last executing test programs:

9.616225871s ago: executing program 2 (id=2123):
syz_io_uring_setup(0x5c23, &(0x7f0000000380)={0x0, 0x0, 0x13290}, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000001100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x2}, 0x0)
r1 = syz_io_uring_setup(0x6d10, &(0x7f00000002c0)={0x0, 0x0, 0x10100}, &(0x7f0000000180), &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000100))
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xd, 0x3ed9, 0x4, 0x7, 0x0, r4}, 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r5, &(0x7f0000000300), 0x0}, 0x20)
r6 = syz_io_uring_setup(0x1e97, &(0x7f0000000140)={0x0, 0xa17d, 0x2000, 0x0, 0x1f1}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000440)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
r9 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
fchdir(r9)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r10 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
mkdirat(r10, &(0x7f0000000100)='./control\x00', 0x0)
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./control\x00')
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r6, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r11 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r12=>0x0}, &(0x7f0000cab000)=0x32)
setresuid(0x0, r12, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0x8, &(0x7f00000001c0), 0x0)
io_uring_setup(0x168e, &(0x7f0000000000)={0x0, 0x74b0, 0x0, 0x0, 0x8})

3.253041384s ago: executing program 4 (id=2260):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)=@updsa={0x138, 0x10, 0x1, 0x0, 0x6000000, {{@in6=@dev, @in6=@private1}, {@in6=@private1}, @in6=@private2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0)

3.206865797s ago: executing program 4 (id=2262):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed}, 0xe) (async)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @none}, 0xe)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0) (async)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
flock(r2, 0x0) (async)
r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r3, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00') (async)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020800000100000000000001000000000100140003"], 0x18}}, 0x0)
io_setup(0x8, &(0x7f0000000600))
socket$inet6_udp(0xa, 0x2, 0x0) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000006000000b9cb290cd3000000000000"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000028c0)='kmem_cache_free\x00'}, 0x10) (rerun: 64)
bpf$ENABLE_STATS(0x20, 0x0, 0x0) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r6=>0x0}) (async, rerun: 64)
r7 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001800010000000000000000000a10000000000000000000001800160014000100010000000000fbffffff0f000000000008000400", @ANYRES32=r6, @ANYBLOB="0600150007"], 0x44}}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r9, 0x84, 0x81, &(0x7f0000000080)=""/4096, &(0x7f0000001200)=0x1000) (async)
ioctl$sock_inet_sctp_SIOCINQ(r8, 0x541b, 0x0) (async)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000001340)=ANY=[@ANYRES16=r1, @ANYRES8, @ANYRES8=r4, @ANYRES16, @ANYRES8=r10, @ANYBLOB])

3.097798297s ago: executing program 4 (id=2263):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller1\x00', 0xc201})
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x5, &(0x7f0000000440)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x50}, [@map_val={0x18, 0x257e5a886e6ebce3, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x101}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfc, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1000}, 0x90)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCGSKNS(r0, 0x894c, &(0x7f0000000140)={'veth0_to_team\x00', 0x200})
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e200e227f000001925aa80020007b0009008003000000000000000000ff0000f03ac71002000000fffffffffeffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={'syzkaller1\x00', {0x2, 0x0, @broadcast}})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20010004, 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r4, &(0x7f0000000300)={0x0, 0x300, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r5, 0x1, 0x0, 0x0, {0x4}}, 0x14}, 0x1, 0xfcffffff00000000}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000008c0), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000040), 0xc)
r6 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r6, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f00000001c0)="c7", 0x1}], 0x1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000740))

2.893293333s ago: executing program 4 (id=2266):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="3800000020000100000000000000400002001400000000010000000008000200000000000c000c40000000000000000508000b00000000"], 0x38}}, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="3800000020000100000000000000400002001400000000010000000008000200000000000c000c40000000000000000508000b00000000"], 0x38}}, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r2 = perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000140)='!~_prio\x0ea&\x00')
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000080), 0x1, 0x53c, &(0x7f00000025c0)="$eJzs3c9vI1cdAPDvTH52mzZb6AEqYBcoLGi19sbbrqpe2r2AUFUJUXFAHLYh8UZh7XWIndKESKR/A0ggcYI/gQMSB6SeOHDjyA0hlQPSAhFog0SF0YwnqZvYjWkcm8afjzQ7P178vu/FO/Oe38TzAphYVyNiLyJmI+L1iFgsjifFEi93luznHu3vrhzs767Ef9rt1/6W5OnZseh6TebxIs/5iPjGVyO+k5yM29zeub9cq1U3i/1yq75Rbm7v3FivL69V16oPKpXbS7dvvnDr+crQ6nql/suHX1l/5Zu/+fWn3/n93pd/kBVroUjrrscwdao+cxQnMx0Rr5xHsDGYKtazYy4HH04aER+LiM/l5/9iTOX/OwGAi6zdXoz2Yvc+AHDRpfkYWJKWirGAhUjTUqkzhvd0XEprjWbr+r3G1oPVzljZ5ZhJ54q+wvfyf2eSe+u16lKelqfn+5Vj+7ci4qmI+PHcY/l+aaVRWx1PlwcAJt7jx9r/f8512v8B9LirBwB8ZMyPuwAAwMhp/wFg8mj/AWDyDND+Fzf79869LADAaPj8DwCTR/sPAJNH+w8AE+Xrr76aLe2D4vnXq29sb91vvHFjtdq8X6pvrZRWGpsbpbVGYy1/Zk/9tPxqjcbG0nOx9Wa5VW22ys3tnbv1xtaD1t38ud53qzMjqRUA8EGeuvL2H5KI2HvxsXwJcznAxEjHXQBgbKbGXQBgbMz2BZNr8PH4351rOYDx6fkw7/mem+/30/8hiL8zgv8r1z7Zf/z/eN/AfQG4WIz/w+T6cOP/Lw29HMDo9Rr/18+HydBuJ8fn/J89SgIALqQzfB+v/cNhdUKAsTptMu+h3P8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAC2YhIr4bSVoq5gJfiDQtlSKeiIjLMZPcW69Vb0bEk3ElImbmsv2lcRcaADij9C9JMf/XtcVnF46nzib/motiTvDv/+y1n7y53GptLmXH/350fO5w+rDKe687w7yCAMCQ5e13pVh3fZB/tL+7criMsjwP78S7xVTEKwf7u/nSSZmO6Xw9n/clLv0jKfY7c5E+ExFTQ4i/91ZEfOKo/sm77XYRP8nHRi4XM592x48i9hPDj9/1+z8eP31f/DRP66yzztfHj+WbDqFscNG9fSciXu51/qVxNV/3Pv/n8yvU2T2808ns8Np30BX/8Po31SN+ds5fHTTGc7/92omD7cVO2lsRz0z3ip8cxU/6xH92wPh//NRnfvRSn7T2zyOuRe/43bHKrfpGubm9c2O9vrxWXas+qFRuL92++cKt5yvlfIy6fDhSfdJfX7z+ZL+yZfW/1Cf+fM/6zx699gsD1v8X/37925/9gPhf+nzv9//pnvE7sjbxiwPGX770q77Td2fxV/vU/7T3//qA8d/5887qgD8KAIxAc3vn/nKtVt0800b2aXMY+ZzYyIo41AxP2fhTjC7WqRsz5/VbPfeN6aO+4nBz/laW44irkw69FmfaeDSqWOO9LgHn772TftwlAQAAAAAAAAAAAAAA+hnFV5fGXUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAurv8GAAD//5S5ywU=")
r3 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0)
r4 = socket(0x0, 0x0, 0x4a6)
write(r4, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24) (async)
write(r4, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)="d80000001e0081054e81f782db4cb904021d0800fe007c05e8fe55a10a00150002", 0x21}], 0x1}, 0x0) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)="d80000001e0081054e81f782db4cb904021d0800fe007c05e8fe55a10a00150002", 0x21}], 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r5, 0x0, 0xa002a0}, 0x38) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r5, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r5}, 0x38)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000580)={0x1, 0x7e69}, 0x8) (async)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000580)={0x1, 0x7e69}, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0xe4}, 0x5b)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a00000e000000802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe80000000000000004016b606c6592026000280050001000000000008000740000000001800068014000400ff01000000000000000000000000000150b3f0aaff6b516cda081cec3fea2f9c4fc072fda9c82cd21407ae5bb764fbd7abdfbf90c34d68909f4503591d225f6002787ed8982d918846ae5af875d1b74373ef92b2a41067b32b33f1187e6aeb5b246b1e739e4ad8415c569e8ffce73915541c5585d38a288bc0ccfd96b5459670e7cbc010de24"], 0xac}}, 0x0) (async)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a00000e000000802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe80000000000000004016b606c6592026000280050001000000000008000740000000001800068014000400ff01000000000000000000000000000150b3f0aaff6b516cda081cec3fea2f9c4fc072fda9c82cd21407ae5bb764fbd7abdfbf90c34d68909f4503591d225f6002787ed8982d918846ae5af875d1b74373ef92b2a41067b32b33f1187e6aeb5b246b1e739e4ad8415c569e8ffce73915541c5585d38a288bc0ccfd96b5459670e7cbc010de24"], 0xac}}, 0x0)
pidfd_getfd(r3, r0, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./bus\x00', 0x0, 0x1000, 0x0)
io_uring_setup(0x0, &(0x7f0000000340))
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40841, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})

2.525020473s ago: executing program 1 (id=2268):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x480000, 0x0)
socket(0x1, 0x2, 0xb)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0xb}, 0x1c)
listen(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x400e, &(0x7f00000001c0)={[{@i_version}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[], 0xfdef)
lseek(r0, 0x101, 0x0)
syz_emit_ethernet(0x26, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x89, 0x0, @empty, @broadcast}, "90e2a72a"}}}}, 0x0)

2.524679423s ago: executing program 4 (id=2269):
r0 = socket(0x28, 0x5, 0x0)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080), 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg(r2, &(0x7f0000000100), 0x0, 0x80)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000061a09040000000000000000020000000900020073797a32000000000900010073797a3000000000050007403c000000140000001100010000000000000000000000000a"], 0x5c}}, 0x0)
recvfrom$unix(0xffffffffffffffff, &(0x7f0000000140)=""/248, 0xfe82, 0x2, 0x0, 0x0)
socket(0x28, 0x5, 0x0) (async)
socket(0x28, 0x5, 0x0) (async)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) (async)
listen(r1, 0x0) (async)
connect$vsock_stream(r0, &(0x7f0000000080), 0x10) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)) (async)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sendmmsg(r2, &(0x7f0000000100), 0x0, 0x80) (async)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
syz_io_uring_setup(0x0, 0x0, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x0, 0x0, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000061a09040000000000000000020000000900020073797a32000000000900010073797a3000000000050007403c000000140000001100010000000000000000000000000a"], 0x5c}}, 0x0) (async)
recvfrom$unix(0xffffffffffffffff, &(0x7f0000000140)=""/248, 0xfe82, 0x2, 0x0, 0x0) (async)

2.432110511s ago: executing program 1 (id=2270):
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b7020000f7ffffffbfa700000000000037"], 0x0}, 0x90)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="96010000100013070000000000000000ac1414aa0000000000000000000000000000000000000000000000000000000100000000000400000000400000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000002000000960000000000000048000200656362286369706865725f6e756c6c2900"/240], 0x1a0}}, 0x0)
epoll_create(0x10001)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000040850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x120, 0x0, 0x0, 0x3, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

2.31910795s ago: executing program 1 (id=2272):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080d004fcf0000e8ffff1a8600", "cf0d00", "8657e2b7e43b34e4"}, 0x28)
write$binfmt_script(r0, &(0x7f0000000300)={'#! ', './file0', [{0x20, 'tls\x00'}, {0x20, '\x00'}, {0x20, 'o,'}, {0x20, 'cp|u.sN\xd1\x00'}, {0x20, '\xa7{\x121\x948L\xe7GG\x1a\x99\x1fB\xe2\a\xd3\x93%'}, {0x20, '#! '}, {0x20, 'cpu.stat\x00'}, {0x20, '#! '}, {0x20, '\x00\x00'}]}, 0x48)

2.278676453s ago: executing program 1 (id=2273):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
poll(0x0, 0x0, 0x12000000)

1.675886153s ago: executing program 4 (id=2280):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x480000, 0x0)
socket(0x1, 0x2, 0xb)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0xb}, 0x1c)
listen(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x400e, &(0x7f00000001c0)={[{@i_version}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[], 0xfdef)
lseek(r0, 0x101, 0x0)
syz_emit_ethernet(0x26, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x89, 0x0, @empty, @broadcast}, "90e2a72a"}}}}, 0x0)

1.061986433s ago: executing program 1 (id=2284):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x11, &(0x7f0000000500)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@noinit_itable}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@noload}, {@data_writeback}]}, 0x1, 0x631, &(0x7f0000001940)="$eJzs3c1vVFUbAPDn3k6/3/edQt6ouJBGYyBRWlrAEGMC3bgiBD92riotBBkooTVaJLFNcGNi3LgwceVC/C+UxK0Lty7cuDIkxBgWYlDG3Jk7ZTrt9Hs6pf39kmnvmTNzzrlNnzlnzpxzJ4A9azD7kUYciIhrSUSxLq8QeeZg9XH3/7h5PrslUS6/9XsSNz9O5urLSvLf/fmT/ylG8lMasb9jab3Tszcuj5dKk9fz9PDMlWvD07M3jly6Mn5x8uLk1dFXRk+eOH7i5MjRTZ1fXvXf2Y8zt977oPjp2Xe++ephMvLtL2eTOB2P8gdk59X43O5N1Zz9zQajXPVgUUYacXKTZe8UfxZr/ycV3dk/RFJoZ4tYjzQiTkVEZ0Q8HcXoiMfBWoxP3mhr44CWKidR6aMGy8Dek0TTrEs9+YvEUj0tbROwHWrjgNp7++XeBy+VtnJIAmyTe2PVubpq7HdGRC3+C9W5weipzA303U/q53kqc32bm5mryur48Yezt7JbNJmHA1pjbr42y93Y/yeV2ByI6nuAvvvpovgfy0cBaf45wZuNBa9x8nywIS3+YfvMzUfEM3n/3xVrjv80j91a/L+7wfrFPwAAAAAAAGydO2MR8fJy6//ShfU/Xcus/+mPiNNbUP/qn/+ld/ODZAuqA+rcG4t4bdn1vwtrfAc68tR/K+sBOpMLl0qTRyPifxFxODq7s/RIQ7n1K4SPfLb/y2b116//y25Z/bW1gHlJdwsNa4kmxmfGN3veQMS9+YhnK+t/D+b3LF7/k/X/yTL9fxbf19ZYx/4Xb59rlrd6/AOtUv464tCy/f/j4Xay8vU5hivjgeHaqGCp5z76/Ltm9Yt/aJ+s/+9bOf67k/rr9Uyvr/yuiDg2Wyg3y9/o+L8rebujVn7mw/GZmesjEV3JmaX3j66vzbBb1eKhFi9Z/B9+YeX5v4Xxf10c9kbE3BrrfOpR/6/N8vT/0D5Z/E+s3P8XF/f/6z8YvT3wfbP6z62p/z9e6dMP5/eY/4N6S6/HsdYAbUtzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAJl0bEfyJJhxaO03RoKKI/Iv4ffWlpanrmpQtT71+dyPIq3/+f1r7pt1hNJ7Xv/x+oS482pI9FxL6I+KKjt5IeOj9Vmmj3yQMAAAAAAAAAAAAAAAAAAMAO0V/Z81/ubtz/n/mto92tA1qukP8W77D3FDb8zHL3ljYE2HYbj3/gSTa/rvjvbGlbgO3XPP4fPCxXNNz9+vMtbxOwPYz/Ye/aYPz7uAB2Af0/7FVrnNPraXU7gHbQ/wMAAAAAwK6y7+Cdn5OImHu1t3LLdOV5vW1tGdBqabsbALSNNbywdxWm2t0CoF1s6AeShaO/Gjf7VzRf/Z+0pkEAAAAAAAAAAAAAwBKHDjTf/29vAOxuK+//t7YfdrMV9v8vF/wuFwC7SPOv/tD3w27nPT6wWm9v/z8AAAAAAAAAAAAA7AA9Ny6Pl0qT16dnn7yDUzujGes7mBvfXDnl7p1wFosPHrWm5M6I2BknuAUHWbCVSpPlcsTqD65dgqONbW7vyxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDYvwEAAP//9HcgKQ==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000800)=[{0x0, 0x9, 0x1, 0x2}]})
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
r1 = memfd_create(&(0x7f0000001400)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4048000)
r2 = accept$inet6(0xffffffffffffffff, &(0x7f0000000680)={0xa, 0x0, 0x0, @private1}, &(0x7f00000000c0)=0x1c)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000100), 0x10000)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c05, r1)

1.061200823s ago: executing program 2 (id=2285):
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'team_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000380)=ANY=[@ANYBLOB="5000000010000305000000000000000020000068425d030ed7a7121950e228a5bfa04d0af938a15a181fefdf7adba1d176eff720d67999724ced39e6f071dbdf9eefcfb09bb7752409711030443f213f9e226034e38dd8224b1839a55b152cc4fc951c6203b3d2f58a199b737d06b2", @ANYRES32=0x0, @ANYBLOB="000000000000000030001280080001006873720024000280050007000000000008000200", @ANYRES32=r1, @ANYRES8=r0, @ANYRES32=r1], 0x50}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41100, 0x1c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfff}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = io_uring_setup(0x50b6, &(0x7f0000000140)={0x0, 0x9ffd, 0x4})
r4 = socket(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000000280)={0x10, 0x0, 0x25dfdbfe, 0x800}, 0xffffffcf)
write(r4, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
sendto$inet(r0, &(0x7f0000000340)="043ac447", 0xfffffffffffffff9, 0x4004054, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b405000000d50000711035000000000005000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x39)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000004c0)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff02c}, {0x6}]}, 0x10)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r6, &(0x7f00000001c0)='k', 0x1, 0x20040000, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x3, &(0x7f0000000140), 0x8)
chdir(&(0x7f0000000140)='./file0\x00')
r7 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r7, 0x0)
r8 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r8, &(0x7f0000001fc0)=""/184, 0xb8)

652.570007ms ago: executing program 1 (id=2287):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
syz_io_uring_setup(0x2, &(0x7f0000000080), 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) (async)
ptrace(0x10, 0x1) (async)
r1 = inotify_init1(0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) (async)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f0000000380)={0x0, <r2=>0x0})
ptrace$getenv(0xd, r2, 0x0, &(0x7f0000000000))
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_GET_REQUEST_TABLE(r4, 0x2283, &(0x7f0000001200)) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002a80)=ANY=[@ANYRESDEC=r4], 0x14c}, 0x1, 0x0, 0x0, 0x20044000}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000d80), 0x208e24b) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r6, 0x0) (async)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff}) (async)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
close(r8) (async)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000006900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="3800000010000104000000000000000000000000a03443caaca4a2e97a212b887212bab290dff0eef64d586c0320138f6d069f1c2d1ca02fb40ef4d499b46219f00aebf5106190cc903cd5018d820f45e008eb082605f3e64d25a79590f72b43a448d2ed65476bd9a80800000000000003be8af90a08dff75586f750a0f637aab94d3792ffedbda78a7402496cdf2ff3345908bd67d2b29e455d256c1716552fe39be6f474", @ANYRES32=0x0, @ANYRESHEX=r5], 0x38}}, 0x0) (async)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
getsockopt$bt_l2cap_L2CAP_LM(r10, 0x112, 0x9, 0x0, &(0x7f0000000040))
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000000)="3900000013000b4700bb65e1c3e4ffff01000000350000005600000225001f0019000a0010", 0x25}], 0x1) (async)
write$binfmt_misc(r7, &(0x7f0000000000)=ANY=[], 0xfffffecc)

639.762357ms ago: executing program 2 (id=2288):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe21, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000400)={@multicast1, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
syz_emit_ethernet(0x2a, &(0x7f0000000140)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xe0, @broadcast=0xe0000001}, {0x0, 0xe21, 0x8}}}}}, 0x0)

376.944369ms ago: executing program 0 (id=2292):
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b7020000f7ffffffbfa700000000000037"], 0x0}, 0x90)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="96010000100013070000000000000000ac1414aa0000000000000000000000000000000000000000000000000000000100000000000400000000400000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000002000000960000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00"], 0x1a0}}, 0x0)
epoll_create(0x10001)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000040850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x120, 0x0, 0x0, 0x3, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

353.669101ms ago: executing program 0 (id=2293):
add_key(0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="d5"], 0x24}}, 0x0)
recvmmsg$unix(r0, &(0x7f0000005480)=[{{0x0, 0x0, &(0x7f0000002a00)=[{&(0x7f0000000480)=""/187, 0xbb}, {&(0x7f0000000640)=""/236, 0xec}, {&(0x7f0000001940)=""/4096, 0x1000}, {&(0x7f0000000840)=""/216, 0xd8}], 0x4}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)
write(r0, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000080000000000", 0x14)
keyctl$clear(0x7, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2c, &(0x7f00000005c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
setsockopt$inet6_udp_int(r1, 0x11, 0xb, &(0x7f0000000240), 0x4)
setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000080)=0x3, 0x4)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e20004db0"], 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'bridge0\x00'})
setsockopt$packet_int(r3, 0x107, 0xf, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="200000010000000c00018006002ebb9b8c1f503f000005470000007f00000000"], 0x20}}, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x11012, 0xffffffffffffffff, 0x0)
pread64(r5, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)

227.815211ms ago: executing program 2 (id=2295):
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x0, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b70000000000000007000000000000009500000000000000bdc5072e4c75223f007e6ca306000000000000009c91420b66f0980e90dc0a99"], 0x0}, 0x90)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd0903280003003000000060000b0001002f0081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef)

225.817121ms ago: executing program 3 (id=2296):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
socket$netlink(0x10, 0x3, 0x0)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000440))
sendmsg$BATADV_CMD_GET_HARDIF(r4, &(0x7f0000000540)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x4c, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x5)
bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0xe, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
socket$key(0xf, 0x3, 0x2)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000000))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8946, &(0x7f0000000080))
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000001880)={&(0x7f00000017c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001840)={&(0x7f0000001800)={0x1c, r2, 0x630, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0xa1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40408c4}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)

200.284063ms ago: executing program 2 (id=2297):
socket$nl_generic(0x10, 0x3, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x0, 0x0)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000005700)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x8}, {}, {0xc}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x190100000000ff81)

192.741394ms ago: executing program 3 (id=2298):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000240)={'syztnl2\x00', &(0x7f0000000180)={'syztnl0\x00', <r2=>0x0, 0x2f, 0x4, 0x5, 0x2, 0x10, @private1, @mcast2, 0x7800, 0x7, 0xcb, 0x9}})
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280)=0xffffffffffffffff, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x3, 0xfffffc00, 0x5, 0x400, 0xffffffffffffffff, 0x2, '\x00', r2, r3, 0x5, 0x2, 0x40000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702", @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r5)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="60000000020601030000000000000007000000000e0003006269746d61703a697000000005000400000002000900020073797a320000000018000780050003001b0000000c000180080001400000000005000500020000000500010006"], 0x60}}, 0x0)

115.87331ms ago: executing program 2 (id=2299):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000380))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000380))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x7, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x10})
syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), 0xffffffffffffffff)
readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000480)=""/171, 0xab}], 0x1)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x6, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000006910040000000000630a70ff0000000095000b0000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff4d, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000000c0)='tasks\x00', 0x2, 0x0)

114.61947ms ago: executing program 3 (id=2300):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x202, 0x0)
write$binfmt_misc(r0, &(0x7f0000002d40)=ANY=[@ANYRESOCT], 0x4c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r2 = openat$cgroup_devices(r1, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x101a02, 0x0)
sendfile(r3, r3, 0x0, 0x9)
write$cgroup_devices(r2, 0x0, 0x0)
write$cgroup_devices(r2, &(0x7f00000008c0)=ANY=[@ANYBLOB="63202a3a2a207200374f4f3f2719ee78e1c55831d722422f05945ad46748ab287139a454047ec649b4b93a0d125bed2e644d38b7b762006d80241b4fb3402be1ad1f7978f56c3c8ec26845589f97e956e10e6141e64bbb1a038c5f7f0aded95e500fe2b73412d179a951faf98c47aeeaa77bab1ebde2debfc8bc970e5918ac63ff40ad7295546c9f00c08e1d108379b1d09311d6776fc2d021b107f1a38a0a2b5abb4ec104937610d6af9ee0f4ac7ae0440c082487e30c715ccdfe87ab22afca20df3aa72fea99e019bc7aa55ad0e30e9bab6f6fda0fb2e33798fb09b346f70f6e1ca37aa0019c9c1f1122332ee6d19b0d85133ecd9a16c207856aae3eadb92d04ad7ebccd4b4fade514040ebd2d8f42fa0124bce8fb3ed58143393960aa87d852bfeb7132801bd2219e9966bae5b22b126eca07c546326db40f4695215ab523b8a59e5b0988a8e0d137b4e7a39e4bd118a6cf7ebc7994997f08126b49a58f0eb34929b92f71ae8310b454752a8d45e4240a3abf4f7e9452be38e16c35fd14cf9248d9be6d2fe7dbe3e25c699976f8c93c985030a760f9d423d98f5415d10910fe0d7d6c6970b538d4100c820784818ad392d0fb1e"], 0x8)
write$cgroup_devices(r2, &(0x7f0000003080)={'a', ' *:* ', 'r\x00'}, 0x17)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x30, 0x30, 0x0, @in={0x2, 0x0, @multicast1}, @ib}}, 0x118)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x90)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'team0\x00'})
r7 = socket$key(0xf, 0x3, 0x2)
r8 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
listen(r8, 0x0)
ioctl$sock_TIOCOUTQ(r8, 0x5411, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0)={<r9=>0xffffffffffffffff}, 0x111, 0xa8b91b2147156d91}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r8, &(0x7f0000000300)={0x1, 0x10, 0xfa00, {&(0x7f0000000080), r9}}, 0x18)
r10 = openat$cgroup_ro(r3, &(0x7f0000000380)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f0000ffa000/0x2000)=nil)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xb, 0x12, r10, 0x0)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="93630100200501001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r7, @ANYBLOB="160095df", @ANYRES32=r6], 0x4c}}, 0x0)

112.95491ms ago: executing program 0 (id=2301):
socket(0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x62)
syz_clone3(&(0x7f0000000140)={0x7000000, 0x0, 0x0, 0x0, {0x40000000}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0)

88.274142ms ago: executing program 3 (id=2302):
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b7020000f7ffffffbfa700000000000037"], 0x0}, 0x90)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="96010000100013070000000000000000ac1414aa0000000000000000000000000000000000000000000000000000000100000000000400000000400000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000002000000960000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00"], 0x1a0}}, 0x0)
epoll_create(0x10001)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000040850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x120, 0x0, 0x0, 0x3, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

66.736534ms ago: executing program 0 (id=2303):
unshare(0x22020400) (async)
r0 = syz_clone3(&(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = syz_pidfd_open(r0, 0x0)
pidfd_send_signal(r1, 0x0, 0x0, 0x0) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r4=>0x0}) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
r5 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r5, 0x10f, 0x82, 0x0, &(0x7f0000000040)=0x58)
sendmsg$nl_route(r2, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000600)=ANY=[@ANYBLOB="5800000013000500"/20, @ANYRES32=r4, @ANYBLOB="0800000000000000140003006e696376663000000000000000000000050021000000000008000a00", @ANYRES32=r4], 0x58}}, 0x0)

66.015104ms ago: executing program 3 (id=2304):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r0, 0x8008f512, &(0x7f0000000000))
r1 = accept4$unix(0xffffffffffffffff, &(0x7f0000000040)=@abs, &(0x7f00000000c0)=0x6e, 0x80800)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000180)={'lo\x00', &(0x7f0000000100)=@ethtool_regs={0x4, 0x10, 0x58, "70a69c5b4e50e2c94d9c96989629b3188311131b96002472440dc951db07d54ce29cddb0cf2197a4e0591cbab0f07ef5ad12332cdc568452d7af4413e3ef511f0831d497b4e0ad2f3a5db510ccc1964012e8acf0fece459d"}})
unshare(0x600)
r2 = open(&(0x7f00000001c0)='./file0\x00', 0x2, 0x40)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r3=>0x0})
pipe2$watch_queue(&(0x7f0000000240)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x2, 0x4, 0x8, 0x1, 0x80, r2, 0x5, '\x00', r3, r4, 0x1, 0x5, 0x5}, 0x48)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), r4)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000000480)={&(0x7f0000000300), 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0xc0, r5, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x318}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x885}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x80}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8000}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}]}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xde}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xd}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040004)
sendmsg$AUDIT_TRIM(r2, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x10, 0x3f6, 0x800, 0x70bd27, 0x25dfdbfd, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20000004}, 0x8000)
sendmsg$DCCPDIAG_GETSOCK(r4, &(0x7f0000000940)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000900)={&(0x7f0000000600)={0x2d0, 0x13, 0x10, 0x70bd25, 0x25dfdbfd, {0x2c, 0x6, 0x0, 0xff, {0x4e23, 0x4e24, [0x0, 0x80000000, 0x40, 0x6], [0xfffffffd, 0x1efb, 0x3dc, 0x7], r3, [0x0, 0x9]}, 0x9, 0x890}, [@INET_DIAG_REQ_BYTECODE={0x41, 0x1, "c1eaea97a89e34566cef07ccce338f6c7d96ec20c42c94d92a2806705faed4febfe654827260baf0f85e94236000d85c20e37a8a132f7ba904486a0b27"}, @INET_DIAG_REQ_BYTECODE={0x9f, 0x1, "623e778b03ab42830254a897a4ac9b81600400605cb1df42794ed5da3070a1f60017944537f2932696270cb732dd47a5a7cc6b0b3b67d0389609c9a1d3a15c88afe704a72ad2d160e362492dbc9f231ddfa351a964e668964a30d0467c6c796d4167ab6e372881561c252e8c4673c10499141d1deff72e4718df96add029f47776c9f63b2922d0cef6d3c043956eb530f637a83a25e24b03d158ee"}, @INET_DIAG_REQ_BYTECODE={0xc7, 0x1, "369027a7a99f4e41c86442cb624be073d753f89b49c4fa46b7fe7740cc16e3680f40f10cd5c9dd48a036c77b91b51adec442b01cb65ae31558175a40195dc4f6861ae731a42b8f580ac9b6624cb41c68c2c38c1b81e4ade43d73d235390258beba9b2fa8537c007cb390cbd0783bdf0039dfd3ae49e1d0a4a914342fc387c29d0c956020edff29c4bb5809bf91bbb1e0e02fbb91bd485cb60576ee685b7efb6c452ff6baacc6a2990e412b1e69ca1f18e0c78143fe798040c50c45c0bbc3cff1669bea"}, @INET_DIAG_REQ_BYTECODE={0x18, 0x1, "8e8e5b22eed36ad66a8126d6cd8d719d9ab186b0"}, @INET_DIAG_REQ_BYTECODE={0x1c, 0x1, "a6d49baadc45e2d21fdeda963c9eb7adc05d81b176fa5a7a"}, @INET_DIAG_REQ_BYTECODE={0xa1, 0x1, "990bd07fa92d6e0432d86b98b3af5f30c82cfe7bf85e16b201001388b947c04cef31ed481da6f9d98c6c4fe50d4db216fe61919debc303671e32ce6b358c14208d735a9b41fcefa6f5749d88c8626545fa3af5aa7601428b410f6fc0bb3ff75b5b31732c034df2e269b9d06f6d6920d89a6842b8ed45d7988dce8cba62d2889f6e35409e51ad9fd83981b1c5b0a787c9a16e8a48f46f89728f56c9a5e5"}]}, 0x2d0}, 0x1, 0x0, 0x0, 0x40044}, 0x0)
r6 = socket(0x21, 0x3, 0x5)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x1c, 0x0, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}]}, 0x1c}}, 0x4004001)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r2)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000c40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b00)={0xcc, r7, 0x400, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @void, @val={0xc, 0x99, {0x1, 0x5}}}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xd83}, @NL80211_ATTR_VENDOR_DATA={0xa4, 0xc5, "2f174a53f67b38274904f05aaa86e753d57960caa63e0c9535e50e5f095f42d54197cb4f8aec9b816705b732799a0f8aa72da1b1d312b6d84c7a5229f2a27dc24d00e8ceb6a2979d36a9308a130c11a494c3aacc692c770493855b077927b76305663e631a140e572526e91d8b75791eda306a52e7e59b715b75141bad50baaff9d01abaad5fbc16b4682a6cbe280dc9c26339503ee5461aa640f5d0051f3e9b"}]}, 0xcc}, 0x1, 0x0, 0x0, 0x40000}, 0x4040000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000c80), r8)
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f0000000d80)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x2c, r7, 0x20, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x64}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x24008004)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f0000000e00), r6)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000e40)={'batadv0\x00', <r11=>0x0})
sendmsg$BATADV_CMD_GET_MESH(r9, &(0x7f0000000f00)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x20a50000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x3c, r10, 0x10, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r11}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004850)
sendmsg$AUDIT_MAKE_EQUIV(r4, &(0x7f0000001000)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000fc0)={&(0x7f0000000f80)={0x28, 0x3f7, 0x20, 0x70bd26, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x40001)
sendto$inet(r6, &(0x7f0000001040)="11c093a6bcd8934fc440ec4f972631ecadee0ae55ac9be3b774282c2a7c9d555538dd504fd5295790befea7f73bd7042d64ef4253704501bb74fa2ea8b1d8ad509cb21b7f45e613f3acdc0ae30d805dfdbcc4e4755a5eb930926854cf8f60d621584f8bc0822dd053ae8d204f55a0a8baf93d9832b8e3ec346909d3fe963cc03ee2ad13971f123fd67889cd10412477062ea32028452e6b2684661767ea5fc8654e4f3bd299383bd9789eded2cc612915d10", 0xb2, 0x4004000, &(0x7f0000001100)={0x2, 0x4e24, @broadcast}, 0x10)
flistxattr(r0, &(0x7f0000001140)=""/111, 0x6f)
sendmsg$sock(r6, &(0x7f0000002580)={&(0x7f00000011c0)=@xdp={0x2c, 0x0, r3, 0xfff}, 0x80, &(0x7f0000002500)=[{&(0x7f0000001240)="0650254acf93e75899c29adfffee88f16ee70b9322d15773078ae9", 0x1b}, {&(0x7f0000001280)="ab6c07c7e69b2f86ad4d6b885f0158b409dc803f912e582c127bdb1c4d0477dc3a6be7924879eb50eca62aba921fa5f22d46f59e848fd7abdbbbda00da6851caba7622fc23754b24ff41af91a96c20cf2d54d64a0584ebc902e5ee50dd8406730037963aaf578021bcb16a7d97568edacfa5ad16a989b85e86fb3bd4636c91088e04db6183c0be621466e163f8327e281e5ff8973034e66bf434eaa6d111a7366f916772cf75d5854821152df46281b82e3ead8a03f4469e28", 0xb9}, {&(0x7f0000001340)="31e936caa146c100b599d76dfff5c9e6adf15434a85d87a4a20d1ebcf0ad80cc035a11e5759a4eac7c57609e4aafeaec71cb5f1f5ea3cdddf668b3f636ec5ff131ca19b85c974d264c5487531eb8a90463b2979ad007ce7fb3d38ca7da5861893f8381b8f3eec1269c60fdbcdebc69ce09391cc48b780b2c4ff98452ac345d0c6ca4df3899ea1f89ee48cfc3fb72e10cec88575caf1540e1389ab8cee7a6", 0x9e}, {&(0x7f0000001400)="fdfaf5d32ba76cc41173d54875a35f93b3d2fa99373be75566a7230b47cef453a022b091c3040f56e456790cb6d341b33f39e04fe3a9c7f58ce744af0d5defc50db777e52781d69c6a1db86fea8ef53280a581ba9b1fa536150573c53184e131e28c52f1a02fd0886a7ce26f2d2b610f94d368cc2599a7b31ddf39e47e9ac66d01d548f2d1f10a6239970ca91c73935e606a7e3b9c27c8691dbd980e2b1927022febc7bcf9965fadada9463eddd93926633af57a4556fd1157f0857138c1b035f5eb0ffe73280718ae04313d22c86e920822cc7329e35a90c09a4988f30b9232d0bf56e092c930771f8d6cab45f7f7eb6c92672907d22a1c101a263603fdcbf6a44202c8b7dc267c6721661c522f6a863fb103d1546a389a1c3d86502492f0640a8f0d6680c9846141b793c936026113f89350f78762889e2d8f3234e7b7aea90409f35772e0cc3c41b0e6855f9e065be5dde4cbbb72865a87331f9e5e3b6b7939f4a5b851d5cefdb636c1242faf1c38bfbc5cf79fb7d95a40c803deab018fcea09c616ca7861c677280f49fc5e192f9ec2af4a7eb69213f49a58c4094c345a40597da0fa20ff63e3ea305b923580d8983e71a056a849954f44cd15f587b0b225d2edb3c3b460b97e9c5f07a3b1e6ea28929946d8618cb15376af4debdefcbc8a4ee9866c1d55fb1f05fe5f872e07c5e91ef1dfaad70bf992a15c3580b3628c20425eeff772d1e7fa46438dfe007617e8e3f1209963690fa090ffbbe7ddc6eee07f7a5f2937a069998d91c42baf29c2a80cf1b8572ad197ee69463c827426f05f2312c3a161050d16df18ba416f3a4360160b90897531867f50f978c90e3850355dbb10f72283797ce5d7c9541bece1e4c348dddf4382b35a4da4209f32302bd5b6f4e1ffcae0dbdb1bad5b9b1edb5ce0781ec45166e7ca84fb63001fcb4a6a0b0630f1c28c1068c5d021476cf89f6c5498651762e48450b43b169373e0589ef16d6d9bb353b0c04d0d7bcfe8bba8a9ff5c5fa00d5e3fa297622a96e14018c7078d21b665e917a04ac43141152504d2b332229358e893e7d6f896d10119ae2ab4a59ac17900d1e6d427154a131445d8cfcfa9f3356743f757029d670a1913c566a9d3e85329d4f3efe3a4c1e86eb6e7710d46bced5ed0bc733e1620f4e4d246de9d7b0ae4fa324380b523fa8bf1f2ddb975a5a330c402c61eb93288ea2e2e94878032971e5becf80885b2beabcfb69c4b559ad0579abc354d555aea0273222d9ad599a0da7789a6cec38a4790b5437fb50ab67d582844d3b4de3efbc716097b9d8fbd95e26e3abbd59353c8fa003108c7d952fcb8faf1c8ec07ca073b13a032fb9ef3ea24bfd45fc4205d698e75b3d49ac72cd78730f954dccd3b568001a882b3c5732a187f24b6ca96bc16f4fa6fb789a6d7906cf80d0c3aa3884a8d597f553c30d32cc4484c77d21754291691f246693645e169b2a6112ba14d0ad1c3c66babad736db7a610b283b60a4118f0f34c680fe0ac49dfdb286a9f3180a0e51b41266a93a2ca3359ffc2618dad5efcbabb65c06d15e1e0e3c4f4ecfaa4adfe7e13200865ad1612abfd1c624730895036078878b0cbfa775b8d98f8419a9c62be971bc5a4c418080445b2df1986893c45ca3a8c9df0dbbc0f680015000cbbb7a5a292c7de67de5d255ba2cd98805af1597981a920471b13e4aa0cdf0c2cd73250766682ea4a2f3c647ebeb3d12e2317f594f6446cd33db7633ead6850fc9bce91898b9fa92ca2780cd4707a28d6755b5e98fad289d4910039a9a23da6dbe24f647abdba989a2c8d50d2ec6bfae5332cb5c3fd9148361148a900b2e8aac8197f30e3b3c6c209451a82e32ea77135c67a7dc5c80b4d70cbf748a824be4cfb8131b80ac989b64695518025ecabe046a5a5b7de7348fdec9b6e2b30e859429eb6fd276f50f091e616b3c7c7fc0a270dc8f3c73de2ca0bab046a1a02ffb9c951499d25aca15c5103f5df6b4b613dca3a09534a2fa452729212f8b47783d9001e6b5b831457a58772eb0dff802d240f8bfebe956f28386b1f2be1233414e54672ae7995e109b4403e92f81bed3fbf9db7ec8ddeabdc016341e4eb61a1c4199dd3a14545806a8fe5474ab75e320227afe1b1ef3e5694420cf154e74bb1a2af65effc7ed6fc18b8686c32cbbc1f4d05f6a0dc23483c4400b741951e563cdab6632608e36fb162e18b7cf5e5987d211042394dcd43cbaae0ae593a3e7f5fb069fdf1377efd318b4b3565fff0ae034ee0c541e5f0e941a1a11a233e926dcac964f66da014faf40f5665b224d7e5fd484c825930a94390a5a6e1fba8bcd4f369390508d19f6f72db5637b341152cadb909fae2424ce98dac8208aae3c107d5daa2be6b1f14a4709a38054cc57ce886d911765f1b1606f8d4c4cb7953ded2e46d27d8bd8a7cc1c5778dd58131d7de3fa65c15cfd2e4811e59ba804ab5fe75a4e5815a3a1aab24ea7180c57b49e9312480ed90171fe70f701d0880c0f35a2f5e5702246ba96791d11e62a9eb4e7a42fe7f3b3fc0e145e858a538ff73802775c8ee4922cde33ca9bebf2e5ad67df99d14e0abd4964e0e7855f5dfc4b924692435e5821cee07ef56df6b540d40d14702efd9d940635c9607f804052fc666299a5040f5bcb7815a6b96fc3a3b46b09f755a26b45a399a65e8f885579c76faddd8a8d5e3149bc8619cf75777b037162baff39ada7edb735f55277e28d703aa89cd515c05f57c140a47a30762d89e0c73f6e481bae96410d6f317c9882490baf0add0d01ba03d4c428567f976aad22d2b96ceee9425a1a141aaa49f7338d9fb4beadde96fad6f6cf881227abace761a2139e6d2afbb538d64dad94cf412e8640e50b50d810bfb7292fb6725a47b6bcef2da4c82569e131a3ed6ba198981d5cc71be57d3c5bdee4a7726e21ce577926b9c14a5888bf11f5bb1e875b012603fb1efab512e8e8f75db838ee2e5eb270f7072ab365d8563dedd3635eb11784552382d08b59f4fc93cd2238220a06c7152822248e756379698ead986afa7a38bd06516cc400099ea531cfa275bea10c4826c934b09c9282c52691c3d47d805d0fa65858b505d88dbb64a7080e072a38ec6f4589d1c322147eb6d0d4be944218607307a4ec059782899891bcaf26e3f4a5968a0edf61d5274d0d69fd33b0eeb72539ef21f0ff7f3ad073100c4860ac73679ff17f9a3e7d451ffac46762db47355a24711f71489911aca7831e565114230e8554c8539c673d02711899bd02be11ddf3aa1d747646b14188fec044e47ef1ab3adaaa154b3f98580c2cb85809c9d202d80e140fa36e2b61bba70ac5a06759dba28e3143c4ebea5af5ceb03abeb66bc1a599fd0f24881f11d466f17444dcb5393dc7b1b77f0cf00aa72ca8c2769afeff189f7fb272088f579d5848845ddf28a09c9f22bbcfbd520285185502d3baec9e8fb90d9208be6162431bffb989be546a231787555399dfc284c426884f59269f4f09ea8de01eee8c935d89448238f6846a6a5c47574b3a1c2ff72044059fab645274149c3e921fe4d4273873aa2bf12888f4ef5a9ea76cf1056963832bed1dae103cc6945b9dd506609e3f98d808d0162264e0678cf72f52b916b49aeed35d2fbd9032d554576a12c69a6e18546d6c34afad160c5eb9a0cc56a3a8093b170c9060f98889ac45168f28953edf04b6b134a4ebac823a9e23643808559e95e295df1c879a811cd5aba18425852294066c27b1d33ec6358d6950b5c1d2920cdcf9110059ad2ff3daebd4b11a9bc991cd1324b9d9ead73b321a8513bbe0a38684e224be975534a4b8b5b0bbbe078360852be4a6b96c736b5ffb4e36a679b1d10e1478ecf3a3e0494f2dade5bde7318f166f4fc2739760f15a887c3a2bc784bfbaf5fcd5d62f5c50f6f16cecd16cdee611e8d12d8725b12ec057457698fbb6f3073a9881e0a9f5332b62d1990d786bad64da8df3990d8ab76f1c8cd6355dd4daf169441dc650e6ff0f80c8e375c6db7de378f4b9cb7094ab7ca5787bc3cd1e060c92a624d09d168c988a14dd62ec09b6af7fac82df93c607f16510538ff719273910d6a5c45cf51b4c4acbe7565ea6b2b9f01b34e4db37e85ad71cb91de387e1a6e360d2cf48b40de6cff24e7505b711fe8834ecab6ef86f8c33f8016a72a59363cfec33cde98d456694d52d1d81810bdf5f84b2f0da191f8e12aa7f6bf9c53acb47d17da4c891fb8a70cfb5271bbe8d8647513f9eab22ed3a59d4d98d805dcc8d1688ef41260a6880b225d582b02563e85a929cf792ff19a3f8778541d33f98d3b0778b3b192e6f8f239b617552857448715eb00836fc8f12eee796c096c7c5d4042996de27eda9a5fcafe96079df0cd176d3ae790ea8313a2cafbf03bacb7b2847ca69ce67ae27ca607aa0b436774af7341b9a132b3bbdf98a8f7e41e617f6d35d8fe84974ef64dcf8c5af9328d022f850333b862ce9ed4b9e04e29bf04d7a10e8aeab67ba308f536c9db6273538f54dda920de8dca76eaeb32596f77e41cf1d8ee82d74351b3d851c5b8d3f4a765b459774d7e050232c69caccde82bc1663a0be7c0c4d71f6efca2f96d0048e8dcba6f3f8a4bb6bfd1e65db259088b9279b879848aaecce9ffdd80f0bef7457112adfb2cf61d919613d8206c5e1b62536a9460c1929f12c36b7ce54b3358cc534c4c4b75730f8ae858d6bde5941db27239389c05e5253e8804bbcbfd3a47df125dd3524c69d2e3e1848312236dbb1e4399a02ce4baaddd55e9e23a618812be2a0dd63fa75528e7f966f7f10d6129b6a2a7e858fb5fb43095e671fca239df6ac947cd1605129f6d32c5e8068cffa0c6702c18b3c6dfa8b6c2bf96d138179a9776e31f204a17a1bfb66ac34cce86184463c4488f3fe63abfe683ff8c39088820034f04eca11c8c13b3c0da39670eb845972b06c1c3d3834d56b6f7735b1233d286fcf54bbf360e7845a51c6e7e9b4b38c6f33af07c5c7ed7078e4ed572a9b9640cb2523bb84f419e43d2c31d01076611aeb75facbe59d4a675ec7d15833e36237301509cabe09040b4bc5ca79d31f2f51ff000c9534fcf989a90ffe3b94815c99b5a9dbda00fdfd76d5baa591986124dabdb3f3bd1308c338a799fa57f8b98bd64821f4956a433dddef02979a2b5a546b7b738ddb85b06bbcef26921a724c6420df72f0e43fbe31409870550761e334be726880fbf72f51e37cd25b2f523074eb74d4375eebe708349e65251dd3853474f29678bd6e70e2ca22300daf6c9d98fb913378a38e118fe7bc62c98841d26e9af7084ddeb25a3cb09f190668450314557b6a019f57c4641ec3b70e7b174d148ba27fb802675a1b1813aebd649e10e9eb81bc0e4215aea394de269813ed221ad70fe8b40be9f92a3422c3488d5d50c0d875300d6fa3c5ed6e93c8929e36b5a0799bd1d485d70b7bfbfa16f5614ad8adbc1da6f30439ef67f6a80feb24cb1c3b84353c422485eccb9c73aecab0800db936059d65c31eed2125762a9fc038aedec2808e2d0ebe5b707494be564bd0b71f88303f2ae40c7e5ff04a5b04ec5c4d7488b468334f3693a6b28b543029abded55a9ba78d4698256e6a2caef4920b0315ad8576a28309c9bc67d3c10b3e9eff67d4525690ee0ffcf0783aa141e4c10808c27a16c32e9ed11bed4edc2ced26387f0216c9699f07a82e690f2082d663516a161607a76e99e330901831cb90f5c0c482bc95845a7c835581c4487aa6c52257252f09b00ca6c0ac0cd4d7e9289c70234fc75e", 0x1000}, {&(0x7f0000002400)="aa346642c559b879e2aa3289e14d4aa7d89b59de0afd43c274de0f49ef8dc8e6bf90d54cc0fede15fd641cf0cdadb9cc2760e0db966615bf625c06aa58f8c6199fd109c8a57fdb26e227a4abff694a6068547fec4882d3a39be60fd88a59ec18c367bb395f382a6aff091f883cd45fe1050709004996996db9e729318f43334d33097c6d31e5c88ad0b8920d8f64a04e5c5e16042605ed4b96da5dcf7a0b0dc746a6ac696a5b3698f36ae248df31169f7bb9df9fccbbb3312629e7356bfb03edd012b35ea3e38dd05af6f16b96c461ce598cab3b", 0xd4}], 0x5}, 0x4004040)
socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r6, 0x84, 0x79, &(0x7f00000026c0)={0x0, 0x477, 0x5}, 0x8)

8.433069ms ago: executing program 3 (id=2305):
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = dup2(r0, r0)
r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0)
unshare(0x2040400)
utimensat(r2, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x0, &(0x7f0000000180), 0x2, 0x557, &(0x7f0000000940)="$eJzs3cFvI1cZAPBvJvFudjclKXAolSgVLdotsM6mYduIQwEJwakSUMQJaQmJE0XrxKvEaTfRiqbiioQECCpxgRMXJP4AJNQLd4RUqdwRICpUsnAAqe2gsce7iddOvML2qMnvJ83OvHn2fN+z18/v2RNPAGfWkxFxJSImIuKZiJgp9qfFEvvtJb/d3YM7y/mSRJa99E4SSbGvc6zzxfpScbepiPjGVyO+mzwYd3t37+ZSvV7bKspzzY3k3Szbu7q+sbRWW6ttLizMP7f4/OL1xWtDaedsRLzw5b/99Ie/+soLv/vsK3++8faV7+Vp/TfLXo2udgxTu+mV1mPRMRkRW6MIVpLJVgvbrg90jx7/IQAAGIt8vP/hiPhka/w/ExOt0RwAAABwmmRfmI53k4gMAAAAOLXSiJiOJK0W5/tOF+dmXoqIj8bFtN7Ybn5mtbGzuZLXRcxGJV1dr9euxVTr3IHZqCR5eb44x7ZTfrarvBARj0bET2YutMrV5UZ9pewPPwAAAOCMuNQ1///3TJpWq0XlfsnJAQAAAMMzW3YCAAAAwMiZ/wMAAMDpVsnn/9lAF2RKR58NAAAAMAJfe/HFfMk6179eeXl352bj5asrte2b1Y2d5epyY+tWda3RWGv9Zt/GScerNxq3PhebO7fnmrXt5tz27t6NjcbOZvPG+pFLYAMAAABj9Ogn3vhTEhH7n7/QWnLnirpKRDZx+MaTZWQIjMpDndPz19HlAYzf4ff3CyXmAYyfIT2cXZWyEwBKd9IfAPU9eecPw88FAAAYjcsf6//9/zurpaYGjFjx/X8y0A+AAKfKRNkJAKVpf//3ftZWdjbAOFWOGwGYFMCplw7n+/8TTiVMdCgAAFCy6daSpNViHjAdaVqtRjzSuixgJVldr9euRcSHIuKtmcr5vDzfumdiNA8AAAAAAAAAAAAAAAAAAAAAAAAAA8qyJDIAAADgVItI/965Mtflmaenuz8fOJf8Z6a1johXfv7Sz24vNZtb8/n+f97b33y92P/sw3768OO3h/QxBgAAAHBIZ57emccDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDDdPbizfDfLsuzgzvI44/7jSxExW8QvlnbNZEy11lNRiYiL/0pi8tD9koiYGEL8/dci4rFe8ZM8rZgtsjgS/1xEGhEXhhU/HjJ+tONfGkJ8OMveyPufL/Z6/aXxZGvd+/U3WSz/r/79X3qv/5vo0/890u+glaPFx9/8zVzf+K9FPD7Zu//pxE/y4/WI/9SAbfzON/f2+tVlv4y43Kv/S47Gmmtu3Jrb3t27ur6xtFZbq20uLMw/t/j84vXFa3Or6/Va8W/PGD/6+G/fv19674H2Xzym/221v8/j//SA7X/vzdsHH2lvdj0zUYlfZNmVp3o//4/lq08/GL/z3vep4n0gL+ePYfr6t3rGf+LXf3yiX255+1f6tH+qq/3nu9p/ZcD2P/P17/9lwJsCAGOwvbt3c6ler23ZOLwRs+OK9QF7Cs5FeyMfd5aeTxJJ5BtvHalaKj+x9sarxWtsqd55tQ3pyL8vJkejTL6k/ggAABid+4P+7pqknIQAAAAAAAAAAAAAAAAAAADgDDrxZ8D6VaURcX/Pt39wzK+RdcfcL6epAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADH+l8AAAD//9CN1mM=")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r3, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x8, 0x8}, 0x48)
close(r5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYRES64=r4, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x1, 0x7fe2}, 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0)
lseek(r6, 0xa308, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r10, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x308, 0x138, 0x25, 0x148, 0x138, 0x60, 0x270, 0x2a8, 0x2a8, 0x270, 0x2a8, 0x3, 0x0, {[{{@ip={@dev, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'nr0\x00', 'veth1_to_batadv\x00'}, 0x0, 0xf0, 0x138, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x7, 0xffffffff, 0x7}}}, @common=@unspec=@cgroup0={{0x28}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xd8, 0x138, 0x0, {}, [@common=@set={{0x40}}, @common=@ttl={{0x28}}]}, @common=@SET={0x60}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x368)

8.205919ms ago: executing program 0 (id=2306):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/if_inet6\x00')
preadv(r0, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/7, 0x7}], 0x1, 0xe00, 0x0)

0s ago: executing program 0 (id=2307):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='map_files\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000000c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000000), 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
r3 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_type(r3, &(0x7f0000000140), 0x9)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ae685c0b163ef93d95c7e307963117b5a705fd4a74bc49e24a9ae8c22842f85899c62ca3a6ff691f1df44c614a5fd33f6f8a4eb689d0910000000096d3635567c2d514698af29411dd54da063469b0e756f055d162dfd2311a63be96f52406aff201b1057a8fc25a4e33b1a296875642eb3a7b732cda1ba46a2a42c4c333abc80e00fb000000004e4c4263efd12b257fdf9d292ba48e3aa93faeb7a3973a6dd9cf527332eb4a5dda77ad0e925d0a9c004dcb78410a3100c44cb61c92d40e31577a4e64c1155008241709504b573381f79b890a2aedbe60114760df9a5feb47115ac44625090590c275a5f2cf4f8789450b8303e8fdb7449565e01a331f061e143b26ab8905449942ca2c339ffbe92f821d84b2dd89069e6b66174903a7e94fa7a055b52b1dc2f4d76ec4d98432d6cf396b9d61858bcd5ff958da1ff886e43ffbcb2d972f43031769718daaa6105a5188ed990122303d201404e179144da06ed1e7ddff0fac2edd58ea986b3b375a57d8e37a2952902d357386884e3e548196f1f1a3e59edcd7b9ced9b2782c41724b738a8d47236983a2db1146b7a925a02ebf7739f63057c4ae701c74622be55bd113a415f7b36818647ce0d39e3aeb2002d51ff70c1e464c5f5e26aa1af3e7299d23be"], &(0x7f0000000040)='syzkaller\x00'}, 0x80)
sendmsg$nl_route(r1, &(0x7f0000000640)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="25c52c9d3eac186c8d0b234a09cec4632c000000", @ANYRES32=0x0, @ANYBLOB="14000100ff020000000000000000000000000001"], 0x2c}, 0x1, 0x0, 0x0, 0x1001}, 0x814)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='svcsock_tcp_recv_short\x00', r4}, 0x10)
r6 = gettid()
syz_mount_image$iso9660(&(0x7f0000000dc0), &(0x7f0000002380)='.\x02\x00', 0x0, &(0x7f0000000240)=ANY=[], 0xff, 0x9be, &(0x7f0000000e00)="$eJzs3c1vXOW9B/Dv8Uvia1AIkMvNRUAm4QYM5Dq2U0IjNk3scTLUL5XtSERVRShJqihWqaCVAHWRSlVXRe2i6oLuWHaFxAY2VXbtX9BFpYp/AXUVddGpzplxbGOPx079Rvh8rOM5L7/zPL/H5/g88vHMecLXWbPZrKb7XL78x91Mlv3nwsQXH3/yYTn94nYOpDcvF58lA0lqSV+So0n/+MTc7HSXgm4lV5PcSYokB9N63ZSrKX6Th5eX76T4Q1lv5fJ9NoxNafKNttfnHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EfF+MTIyGiRqcbM5ddrnVVDgHfa2LNc3ufVqN/F513rTYpyysDA0lDfR48sb36i/HYiT7WWnqoGJM9APnjoicOvPt7Xs7T/Bglvxb/agyFvecd33//g1puLi9ff2aZEvm4u1mca87ON6fMX67XG/Gzt3NmzI6cvTc7XJhtT9fkr8wv16dr4XP38wuxcbWj8hdrouXNnavXhK7OXZy5ODE/Vl1a+8v9jIyNna68Nf69+fm5+dub0a8Pz45caU1ONmYtVTLm5jHmlPBG/21ioLdTPT9dqN24uXj+zKqN1TokyaLRbS8qgsW5BYyNjY6OjY2OjZ18+9/IrIyN9yyt6U60Y+Yqs2eXeSVue0Vv5WbOvfdSz2cjtvYDDf6Cn3f9nKo3M5HJeT23dr/FMZC6zme6wvW2p/z95ur5hvSv7/6Ve/ujy5idT9f/PtJae6dT/d8hl977ezfv5ILfyZhazmOt5Z9XWg/dRYrO5963a/NfF1DOTRuYzm0amc75aU2uvqeVczuZsRvJGLmUy86llMo1MpZ75XMl8FlKvzqjxzKWe81noKw90LUMZzwupZTTnci5nUks9w7mS2VzOTC5mIuerUm7kZvVzP7NBjveCRjcTNLZB0Ab9f3vFFvp/vqF24CoO96fZ7v8PdA8dGt+NhAAAAIBt979/yaEjj/3570l/nq7usQMAAAAPmurtek+VL/3l3NMpJhtT9ZG9TgsAAADYRkX1GbsiyWCOteaWPgnlJgAAAAA8IKr//z9TvgyWc8dS+PsfAAAAHjTdn7HfNaI4lVpul5tq11qR19oR7ef8Dk42purD47NTr47mueopA9UnDdaU1pvDSfXxgxdzvBV1fLD1Ori6xIEyanT41dEM5ES7IUPPli/PDq0TOVZGvpjnW5HPL0UOZE3kmTISAB50Jzbojzfb/7+YU62IU09Wj2/ve3KdPnhEzwoA+0X3MXa6RhTfWhr+p8Pf/4/lxrHWWwqG81bezmKu5VT1aYPqHQftUnOnyHKpgyvehnCqy92AwRUjvJxauh9w7OF17wcMrhjo5dSaOwKdYs/swpEAgN1zYk0/vEH/32y25tbc/9/47/9BbykEgH3l3gj2Oziz120EAFa7r166dwcTAgAAAAAAAAAAAAAAAAAAAAAAAAAAgAfAbjz/f1/O3E6yD9Iws7MzA7tzhv/gQLJfmrxNM3t9ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGA3FEnveut7koNJ30iS07uf1c65vdcJ7LHibu7mvRza6zwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB407ef/96T1+lBrVfp6kpNJrib5/l7nuJ3u7nUCe2zF8//LY55mkb7WYU/RPz4xNztdHv4cLLd/8fEnH5bT/dRTFlDWsGpwiXYNnfd6tNprcOL6u7d++vZPahMXqiQvLExOTUxfnPvOcuATxadJLa1pyVK+Py/aZ/Hqln9atnRz9U5W9U6srfd/1tv7Xr0n//Tbzm1btpzGzcXrY2VNC/XXF37245vvrQh6LMeTZ4eSodU1/aicOtR0PP0b1Vt8WfyqOJTf52p1/Ms0imZRHqJHqvb/142bi9eH33p78VqHnA7nWJJrycDmczq29kgsqc66nv6y1pEqqPx2pEt5G3qo91Cz2SpxtEMbHq1OmcEttaHWuQ2VLj/3dhvPdMjo8Ty35SP9XJca2/7ZbGktFV8Wfysu5a/55YrxP3rK438ym/ntLGOqyBVnSuc2n1xu+djKDW98NbLjbyU74Nf5Yb597/j3rLj+t4/V7lyPVtS4Y78XRasXaqvmj3ylR2pffTpl2c7zSCuqQ57/nZfW7tclz5e6XFG26fd/teLL4qNiKP/IbeP/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+1+R9K63vic5meRwkkfK5VrS3I76egaL7Shmkw6sWXN7F2vfP3ruzRV3czfv5dCepgMAAAAAAADAtrkw8cXHn3xYTtX/43vzf8VnyUDrP/19SQ4Xv+sfn5ibne5SUH9yNcmdcn5gazmU++Xh5eU75dLRrbcFANicfwcAAP//U9R2+g==")
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={r6, r5, 0x0, 0x14, 0xfffffffffffffffe}, 0x42)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@private0, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x6c}, 0xa, @in=@multicast1}}, 0xe8)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200))
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x1, 0x0, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

a:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.693667][ T9183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.703762][ T9183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.714602][ T9183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.724445][ T9183] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  144.734928][ T9183] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  144.746827][ T9183] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.759594][ T9355] loop0: detected capacity change from 0 to 2048
[  144.779286][ T9183] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.784691][ T9355] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.788187][ T9183] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.809058][ T9183] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.816377][ T9351] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  144.817768][ T9183] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.834040][ T9351] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  144.853726][ T9351] EXT4-fs (loop0): This should not happen!! Data will be lost
[  144.853726][ T9351] 
[  144.863396][ T9351] EXT4-fs (loop0): Total free blocks count 0
[  144.869463][ T9351] EXT4-fs (loop0): Free/Dirty block details
[  144.875383][ T9351] EXT4-fs (loop0): free_blocks=2415919104
[  144.881108][ T9351] EXT4-fs (loop0): dirty_blocks=16
[  144.886247][ T9351] EXT4-fs (loop0): Block reservation details
[  144.892221][ T9351] EXT4-fs (loop0): i_reserved_data_blocks=1
[  144.956814][   T29] audit: type=1326 audit(1720561250.143:3577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9362 comm="syz.3.1845" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fba30bcabd9 code=0x0
[  144.970764][ T9351] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  144.989554][ T9351] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  145.002608][ T9367] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1846'.
[  145.247510][ T9262] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  145.256350][ T9262] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  145.265507][ T9262] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  145.274021][ T9262] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  145.309385][ T9262] 8021q: adding VLAN 0 to HW filter on device bond0
[  145.321715][ T9262] 8021q: adding VLAN 0 to HW filter on device team0
[  145.331983][ T6067] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.339111][ T6067] bridge0: port 1(bridge_slave_0) entered forwarding state
[  145.355114][ T3159] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.362208][ T3159] bridge0: port 2(bridge_slave_1) entered forwarding state
[  145.419780][ T9262] 8021q: adding VLAN 0 to HW filter on device batadv0
[  145.481121][   T11] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  145.526147][ T9262] veth0_vlan: entered promiscuous mode
[  145.535412][ T9262] veth1_vlan: entered promiscuous mode
[  145.548213][ T9398] loop0: detected capacity change from 0 to 512
[  145.552411][ T9262] veth0_macvtap: entered promiscuous mode
[  145.562499][ T9262] veth1_macvtap: entered promiscuous mode
[  145.573813][ T9262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.584466][ T9262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.594373][ T9262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.604859][ T9262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.614740][ T9262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.625183][ T9262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.635024][ T9262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.645667][ T9262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.655478][ T9262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.666053][ T9262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.677027][ T9262] batman_adv: batadv0: Interface activated: batadv_slave_0
[  145.687973][ T4749] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  145.691067][ T9262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.708163][ T9262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.708180][ T9262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.708194][ T9262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.738303][ T9262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.748755][ T9262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.758812][ T9262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.769402][ T9262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.779372][ T9262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.789833][ T9262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.802538][ T9262] batman_adv: batadv0: Interface activated: batadv_slave_1
[  145.815019][ T9262] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.823817][ T9262] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.830712][ T9402] FAULT_INJECTION: forcing a failure.
[  145.830712][ T9402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.832542][ T9262] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.845854][ T9402] CPU: 1 PID: 9402 Comm: syz.0.1852 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  145.854325][ T9262] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.873147][ T9402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  145.883339][ T9402] Call Trace:
[  145.886606][ T9402]  <TASK>
[  145.889559][ T9402]  dump_stack_lvl+0xf2/0x150
[  145.894138][ T9402]  dump_stack+0x15/0x20
[  145.898285][ T9402]  should_fail_ex+0x229/0x230
[  145.903057][ T9402]  should_fail+0xb/0x10
[  145.907205][ T9402]  should_fail_usercopy+0x1a/0x20
[  145.912242][ T9402]  copy_page_from_iter_atomic+0x22a/0xda0
[  145.917951][ T9402]  ? shmem_write_begin+0xa0/0x1c0
[  145.922964][ T9402]  ? shmem_write_begin+0x10c/0x1c0
[  145.928244][ T9402]  generic_perform_write+0x21a/0x410
[  145.933575][ T9402]  ? __pfx_shmem_write_end+0x10/0x10
[  145.938929][ T9402]  shmem_file_write_iter+0xc8/0xf0
[  145.944180][ T9402]  vfs_write+0x78f/0x900
[  145.948416][ T9402]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  145.954209][ T9402]  ksys_write+0xeb/0x1b0
[  145.958705][ T9402]  __x64_sys_write+0x42/0x50
[  145.963339][ T9402]  x64_sys_call+0x27ef/0x2d70
[  145.968062][ T9402]  do_syscall_64+0xc9/0x1c0
[  145.972627][ T9402]  ? clear_bhb_loop+0x55/0xb0
[  145.977344][ T9402]  ? clear_bhb_loop+0x55/0xb0
[  145.982049][ T9402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.988000][ T9402] RIP: 0033:0x7f12eb90875f
[  145.992395][ T9402] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  146.012019][ T9402] RSP: 002b:00007f12eab8ae00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  146.020447][ T9402] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f12eb90875f
[  146.028460][ T9402] RDX: 0000000000040000 RSI: 00007f12e276b000 RDI: 0000000000000004
[  146.036419][ T9402] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000504
[  146.044390][ T9402] R10: 0000000020000202 R11: 0000000000000293 R12: 0000000000000004
[  146.052363][ T9402] R13: 00007f12eab8af00 R14: 00007f12eab8aec0 R15: 00007f12e276b000
[  146.060459][ T9402]  </TASK>
[  146.065101][ T9402] loop0: detected capacity change from 0 to 512
[  146.078590][ T9402] EXT4-fs (loop0): orphan cleanup on readonly fs
[  146.085830][ T9402] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1852: bg 0: block 248: padding at end of block bitmap is not set
[  146.100423][ T9402] Quota error (device loop0): write_blk: dquota write failed
[  146.107900][ T9402] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  146.117859][ T9402] EXT4-fs error (device loop0): ext4_acquire_dquot:6860: comm syz.0.1852: Failed to acquire dquot type 1
[  146.142663][ T9402] EXT4-fs (loop0): 1 truncate cleaned up
[  146.150435][   T29] audit: type=1400 audit(1720561251.333:3578): avc:  denied  { append } for  pid=9408 comm="syz.2.1854" name="usbmon0" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  146.155709][ T9402] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  146.192183][ T9121] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.233287][ T9417] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1822'.
[  146.276636][ T9425] loop4: detected capacity change from 0 to 512
[  146.288401][   T29] audit: type=1326 audit(1720561251.473:3579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9422 comm="syz.2.1858" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee6cb55bd9 code=0x0
[  146.314475][ T9425] EXT4-fs: Ignoring removed i_version option
[  146.320518][ T9425] EXT4-fs: Ignoring removed nobh option
[  146.330132][ T9425] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  146.334617][ T9428] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1860'.
[  146.351257][ T9425] EXT4-fs (loop4): 1 truncate cleaned up
[  146.370374][ T9425] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.404679][ T9431] loop0: detected capacity change from 0 to 4096
[  146.423863][ T9262] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.436669][ T9431] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.477234][   T29] audit: type=1326 audit(1720561251.663:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9434 comm="syz.4.1862" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f981d7c4bd9 code=0x0
[  146.501486][   T29] audit: type=1326 audit(1720561251.693:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9434 comm="syz.4.1862" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f981d7c4bd9 code=0x0
[  146.528626][ T9121] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.678323][ T9446] loop4: detected capacity change from 0 to 1024
[  146.696212][ T9446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.709974][ T9446] tipc: Started in network mode
[  146.714889][ T9446] tipc: Node identity 1, cluster identity 4711
[  146.721055][ T9446] tipc: Node number set to 1
[  146.730437][ T9262] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.812610][ T9460] loop4: detected capacity change from 0 to 256
[  147.142090][ T9471] netlink: 'syz.3.1876': attribute type 4 has an invalid length.
[  147.155105][ T9471] netlink: 'syz.3.1876': attribute type 4 has an invalid length.
[  147.209860][ T9476] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1878'.
[  147.218996][ T9476] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1878'.
[  147.284354][   T29] audit: type=1400 audit(1720561252.473:3582): avc:  denied  { read } for  pid=9482 comm="syz.2.1881" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  147.424448][ T9486] loop3: detected capacity change from 0 to 2048
[  147.435376][ T9486] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.450178][ T9486] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  147.465653][ T9486] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  147.477985][ T9486] EXT4-fs (loop3): This should not happen!! Data will be lost
[  147.477985][ T9486] 
[  147.487964][ T9486] EXT4-fs (loop3): Total free blocks count 0
[  147.494097][ T9486] EXT4-fs (loop3): Free/Dirty block details
[  147.500018][ T9486] EXT4-fs (loop3): free_blocks=2415919104
[  147.505759][ T9486] EXT4-fs (loop3): dirty_blocks=16
[  147.510878][ T9486] EXT4-fs (loop3): Block reservation details
[  147.516894][ T9486] EXT4-fs (loop3): i_reserved_data_blocks=1
[  147.558574][ T9496] IPv6: Can't replace route, no match found
[  147.584703][ T9491] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  147.594381][ T9491] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  147.636418][ T9505] sctp: [Deprecated]: syz.0.1889 (pid 9505) Use of struct sctp_assoc_value in delayed_ack socket option.
[  147.636418][ T9505] Use struct sctp_sack_info instead
[  147.667452][ T9509] loop0: detected capacity change from 0 to 1024
[  147.674177][ T9509] EXT4-fs: Ignoring removed oldalloc option
[  147.680721][ T9509] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  147.695662][ T9509] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.714670][ T9121] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.808156][ T9521] loop0: detected capacity change from 0 to 256
[  148.169615][ T9535] FAULT_INJECTION: forcing a failure.
[  148.169615][ T9535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.182770][ T9535] CPU: 1 PID: 9535 Comm: syz.2.1898 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  148.192866][ T9535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  148.202954][ T9535] Call Trace:
[  148.206270][ T9535]  <TASK>
[  148.209194][ T9535]  dump_stack_lvl+0xf2/0x150
[  148.213786][ T9535]  dump_stack+0x15/0x20
[  148.217958][ T9535]  should_fail_ex+0x229/0x230
[  148.222690][ T9535]  should_fail+0xb/0x10
[  148.226859][ T9535]  should_fail_usercopy+0x1a/0x20
[  148.231879][ T9535]  _copy_from_user+0x1e/0xd0
[  148.236523][ T9535]  generic_map_update_batch+0x3c8/0x520
[  148.242259][ T9535]  ? __pfx_generic_map_update_batch+0x10/0x10
[  148.248327][ T9535]  bpf_map_do_batch+0x2f8/0x440
[  148.253179][ T9535]  __sys_bpf+0x2e5/0x7a0
[  148.257417][ T9535]  __x64_sys_bpf+0x43/0x50
[  148.261824][ T9535]  x64_sys_call+0x2655/0x2d70
[  148.266502][ T9535]  do_syscall_64+0xc9/0x1c0
[  148.271083][ T9535]  ? clear_bhb_loop+0x55/0xb0
[  148.275775][ T9535]  ? clear_bhb_loop+0x55/0xb0
[  148.280442][ T9535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.286338][ T9535] RIP: 0033:0x7fee6cb55bd9
[  148.290753][ T9535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.310426][ T9535] RSP: 002b:00007fee6bdd7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  148.318835][ T9535] RAX: ffffffffffffffda RBX: 00007fee6cce3f60 RCX: 00007fee6cb55bd9
[  148.326897][ T9535] RDX: 0000000000000038 RSI: 0000000020000200 RDI: 000000000000001a
[  148.334864][ T9535] RBP: 00007fee6bdd70a0 R08: 0000000000000000 R09: 0000000000000000
[  148.342822][ T9535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  148.350778][ T9535] R13: 000000000000000b R14: 00007fee6cce3f60 R15: 00007fff7c4901f8
[  148.358743][ T9535]  </TASK>
[  148.377909][ T7563] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  148.382476][ T9523] chnl_net:caif_netlink_parms(): no params data found
[  148.428805][ T9523] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.435970][ T9523] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.443545][ T9523] bridge_slave_0: entered allmulticast mode
[  148.451728][ T9523] bridge_slave_0: entered promiscuous mode
[  148.461565][ T9523] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.468705][ T9523] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.483795][ T9523] bridge_slave_1: entered allmulticast mode
[  148.490537][ T9523] bridge_slave_1: entered promiscuous mode
[  148.510197][ T9523] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  148.521287][ T9523] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  148.548078][ T9523] team0: Port device team_slave_0 added
[  148.554826][ T9523] team0: Port device team_slave_1 added
[  148.570125][ T9523] batman_adv: batadv0: Adding interface: batadv_slave_0
[  148.577143][ T9523] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  148.603344][ T9523] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  148.612904][ T9559] loop3: detected capacity change from 0 to 512
[  148.619390][ T9523] batman_adv: batadv0: Adding interface: batadv_slave_1
[  148.627088][ T9523] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  148.652991][ T9523] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  148.675984][ T9559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.688999][ T9559] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.706558][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.708210][ T9523] hsr_slave_0: entered promiscuous mode
[  148.722335][ T9523] hsr_slave_1: entered promiscuous mode
[  148.729973][ T9523] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  148.737709][ T9523] Cannot create hsr debugfs directory
[  148.774142][ T9571] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  148.812701][ T9523] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.871363][ T9523] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.873620][ T9573] loop3: detected capacity change from 0 to 8192
[  148.923788][ T9523] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.990081][ T9523] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.058827][ T9523] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  149.067636][ T9523] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  149.078102][ T9523] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  149.088211][ T9523] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  149.105558][ T9523] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.112736][ T9523] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.120022][ T9523] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.127190][ T9523] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.157903][ T9523] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.170142][ T3159] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.178937][ T3159] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.192244][ T9523] 8021q: adding VLAN 0 to HW filter on device team0
[  149.202953][ T3162] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.210124][ T3162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.220500][ T6069] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.227627][ T6069] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.253101][ T9523] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  149.263857][ T9523] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  149.313705][ T9523] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.378241][ T9523] veth0_vlan: entered promiscuous mode
[  149.387949][ T9523] veth1_vlan: entered promiscuous mode
[  149.404097][ T9523] veth0_macvtap: entered promiscuous mode
[  149.412523][ T9523] veth1_macvtap: entered promiscuous mode
[  149.427120][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.438086][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.447981][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.458528][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.468371][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.478790][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.488786][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.499338][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.509195][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.519630][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.529476][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  149.539956][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.550913][ T9523] batman_adv: batadv0: Interface activated: batadv_slave_0
[  149.566123][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.577050][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.586887][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.597400][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.607289][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.617715][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.627528][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.637986][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.647905][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.658328][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.668148][ T9523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.678572][ T9523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.689493][ T9523] batman_adv: batadv0: Interface activated: batadv_slave_1
[  149.707975][ T9523] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  149.716724][ T9523] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.725549][ T9523] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  149.734338][ T9523] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.841282][ T9615] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  149.895350][ T9620] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1920'.
[  149.953251][ T9628] syzkaller1: entered promiscuous mode
[  149.958832][ T9628] syzkaller1: entered allmulticast mode
[  149.987375][ T9632] loop3: detected capacity change from 0 to 512
[  149.998685][ T9632] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  150.061565][ T9015] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  150.078335][   T40] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.149731][ T9652] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  150.160435][ T9637] chnl_net:caif_netlink_parms(): no params data found
[  150.212408][ T9658] netlink: 'syz.3.1932': attribute type 10 has an invalid length.
[  150.225508][ T9637] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.232695][ T9637] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.240208][ T9637] bridge_slave_0: entered allmulticast mode
[  150.246750][ T9637] bridge_slave_0: entered promiscuous mode
[  150.254644][ T9637] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.261791][ T9637] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.268969][ T9637] bridge_slave_1: entered allmulticast mode
[  150.275740][ T9637] bridge_slave_1: entered promiscuous mode
[  150.296078][ T9637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  150.308158][ T9637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  150.332188][ T9637] team0: Port device team_slave_0 added
[  150.339356][ T9637] team0: Port device team_slave_1 added
[  150.349124][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  150.349137][   T29] audit: type=1326 audit(1720561255.533:3608): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9663 comm="syz.3.1935" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fba30bcabd9 code=0x0
[  150.386150][ T9637] batman_adv: batadv0: Adding interface: batadv_slave_0
[  150.393122][ T9637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.419201][ T9637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  150.431353][ T9637] batman_adv: batadv0: Adding interface: batadv_slave_1
[  150.438427][ T9637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.464357][ T9637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  150.499102][ T9637] hsr_slave_0: entered promiscuous mode
[  150.505221][ T9637] hsr_slave_1: entered promiscuous mode
[  150.511159][ T9637] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  150.518713][ T9637] Cannot create hsr debugfs directory
[  150.818788][   T29] audit: type=1400 audit(1720561256.003:3609): avc:  denied  { read } for  pid=9667 comm="syz.2.1936" dev="sockfs" ino=33524 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  150.819237][ T9668] 9pnet_fd: Insufficient options for proto=fd
[  150.996742][ T9674] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  151.006459][ T9674] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  151.416072][ T9688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1942'.
[  151.425826][ T9688] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1942'.
[  151.727419][   T40] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.767565][   T40] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.827236][   T40] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.941122][   T40] bridge_slave_1: left allmulticast mode
[  151.946933][   T40] bridge_slave_1: left promiscuous mode
[  151.952574][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.972417][   T40] bridge_slave_0: left allmulticast mode
[  151.978164][   T40] bridge_slave_0: left promiscuous mode
[  151.983818][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.994002][   T40] bridge_slave_1: left allmulticast mode
[  151.999838][   T40] bridge_slave_1: left promiscuous mode
[  152.005580][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.016907][   T40] bridge_slave_0: left allmulticast mode
[  152.022647][   T40] bridge_slave_0: left promiscuous mode
[  152.028333][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.232522][ T9696] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  152.236967][   T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  152.256630][   T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  152.269250][   T40] bond0 (unregistering): Released all slaves
[  152.279315][   T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  152.291374][   T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  152.301582][   T40] bond0 (unregistering): Released all slaves
[  152.310774][ T9698] FAULT_INJECTION: forcing a failure.
[  152.310774][ T9698] name failslab, interval 1, probability 0, space 0, times 0
[  152.323515][ T9698] CPU: 0 PID: 9698 Comm: syz.3.1946 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  152.333811][ T9698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  152.343852][ T9698] Call Trace:
[  152.347128][ T9698]  <TASK>
[  152.350037][ T9698]  dump_stack_lvl+0xf2/0x150
[  152.354629][ T9698]  dump_stack+0x15/0x20
[  152.358856][ T9698]  should_fail_ex+0x229/0x230
[  152.363578][ T9698]  ? ip_set_create+0x1de/0x8a0
[  152.368344][ T9698]  __should_failslab+0x92/0xa0
[  152.373167][ T9698]  should_failslab+0x9/0x20
[  152.377706][ T9698]  kmalloc_trace_noprof+0x4b/0x2a0
[  152.382857][ T9698]  ip_set_create+0x1de/0x8a0
[  152.387445][ T9698]  ? memchr+0x1/0x50
[  152.391385][ T9698]  ? __nla_parse+0x40/0x60
[  152.395791][ T9698]  nfnetlink_rcv_msg+0x4a9/0x570
[  152.400732][ T9698]  netlink_rcv_skb+0x12c/0x230
[  152.405497][ T9698]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  152.410952][ T9698]  nfnetlink_rcv+0x16c/0x15b0
[  152.415789][ T9698]  ? xas_load+0x3ae/0x3d0
[  152.420208][ T9698]  ? kmem_cache_free+0xd8/0x280
[  152.425167][ T9698]  ? nlmon_xmit+0x51/0x60
[  152.429499][ T9698]  ? __kfree_skb+0x102/0x150
[  152.434172][ T9698]  ? consume_skb+0x57/0x180
[  152.438773][ T9698]  ? nlmon_xmit+0x51/0x60
[  152.443104][ T9698]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  152.448413][ T9698]  ? __dev_queue_xmit+0xb21/0x1e50
[  152.453570][ T9698]  ? ref_tracker_free+0x3a5/0x410
[  152.458647][ T9698]  ? __netlink_deliver_tap+0x495/0x4c0
[  152.464266][ T9698]  netlink_unicast+0x58d/0x660
[  152.469024][ T9698]  netlink_sendmsg+0x5ca/0x6e0
[  152.473868][ T9698]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.479147][ T9698]  __sock_sendmsg+0x140/0x180
[  152.483872][ T9698]  ____sys_sendmsg+0x312/0x410
[  152.488648][ T9698]  __sys_sendmsg+0x1e9/0x280
[  152.493331][ T9698]  __x64_sys_sendmsg+0x46/0x50
[  152.498084][ T9698]  x64_sys_call+0xb25/0x2d70
[  152.502694][ T9698]  do_syscall_64+0xc9/0x1c0
[  152.507246][ T9698]  ? clear_bhb_loop+0x55/0xb0
[  152.511916][ T9698]  ? clear_bhb_loop+0x55/0xb0
[  152.516588][ T9698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.522537][ T9698] RIP: 0033:0x7fba30bcabd9
[  152.527013][ T9698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.546646][ T9698] RSP: 002b:00007fba2fe4c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  152.555069][ T9698] RAX: ffffffffffffffda RBX: 00007fba30d58f60 RCX: 00007fba30bcabd9
[  152.563032][ T9698] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004
[  152.571083][ T9698] RBP: 00007fba2fe4c0a0 R08: 0000000000000000 R09: 0000000000000000
[  152.579042][ T9698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.587002][ T9698] R13: 000000000000000b R14: 00007fba30d58f60 R15: 00007ffe629b5cd8
[  152.595016][ T9698]  </TASK>
[  152.647350][   T40] tipc: Left network mode
[  152.657490][ T9700] loop3: detected capacity change from 0 to 1024
[  152.675734][ T9700] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.688197][ T9700] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.708922][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.765471][ T9713] loop3: detected capacity change from 0 to 1024
[  152.772125][   T40] hsr_slave_0: left promiscuous mode
[  152.777614][ T9713] EXT4-fs (loop3): Can't support bigalloc feature without extents feature
[  152.777614][ T9713] 
[  152.788344][ T9713] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  152.797100][   T40] hsr_slave_1: left promiscuous mode
[  152.803024][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.810473][   T40] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.819042][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  152.826536][   T40] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.839055][   T40] hsr_slave_0: left promiscuous mode
[  152.845072][   T40] hsr_slave_1: left promiscuous mode
[  152.850815][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.858305][   T40] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.866019][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  152.873421][   T40] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.884499][   T40] veth1_macvtap: left promiscuous mode
[  152.889984][   T40] veth0_macvtap: left promiscuous mode
[  152.895569][   T40] veth1_vlan: left promiscuous mode
[  152.900829][   T40] veth0_vlan: left promiscuous mode
[  152.906625][   T40] veth1_macvtap: left promiscuous mode
[  152.912127][   T40] veth0_macvtap: left promiscuous mode
[  152.917739][   T40] veth1_vlan: left promiscuous mode
[  152.922953][   T40] veth0_vlan: left promiscuous mode
[  153.036036][   T40] team0 (unregistering): Port device team_slave_1 removed
[  153.048156][   T40] team0 (unregistering): Port device team_slave_0 removed
[  153.110387][   T40] team0 (unregistering): Port device team_slave_1 removed
[  153.120593][   T40] team0 (unregistering): Port device team_slave_0 removed
[  153.157460][ T9714] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  153.167151][ T9714] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  153.222359][ T9719] loop3: detected capacity change from 0 to 512
[  153.230523][ T9719] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #15: comm syz.3.1954: casefold flag without casefold feature
[  153.243760][ T9719] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.1954: couldn't read orphan inode 15 (err -117)
[  153.256436][ T9719] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.295319][ T9719] loop3: detected capacity change from 512 to 96
[  153.296999][ T9637] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  153.309959][ T9719] syz.3.1954: attempt to access beyond end of device
[  153.309959][ T9719] loop3: rw=2049, sector=510, nr_sectors = 2 limit=96
[  153.310948][ T9637] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  153.323394][ T9719] EXT4-fs warning (device loop3): ext4_end_bio:346: I/O error 10 writing to inode 19 starting block 255)
[  153.341318][ T9719] Buffer I/O error on device loop3, logical block 255
[  153.348206][ T9719] syz.3.1954: attempt to access beyond end of device
[  153.348206][ T9719] loop3: rw=2049, sector=506, nr_sectors = 4 limit=96
[  153.350420][ T9637] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  153.361495][ T9719] EXT4-fs warning (device loop3): ext4_end_bio:346: I/O error 10 writing to inode 19 starting block 253)
[  153.379465][ T9719] Buffer I/O error on device loop3, logical block 253
[  153.386284][ T9719] Buffer I/O error on device loop3, logical block 254
[  153.395237][ T9637] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  153.427199][ T9637] 8021q: adding VLAN 0 to HW filter on device bond0
[  153.439558][ T9637] 8021q: adding VLAN 0 to HW filter on device team0
[  153.446806][ T9015] syz-executor: attempt to access beyond end of device
[  153.446806][ T9015] loop3: rw=2051, sector=510, nr_sectors = 2 limit=96
[  153.461143][ T9015] EXT4-fs (loop3): discard request in group:0 block:254 count:1 failed with -5
[  153.470461][ T9015] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: IO failure
[  153.471661][ T3162] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.478791][ T9015] syz-executor: attempt to access beyond end of device
[  153.478791][ T9015] loop3: rw=2051, sector=506, nr_sectors = 4 limit=96
[  153.485499][ T3162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  153.488090][ T3162] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.500154][ T9015] EXT4-fs (loop3): discard request in group:0 block:252 count:2 failed with -5
[  153.506212][ T3162] bridge0: port 2(bridge_slave_1) entered forwarding state
[  153.530204][ T9015] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: IO failure
[  153.539084][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.557961][ T9637] 8021q: adding VLAN 0 to HW filter on device batadv0
[  153.637037][ T9741] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1957'.
[  153.715242][ T9755] syz.0.1962 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  153.715290][ T9760] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1963'.
[  153.748013][ T9637] veth0_vlan: entered promiscuous mode
[  153.762475][ T9764] FAULT_INJECTION: forcing a failure.
[  153.762475][ T9764] name failslab, interval 1, probability 0, space 0, times 0
[  153.766695][ T9637] veth1_vlan: entered promiscuous mode
[  153.775144][ T9764] CPU: 1 PID: 9764 Comm: syz.3.1966 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  153.790669][ T9764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  153.800756][ T9764] Call Trace:
[  153.804021][ T9764]  <TASK>
[  153.807041][ T9764]  dump_stack_lvl+0xf2/0x150
[  153.811818][ T9764]  dump_stack+0x15/0x20
[  153.816070][ T9764]  should_fail_ex+0x229/0x230
[  153.820754][ T9764]  ? p9_client_prepare_req+0x29d/0x870
[  153.826244][ T9764]  __should_failslab+0x92/0xa0
[  153.831160][ T9764]  should_failslab+0x9/0x20
[  153.835755][ T9764]  __kmalloc_noprof+0xa5/0x370
[  153.840513][ T9764]  ? p9_msg_buf_size+0x123b/0x12b0
[  153.845678][ T9764]  p9_client_prepare_req+0x29d/0x870
[  153.851042][ T9764]  ? kmem_cache_free+0x28/0x280
[  153.855992][ T9764]  ? p9_client_rpc+0x50d/0x710
[  153.860794][ T9764]  p9_client_rpc+0xf0/0x710
[  153.865292][ T9764]  ? bpf_trace_run2+0x123/0x1d0
[  153.870193][ T9764]  ? kfree+0x20d/0x290
[  153.874362][ T9764]  ? p9_client_open+0x113/0x2c0
[  153.879228][ T9764]  p9_client_clunk+0x43/0x110
[  153.884031][ T9764]  v9fs_file_open+0x339/0x530
[  153.888770][ T9764]  ? __pfx_v9fs_file_open+0x10/0x10
[  153.893991][ T9764]  do_dentry_open+0x647/0xa60
[  153.898765][ T9764]  vfs_open+0x3b/0x1f0
[  153.902898][ T9764]  path_openat+0x1ad9/0x1fa0
[  153.907488][ T9764]  ? kstrtouint+0x77/0xc0
[  153.911882][ T9764]  do_filp_open+0xf7/0x200
[  153.916296][ T9764]  do_sys_openat2+0xab/0x120
[  153.920944][ T9764]  __x64_sys_open+0xe6/0x110
[  153.925612][ T9764]  x64_sys_call+0x12d6/0x2d70
[  153.930402][ T9764]  do_syscall_64+0xc9/0x1c0
[  153.934897][ T9764]  ? clear_bhb_loop+0x55/0xb0
[  153.939639][ T9764]  ? clear_bhb_loop+0x55/0xb0
[  153.944353][ T9764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.950280][ T9764] RIP: 0033:0x7fba30bcabd9
[  153.954685][ T9764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.974378][ T9764] RSP: 002b:00007fba2fe4c048 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  153.982804][ T9764] RAX: ffffffffffffffda RBX: 00007fba30d58f60 RCX: 00007fba30bcabd9
[  153.990767][ T9764] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00000000200006c0
[  153.998742][ T9764] RBP: 00007fba2fe4c0a0 R08: 0000000000000000 R09: 0000000000000000
[  154.006703][ T9764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  154.014678][ T9764] R13: 000000000000000b R14: 00007fba30d58f60 R15: 00007ffe629b5cd8
[  154.022799][ T9764]  </TASK>
[  154.043512][ T9637] veth0_macvtap: entered promiscuous mode
[  154.066750][ T9637] veth1_macvtap: entered promiscuous mode
[  154.082935][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.093927][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.103988][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.114474][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.124480][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.128251][ T9771] loop0: detected capacity change from 0 to 2048
[  154.135080][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.151320][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.161818][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.166331][ T9771] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  154.171663][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.188232][ T9771] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, 
[  154.194276][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.196814][ T9637] batman_adv: batadv0: Interface activated: batadv_slave_0
[  154.202606][ T9771] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  154.203255][ T9771] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  154.214216][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.219873][ T9771] EXT4-fs (loop0): This should not happen!! Data will be lost
[  154.219873][ T9771] 
[  154.228561][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.240826][ T9771] EXT4-fs (loop0): Total free blocks count 0
[  154.251222][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.260875][ T9771] EXT4-fs (loop0): Free/Dirty block details
[  154.270786][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.270804][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.276764][ T9771] EXT4-fs (loop0): free_blocks=2415919104
[  154.287268][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.293068][ T9771] EXT4-fs (loop0): dirty_blocks=16
[  154.302891][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.313281][ T9771] EXT4-fs (loop0): Block reservation details
[  154.313294][ T9771] EXT4-fs (loop0): i_reserved_data_blocks=1
[  154.356783][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.366771][ T9637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.377210][ T9637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.389321][ T9637] batman_adv: batadv0: Interface activated: batadv_slave_1
[  154.400558][ T9637] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.409374][ T9637] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.418235][ T9637] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.426944][ T9637] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.455889][ T9762] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  154.465516][ T9762] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  154.494645][ T9781] hub 9-0:1.0: USB hub found
[  154.499554][ T9781] hub 9-0:1.0: 8 ports detected
[  154.707942][   T28] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  154.773309][ T9785] loop4: detected capacity change from 0 to 1024
[  154.783505][ T9785] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.919280][ T9794] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1975'.
[  154.950293][ T9797] loop4: detected capacity change from 0 to 128
[  154.957479][ T9788] team_slave_0: entered promiscuous mode
[  154.963269][ T9788] team_slave_1: entered promiscuous mode
[  154.972684][ T9787] team_slave_0: left promiscuous mode
[  154.978121][ T9787] team_slave_1: left promiscuous mode
[  155.036556][ T9804] loop3: detected capacity change from 0 to 2048
[  155.061510][ T9804] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1980'.
[  155.071205][   T29] audit: type=1400 audit(1720561260.243:3610): avc:  denied  { search } for  pid=9802 comm="syz.3.1980" name="/" dev="configfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  155.093792][   T29] audit: type=1400 audit(1720561260.243:3611): avc:  denied  { read } for  pid=9802 comm="syz.3.1980" name="/" dev="configfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  155.115878][   T29] audit: type=1400 audit(1720561260.243:3612): avc:  denied  { open } for  pid=9802 comm="syz.3.1980" path="/" dev="configfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  155.137904][   T29] audit: type=1400 audit(1720561260.243:3613): avc:  denied  { execute } for  pid=9802 comm="syz.3.1980" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=34556 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  155.177570][ T9807] loop4: detected capacity change from 0 to 2048
[  155.210098][ T9807] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  155.225105][ T9824] tipc: Started in network mode
[  155.229964][ T9824] tipc: Node identity , cluster identity 4711
[  155.236114][ T9824] tipc: Failed to set node id, please configure manually
[  155.238544][ T9807] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  155.243348][ T9824] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  155.255607][ T9807] EXT4-fs (loop4): This should not happen!! Data will be lost
[  155.255607][ T9807] 
[  155.255626][ T9807] EXT4-fs (loop4): Total free blocks count 0
[  155.255637][ T9807] EXT4-fs (loop4): Free/Dirty block details
[  155.255647][ T9807] EXT4-fs (loop4): free_blocks=2415919104
[  155.255658][ T9807] EXT4-fs (loop4): dirty_blocks=16
[  155.255668][ T9807] EXT4-fs (loop4): Block reservation details
[  155.255677][ T9807] EXT4-fs (loop4): i_reserved_data_blocks=1
[  155.317660][ T9830] loop3: detected capacity change from 0 to 1024
[  155.332857][ T9834] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  155.342588][ T9834] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  155.376236][ T4749] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  155.419537][ T9846] loop3: detected capacity change from 0 to 128
[  155.432776][ T9846] EXT4-fs: Ignoring removed bh option
[  155.455415][ T9846] ext4: Unknown parameter 'smackfshat'
[  155.485264][   T29] audit: type=1326 audit(1720561260.673:3614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9849 comm="syz.2.1994" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee6cb55bd9 code=0x0
[  155.562473][ T9858] loop0: detected capacity change from 0 to 512
[  155.570480][ T9858] EXT4-fs: Ignoring removed i_version option
[  155.576733][ T9858] EXT4-fs: Ignoring removed nobh option
[  155.585796][ T9858] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  155.599564][ T9858] EXT4-fs (loop0): 1 truncate cleaned up
[  155.609408][ T9832] chnl_net:caif_netlink_parms(): no params data found
[  155.653561][ T9832] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.660715][ T9832] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.668028][ T9832] bridge_slave_0: entered allmulticast mode
[  155.675246][ T9832] bridge_slave_0: entered promiscuous mode
[  155.682175][ T9832] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.689275][ T9832] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.704303][ T9832] bridge_slave_1: entered allmulticast mode
[  155.714671][ T9832] bridge_slave_1: entered promiscuous mode
[  155.719671][ T9870] loop0: detected capacity change from 0 to 128
[  155.747253][ T9832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  155.758357][ T9832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  155.778609][ T9832] team0: Port device team_slave_0 added
[  155.786219][ T9832] team0: Port device team_slave_1 added
[  155.805168][ T9832] batman_adv: batadv0: Adding interface: batadv_slave_0
[  155.812165][ T9832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  155.838710][ T9832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  155.850989][ T9832] batman_adv: batadv0: Adding interface: batadv_slave_1
[  155.858045][ T9832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  155.884103][ T9832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  155.907442][ T7563] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  155.919709][ T7563] EXT4-fs (loop4): This should not happen!! Data will be lost
[  155.919709][ T7563] 
[  155.944602][ T9832] hsr_slave_0: entered promiscuous mode
[  155.950926][ T9832] hsr_slave_1: entered promiscuous mode
[  155.951216][ T9876] loop0: detected capacity change from 0 to 512
[  155.962904][ T9832] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  155.976565][ T9832] Cannot create hsr debugfs directory
[  155.994521][ T8431] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  156.008037][ T9876] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  156.020140][ T9876] bond0: (slave lo): Error: Device type is different from other slaves
[  156.032471][ T9878] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2001'.
[  156.092616][ T9832] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.109216][ T9881] loop4: detected capacity change from 0 to 256
[  156.167159][ T9832] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.202494][   T29] audit: type=1326 audit(1720561261.383:3615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9888 comm="syz.4.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4d8318bd9 code=0x7ffc0000
[  156.203854][ T9889] FAULT_INJECTION: forcing a failure.
[  156.203854][ T9889] name failslab, interval 1, probability 0, space 0, times 0
[  156.225962][   T29] audit: type=1326 audit(1720561261.383:3616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9888 comm="syz.4.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4d8318bd9 code=0x7ffc0000
[  156.238721][ T9889] CPU: 0 PID: 9889 Comm: syz.4.2006 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  156.263028][   T29] audit: type=1326 audit(1720561261.383:3617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9888 comm="syz.4.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa4d8318bd9 code=0x7ffc0000
[  156.272022][ T9889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  156.272058][ T9889] Call Trace:
[  156.272067][ T9889]  <TASK>
[  156.295419][   T29] audit: type=1326 audit(1720561261.383:3618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9888 comm="syz.4.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4d8318bd9 code=0x7ffc0000
[  156.305421][ T9889]  dump_stack_lvl+0xf2/0x150
[  156.305452][ T9889]  dump_stack+0x15/0x20
[  156.305474][ T9889]  should_fail_ex+0x229/0x230
[  156.308746][   T29] audit: type=1326 audit(1720561261.383:3619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9888 comm="syz.4.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4d8318bd9 code=0x7ffc0000
[  156.311639][ T9889]  ? audit_log_d_path+0x96/0x250
[  156.335026][   T29] audit: type=1326 audit(1720561261.383:3620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9888 comm="syz.4.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa4d8317610 code=0x7ffc0000
[  156.339509][ T9889]  __should_failslab+0x92/0xa0
[  156.343665][   T29] audit: type=1326 audit(1720561261.383:3621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9888 comm="syz.4.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa4d831775f code=0x7ffc0000
[  156.348312][ T9889]  should_failslab+0x9/0x20
[  156.432595][ T9889]  kmalloc_trace_noprof+0x4b/0x2a0
[  156.437711][ T9889]  audit_log_d_path+0x96/0x250
[  156.442529][ T9889]  ? get_file_rcu+0xf4/0x110
[  156.447612][ T9889]  ? __rcu_read_unlock+0x4e/0x70
[  156.452552][ T9889]  audit_log_d_path_exe+0x45/0x80
[  156.457635][ T9889]  audit_log_task+0x155/0x180
[  156.462334][ T9889]  audit_seccomp+0x68/0x130
[  156.466834][ T9889]  __seccomp_filter+0x6fa/0x1180
[  156.471770][ T9889]  ? proc_fail_nth_write+0x12d/0x160
[  156.477060][ T9889]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  156.482752][ T9889]  ? vfs_write+0x5a5/0x900
[  156.487217][ T9889]  ? __fget_files+0x1da/0x210
[  156.491896][ T9889]  __secure_computing+0x9f/0x1c0
[  156.496829][ T9889]  syscall_trace_enter+0xd1/0x1f0
[  156.501910][ T9889]  ? fpregs_assert_state_consistent+0x83/0xa0
[  156.508140][ T9889]  do_syscall_64+0xaa/0x1c0
[  156.512664][ T9889]  ? clear_bhb_loop+0x55/0xb0
[  156.517353][ T9889]  ? clear_bhb_loop+0x55/0xb0
[  156.522022][ T9889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.527906][ T9889] RIP: 0033:0x7fa4d8318bd9
[  156.532325][ T9889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.551933][ T9889] RSP: 002b:00007fa4d759a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000024
[  156.560336][ T9889] RAX: ffffffffffffffda RBX: 00007fa4d84a6f60 RCX: 00007fa4d8318bd9
[  156.568300][ T9889] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000000
[  156.576350][ T9889] RBP: 00007fa4d759a0a0 R08: 0000000000000000 R09: 0000000000000000
[  156.584365][ T9889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.592538][ T9889] R13: 000000000000000b R14: 00007fa4d84a6f60 R15: 00007ffc41aa3858
[  156.600508][ T9889]  </TASK>
[  156.605050][   T29] audit: type=1326 audit(1720561261.383:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9888 comm="syz.4.2006" exe="<no_memory>" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7fa4d8318bd9 code=0x7ffc0000
[  156.634599][   T29] audit: type=1326 audit(1720561261.823:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9888 comm="syz.4.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fa4d83176bc code=0x7ffc0000
[  156.664844][ T9832] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.704899][ T9893] loop3: detected capacity change from 0 to 4096
[  156.715151][ T9897] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9897 comm=syz.2.2007
[  156.715372][ T9893] EXT4-fs: Ignoring removed i_version option
[  156.733671][ T9893] EXT4-fs: Ignoring removed nomblk_io_submit option
[  156.748784][ T9832] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.766911][ T9893] EXT4-fs mount: 5 callbacks suppressed
[  156.766928][ T9893] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.788863][ T9893] EXT4-fs error (device loop3): ext4_do_update_inode:5075: inode #15: comm syz.3.2008: corrupted inode contents
[  156.801716][ T9893] EXT4-fs error (device loop3): ext4_dirty_inode:5935: inode #15: comm syz.3.2008: mark_inode_dirty error
[  156.813383][ T9893] EXT4-fs error (device loop3): ext4_do_update_inode:5075: inode #15: comm syz.3.2008: corrupted inode contents
[  156.826894][ T9893] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.2008: mark_inode_dirty error
[  156.839490][ T9893] EXT4-fs error (device loop3): ext4_do_update_inode:5075: inode #15: comm syz.3.2008: corrupted inode contents
[  156.851972][ T9893] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.2008: mark_inode_dirty error
[  156.865779][ T9893] EXT4-fs error (device loop3): ext4_do_update_inode:5075: inode #15: comm syz.3.2008: corrupted inode contents
[  156.878124][ T9893] EXT4-fs error (device loop3): ext4_truncate:4162: inode #15: comm syz.3.2008: mark_inode_dirty error
[  156.889506][ T9893] EXT4-fs error (device loop3) in ext4_setattr:5474: Corrupt filesystem
[  156.907025][ T9832] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  156.909408][ T9908] loop4: detected capacity change from 0 to 2048
[  156.922530][ T9832] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  156.931383][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.933016][ T9832] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  156.949576][ T9908] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.950214][ T9832] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  156.968615][ T9908] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  156.983719][ T9908] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  156.996055][ T9908] EXT4-fs (loop4): This should not happen!! Data will be lost
[  156.996055][ T9908] 
[  157.006906][ T9908] EXT4-fs (loop4): Total free blocks count 0
[  157.012935][ T9908] EXT4-fs (loop4): Free/Dirty block details
[  157.015678][ T9832] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.018972][ T9908] EXT4-fs (loop4): free_blocks=2415919104
[  157.031537][ T9908] EXT4-fs (loop4): dirty_blocks=16
[  157.036709][ T9908] EXT4-fs (loop4): Block reservation details
[  157.042694][ T9908] EXT4-fs (loop4): i_reserved_data_blocks=1
[  157.060228][ T9832] 8021q: adding VLAN 0 to HW filter on device team0
[  157.070110][ T3144] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.077218][ T3144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.079634][ T9912] loop3: detected capacity change from 0 to 2048
[  157.102402][ T3144] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.109515][ T3144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.118712][ T9912] EXT4-fs error (device loop3): ext4_orphan_get:1420: comm syz.3.2014: bad orphan inode 8192
[  157.131663][ T9912] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.139538][ T9908] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  157.153294][ T9908] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  157.163599][ T9912] EXT4-fs (loop3): changing journal_checksum during remount not supported; ignoring
[  157.178473][ T9912] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  157.192705][ T9832] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.210206][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.267946][ T9832] veth0_vlan: entered promiscuous mode
[  157.273494][ T9926] loop3: detected capacity change from 0 to 4096
[  157.276971][ T9832] veth1_vlan: entered promiscuous mode
[  157.284283][ T9926] EXT4-fs: Ignoring removed i_version option
[  157.291366][ T9926] EXT4-fs: Ignoring removed nomblk_io_submit option
[  157.299205][ T9832] veth0_macvtap: entered promiscuous mode
[  157.306333][ T9926] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.309239][ T9832] veth1_macvtap: entered promiscuous mode
[  157.326930][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.330429][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  157.346605][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.356478][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  157.366997][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.376843][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  157.387285][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.397190][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  157.407680][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.417576][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  157.428037][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.437834][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  157.448262][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.459019][ T9832] batman_adv: batadv0: Interface activated: batadv_slave_0
[  157.470551][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.481125][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.491274][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.501720][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.511553][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.522103][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.531950][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.542529][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.552415][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.562826][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.572723][ T9832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  157.583179][ T9832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  157.594127][ T9832] batman_adv: batadv0: Interface activated: batadv_slave_1
[  157.604712][ T9832] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.613597][ T9832] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.622725][ T9832] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.625863][ T9932] FAULT_INJECTION: forcing a failure.
[  157.625863][ T9932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.631540][ T9832] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.644726][ T9932] CPU: 1 PID: 9932 Comm: syz.3.2016 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  157.663416][ T9932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  157.673481][ T9932] Call Trace:
[  157.676753][ T9932]  <TASK>
[  157.679672][ T9932]  dump_stack_lvl+0xf2/0x150
[  157.684338][ T9932]  dump_stack+0x15/0x20
[  157.688540][ T9932]  should_fail_ex+0x229/0x230
[  157.693464][ T9932]  should_fail+0xb/0x10
[  157.697619][ T9932]  should_fail_usercopy+0x1a/0x20
[  157.702639][ T9932]  copy_page_from_iter_atomic+0x22a/0xda0
[  157.708376][ T9932]  ? shmem_write_begin+0xa0/0x1c0
[  157.713504][ T9932]  ? shmem_write_begin+0x10c/0x1c0
[  157.718722][ T9932]  generic_perform_write+0x21a/0x410
[  157.724119][ T9932]  ? __pfx_shmem_write_end+0x10/0x10
[  157.729443][ T9932]  shmem_file_write_iter+0xc8/0xf0
[  157.734634][ T9932]  vfs_write+0x78f/0x900
[  157.738868][ T9932]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  157.744718][ T9932]  ksys_write+0xeb/0x1b0
[  157.748968][ T9932]  __x64_sys_write+0x42/0x50
[  157.753550][ T9932]  x64_sys_call+0x27ef/0x2d70
[  157.758267][ T9932]  do_syscall_64+0xc9/0x1c0
[  157.762791][ T9932]  ? clear_bhb_loop+0x55/0xb0
[  157.767615][ T9932]  ? clear_bhb_loop+0x55/0xb0
[  157.772286][ T9932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.778274][ T9932] RIP: 0033:0x7fba30bc975f
[  157.783025][ T9932] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  157.802789][ T9932] RSP: 002b:00007fba2fe4be00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  157.811238][ T9932] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007fba30bc975f
[  157.819243][ T9932] RDX: 0000000000040000 RSI: 00007fba27a2c000 RDI: 0000000000000004
[  157.827203][ T9932] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000044b
[  157.835166][ T9932] R10: 00000000000003ba R11: 0000000000000293 R12: 0000000000000004
[  157.843176][ T9932] R13: 00007fba2fe4bf00 R14: 00007fba2fe4bec0 R15: 00007fba27a2c000
[  157.851150][ T9932]  </TASK>
[  157.856149][ T9932] loop3: detected capacity change from 0 to 512
[  157.869490][ T9932] EXT4-fs (loop3): 1 orphan inode deleted
[  157.889387][ T9932] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.901722][   T28] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  157.941433][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.960840][ T9943] loop1: detected capacity change from 0 to 1024
[  157.994453][ T9943] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.997390][ T9945] loop4: detected capacity change from 0 to 1024
[  158.017495][ T9945] EXT4-fs: Ignoring removed i_version option
[  158.036051][ T9950] delete_channel: no stack
[  158.046939][ T9832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.050537][ T9945] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.078481][ T9957] loop0: detected capacity change from 0 to 512
[  158.086953][ T9957] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  158.096117][ T9957] EXT4-fs (loop0): Couldn't mount because of unsupported optional features (fffc1829)
[  158.105779][ T9957] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  158.133847][ T9965] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2019'.
[  158.169198][ T4749] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  158.215846][ T9971] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2027'.
[  158.238385][ T9971] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 44469 - 0
[  158.247337][ T9971] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 44469 - 0
[  158.256466][ T9971] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 44469 - 0
[  158.265342][ T9971] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 44469 - 0
[  158.275994][ T9971] geneve2: entered promiscuous mode
[  158.283524][ T9971] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 44469 - 0
[  158.293039][ T9971] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 44469 - 0
[  158.302103][ T9971] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 44469 - 0
[  158.311193][ T9971] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 44469 - 0
[  158.351172][ T9637] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.458638][T10004] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  159.088312][T10023] netlink: 5 bytes leftover after parsing attributes in process `syz.1.2046'.
[  159.173852][T10027] FAULT_INJECTION: forcing a failure.
[  159.173852][T10027] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  159.187465][T10027] CPU: 1 PID: 10027 Comm: syz.1.2048 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  159.197650][T10027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  159.207767][T10027] Call Trace:
[  159.211034][T10027]  <TASK>
[  159.213952][T10027]  dump_stack_lvl+0xf2/0x150
[  159.218639][T10027]  dump_stack+0x15/0x20
[  159.222797][T10027]  should_fail_ex+0x229/0x230
[  159.227498][T10027]  __should_fail_alloc_page+0xfd/0x110
[  159.233111][T10027]  __alloc_pages_noprof+0x109/0x360
[  159.238352][T10027]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  159.243764][T10027]  shmem_get_folio_gfp+0x3e4/0xb70
[  159.248952][T10027]  shmem_write_begin+0xa0/0x1c0
[  159.253862][T10027]  generic_perform_write+0x1d5/0x410
[  159.259202][T10027]  ? __pfx_shmem_write_end+0x10/0x10
[  159.264504][T10027]  shmem_file_write_iter+0xc8/0xf0
[  159.269610][T10027]  vfs_write+0x78f/0x900
[  159.273909][T10027]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  159.279701][T10027]  ksys_write+0xeb/0x1b0
[  159.283947][T10027]  __x64_sys_write+0x42/0x50
[  159.288647][T10027]  x64_sys_call+0x27ef/0x2d70
[  159.293510][T10027]  do_syscall_64+0xc9/0x1c0
[  159.298147][T10027]  ? clear_bhb_loop+0x55/0xb0
[  159.302824][T10027]  ? clear_bhb_loop+0x55/0xb0
[  159.307537][T10027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.313484][T10027] RIP: 0033:0x7f249bc6975f
[  159.317895][T10027] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  159.337832][T10027] RSP: 002b:00007f249aeebe00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  159.346233][T10027] RAX: ffffffffffffffda RBX: 0000000000080000 RCX: 00007f249bc6975f
[  159.354223][T10027] RDX: 0000000000080000 RSI: 00007f2492acc000 RDI: 0000000000000005
[  159.362284][T10027] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000055a
[  159.370405][T10027] R10: 00000000000003d2 R11: 0000000000000293 R12: 0000000000000005
[  159.378395][T10027] R13: 00007f249aeebf00 R14: 00007f249aeebec0 R15: 00007f2492acc000
[  159.386438][T10027]  </TASK>
[  159.439979][T10037] vxcan1: tx address claim with dest, not broadcast
[  159.566339][T10046] loop1: detected capacity change from 0 to 256
[  159.627200][T10035] loop4: detected capacity change from 0 to 8192
[  159.904831][T10049] 
@ÿ: renamed from veth0_vlan (while UP)
[  159.920214][T10049] loop3: detected capacity change from 0 to 512
[  159.939951][T10049] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  159.958734][T10049] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.971579][T10049] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.207758][T10067] FAULT_INJECTION: forcing a failure.
[  160.207758][T10067] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.220952][T10067] CPU: 1 PID: 10067 Comm: syz.2.2062 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  160.231139][T10067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  160.241208][T10067] Call Trace:
[  160.244475][T10067]  <TASK>
[  160.247475][T10067]  dump_stack_lvl+0xf2/0x150
[  160.252058][T10067]  dump_stack+0x15/0x20
[  160.256291][T10067]  should_fail_ex+0x229/0x230
[  160.260992][T10067]  should_fail+0xb/0x10
[  160.265167][T10067]  should_fail_usercopy+0x1a/0x20
[  160.270236][T10067]  _copy_to_user+0x1e/0xa0
[  160.274738][T10067]  __se_sys_move_pages+0x1276/0x1610
[  160.280089][T10067]  ? proc_fail_nth_write+0x12d/0x160
[  160.285378][T10067]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  160.291096][T10067]  ? ksys_write+0x178/0x1b0
[  160.295642][T10067]  __x64_sys_move_pages+0x78/0x90
[  160.300698][T10067]  x64_sys_call+0x2c3b/0x2d70
[  160.305369][T10067]  do_syscall_64+0xc9/0x1c0
[  160.309919][T10067]  ? clear_bhb_loop+0x55/0xb0
[  160.314725][T10067]  ? clear_bhb_loop+0x55/0xb0
[  160.319401][T10067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.325356][T10067] RIP: 0033:0x7fee6cb55bd9
[  160.329824][T10067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.349446][T10067] RSP: 002b:00007fee6bdd7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  160.358098][T10067] RAX: ffffffffffffffda RBX: 00007fee6cce3f60 RCX: 00007fee6cb55bd9
[  160.366116][T10067] RDX: 0000000020000000 RSI: 20000000000001ab RDI: 0000000000000000
[  160.374206][T10067] RBP: 00007fee6bdd70a0 R08: 0000000020000000 R09: 0000000000000000
[  160.382197][T10067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.390160][T10067] R13: 000000000000000b R14: 00007fee6cce3f60 R15: 00007fff7c4901f8
[  160.398165][T10067]  </TASK>
[  160.457409][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.491205][T10079] netlink: 'syz.3.2065': attribute type 1 has an invalid length.
[  160.500314][T10077] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2063'.
[  160.514191][T10080] 9pnet_fd: Insufficient options for proto=fd
[  160.521446][T10082] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  160.535416][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  160.535429][   T29] audit: type=1326 audit(1720561265.723:3632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.3.2068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba30bcabd9 code=0x7ffc0000
[  160.536473][T10084] program syz.3.2068 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  160.550864][   T29] audit: type=1326 audit(1720561265.723:3633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.3.2068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fba30bcabd9 code=0x7ffc0000
[  160.607027][   T29] audit: type=1326 audit(1720561265.723:3634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.3.2068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba30bcabd9 code=0x7ffc0000
[  160.630927][   T29] audit: type=1326 audit(1720561265.723:3635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.3.2068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba30bcabd9 code=0x7ffc0000
[  160.654528][   T29] audit: type=1326 audit(1720561265.723:3636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.3.2068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fba30bcabd9 code=0x7ffc0000
[  160.678189][   T29] audit: type=1326 audit(1720561265.723:3637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.3.2068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba30bcabd9 code=0x7ffc0000
[  160.701743][   T29] audit: type=1326 audit(1720561265.723:3638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.3.2068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fba30bcabd9 code=0x7ffc0000
[  160.725562][   T29] audit: type=1326 audit(1720561265.723:3639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.3.2068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba30bcabd9 code=0x7ffc0000
[  160.749323][   T29] audit: type=1326 audit(1720561265.723:3640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.3.2068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fba30bcabd9 code=0x7ffc0000
[  160.772976][   T29] audit: type=1326 audit(1720561265.723:3641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10083 comm="syz.3.2068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba30bcabd9 code=0x7ffc0000
[  160.890413][T10103] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2075'.
[  160.940443][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  161.028588][T10117] netlink: 166 bytes leftover after parsing attributes in process `syz.3.2080'.
[  161.050015][T10119] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  161.096654][T10123] FAULT_INJECTION: forcing a failure.
[  161.096654][T10123] name failslab, interval 1, probability 0, space 0, times 0
[  161.118972][T10123] CPU: 0 PID: 10123 Comm: syz.0.2081 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  161.129310][T10123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  161.139400][T10123] Call Trace:
[  161.142689][T10123]  <TASK>
[  161.145613][T10123]  dump_stack_lvl+0xf2/0x150
[  161.150272][T10123]  dump_stack+0x15/0x20
[  161.154470][T10123]  should_fail_ex+0x229/0x230
[  161.159146][T10123]  ? sctp_add_bind_addr+0x6f/0x1e0
[  161.164254][T10123]  __should_failslab+0x92/0xa0
[  161.169160][T10123]  should_failslab+0x9/0x20
[  161.173667][T10123]  kmalloc_trace_noprof+0x4b/0x2a0
[  161.178777][T10123]  sctp_add_bind_addr+0x6f/0x1e0
[  161.183711][T10123]  sctp_copy_local_addr_list+0x19b/0x220
[  161.189396][T10123]  sctp_copy_one_addr+0x83/0x410
[  161.194489][T10123]  sctp_bind_addr_copy+0x81/0x2b0
[  161.199524][T10123]  sctp_assoc_set_bind_addr_from_ep+0xc0/0xd0
[  161.205660][T10123]  sctp_connect_new_asoc+0x1d0/0x3b0
[  161.210987][T10123]  sctp_sendmsg+0xf05/0x1920
[  161.215677][T10123]  ? __pfx_sctp_sendmsg+0x10/0x10
[  161.220785][T10123]  inet_sendmsg+0xc5/0xd0
[  161.225155][T10123]  __sock_sendmsg+0x102/0x180
[  161.229873][T10123]  ____sys_sendmsg+0x312/0x410
[  161.234659][T10123]  __sys_sendmsg+0x1e9/0x280
[  161.239322][T10123]  __x64_sys_sendmsg+0x46/0x50
[  161.244221][T10123]  x64_sys_call+0xb25/0x2d70
[  161.248838][T10123]  do_syscall_64+0xc9/0x1c0
[  161.253337][T10123]  ? clear_bhb_loop+0x55/0xb0
[  161.258055][T10123]  ? clear_bhb_loop+0x55/0xb0
[  161.262749][T10123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.268730][T10123] RIP: 0033:0x7f227b61ebd9
[  161.273235][T10123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.292902][T10123] RSP: 002b:00007f227a8a0048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  161.301406][T10123] RAX: ffffffffffffffda RBX: 00007f227b7acf60 RCX: 00007f227b61ebd9
[  161.309539][T10123] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  161.317529][T10123] RBP: 00007f227a8a00a0 R08: 0000000000000000 R09: 0000000000000000
[  161.325492][T10123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  161.333455][T10123] R13: 000000000000000b R14: 00007f227b7acf60 R15: 00007ffef5666888
[  161.341422][T10123]  </TASK>
[  161.368836][T10132] Process accounting resumed
[  161.382157][T10135] loop0: detected capacity change from 0 to 512
[  161.403714][T10135] EXT4-fs: Ignoring removed i_version option
[  161.406565][T10137] netlink: 'syz.4.2089': attribute type 6 has an invalid length.
[  161.409782][T10135] EXT4-fs: Ignoring removed nobh option
[  161.417462][T10137] netlink: 14557 bytes leftover after parsing attributes in process `syz.4.2089'.
[  161.432805][T10135] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  161.449821][T10141] loop3: detected capacity change from 0 to 2048
[  161.475288][T10135] EXT4-fs (loop0): 1 truncate cleaned up
[  161.477753][T10145] netlink: 166 bytes leftover after parsing attributes in process `syz.4.2092'.
[  161.495569][T10141] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.532690][T10135] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.551853][T10156] usb usb9: usbfs: process 10156 (syz.4.2096) did not claim interface 0 before use
[  161.622478][ T9523] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.632665][T10159] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  161.643881][ T1477] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  161.675897][ T1477] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  161.688258][ T1477] EXT4-fs (loop3): This should not happen!! Data will be lost
[  161.688258][ T1477] 
[  161.697981][ T1477] EXT4-fs (loop3): Total free blocks count 0
[  161.703995][ T1477] EXT4-fs (loop3): Free/Dirty block details
[  161.710024][ T1477] EXT4-fs (loop3): free_blocks=2415919104
[  161.715926][ T1477] EXT4-fs (loop3): dirty_blocks=16
[  161.721041][ T1477] EXT4-fs (loop3): Block reservation details
[  161.727069][ T1477] EXT4-fs (loop3): i_reserved_data_blocks=1
[  161.746185][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.766824][T10171] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  161.774274][T10171] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  161.785607][T10173] loop1: detected capacity change from 0 to 512
[  161.827046][ T4749] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  161.860375][T10173] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  161.872501][T10173] bond0: (slave lo): Error: Device type is different from other slaves
[  161.944904][T10186] loop4: detected capacity change from 0 to 1024
[  161.956930][T10180] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  161.966639][T10180] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  161.978081][T10186] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.995758][T10186] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #14: comm syz.4.2105: attempt to clear invalid blocks 1886221359 len 1
[  162.017449][ T9637] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.121387][T10197] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  162.208912][T10201] netlink: 'syz.4.2110': attribute type 4 has an invalid length.
[  162.248402][T10203] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2111'.
[  162.279088][T10201] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  162.369438][T10214] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  162.376624][T10214] team0: Device ipvlan2 failed to register rx_handler
[  162.554031][T10229] loop4: detected capacity change from 0 to 512
[  162.563544][T10229] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.577865][T10229] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  162.590466][T10229] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b040c118, mo2=0002]
[  162.608148][T10229] System zones: 1-12
[  162.616809][T10229] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz.4.2120: corrupted in-inode xattr: e_value size too large
[  162.638889][T10229] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.2120: couldn't read orphan inode 15 (err -117)
[  162.670566][T10229] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.718972][ T9637] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.830063][T10242] loop4: detected capacity change from 0 to 1024
[  162.866719][T10242] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=2843c118, mo2=0002]
[  162.886413][T10242] System zones: 0-1, 3-12
[  162.891405][T10242] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.918896][T10242] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  162.952671][ T9637] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.030369][T10250] loop3: detected capacity change from 0 to 1024
[  163.040203][T10250] EXT4-fs (loop3): Can't support bigalloc feature without extents feature
[  163.040203][T10250] 
[  163.051052][T10250] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  163.227632][T10266] loop4: detected capacity change from 0 to 1024
[  163.240165][T10266] EXT4-fs: Ignoring removed i_version option
[  163.269568][T10267] loop0: detected capacity change from 0 to 2048
[  163.287441][T10266] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.307251][T10267] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.327382][T10267] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  163.344240][T10267] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  163.356643][T10267] EXT4-fs (loop0): This should not happen!! Data will be lost
[  163.356643][T10267] 
[  163.366307][T10267] EXT4-fs (loop0): Total free blocks count 0
[  163.372289][T10267] EXT4-fs (loop0): Free/Dirty block details
[  163.378236][T10267] EXT4-fs (loop0): free_blocks=2415919104
[  163.383961][T10267] EXT4-fs (loop0): dirty_blocks=16
[  163.389108][T10267] EXT4-fs (loop0): Block reservation details
[  163.395110][T10267] EXT4-fs (loop0): i_reserved_data_blocks=1
[  163.402556][ T9637] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.466255][T10267] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  163.476065][T10267] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  163.537343][T10275] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2135'.
[  163.628899][T10277] loop4: detected capacity change from 0 to 1024
[  163.646290][T10277] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=2843c118, mo2=0002]
[  163.654514][T10277] System zones: 0-1, 3-12
[  163.659404][T10277] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.672700][T10277] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  163.709053][ T9637] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.805366][T10289] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2140'.
[  163.814295][T10289] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2140'.
[  163.823328][T10289] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2140'.
[  163.926988][T10299] loop4: detected capacity change from 0 to 512
[  163.937729][T10299] EXT4-fs error (device loop4): ext4_orphan_get:1420: comm syz.4.2143: bad orphan inode 15
[  163.948063][T10299] ext4_test_bit(bit=14, block=5) = 0
[  163.953716][T10299] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.969479][T10299] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[  163.994337][ T9637] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.027572][   T11] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  164.049028][T10307] loop1: detected capacity change from 0 to 1024
[  164.070864][T10311] netlink: 'syz.3.2149': attribute type 8 has an invalid length.
[  164.082027][T10307] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=2843c118, mo2=0002]
[  164.097528][T10307] System zones: 0-1, 3-12
[  164.105209][T10307] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.116492][T10321] loop4: detected capacity change from 0 to 512
[  164.129955][T10321] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  164.130233][T10307] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none.
[  164.146446][T10321] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  164.168608][T10321] System zones: 1-12
[  164.172766][T10321] EXT4-fs (loop4): 1 truncate cleaned up
[  164.178934][T10321] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.201000][ T9832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.220394][ T9637] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.276502][T10329] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  164.540493][T10344] loop4: detected capacity change from 0 to 2048
[  164.588477][T10344] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.621345][T10344] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  164.641910][T10344] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  164.654251][T10344] EXT4-fs (loop4): This should not happen!! Data will be lost
[  164.654251][T10344] 
[  164.663887][T10344] EXT4-fs (loop4): Total free blocks count 0
[  164.669922][T10344] EXT4-fs (loop4): Free/Dirty block details
[  164.675860][T10344] EXT4-fs (loop4): free_blocks=2415919104
[  164.681581][T10344] EXT4-fs (loop4): dirty_blocks=16
[  164.686906][T10344] EXT4-fs (loop4): Block reservation details
[  164.694405][T10344] EXT4-fs (loop4): i_reserved_data_blocks=1
[  164.757921][T10344] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  164.767757][T10344] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  164.826215][T10360] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  164.894458][T10362] loop1: detected capacity change from 0 to 512
[  164.910428][T10362] EXT4-fs: Ignoring removed i_version option
[  164.916489][T10362] EXT4-fs: Ignoring removed nobh option
[  164.923265][T10362] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  164.951422][T10362] EXT4-fs (loop1): 1 truncate cleaned up
[  164.958662][T10362] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.998134][ T9832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.012193][T10367] loop3: detected capacity change from 0 to 2048
[  165.054134][T10367] Alternate GPT is invalid, using primary GPT.
[  165.060568][T10367]  loop3: p1 p2 p3
[  165.234521][T10381] FAULT_INJECTION: forcing a failure.
[  165.234521][T10381] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  165.248160][T10381] CPU: 0 PID: 10381 Comm: syz.0.2169 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  165.258336][T10381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  165.268402][T10381] Call Trace:
[  165.271681][T10381]  <TASK>
[  165.274617][T10381]  dump_stack_lvl+0xf2/0x150
[  165.279219][T10381]  dump_stack+0x15/0x20
[  165.283485][T10381]  should_fail_ex+0x229/0x230
[  165.288229][T10381]  __should_fail_alloc_page+0xfd/0x110
[  165.293762][T10381]  __alloc_pages_noprof+0x109/0x360
[  165.298967][T10381]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  165.304372][T10381]  shmem_get_folio_gfp+0x3e4/0xb70
[  165.309525][T10381]  shmem_write_begin+0xa0/0x1c0
[  165.314377][T10381]  generic_perform_write+0x1d5/0x410
[  165.319729][T10381]  shmem_file_write_iter+0xc8/0xf0
[  165.324834][T10381]  vfs_write+0x78f/0x900
[  165.329070][T10381]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  165.334949][T10381]  ksys_write+0xeb/0x1b0
[  165.339186][T10381]  __x64_sys_write+0x42/0x50
[  165.343776][T10381]  x64_sys_call+0x27ef/0x2d70
[  165.348448][T10381]  do_syscall_64+0xc9/0x1c0
[  165.352977][T10381]  ? clear_bhb_loop+0x55/0xb0
[  165.357771][T10381]  ? clear_bhb_loop+0x55/0xb0
[  165.362438][T10381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.368366][T10381] RIP: 0033:0x7f227b61ebd9
[  165.372788][T10381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.392476][T10381] RSP: 002b:00007f227a85e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  165.400883][T10381] RAX: ffffffffffffffda RBX: 00007f227b7ad110 RCX: 00007f227b61ebd9
[  165.408876][T10381] RDX: 000000000000ffd2 RSI: 0000000020000000 RDI: 0000000000000005
[  165.416835][T10381] RBP: 00007f227a85e0a0 R08: 0000000000000000 R09: 0000000000000000
[  165.424799][T10381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.432818][T10381] R13: 000000000000006e R14: 00007f227b7ad110 R15: 00007ffef5666888
[  165.440782][T10381]  </TASK>
[  165.508658][T10315] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  165.567077][T10384] loop4: detected capacity change from 0 to 128
[  165.586372][T10384] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  165.619197][T10384] ext4 filesystem being mounted at /65/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  165.629424][T10387] loop1: detected capacity change from 0 to 2048
[  165.660073][T10384] SELinux:  Context system_u:object_r:dhcp_sta is not valid (left unmapped).
[  165.669276][   T29] kauditd_printk_skb: 93 callbacks suppressed
[  165.669288][   T29] audit: type=1400 audit(1720561270.853:3735): avc:  denied  { relabelto } for  pid=10383 comm="syz.4.2172" name="bus" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:dhcp_sta"
[  165.714721][T10387]  loop1: p1 < > p3
[  165.719149][T10387] loop1: p3 size 134217728 extends beyond EOD, truncated
[  165.747542][   T29] audit: type=1400 audit(1720561270.933:3736): avc:  denied  { mounton } for  pid=10386 comm="syz.1.2173" path="/dev/loop1p1" dev="devtmpfs" ino=1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  165.840198][   T29] audit: type=1326 audit(1720561271.023:3737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.4.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4d8318bd9 code=0x7fc00000
[  165.841571][T10390] loop1: detected capacity change from 0 to 1024
[  165.863739][   T29] audit: type=1326 audit(1720561271.023:3738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.4.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa4d8318bd9 code=0x7fc00000
[  165.875361][T10390] EXT4-fs (loop1): Can't support bigalloc feature without extents feature
[  165.875361][T10390] 
[  165.904409][T10390] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  165.993097][T10405] __nla_validate_parse: 5 callbacks suppressed
[  165.993113][T10405] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2180'.
[  166.018614][T10409] loop1: detected capacity change from 0 to 512
[  166.036790][T10409] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.051255][T10409] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.063218][T10409] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  166.065498][T10417] veth2: entered allmulticast mode
[  166.069640][T10409] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  166.081176][T10409] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  166.087591][T10409] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  166.093968][T10409] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  166.100411][T10409] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  166.106846][T10409] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  166.113291][T10409] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  166.119768][T10409] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  166.126183][T10409] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  166.151326][T10426] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2188'.
[  166.175093][ T9832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.189469][T10430] 9pnet_fd: Insufficient options for proto=fd
[  166.223637][T10439] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2193'.
[  166.289580][T10449] loop1: detected capacity change from 0 to 512
[  166.298027][T10449] EXT4-fs (loop1): orphan cleanup on readonly fs
[  166.306645][T10449] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2197: bg 0: block 248: padding at end of block bitmap is not set
[  166.321578][T10449] Quota error (device loop1): write_blk: dquota write failed
[  166.329105][T10449] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  166.339127][T10449] EXT4-fs error (device loop1): ext4_acquire_dquot:6860: comm syz.1.2197: Failed to acquire dquot type 1
[  166.351412][T10449] EXT4-fs (loop1): 1 truncate cleaned up
[  166.359043][T10449] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  166.375714][T10449] EXT4-fs error (device loop1): ext4_lookup:1858: inode #2: comm syz.1.2197: deleted inode referenced: 12
[  166.396023][ T9832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.406118][   T29] audit: type=1326 audit(1720561271.593:3739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.4.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4d8318bd9 code=0x7fc00000
[  166.429694][   T29] audit: type=1326 audit(1720561271.593:3740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.4.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa4d8318bd9 code=0x7fc00000
[  166.453283][   T29] audit: type=1326 audit(1720561271.593:3741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10383 comm="syz.4.2172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4d8318bd9 code=0x7fc00000
[  166.480173][ T9637] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  166.563009][T10466] loop4: detected capacity change from 0 to 256
[  166.614103][   T29] audit: type=1400 audit(1720561271.793:3742): avc:  denied  { watch } for  pid=10455 comm="syz.0.2202" path="/62/file0" dev="ramfs" ino=37284 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  166.656993][T10474] loop1: detected capacity change from 0 to 128
[  166.725571][T10475] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11792 sclass=netlink_route_socket pid=10475 comm=syz.1.2207
[  166.879122][T10482] loop3: detected capacity change from 0 to 512
[  166.895687][T10482] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  166.903656][T10482] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  166.911829][T10482] System zones: 0-1, 15-15, 18-18, 34-34
[  166.917691][T10482] EXT4-fs (loop3): orphan cleanup on readonly fs
[  166.924093][T10482] EXT4-fs warning (device loop3): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  166.938644][T10482] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  166.945904][T10482] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2210: bg 0: block 40: padding at end of block bitmap is not set
[  166.960206][T10482] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  166.969038][T10482] EXT4-fs (loop3): 1 truncate cleaned up
[  166.975015][T10482] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  166.989204][T10482] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  166.997149][T10482] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  167.016226][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.138852][T10497] netlink: 94 bytes leftover after parsing attributes in process `syz.3.2213'.
[  167.190572][T10501] loop3: detected capacity change from 0 to 1024
[  167.205360][T10501] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.238677][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.305478][T10507] loop3: detected capacity change from 0 to 1024
[  167.319000][T10507] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.339655][T10509] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2217'.
[  167.348621][T10509] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  167.356054][T10509] batman_adv: batadv0: Removing interface: batadv_slave_0
[  167.364236][T10509] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  167.364586][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.371619][T10509] batman_adv: batadv0: Removing interface: batadv_slave_1
[  167.403531][T10515] loop0: detected capacity change from 0 to 128
[  167.416774][T10515] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  167.455019][T10519] loop4: detected capacity change from 0 to 512
[  167.469290][T10519] EXT4-fs: Ignoring removed nobh option
[  167.474916][T10519] EXT4-fs: Ignoring removed nomblk_io_submit option
[  167.481652][T10519] ext4: Unknown parameter 'noacl'
[  167.505333][T10523] loop3: detected capacity change from 0 to 1024
[  167.512057][T10523] EXT4-fs: Ignoring removed nobh option
[  167.535339][T10519] loop4: detected capacity change from 0 to 1024
[  167.542946][T10525] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2221'.
[  167.544368][T10519] EXT4-fs: Ignoring removed nomblk_io_submit option
[  167.576682][T10519] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.597289][T10523] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.598486][T10531] loop1: detected capacity change from 0 to 512
[  167.616020][T10531] EXT4-fs: Ignoring removed oldalloc option
[  167.623646][T10519] tmpfs: Bad value for 'nr_inodes'
[  167.633504][T10531] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  167.641514][T10531] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=84fc01c, mo2=0002]
[  167.665746][ T9637] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.682851][T10531] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  167.692413][T10531] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  167.704565][T10531] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  167.727925][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.741695][T10531] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  167.749705][T10541] FAULT_INJECTION: forcing a failure.
[  167.749705][T10541] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.765097][T10541] CPU: 1 PID: 10541 Comm: syz.0.2227 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  167.775350][T10541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  167.785403][T10541] Call Trace:
[  167.788670][T10541]  <TASK>
[  167.791643][T10541]  dump_stack_lvl+0xf2/0x150
[  167.796310][T10541]  dump_stack+0x15/0x20
[  167.800459][T10541]  should_fail_ex+0x229/0x230
[  167.805141][T10541]  should_fail+0xb/0x10
[  167.809336][T10541]  should_fail_usercopy+0x1a/0x20
[  167.814387][T10541]  _copy_to_user+0x1e/0xa0
[  167.818814][T10541]  simple_read_from_buffer+0xa0/0x110
[  167.824186][T10541]  proc_fail_nth_read+0xfc/0x140
[  167.829199][T10541]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  167.834746][T10541]  vfs_read+0x1a2/0x6e0
[  167.838979][T10541]  ? __rcu_read_unlock+0x4e/0x70
[  167.843913][T10541]  ? __fget_files+0x1da/0x210
[  167.848584][T10541]  ksys_read+0xeb/0x1b0
[  167.852816][T10541]  __x64_sys_read+0x42/0x50
[  167.857320][T10541]  x64_sys_call+0x27e5/0x2d70
[  167.862071][T10541]  do_syscall_64+0xc9/0x1c0
[  167.866568][T10541]  ? clear_bhb_loop+0x55/0xb0
[  167.871588][T10541]  ? clear_bhb_loop+0x55/0xb0
[  167.876331][T10541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.882230][T10541] RIP: 0033:0x7f227b61d6bc
[  167.886636][T10541] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  167.906334][T10541] RSP: 002b:00007f227a8a0040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  167.914746][T10541] RAX: ffffffffffffffda RBX: 00007f227b7acf60 RCX: 00007f227b61d6bc
[  167.922707][T10541] RDX: 000000000000000f RSI: 00007f227a8a00b0 RDI: 0000000000000004
[  167.930664][T10541] RBP: 00007f227a8a00a0 R08: 0000000000000000 R09: 0000000000000000
[  167.938645][T10541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.946626][T10541] R13: 000000000000000b R14: 00007f227b7acf60 R15: 00007ffef5666888
[  167.954605][T10541]  </TASK>
[  167.962856][T10543] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2224'.
[  167.974050][ T9832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.032303][T10554] netlink: 94 bytes leftover after parsing attributes in process `syz.4.2232'.
[  168.078239][T10558] FAULT_INJECTION: forcing a failure.
[  168.078239][T10558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.091937][T10558] CPU: 0 PID: 10558 Comm: syz.1.2233 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  168.102168][T10558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  168.112333][T10558] Call Trace:
[  168.115605][T10558]  <TASK>
[  168.118606][T10558]  dump_stack_lvl+0xf2/0x150
[  168.123332][T10558]  dump_stack+0x15/0x20
[  168.127568][T10558]  should_fail_ex+0x229/0x230
[  168.132264][T10558]  should_fail+0xb/0x10
[  168.136444][T10558]  should_fail_usercopy+0x1a/0x20
[  168.141572][T10558]  _copy_to_user+0x1e/0xa0
[  168.146046][T10558]  simple_read_from_buffer+0xa0/0x110
[  168.151421][T10558]  proc_fail_nth_read+0xfc/0x140
[  168.156363][T10558]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  168.161905][T10558]  vfs_read+0x1a2/0x6e0
[  168.166051][T10558]  ? __rcu_read_unlock+0x4e/0x70
[  168.171068][T10558]  ? __fget_files+0x1da/0x210
[  168.175781][T10558]  ksys_read+0xeb/0x1b0
[  168.179993][T10558]  __x64_sys_read+0x42/0x50
[  168.184502][T10558]  x64_sys_call+0x27e5/0x2d70
[  168.189176][T10558]  do_syscall_64+0xc9/0x1c0
[  168.193736][T10558]  ? clear_bhb_loop+0x55/0xb0
[  168.198485][T10558]  ? clear_bhb_loop+0x55/0xb0
[  168.203158][T10558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.209042][T10558] RIP: 0033:0x7f249bc696bc
[  168.213504][T10558] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  168.233125][T10558] RSP: 002b:00007f249aeec040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  168.241586][T10558] RAX: ffffffffffffffda RBX: 00007f249bdf8f60 RCX: 00007f249bc696bc
[  168.249600][T10558] RDX: 000000000000000f RSI: 00007f249aeec0b0 RDI: 0000000000000005
[  168.257572][T10558] RBP: 00007f249aeec0a0 R08: 0000000000000000 R09: 0000000000000000
[  168.265809][T10558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  168.273765][T10558] R13: 000000000000000b R14: 00007f249bdf8f60 R15: 00007fff5604a8e8
[  168.281729][T10558]  </TASK>
[  168.387239][T10581] PM: Enabling pm_trace changes system date and time during resume.
[  168.387239][T10581] PM: Correct system time has to be restored manually after resume.
[  168.423215][T10585] loop3: detected capacity change from 0 to 512
[  168.436987][T10585] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  168.445496][T10585] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.2242: invalid indirect mapped block 2683928664 (level 1)
[  168.459999][T10585] EXT4-fs (loop3): 1 truncate cleaned up
[  168.472244][T10585] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.506664][T10599] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  168.616652][T10607] loop4: detected capacity change from 0 to 2048
[  168.635251][T10605] syz.1.2247(10605): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  168.663024][T10605] 9pnet_fd: Insufficient options for proto=fd
[  168.675521][T10607] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.705342][T10619] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2249'.
[  168.709551][ T9637] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.726326][T10585] tmpfs: Unsupported parameter 'huge'
[  168.763862][T10626] loop4: detected capacity change from 0 to 256
[  168.787231][ T9015] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.855293][T10635] loop4: detected capacity change from 0 to 512
[  168.862104][T10635] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  168.872911][T10635] EXT4-fs (loop4): 1 truncate cleaned up
[  168.948471][T10643] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  169.045902][T10649] loop3: detected capacity change from 0 to 512
[  169.072805][T10649] EXT4-fs error (device loop3): __ext4_fill_super:5447: inode #2: comm syz.3.2261: casefold flag without casefold feature
[  169.090857][T10649] EXT4-fs (loop3): Remounting filesystem read-only
[  169.097474][T10649] EXT4-fs (loop3): get root inode failed
[  169.103128][T10649] EXT4-fs (loop3): mount failed
[  169.158523][T10649] loop3: detected capacity change from 0 to 1024
[  169.183323][T10649] EXT4-fs: Ignoring removed nomblk_io_submit option
[  169.193618][T10649] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  169.205080][T10649] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  169.222337][T10649] System zones: 0-1, 3-36
[  169.241856][T10649] netlink: 'syz.3.2261': attribute type 1 has an invalid length.
[  169.431949][T10672] xt_CT: You must specify a L4 protocol and not use inversions on it
[  169.453627][T10670] loop4: detected capacity change from 0 to 512
[  169.516417][T10670] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.553772][T10670] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2266'.
[  169.655930][T10678] loop1: detected capacity change from 0 to 164
[  169.680223][ T9637] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /82/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  169.701723][ T9637] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 12: comm syz-executor: path /82/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  169.723069][ T9637] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /82/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  169.731730][T10681] loop1: detected capacity change from 0 to 512
[  169.750996][T10681] EXT4-fs: Ignoring removed i_version option
[  169.757093][T10681] EXT4-fs: Ignoring removed nobh option
[  169.761082][ T9637] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 14: comm syz-executor: path /82/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  169.763060][T10681] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  169.783958][ T9637] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 15: comm syz-executor: path /82/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  169.794984][T10681] EXT4-fs (loop1): 1 truncate cleaned up
[  169.814848][ T9637] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /82/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  169.840930][ T9637] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 17: comm syz-executor: path /82/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  169.863664][ T9637] EXT4-fs error (device loop4): ext4_map_blocks:580: inode #2: block 18: comm syz-executor: lblock 23 mapped to illegal pblock 18 (length 1)
[  170.086075][T10701] IPVS: Error connecting to the multicast addr
[  170.176325][ T3890] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.415341][ T3890] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.555626][ T3890] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.637984][ T3890] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.778606][ T3890] bridge_slave_1: left allmulticast mode
[  170.784471][ T3890] bridge_slave_1: left promiscuous mode
[  170.790366][ T3890] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.809070][ T3890] bridge_slave_0: left allmulticast mode
[  170.814774][ T3890] bridge_slave_0: left promiscuous mode
[  170.820618][ T3890] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.014190][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  171.014205][   T29] audit: type=1400 audit(1720561276.113:3869): avc:  denied  { execute } for  pid=10721 comm="syz.0.2283" path="/77/cpu.stat" dev="tmpfs" ino=434 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  171.177296][ T3890] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  171.191037][T10730] loop1: detected capacity change from 0 to 1024
[  171.201400][ T3890] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  171.214530][   T29] audit: type=1326 audit(1720561276.403:3870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10731 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee6cb55bd9 code=0x7ffc0000
[  171.238495][   T29] audit: type=1326 audit(1720561276.403:3871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10731 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fee6cb55bd9 code=0x7ffc0000
[  171.262048][   T29] audit: type=1326 audit(1720561276.403:3872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10731 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee6cb55bd9 code=0x7ffc0000
[  171.285664][   T29] audit: type=1326 audit(1720561276.403:3873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10731 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee6cb55bd9 code=0x7ffc0000
[  171.309218][   T29] audit: type=1326 audit(1720561276.403:3874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10731 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fee6cb55bd9 code=0x7ffc0000
[  171.329925][T10730] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  171.332582][   T29] audit: type=1326 audit(1720561276.403:3875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10731 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee6cb55bd9 code=0x7ffc0000
[  171.343551][T10730] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  171.366975][   T29] audit: type=1326 audit(1720561276.403:3876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10731 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee6cb55bd9 code=0x7ffc0000
[  171.393951][T10730] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  171.399928][   T29] audit: type=1326 audit(1720561276.403:3877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10731 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fee6cb55bd9 code=0x7ffc0000
[  171.399953][   T29] audit: type=1326 audit(1720561276.403:3878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10731 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee6cb55bd9 code=0x7ffc0000
[  171.415316][T10730] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #3: comm syz.1.2284: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  171.476724][ T3890] bond0 (unregistering): Released all slaves
[  171.511890][T10730] EXT4-fs (loop1): no journal found
[  171.517176][T10730] EXT4-fs (loop1): can't get journal size
[  171.612865][T10741] loop0: detected capacity change from 0 to 512
[  171.631391][ T3890] hsr_slave_0: left promiscuous mode
[  171.637118][ T3890] hsr_slave_1: left promiscuous mode
[  171.644607][ T3890] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.652107][ T3890] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.660305][T10741] EXT4-fs: Ignoring removed orlov option
[  171.679261][ T3890] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.686855][ T3890] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.697187][T10741] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102]
[  171.705729][ T3890] veth1_macvtap: left promiscuous mode
[  171.711270][ T3890] veth0_macvtap: left promiscuous mode
[  171.715686][T10741] System zones: 1-12
[  171.716855][ T3890] veth1_vlan: left promiscuous mode
[  171.725899][ T3890] veth0_vlan: left promiscuous mode
[  171.727406][T10741] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz.0.2286: casefold flag without casefold feature
[  171.750847][T10741] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz.0.2286: couldn't read orphan inode 15 (err -117)
[  171.854209][T10759] __nla_validate_parse: 4 callbacks suppressed
[  171.854223][T10759] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2291'.
[  171.871490][ T3890] team0 (unregistering): Port device team_slave_1 removed
[  171.893921][T10762] netlink: 66 bytes leftover after parsing attributes in process `syz.0.2292'.
[  171.904532][ T3890] team0 (unregistering): Port device team_slave_0 removed
[  171.959132][T10765] hub 9-0:1.0: USB hub found
[  171.965869][T10765] hub 9-0:1.0: 8 ports detected
[  171.971215][T10767] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10767 comm=syz.0.2293
[  172.000491][T10714] chnl_net:caif_netlink_parms(): no params data found
[  172.057317][T10714] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.064624][T10714] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.071925][T10714] bridge_slave_0: entered allmulticast mode
[  172.078376][T10714] bridge_slave_0: entered promiscuous mode
[  172.085565][T10714] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.092761][T10714] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.100163][T10714] bridge_slave_1: entered allmulticast mode
[  172.106740][T10714] bridge_slave_1: entered promiscuous mode
[  172.136651][T10787] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2300'.
[  172.147902][T10787] vlan2: entered promiscuous mode
[  172.155888][T10714] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  172.166626][T10714] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  172.191017][T10793] netlink: 66 bytes leftover after parsing attributes in process `syz.3.2302'.
[  172.211847][T10714] team0: Port device team_slave_0 added
[  172.226570][T10797] loop3: detected capacity change from 0 to 512
[  172.237055][T10714] team0: Port device team_slave_1 added
[  172.255684][T10797] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  172.263845][T10797] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  172.276344][T10714] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.277118][T10797] System zones: 0-1, 15-15, 18-18
[  172.283323][T10714] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.283440][T10714] ==================================================================
[  172.288741][T10714] BUG: KCSAN: data-race in data_push_tail / number
[  172.288767][T10714] 
[  172.288773][T10714] write to 0xffffffff883fe108 of 1 bytes by task 10797 on cpu 0:
[  172.288787][T10714]  number+0x7d0/0xa90
[  172.288798][T10797] , 34-34
[  172.288806][T10714]  vsnprintf+0xa44/0xe30
[  172.288830][T10714]  vscnprintf+0x42/0x90
[  172.288849][T10714]  printk_sprint+0x30/0x2d0
[  172.288868][T10714]  vprintk_store+0x4a4/0x810
[  172.288886][T10714]  vprintk_emit+0x10c/0x5e0
[  172.288902][T10714]  vprintk_default+0x26/0x30
[  172.288917][T10714]  vprintk+0x75/0x80
[  172.288935][T10714]  _printk+0x7a/0xa0
[  172.288964][T10714]  ext4_setup_system_zone+0x5a8/0x720
[  172.288998][T10714]  ext4_fill_super+0x32f6/0x39e0
[  172.289029][T10714]  get_tree_bdev+0x253/0x2e0
[  172.289050][T10714]  ext4_get_tree+0x1c/0x30
[  172.289075][T10714]  vfs_get_tree+0x56/0x1d0
[  172.289103][T10714]  do_new_mount+0x227/0x690
[  172.289122][T10714]  path_mount+0x49b/0xb30
[  172.289139][T10714]  __se_sys_mount+0x27f/0x2d0
[  172.289159][T10714]  __x64_sys_mount+0x67/0x80
[  172.289181][T10714]  x64_sys_call+0x25c9/0x2d70
[  172.289209][T10714]  do_syscall_64+0xc9/0x1c0
[  172.289229][T10714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.289249][T10714] 
[  172.289255][T10714] read to 0xffffffff883fe108 of 8 bytes by task 10714 on cpu 1:
[  172.289270][T10714]  data_push_tail+0x102/0x430
[  172.289292][T10714]  data_alloc+0xbe/0x2c0
[  172.289317][T10714]  prb_reserve+0x85e/0xb60
[  172.289346][T10714]  vprintk_store+0x53f/0x810
[  172.289362][T10714]  vprintk_emit+0x10c/0x5e0
[  172.289377][T10714]  vprintk_default+0x26/0x30
[  172.289396][T10797] EXT4-fs (loop3): orphan cleanup on readonly fs
[  172.289395][T10714]  vprintk+0x75/0x80
[  172.289414][T10714]  _printk+0x7a/0xa0
[  172.289442][T10714]  batadv_hardif_enable_interface+0x504/0x640
[  172.289470][T10714]  batadv_softif_slave_add+0x62/0xd0
[  172.289490][T10714]  do_setlink+0x968/0x2490
[  172.289510][T10714]  rtnl_newlink+0x11a1/0x1690
[  172.289525][T10714]  rtnetlink_rcv_msg+0x85e/0x910
[  172.289544][T10714]  netlink_rcv_skb+0x12c/0x230
[  172.289567][T10714]  rtnetlink_rcv+0x1c/0x30
[  172.289585][T10714]  netlink_unicast+0x58d/0x660
[  172.289605][T10714]  netlink_sendmsg+0x5ca/0x6e0
[  172.289615][T10797] EXT4-fs warning (device loop3): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  172.289641][T10714]  __sock_sendmsg+0x140/0x180
[  172.289666][T10797] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  172.289673][T10714]  __sys_sendto+0x1e5/0x260
[  172.289690][T10714]  __x64_sys_sendto+0x78/0x90
[  172.289707][T10714]  x64_sys_call+0x16d7/0x2d70
[  172.289727][T10714]  do_syscall_64+0xc9/0x1c0
[  172.289754][T10714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.289776][T10714] 
[  172.289781][T10714] value changed: 0x00000000fffff804 -> 0x00000000ffff0038
[  172.289800][T10714] 
[  172.289803][T10714] Reported by Kernel Concurrency Sanitizer on:
[  172.289809][T10714] CPU: 1 PID: 10714 Comm: syz-executor Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
[  172.289841][T10714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  172.289852][T10714] ==================================================================
[  172.289885][T10797] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2305: bg 0: block 40: padding at end of block bitmap is not set
[  172.326756][T10797] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  172.330657][T10714] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.333030][T10797] EXT4-fs (loop3): 1 truncate cleaned up
[  172.378978][T10714] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.679109][T10714] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.705094][T10714] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.835601][T10714] hsr_slave_0: entered promiscuous mode
[  172.845413][T10714] hsr_slave_1: entered promiscuous mode
[  172.852995][T10714] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  172.863071][T10714] Cannot create hsr debugfs directory
[  173.106934][T10714] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  173.115648][T10714] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  173.124558][T10714] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  173.132935][T10714] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  173.166597][T10714] 8021q: adding VLAN 0 to HW filter on device bond0
[  173.177826][T10714] 8021q: adding VLAN 0 to HW filter on device team0
[  173.195542][ T6067] bridge0: port 1(bridge_slave_0) entered blocking state
[  173.202714][ T6067] bridge0: port 1(bridge_slave_0) entered forwarding state
[  173.211765][ T6067] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.218928][ T6067] bridge0: port 2(bridge_slave_1) entered forwarding state
[  173.276659][T10714] 8021q: adding VLAN 0 to HW filter on device batadv0
[  173.374970][T10714] veth0_vlan: entered promiscuous mode
[  173.383164][T10714] veth1_vlan: entered promiscuous mode
[  173.398082][T10714] veth0_macvtap: entered promiscuous mode
[  173.406181][T10714] veth1_macvtap: entered promiscuous mode
[  173.417244][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.427892][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.437791][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.448221][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.458157][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.468569][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.478389][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.488885][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.498813][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.509225][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.519992][T10714] batman_adv: batadv0: Interface activated: batadv_slave_0
[  173.530891][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.541350][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.551167][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.561668][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.571583][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.582049][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.591855][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.602287][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.612119][T10714] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.622596][T10714] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.633800][T10714] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.644591][T10714] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.653281][T10714] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.662070][T10714] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.670752][T10714] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0