d2731f368c00f4a0d9009fc9eded1c0e3d4925809a7f1f1259535cfd47cd4297d5e6ca577163c0d22eb3bcb8e5a7a6478e9cdf43a6936fdddf9cc69e3571cd7f7a881d4b0a4cf9b5a5cd06a4c8114f286076e69fe92ad1c6e43b251a16424109f1c2928aae91fe3f68b1f635a7ed0a37f2cc27dab5de8e7ede1f2e04e369283928b6231b2d82e5599f904282419a46f72f848ea5901e46f6a0efe4952d2f2fff96f448f2dd61c6f14c5adfc7184fd0598601c2c16ddf926b767f52ee434c23c1b80a048c5ff35b5d8fef916284030aa9202c3d2778c795655a33ddccb3480da624bd1f5559403a6fcf45142e23620e8c62fd95ff4e6c223feaaa143e3af87588fa6c33e20349677ebf3def26b03fb180b69da9c530c3746c6173889fe89356c783867e0774e0f7a395ef93f3f66d5f815e162026221630e38b6af4e1908b3f64a8fcddb986df8d27be52578c0960cc7cc7467bb4d0e7d9c99c5678e44f969733562e5251ba49d73dc633bd7a930622f6b060181113c67f611ab8c35e18248463852e582b8db2bc475224fcea0b625292a3191fc7d3c2bcfd767780a2c4c2b0d028bc624724198935fdebd3efe386118f5a326affa7afefba7df533ec1c3e0f78b045f99a64ccccbb6eeb0c0319bcdeb1c9320437bdde0c364636cc413776e9f4fe5701b7fc538dba919d366637c5bee673e721f1120d7e34db4d1b8a01206295603a676087c519ca29de989ec9869c047b9130919a55502afe729485bbcfdad0a5f51d2a278b6f2fe43d18f10afd5d0a3e3982e53c8e1fe898efc7628d95e6fc9c6b76879e1aae5f75a7efa060b2c5870a8102fedf05f26db51d1a6438a7329ff0e67c08b4c487b3ca3b1f66d26ba5d57d7cafecd1da5b319122300548d69ef7dd7ab88974d498ae14d771a905be6b13006571ffbefd8f9ce419c3325bd9e1cc1bc1652913cd7862cb7c1c48b413eb11470e5c4b72f6e06d712305e931258f0251ecbc1990a6ef576c732bdada26760144d720af79f34aaadb9cefef6d42f50768ec4e32baa238abc689b80ddb7d6d18788dfc91d5434a2ea97632649567c454dbbbd9ff52d9feca8eba1534d9d179e99622fcd43f1a3190497bcddceaec47540e801d9084f5b3e01a8fd51988c678fafce21d96f2bcf0c962c109cb3917a481c75e8fdb2677feef2dac1deac49c2248f9326bc4f3c15a98098ae52a98d53bbff33e6406474683b1aba443cba4ea28e93d99abaccc2931e92753da07f92833285bfb8323ccc87df12025162772a858fc0dfda1db9fa5b7241809b902344522140fdd1ef8de4c254eee3ca5cc922856a81297753510ed9714b843616cdf4c464140996017954934a6a12e9e99f0541b406369fdd0df10070a1030d143ff5f89fc309d02ae61363a9dcfd887fb51bfd5982187b321f577a0ae23462b7cd08c4e96d5dbd521ab5f7848197c6515eaa6f61e8645bb81af42937bc0c2a73173e84a2a2e90bd61a10bd59f7b557fe799c99d108713b7db6e902cfa17e7d00c9072ba7751fe9a1ae98077826699274190f7fe1769e950a2e9a4acd93d49371e0b273182836092f28a0c8b8377a228afb034d9b75124cffe5b98718224402aff9a7fbacede5bc4d2383c5816273f44e50556337262dde1c0b2ecb116e0e887a3bd58a4f468838540f54e052dcb08a919b4f9cc2c9612dcfdfdd0bada6b09a1dd74c5c8468f8fa029fa98a0614fd7aa33d88521c4bdef8631f1f17bc5c8d233e7708e4bf9bb1bf272a577be1ce182d9d7026a728961a19cc1acf1d21fb6920ae3d5338bf15a86b1c7ee6dd96b2b3f8fe08fbb9e96a5312747188bccea6b1f66973b7aa9470b435e4c289f9affefec9d8258e9ea8e014e3f3654ecb6b03c6a45ec298ed106fdd546727da73cf283cff5ac8afe8a33044e8f6f5d34ae21f899febda8554cd9d342e9a37be76f3a94537e10f08510c8a57f35d10cbb9cd4fe457f139bf789e8376fb454f40f798b11f959b3c5137ab7b0fbf1b78f2806bad7300a7dfca9d8fbd1f2b90737b1dcdfc3fdd34c40dfa19e27d348780150e70eb8b13241eef0b9c06bfa1823438182657fafd446c79cae05e03a3c6d522c82c8b42adfa35c0bad7dbf401353fa6ee29ceadefaa58fc88a59f75df792185c9bd7259a840d1d247f826780997b0ed13fc15b5b5e9d0c2bdb9e88cfbcc2b5858291af8cab6f2dd6fdde2f0648bc914c316e190ab957eb57bb0db109143e5c2fa9aa2fc1309ce1e1e51a2c04fda06c8f898589c46697abff27f28db1f73ce91e555f39af4cc539d8945f0ed9703bcfd57cc89e5eafe9649f74d31f8ec498e50e632ffd3c85f1f93aaf3f5862e0d6dde25b172a7d2c18dd390811fcef4a23e420099072e206e925808acbb54b15db3706ab6d54ff729b74fac041e42194a2abe38b1a28fa1cde73716224feb9c6d2858cd35fb1e060e276c8a70ae43af874bcb503a6a6a9ae6fc5826a8d60a50d74a9aa42a908f90fe5fa8f7d105aa100c63fab85c3847282b7fe34bdf3dc7c9dede11d8a67dfceb33907ea511594437d974bc8acabcafd38d363d4726a2d29f9b65b56e7d16959c083f44f9abaceb63839ae0c11fa404cf12ae537507629a47cb9b51a4b8b2d09983207536b47bcc8c6a9913fae401894a73bca37f081783f79e6a9c389809ec98fdc80d76e3a90352188c79bc0e7e704f5ea630de680167edaec377f0e531b9abedddae4c9b18e979935c3949397826f6955a7ae3f06e74262c8ca20138c60678f90e8afb38e1a45bb730fe528a30652bc1bf1c1d49484cec40f8a1a1e206da70b0c64843a07a3348bd38e2160d2a430f4fbdaffb0df79998eed83354015a0ff5c73823f391b89515c9d9daf6519da12760c8ed38b4e0213a838781c8b48c158bec3979fd2e4c725f49e3dc92c4218120fa229c0aabc0fad67c118ce2e2b5a9f43006f11da53a569964be2dd1e9cfc49fc1d8fa2cc5afbe20932a890a9fcd93af280f3709047d32036951651f17025b116b65686d6d2c75643d47ad1000a9b7731b467a5d5795135012e6c2b54390d4a38bdb37db69e40d9f2b2d4f90ad9f1a15ce1411f1b98892bbc361be12a3e144b37a0bec0fff5b58b3805c44d191c5ce9061554cea0ccb7de7f4ce620"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_sample={0xb0, 0x7, 0x0, 0x0, {{0xb}, {0x74, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x3}, @TCA_SAMPLE_RATE={0x8, 0x3, 0xa9}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x2, 0x804, 0x4, 0x4, 0x6}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x1}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x1}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xfffffffd}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x69fe}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xfffff41e}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x9d58, 0x9, 0x7462fab2ac71008e, 0xffffffff, 0x5}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x6}]}, {0x14, 0x6, "02a24aec5c8453fdbe92cece2d0c4e38"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x3dbf}, @TCA_RATE={0x6, 0x5, {0x40, 0x1}}, @TCA_RATE={0x6, 0x5, {0xad, 0x81}}]}, 0x1644}, 0x1, 0x0, 0x0, 0x8001}, 0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
chdir(0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/cpuinfo\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x1, 0x8a, 0xe7c9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8}, 0x48)
ppoll(&(0x7f00000000c0)=[{r7}], 0x1, 0x0, 0x0, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r10 = socket$inet(0x2, 0x80001, 0x84)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c)
getsockopt$inet_sctp_SCTP_MAX_BURST(r10, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r11=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r9, 0x84, 0x84, &(0x7f0000000480)={r11, @in={{0x2, 0x0, @empty}}}, 0x90)

2.182294938s ago: executing program 3 (id=1532):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @ib_path={0x0, r1, 0x1, 0x2}}, 0x20)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0xe)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
gettid()
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x14, r4, 0x1}, 0x14}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/14, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat(0xffffffffffffff9c, 0x0, 0x442, 0x0)
r8 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r9=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000500)='rfdno'}, 0x30)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9}, 0x90)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a30"], 0x104}}, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000001400b5e500000000000000000a000000", @ANYRES32, @ANYBLOB="14000200ff"], 0x40}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r3)
socket$inet6(0xa, 0x3, 0xff)
r11 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r11, 0x4b3b, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x0, 0x0})

2.091194345s ago: executing program 1 (id=1533):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
close(r2)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000180)={'erspan0\x00', &(0x7f0000000280)={'sit0\x00', 0x0, 0x80, 0x7800, 0xa9, 0x1ff, {{0xf, 0x4, 0x0, 0x5, 0x3c, 0x64, 0xfffe, 0x3, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x22}, @dev={0xac, 0x14, 0x14, 0x32}, {[@rr={0x7, 0x7, 0xa5, [@private=0xa010100]}, @noop, @timestamp={0x44, 0x8, 0x52, 0x0, 0x7, [0x3]}, @timestamp_prespec={0x44, 0x14, 0x74, 0x3, 0x4, [{@empty, 0x5}, {@broadcast, 0x136}]}, @noop]}}}}})
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'netdevsim0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="92482214e459a262d3bf1c7170ace2a003b88b009d569d546d5847dbb89ce9cde455426cf6b276ca4d3da38ae88ada85688ba825b32cdb065dfe23b03829290cd229dda6effc924ace1e73ed1acf842b250b31ec92aad4d65bce4dc5ad630891755f742dc363b444c479e780f3323079ac973bbc340e3da3", @ANYBLOB="1544010001800000240012800b0001006d616373656300001400028005000c0001000000080005000400000008000500", @ANYRES64=r5], 0x54}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000280)={'batadv0\x00', <r8=>0x0})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r8}}, 0x24}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010003b1500"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012800a000100767863616e000000180002801400010000000000", @ANYRES32=r7], 0x48}}, 0x0)

1.939187496s ago: executing program 1 (id=1534):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @ib_path={0x0, r1, 0x1, 0x2}}, 0x20)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
r5 = gettid()
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r5}}]}, 0x3c}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/14, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat(0xffffffffffffff9c, 0x0, 0x442, 0x0)
r9 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r10=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000500)='rfdno'}, 0x30)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r10}, 0x90)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a30"], 0x104}}, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000001400b5e500000000000000000a000000", @ANYRES32, @ANYBLOB="14000200ff"], 0x40}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r3)
socket$inet6(0xa, 0x3, 0xff)
syz_open_dev$tty1(0xc, 0x4, 0x1)

1.938629256s ago: executing program 3 (id=1535):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x5, &(0x7f0000000000)=@framed={{}, [@alu={0x7, 0x0, 0x8}, @jmp={0x6, 0x0, 0x7}]}, &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000004000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r3}, 0x10)
r4 = eventfd(0x0)
writev(r4, &(0x7f0000000a40)=[{&(0x7f00000004c0)="df015be2a1043cce", 0x8}], 0x1)
perf_event_open(&(0x7f00000003c0)={0xa, 0x80, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000340)}, 0x40, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000080000000000000a38000000090a000000000000000000000000000008000a40000000000900020073797a310000000008000540000000000800084000000001"], 0x60}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
writev(r4, &(0x7f00000007c0)=[{&(0x7f0000000100)="d544991bfd088548", 0x8}], 0x1)
gettid()
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000780)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
close(r4)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40042, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}}, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x30, 0x0, 0x0, 0xfffbf038}, {0x6}]}, 0x10)
r6 = fcntl$dupfd(r1, 0x0, r2)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r7=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000100)={r7, 0x0, 0x0}, 0x20)

1.562933794s ago: executing program 2 (id=1541):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x6e, &(0x7f0000000080)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000086dd6002adf700383a00fe880000000200000000000000000001ff020000000000000000000000000001"], 0x0)

1.508682208s ago: executing program 1 (id=1542):
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000000)={0x0, 0xfff})

1.508358648s ago: executing program 1 (id=1543):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x90)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRESHEX=0x0])
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x3c, r3, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}]}, 0x3c}}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000040)=0x1c)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000080), 0x4)
clock_gettime(0x0, &(0x7f00000001c0))
utimensat(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x100)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f0000000240)='./bus\x00', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)

1.48688956s ago: executing program 2 (id=1544):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
close(r2)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000180)={'erspan0\x00', &(0x7f0000000280)={'sit0\x00', 0x0, 0x80, 0x7800, 0xa9, 0x1ff, {{0xf, 0x4, 0x0, 0x5, 0x3c, 0x64, 0xfffe, 0x3, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x22}, @dev={0xac, 0x14, 0x14, 0x32}, {[@rr={0x7, 0x7, 0xa5, [@private=0xa010100]}, @noop, @timestamp={0x44, 0x8, 0x52, 0x0, 0x7, [0x3]}, @timestamp_prespec={0x44, 0x14, 0x74, 0x3, 0x4, [{@empty, 0x5}, {@broadcast, 0x136}]}, @noop]}}}}})
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'netdevsim0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="92482214e459a262d3bf1c7170ace2a003b88b009d569d546d5847dbb89ce9cde455426cf6b276ca4d3da38ae88ada85688ba825b32cdb065dfe23b03829290cd229dda6effc924ace1e73ed1acf842b250b31ec92aad4d65bce4dc5ad630891755f742dc363b444c479e780f3323079ac973bbc340e3da3", @ANYBLOB="1544010001800000240012800b0001006d616373656300001400028005000c0001000000080005000400000008000500", @ANYRES64=r5], 0x54}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000280)={'batadv0\x00', <r8=>0x0})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r8}}, 0x24}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010003b1500"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012800a000100767863616e000000180002801400010000000000", @ANYRES32=r7], 0x48}}, 0x0)

1.280637195s ago: executing program 4 (id=1547):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @ib_path={0x0, r1, 0x1, 0x2}}, 0x20)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
r5 = gettid()
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r5}}]}, 0x3c}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/14, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat(0xffffffffffffff9c, 0x0, 0x442, 0x0)
r9 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r10=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000500)='rfdno'}, 0x30)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r10}, 0x90)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a30"], 0x104}}, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
r12 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r13=>0x0})
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000001400b5e500000000000000000a000000", @ANYRES32=r13, @ANYBLOB="14000200ff"], 0x40}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r3)
socket$inet6(0xa, 0x3, 0xff)
syz_open_dev$tty1(0xc, 0x4, 0x1)

1.194839821s ago: executing program 0 (id=1549):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xa, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20) (fail_nth: 1)

969.258608ms ago: executing program 0 (id=1550):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bind$802154_raw(0xffffffffffffffff, 0x0, 0x0)
dup(0xffffffffffffffff)
r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cd0aa7b73340cc2160a1fe3c184b751c51160fbc0cfb91c82f4a9164dda5e67a46d8e841f8a97be6148ba532e6ea09c346dfebd31a08b32808b80200000000009dd27080e71113610e10d859e8327ef03fb6c86adac12233f9a1fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d72166cb0d3a0ec4bfae563112f4b391aafe234870072858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5be5f6eb2eea0d090014b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ff010000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a30280bc586e79a5dd8076c248e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f5874c24411d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589ac5d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d54aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd8f200000017587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5f7d895de17a10b0a0ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5175d879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c56d0886eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366a9660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e959212181d4bf32ed89c96d421c8171698c49403558fd13c649f90b0911d57eeb298b590581eb00ce383b539ab80fd15445987b1bb4eb512545e1ab65fef310e10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbb1d44925ce66ea1a94e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e15a00adb976064a93e8d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeadc5cf218a6eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041814f60fbbcafa487ee96b368e8769da90b44190e569fe8b1d155d0765baaca5c5548b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751beed5f79de29a67a579150bfb31232d296b9d2977ed027ca90af7088d6466f1501d96a"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x26, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f088a81bff88caffff4000632177fbac14142ce934a0a662079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000140)=0x9, 0x8, 0x0)
rt_sigtimedwait(&(0x7f0000000300), &(0x7f0000000e80), &(0x7f0000000f00)={0x77359400}, 0x8)
mbind(&(0x7f0000403000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b9040a1d080006007c09e8fe55a10a0015400100142603600e12080006", 0x2b}], 0x1}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000002c0)={@private2={0xfc, 0x2, '\x00', 0x1}, 0x800, 0x1, 0x2, 0x8, 0x4, 0x6}, 0x20)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b904020000", 0x3}], 0x1}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x33fe0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)

610.292054ms ago: executing program 4 (id=1551):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001580)="d80000001a0081044e81f782db4cb9040a1d0800fe007c05e8fe55a115000100ff02142603600e12080005007a010401a80016002000034004000000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653fe8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e", 0xd8}], 0x1}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2d, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x90)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
r4 = socket(0xa, 0x6, 0x0)
getsockopt$inet6_mreq(r4, 0x10d, 0xa0, 0x0, &(0x7f0000000080))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000c79000/0x2000)=nil, 0x2000, 0x1000004, 0x13, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000de4000/0x3000)=nil, 0x3000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000439000/0x4000)=nil, 0x4000, 0x0, 0x852, 0xffffffffffffffff, 0x0)
write$binfmt_elf32(r1, &(0x7f0000001680)={{0x7f, 0x45, 0x4c, 0x46, 0x1, 0x5, 0x2, 0x6, 0x0, 0x3, 0x3, 0x3, 0x7fffffff, 0x38, 0x33, 0x3, 0xbe, 0x20, 0x2, 0x2, 0x4, 0x4}, [{0x4, 0x6, 0x10001, 0x0, 0x3, 0xd, 0x5}, {0x70000000, 0x3, 0x9, 0x200, 0x50000, 0x3, 0x6, 0x6df2f7b9}], "95e759bde64f23bf66f6671dd6a7", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x986)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53b, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r7 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r7, &(0x7f0000000080)={0x2, 0x0, @dev}, 0x10)
listen(r7, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
open_by_handle_at(r6, &(0x7f0000000280)=ANY=[@ANYBLOB="4b000000020000000b00000000000000e6f72fd927a619ad7f59965681b70f97ec27134583b902bf88ba3155b17840d33f342b6bccb16c05f5e7185fb592d665e83d2e06da7c21"], 0x0)
mmap(&(0x7f0000a2b000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r8 = socket$inet6(0xa, 0x1, 0x0)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x13, r8, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="300000000101010200000000000000000000000009001a40000000060c001980080008000000fecf3694000008000340"], 0x30}}, 0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r9)
sendmsg$NLBL_MGMT_C_ADDDEF(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="58010000", @ANYRES16=r10, @ANYBLOB="0100000000000000000002000000080002000500000008000700e000000208000800ac1434002c0101"], 0x158}}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff)

567.555217ms ago: executing program 1 (id=1552):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @ib_path={0x0, r1, 0x1, 0x2}}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
r4 = gettid()
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r3, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r4}}]}, 0x3c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/14, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r9=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000500)='rfdno'}, 0x30)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9}, 0x90)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a30"], 0x104}}, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r12=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000001400b5e500000000000000000a000000", @ANYRES32=r12, @ANYBLOB="14000200ff"], 0x40}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r2)
socket$inet6(0xa, 0x3, 0xff)
syz_open_dev$tty1(0xc, 0x4, 0x1)

472.591415ms ago: executing program 4 (id=1553):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @ib_path={0x0, r1, 0x1, 0x2}}, 0x20)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
r5 = gettid()
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r5}}]}, 0x3c}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/14, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat(0xffffffffffffff9c, 0x0, 0x442, 0x0)
r9 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r10=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000500)='rfdno'}, 0x30)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r10}, 0x90)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a30"], 0x104}}, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000001400b5e500000000000000000a000000", @ANYRES32, @ANYBLOB="14000200ff"], 0x40}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r3)
socket$inet6(0xa, 0x3, 0xff)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b3b, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x0, 0x0})

419.023328ms ago: executing program 3 (id=1554):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x6e, &(0x7f0000000080)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000086dd6002adf700383a00fe880000000200000000000000000001ff020000000000000000000000000001"], 0x0)

358.032643ms ago: executing program 3 (id=1555):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r0 = socket(0x0, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90324fc60100c028010000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
r2 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600))
r3 = socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x6}, 0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, 0x0, 0x0)
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r5, &(0x7f0000000000)=0x3, 0x12)
r6 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600)={'team0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r7, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4], [0x0, 0x8]}}]}}]}, 0x8c}}, 0x0)

261.94981ms ago: executing program 3 (id=1556):
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x11}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000440), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r1, &(0x7f0000000000), &(0x7f0000000480)=""/125}, 0x17)
fcntl$setlease(r0, 0x400, 0x1)
fremovexattr(r0, &(0x7f0000000040)=@known='system.posix_acl_default\x00')

184.774726ms ago: executing program 3 (id=1557):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x0}, 0x90)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0])
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x3c, r3, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}]}, 0x3c}}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000040)=0x1c)
clock_gettime(0x0, &(0x7f00000001c0))
utimensat(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x100)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f0000000240)='./bus\x00', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)

111.081641ms ago: executing program 0 (id=1558):
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0xfffffffe}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000440)=@name={0x1e, 0x2, 0x0, {{0x42, 0x4}}}, 0x10)
r3 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x300048c1)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)
r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
io_submit(0x0, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x4000000}])
write$cgroup_subtree(r4, &(0x7f0000000000)={[{0x2b, 'rdma'}, {0x0, 'net'}, {0x2b, 'rdma'}, {0x2b, 'blkio'}, {0x2d, 'io'}, {0x2b, 'net_prio'}]}, 0x26)
close_range(r0, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000100)={'dvmrp0\x00', 0x96f})

62.222895ms ago: executing program 0 (id=1559):
creat(&(0x7f0000000240)='./bus\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
sendfile(r1, r0, 0x0, 0x7ffff000)

567.05µs ago: executing program 0 (id=1560):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @remote}]}, &(0x7f0000000440)=0x10)

0s ago: executing program 0 (id=1561):
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x2, 0x2, 0x8f94}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000200)={0x0, 0x0, 0x207, 0x0, 0x0, 0xfcb, 0x7}, 0x20)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000700)="af", 0xffe0}], 0x1}}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000f40)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720bf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b5318f0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d219206ddc35099101533cff5aee6c4783e00e6dd391f664052a6c66c62f62a49fde8fbe336543bf99b55e53b801e54c030a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214217b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d37827bab1a32c9d788e9f74ee57012ca5bfd0dc090b59077b7ef4a205fbd349fc372bbd7429983a69cae26ff8b5b019144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f93076aea55ed9cf12512ce3ac3df331695024bd1e53369a87caf6894fce811a64dad315402678de76789ae79ccec252203bda7798de237bbe019d70a7a2d8176638fd53465acdd321f5a500", 0x3b5}], 0x1}}], 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="2e0000000000000000000000000000002f110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff})
close(r2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
io_setup(0x3fe, &(0x7f0000000100)=<r5=>0x0)
io_getevents(r5, 0x1, 0x800000000000116, &(0x7f0000004600), 0x0)
io_submit(r5, 0x1, &(0x7f0000000000)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r4, 0x0}])
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffef3, 0x0, 0x0, 0x0}, 0x90)
close(r2)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x59, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r6, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r6}, 0x0, 0x0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r6, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000002000000070000000000000d00000000000000000000000105000000200000000000"], 0x0, 0x36}, 0x20)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1200)

kernel console output (not intermixed with test programs):

a_blocks=1
[  272.060838][ T3365] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  272.131157][ T5888] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.174704][ T8000] loop2: detected capacity change from 0 to 128
[  272.206538][ T8006] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.213688][ T8004] loop3: detected capacity change from 0 to 2048
[  272.237171][ T8004] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  272.276966][ T6590] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.287450][ T8006] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.288546][ T8011] loop2: detected capacity change from 0 to 512
[  272.334777][   T29] audit: type=1400 audit(1725229374.267:2118): avc:  denied  { write } for  pid=8014 comm="syz.3.1223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  272.356413][ T8011] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.369115][ T8011] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  272.382604][ T8011] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.1222: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  272.382760][ T8006] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.413910][ T8011] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  272.422886][ T8009] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1221'.
[  272.433891][ T8011] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.1222: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  272.451108][ T8011] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  272.462271][ T8011] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1222: bg 0: block 18: invalid block bitmap
[  272.463648][ T8019] netlink: 'syz.3.1224': attribute type 10 has an invalid length.
[  272.488258][ T8006] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.498734][ T8011] Quota error (device loop2): write_blk: dquota write failed
[  272.510078][ T8011] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  272.520723][ T8011] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.1222: Failed to acquire dquot type 1
[  272.557739][ T7693] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.572327][ T8006] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  272.597150][ T8006] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  272.611598][ T8006] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  272.625437][ T8006] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  272.686583][ T8025] netlink: 'syz.2.1225': attribute type 10 has an invalid length.
[  272.701250][   T29] audit: type=1326 audit(1725229374.637:2119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.1.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  272.724931][   T29] audit: type=1326 audit(1725229374.637:2120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.1.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  272.748580][   T29] audit: type=1326 audit(1725229374.637:2121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.1.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  272.772267][   T29] audit: type=1326 audit(1725229374.637:2122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.1.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  272.796238][   T29] audit: type=1326 audit(1725229374.637:2123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.1.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  272.819720][   T29] audit: type=1326 audit(1725229374.637:2124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8027 comm="syz.1.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  272.862711][ T8025] syz_tun: entered promiscuous mode
[  272.887622][ T8025] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  272.908117][ T8042] loop1: detected capacity change from 0 to 512
[  272.923896][ T8042] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  272.939628][ T8041] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.961908][ T8042] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  272.975828][ T8042] System zones: 1-12
[  272.979993][ T8042] EXT4-fs (loop1): orphan cleanup on readonly fs
[  272.980590][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.986594][ T8042] EXT4-fs error (device loop1): ext4_read_inode_bitmap:168: comm syz.1.1229: Inode bitmap for bg 0 marked uninitialized
[  273.009189][ T8042] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  273.036918][ T8041] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.058912][ T8043] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1230'.
[  273.093533][ T8053] loop4: detected capacity change from 0 to 128
[  273.097014][ T8042] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1229'.
[  273.132055][ T8055] loop2: detected capacity change from 0 to 2048
[  273.140999][ T8041] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.157731][ T8042] hub 9-0:1.0: USB hub found
[  273.162535][ T8042] hub 9-0:1.0: 8 ports detected
[  273.169816][ T8055] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.217047][ T8053] bio_check_eod: 68 callbacks suppressed
[  273.217066][ T8053] syz.4.1232: attempt to access beyond end of device
[  273.217066][ T8053] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  273.255611][ T8052] syz.4.1232: attempt to access beyond end of device
[  273.255611][ T8052] loop4: rw=524288, sector=145, nr_sectors = 224 limit=128
[  273.269782][ T8052] syz.4.1232: attempt to access beyond end of device
[  273.269782][ T8052] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  273.270278][ T7693] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.286191][ T8052] syz.4.1232: attempt to access beyond end of device
[  273.286191][ T8052] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  273.294368][ T8041] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.305310][ T8052] syz.4.1232: attempt to access beyond end of device
[  273.305310][ T8052] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  273.328445][ T8052] syz.4.1232: attempt to access beyond end of device
[  273.328445][ T8052] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  273.341810][ T8052] syz.4.1232: attempt to access beyond end of device
[  273.341810][ T8052] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  273.374036][ T8052] syz.4.1232: attempt to access beyond end of device
[  273.374036][ T8052] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  273.389114][ T8059] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.395350][ T8052] syz.4.1232: attempt to access beyond end of device
[  273.395350][ T8052] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  273.413046][ T8052] syz.4.1232: attempt to access beyond end of device
[  273.413046][ T8052] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  273.439764][ T8060] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1234'.
[  273.474198][ T8041] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  273.488584][ T8041] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  273.502349][ T8041] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  273.520233][ T8041] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  273.565762][ T8064] netlink: 'syz.4.1236': attribute type 10 has an invalid length.
[  273.574093][ T8064] syz_tun: entered promiscuous mode
[  273.610897][ T8068] loop3: detected capacity change from 0 to 128
[  273.619540][ T8068] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  273.620053][ T8064] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  273.637210][ T8068] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  273.667046][ T8068] x_tables: duplicate underflow at hook 2
[  273.694050][   T50] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  273.705937][ T5888] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.893977][ T8086] loop1: detected capacity change from 0 to 1024
[  273.909114][ T8086] EXT4-fs (loop1): blocks per group (131072) and clusters per group (8192) inconsistent
[  273.937857][ T8086] loop1: detected capacity change from 0 to 512
[  273.954806][ T8090] loop4: detected capacity change from 0 to 2048
[  274.035341][ T8090] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.070978][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.108430][ T8098] loop1: detected capacity change from 0 to 1024
[  274.111762][ T8101] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1247'.
[  274.127067][ T8098] EXT4-fs (loop1): blocks per group (131072) and clusters per group (8192) inconsistent
[  274.150322][ T8098] loop1: detected capacity change from 0 to 512
[  274.201843][ T8105] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1247'.
[  274.272367][ T8114] loop1: detected capacity change from 0 to 512
[  274.297298][ T8114] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  274.310270][ T8114] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  274.322731][ T8114] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #15: comm syz.1.1250: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  274.324356][ T8117] loop4: detected capacity change from 0 to 512
[  274.341369][ T8114] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  274.346288][ T8117] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  274.364784][ T8117] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  274.365435][ T8114] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #15: comm syz.1.1250: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  274.373156][ T8117] System zones: 1-12
[  274.393561][ T8117] EXT4-fs (loop4): orphan cleanup on readonly fs
[  274.394347][ T8114] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  274.400124][ T8117] EXT4-fs error (device loop4): ext4_read_inode_bitmap:168: comm syz.4.1249: Inode bitmap for bg 0 marked uninitialized
[  274.411628][ T8114] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1250: bg 0: block 18: invalid block bitmap
[  274.422340][ T8117] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  274.436020][ T8114] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.1250: Failed to acquire dquot type 1
[  274.459373][ T8117] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1249'.
[  274.469374][ T8117] hub 9-0:1.0: USB hub found
[  274.474087][ T8117] hub 9-0:1.0: 8 ports detected
[  274.511226][ T5888] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.744329][ T8132] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.788894][ T8132] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.839876][ T8132] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.879114][ T8139] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1256'.
[  274.897868][ T8132] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.910671][ T8146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1261'.
[  274.919703][ T8146] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1261'.
[  275.097984][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.111028][ T8154] loop3: detected capacity change from 0 to 8192
[  275.183960][ T8154] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1264'.
[  275.198340][ T8164] loop4: detected capacity change from 0 to 2048
[  275.238002][ T8164] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.288880][ T8169] loop3: detected capacity change from 0 to 2048
[  275.297186][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.319034][ T8169] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.428130][ T8178] loop4: detected capacity change from 0 to 512
[  275.459679][ T8178] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  275.471444][ T8169] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1270'.
[  275.476575][ T8178] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  275.490835][ T8178] System zones: 1-12
[  275.515887][ T8178] EXT4-fs (loop4): orphan cleanup on readonly fs
[  275.531824][ T8178] EXT4-fs error (device loop4): ext4_read_inode_bitmap:168: comm syz.4.1272: Inode bitmap for bg 0 marked uninitialized
[  275.547436][   T11] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  275.577634][ T8178] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  275.591339][   T11] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  275.603668][   T11] EXT4-fs (loop3): This should not happen!! Data will be lost
[  275.603668][   T11] 
[  275.613438][   T11] EXT4-fs (loop3): Total free blocks count 0
[  275.619491][   T11] EXT4-fs (loop3): Free/Dirty block details
[  275.625435][   T11] EXT4-fs (loop3): free_blocks=2415919104
[  275.631231][   T11] EXT4-fs (loop3): dirty_blocks=16
[  275.636354][   T11] EXT4-fs (loop3): Block reservation details
[  275.642352][   T11] EXT4-fs (loop3): i_reserved_data_blocks=1
[  275.659681][ T8178] hub 9-0:1.0: USB hub found
[  275.665336][ T8178] hub 9-0:1.0: 8 ports detected
[  275.680287][   T11] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  275.939280][ T8190] loop3: detected capacity change from 0 to 512
[  275.959586][ T8190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  275.974871][ T8190] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  275.989583][ T8190] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.1276: corrupted inode contents
[  276.002355][ T8190] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #2: comm syz.3.1276: mark_inode_dirty error
[  276.017550][ T8190] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.1276: corrupted inode contents
[  276.212127][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.252050][ T8204] loop4: detected capacity change from 0 to 2048
[  276.260887][ T6590] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.271815][ T8204] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.323017][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.390854][ T8223] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.417315][ T8224] loop4: detected capacity change from 0 to 512
[  276.424280][ T8224] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  276.434589][ T8224] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  276.442648][ T8224] System zones: 1-12
[  276.444567][ T8223] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.447722][ T8224] EXT4-fs (loop4): orphan cleanup on readonly fs
[  276.462964][ T8224] EXT4-fs error (device loop4): ext4_read_inode_bitmap:168: comm syz.4.1285: Inode bitmap for bg 0 marked uninitialized
[  276.478863][ T8224] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  276.503311][ T8224] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1285'.
[  276.513065][ T8224] hub 9-0:1.0: USB hub found
[  276.518175][ T8224] hub 9-0:1.0: 8 ports detected
[  276.537653][ T8223] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.599951][ T8223] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.774154][ T8059] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.835254][ T8059] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.900479][ T8059] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.969562][ T8230] netlink: 'syz.0.1289': attribute type 2 has an invalid length.
[  276.989487][ T8059] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  277.002396][ T8059] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  277.015134][ T8059] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  277.029260][ T8059] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  277.073812][   T29] kauditd_printk_skb: 287 callbacks suppressed
[  277.073838][   T29] audit: type=1326 audit(1725229379.007:2410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad79eb9 code=0x7ffc0000
[  277.108569][   T29] audit: type=1326 audit(1725229379.047:2411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7ff64ad79eb9 code=0x7ffc0000
[  277.132829][   T29] audit: type=1326 audit(1725229379.047:2412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad79eb9 code=0x7ffc0000
[  277.157543][   T29] audit: type=1326 audit(1725229379.047:2413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff64ad79eb9 code=0x7ffc0000
[  277.181554][   T29] audit: type=1326 audit(1725229379.047:2414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad79eb9 code=0x7ffc0000
[  277.205124][   T29] audit: type=1326 audit(1725229379.047:2415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7ff64ad79eb9 code=0x7ffc0000
[  277.228485][   T29] audit: type=1326 audit(1725229379.047:2416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad79eb9 code=0x7ffc0000
[  277.228741][ T8240] loop2: detected capacity change from 0 to 1024
[  277.252030][   T29] audit: type=1326 audit(1725229379.047:2417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff64ad79eb9 code=0x7ffc0000
[  277.260755][ T8240] EXT4-fs (loop2): blocks per group (131072) and clusters per group (8192) inconsistent
[  277.281749][   T29] audit: type=1326 audit(1725229379.047:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad79eb9 code=0x7ffc0000
[  277.315405][   T29] audit: type=1326 audit(1725229379.047:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8235 comm="syz.2.1291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7ff64ad79eb9 code=0x7ffc0000
[  277.353071][ T8236] loop2: detected capacity change from 0 to 512
[  277.382530][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.395478][ T8242] No control pipe specified
[  277.478556][ T8248] loop4: detected capacity change from 0 to 2048
[  277.529433][ T8248] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.590695][ T8258] loop2: detected capacity change from 0 to 2048
[  277.609165][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.656394][ T8258] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.759791][ T8264] netlink: 'syz.4.1300': attribute type 2 has an invalid length.
[  277.852723][ T8269] loop4: detected capacity change from 0 to 512
[  277.892927][ T8269] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  277.915348][ T8269] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  277.942087][   T11] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  277.960109][ T8269] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #15: comm syz.4.1301: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  277.977686][   T11] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  277.990081][   T11] EXT4-fs (loop2): This should not happen!! Data will be lost
[  277.990081][   T11] 
[  277.999792][   T11] EXT4-fs (loop2): Total free blocks count 0
[  278.000230][ T8269] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  278.005822][   T11] EXT4-fs (loop2): Free/Dirty block details
[  278.020791][   T11] EXT4-fs (loop2): free_blocks=2415919104
[  278.026656][   T11] EXT4-fs (loop2): dirty_blocks=16
[  278.031809][ T8269] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #15: comm syz.4.1301: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  278.033121][ T8269] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  278.048302][   T11] EXT4-fs (loop2): Block reservation details
[  278.048320][   T11] EXT4-fs (loop2): i_reserved_data_blocks=1
[  278.070412][   T50] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  278.087485][ T8269] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1301: bg 0: block 18: invalid block bitmap
[  278.107450][ T8269] EXT4-fs error (device loop4): ext4_acquire_dquot:6848: comm syz.4.1301: Failed to acquire dquot type 1
[  278.237552][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.311624][ T8276] loop2: detected capacity change from 0 to 1024
[  278.330061][ T8279] loop4: detected capacity change from 0 to 128
[  278.330131][ T8132] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  278.345689][ T8276] EXT4-fs (loop2): blocks per group (131072) and clusters per group (8192) inconsistent
[  278.353421][ T8132] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  278.375855][ T8132] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  278.389745][ T8132] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  278.442027][ T8281] loop4: detected capacity change from 0 to 128
[  278.490354][ T8285] __nla_validate_parse: 6 callbacks suppressed
[  278.490371][ T8285] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1307'.
[  278.504344][ T8281] bio_check_eod: 16 callbacks suppressed
[  278.504364][ T8281] syz.4.1305: attempt to access beyond end of device
[  278.504364][ T8281] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  278.583279][ T8285] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1307'.
[  278.603965][ T8280] syz.4.1305: attempt to access beyond end of device
[  278.603965][ T8280] loop4: rw=524288, sector=145, nr_sectors = 224 limit=128
[  278.621696][ T8292] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7 sclass=netlink_route_socket pid=8292 comm=syz.1.1309
[  278.622974][ T8280] syz.4.1305: attempt to access beyond end of device
[  278.622974][ T8280] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  278.647645][ T8280] syz.4.1305: attempt to access beyond end of device
[  278.647645][ T8280] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  278.674556][ T8294] loop2: detected capacity change from 0 to 128
[  278.691686][ T8280] syz.4.1305: attempt to access beyond end of device
[  278.691686][ T8280] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  278.724196][ T8296] netlink: 'syz.1.1311': attribute type 2 has an invalid length.
[  278.725274][ T8280] syz.4.1305: attempt to access beyond end of device
[  278.725274][ T8280] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  278.732054][ T8296] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1311'.
[  278.748741][ T8294] syz.2.1310: attempt to access beyond end of device
[  278.748741][ T8294] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[  278.769166][ T8280] syz.4.1305: attempt to access beyond end of device
[  278.769166][ T8280] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  278.792952][ T8293] syz.2.1310: attempt to access beyond end of device
[  278.792952][ T8293] loop2: rw=524288, sector=145, nr_sectors = 224 limit=128
[  278.807039][ T8280] syz.4.1305: attempt to access beyond end of device
[  278.807039][ T8280] loop4: rw=0, sector=209, nr_sectors = 8 limit=128
[  278.851423][ T8296] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1311'.
[  278.876615][ T8305] syz.2.1314[8305] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  278.876780][ T8305] syz.2.1314[8305] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  278.909619][ T8307] syz.4.1315[8307] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  278.909757][ T8305] loop2: detected capacity change from 0 to 128
[  278.983618][ T8307] syz.4.1315[8307] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  278.993696][ T8303] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1313'.
[  279.076727][ T8315] loop1: detected capacity change from 0 to 512
[  279.079816][ T8313] loop4: detected capacity change from 0 to 1024
[  279.091136][ T8313] EXT4-fs (loop4): blocks per group (131072) and clusters per group (8192) inconsistent
[  279.109009][ T8315] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  279.133841][ T8315] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  279.149906][ T8315] System zones: 1-12
[  279.154008][ T8315] EXT4-fs (loop1): orphan cleanup on readonly fs
[  279.164231][ T8315] EXT4-fs error (device loop1): ext4_read_inode_bitmap:168: comm syz.1.1316: Inode bitmap for bg 0 marked uninitialized
[  279.266371][ T8324] loop4: detected capacity change from 0 to 128
[  279.274209][ T8315] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  279.385794][ T8325] hub 9-0:1.0: USB hub found
[  279.392563][ T8325] hub 9-0:1.0: 8 ports detected
[  280.127824][ T5888] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.164069][ T8327] FAULT_INJECTION: forcing a failure.
[  280.164069][ T8327] name failslab, interval 1, probability 0, space 0, times 0
[  280.176779][ T8327] CPU: 0 UID: 0 PID: 8327 Comm: syz.1.1320 Not tainted 6.11.0-rc6-syzkaller #0
[  280.185735][ T8327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  280.195808][ T8327] Call Trace:
[  280.199089][ T8327]  <TASK>
[  280.202047][ T8327]  dump_stack_lvl+0xf2/0x150
[  280.206649][ T8327]  dump_stack+0x15/0x20
[  280.210910][ T8327]  should_fail_ex+0x229/0x230
[  280.215601][ T8327]  ? skb_clone+0x154/0x1f0
[  280.220097][ T8327]  should_failslab+0x8f/0xb0
[  280.224765][ T8327]  kmem_cache_alloc_noprof+0x4c/0x290
[  280.230227][ T8327]  skb_clone+0x154/0x1f0
[  280.234500][ T8327]  __netlink_deliver_tap+0x2bd/0x4c0
[  280.239866][ T8327]  netlink_unicast+0x64a/0x670
[  280.244668][ T8327]  netlink_sendmsg+0x5cc/0x6e0
[  280.249531][ T8327]  ? __pfx_netlink_sendmsg+0x10/0x10
[  280.254933][ T8327]  __sock_sendmsg+0x140/0x180
[  280.259716][ T8327]  ____sys_sendmsg+0x312/0x410
[  280.264576][ T8327]  __sys_sendmsg+0x1e9/0x280
[  280.269425][ T8327]  __x64_sys_sendmsg+0x46/0x50
[  280.274279][ T8327]  x64_sys_call+0x2689/0x2d60
[  280.278978][ T8327]  do_syscall_64+0xc9/0x1c0
[  280.283489][ T8327]  ? clear_bhb_loop+0x55/0xb0
[  280.288239][ T8327]  ? clear_bhb_loop+0x55/0xb0
[  280.293045][ T8327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.299011][ T8327] RIP: 0033:0x7f2a2e319eb9
[  280.303427][ T8327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.323099][ T8327] RSP: 002b:00007f2a2cf97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  280.331523][ T8327] RAX: ffffffffffffffda RBX: 00007f2a2e4b5f80 RCX: 00007f2a2e319eb9
[  280.339562][ T8327] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  280.347635][ T8327] RBP: 00007f2a2cf97090 R08: 0000000000000000 R09: 0000000000000000
[  280.355608][ T8327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.363579][ T8327] R13: 0000000000000000 R14: 00007f2a2e4b5f80 R15: 00007ffdb44d17b8
[  280.371561][ T8327]  </TASK>
[  280.375196][ T8327] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  280.382526][ T8327] IPv6: NLM_F_CREATE should be set when creating new route
[  280.456462][ T8332] loop2: detected capacity change from 0 to 512
[  280.472036][ T8335] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.472930][ T8332] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  280.483364][ T8337] loop4: detected capacity change from 0 to 512
[  280.495303][ T8338] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1323'.
[  280.510268][ T8332] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  280.526364][ T8332] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2862: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  280.541753][ T8332] EXT4-fs (loop2): 1 truncate cleaned up
[  280.546429][ T8223] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  280.548007][ T8332] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.558889][ T8223] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  280.579032][ T8335] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.591825][ T8337] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.595191][ T8332] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1322'.
[  280.605883][ T8337] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  280.628440][ T8333] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1322'.
[  280.634546][ T8337] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #15: comm syz.4.1325: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  280.640977][ T8223] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  280.657138][ T8337] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  280.669419][ T8223] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  280.690927][ T8341] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1324'.
[  280.699138][ T8337] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #15: comm syz.4.1325: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  280.718885][ T8335] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.724992][ T7693] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.732708][ T8337] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  280.751410][ T8337] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1325: bg 0: block 18: invalid block bitmap
[  280.761590][ T8351] netlink: 'syz.3.1326': attribute type 2 has an invalid length.
[  280.771680][ T8351] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1326'.
[  280.774260][ T8337] EXT4-fs error (device loop4): ext4_acquire_dquot:6848: comm syz.4.1325: Failed to acquire dquot type 1
[  280.795413][ T8355] syz.2.1327[8355] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  280.795484][ T8355] syz.2.1327[8355] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  280.809495][ T8335] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.845267][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.908909][ T8357] loop2: detected capacity change from 0 to 1024
[  280.924888][ T8357] EXT4-fs (loop2): blocks per group (131072) and clusters per group (8192) inconsistent
[  280.944814][ T8362] loop4: detected capacity change from 0 to 2048
[  280.965632][ T8357] loop2: detected capacity change from 0 to 512
[  280.992573][ T8362] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.237688][   T11] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  281.258612][   T11] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  281.270999][   T11] EXT4-fs (loop4): This should not happen!! Data will be lost
[  281.270999][   T11] 
[  281.280694][   T11] EXT4-fs (loop4): Total free blocks count 0
[  281.286793][   T11] EXT4-fs (loop4): Free/Dirty block details
[  281.292836][   T11] EXT4-fs (loop4): free_blocks=2415919104
[  281.292852][   T11] EXT4-fs (loop4): dirty_blocks=16
[  281.292865][   T11] EXT4-fs (loop4): Block reservation details
[  281.292877][   T11] EXT4-fs (loop4): i_reserved_data_blocks=1
[  281.299440][   T55] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  281.336168][ T8376] No control pipe specified
[  281.350763][ T8374] loop2: detected capacity change from 0 to 1764
[  281.368143][ T8374] isofs_fill_super: get root inode failed
[  281.403840][ T8374] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  281.411076][ T8374] IPv6: NLM_F_CREATE should be set when creating new route
[  281.453720][ T8380] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.473804][ T8361] loop3: detected capacity change from 0 to 512
[  281.489042][ T8384] loop2: detected capacity change from 0 to 512
[  281.496806][ T8361] EXT4-fs: Ignoring removed i_version option
[  281.504957][ T8361] EXT4-fs: Ignoring removed nobh option
[  281.517843][ T8361] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  281.538959][ T8384] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.558757][ T8361] EXT4-fs (loop3): 1 truncate cleaned up
[  281.560766][ T8380] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.575851][ T8361] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.596652][ T8384] FAULT_INJECTION: forcing a failure.
[  281.596652][ T8384] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.609815][ T8384] CPU: 0 UID: 0 PID: 8384 Comm: syz.2.1338 Not tainted 6.11.0-rc6-syzkaller #0
[  281.618851][ T8384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  281.628930][ T8384] Call Trace:
[  281.632220][ T8384]  <TASK>
[  281.635178][ T8384]  dump_stack_lvl+0xf2/0x150
[  281.639832][ T8384]  dump_stack+0x15/0x20
[  281.643998][ T8384]  should_fail_ex+0x229/0x230
[  281.648702][ T8384]  should_fail+0xb/0x10
[  281.652953][ T8384]  should_fail_usercopy+0x1a/0x20
[  281.657995][ T8384]  _copy_from_user+0x1e/0xd0
[  281.662696][ T8384]  lo_ioctl+0x569/0x11d0
[  281.667012][ T8384]  ? __rcu_read_unlock+0x4e/0x70
[  281.672065][ T8384]  ? avc_has_extended_perms+0x60b/0x820
[  281.677676][ T8384]  ? ioctl_has_perm+0x28b/0x2e0
[  281.682665][ T8384]  ? __pfx_lo_ioctl+0x10/0x10
[  281.687370][ T8384]  blkdev_ioctl+0x35f/0x450
[  281.691898][ T8384]  ? __pfx_blkdev_ioctl+0x10/0x10
[  281.696982][ T8384]  __se_sys_ioctl+0xd3/0x150
[  281.701671][ T8384]  __x64_sys_ioctl+0x43/0x50
[  281.706284][ T8384]  x64_sys_call+0x15cc/0x2d60
[  281.710996][ T8384]  do_syscall_64+0xc9/0x1c0
[  281.715581][ T8384]  ? clear_bhb_loop+0x55/0xb0
[  281.720303][ T8384]  ? clear_bhb_loop+0x55/0xb0
[  281.725009][ T8384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.731013][ T8384] RIP: 0033:0x7ff64ad79eb9
[  281.735458][ T8384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.755099][ T8384] RSP: 002b:00007ff6499f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  281.763601][ T8384] RAX: ffffffffffffffda RBX: 00007ff64af15f80 RCX: 00007ff64ad79eb9
[  281.771640][ T8384] RDX: 0000000020000140 RSI: 0000000000004c02 RDI: 0000000000000005
[  281.779676][ T8384] RBP: 00007ff6499f7090 R08: 0000000000000000 R09: 0000000000000000
[  281.787691][ T8384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  281.795776][ T8384] R13: 0000000000000000 R14: 00007ff64af15f80 R15: 00007ffc8347da58
[  281.803871][ T8384]  </TASK>
[  281.849096][ T8380] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.864073][ T7693] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 1280 (level 0)
[  281.881790][ T7693] EXT4-fs error (device loop2): ext4_lookup:1811: inode #14: comm syz-executor: unexpected EA_INODE flag
[  281.910461][ T7693] EXT4-fs error (device loop2): ext4_lookup:1811: inode #14: comm syz-executor: unexpected EA_INODE flag
[  281.923313][ T8380] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.947407][ T6590] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.978221][ T7693] bond0: (slave syz_tun): Releasing backup interface
[  282.009167][ T8380] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  282.039381][ T8380] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  282.052450][ T8389] netlink: 'syz.3.1340': attribute type 2 has an invalid length.
[  282.068614][ T8380] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  282.091334][ T8380] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  282.155847][   T29] kauditd_printk_skb: 330 callbacks suppressed
[  282.155866][   T29] audit: type=1326 audit(1725229384.160:2746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8392 comm="syz.3.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc86d259eb9 code=0x7ffc0000
[  282.192298][   T29] audit: type=1326 audit(1725229384.160:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8392 comm="syz.3.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc86d259eb9 code=0x7ffc0000
[  282.215792][   T29] audit: type=1326 audit(1725229384.160:2748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8392 comm="syz.3.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fc86d259eb9 code=0x7ffc0000
[  282.239228][   T29] audit: type=1326 audit(1725229384.160:2749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8392 comm="syz.3.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc86d259eb9 code=0x7ffc0000
[  282.262965][   T29] audit: type=1326 audit(1725229384.160:2750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8392 comm="syz.3.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc86d259eb9 code=0x7ffc0000
[  282.286386][   T29] audit: type=1326 audit(1725229384.160:2751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8392 comm="syz.3.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc86d259eb9 code=0x7ffc0000
[  282.288061][ T8402] No control pipe specified
[  282.309860][   T29] audit: type=1326 audit(1725229384.160:2752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8392 comm="syz.3.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fc86d259eb9 code=0x7ffc0000
[  282.323132][ T8393] loop3: detected capacity change from 0 to 1024
[  282.337850][   T29] audit: type=1326 audit(1725229384.160:2753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8392 comm="syz.3.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc86d259eb9 code=0x7ffc0000
[  282.367565][   T29] audit: type=1326 audit(1725229384.160:2754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8392 comm="syz.3.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc86d259eb9 code=0x7ffc0000
[  282.371843][ T8393] EXT4-fs (loop3): blocks per group (131072) and clusters per group (8192) inconsistent
[  282.390967][   T29] audit: type=1326 audit(1725229384.160:2755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8392 comm="syz.3.1341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc86d259eb9 code=0x7ffc0000
[  282.452866][ T8404] loop4: detected capacity change from 0 to 2048
[  282.455643][ T8393] loop3: detected capacity change from 0 to 512
[  282.494534][ T8404] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.539643][ T8408] syz.3.1346[8408] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  282.539750][ T8408] syz.3.1346[8408] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  282.716359][ T3365] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  282.743295][ T3365] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  282.755540][ T3365] EXT4-fs (loop4): This should not happen!! Data will be lost
[  282.755540][ T3365] 
[  282.765176][ T3365] EXT4-fs (loop4): Total free blocks count 0
[  282.771329][ T3365] EXT4-fs (loop4): Free/Dirty block details
[  282.777385][ T3365] EXT4-fs (loop4): free_blocks=2415919104
[  282.783110][ T3365] EXT4-fs (loop4): dirty_blocks=16
[  282.788283][ T3365] EXT4-fs (loop4): Block reservation details
[  282.794273][ T3365] EXT4-fs (loop4): i_reserved_data_blocks=1
[  282.801253][ T3365] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  282.868721][ T8416] loop4: detected capacity change from 0 to 512
[  282.870060][ T8417] loop3: detected capacity change from 0 to 512
[  282.883752][ T8416] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  282.910777][ T8416] netlink: 'syz.4.1349': attribute type 1 has an invalid length.
[  282.921634][ T8417] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  282.927211][ T8416] bond1: entered promiscuous mode
[  282.949912][ T8417] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  282.979518][ T8417] System zones: 1-12
[  282.985706][ T8417] EXT4-fs (loop3): orphan cleanup on readonly fs
[  282.998983][ T8417] EXT4-fs error (device loop3): ext4_read_inode_bitmap:168: comm syz.3.1348: Inode bitmap for bg 0 marked uninitialized
[  283.037672][ T8417] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  283.070667][ T8424] netlink: 'syz.4.1351': attribute type 10 has an invalid length.
[  283.133212][ T8430] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.141566][ T8417] hub 9-0:1.0: USB hub found
[  283.148101][ T8417] hub 9-0:1.0: 8 ports detected
[  283.179468][ T8430] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.237889][ T8430] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.277440][ T8430] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.338049][ T8430] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.353501][ T8430] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.375147][ T8430] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.378772][ T8437] autofs: Bad value for 'uid'
[  283.388140][ T8437] autofs: Bad value for 'uid'
[  283.400367][ T8430] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.417239][ T8437] loop4: detected capacity change from 0 to 1024
[  283.426365][ T8437] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  283.450874][ T8437] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.544866][ T6590] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.612453][ T8446] loop3: detected capacity change from 0 to 128
[  283.661339][ T8446] bio_check_eod: 48 callbacks suppressed
[  283.661361][ T8446] syz.3.1357: attempt to access beyond end of device
[  283.661361][ T8446] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  283.701787][ T8445] syz.3.1357: attempt to access beyond end of device
[  283.701787][ T8445] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[  283.716200][ T8445] syz.3.1357: attempt to access beyond end of device
[  283.716200][ T8445] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[  283.730370][ T8445] syz.3.1357: attempt to access beyond end of device
[  283.730370][ T8445] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[  283.745998][ T8445] syz.3.1357: attempt to access beyond end of device
[  283.745998][ T8445] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[  283.761427][ T8445] syz.3.1357: attempt to access beyond end of device
[  283.761427][ T8445] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[  283.774313][ T8448] syz.0.1358[8448] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  283.774763][ T8448] syz.0.1358[8448] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  283.775047][ T8445] syz.3.1357: attempt to access beyond end of device
[  283.775047][ T8445] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[  283.813105][ T8445] syz.3.1357: attempt to access beyond end of device
[  283.813105][ T8445] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[  283.826406][ T8445] syz.3.1357: attempt to access beyond end of device
[  283.826406][ T8445] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[  283.841651][ T8445] syz.3.1357: attempt to access beyond end of device
[  283.841651][ T8445] loop3: rw=0, sector=209, nr_sectors = 8 limit=128
[  283.902406][ T8450] loop3: detected capacity change from 0 to 2048
[  283.919292][ T8450] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.013909][ T8450] __nla_validate_parse: 6 callbacks suppressed
[  284.013929][ T8450] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1359'.
[  284.060196][   T50] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  284.076069][   T50] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  284.088375][   T50] EXT4-fs (loop3): This should not happen!! Data will be lost
[  284.088375][   T50] 
[  284.098284][   T50] EXT4-fs (loop3): Total free blocks count 0
[  284.104317][   T50] EXT4-fs (loop3): Free/Dirty block details
[  284.110228][   T50] EXT4-fs (loop3): free_blocks=2415919104
[  284.116126][   T50] EXT4-fs (loop3): dirty_blocks=16
[  284.121358][   T50] EXT4-fs (loop3): Block reservation details
[  284.127343][   T50] EXT4-fs (loop3): i_reserved_data_blocks=1
[  284.136850][   T55] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  284.176689][ T8455] loop3: detected capacity change from 0 to 512
[  284.187588][ T8455] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.210861][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.257045][ T8455] loop3: detected capacity change from 512 to 511
[  284.289024][ T6590] EXT4-fs error (device loop3): htree_dirblock_to_tree:1112: inode #2: block 21: comm syz-executor: bad entry in directory: directory entry overrun - offset=1004, inode=0, rec_len=1000, size=1024 fake=0
[  284.316282][ T6590] EXT4-fs error (device loop3): ext4_lookup:1811: inode #12: comm syz-executor: iget: bad extended attribute block 2923804220
[  284.324074][ T8465] loop4: detected capacity change from 0 to 4096
[  284.331288][ T6590] EXT4-fs error (device loop3): ext4_lookup:1811: inode #12: comm syz-executor: iget: bad extended attribute block 2923804220
[  284.359735][ T8465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  284.373577][ T6590] bond0: (slave syz_tun): Releasing backup interface
[  284.414812][ T8465] tmpfs: Unknown parameter 'mrol'
[  284.434986][ T7211] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.488790][ T8470] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.502912][ T7693] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.533210][ T3365] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.549335][ T8470] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.591280][ T8471] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1366'.
[  284.604702][ T3365] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.622352][ T8470] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.682393][ T3365] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.695279][ T8470] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.741101][ T3365] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.873601][ T3365] bridge_slave_1: left allmulticast mode
[  284.879337][ T3365] bridge_slave_1: left promiscuous mode
[  284.885330][ T3365] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.893791][ T3365] bridge_slave_0: left allmulticast mode
[  284.899514][ T3365] bridge_slave_0: left promiscuous mode
[  284.905345][ T3365] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.044409][ T3365] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  285.055092][ T3365] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  285.065684][ T3365] bond0 (unregistering): Released all slaves
[  285.082578][ T8475] chnl_net:caif_netlink_parms(): no params data found
[  285.140009][ T8475] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.147282][ T8475] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.154641][ T8475] bridge_slave_0: entered allmulticast mode
[  285.161525][ T8475] bridge_slave_0: entered promiscuous mode
[  285.168896][ T8475] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.176094][ T8475] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.183278][ T8475] bridge_slave_1: entered allmulticast mode
[  285.190165][ T8475] bridge_slave_1: entered promiscuous mode
[  285.208162][ T3365] hsr_slave_0: left promiscuous mode
[  285.214223][ T3365] hsr_slave_1: left promiscuous mode
[  285.220398][ T3365] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.228028][ T3365] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.236647][ T3365] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.244181][ T3365] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.254480][ T3365] veth1_macvtap: left promiscuous mode
[  285.260031][ T3365] veth0_macvtap: left promiscuous mode
[  285.265833][ T3365] veth1_vlan: left promiscuous mode
[  285.271148][ T3365] veth0_vlan: left promiscuous mode
[  285.407737][ T3365] team0 (unregistering): Port device team_slave_1 removed
[  285.420473][ T3365] team0 (unregistering): Port device team_slave_0 removed
[  285.490020][ T8475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  285.501561][ T8475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  285.531975][ T8335] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  285.543883][ T8335] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  285.553309][ T8475] team0: Port device team_slave_0 added
[  285.562117][ T8335] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  285.572236][ T8475] team0: Port device team_slave_1 added
[  285.583287][ T8335] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  285.611730][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.619048][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.645152][ T8475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.659608][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.666632][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.692700][ T8475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  285.725764][ T8490] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1369'.
[  285.737505][ T8475] hsr_slave_0: entered promiscuous mode
[  285.744014][ T8475] hsr_slave_1: entered promiscuous mode
[  286.062886][ T8475] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  286.072863][ T8475] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  286.082454][ T8475] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  286.091959][ T8475] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  286.147143][ T8475] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.167609][ T8475] 8021q: adding VLAN 0 to HW filter on device team0
[  286.179735][ T6271] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.186852][ T6271] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.199232][   T55] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.206333][   T55] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.312947][ T8475] 8021q: adding VLAN 0 to HW filter on device batadv0
[  286.426920][ T8475] veth0_vlan: entered promiscuous mode
[  286.439598][ T8475] veth1_vlan: entered promiscuous mode
[  286.457545][ T8475] veth0_macvtap: entered promiscuous mode
[  286.474326][ T8475] veth1_macvtap: entered promiscuous mode
[  286.489958][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.500825][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.510831][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.521297][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.531208][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.541820][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.550595][ T8505] loop1: detected capacity change from 0 to 2048
[  286.551817][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.568887][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.578855][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.587351][ T8505] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.589530][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.611743][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  286.622754][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.635667][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_0
[  286.646706][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.657798][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.667674][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.678276][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.688175][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.698728][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.708688][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.719397][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.729334][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.730888][ T8505] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1370'.
[  286.739959][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.758926][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  286.769384][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  286.781538][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_1
[  286.794088][ T8475] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  286.802978][ T8475] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  286.811996][ T8475] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  286.820810][ T8475] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  286.852429][ T3365] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  286.868536][ T3365] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  286.880911][ T3365] EXT4-fs (loop1): This should not happen!! Data will be lost
[  286.880911][ T3365] 
[  286.890877][ T3365] EXT4-fs (loop1): Total free blocks count 0
[  286.897166][ T3365] EXT4-fs (loop1): Free/Dirty block details
[  286.903179][ T3365] EXT4-fs (loop1): free_blocks=2415919104
[  286.909046][ T3365] EXT4-fs (loop1): dirty_blocks=16
[  286.914840][ T3365] EXT4-fs (loop1): Block reservation details
[  286.920895][ T3365] EXT4-fs (loop1): i_reserved_data_blocks=1
[  286.923706][ T8511] loop2: detected capacity change from 0 to 1024
[  286.928029][   T55] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  286.937509][ T8511] EXT4-fs (loop2): blocks per group (131072) and clusters per group (8192) inconsistent
[  286.999131][ T8511] loop2: detected capacity change from 0 to 512
[  287.037904][   T55] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.105873][   T55] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.177822][ T8526] FAULT_INJECTION: forcing a failure.
[  287.177822][ T8526] name failslab, interval 1, probability 0, space 0, times 0
[  287.190885][ T8526] CPU: 0 UID: 0 PID: 8526 Comm: syz.1.1371 Not tainted 6.11.0-rc6-syzkaller #0
[  287.200067][ T8526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  287.210121][ T8526] Call Trace:
[  287.213409][ T8526]  <TASK>
[  287.216333][ T8526]  dump_stack_lvl+0xf2/0x150
[  287.220990][ T8526]  dump_stack+0x15/0x20
[  287.225188][ T8526]  should_fail_ex+0x229/0x230
[  287.229871][ T8526]  ? alloc_empty_file+0xd0/0x310
[  287.234820][ T8526]  should_failslab+0x8f/0xb0
[  287.239420][ T8526]  kmem_cache_alloc_noprof+0x4c/0x290
[  287.244940][ T8526]  ? mntput+0x49/0x70
[  287.248923][ T8526]  alloc_empty_file+0xd0/0x310
[  287.253731][ T8526]  path_openat+0x6a/0x1f10
[  287.258147][ T8526]  ? _parse_integer_limit+0x167/0x180
[  287.263664][ T8526]  ? _parse_integer+0x27/0x30
[  287.268343][ T8526]  ? kstrtoull+0x110/0x140
[  287.272776][ T8526]  ? kstrtouint+0x77/0xc0
[  287.273175][ T8529] loop2: detected capacity change from 0 to 512
[  287.277179][ T8526]  do_filp_open+0xf7/0x200
[  287.284140][ T8529] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  287.287818][ T8526]  do_sys_openat2+0xab/0x120
[  287.301957][ T8526]  __x64_sys_openat+0xf3/0x120
[  287.306753][ T8526]  x64_sys_call+0x1025/0x2d60
[  287.309295][ T8529] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  287.311478][ T8526]  do_syscall_64+0xc9/0x1c0
[  287.311511][ T8526]  ? clear_bhb_loop+0x55/0xb0
[  287.319499][ T8529] System zones: 
[  287.323892][ T8526]  ? clear_bhb_loop+0x55/0xb0
[  287.328560][ T8529] 1-12
[  287.332088][ T8526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.336779][ T8529] 
[  287.339442][ T8526] RIP: 0033:0x7f2a2e318850
[  287.339464][ T8526] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[  287.339520][ T8526] RSP: 002b:00007f2a2cf75f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  287.348036][ T8529] EXT4-fs (loop2): orphan cleanup on readonly fs
[  287.352162][ T8526] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f2a2e318850
[  287.371909][ T8529] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz.2.1376: Inode bitmap for bg 0 marked uninitialized
[  287.380185][ T8526] RDX: 0000000000000002 RSI: 00007f2a2cf75fa0 RDI: 00000000ffffff9c
[  287.380203][ T8526] RBP: 00007f2a2cf75fa0 R08: 0000000000000000 R09: 0000000000000000
[  287.423091][ T8526] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  287.431060][ T8526] R13: 0000000000000001 R14: 00007f2a2e4b6058 R15: 00007ffdb44d17b8
[  287.439038][ T8526]  </TASK>
[  287.445518][   T55] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.457957][ T8528] hub 9-0:1.0: USB hub found
[  287.462661][ T8528] hub 9-0:1.0: 8 ports detected
[  287.470136][ T8529] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1376'.
[  287.517037][   T55] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.527319][ T8535] syz.1.1377[8535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  287.527386][ T8535] syz.1.1377[8535] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  287.631014][ T8542] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  287.639442][   T55] bridge_slave_1: left allmulticast mode
[  287.642339][ T8542] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  287.648885][   T55] bridge_slave_1: left promiscuous mode
[  287.654618][ T8542] vhci_hcd vhci_hcd.0: Device attached
[  287.662150][   T55] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.678943][ T8543] usbip_core: unknown command
[  287.682380][ T8542] syz.1.1379[8542] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  287.684886][ T8543] vhci_hcd: unknown pdu 0
[  287.684897][ T8543] usbip_core: unknown command
[  287.687037][ T3365] vhci_hcd: stop threads
[  287.696877][ T8542] syz.1.1379[8542] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  287.700646][ T3365] vhci_hcd: release socket
[  287.726097][ T3365] vhci_hcd: disconnect device
[  287.731042][   T55] bridge_slave_0: left allmulticast mode
[  287.736805][   T55] bridge_slave_0: left promiscuous mode
[  287.742509][   T55] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.863456][   T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  287.875591][   T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  287.887144][   T55] bond0 (unregistering): Released all slaves
[  287.898400][   T55] bond1 (unregistering): Released all slaves
[  287.970666][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  287.978180][   T55] batman_adv: batadv0: Removing interface: batadv_slave_0
[  287.986383][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  287.993912][   T55] batman_adv: batadv0: Removing interface: batadv_slave_1
[  288.013167][   T55] veth1_macvtap: left promiscuous mode
[  288.018875][   T55] veth0_macvtap: left promiscuous mode
[  288.022291][ T8548] loop2: detected capacity change from 0 to 2048
[  288.024419][   T55] veth1_vlan: left promiscuous mode
[  288.036138][   T55] veth0_vlan: left promiscuous mode
[  288.293643][ T8553] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1380'.
[  288.295698][ T8554] No control pipe specified
[  288.317125][ T8554] loop1: detected capacity change from 0 to 1024
[  288.320226][   T55] team0 (unregistering): Port device team_slave_1 removed
[  288.334141][ T8554] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  288.353745][   T55] team0 (unregistering): Port device team_slave_0 removed
[  288.406631][ T6271] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  288.433545][ T8470] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.444111][ T6271] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  288.445211][ T8520] chnl_net:caif_netlink_parms(): no params data found
[  288.456345][ T6271] EXT4-fs (loop2): This should not happen!! Data will be lost
[  288.456345][ T6271] 
[  288.456362][ T6271] EXT4-fs (loop2): Total free blocks count 0
[  288.456374][ T6271] EXT4-fs (loop2): Free/Dirty block details
[  288.456419][ T6271] EXT4-fs (loop2): free_blocks=2415919104
[  288.490585][ T6271] EXT4-fs (loop2): dirty_blocks=16
[  288.495707][ T6271] EXT4-fs (loop2): Block reservation details
[  288.501763][ T6271] EXT4-fs (loop2): i_reserved_data_blocks=1
[  288.510288][ T6271] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  288.522629][ T6271] EXT4-fs (loop2): This should not happen!! Data will be lost
[  288.522629][ T6271] 
[  288.542768][ T8470] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  288.556194][ T8470] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  288.572742][ T8560] No control pipe specified
[  288.580334][ T8470] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  288.586790][ T8560] loop2: detected capacity change from 0 to 1024
[  288.602818][ T8560] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  288.625540][ T8520] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.632674][ T8520] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.640243][ T8520] bridge_slave_0: entered allmulticast mode
[  288.647280][ T8520] bridge_slave_0: entered promiscuous mode
[  288.654981][ T8520] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.662102][ T8520] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.669432][ T8520] bridge_slave_1: entered allmulticast mode
[  288.676707][ T8520] bridge_slave_1: entered promiscuous mode
[  288.702726][ T8520] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  288.723991][ T8520] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  288.797027][ T8520] team0: Port device team_slave_0 added
[  288.841029][ T8520] team0: Port device team_slave_1 added
[  288.875683][ T8520] batman_adv: batadv0: Adding interface: batadv_slave_0
[  288.882742][ T8520] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.908699][ T8520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  288.920755][ T8520] batman_adv: batadv0: Adding interface: batadv_slave_1
[  288.927830][ T8520] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.953850][ T8520] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  289.027645][ T8520] hsr_slave_0: entered promiscuous mode
[  289.034458][ T8520] hsr_slave_1: entered promiscuous mode
[  289.041897][ T8520] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  289.049949][ T8520] Cannot create hsr debugfs directory
[  289.089759][ T8577] syz.4.1387[8577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  289.089906][ T8577] syz.4.1387[8577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  289.248663][ T8583] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.277605][ T8586] netlink: 'syz.1.1389': attribute type 10 has an invalid length.
[  289.305849][ T8587] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1390'.
[  289.325491][ T8583] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.383849][ T8583] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.444997][ T8583] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.491313][ T8520] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  289.504576][ T8520] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  289.515169][ T8520] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  289.527422][ T8520] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  289.607234][ T8520] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.629993][   T29] kauditd_printk_skb: 231 callbacks suppressed
[  289.630009][   T29] audit: type=1326 audit(1725229391.805:2987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8592 comm="syz.1.1392" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x0
[  289.633509][ T8591] loop2: detected capacity change from 0 to 512
[  289.644552][ T8520] 8021q: adding VLAN 0 to HW filter on device team0
[  289.674374][ T8591] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  289.685480][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.692687][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.695197][ T8591] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  289.708941][ T8591] System zones: 1-12
[  289.712956][ T8591] EXT4-fs (loop2): orphan cleanup on readonly fs
[  289.719990][ T8591] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz.2.1391: Inode bitmap for bg 0 marked uninitialized
[  289.726805][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.739906][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.785308][ T8591] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1391'.
[  289.797825][ T8591] hub 9-0:1.0: USB hub found
[  289.809178][ T8591] hub 9-0:1.0: 8 ports detected
[  289.818636][ T8520] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  289.829127][ T8520] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  289.957709][ T8520] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.982538][ T8603] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1393'.
[  290.155035][ T8520] veth0_vlan: entered promiscuous mode
[  290.178759][ T8520] veth1_vlan: entered promiscuous mode
[  290.225035][ T8520] veth0_macvtap: entered promiscuous mode
[  290.233659][ T8520] veth1_macvtap: entered promiscuous mode
[  290.251053][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.261564][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.271714][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.282236][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.292102][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.302608][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.312609][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.323157][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.333094][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.343543][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.353408][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  290.363923][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.376807][ T8520] batman_adv: batadv0: Interface activated: batadv_slave_0
[  290.391789][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.402336][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.412256][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.422767][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.430842][ T8648] hub 9-0:1.0: USB hub found
[  290.432582][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.438453][ T8648] hub 9-0:1.0: 8 ports detected
[  290.447622][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.447647][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.472892][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.482839][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.493326][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.503180][ T8520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  290.513738][ T8520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  290.524747][ T8520] batman_adv: batadv0: Interface activated: batadv_slave_1
[  290.549917][ T8520] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.558808][ T8520] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.567671][ T8520] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.576492][ T8520] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.588900][ T8651] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  290.595470][ T8651] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  290.603025][ T8651] vhci_hcd vhci_hcd.0: Device attached
[  290.628768][ T8651] syz.2.1398[8651] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.628941][ T8651] syz.2.1398[8651] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  290.645886][ T8652] vhci_hcd: connection closed
[  290.655119][   T29] audit: type=1326 audit(1725229392.832:2988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8657 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  290.658330][   T55] vhci_hcd: stop threads
[  290.661888][   T29] audit: type=1326 audit(1725229392.832:2989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8657 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  290.679150][   T29] audit: type=1326 audit(1725229392.853:2990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8657 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  290.685355][   T55] vhci_hcd: release socket
[  290.689583][   T29] audit: type=1326 audit(1725229392.853:2991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8657 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  290.713354][   T55] vhci_hcd: disconnect device
[  290.736706][   T29] audit: type=1326 audit(1725229392.853:2992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8657 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  290.736742][   T29] audit: type=1326 audit(1725229392.853:2993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8657 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  290.762483][ T8661] loop1: detected capacity change from 0 to 1024
[  290.765307][   T29] audit: type=1326 audit(1725229392.853:2994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8657 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  290.770481][ T8661] EXT4-fs (loop1): blocks per group (131072) and clusters per group (8192) inconsistent
[  290.793529][   T29] audit: type=1326 audit(1725229392.853:2995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8657 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  290.880216][   T29] audit: type=1326 audit(1725229392.853:2996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8657 comm="syz.1.1400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  290.997375][ T8668] netlink: 'syz.1.1401': attribute type 10 has an invalid length.
[  291.012246][ T8672] FAULT_INJECTION: forcing a failure.
[  291.012246][ T8672] name failslab, interval 1, probability 0, space 0, times 0
[  291.025056][ T8672] CPU: 1 UID: 0 PID: 8672 Comm: syz.3.1402 Not tainted 6.11.0-rc6-syzkaller #0
[  291.034063][ T8672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  291.044138][ T8672] Call Trace:
[  291.047431][ T8672]  <TASK>
[  291.050385][ T8672]  dump_stack_lvl+0xf2/0x150
[  291.055074][ T8672]  dump_stack+0x15/0x20
[  291.059255][ T8672]  should_fail_ex+0x229/0x230
[  291.064057][ T8672]  ? sock_kmalloc+0x83/0xc0
[  291.068582][ T8672]  should_failslab+0x8f/0xb0
[  291.073226][ T8672]  __kmalloc_noprof+0xa5/0x370
[  291.078062][ T8672]  ? mntput_no_expire+0x70/0x3c0
[  291.083098][ T8672]  sock_kmalloc+0x83/0xc0
[  291.087457][ T8672]  ipv6_renew_options+0x1ed/0x5c0
[  291.092519][ T8672]  ipv6_set_opt_hdr+0x1ea/0x610
[  291.097406][ T8672]  do_ipv6_setsockopt+0x1253/0x2250
[  291.102711][ T8672]  ? avc_has_perm+0xb7/0x160
[  291.107365][ T8672]  ? selinux_netlbl_socket_setsockopt+0xd0/0x2c0
[  291.113820][ T8672]  ipv6_setsockopt+0x57/0x140
[  291.118662][ T8672]  rawv6_setsockopt+0x21e/0x410
[  291.123600][ T8672]  sock_common_setsockopt+0x64/0x80
[  291.128833][ T8672]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  291.134760][ T8672]  __sys_setsockopt+0x1d8/0x250
[  291.139638][ T8672]  __x64_sys_setsockopt+0x66/0x80
[  291.144773][ T8672]  x64_sys_call+0x278d/0x2d60
[  291.149619][ T8672]  do_syscall_64+0xc9/0x1c0
[  291.154148][ T8672]  ? clear_bhb_loop+0x55/0xb0
[  291.158844][ T8672]  ? clear_bhb_loop+0x55/0xb0
[  291.163535][ T8672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.169505][ T8672] RIP: 0033:0x7ff613209eb9
[  291.173926][ T8672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.193566][ T8672] RSP: 002b:00007ff611e87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  291.202001][ T8672] RAX: ffffffffffffffda RBX: 00007ff6133a5f80 RCX: 00007ff613209eb9
[  291.210052][ T8672] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000006
[  291.218025][ T8672] RBP: 00007ff611e87090 R08: 0000000000000018 R09: 0000000000000000
[  291.226015][ T8672] R10: 0000000020000f00 R11: 0000000000000246 R12: 0000000000000001
[  291.234062][ T8672] R13: 0000000000000000 R14: 00007ff6133a5f80 R15: 00007ffd3f9a14b8
[  291.242068][ T8672]  </TASK>
[  291.330060][ T8675] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1403'.
[  291.428705][ T8678] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1404'.
[  291.437867][ T8678] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1404'.
[  291.479933][ T8689] PM: Enabling pm_trace changes system date and time during resume.
[  291.479933][ T8689] PM: Correct system time has to be restored manually after resume.
[  291.497588][ T8688] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1417'.
[  291.502521][ T8689] syz.3.1407[8689] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  291.506679][ T8689] syz.3.1407[8689] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  291.522455][ T8690] loop1: detected capacity change from 0 to 512
[  291.567336][ T8690] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  291.585312][ T8690] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  291.603263][ T8690] System zones: 1-12
[  291.618949][ T8690] EXT4-fs (loop1): orphan cleanup on readonly fs
[  291.625803][ T8690] EXT4-fs error (device loop1): ext4_read_inode_bitmap:168: comm syz.1.1408: Inode bitmap for bg 0 marked uninitialized
[  291.659737][ T8697] No control pipe specified
[  291.676056][ T8699] loop2: detected capacity change from 0 to 512
[  291.704471][ T8699] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  291.720819][ T8699] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  291.729967][ T8699] System zones: 1-12
[  291.734347][ T8699] EXT4-fs (loop2): orphan cleanup on readonly fs
[  291.740939][ T8699] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz.2.1410: Inode bitmap for bg 0 marked uninitialized
[  291.780599][ T8699] hub 9-0:1.0: USB hub found
[  291.785482][ T8699] hub 9-0:1.0: 8 ports detected
[  292.344303][ T8703] program syz.3.1413 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  292.395499][ T8705] loop1: detected capacity change from 0 to 1024
[  292.408459][ T8705] EXT4-fs (loop1): blocks per group (131072) and clusters per group (8192) inconsistent
[  292.464990][ T8708] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  292.471634][ T8708] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  292.479395][ T8708] vhci_hcd vhci_hcd.0: Device attached
[  292.511418][ T8709] usbip_core: unknown command
[  292.516707][ T8709] vhci_hcd: unknown pdu 0
[  292.521053][ T8709] usbip_core: unknown command
[  292.527867][ T8708] syz.2.1414[8708] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  292.527985][ T8708] syz.2.1414[8708] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  292.541579][ T3363] vhci_hcd: stop threads
[  292.557279][ T3363] vhci_hcd: release socket
[  292.561842][ T3363] vhci_hcd: disconnect device
[  292.691844][ T8717] netlink: 'syz.0.1416': attribute type 10 has an invalid length.
[  292.701374][ T8717] syz_tun: entered promiscuous mode
[  292.717597][ T8717] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  292.777971][ T8725] autofs: Bad value for 'uid'
[  292.782836][ T8725] autofs: Bad value for 'uid'
[  292.796990][ T8725] loop3: detected capacity change from 0 to 1024
[  292.808658][ T8725] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  292.901055][ T8732] No control pipe specified
[  292.990545][ T8730] loop1: detected capacity change from 0 to 2048
[  293.130736][ T8730] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1420'.
[  293.213579][ T3363] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  293.214192][ T8739] loop2: detected capacity change from 0 to 512
[  293.239319][ T8739] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  293.247550][ T3363] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  293.261131][ T3363] EXT4-fs (loop1): This should not happen!! Data will be lost
[  293.261131][ T3363] 
[  293.266470][ T8739] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  293.270755][ T3363] EXT4-fs (loop1): Total free blocks count 0
[  293.284883][ T3363] EXT4-fs (loop1): Free/Dirty block details
[  293.290923][ T3363] EXT4-fs (loop1): free_blocks=2415919104
[  293.296661][ T3363] EXT4-fs (loop1): dirty_blocks=16
[  293.301934][ T3363] EXT4-fs (loop1): Block reservation details
[  293.307923][ T3363] EXT4-fs (loop1): i_reserved_data_blocks=1
[  293.314068][ T8739] System zones: 1-12
[  293.323998][ T8739] EXT4-fs (loop2): orphan cleanup on readonly fs
[  293.333065][ T3363] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  293.341402][ T8739] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz.2.1422: Inode bitmap for bg 0 marked uninitialized
[  293.345456][ T3363] EXT4-fs (loop1): This should not happen!! Data will be lost
[  293.345456][ T3363] 
[  293.392072][ T8742] syz.1.1423[8742] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  293.392135][ T8742] syz.1.1423[8742] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  293.407715][ T8742] loop1: detected capacity change from 0 to 128
[  293.427861][ T8739] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1422'.
[  293.524621][ T8742] bio_check_eod: 16 callbacks suppressed
[  293.524642][ T8742] syz.1.1423: attempt to access beyond end of device
[  293.524642][ T8742] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  293.581031][ T8742] syz.1.1423: attempt to access beyond end of device
[  293.581031][ T8742] loop1: rw=524288, sector=145, nr_sectors = 224 limit=128
[  293.595600][ T8742] syz.1.1423: attempt to access beyond end of device
[  293.595600][ T8742] loop1: rw=0, sector=169, nr_sectors = 8 limit=128
[  293.609502][ T8742] syz.1.1423: attempt to access beyond end of device
[  293.609502][ T8742] loop1: rw=0, sector=169, nr_sectors = 8 limit=128
[  293.624685][ T8742] syz.1.1423: attempt to access beyond end of device
[  293.624685][ T8742] loop1: rw=0, sector=169, nr_sectors = 8 limit=128
[  293.638408][ T8742] syz.1.1423: attempt to access beyond end of device
[  293.638408][ T8742] loop1: rw=0, sector=169, nr_sectors = 8 limit=128
[  293.798861][ T8750] loop1: detected capacity change from 0 to 512
[  293.805963][ T8751] PM: Enabling pm_trace changes system date and time during resume.
[  293.805963][ T8751] PM: Correct system time has to be restored manually after resume.
[  293.817878][ T8750] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  293.832117][ T8750] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  293.840093][ T8750] System zones: 1-12
[  293.844381][ T8750] EXT4-fs (loop1): orphan cleanup on readonly fs
[  293.850811][ T8750] EXT4-fs error (device loop1): ext4_read_inode_bitmap:168: comm syz.1.1424: Inode bitmap for bg 0 marked uninitialized
[  293.881742][ T8754] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.898653][ T8750] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1424'.
[  293.908597][ T8750] hub 9-0:1.0: USB hub found
[  293.913482][ T8750] hub 9-0:1.0: 8 ports detected
[  293.939877][ T8754] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.004452][ T8754] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.049002][ T8754] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.074043][ T8583] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.087073][ T8583] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.106725][ T8583] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.121196][ T8583] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  294.152867][ T8754] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.174538][ T8754] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.194030][ T8754] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.207994][ T8754] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  294.230784][ T8769] loop4: detected capacity change from 0 to 128
[  294.313436][ T8771] loop4: detected capacity change from 0 to 2048
[  294.330298][ T8773] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  294.336997][ T8773] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  294.344745][ T8773] vhci_hcd vhci_hcd.0: Device attached
[  294.355717][ T8774] usbip_core: unknown command
[  294.356879][ T8773] syz.0.1432[8773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  294.360447][ T8774] vhci_hcd: unknown pdu 0
[  294.360600][ T8773] syz.0.1432[8773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  294.371927][ T8774] usbip_core: unknown command
[  294.404057][   T55] vhci_hcd: stop threads
[  294.408456][   T55] vhci_hcd: release socket
[  294.412996][   T55] vhci_hcd: disconnect device
[  294.535902][ T8771] __nla_validate_parse: 1 callbacks suppressed
[  294.535922][ T8771] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1433'.
[  294.628951][ T8782] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1435'.
[  294.638768][ T3365] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  294.659572][ T3365] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  294.671886][ T3365] EXT4-fs (loop4): This should not happen!! Data will be lost
[  294.671886][ T3365] 
[  294.681748][ T3365] EXT4-fs (loop4): Total free blocks count 0
[  294.687824][ T3365] EXT4-fs (loop4): Free/Dirty block details
[  294.687840][ T3365] EXT4-fs (loop4): free_blocks=2415919104
[  294.687896][ T3365] EXT4-fs (loop4): dirty_blocks=16
[  294.687910][ T3365] EXT4-fs (loop4): Block reservation details
[  294.687923][ T3365] EXT4-fs (loop4): i_reserved_data_blocks=1
[  294.699268][ T3365] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  294.699325][ T3365] EXT4-fs (loop4): This should not happen!! Data will be lost
[  294.699325][ T3365] 
[  294.726174][   T29] kauditd_printk_skb: 189 callbacks suppressed
[  294.726191][   T29] audit: type=1326 audit(1725229396.970:3186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8784 comm="syz.1.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  294.726226][   T29] audit: type=1326 audit(1725229396.970:3187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8784 comm="syz.1.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  294.726259][   T29] audit: type=1326 audit(1725229396.970:3188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8784 comm="syz.1.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  294.726358][   T29] audit: type=1326 audit(1725229396.970:3189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8784 comm="syz.1.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  294.726390][   T29] audit: type=1326 audit(1725229396.970:3190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8784 comm="syz.1.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  294.726422][   T29] audit: type=1326 audit(1725229396.970:3191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8784 comm="syz.1.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  294.726475][   T29] audit: type=1326 audit(1725229396.970:3192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8784 comm="syz.1.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  294.726509][   T29] audit: type=1326 audit(1725229396.970:3193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8784 comm="syz.1.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  294.726543][   T29] audit: type=1326 audit(1725229396.970:3194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8784 comm="syz.1.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  294.726643][   T29] audit: type=1326 audit(1725229396.970:3195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8784 comm="syz.1.1437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f2a2e319eb9 code=0x7ffc0000
[  294.764082][ T8788] No control pipe specified
[  294.779177][ T8785] loop1: detected capacity change from 0 to 512
[  294.784967][ T8788] loop4: detected capacity change from 0 to 1024
[  294.788131][ T8788] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  295.182117][ T8804] syz.1.1442[8804] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  295.182208][ T8804] syz.1.1442[8804] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  295.215439][ T8808] loop3: detected capacity change from 0 to 128
[  295.239675][ T8804] loop1: detected capacity change from 0 to 128
[  295.331147][ T8814] loop2: detected capacity change from 0 to 512
[  295.336288][ T8813] loop3: detected capacity change from 0 to 2048
[  295.344116][ T8804] syz.1.1442: attempt to access beyond end of device
[  295.344116][ T8804] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  295.360989][ T8814] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  295.380456][ T8814] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  295.392891][ T8814] System zones: 1-12
[  295.400308][ T8804] syz.1.1442: attempt to access beyond end of device
[  295.400308][ T8804] loop1: rw=524288, sector=145, nr_sectors = 224 limit=128
[  295.411323][ T8814] EXT4-fs (loop2): orphan cleanup on readonly fs
[  295.416293][ T8804] syz.1.1442: attempt to access beyond end of device
[  295.416293][ T8804] loop1: rw=0, sector=169, nr_sectors = 8 limit=128
[  295.433982][ T8814] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz.2.1444: Inode bitmap for bg 0 marked uninitialized
[  295.436125][ T8804] syz.1.1442: attempt to access beyond end of device
[  295.436125][ T8804] loop1: rw=0, sector=169, nr_sectors = 8 limit=128
[  295.475995][ T8814] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1444'.
[  295.486571][ T8814] hub 9-0:1.0: USB hub found
[  295.491407][ T8814] hub 9-0:1.0: 8 ports detected
[  295.620413][ T8813] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1446'.
[  295.626340][ T8822] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1448'.
[  295.681977][ T8822] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1448'.
[  295.699468][ T6271] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  295.715626][ T6271] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  295.716103][ T8827] FAULT_INJECTION: forcing a failure.
[  295.716103][ T8827] name failslab, interval 1, probability 0, space 0, times 0
[  295.727932][ T6271] EXT4-fs (loop3): This should not happen!! Data will be lost
[  295.727932][ T6271] 
[  295.740627][ T8827] CPU: 0 UID: 0 PID: 8827 Comm: syz.4.1450 Not tainted 6.11.0-rc6-syzkaller #0
[  295.740694][ T8827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  295.740707][ T8827] Call Trace:
[  295.740715][ T8827]  <TASK>
[  295.750346][ T6271] EXT4-fs (loop3): Total free blocks count 0
[  295.759230][ T8827]  dump_stack_lvl+0xf2/0x150
[  295.769286][ T6271] EXT4-fs (loop3): Free/Dirty block details
[  295.772548][ T8827]  dump_stack+0x15/0x20
[  295.775505][ T6271] EXT4-fs (loop3): free_blocks=2415919104
[  295.775522][ T6271] EXT4-fs (loop3): dirty_blocks=16
[  295.775533][ T6271] EXT4-fs (loop3): Block reservation details
[  295.775543][ T6271] EXT4-fs (loop3): i_reserved_data_blocks=1
[  295.778136][   T50] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  295.781549][ T8827]  should_fail_ex+0x229/0x230
[  295.781585][ T8827]  ? hashtab_duplicate+0x59/0x370
[  295.786177][   T50] EXT4-fs (loop3): This should not happen!! Data will be lost
[  295.786177][   T50] 
[  295.850685][ T8827]  should_failslab+0x8f/0xb0
[  295.855365][ T8827]  __kmalloc_noprof+0xa5/0x370
[  295.860150][ T8827]  hashtab_duplicate+0x59/0x370
[  295.865030][ T8827]  ? cond_policydb_dup+0xa0/0x710
[  295.870129][ T8827]  ? should_failslab+0x8f/0xb0
[  295.874910][ T8827]  ? __pfx_cond_bools_copy+0x10/0x10
[  295.880231][ T8827]  ? __pfx_cond_bools_destroy+0x10/0x10
[  295.885793][ T8827]  cond_policydb_dup+0xdb/0x710
[  295.890689][ T8827]  ? __kmalloc_node_track_caller_noprof+0x17e/0x380
[  295.897299][ T8827]  security_set_bools+0xa8/0x350
[  295.902324][ T8827]  ? sel_commit_bools_write+0x16a/0x260
[  295.907894][ T8827]  sel_commit_bools_write+0x1e4/0x260
[  295.913287][ T8827]  vfs_writev+0x402/0x880
[  295.917621][ T8827]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  295.923585][ T8827]  ? mutex_lock+0xd/0x40
[  295.927842][ T8827]  do_writev+0xf8/0x220
[  295.932099][ T8827]  __x64_sys_writev+0x45/0x50
[  295.936790][ T8827]  x64_sys_call+0x1f18/0x2d60
[  295.941497][ T8827]  do_syscall_64+0xc9/0x1c0
[  295.946009][ T8827]  ? clear_bhb_loop+0x55/0xb0
[  295.950824][ T8827]  ? clear_bhb_loop+0x55/0xb0
[  295.955507][ T8827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.961424][ T8827] RIP: 0033:0x7f6b87409eb9
[  295.965845][ T8827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.985665][ T8827] RSP: 002b:00007f6b86081038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  295.994085][ T8827] RAX: ffffffffffffffda RBX: 00007f6b875a5f80 RCX: 00007f6b87409eb9
[  296.002060][ T8827] RDX: 0000000000000002 RSI: 00000000200025c0 RDI: 0000000000000003
[  296.010083][ T8827] RBP: 00007f6b86081090 R08: 0000000000000000 R09: 0000000000000000
[  296.018060][ T8827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.026035][ T8827] R13: 0000000000000000 R14: 00007f6b875a5f80 R15: 00007ffebb2218f8
[  296.034020][ T8827]  </TASK>
[  296.130984][ T8840] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1453'.
[  296.150697][ T8836] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1452'.
[  296.216604][ T8845] loop4: detected capacity change from 0 to 128
[  296.239510][ T8851] No control pipe specified
[  296.258017][ T8851] loop2: detected capacity change from 0 to 1024
[  296.281978][ T8851] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  296.288478][ T8852] loop3: detected capacity change from 0 to 512
[  296.310217][ T8854] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1460'.
[  296.323197][ T8852] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  296.350415][ T8852] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  296.385326][ T8852] System zones: 1-12
[  296.422277][ T8863] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1460'.
[  296.423012][ T8852] EXT4-fs (loop3): orphan cleanup on readonly fs
[  296.438122][ T8852] EXT4-fs error (device loop3): ext4_read_inode_bitmap:168: comm syz.3.1457: Inode bitmap for bg 0 marked uninitialized
[  296.599832][ T8872] loop4: detected capacity change from 0 to 512
[  296.635152][ T8872] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  296.656452][ T8872] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  296.664659][ T8872] System zones: 1-12
[  296.668874][ T8872] EXT4-fs (loop4): orphan cleanup on readonly fs
[  296.675602][ T8872] EXT4-fs error (device loop4): ext4_read_inode_bitmap:168: comm syz.4.1463: Inode bitmap for bg 0 marked uninitialized
[  296.749285][ T8872] hub 9-0:1.0: USB hub found
[  296.756246][ T8872] hub 9-0:1.0: 8 ports detected
[  296.866907][ T8888] loop1: detected capacity change from 0 to 512
[  296.934018][ T8891] autofs: Unknown parameter '0x0000000000000000'
[  296.957975][ T8891] loop1: detected capacity change from 0 to 1024
[  296.979698][ T8891] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  297.169015][ T8903] loop2: detected capacity change from 0 to 2048
[  297.220566][ T8907] syz.3.1475[8907] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  297.220734][ T8907] syz.3.1475[8907] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  297.263781][ T8907] loop3: detected capacity change from 0 to 128
[  297.532653][ T6271] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  297.540430][ T8920] loop3: detected capacity change from 0 to 1024
[  297.549662][ T6271] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  297.566185][ T6271] EXT4-fs (loop2): This should not happen!! Data will be lost
[  297.566185][ T6271] 
[  297.575959][ T6271] EXT4-fs (loop2): Total free blocks count 0
[  297.582027][ T6271] EXT4-fs (loop2): Free/Dirty block details
[  297.587846][ T8920] EXT4-fs (loop3): blocks per group (131072) and clusters per group (8192) inconsistent
[  297.588108][ T6271] EXT4-fs (loop2): free_blocks=2415919104
[  297.604041][ T6271] EXT4-fs (loop2): dirty_blocks=16
[  297.609208][ T6271] EXT4-fs (loop2): Block reservation details
[  297.615271][ T6271] EXT4-fs (loop2): i_reserved_data_blocks=1
[  297.623190][ T6271] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  297.635925][ T6271] EXT4-fs (loop2): This should not happen!! Data will be lost
[  297.635925][ T6271] 
[  297.695982][ T8920] loop3: detected capacity change from 0 to 512
[  297.738041][ T8931] No control pipe specified
[  297.775776][ T8932] loop2: detected capacity change from 0 to 512
[  297.802213][ T8932] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  297.818102][ T8932] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  297.830470][ T8932] System zones: 1-12
[  297.834787][ T8932] EXT4-fs (loop2): orphan cleanup on readonly fs
[  297.842119][ T8932] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz.2.1482: Inode bitmap for bg 0 marked uninitialized
[  297.917705][ T8936] loop3: detected capacity change from 0 to 512
[  298.043555][ T8944] loop3: detected capacity change from 0 to 512
[  298.053372][ T8944] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  298.075674][ T8944] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  298.083777][ T8944] System zones: 1-12
[  298.089164][ T8944] EXT4-fs (loop3): orphan cleanup on readonly fs
[  298.095753][ T8944] EXT4-fs error (device loop3): ext4_read_inode_bitmap:168: comm syz.3.1487: Inode bitmap for bg 0 marked uninitialized
[  298.117076][ T8944] hub 9-0:1.0: USB hub found
[  298.121764][ T8944] hub 9-0:1.0: 8 ports detected
[  298.610451][ T8952] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.691940][ T8952] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.776271][ T8952] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.827095][ T8952] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.906712][ T8952] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  298.930953][ T8952] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  298.955599][ T8952] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  298.985499][ T8952] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.995711][ T8967] netlink: 'syz.0.1497': attribute type 10 has an invalid length.
[  299.004322][ T8966] netlink: 'syz.1.1496': attribute type 2 has an invalid length.
[  299.122163][ T8981] loop1: detected capacity change from 0 to 128
[  299.187844][ T8981] bio_check_eod: 9 callbacks suppressed
[  299.187860][ T8981] syz.1.1503: attempt to access beyond end of device
[  299.187860][ T8981] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  299.246021][ T8980] syz.1.1503: attempt to access beyond end of device
[  299.246021][ T8980] loop1: rw=524288, sector=145, nr_sectors = 224 limit=128
[  299.261368][ T8980] syz.1.1503: attempt to access beyond end of device
[  299.261368][ T8980] loop1: rw=0, sector=209, nr_sectors = 8 limit=128
[  299.277740][ T8980] syz.1.1503: attempt to access beyond end of device
[  299.277740][ T8980] loop1: rw=0, sector=209, nr_sectors = 8 limit=128
[  299.313677][ T8980] syz.1.1503: attempt to access beyond end of device
[  299.313677][ T8980] loop1: rw=0, sector=209, nr_sectors = 8 limit=128
[  299.341662][ T8992] loop4: detected capacity change from 0 to 512
[  299.349929][ T8980] syz.1.1503: attempt to access beyond end of device
[  299.349929][ T8980] loop1: rw=0, sector=209, nr_sectors = 8 limit=128
[  299.365869][ T8992] EXT4-fs: Ignoring removed nomblk_io_submit option
[  299.375856][ T8994] FAULT_INJECTION: forcing a failure.
[  299.375856][ T8994] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.389117][ T8994] CPU: 0 UID: 0 PID: 8994 Comm: syz.2.1508 Not tainted 6.11.0-rc6-syzkaller #0
[  299.398087][ T8994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  299.408173][ T8994] Call Trace:
[  299.411521][ T8994]  <TASK>
[  299.414482][ T8994]  dump_stack_lvl+0xf2/0x150
[  299.419098][ T8994]  dump_stack+0x15/0x20
[  299.422682][ T8980] syz.1.1503: attempt to access beyond end of device
[  299.422682][ T8980] loop1: rw=0, sector=209, nr_sectors = 8 limit=128
[  299.423270][ T8994]  should_fail_ex+0x229/0x230
[  299.441588][ T8994]  should_fail+0xb/0x10
[  299.445894][ T8994]  should_fail_usercopy+0x1a/0x20
[  299.450394][ T8980] syz.1.1503: attempt to access beyond end of device
[  299.450394][ T8980] loop1: rw=0, sector=209, nr_sectors = 8 limit=128
[  299.450935][ T8994]  _copy_to_user+0x1e/0xa0
[  299.464183][ T8980] syz.1.1503: attempt to access beyond end of device
[  299.464183][ T8980] loop1: rw=0, sector=209, nr_sectors = 8 limit=128
[  299.468443][ T8994]  simple_read_from_buffer+0xa0/0x110
[  299.482107][ T8980] syz.1.1503: attempt to access beyond end of device
[  299.482107][ T8980] loop1: rw=0, sector=209, nr_sectors = 8 limit=128
[  299.486924][ T8994]  proc_fail_nth_read+0xff/0x140
[  299.505202][ T8994]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  299.510797][ T8994]  vfs_read+0x1a2/0x6e0
[  299.514992][ T8994]  ? __rcu_read_unlock+0x4e/0x70
[  299.519962][ T8994]  ? __fget_files+0x1da/0x210
[  299.524773][ T8994]  ksys_read+0xeb/0x1b0
[  299.528943][ T8994]  __x64_sys_read+0x42/0x50
[  299.533463][ T8994]  x64_sys_call+0x27d3/0x2d60
[  299.538143][ T8994]  do_syscall_64+0xc9/0x1c0
[  299.542694][ T8994]  ? clear_bhb_loop+0x55/0xb0
[  299.547379][ T8994]  ? clear_bhb_loop+0x55/0xb0
[  299.552079][ T8994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.554965][ T8992] ext4 filesystem being mounted at /80/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  299.557993][ T8994] RIP: 0033:0x7f4c6fa488fc
[  299.558058][ T8994] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  299.592342][ T8994] RSP: 002b:00007f4c6e6c1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  299.600786][ T8994] RAX: ffffffffffffffda RBX: 00007f4c6fbe5f80 RCX: 00007f4c6fa488fc
[  299.609157][ T8994] RDX: 000000000000000f RSI: 00007f4c6e6c10a0 RDI: 0000000000000007
[  299.617133][ T8994] RBP: 00007f4c6e6c1090 R08: 0000000000000000 R09: 0000000000000000
[  299.625192][ T8994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.633343][ T8994] R13: 0000000000000000 R14: 00007f4c6fbe5f80 R15: 00007ffdbedd0b58
[  299.641368][ T8994]  </TASK>
[  299.702624][ T8997] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.736381][ T9007] loop1: detected capacity change from 0 to 512
[  299.756166][ T9007] EXT4-fs: Ignoring removed i_version option
[  299.766495][ T9013] program syz.2.1513 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  299.784583][ T9007] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  299.796300][ T9007] System zones: 1-12
[  299.804051][ T9007] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1510: bg 0: block 131: padding at end of block bitmap is not set
[  299.811384][ T9010] netlink: 'syz.4.1511': attribute type 2 has an invalid length.
[  299.826245][ T9010] __nla_validate_parse: 14 callbacks suppressed
[  299.826261][ T9010] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1511'.
[  299.836710][ T9007] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  299.853218][ T9007] EXT4-fs (loop1): 1 truncate cleaned up
[  299.853267][ T8997] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.876571][ T9020] loop2: detected capacity change from 0 to 128
[  299.895713][ T9000] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1509'.
[  299.934114][ T8997] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.980437][ T5888] EXT4-fs unmount: 48 callbacks suppressed
[  299.980455][ T5888] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.989552][ T9024] netlink: 'syz.0.1516': attribute type 10 has an invalid length.
[  300.036820][   T29] kauditd_printk_skb: 336 callbacks suppressed
[  300.036836][   T29] audit: type=1326 audit(1725229402.335:3532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9029 comm="syz.1.1518" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2a2e319eb9 code=0x0
[  300.048514][ T8997] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.159672][ T9037] loop2: detected capacity change from 0 to 2048
[  300.160117][ T9035] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1520'.
[  300.186655][ T8997] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  300.197086][ T9037] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.209420][   T29] audit: type=1400 audit(1725229402.506:3533): avc:  denied  { create } for  pid=9042 comm="syz.4.1522" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  300.217248][ T8997] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  300.247213][ T8997] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  300.258736][ T8997] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  300.267347][   T29] audit: type=1326 audit(1725229402.537:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9046 comm="syz.0.1523" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2c3f7f9eb9 code=0x0
[  300.271481][ T9037] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  300.367050][ T8475] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.380271][ T9055] loop3: detected capacity change from 0 to 1024
[  300.410334][ T9055] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=2840c118, mo2=0002]
[  300.422314][ T9057] netlink: 'syz.4.1528': attribute type 2 has an invalid length.
[  300.422645][ T9055] System zones: 
[  300.430128][ T9057] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1528'.
[  300.435892][ T9065] No control pipe specified
[  300.442998][ T9055] 0-1, 3-12
[  300.443826][ T9055] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.468406][   T29] audit: type=1400 audit(1725229402.769:3535): avc:  denied  { create } for  pid=9054 comm="syz.3.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  300.479264][ T9065] loop2: detected capacity change from 0 to 1024
[  300.495369][   T29] audit: type=1400 audit(1725229402.769:3536): avc:  denied  { connect } for  pid=9054 comm="syz.3.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  300.495723][ T9055] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  300.514928][   T29] audit: type=1326 audit(1725229402.769:3537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9054 comm="syz.3.1527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff613209eb9 code=0x7ffc0000
[  300.547746][   T29] audit: type=1326 audit(1725229402.769:3538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9054 comm="syz.3.1527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff613209eb9 code=0x7ffc0000
[  300.548409][ T9065] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  300.571154][   T29] audit: type=1326 audit(1725229402.769:3539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9054 comm="syz.3.1527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff613209eb9 code=0x7ffc0000
[  300.603472][   T29] audit: type=1326 audit(1725229402.769:3540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9054 comm="syz.3.1527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff613209eb9 code=0x7ffc0000
[  300.626910][   T29] audit: type=1326 audit(1725229402.769:3541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9054 comm="syz.3.1527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff613209eb9 code=0x7ffc0000
[  300.654638][ T9065] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.794299][ T8520] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.967935][ T9074] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1532'.
[  300.992129][ T9076] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1533'.
[  301.045300][ T9089] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.110357][ T9089] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.142048][ T9092] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1534'.
[  301.185983][ T9089] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.219796][ T9089] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.285352][ T9089] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.310614][ T9089] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.340735][ T9089] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.366761][ T9089] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.410251][ T8475] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.437640][ T9107] netlink: 'syz.0.1540': attribute type 2 has an invalid length.
[  301.445456][ T9107] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1540'.
[  301.470100][ T9114] autofs: Unknown parameter '0x0000000000000000'
[  301.494134][ T9114] loop1: detected capacity change from 0 to 1024
[  301.505865][ T9114] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  301.519505][ T9114] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.618867][ T9125] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1544'.
[  301.628099][ T9125] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  301.635793][ T9125] batman_adv: batadv0: Removing interface: batadv_slave_0
[  301.665622][ T9125] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  301.673301][ T9125] batman_adv: batadv0: Removing interface: batadv_slave_1
[  301.725392][ T9128] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.793910][ T9134] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1547'.
[  301.807949][ T9136] FAULT_INJECTION: forcing a failure.
[  301.807949][ T9136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  301.821455][ T9136] CPU: 0 UID: 0 PID: 9136 Comm: syz.0.1549 Not tainted 6.11.0-rc6-syzkaller #0
[  301.830764][ T9136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  301.840912][ T9136] Call Trace:
[  301.844211][ T9136]  <TASK>
[  301.847161][ T9136]  dump_stack_lvl+0xf2/0x150
[  301.851800][ T9136]  dump_stack+0x15/0x20
[  301.856061][ T9136]  should_fail_ex+0x229/0x230
[  301.860883][ T9136]  should_fail+0xb/0x10
[  301.865118][ T9136]  should_fail_usercopy+0x1a/0x20
[  301.870243][ T9136]  _copy_from_user+0x1e/0xd0
[  301.874873][ T9136]  __sys_bpf+0x14e/0x7a0
[  301.879187][ T9136]  __x64_sys_bpf+0x43/0x50
[  301.883682][ T9136]  x64_sys_call+0x2625/0x2d60
[  301.888399][ T9136]  do_syscall_64+0xc9/0x1c0
[  301.893090][ T9136]  ? clear_bhb_loop+0x55/0xb0
[  301.897797][ T9136]  ? clear_bhb_loop+0x55/0xb0
[  301.902700][ T9136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.908674][ T9136] RIP: 0033:0x7f2c3f7f9eb9
[  301.913142][ T9136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.932868][ T9136] RSP: 002b:00007f2c3e477038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  301.941367][ T9136] RAX: ffffffffffffffda RBX: 00007f2c3f995f80 RCX: 00007f2c3f7f9eb9
[  301.949364][ T9136] RDX: 0000000000000020 RSI: 0000000020000080 RDI: 0000000000000003
[  301.957503][ T9136] RBP: 00007f2c3e477090 R08: 0000000000000000 R09: 0000000000000000
[  301.965499][ T9136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.973502][ T9136] R13: 0000000000000000 R14: 00007f2c3f995f80 R15: 00007ffd75a8ddb8
[  301.981539][ T9136]  </TASK>
[  301.988151][ T9128] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.123573][ T9128] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.173467][ T9128] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.198538][ T9138] netlink: 'syz.0.1550': attribute type 21 has an invalid length.
[  302.213228][ T9138] mmap: syz.0.1550 (9138) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  302.251728][ T9128] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  302.271825][ T9128] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  302.293244][ T9128] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  302.322481][ T9128] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  302.379635][ T9141] netlink: 'syz.4.1551': attribute type 3 has an invalid length.
[  302.406266][ T5888] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.445764][ T9144] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.474178][ T9146] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.487934][ T9144] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.529183][ T9146] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.543150][ T9096] syz.3.1535 (9096) used greatest stack depth: 6472 bytes left
[  302.560442][ T9144] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.602436][ T9146] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.620822][ T9144] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.654681][ T9156] netlink: 'syz.3.1555': attribute type 2 has an invalid length.
[  302.669315][ T9146] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.753496][ T9162] No control pipe specified
[  302.767923][ T9162] loop3: detected capacity change from 0 to 1024
[  302.776964][ T9162] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  302.788947][ T9162] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.462587][ T9162] ==================================================================
[  303.470721][ T9162] BUG: KCSAN: data-race in atime_needs_update / touch_atime
[  303.478099][ T9162] 
[  303.480437][ T9162] read to 0xffff8881069eea60 of 4 bytes by task 9165 on cpu 0:
[  303.488087][ T9162]  atime_needs_update+0x261/0x3e0
[  303.493145][ T9162]  touch_atime+0x4a/0x350
[  303.497516][ T9162]  filemap_splice_read+0x8b0/0x920
[  303.502665][ T9162]  ext4_file_splice_read+0x95/0xc0
[  303.507809][ T9162]  splice_direct_to_actor+0x26c/0x670
[  303.513229][ T9162]  do_splice_direct+0xd7/0x150
[  303.518047][ T9162]  do_sendfile+0x3ab/0x950
[  303.522494][ T9162]  __x64_sys_sendfile64+0x110/0x150
[  303.527729][ T9162]  x64_sys_call+0xed5/0x2d60
[  303.532352][ T9162]  do_syscall_64+0xc9/0x1c0
[  303.536879][ T9162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.542810][ T9162] 
[  303.545151][ T9162] write to 0xffff8881069eea60 of 4 bytes by task 9162 on cpu 1:
[  303.552801][ T9162]  touch_atime+0x1f3/0x350
[  303.557265][ T9162]  filemap_splice_read+0x8b0/0x920
[  303.562410][ T9162]  ext4_file_splice_read+0x95/0xc0
[  303.567545][ T9162]  splice_direct_to_actor+0x26c/0x670
[  303.573138][ T9162]  do_splice_direct+0xd7/0x150
[  303.577967][ T9162]  do_sendfile+0x3ab/0x950
[  303.582421][ T9162]  __x64_sys_sendfile64+0x110/0x150
[  303.587668][ T9162]  x64_sys_call+0xed5/0x2d60
[  303.592462][ T9162]  do_syscall_64+0xc9/0x1c0
[  303.596991][ T9162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.603017][ T9162] 
[  303.605353][ T9162] value changed: 0x2e9c527d -> 0x2f35fda7
[  303.611082][ T9162] 
[  303.613418][ T9162] Reported by Kernel Concurrency Sanitizer on:
[  303.619573][ T9162] CPU: 1 UID: 0 PID: 9162 Comm: syz.3.1557 Not tainted 6.11.0-rc6-syzkaller #0
[  303.628597][ T9162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  303.638674][ T9162] ==================================================================
[  303.671237][ T8520] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.668294][ T9144] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  306.680861][ T9144] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  306.693875][ T9144] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  306.706791][ T9144] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  307.594124][ T9146] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  307.606774][ T9146] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  307.618088][ T9146] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  307.631512][ T9146] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0