last executing test programs:

10.96292745s ago: executing program 3 (id=2499):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
fcntl$setstatus(r1, 0x4, 0x42000)
syz_emit_ethernet(0x76, &(0x7f00000001c0)={@link_local, @random="86082b9827c1", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb3e02", 0x40, 0x3a, 0x0, @private2, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "0200", 0x0, 0x11, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, [@dstopts={0x0, 0x0, '\x00', [@pad1]}]}}}}}}}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x92, 0x8, &(0x7f0000000340)="02549a095b1c0371944c3317e1683fd2114b3ddd3fdcf807012956ed7cae3910df1ca63ebfb7f4d453642996b984200a25c9467cea6109c24757755d8ee7956687103060b6f93661f6fe845d105894f2f80e292d303d66197eb8e15bb3a1075ec62a37c261004810c0da2c0b666418c15d451fac93cb7c8be241748b3bd87057c45a42a209242f3db19ee1dc493a7e958062", &(0x7f0000000180)=""/8, 0xfff, 0x0, 0xaf, 0x4e, &(0x7f00000004c0)="4bd7f718e6be253a11541b8d2ee06cf55f969e43f07292b21f1b3ae247266894439b064bdf0d2b52dce55085a939f1734bd3adfe1600679ff34509cb80e702fd1d371ccbe374ecd0131cfc8e09e48b5ebab16964c69b8bf21488efc5a2ad289cd1dd35d9c7d07f5c3b25949e7e6f5d7b7a38e7fd728a7952af13e008843ecd11f83bd417aeb463c75f5d88889158b29a9fa0483454441b685787c3b845ca1c94e391ab13c5bbec6ae62a4b4e688546", &(0x7f0000000580)="5167e653db581234846869cd0587734fc146a38ddcf0fd8946ed34fbf7c41add4b6820ba11e8c1f3db4b732db2099bc3caf2f3d10fec348b62a28a60d5ad10e45d7deaecdd0c86f9c507d5395200", 0x3, 0x0, 0x7}, 0x50)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r5, 0xc5594286d776c8c5}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r5}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x9d}]}}}]}, 0x44}}, 0x0)
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x5e13, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty}}}], 0x20, 0x74}}], 0x1, 0x0)
open(0x0, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000100)='oom_score_adj\x00')
write$cgroup_int(r6, &(0x7f0000000040), 0x12)
r7 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r7)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400), r6)
sendmsg$IPVS_CMD_DEL_DAEMON(r7, &(0x7f00000007c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000680)={0xe0, r8, 0x1, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x53de}, @IPVS_CMD_ATTR_DAEMON={0x54, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xee}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1_to_bridge\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xffffffff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x5c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, '\x00', 0x13}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x28, 0x9}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x31}}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x5c}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xb}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@multicast2}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x80000}, 0x20000800)
capset(&(0x7f00000000c0)={0x20080522}, &(0x7f0000000100))
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$SO_COOKIE(r9, 0x1, 0x2f, &(0x7f0000000080), &(0x7f00000000c0)=0x8)

10.944164941s ago: executing program 3 (id=2502):
socket$netlink(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r2 = gettid()
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x48000000, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x300, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r2}}]}, 0x3c}}, 0x0)

10.176735023s ago: executing program 3 (id=2527):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x2a14000, &(0x7f0000000480)={[{@user_xattr}, {@init_itable_val={'init_itable', 0x3d, 0x3}}, {@discard}, {@max_batch_time={'max_batch_time', 0x3d, 0x4000000}}, {@block_validity}, {@i_version}, {}, {@min_batch_time={'min_batch_time', 0x3d, 0x8}}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@noquota}, {@stripe={'stripe', 0x3d, 0xff}}, {@discard}, {@block_validity}, {@user_xattr}, {@grpid}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00')
r1 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x1217880, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
sendfile(r1, r0, 0x0, 0x80000604)

10.016198996s ago: executing program 3 (id=2528):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
fcntl$setstatus(r1, 0x4, 0x42000)
syz_emit_ethernet(0x76, &(0x7f00000001c0)={@link_local, @random="86082b9827c1", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb3e02", 0x40, 0x3a, 0x0, @private2, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "0200", 0x0, 0x11, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, [@dstopts={0x0, 0x0, '\x00', [@pad1]}]}}}}}}}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x92, 0x8, &(0x7f0000000340)="02549a095b1c0371944c3317e1683fd2114b3ddd3fdcf807012956ed7cae3910df1ca63ebfb7f4d453642996b984200a25c9467cea6109c24757755d8ee7956687103060b6f93661f6fe845d105894f2f80e292d303d66197eb8e15bb3a1075ec62a37c261004810c0da2c0b666418c15d451fac93cb7c8be241748b3bd87057c45a42a209242f3db19ee1dc493a7e958062", &(0x7f0000000180)=""/8, 0xfff, 0x0, 0xaf, 0x4e, &(0x7f00000004c0)="4bd7f718e6be253a11541b8d2ee06cf55f969e43f07292b21f1b3ae247266894439b064bdf0d2b52dce55085a939f1734bd3adfe1600679ff34509cb80e702fd1d371ccbe374ecd0131cfc8e09e48b5ebab16964c69b8bf21488efc5a2ad289cd1dd35d9c7d07f5c3b25949e7e6f5d7b7a38e7fd728a7952af13e008843ecd11f83bd417aeb463c75f5d88889158b29a9fa0483454441b685787c3b845ca1c94e391ab13c5bbec6ae62a4b4e688546", &(0x7f0000000580)="5167e653db581234846869cd0587734fc146a38ddcf0fd8946ed34fbf7c41add4b6820ba11e8c1f3db4b732db2099bc3caf2f3d10fec348b62a28a60d5ad10e45d7deaecdd0c86f9c507d5395200", 0x3, 0x0, 0x7}, 0x50)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r5, 0xc5594286d776c8c5}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r5}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x9d}]}}}]}, 0x44}}, 0x0)
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x5e13, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty}}}], 0x20, 0x74}}], 0x1, 0x0)
open(0x0, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000100)='oom_score_adj\x00')
write$cgroup_int(r6, &(0x7f0000000040), 0x12)
r7 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r7)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400), r6)
sendmsg$IPVS_CMD_DEL_DAEMON(r7, &(0x7f00000007c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000680)={0xe0, r8, 0x1, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x53de}, @IPVS_CMD_ATTR_DAEMON={0x54, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xee}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1_to_bridge\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xffffffff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x5c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, '\x00', 0x13}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x28, 0x9}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x31}}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x5c}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xb}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@multicast2}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x80000}, 0x20000800)
capset(&(0x7f00000000c0)={0x20080522}, &(0x7f0000000100))
getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x2f, &(0x7f0000000080), &(0x7f00000000c0)=0x8)

3.830752559s ago: executing program 3 (id=2701):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d0000000700000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_DREG={0x8, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELRULE={0x14}], {0x14}}, 0x8c}}, 0x0)

1.261328988s ago: executing program 0 (id=2749):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000080)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x6, 0x0, "9ecf3315567f14d56a87d134cc409e2a652dbbf6c50480937c6fa85af81bc6fc54b71f039802572c070000007692efcda8853b8a4430503621f06679995d916cb4361795dd7dbae51d07384b7c2e6949"}, 0xd8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$kcm(0x10, 0x0, 0x0)
clock_nanosleep(0x0, 0x0, 0x0, 0xfffffffffffffffe)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r3, &(0x7f0000000000)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000100))
r4 = syz_open_pts(r3, 0x82101)
r5 = dup3(r4, r3, 0x0)
writev(r5, &(0x7f0000001680)=[{&(0x7f0000001280)='7', 0x1}], 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e14060ec00000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r6 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000000c0), &(0x7f00000001c0)=0x4)
write$UHID_CREATE2(r7, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
getsockopt$llc_int(r6, 0x10c, 0x2, 0x0, &(0x7f0000000000))

1.020710328s ago: executing program 1 (id=2757):
listen(0xffffffffffffffff, 0x0)
accept(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)={0x1c, r3, 0x1, 0xffffff7f, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
sendmsg$NFC_CMD_FW_DOWNLOAD(0xffffffffffffffff, 0x0, 0x0)
write$nci(r0, &(0x7f000000a600)=@NCI_OP_RF_INTF_ACTIVATED_NTF={0x1, 0x0, 0x3, 0x5, 0x6, @f={0x18, 0x2, 0x3, 0x2, 0x7, 0x8, 0x1f, {0xfc, 0x1, '<'}, 0x5, 0x8, 0x8a, 0x8, 0x1, '}'}}, 0x13)
socket$inet6_sctp(0xa, 0x0, 0x84)

874.098799ms ago: executing program 0 (id=2760):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@bridge_delneigh={0x1c, 0x11, 0x1, 0x0, 0x0, {0x7}}, 0x1c}}, 0x0)

856.307431ms ago: executing program 4 (id=2761):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mbind(&(0x7f000066d000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x4000000, 0x0)

808.835244ms ago: executing program 0 (id=2762):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000400)={&(0x7f0000000280)="14", 0x0, 0x0, 0x0}, 0x38)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
ioctl$TCSETS(r0, 0x80045440, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "bb5dee00"})

807.494125ms ago: executing program 1 (id=2764):
r0 = socket(0x9, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2712, &(0x7f0000005ec0)=""/102394, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
r1 = epoll_create1(0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB], 0x0, 0x3e}, 0x20)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
preadv(r2, &(0x7f0000000640)=[{&(0x7f0000000140)=""/134, 0x86}], 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100))
shutdown(r3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x7}, 0x14000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000646c6c2500000000002020207b1af8ff000000009fa100000000000007010000f8ffffffb702000008000000b703000000020000850000000600000095"], &(0x7f00000000c0)='syzkaller\x00', 0x1}, 0x90)
getsockname$packet(r4, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r6 = creat(&(0x7f0000000040)='./file0\x00', 0xea)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000000)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r6)
execve(&(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000080)=[&(0x7f0000000780)='g\\B\xc6+\xd5\xb9\x93L\\\x87\x84K\xb9!\x03X =z\\\x14\xec*\xed\xa6u\xc4\x14=\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9=?i\x86Lpw\xba\xe1\v\x1a9G\a\xf9\xe0\xef\xf6f\xd6\fpfP\xcf\xee<\\C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1dC\xba2\xa6u\x14\x0ee\xef\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xae\xa0\"(\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95h\xd7PN\xf1\xe7\xe2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5bP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\xa1w,\xc7\x15oA\xc5m\xbb\x15\xd1\x1e\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4moccU\xb5\\\xf5\x05\xec\xa7\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xacd\x9d=d\xae\xbf\xd7K\x9do)p\x00!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x19f\xd3\t\xf8\x96\'\x8c{\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xf3\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac\xca\xc2-\xfc\xe8\xc3qAt\b\x94\xee\x9e4\x85\xd0\xfe+\xc0\x17\xbfE\x15\xfdZ\xce\x954v\x8a\x05\xde\xaal\xf4\x82\xe2?\xabS\xe4\xe2\xe1\xd83\x17\xfe\xf8~\x04\xb6\x11\xc4K3\x82\x127\xf7\xc7\x06\x177\x8bWF\xb21\xce\xc7\x19|\x9f\xe87\x80\xbc\xac\xb6;\xcc\xafr\xbd\x90\xde9\x0e\xda\x05\x86\xf0i\xf4{\xbf\x82#\xfd9\xdc\xa7\x01\x00\x12\xea1K\xc9\xe1\xfdv#0U\xd2\t\x14\x10\xe6\xfc\xba\xa1\xac=\xfd\xd7\xa8\xc8\x18\x00\x00\x00\xc4w', &(0x7f0000002ec0)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K9\"\xf1@\a\xea\xbb\xfe\x9cY\xfc\x80\x99\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7\xf7\xff]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13mNP\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0=k\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xba\x87\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7*\xecl\xbfp\xc3x\xc3\xc1r\xbe7\xb5\xa3\xf11[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80=\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9oQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tr\xb4\xc4\x929\x01\xee\xe6\n\x8ba\xde\xdbsAzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44LB\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf)\xee\xab\xb3C\x92\x8e\x80\xb1\x01\x85\xb1v\xae*\xa7])n)+\xd9\xcf\xe9\x9ag\x8a*u\xe4e?\xf9\x93\x93u\xd2M\xfd\xa1\xc5\xff\xd9\x15-\xabH\x90\x04\xea\x88\"\xfe\v\x1d\xa5}H\xee\xc7\x94\xdb\x02\xf7\t5\x1e\xd6~R\x9e\xb5NV)\xa6\x1ff\xde\xbf\x97V\x87\v\x94\xb4\xb0\x7f3\xa3\x85c=\xb0\x8ab\x06\xfa\xe9\xb3\x1d\x0e0\xfe\xc7\xf9\xde\xd6\xe6\x14O\xc8\xff7\xd8\xed\xc6\xdf\x01\xb3\n8\xbf\xbe\x1e\v\x18\xd9\xb3+X4\xb5S\xe7\xf6oO;\xc5\xc8-\x9e\xb5\xbe\x97\xb4k\xd2n\xfa\xd1\x82\x16\xea\x93\xc7\xb3?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xf2K\xe9\xcf\xc6y\xb00\xe0\xa0\f\xef\x02\xd5 (S\xffhY\"\x83\x05M\x0f\v\xec0B\x1f\xd7\x80\xdaL\xa2Q\x8c\xde\x17* \xf5)tk\xb6\xb9\x86?\x1a\xff\xdc\xecP\xd1w1\xf4a\x00r\x06,\x86S\x11)\xf4\x16W\xd6\x86\x10\x02\x15mod\x854\xd4\'^\xb6\xe9f\xd6:\xfc5%\x16\xc5\xa5\xf1\x11k\xdd{\xaai\x8a\xde\xa6\x18,H\xd8\xe5\xf5g\xe7U\\(\x01\xc5\xde\x1d\x8acHf\x86`9qV|=\xbb\xd1\x95\x0f\x86\xffa\xb1\xdb\x82l\xc3\xcf\x88\xeeJ\xda\x8b0f\xac\xc2n\xd1\')\xf2\xaf\xc0\x06\x01\xb4b\xef\xa8!\xf9\n\xf7{C\xdc`h\b6>\x171\x16\x89\xa8\xe9OC\x7f\xb1\x1c\xd4\xd5\xa7\x7f\xfd\xa8Y\xf0s_\xfb\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00.\xeb\x1a\x18\xf1h\x04\xa8\xe8\x92\xe6\xbc\xe1O\xcfq\x877\xa8\xbb\xaa\xa2\xde\xf6\xca\v\x95S4\xe61\x8d\xa4\xf6\xf3\xcf\xbe\x80\xa4\x80\xe1~\xdah\x13\xdc\xcb\x01=\xd5}\b\x1b\x97\x13wk\xec\x15\x18\xc4{\xcc\x0e\xf0D\xad\xf4\x912k\x89 \xc0\x00)HrQ8y\xb3\xf6\x96F\x90\xd43zq\x1f\xc7\x8a\x92\x8e', &(0x7f0000001e80)='gcB\xc6+[;\x88\xfe\x97B*[\a\x03\x96l\x1e\b\xd9\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX c\x03\x00\x00\x00\x00\x00\x00\x00\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\xd9\x10#\xf5b|i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfE\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\x00\x00Jh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8f_\xda8l\xc8\xa2\xb0\xd1t\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c1\xf1\xe7m\xfd\x00\x00\x00\x00\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&\x9c\xbd\xbb\x90\x17$\x9e\\\xee\xc6\x88?)\r@e*\"_^xb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\xfd\x98\x06\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac\xb0\x11i\xcc\xb9BG\x1ac\xbc\xd9&\xb6\xd9\x04\x03\xc6\xebf\x84\xe5\xfe[\xe7\xe6\xb3\xe9\xca\xe7\xc1\xa7\x9aO\xc1\t\x1c\xeb\xfbl\xa4\x80KQG\x80\xcd\xdd\t\x91\xdb}\xb1\xde\xf9\xbe=\x8b\xde\xf2G\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf7\xa9\x99t\x87 \x9f\x03}\x8d\x1b\x14\x1eU.r\xe1\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000d00)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!3\xf2\x84\xa9H\x92\x1e4\"u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6 \x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJ9\x13V\x1e\b\x16\xf6/\xc3{h\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\x1f\x02)sP%Z\xad\x83\xda\xbe2r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xafd\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91_]\xb26\xbf\x9cA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10`xb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0\xd8k\xb7vo?1H\x86\x032\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\xf2\a\x00\x00\x00\x00\x00\x00\x00\x00\x13\x9eX$\xe1\x00\x00\x00\x00\x00\x00\x003\xe0\xe3\x0e\xaa\x8e\x9a\x1f\x12\fRw\x11B\x17xO<x6tw\x18\xc4\xf1%\xd8S\xdd\"6\xa3s\x99O\xb0\xf2/0\x1d\x04\xcc\xadVr\x9bP\xd0Z3\xa7\xdd@\xf9a\xe6\xa1\x9c#\xb9\xb8\xb0\xc6r\"\xdd\xc4\xe5\xf8\xb5\xacF\x9aP\xbd\xf0\x94\x99;\x18\xd4\x9d\xf2f\x93\v\xe0\x8c\x91\x87\xd3\xc57\xe2\x11r\xea(\xb7\xd1\xba\x00C\x00(?\xeb34\xea\x865lD\xd4\xc7\x91*\x8e\x0f\xf6Zl^\xe1\x9b\xab}\xe7;\xd3h\xda4\xb5r\xe9l\xd1F\xdepA\x02\x90X\xed\x10\x98\xa2\xfb=\xdb\xba7\xf0Y\xafUt\x12\xe7\x87wbd\x86R\x02\xa7\xa3F\a\x83\x19;\xeb\xba\bm\x84\xba\x90\xd8\x9f\xc2\xb3V\xd0\xd8M\x1eM\x8d\x1a.\xea\xea:A$:/\x96\xf1\xb8\xdd\xa3\b?\x8b%\xce\x8a]\xb4!n \xcd\xdc\xc0\xca$\x8dA\xce\xd4\xab\x1at\x1b\x87\xc1W\xff\x91%6]1\xfb \xc9\xa7\xff\x92I\x91\xed\xed-\x89J7\\\x82\xbe\x8e~$\xafbl/\xf4\xad\xc6\x04\x0fZH\x97C^Y\x12\xcd\xab\x9eS\xdb\xfe\x83\xc3\xbb5,hS\x82\xefR.]\xa9\b\xd4o\x92\xf7\x99\xd2\x0e\xef \x83\xb4\xe7\xb6j\xa4\xe3m\xa4\xd7\xaa\x97\xe3\xc9\xcfP\x9e\xb0vU{\x8b3R\x1a\x06\xc3\ts\x8e\x1f\x8b\xc7\xe3\xbe\xc3j\xb6\x83\x0e\xe9*\xc2r7\x92\x8b\xf2\x02\xf0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\xa2\xf7\xafPK8\x0e1\xcez\x00\x00', &(0x7f00000018c0)='gcB\xc6\xcd\xd6\x18H+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xe4*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xebb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xdf\xee<\x9b\xf8-d\xe2\x13\x8a\x19\xbf;\xe2\x14\x80u\xc9\\:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*t\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x10(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xef\"_^5\xd1 H\x17[xS\rO\x880\xf1P\xac]\xc2\xc1\xa8\x1df\xf2$\xa4m\xbd_\xcax\xbd\xf4m\x1e\x18ocmU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG\x053\xb9\x05\xf0\xae\xfc\x88\f\x96+\xd3\xac\xf3\xef\xa7\xb7\xd1Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\b\xb4\xac%~\x12\x7ft\xa9\v\x99\x7f\xce)dC\xef\xca\xc1\x92\xa7C\xae\x9c\xf3\xb0\xb9\t\x8d\xb9p\xcb\xe3csR\xe2\xfbL\x9f\xb3\xa4^\xc1\xf7m0\xa8\xfd\xcf\xfdY\\d\x03(\x89\xe7\xe1\xcf\xa4m3SQc\xbaG\xcd\xce\xf5o@\xfdi\xd1w~\xc8\xb9\x04\b\x00\x00\x00\x00\x00\x00\xd4\xe8\xcaP\x89\x9b\x12\xa7\xdb\x95c=\x16\xd5\x06\xf9O\x87\x02\xcd\xa4\xc0\xa17\x92]_\xa2>\xbb\xc8?\x98\xa6+\xcf^\xa0\xe8\x9a\x9e>O\xbf\xd3Fd\xfe\x9c|0\xdd\x7f\x85^\xdf\xe0\x84\x17\xe5\xc05\x8av\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xcd\xd3o26\x9b\xc9\x90\x1a\x87\x9a\xea0\xc5\x9b\xa8\x8a\xc5\x13\x86\xbd\x86\xbc\x12\xf5\xa2![\x84i\xe1\xb2\xa2\xa1F\xd9{\x95\xdc\xbbc\x8a\xa1B\x10W\x00\x00\x00\x00\x00\x00\x00\x05\xe5.\r\x1dd\xfc\x97\x9dn\xef\xc0\xa6\x9a\xe0\xd5\x98o\x18\xaf\xba\x88\xa4\xbd`Qa\xdc\xcb\xce\xcc\\e\x00\x9f\xd4\xac\xea\xe4\xa3\xfa\x14\x06\xa9\xc0\xbb\x12$\xcf+z\xb0\xc8\x95\xed\xa0&\xafg\xdf\x94\xaaK)\x86~\\\xfd\xb6,\xe1\xe6\xab\x9estQ\x8b\xa0\x8e\x00i\xc3\xb4b)e\x13\xbf\xc1O\x00\xc0\xab\x95\xfa\x12e,\x19 _\xca[\xd1\x9e\xc3N\\1;\xe3t\xaa\xa1\x83\xd1\n\x17\xd2\xd8\x02+\xf1aY\xfb\x00^\x95\xab\x97\x8f#\xeax\r\t\xcb\xb7\xc8\xc7', &(0x7f0000000a00)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX cz\xb8\x14\xec*\xed\xa6u\xc4\x14*\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xe6\\h\\\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xc1\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\x82\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x11\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xa7\x83}\x92W\xeb\xe5\xa3\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occQ\xb6\\\xf5\xf3\xeb\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6z?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\xa6\xa1\xda@\xc7-\x93\xbc4.C\f\x193\x03cz>R\x11\xba\xf9\x17\r\x98\ap\xda-\xb0R\t\x93.r/\xce\xa4\rK\xcb\x1aO\x03z$\xbeYvYn\xddI\xe7\x13\x8f\x15\xefL\xba`\x9d\xea\xed\xf0)s\x12r\x9b\xf2&\xf2-\xc6\xec\x96\x19\xc9\xd7\xda\x06\xad#\x18\xef+\xcdp\x95\xef\xd9\xb9s\x8b\xf3\x8b\x88<\xa0\xa3\xad\x8c\xaf&iMM\xc5>\xa7v\x17\xdf \xca\x86#\xa7[`\xcb7z\xa0P\xd5p\xe9\xddC\xc0\x80M\xd9y\x01\x1c\xe7\x1cdN\xd5x\x89\xc9\xc0\xc4{\x01\xa6o\x9ceZ\xe1\xfa0?\x94\x1f\x9aQ\xb2\xea\br\xfb\xdc\'\xb8\xdbh\x02|\xacW\xd5\xf0Lf\x1e\x17A@\x06\x89\xadg+$/V\r\xc9o\xda3C\xa0\x06\xd4^\x8bQ=k\xa0\xa6\\\x00\x99\x94\x10dy\x7f\xd1\xd2\xe36\xa1\xd3\xb1o\x7f0:}\xad\xd04\x96\b\x80/\x9a\xfc\a\'\x83\xb8\xcd\xb1\xf5#\tzG\xe86\xfe\x83\x1d\xb3K2\xf0\x8f\xde\x85\x00M&\x00\x00O\x86\xec2/\xea\xe6$(L\x85\xf8Y\xcf,\xa3\x87^\xe1\xd8F\xe4AJ\xaa\x1f\xe9\xff?\x9aF\x97M\x80\xe9LR\xdc\x9f~\xce\xb5\xef\x14M\f#>O\xb44L`\xc6a\x82\xc5\x107\xae\xdb\v\xf7\xc4k\xab\xf8:\x1fj\xa2vf\xab', &(0x7f00000012c0)='gcB\xc6+\xbf\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xdf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0vl\v\x03\b\xadT\a\x14\xd7\xd7\xb5\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m\xb3\fv\xc5\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x16\xf0\xf9s\x9af$\xb3x\x8d\xf1\xe7\xe2\xad\xdd\xdf\xb7\xe8Ac*t\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x10(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xba\xd1\x91]]\xb26\xbfA\x96\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x16\xf0\xcc\a\x10dxb\xc2\x13m[xS\rO\x880\xf1P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5^\xf5\x05\xec\xa3\x98\f1\t\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xcex\xdb\xf6zG!3\xb9\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x01\xfd\xb8\x99\x9c\x19\xb4\xac%~\x12\x7ft\xa9A\x1brx\x87\xa16\x93\xd5fap\x83k\xf6O\v\xae\x9c\xf3\xb0\xb9\t\x8d\xb9p\xcb\xe3csR\xe2\xfbL\x9f\xb3\xa4^\xc1\xf7m0\xa8\x1b\xd0\xfdY\\d\x03(\x89\xe7\xe1G\xcd\xce\xf5o@\xfdi\xd1w~\xc8\x95\x94\xea\xd4\xe8\xcaP\x89\x9b\x12\xa7\xdb\x95c=\x16\xd5\x06\xf9O\xa6+\xcf\n\xd5\xad\x15^\xa0\xe8\x9a\x9e>O\xbf\xd3Fd\xfe\xe7\xc7X\xeaf\x9cn0\xdd\x7f\x85^\xdf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`DK\x17\xe9s2\xe0\xe2[IZS5\xa9\x00\x00\x00\x00\x00\xd5\x84\xc4\x91d\\L\xa0|o\xa9\"f\x9ah\xbda~H\xdf\xaf\xa1c\x83+\x00\xb5t\xc28\xb9\x15\xb1\r[g\xab\x1f\xe74N\xa1\xbe\'x\xf7\xfe\xd3=\xfa\nP\xf8\x89M\xd2\xefk.\xaa.\xc3\xddmr\xa3f\t\xfcC\xd7\xc8\xde\xbb\xa6\xf0\x06\xca\xbb\xf4\x0f\xfd\xc1\xca\xd9\x1d\xf0\x12\x94\x02\xdc\xe5`\xfc\x92_\xfe\x82\xcf\xc4\xa1\x8f\x95\xf9e\xbd$\x93V\xf0\xd6\xd9iu\x1d\x00\x00\x00\x00\xed\x9f\n\'\x00\x00\x00\x00\x00\x00\x00\x00x(\xbd\xfd.\xb1I<\xc31H\xe37\xecM:\xc0N\xdd\x81\xb0g\xf7<j\xea\xc9\x1cQ\x9e\xb4\xd7\xa9=c\xbec\xf8z\xdfV\xb3fE1\x8e\xb3\x9b_\xda\xb3M:\xe6wr\xd4P\xb9QU\xddV4#6JE\x06\xeccV\xce@3\xec\xb6\x16\xe3\x88\xfc\xb4\x10$\xc6EH\x9e\xe1\xf6\r\x11h\x1a\xdcs1\x90\x89<E@\xc0#\x82\xbba\a\xe0\xe1O\x84\xb8\x87\xb8V\x7f\xc9mX\x8ct\x92\xe6\xf7\x02Y(\xca\x8b22\\7\x84h\x15\xad\xdc\x93,\xc3\xf8\xcc\x82 ?~\x7f\x82\x91+\xcd\x15\x1d\xe0;\xbd\xdc\xf8 \xb2\xe1O1\xf2\xe4\xbaN\xff\xcf\xdbI\x1f\xb2\x01T6\xba\x9f\xb3\xfd(\x1c\xdd\xef5\x84\x01\xa8v9\x9a\xee\x85\xbe0\x95p5\x1a\xc8\xc7\xb2\x85\x96\xd0`5_\xfe_&|\xe3c\xe2\x03\x9b\xdav\x1c\xf7!\x1d.[Jh\xea\x05\xac\xd5\x95Q\x13&\xcb\n\x13\xbb\x1b\xfe\xc8\xbd\xdePF\xd0Se\xa1V\x1d\xc2\xe2\x9c\xf7y\xb2<\x81\x9b\xf9\x86\x00\xd3\xe0\x7f\x1aX\xba\xa9\x1b\f\xa1z]H\xea1\xf2\xcf\x1e\x88\xa2\x9e|\x14q\xcb\x10\x7f\xf7Wx\r|\xc2$\x00m!\xb2<\xb3^\xca\x17<\xa29l\xc4\tuk\x15{Xd\x95\xfa\xc5\xb4l\x88\x05\xb7\x84?.\x0f\x80\xaf\x83>;I)\xff\xc0\x8d|\x14D\xb2L2\xa4\xacBg=\xb8\xe9\xd0zh\x1d\x1d\xa0\xc8\xacJ\xf2\xe8W\xd9\xa9+6V!\x94\xbd\xec\xac\xad\x8cY\x05\xc4e\xdfc\x9a\xa4u\xad\x01\xf8:\xc0\xea\xae\xd4\xf66A\xf9\x15\xb5]\xf9\x18)v%?g6j\xdd\xd4\xe8\x98\xa3\xbaoi\x802\xd1\xfaZ\xf3!\x983\xb1\xfbH\x9a\x94\xf0\xf0l\xdd[\x99\x9f\x8ftPO`z\x94\xdd\x04_-u\x1aP>W3\xbc\xc9\x9fw<\x97C\xa8\x90\xf0\xe7\xfeUN\xeb\xf7\xf06\xc2\xd8l\x14\xd9>\xa27[R\x02K\x82\x01\x10\x16\x93\'\xafL\x81\x8c\xef\"\x1a\xa8\x15*u\xbb\xbc7u}\x877\xa5s[\x13\xa6\x99Iv~\xf4`+\xdf\xe2\xd1\xfe\x03\b\xcf\x81\xd6\xc5\xcb\xb6\x7f\x8a\xbf#\xc4\xdbq\xd0J\x862iG\xfc\x7fIl\xb9!\x0e\x14\xdcLor\xeb\x16D\x83\xf2f\xfb\at\xd8F\x12\xbe-\n\x04k\x01k\xd7?\x03~h\x9a\b\xae\x1b\xd1\xb2\xbd\xe8\x1c\x8d\xcd\xcbUh\xf6\xfd\xd3\x9c\x06\xd7\x99\t\x0e\xdc\x11\x15\r\x8a\x86X\xdfq\xb2\xc2\x12(\xab\xd2\xca\xd0\x05\xe3u\xfbM\xe0\xf9\xd8\x98\x8b91\x9cJH\xd3\x9c\xd2\xa9\x80M\x96\"\x01\b\xfc\x9a\n\v\x19}?\f\xb6\xd4w\x12r\xba\x90!\xd40\xdaA\x82b\x92\x9f_\xe9\xf5\xba\xf3k\xe4\x9f\xa4\xfd\x15\xa5::\x86\xa7>\xabU\xa5\xe9{Yh\xec\xe9\x14\x12\x19\xb0\x93s\xb6\xe3\x15\xdd\xd4\xf9~$)\xf5\x95\xabU\xec\xc3\xa0!Ac\xe8<u\xda\xe8', &(0x7f0000002640)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xebb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xdf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*t\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x10(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xef\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[xS\rO\x880\xf1P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18ocmU5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xb9\x05\xf0\xae\xfc\x88\f\x96+\xd3\xac\xf3\xef\xa7\xb7\xd1Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\xa5\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x19\x9c\x19\xb4\xac%~\x12\x7ft\xa9\v\xae\x9c\xf3\xb0\xb9\t\x8d\xb9p\xcb\xe3csR\xe2\xfbL\x9f\xb3\xa4^\xc1\xf7m0\xa8\xfd\xcf\xfdY\\d\x03(\x89\xe7\xe1\xcf\xa4m3SQc\xbaG\xcd\xce\xf5o@\xfdi\xd1w~\xc8\xb9\\\a\xeba\x18\x95\x94\xea\xd4\xe8\xcaP\x89\x9b\x12\xa7\xdb\x95c=\x16\xd5\x06\xf9O\x87\x02\xcd\xa4\xc0\xa17\x92]_\xa2>\xbb\xc8?\x98\xa6+\xcf^\xa0\xe8\x9a\x9e>O\xbf\xd3Fd\xfe\x9c|0\xdd\x7f\x85^\xdf\xe0\x84\x17\xe5\xc05\x8av\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xcd\xd3o26\x9b\xc9\x90\x1a\x87\x9a\xea0\xc5\x9b\xa8\x8a\xc5\x13\x86\xbd\x86\xbc\x12\xf5\xa2![\x84i\xe1\xb2\xa2\xa1F\xd9{\x95\xdc\xbbc\x8a\xa1B\x10W\xbe\xc2\xa2\t\xd4\xfdp\x06\xe5.\r\x1dd\xfc\x97\x9dn\xef\xc0\xa6\x9a\xe0\xd5\x98o\x18\xaf\xba\x03\x00\xbd`Qa\xdc\xcb\xce\x91\xcdb\xd7\x9es\v&g\x06\xc3\x01\x004.\x8d\xf7F\xb0\xc4_g\x82\x96M`l\x84\xd9\xab\xd6\xacYBG\xfb\x821e\xb4\xe6@\xe3\x82\xc6\x85\x96FQn\x0e\xa9\xc6\x9e\xc4\xdbA\xafSt\x9d\x15\xd0\xbd\xd8k\xd3G\x80\x1dE\x168+\v\xfb_\xc3\xd3\xc9\x87\f8\x03\x8c\xed_\xeb\x9c\xbd]=Blu\x04-g)\x01\x9a\xde\xf1\xdf\xe3\xd7)\b\xee@,\xcc#\xc2\xf4p\x1a\xa9\xe9 :J.\xdf\xdb>y\x95+,m\xc7\xad\xf9a1\xa1\x91Ed\x86D\xe4Tc\xd6d\xf0\xc4\x04L\r\xa1\x88e\"F\x92\xdb\x06\x04\xca\xfdLK\xdb\x1c\x8a\xc9r2\xee\xd1x\x94\xe2\x8by\x8a\v\xb8TfGF\x06\xbf\xe8\xe5\xb0\a\xd3d\xfc\x16\x14L*\xef\xcb{\f\x875\xf4\xfbMj', &(0x7f0000002a00)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\x03\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfE\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\x00\x00Jh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\ra\xb1\xc61\xf1\xe7m\xfd\x00\x00\x00\x00\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&\x9c\xbd\xbb\x90\x17$\x9e\\\xee\xc6\x88?)\r@e*\"_^xb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\xfd\x98\x06\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac\xb0\x11i\xcc\xb9BG\x1ac\xbc\xd9&\xb6\xd9\x04\x03\xc6\xebf\x84\xe5\xfeJ\xe7\xe6\xb3\xe9\xca\xe7\xc1\xa7\x9aO\xc1\t\x1c\xeb\xfbl\xa4\x80KQG\x80\xcd\xdd\t\x91\xdb}\xb1\xde\xf9\xbe=\x8b\xde\xf2G\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf7\xa9\x99t\x87 \x9f\x03}\x8d\x1b\x14\x1eU.r\xe19\x84\x11\xb9\xe5e\xc5.pz\xdfo\v<0uM\xa6\xa0\xe0\xab\xa4\x1b7\xb20%\x96\xac\xe9\xda$\x8cQ\\\x06\xcfp<\xb2Z\xbc\xcb\xf5\v\xf6\x98]\aTJJ\x90-\x1d\v\x1b\xc0\xd6\x10\xeb7r\xbf\x9cN\x0eI8\xca\xa5\xc8o\x00`\xd9\x14\xcb\xbf&u&\x7f\xe1\xc4\xab\xe8\x90~S\x18\x8a&\x0f|e\xdel\xa0\x93\fA%\x1f,\x0e\xf4\xa3I\x88\x1a\x90\x1f\xa8\x12\x03d_\x1aP5\x02.\xb6\x9a\xd6\xfa\xed\x1c\x86\n\x87vLDg\x82H\x8eUmR6\xc2+\xb4\x0f\xb6y\x91D:\xcf\xcfTDFcG\x069Iq\xa5(\xaeUKJ\x91\x01\x89\xfd\xba\xb0\n\xf1t\xb1d\xe3.\xf0[\xbe\x12\xe3\xb9\x8b\xf3V\x05\xd8\xf2\xd22\xd1;\xdd\xb0\xad}\xd3\x11Sh\x933\xb2\x0eKBP\"\x84\xd9\x1f\xcf=\x98\";\xff\xd7h\xdf\x85^']) (fail_nth: 20)

625.27508ms ago: executing program 4 (id=2765):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d0000000700000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_DREG={0x8, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELRULE={0x14}], {0x14}}, 0x8c}}, 0x0)

584.111063ms ago: executing program 1 (id=2767):
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x58, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000480)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x3}, 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x2, 0x0, r1, 0xcc4, '\x00', r0, 0xffffffffffffffff, 0x3, 0x1}, 0x48)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000b80)={0xffffffffffffffff, 0x20, &(0x7f0000000b40)={&(0x7f0000000940)=""/255, 0xff, <r4=>0x0, &(0x7f0000000a40)=""/221, 0xdd}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x1f, 0x11, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x60ad}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@btf_id={0x18, 0x0, 0x3, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='syzkaller\x00', 0x7f, 0x0, 0x0, 0x41000, 0x28, '\x00', r0, 0x4, r3, 0x8, &(0x7f00000008c0)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000900)={0x4, 0xe, 0xfffeffff, 0x7554fe3a}, 0x10, r4, 0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000bc0)=[{0x4, 0x3, 0x4, 0x6}, {0x3, 0x4, 0xd, 0xc}, {0x4, 0x5, 0x6, 0x2}, {0x4, 0x4, 0xa, 0xc}, {0x0, 0x3, 0x5, 0x6}, {0x0, 0x1, 0xe, 0x5}], 0x10, 0x7}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r5, 0xc0406618, &(0x7f0000000040)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@bloom_filter={0x1e, 0x6, 0x200, 0x8, 0x80, 0x1, 0x3ff, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x2, 0x8}, 0x48)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000580)={0xffffffffffffffff, 0x9, 0x10}, 0xc)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0x18, &(0x7f00000000c0)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}, {}, {0x85, 0x0, 0x0, 0x73}}, @printk={@ld}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r7, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000061003000000000009500000000000000db74589d4b38cc306ac390649f8edea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e2e01d50bc3347475750472719cc516eec8df2df8ef39db6e67fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cdf2ac0d93263ff755d611c4cca1684b1470af6a83366aa430ad2d700b186da622d6fba700"/173], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r7}, 0x90)
r8 = socket(0x40000000015, 0x5, 0x0)
getsockopt(r8, 0x200000000114, 0x8, &(0x7f0000019580)=""/102393, &(0x7f0000000100)=0x18ff9)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x94}}, 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r9, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r9, 0x4040534e, &(0x7f00000000c0)={0x72, @time={0xbe9}})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{}, &(0x7f00000005c0), &(0x7f0000000600)=r7}, 0x20)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x9, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000010c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000015000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a29682881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d37ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa20590a4a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bc9d736c"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x14)
r11 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}, @restrict={0x0, 0x0, 0x0, 0xb, 0x1}, @union={0x0, 0x1, 0x0, 0x5, 0x1, 0x0, [{0x0, 0x2}]}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, &(0x7f0000000340)=""/142, 0x4e, 0x8e, 0x1}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r10, 0x1f2f, 0xf, 0x3ce, &(0x7f00000007c0)="9f44948721919580684010a40800", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000d00)={0x3, 0x4, 0x4, 0xa, 0x0, r5, 0x4, '\x00', 0x0, r11, 0x0, 0x5, 0x4}, 0x48)

583.738313ms ago: executing program 4 (id=2768):
r0 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x1100, 0x40, &(0x7f00000018c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3f0, 0x98, 0x218, 0x2b8, 0x98, 0x2b8, 0x358, 0x358, 0x358, 0x358, 0x358, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'bond_slave_0\x00'}, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x2}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00'}, 0x0, 0xc0, 0xe8, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @TTL={0x28}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'batadv0\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@broadcast, @local, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x450)

514.866418ms ago: executing program 0 (id=2770):
open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
setxattr$trusted_overlay_opaque(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0xb00, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)

471.813942ms ago: executing program 4 (id=2771):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@bridge_delneigh={0x1c, 0x11, 0x1, 0x0, 0x0, {0x7}}, 0x1c}}, 0x0)

448.307324ms ago: executing program 0 (id=2772):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000500)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)={0x30, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}]}, 0x30}}, 0x0)
r9 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000006c0)=@bpf_tracing={0x1a, 0x0, 0x0, &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1ff}, 0x10, 0x28dff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x90)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r10, 0x8914, &(0x7f00000003c0)={'bridge0\x00'})
ioctl$sock_SIOCBRDELBR(r10, 0x89a1, &(0x7f0000000080)='bridge0\x00')
r11 = dup2(r10, r9)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r14=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r12, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r14, @ANYBLOB="d79dd30bdb6a70d0df5f215a282744ba05120e8a5c0d6847784a332f0054ef08ad17c033e886ac9eb386e4424840c5b385741854bd443072155873c771ad1158721010458ac4196a2d632075fc59c2"], 0x28}}, 0x0)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r10, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000040)={&(0x7f0000002580)={0x980, r13, 0x4, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0xd0b, 0x47}}}}, [@NL80211_ATTR_NAN_FUNC={0x4}, @NL80211_ATTR_NAN_FUNC={0x368, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_TX_MATCH_FILTER={0x33c, 0xe, 0x0, 0x1, [{0xfe, 0x0, "df6b67b87498205068bc1072c3dcbe6eedf5bd1ab9da36e1deda73f35068cbe9d045678737e32e8d866975aa1a404aa34949f1a0efa9d39abefd15d824f8f7be7c65eaca0a32f3b171df735128428caebad7dc848cd5efd0cac64924e818344fd152a3705c31797db4817cc974c7554bbd67bde58d96770a2bd9488fa6699b4c2848ca5375b47a146b4d79e21544b3d6cf08c8f7025e467e574c59ebdd4d31192764076ffd70fad288920f407133dfb874f9f9878ccd44b34c8caa7b38b8e6b1bf66a87644d194e7910655cd678c0f2c55e2d9e1fee0d7326cb5c23c7446a43eec82e426f6c7a3277e3bf300f3f174405d59eb917ab65c25e889"}, {0xa8, 0x0, "0093f8946211dcc7655e44f5feb031161957fd94b077c2a162106b7d949820865cd34c07eb81a2114778636e3f9b2ed259397d6368f0e10dc2705091de413b579857bd2dfbc0ef60f5f2864c26afdb8db93582857b6c5c63143971fd5b6bf3da66dfe38662aed4b9aa6d2ad82b2b9bd8cbc800b5588c89abf47617a312ce87618fc689f7728da36e5a069596bb4f9d79e5c9533045a1099e82081691acfa2fd244e02791"}, {0xa2, 0x0, "52e1cd6ee8d524ff47aacf88d8f92984e4d5f2cd82e3ef138161321c07629e177588158ea984d6ea8ca2ba8e0175f0df7a7fbb64b98a73503fda9c11b1341c3a64e1788716cd0adefe34c2e683b673c64e23152381f862f6b9b81555863c00036b08ead256543807c3d10b8fd6570710f80a13cc2133062136e3672981d650d220e22f885fc0cc39c0d2e0f2d520ab64f48b3371eb30acb2216ac1ecfef8"}, {0xce, 0x0, "43c70bbe6d7e29395f8af51bbac31a13e84185d66c259c3af9148daccbd049e4c1372a61c75c9cfd3f3de5b59784e11d2993f685a8113088ed3bba16315decc2be52192aaad8b72ae71c613d2c571b6dbbb3465bf54ab31d3a7895bb0f627c67baee87dd8c1cbdab1df76c8450649b05b5871d25f651eb1a2bb95277dd06619e6795d72eac7b3e46c0b27e6cc9f0be18bcf845d1ff3357f530427b8a5b2df462d0a96c60425807d29f6ff7b27487bdcd55d547e6314206a3c0567e89fb585e63865661b0d6efb340a123"}, {0x19, 0x0, "83228b3c05f76e6b484f606a3e99174ed77a583160"}]}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x9}, @NL80211_NAN_FUNC_TTL={0x8, 0xa, 0x1002}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x9}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0x60}, @NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x40}]}, @NL80211_ATTR_NAN_FUNC={0xc, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x6}]}, @NL80211_ATTR_NAN_FUNC={0x14, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_INSTANCE_ID={0x5, 0xf, 0x9}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x3fc, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_TYPE={0x5, 0x1, 0x1}, @NL80211_NAN_FUNC_TERM_REASON={0x5, 0x10, 0x9}, @NL80211_NAN_FUNC_SRF={0x214, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x8}, @NL80211_NAN_SRF_BF={0x103, 0x2, "dfe9f3ab0b6c3aeb67139c41dc1da0482f6441d243900c8ea94d0f13871e10e3ec474083afa2019c0c1bebc3690c15c2dd390fa7b64c79a6d87aaffd591ddc353da252eae54c3bb4d371bb653f6c0cff10fb4f0d011c589fa2621375d364e90f47cf9cc041dbca790010b460c16e4b891ce8f4da94ceda8378ead88441a21866c2fac1d66bbce4cb12b198e52c7b764283acbfe06ebfbbd2f536365566fa55afca887de03a0cadc5c3b73a26e38b22cfae2c1554e91809c90fa7810eb97de5fb006c8f1db835edddfeb2074c9474e35ea66bb2ff08627ea96c267629da4ee85ed12430b3c25e19cbc041c3c56adeafe14edc63d94951585ded855f752bf192"}, @NL80211_NAN_SRF_BF={0x103, 0x2, "9290daa1de79e5b32b2f71cda02e0b6cf3d22f0131adfa639391bb67cea9f263caa637ed5917444c1cd2baae04050d9c57e55ad16a52eb0bb95f2a850080ca2660c605974d97e3b81d177053a1ab287dde9369d9d81c9d8bee0a4e052806b2a3368869cfda7f5565d72c119aff07f4de2076d159fad844208fbc38d64ddffd292b99aabbf6575ce18ec45e57e9d813f9d2f8502c2886f0310068feaf1805ab68345ad7c32c75b03309404f29690b7f4cc61b13164b24ef2eb953a3e68463cf9d1470dc3ad1ee480c60aa5bf171251fb588d4388eb26961337c8c0b3bbe5c9365a0c8a8ae2e13776331f256ff526bc2863940517d475761dd9a3a33753ddab2"}]}, @NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x1bc, 0xd, 0x0, 0x1, [{0x47, 0x0, "1844a77a3d65210efd0f904a596ee25d40a7479bd398665b27d608fa1e7ff37f61cb96a3dab768c68619a13fab605acd35a14d308fcc422caeb566754f709e152bf4f0"}, {0x93, 0x0, "e4dd08cefd160820bbd746faa15b09b3d351f09818f53d47ce305d0acf70b2c1bd98f2f1707ee282c6718bd323ee629c7279625ae98f593dc54fad77ad7ba35bfe650edba80940906e4d9a1b2a6b573f7d570b2403903fe2fb172898f5af3b626ecf9b45df02c3844e67f2ee9e6f0f79ea17c6e13b6bbf02cde1dc7aa25c8cdd6c597d7ee5d636eb2891c910f3bf0a"}, {0xb7, 0x0, "eb02cb0fd7e8b653094655c76b5b0e257d252205f38facc3a6470ac8fe19097c4238eda08f3c6d35d2648ba6dc419a15de7b6586f90801dec81ce202cc8444a5aee2edc5ac6cd6438ff352bfc177952d6fb8f7c2c8de531892a6ba6270399c09455e4b304a8cd100d4d2e9d86dae46df457efb35f1d4e972c0e5ad2658d39978711d71fad0d2c9c138688c5b12bc3ee79f5c9cf2ac141f52b443dda1b8258d2864215345a39fe5eb5a9c55bb0d9d15b5be8626"}, {0x22, 0x0, "374ed8a3d7b0a579c5d15893860552f07056218239c485e736920df962ff"}]}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x7}, @NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x14, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SRF={0xc, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x2}]}, @NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}]}, @NL80211_ATTR_NAN_FUNC={0x54, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_PUBLISH_BCAST={0x4}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "7f2439543277"}, @NL80211_NAN_FUNC_SERVICE_INFO={0x3d, 0xb, "d63406a12e0d149a97f01fd4ad0f08ba69f9d0e40eb7aa19052a645b58863ca29e949ff1c1a78f553e802319935e84289150b0182cbbebc5a8"}]}, @NL80211_ATTR_NAN_FUNC={0x170, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_INSTANCE_ID={0x5, 0xf, 0x4}, @NL80211_NAN_FUNC_TTL={0x8}, @NL80211_NAN_FUNC_TERM_REASON={0x5, 0x10, 0x8}, @NL80211_NAN_FUNC_SERVICE_INFO={0x1a, 0xb, "abe6c04aee930b70ea6aced2b76d0694b8738119a145"}, @NL80211_NAN_FUNC_SERVICE_ID={0xa, 0x2, "c4dae8be15d1"}, @NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID={0x5, 0x7, 0xbb}, @NL80211_NAN_FUNC_SRF={0x124, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_INCLUDE={0x4}, @NL80211_NAN_SRF_BF={0x103, 0x2, "1ad374920fc2137a984f26d7e1f4ab36e91df3e7547bb1a2186e9c5a9ec3b4311ab75d6692dbfdbd42b8f90a1d0964ba5a653989beef89e6f1cf74b79cc90371741264265d9c52870e24f1f8b0ddbd80e07fa38fcdf1146acdfff34c7a09f5d3295d9edd73dadb2abf09556a96e3533f9bd5715249321038d204f0b6f6df0f303d6b93f063727bd5008f4870f0b0edf6b8c9a1bd5f96bc1eacd829d3689c72d38b493ce572597b7065af74b24477c344280765d30a63f7019b40b708bf0ddf345d542399ace76771c06c334ed3340bdc45d4fb821dac72805c910d604f449c5a1778b74f6514187609b398d8c7bc6b96d20065e437d643f8384d0f8c6f8c37"}, @NL80211_NAN_SRF_INCLUDE={0x4}, @NL80211_NAN_SRF_BF_IDX={0x5, 0x3, 0x5}, @NL80211_NAN_SRF_INCLUDE={0x4}, @NL80211_NAN_SRF_MAC_ADDRS={0x4}, @NL80211_NAN_SRF_INCLUDE={0x4}]}]}]}, 0x980}, 0x1, 0x0, 0x0, 0x20000080}, 0x800)
sendmsg$NL80211_CMD_START_AP(r11, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r13, @ANYBLOB="00082dbd7000fcdbdf250f00000008000300", @ANYRES32=r14, @ANYBLOB="08009f00050000000800a00009000000050018013b0000000800a100cb05000008002600c81400000500d500020000000400e200050018010e000000050018010700000008000008002700000000000800a000570200000800a10001000000080027000300000008009f0000000000050018011c00000008000c00640000000500a300"/140], 0xa8}, 0x1, 0x0, 0x0, 0x8010}, 0x10)
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="000326bd700019dbdf256500000008066c7c91e24a1de79e9a9683b64aa5a2000300", @ANYRES32=r14, @ANYBLOB="0800020001000000080002000100000008000200010000000400038008000100020000000800010000000100"], 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$NL80211_CMD_SET_WDS_PEER(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYRESHEX=0x0, @ANYRES32=r14, @ANYRESOCT=r2], 0x40}, 0x1, 0x0, 0x0, 0x4000041}, 0x4044040)
sendmsg$NL80211_CMD_UPDATE_FT_IES(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5248341f", @ANYRES16=0x0, @ANYBLOB="00012abd7000fddbdf256000000008000300", @ANYRES32=r14, @ANYBLOB="0600b100010000000600b100001000000600b1007f000000"], 0x34}, 0x1, 0x0, 0x0, 0x48080}, 0x4084)
r15 = openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/meminfo\x00', 0x0, 0x0)
read$char_usb(r15, &(0x7f0000001840)=""/4090, 0xffa)
preadv(r15, &(0x7f0000000040)=[{&(0x7f0000000180)=""/128, 0x80}], 0x1, 0x0, 0x0)
read$char_usb(r15, &(0x7f0000000240)=""/34, 0x43)

400.546098ms ago: executing program 4 (id=2773):
getresuid(&(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)=<r0=>0x0) (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, <r1=>0x0, <r2=>0x0}, &(0x7f0000000140)=0xc)
chown(&(0x7f0000000000)='./file0\x00', r0, r2) (async)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
recvmsg$kcm(r3, &(0x7f0000000600)={&(0x7f00000001c0)=@nl=@unspec, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000240)=""/245, 0xf5}, {&(0x7f0000000340)=""/137, 0x89}, {&(0x7f0000000400)=""/177, 0xb1}, {&(0x7f00000004c0)=""/224, 0xe0}], 0x4}, 0x40000000) (async)
r4 = socket(0x2a, 0x800, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r4, 0x891c, &(0x7f0000000640)={'wg0\x00', {0x2, 0x4e24, @multicast1}}) (async)
ioctl$SIOCX25GSUBSCRIP(r4, 0x89e0, &(0x7f0000000680)={'veth0_to_team\x00', 0x5, 0x9}) (async)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000780), 0x200000, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000a00)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xe6, 0xe6, 0x3, [@struct={0x5, 0x6, 0x0, 0x4, 0x0, 0x7, [{0x8, 0x0, 0x8}, {0x9, 0x5, 0x80000001}, {0x10, 0x5, 0x2}, {0x0, 0x5, 0x80000000}, {0x2, 0x4, 0x2}, {0xf, 0x5, 0xfffffffa}]}, @ptr={0x0, 0x0, 0x0, 0x2, 0x1}, @datasec={0x9, 0xa, 0x0, 0xf, 0x2, [{0x4, 0x2, 0xffffffd5}, {0x1, 0x138, 0x9}, {0x3, 0x985, 0xb0b9ef72}, {0x4, 0x5, 0x7}, {0x5, 0x1, 0xe}, {0x1, 0x5, 0x1}, {0x1, 0xff, 0x6}, {0x3, 0x28a, 0x3}, {0x3, 0x2, 0x9}, {0x9, 0xf45, 0x7}], 'Dw'}]}, {0x0, [0x30]}}, &(0x7f0000000900)=""/248, 0x103, 0xf8, 0x0, 0x5}, 0x20) (async)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000a40)={0x0, <r6=>0x0}, &(0x7f0000000a80)=0xc)
setresuid(r1, r0, r6) (async)
setsockopt$packet_tx_ring(r5, 0x107, 0xd, &(0x7f0000000ac0)=@req3={0x8, 0x0, 0x10, 0x6, 0x200, 0x6, 0x4}, 0x1c)
socket$can_raw(0x1d, 0x3, 0x1) (async)
bind$inet(r3, &(0x7f0000000b00)={0x2, 0x4e24, @multicast2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x5, &(0x7f0000000b40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, [@map_idx={0x18, 0x5, 0x5, 0x0, 0xa}]}, &(0x7f0000000b80)='syzkaller\x00', 0xfffffa5e, 0x0, &(0x7f0000000bc0), 0x41100, 0x20, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000c00)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000000c40)={0x3, 0x0, 0x1ff, 0x11}, 0x10, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000c80)=[{0x5, 0x2, 0x5, 0x5}, {0x5, 0x3, 0x6, 0x1}, {0x2, 0x5, 0x6, 0xa}, {0x1, 0x2, 0x9, 0xa}, {0x1, 0x5, 0x10, 0x9}, {0x5, 0x4, 0xd, 0x3}, {0x3, 0x1, 0x2}], 0x10, 0x80}, 0x90)
socket$can_raw(0x1d, 0x3, 0x1) (async)
mq_open(&(0x7f0000000dc0)='/dev/hwrng\x00', 0x1, 0x8c, &(0x7f0000000e00)={0xb, 0x80, 0x8, 0x39}) (async)
ioctl$TIOCGETD(r3, 0x5424, &(0x7f0000000e40)) (async)
r7 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000e80), 0x101040, 0x0) (async)
sendmsg$IPSET_CMD_FLUSH(r3, &(0x7f0000000f80)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x24}, 0xc, &(0x7f0000000f40)={&(0x7f0000000f00)={0x1c, 0x4, 0x6, 0x301, 0x0, 0x0, {0x2, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8054}, 0x508d0)
clock_adjtime(0x7, &(0x7f0000000fc0)={0x2cd, 0xa, 0x7, 0x2, 0x6, 0x100000001, 0x4, 0x8, 0xdb2, 0x4, 0xb, 0x5, 0x0, 0x6, 0xe000, 0x400000, 0x2, 0x5f, 0x9, 0x4, 0x1, 0x2, 0x5, 0xce5, 0x6})
perf_event_open(&(0x7f00000010c0)={0x4, 0x80, 0x0, 0x6, 0x5, 0xfe, 0x0, 0x10, 0x2000, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000000000001, 0x9}, 0x0, 0x6, 0x7, 0x1, 0x4, 0x8, 0x3, 0x0, 0x4, 0x0, 0x2}, 0xffffffffffffffff, 0x4, r7, 0x2) (async)
getsockopt$inet6_mreq(r3, 0x29, 0x0, &(0x7f0000001140)={@mcast1, <r8=>0x0}, &(0x7f0000001180)=0x14)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000001280)={'gretap0\x00', &(0x7f00000011c0)={'syztnl2\x00', r8, 0x700, 0x7, 0xa, 0x200000, {{0x1b, 0x4, 0x2, 0x0, 0x6c, 0x67, 0x0, 0x4, 0x2f, 0x0, @multicast2, @empty, {[@rr={0x7, 0x23, 0x2e, [@initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, @remote, @remote, @multicast2, @multicast2, @broadcast, @loopback]}, @lsrr={0x83, 0xb, 0x9b, [@empty, @dev={0xac, 0x14, 0x14, 0x30}]}, @ra={0x94, 0x4, 0x1}, @end, @timestamp={0x44, 0x20, 0x12, 0x0, 0x1, [0x7, 0x27, 0x2, 0xfffffff4, 0x9, 0x4, 0xd]}, @ra={0x94, 0x4}]}}}}})
memfd_create(&(0x7f00000012c0)='syzkaller\x00', 0x2)
sendmsg$nl_route_sched(r3, &(0x7f0000001400)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000013c0)={&(0x7f0000001340)=@getchain={0x44, 0x66, 0x800, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xfff1, 0xfff9}, {0xa, 0x6}, {0xffe1, 0xd}}, [{0x8, 0xb, 0x1}, {0x8, 0xb, 0x3}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0x2f}]}, 0x44}, 0x1, 0x0, 0x0, 0x880}, 0x53) (async)
r9 = accept$inet6(r5, &(0x7f0000001440)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000001480)=0x1c)
sendmmsg(r9, &(0x7f0000002900)=[{{&(0x7f00000014c0)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x80, &(0x7f0000001680)=[{&(0x7f0000001540)="d09bb91ac97f3d62da27cf450c6d2ce6d0569934c88288da71f6c21a8f4819aa279b", 0x22}, {&(0x7f0000001580)="b9637e47df5a21fafe6023e2f7949bd8a8ed523a7f70688db9fa1c7f0a55ad73901b72fc0ca0", 0x26}, {&(0x7f00000015c0)="36d4df20b7bae9a29d5f1c4c61c6d0f2aed2209dae85ed8d31af7c32a771cb535b9c1a52238929768df9b3548db89feca5b4ca3b5a6b3759e8d297f7a0b066874db296d6bc8d616fef389a194ee07ec24a727369abc748862038a947f22a018373dddc5708041b5bca0c8b21e3b8e56713197ad5f902f96572b091e1a69c282682", 0x81}], 0x3, &(0x7f00000016c0)=[{0x1010, 0x108, 0x2, "24076676ca79af43c8fb76b0ed90b4d1e1d5cfc20468ca94d0cedd88bf69bd5a9e9c6c2852ef9673006931094efbfd9fca4f76aa1675fa7da4d625142ea9c8b4dc72b960ac1d0fcfe92a5a328f4ed9d3ac8dd0eead795aa9cf6d63bef5d935db0697123af026f415711e16a6d52bc72f4bd257fda41e932218787c11a914c5911e785bc967f8db51a17ae94dea901165597386fe4c200df1bd43104fad9d013182d34da17fa0ba1ed104414117d1c431bfee0af52455da10be01fd32e9a0dabc209d14a125b5261d55ac28d46c9c79f7e7544310e13bdaf6e0e79a79ed70e3289afd1fcf7575deccf71e1a395ec01c1519c87b3b0a4c2c7466f98a38cd6f54be4da24a2ea8799299f100169880a7e309002482e51d8bf04431c3528162b9a8684cd54479c8f8886f8a3afe416aa8f5a1f84fb1f76f86fb60502a0b5c1b3930fd3b459f0d6bc8178c76162707cec53b68c9954a90884ec0a04a32ffa4fae6942f9ae36d08a2c6b61187bfde748661ea40a777cfbfa7240fa1e34763ee072733331c03f527985d385ca156db5639785ad1fe4a5e2c1f002ca3d32a555b44adaaa0ad721dae9ab71a33aa20c1572e07befb2fe2f62f98143b92c6bf567cc0873a52eab90a8a0079024da0da73f93e893e123e5772f4c2dc7010c0f30b4520cd634aea952764ae8fc1c883119616ac94e1ae7cf59a3a2298fe07428417ce8eeb79bc02be7c457764b763cd4fcc22306d20bb469a55e0046407f309e138b1b2cf8862cc4a96f64ec95238cb51fcfbc854e3aaecbfb320d0d0fda3cb554689634e60da090b682bcd6988f4c6c2db9c3ec1d65923be95ca4def061d3ea69c6fcbfddc5f70300b150a3792899cc1e3ec35afb8760469a572706d5a87e064489edd43bc88dd149f21af3d970f0a1550b2ea04c6fe8292ad0b9c92dadd33c76a0aff022d3643b8ab0b492fcf16ce2d5ce5aa1d81572e7e60cb27f460eaa00ddfb73163e3c593411de7568c2aadb1dd652ba788b7862541b7afa9939c1bc61deb1d0e031b5d8b9921d9ec9e2d118ba941f6d53132bcbd71947484bb807f0b946143b4adc66482c9971adaddb6d00b84c62f9f531c38aa0db4a09a51757564ca81b5c20b2a41585a3c7a962b825d9f32b6a54e2bc76fb7105a773228bf331f66cbe96cac7c7da80b8f2896af9df5c1e58fa54a80647aa384467277f9ddefee50fba80c938023fc6eec3d43df89f81e553e1d16ae07dc84f31529a0fa7cc34dee4345a5dd17044b49e36d6bf8dce5c1dfa6b246d3e5b4d78e0b0fa7aa9ee73a16726ceb1b010243229f18d3b41f51f45acf39cf3b6af7cb8e48335a09d01a48cdd257cc3e4c1b3a9c860391de06e8a97f8265181ba48b3c6201c50b652e0ef415cb6c53dbbcd3891a694f0ce2f03e72a174259668d41aa8e9c541d91942003be10585a480d2e02fdb1f2e2c9fef2b9fccec904b72a8f64779f82f2f15707c8f620087b7daa606f2b598b41a9d9f154fd8c4bf3f011d6898ca4ffe56063b4250ab77d773b176b105de740807f4f04345b57d787e4e5bf9734245b1c094b6df7ad9b31e90c33c66381fc9bed72f5daa3eba722b162c4ec6bd514ef1a24bd392d95606f1ec9f10d3271ae963f2f333481549ea0c9a898803c4ff69b43e689ca73b08690901a7aeeebf40bad978309f64aa15b3b02ec27525c1d9eced07dad25df790c99a36ab9ada27d7a3536bec936cdc2bba070684b45184e00ef770eb65e74cf11d5fa8d4a4829fdc84b002a375392345c7b6701ad93f65362605e2e7bf2306dcac7427c39f18d254f50f71a92f102e98c6afa225d8005f90a647238d8990397e841ef42f373c3865604fbc59c3215af48ea7106e60cb48a9644148b6b865333bf5d3c25b5fa902baa43b9d8318c6ec91a24d09a56e33229953f9c48873fcd7a6f9312545b2dec20b5d208f7765c26341085371adfce773ecc0640f4ca5c274bf703536416ea721f9cbe51c24a873c490fb541db40ec7e382921b8cb12652aee03356b91707300f5427ff63db5e5e8dcaadb3896521517206b332d355208eb5a6bebf44aee57193ad1730cc90d2f0b236aee0483e881ece3d00444de7b0e05b1f715fe51e89009a684d7af04dd127c6f3a464338e897b10abeb2c5ba18bb04f95b1b3d2721d1d61054ffaba0139b37dd5167baf92bb6ba61b874f1841c477de01f093edee40139de59438252975320fbce49d3998ba749e392a6cb5eb67b8372661e182cc42e9e6b1f9712438f52a07a7618b3b96750893c8fb7d54df8454a7f11746cedc869d0f42c87f98b3b413c9c33644a3ce3bfa57bb3b8c35fff4f42563c8bf2d17b4ee9d0ca0da01af62f59a387fb03754aa067271f821eb5767f91f3b676e05936513a6588a9a0f7df46b082c58b1a414107a735506e8941abad83741e83e77c6cb59713cc48a6130ff5e4827d2d5ec9275a3c2e29eba7ba023ac46b8279b7f5911af39b7a0f3378130c52a462b0be96d224dff031c8ce38cf50c2f2ffca50be17c48bcca84645dfb0635c60246df754798def74df257d48c5f3144476f4c274a6de2424a6ef33cacaea0a39809f717a23fc5f3acdd05248b11c2242d1b8c72de1b595022e92d0f2a248bfdfedcd2fb5c0ca7200cb7db59e45cfb07b41b884fdbaf485c88d76d2784f0b3ed6ea1b96ba6dde52db689eb0c2243ed924de22a73db0a735fb70af7e6f9214ee9b30bd92d8ee3fc97024de991ba159630900c420b97feacc116ac95a5041e538bc189711473c788adf9524f228379cc12015d7ef657f3d286d075955ff9dd1e193f945aec74ae3f4631a1d4d706f2741eb95d09165a3a979c8ec8bbde2414e73c420c454f8e20f531cbd32da45ed3dea55d9de422f09e31a22703806741ea83d7dde3860a2d33ef4e6ffc58b97d89bbdc85c28a8e5bb82c8b0e7dbfe8a67c1167f227b88baf683b20438ebcdbec8d0abf15f8ee15a1a2d92e4126cd52f5b2d7b5c9914f1bfb5a2b043c4f45ce9adb7420afb1ae44197a6dad700771dd9298dad11d2fca1b0a465564e4d8f0aeebfcceb4dd018fa8acb97acbc2eeaf15825552a976ea1cc32d4fa9ac8a24bfe24eb158744a948ea66f78caad9173722286e41c3d911b47d8819f9175bd9401752958c545a207574d9b11d6ca7579ea02d69642904946014d32514a8ec15daa9453ee0282e2fec272a0624b4be70ca3833afb8dad9e6a955ec061ac0895afb412451d3323a4b112d8b4a1c74ebc65e3aa99cadb0bfe0f41f9326b1286a80f989b221921c4bf1b5b4dd686a42c13f95e89b9dcd2e3ae5aaf1d04fe7b0e2ac8f85f0b52c3ca8f8da7119c5ea2f3c037c63e0bb1b750eb20e15c38efa2dd4acd09594802e107b16f9d30974316f688a0ac40d5d0a176678f26f5ddf771bb9fc8dbfd3cc3dc21406a561488ed89a0d3d7149c5d8ba066bdd41831e872ad26a8c7133b26447980c5035cfade87a0cc96b733ea07d9af56501d90eab21799d6656ccd567e82ecd0591a6b2387cafc194d2abb8565dc4634e65c73fe2a813f8c5460860d45c428907273b9dc58a5b10298b843a4b5a1d8b58dbb2c50569dfa4d99d09d5d98d12c1db9e0762c5c6d23c3b52b55b83199a9f4ac15c6869f3d4ec1a00b88662466dcdd687d0699ec05f1e2fb3e6f9278403361581a08cffb16cdd6cde7d1647b2dfa8b41b8710a579c9b09d6e5a71d74f38f05d7d4dc353192906ec6eedc2411ea5715edcf43d2fb6991c9e1cb344a44cbd9bfea387aca63879285f2e15a29c990ac2739f11d81ae098380395eb082794e2bcf49f8f5067dc30dcd2f90b2012a674bb55eaceabad4c2a0ee4c761a09edfdf94312141e58540a8bdd1bdb86cec57bfa5e07ff61a96420c409ded64a5fee585309002435766add2ee0f23dd8a78233912335750420b8a44d017b04750862986e9e7b8e37e72c01523b26589b91550d16224a1b619cc9204b8bc10bf22442b50fbe3901b9f8cbede3e057b6a07f11f7de4cfb046261987508c33a8b0d5ffd67f6262369ca38ea3693b240a6d2c3807bc2155f1b8ca8324761b4e2706b0c6009db98f5d616326b04a530b98af8ec3aa71633b7e9ad91d7f9e04dd4aa9976efedf556242fc9763e0df03ad979665764658f99db4685505108b3a57f516a13069b745b81e80e227f2a18ad4831bebcd53c18bb5df00a926520b6ce04f5cebdb3e2b836d6400922a977a0ebbb55cf620bcf05abb2af45b69b6a00147ec71b5b9e67f261ed2ef53fa0d6db64d1bad38723cb7a94735738be63f37e02b707da3633229a4ef74ea7ed9265cbf6c88e3f9c4cdc1833a1d889166ecdcde8f25a42a26a05646740da0614b462f7b0f88e6171a72e8668d9a42441c2c707300a133c065c572bc5a86f028de3d7025d24c198532325f7699add4622de9b392c6b834b8865583150d18c6ce3462d95fb8580cd04dd8d2694796c0272a08ec75a5c0f432986e49bc3487d704ccf25ba81585c10bddccbca5dd32bc8b57c2ff0ec78490bdf9897c7e8b3e31581661ede808d51b6e5410026b513f3f266be1b34ef93f04f32b06442ef9039263c24f58e7dbce01adfa70af7a6061a12058b3a4181b6f0a0142ee48ef0e32c79a93d2eeff3f5d8f1e5ec4a8e2b530bb0a348245614c3823c4dd54f9ac38d695db68171c1ad926908049d7ed7f9fbe2087caf3353176ce2972d9a451f2a48bf30dd20faaae8c47928081d65636c66a1846b34796bd58643ee50cafa37878c0f1a8e1ef1a8f96de3bbbf3aed7a603bad8fba3130d87d629ac9fbeb91c472f8d1c4732430d75f850714a0967b7b7b6b3228350391b9560678a40fbaec4b60953264ce60836f1f11fc8e5420643097c8abdf08c2d8e9f50d66bb0d24d3f1eec79e63b3ec0fe230934b0c8c5a5aad2603408c48c8c8d3c0f0f95d16ef1d991c8c29255e6b634ced7a8cdd89dac798f9d93dcbfd3505426227565609cd9d611cd5cf9050127c741afb1d47057abd7e6936697dcab1f1d46f445fecf78061a51014622d30ce60d29e46823f1289ee0af7b497fbc3d63840c6a36027bbe655b5ae390504b1f34f1e0e6d3c45a2fc9ff1d2da8e76cc48200e28b0e0d5c67010c6519a5be1254110dd3d8f5aca121b448fabdec5cd7e829cf35f004819eee1d43c72aee29a2120fc26a10ba23616d704c5654a81e73340f119c9bac7aa7fa6fae2bb567247dd97fa41b1e468ea4b3d40552404ba73269668b379334e03eaac4b2ad806cb38c3dfc4350eb6a5b9df331c3c8bcb0ec1414f253c4eb4ded471e58bab7eb36f24d2755dc35940befd3ba316b112888e9cc5ed32bea8fdbdb5636d758ae07749899b23ef879bbe381333d598fa35479e850c800368ed6406fcdf9c41a5324d4ceae4e9907161c0fa452ef8a716b90307c8ec4b024f658f95b5ef76ccdd9a31dbd320b964b5fda7be40cfc6defbbbc84c0a8feb34d0d5ff0e5073878b8fd4ff5338b3fa38140401a2c5c111fe3b195c4aff29499724a0c0cca7a061b5081c153c7c4ff0434a86c9094cb76db9ce3754b75e495573149284a2cfd05cf72f0e257b5f082debdadd43e2d0c7e40966495ddadd7b5603cfc8f4d3b9b44675c7e2341f4991183e61205dee0d3dd727ac658695866af3b84197a880a0a570f78f355d9081e5722685c155c97f6aed610717b1dba427642eb4cad2e5ceb728ef764744ed5dfc485c52cfa48b12d6c89e0c538c57524c730de594017a453806c786c2d4ab52711c6333fb397093563a4a67a973d994b3acbd51"}, {0xe0, 0x1a, 0xfffffff7, "f16c1f8fb60fc6b7d8fdd90826fcc7dd53fec80d6c27fad18b589d1c0c604fcbf24613ca3005f5c63e7d1eeaa4cea75863ee9a4522b70f507b8a7acd8a1b366b23ffde308e6cadbdb410ff52873009ede6f1c4330d2267083c58685298738282cec945cc704dc9099d9c47a7293c148bbe18a840d8ab5b01a43fff1e8c33415f22bfe5d4f9d621a6a8019dcb2e0c9e626977dcee1213995b4820b7a6671a594d39de9678a9365ddab645c3c2d78bf03f89ff482565d01d5d89f8b83c21a6e09933bc310bf87e147a02"}, {0x70, 0x1a4, 0xfffffff9, "7955435352d195eda19759b2e8da0de279e2e5c81a1897ab0a11701691215959b44bfda54d317fee53660d3fed87a7cf8d0441ef3e016298fcf8ad97851567319ea6675d417010651e20744eb3d2ee25af0bd6374213296108"}, {0x98, 0x223, 0x40, "c501d8ef55fd6c07de998731b9b73d2db0ab26c08a1209de2f5446e85486694981901e3ccc570022c95dd54f41df3d40162e83dab93f13c5b84ba46848b5b0d4012bc95f478a01f336e324508e0f7892686cb52e49a8e04bee12a76a0c197bacdef009aff36fd9458355154df1aeb26933225ac72d2fcc197b3866740e40f16ed5"}, {0x20, 0x1b3, 0x1, "ea5340c41cdb60ca70e479b1e253"}], 0x1218}}], 0x1, 0x10) (async)
accept$unix(r4, &(0x7f0000002940), &(0x7f00000029c0)=0x6e)

309.854995ms ago: executing program 4 (id=2774):
shutdown(0xffffffffffffffff, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10)
ppoll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x2060}], 0x1, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0, r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="2c0000001500010000000000120000000000", @ANYRES32=0x0, @ANYBLOB="14000200fe880000000000000000000000000001"], 0x2c}}, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES8=r3, @ANYBLOB="3103000000b967eae041c46cfba93115dad500000000000800000008000300", @ANYRES32=r4, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB], 0x24}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f00000005c0)={&(0x7f00000004c0), 0xc, &(0x7f0000000580)={&(0x7f0000000780)=ANY=[@ANYBLOB="3400f9d22a6228fea9f5b2a0524466000002fa969b919edfb1469b5fa46dcf5d1d56885f9d8f", @ANYRES16=r3, @ANYBLOB="200828bd7000fddbdf250a000000050029000000000005002d000000000008000b000100008008002b0003000000"], 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x484c0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))
r5 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f00000001c0)={0x0, 0x0, 0x43})
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000000)={0x0, 0xb}, 0x8)
r6 = socket$inet6(0xa, 0x5, 0x0)
listen(r6, 0x50)
r7 = socket$netlink(0x10, 0x3, 0x4)
clock_gettime(0x0, &(0x7f0000000600)={<r8=>0x0, <r9=>0x0})
nanosleep(&(0x7f0000000640)={r8, r9+10000000}, &(0x7f0000000680))
writev(r7, &(0x7f00000002c0)=[{&(0x7f00000001c0)="4800000014001d0d09074beafd0d8c560284606088ffe0064e204e20590000a2bc5603ca00000f7f8907000020008d42188fedc22e6ee11ac3439693b948e142ff0000000309ff5b", 0x48}], 0x1)
r10 = socket$nl_route(0x10, 0x3, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r11=>0xffffffffffffffff}, 0x4000)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000002c0)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6}}}, &(0x7f00000003c0)=0xe8)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x2, &(0x7f0000000840)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r11, @ANYBLOB="3d39c47e57b0917734505d252d2929", @ANYRESHEX=r1, @ANYBLOB=',aname=\x00,subj_user=GPL\x00,measure,smackfshat=},fscontext=system_u,smackfsfloor=\\@,uid<', @ANYRESDEC=r12, @ANYBLOB=',subj_user=\x00,\x00'])
r13 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000c80)={'lo\x00', <r14=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@newqdisc={0xa8, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r14, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x1, 0x100, 0x8, 0x4, 0x5cd, 0x3, 0x5, 0x100, 0x9}}}}, @TCA_STAB={0x50, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}, {{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, {0xc, 0x2, [0x0, 0x0, 0x0, 0x0]}}]}]}, 0xa8}}, 0x0)

146.254049ms ago: executing program 1 (id=2775):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x8001ff, 0x2)
r4 = dup(r3)
ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000001340)={0x80, 0x6, 0x0, 0x0, 0x0, 0xffec, 0x0})

94.913013ms ago: executing program 2 (id=2776):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x74000000)

94.608153ms ago: executing program 2 (id=2777):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r2 = fsopen(&(0x7f00000006c0)='msdos\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f00000004c0)='(&\x00', &(0x7f00000001c0)='\x00', 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x20, 0x2b, 0x9, 0x0, 0x0, {0x3}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee00}]}]}, 0x20}}, 0x0)
r4 = dup2(r0, r1)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$P9_RGETLOCK(r4, &(0x7f0000000140)=ANY=[@ANYRESHEX], 0x2c)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x12, r5, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

94.034193ms ago: executing program 1 (id=2778):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
fcntl$setstatus(r1, 0x4, 0x42000)
syz_emit_ethernet(0x76, &(0x7f00000001c0)={@link_local, @random="86082b9827c1", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb3e02", 0x40, 0x3a, 0x0, @private2, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "0200", 0x0, 0x11, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, [@dstopts={0x0, 0x0, '\x00', [@pad1]}]}}}}}}}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x92, 0x8, &(0x7f0000000340)="02549a095b1c0371944c3317e1683fd2114b3ddd3fdcf807012956ed7cae3910df1ca63ebfb7f4d453642996b984200a25c9467cea6109c24757755d8ee7956687103060b6f93661f6fe845d105894f2f80e292d303d66197eb8e15bb3a1075ec62a37c261004810c0da2c0b666418c15d451fac93cb7c8be241748b3bd87057c45a42a209242f3db19ee1dc493a7e958062", &(0x7f0000000180)=""/8, 0xfff, 0x0, 0xaf, 0x4e, &(0x7f00000004c0)="4bd7f718e6be253a11541b8d2ee06cf55f969e43f07292b21f1b3ae247266894439b064bdf0d2b52dce55085a939f1734bd3adfe1600679ff34509cb80e702fd1d371ccbe374ecd0131cfc8e09e48b5ebab16964c69b8bf21488efc5a2ad289cd1dd35d9c7d07f5c3b25949e7e6f5d7b7a38e7fd728a7952af13e008843ecd11f83bd417aeb463c75f5d88889158b29a9fa0483454441b685787c3b845ca1c94e391ab13c5bbec6ae62a4b4e688546", &(0x7f0000000580)="5167e653db581234846869cd0587734fc146a38ddcf0fd8946ed34fbf7c41add4b6820ba11e8c1f3db4b732db2099bc3caf2f3d10fec348b62a28a60d5ad10e45d7deaecdd0c86f9c507d5395200", 0x3, 0x0, 0x7}, 0x50)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r5, 0xc5594286d776c8c5}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r5}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x9d}]}}}]}, 0x44}}, 0x0)
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x5e13, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty}}}], 0x20, 0x74}}], 0x1, 0x0)
open(0x0, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000100)='oom_score_adj\x00')
write$cgroup_int(r6, &(0x7f0000000040), 0x12)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$SO_COOKIE(r7, 0x1, 0x2f, &(0x7f0000000080), &(0x7f00000000c0)=0x8)

93.853833ms ago: executing program 2 (id=2779):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x6c, &(0x7f00000010c0)=""/4111, &(0x7f0000000000)=0x100f)

53.796706ms ago: executing program 2 (id=2780):
r0 = socket(0x15, 0x5, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
getsockopt(r0, 0x200000000114, 0x2721, 0x0, &(0x7f0000000000))

53.601796ms ago: executing program 3 (id=2702):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90)
r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x111}}, 0x20)
shutdown(0xffffffffffffffff, 0x1)
creat(&(0x7f0000000380)='./bus\x00', 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x10, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
ftruncate(r1, 0x81fd)
semctl$SEM_INFO(0x0, 0x0, 0x13, &(0x7f0000001a40)=""/138)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x3, 0x0, 0x8000)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x85, &(0x7f0000003140)=""/4111, &(0x7f0000000000)=0x100f)
write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f0000000300)={0x5, 0x10, 0xfa00, {&(0x7f0000000080)}}, 0x18)

53.365026ms ago: executing program 2 (id=2781):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0xb00, @private}, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x12)

52.189676ms ago: executing program 0 (id=2782):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000200)={0x7, &(0x7f0000000000)=[{0x73, 0x20, 0xa1, 0x5b}, {0x8, 0x3f, 0x3, 0x2}, {0x8, 0x9, 0x4, 0x2}, {0xd5c, 0x3, 0xf6, 0x200}, {0x0, 0x2, 0x0, 0x7}, {0x5, 0x5, 0x3f, 0x1}, {0x1, 0x0, 0x1f, 0x14}]})
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24}, 0x1c)
listen(r0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000080)={@in6={{0xa, 0xfffc, 0x0, @loopback}}, 0x0, 0x0, 0x6, 0x0, "9ecf3315567f14d56a87d134cc409e2a652dbbf6c50480937c6fa85af81bc6fc54b71f039802572c070000007692efcda8853b8a4430503621f06679995d916cb4361795dd7dbae51d07384b7c2e6949"}, 0xd8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
clock_nanosleep(0x0, 0x0, 0x0, 0xfffffffffffffffe)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r3, &(0x7f0000000000)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000100))
r4 = syz_open_pts(r3, 0x82101)
r5 = dup3(r4, r3, 0x0)
writev(r5, &(0x7f0000001680)=[{&(0x7f0000001280)='7', 0x1}], 0x1)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e14060ec00000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000000c0), &(0x7f00000001c0)=0x4)
write$UHID_CREATE2(r7, &(0x7f00000001c0)=ANY=[], 0x118)
getsockopt$llc_int(r6, 0x10c, 0x2, 0x0, &(0x7f0000000000))

758.57µs ago: executing program 1 (id=2783):
mlockall(0x3)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x22, 0x0, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(0xffffffffffffffff, &(0x7f0000000080)={0x14, 0x88, 0xfa00, {r2, 0x1c, 0x0, @in6={0xa, 0x0, 0x400, @mcast2, 0x400000}}}, 0x90)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x10003, 0x0)
read(0xffffffffffffffff, &(0x7f0000000140)=""/173, 0xad)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000280)=ANY=[], 0x10034)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000380)=ANY=[], 0x118)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x12, r3, 0x0)
shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0x0)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x11)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0x20442, 0x0)
write$P9_RVERSION(r4, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r5, 0x4bfb, &(0x7f0000000000))
timerfd_settime(0xffffffffffffffff, 0x2, &(0x7f0000000340), &(0x7f0000000380))
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='io_uring_cqring_wait\x00'}, 0x10)
syz_io_uring_setup(0x32f6, &(0x7f0000000480)={0x0, 0x0, 0x400, 0x800000, 0x1ac}, &(0x7f0000000100), &(0x7f0000000200))
timer_create(0x6, &(0x7f0000000240)={0x0, 0x1f, 0x1, @thr={&(0x7f0000000680)="400bf6790839126c78d0f460a1178315995500c1bf60aae7df4bbd6e5c38219a87da8d30b51a40071489756d05f473b14fd44dde00ad169d7a95f506382168b1a175f802fc6ee967fe01b0ef2a414b40632cbc74309f5afb51319e12b071441d692fe1b73f15282580c50dd060d45154810a87f6fdc8fe705a095285f92685fa7c543d251eca190133190db04d923966d8f74ea11ada6fc2883433bd5d32e7e9cba3cc61a217013f73035bea159dfffe1655c8045a98391032fd1b929857f16009f5fe2566e71a48f22234e6e017d3d3e6f0734ab599a6a08667c14e3edbc35aae1810c20565c5c37940099519814fd2113835fc2933618b7ad7efd8c3fcd520201aac2545bead260e977b99535337d3fe614d90094ed31acd77", &(0x7f0000000600)="2207cb9a666d614d17f6a45888d5ddcfb7e575334f40a60126c726870e23cb1bccc60c02517b873feb2e8792e7fb50209f6e4817c7a94d35acef4dbba5d8bb14fb7701e719d9f4324a3bc231cb4bd956f1c7ae225584f68971b0f93e5f28df907acf8b68c34c2cf754d392b026"}}, &(0x7f0000000000))
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0)
syz_emit_ethernet(0x1aa, &(0x7f0000000500)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0081000020010000000000000000000000000002ff4200000000000000000000000000012a0a0101c0f8e3ed590a82ee170a478edd3a7ea9f0b4e450b197edba4b877b11a109255ec56595998270871cf30529fa5fc7b1191f1967fb1e63cdb9e27fe700d6f45b174df2b8232a44ec77b8a5acb53aa15f45f04ba4d3a95c76cbf8fcc648db782319b2c01125b53e0e063bfccdc6e9c8526470df36604c3b477ed68d6e9643843c1b1769ae2feb2bf1af101872ea16bd61"], 0x0)

0s ago: executing program 2 (id=2784):
shutdown(0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003f00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x10002, 0x0)
ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_open_dev$vcsu(&(0x7f0000000040), 0x3, 0x2002)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000080)={0x9, 0x50000000, 0x8000000, 0xac6, 0x8})
r2 = socket(0x200000100000011, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
shutdown(r4, 0x0)
recvmmsg(r4, &(0x7f0000003f00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x10002, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000140)={'vcan0\x00', <r5=>0x0})
r6 = socket$l2tp6(0xa, 0x2, 0x73)
shutdown(r6, 0x0)
recvmmsg(r6, &(0x7f0000003f00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x10002, 0x0)
r7 = dup2(r0, r6)
getsockopt$TIPC_SOCK_RECVQ_DEPTH(r2, 0x10f, 0x84, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
r8 = socket(0x200000100000011, 0x3, 0xfffffffc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
socket$l2tp6(0xa, 0x2, 0x73)
bind$packet(r8, &(0x7f0000000180)={0x11, 0x7, r5, 0x1, 0x2, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}}, 0x14)
r9 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'lo\x00', <r11=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=ANY=[@ANYBLOB="340f905db6144ac0e600000000000064e86c0a3a", @ANYRES32=r11, @ANYBLOB="000000000000000014001680100001800c00090056f1ffff00000000"], 0x34}}, 0x0)
clock_gettime(0x0, &(0x7f00000005c0)={<r12=>0x0, <r13=>0x0})
sendmsg$can_bcm(r8, &(0x7f00000006c0)={&(0x7f0000000380)={0x1d, r11}, 0x10, &(0x7f0000000680)={&(0x7f0000000600)=ANY=[@ANYBLOB="06000000000800000900000000000000", @ANYRES64=r12, @ANYRES64=r13/1000+60000, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="040000c001000000020000201e0200008b24638ab8d3137f3d5ac3213d14022e5b2119f81ec1ebc9b74df85f07da5d4459c8b7babfc10176c3f94284b9dfd5177c5a07c4e22bc84cf5ea8c08dfb3ca3c"], 0x80}, 0x1, 0x0, 0x0, 0x4008081}, 0xc040)
getsockopt$inet_mreqn(r7, 0x0, 0x23, &(0x7f00000001c0)={@local, @private}, &(0x7f0000000200)=0xc)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000000340)={'tunl0\x00', &(0x7f0000000280)={'erspan0\x00', 0x0, 0x8, 0x20, 0x0, 0xffffffff, {{0x5, 0x4, 0x0, 0x0, 0x14, 0xfffe, 0x0, 0x0, 0x0, 0x0, @rand_addr, @empty}}}})

kernel console output (not intermixed with test programs):

=syz.3.2006
[  129.602284][ T9827] loop3: detected capacity change from 0 to 512
[  129.619896][ T9827] ext4: Bad value for 'max_dir_size_kb'
[  129.768828][ T9835] loop4: detected capacity change from 0 to 764
[  129.789491][ T9836] netlink: 'syz.3.2008': attribute type 10 has an invalid length.
[  129.811988][ T9835] Symlink component flag not implemented
[  129.817732][ T9835] Symlink component flag not implemented
[  129.851637][ T9835] Symlink component flag not implemented (129)
[  129.857905][ T9835] Symlink component flag not implemented (6)
[  129.971567][ T9844] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2012'.
[  129.980660][ T9844] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2012'.
[  130.074834][ T9856] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9856 comm=syz.2.2018
[  130.102839][ T9856] loop2: detected capacity change from 0 to 512
[  130.126500][ T9856] ext4: Bad value for 'max_dir_size_kb'
[  130.168313][ T9863] netlink: 'syz.1.2019': attribute type 10 has an invalid length.
[  130.201637][ T9863] bond0: (slave netdevsim1): Releasing backup interface
[  130.220402][ T9863] team0: Port device netdevsim1 added
[  130.231702][ T9868] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2023'.
[  130.240762][ T9868] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2023'.
[  130.279721][ T9873] netlink: 'syz.1.2019': attribute type 10 has an invalid length.
[  130.302787][ T9873] team0: Port device netdevsim1 removed
[  130.328346][ T9873] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  130.433510][ T9891] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9891 comm=syz.4.2032
[  130.446272][ T9892] netlink: 'syz.3.2030': attribute type 10 has an invalid length.
[  130.466454][ T9891] loop4: detected capacity change from 0 to 512
[  130.488543][ T9891] ext4: Bad value for 'max_dir_size_kb'
[  130.514518][ T9899] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2034'.
[  130.523593][ T9899] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2034'.
[  130.610337][ T9913] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2040'.
[  130.643963][ T9914] loop2: detected capacity change from 0 to 1024
[  130.660103][ T9914] EXT4-fs: Ignoring removed nobh option
[  130.730248][ T9914] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.775426][ T9940] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9940 comm=syz.0.2050
[  130.801189][ T9940] loop0: detected capacity change from 0 to 512
[  130.808042][ T9940] ext4: Bad value for 'max_dir_size_kb'
[  130.854968][ T9961] 9pnet_fd: Insufficient options for proto=fd
[  130.895739][ T9971] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  131.204175][T10007] FAULT_INJECTION: forcing a failure.
[  131.204175][T10007] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  131.217518][T10007] CPU: 0 PID: 10007 Comm: syz.3.2073 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  131.227950][T10007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  131.238075][T10007] Call Trace:
[  131.241363][T10007]  <TASK>
[  131.244306][T10007]  dump_stack_lvl+0xf2/0x150
[  131.248923][T10007]  dump_stack+0x15/0x20
[  131.253099][T10007]  should_fail_ex+0x229/0x230
[  131.257871][T10007]  __should_fail_alloc_page+0xfd/0x110
[  131.263428][T10007]  __alloc_pages_noprof+0x109/0x360
[  131.268734][T10007]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  131.274212][T10007]  shmem_get_folio_gfp+0x3e4/0xb70
[  131.279363][T10007]  shmem_write_begin+0xa0/0x1c0
[  131.284245][T10007]  generic_perform_write+0x1d5/0x410
[  131.290392][T10007]  ? __pfx_shmem_write_end+0x10/0x10
[  131.295715][T10007]  shmem_file_write_iter+0xc8/0xf0
[  131.300865][T10007]  vfs_write+0x78f/0x900
[  131.305123][T10007]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  131.310956][T10007]  ksys_write+0xeb/0x1b0
[  131.315227][T10007]  __x64_sys_write+0x42/0x50
[  131.319870][T10007]  x64_sys_call+0x27ef/0x2d70
[  131.324577][T10007]  do_syscall_64+0xc9/0x1c0
[  131.329159][T10007]  ? clear_bhb_loop+0x55/0xb0
[  131.333905][T10007]  ? clear_bhb_loop+0x55/0xb0
[  131.338677][T10007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.344598][T10007] RIP: 0033:0x7faed9a8275f
[  131.349032][T10007] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  131.368688][T10007] RSP: 002b:00007faed8d04e00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  131.377128][T10007] RAX: ffffffffffffffda RBX: 0000000000010000 RCX: 00007faed9a8275f
[  131.385123][T10007] RDX: 0000000000010000 RSI: 00007faed08e5000 RDI: 0000000000000006
[  131.393112][T10007] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000033f
[  131.401100][T10007] R10: 0000000020000e42 R11: 0000000000000293 R12: 0000000000000006
[  131.409084][T10007] R13: 00007faed8d04f00 R14: 00007faed8d04ec0 R15: 00007faed08e5000
[  131.417137][T10007]  </TASK>
[  131.436639][ T8739] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.498272][T10026] loop2: detected capacity change from 0 to 128
[  131.506771][T10026] EXT4-fs: Ignoring removed nomblk_io_submit option
[  131.515502][T10026] EXT4-fs: Ignoring removed mblk_io_submit option
[  131.524232][T10026] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  131.551364][T10026] ext4 filesystem being mounted at /60/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  131.613050][ T8739] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  131.738611][T10054] loop2: detected capacity change from 0 to 128
[  131.748591][T10057] loop1: detected capacity change from 0 to 512
[  131.774393][T10057] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.796111][T10057] ext4 filesystem being mounted at /441/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.808895][T10057] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.860127][T10073] loop2: detected capacity change from 0 to 128
[  131.866628][T10073] EXT4-fs: Ignoring removed nomblk_io_submit option
[  131.873369][T10073] EXT4-fs: Ignoring removed mblk_io_submit option
[  131.886013][T10074] loop4: detected capacity change from 0 to 1024
[  131.887884][T10071] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  131.895422][T10074] EXT4-fs: Ignoring removed nobh option
[  131.908285][T10074] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  131.908487][T10073] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  131.935001][T10073] ext4 filesystem being mounted at /65/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  131.970277][T10074] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #11: comm syz.4.2092: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  131.994692][T10074] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.2092: couldn't read orphan inode 11 (err -117)
[  132.007478][T10074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.009136][ T8739] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  132.023487][T10074] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.2092: Invalid block bitmap block 0 in block_group 0
[  132.043564][T10074] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz.4.2092: Failed to acquire dquot type 0
[  132.056961][T10074] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  132.090692][T10096] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2098'.
[  132.387181][T10118] loop3: detected capacity change from 0 to 128
[  132.394069][T10118] EXT4-fs: Ignoring removed nomblk_io_submit option
[  132.400963][T10118] EXT4-fs: Ignoring removed mblk_io_submit option
[  132.409021][T10118] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  132.422810][T10118] ext4 filesystem being mounted at /305/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  132.465513][ T4976] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  132.466021][T10123] loop2: detected capacity change from 0 to 512
[  132.481207][T10123] EXT4-fs: Ignoring removed nomblk_io_submit option
[  132.487836][T10123] ext4: Bad value for 'inode_readahead_blks'
[  132.546951][T10127] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10127 comm=syz.3.2116
[  132.562923][T10127] loop3: detected capacity change from 0 to 512
[  132.569924][T10127] ext4: Bad value for 'max_dir_size_kb'
[  132.658670][ T3436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.725101][T10142] loop4: detected capacity change from 0 to 1024
[  132.732681][T10142] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  132.823761][T10152] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10152 comm=syz.4.2127
[  132.831770][T10155] loop1: detected capacity change from 0 to 128
[  132.853044][T10152] loop4: detected capacity change from 0 to 512
[  132.853531][T10155] EXT4-fs: Ignoring removed nomblk_io_submit option
[  132.863940][T10152] ext4: Bad value for 'max_dir_size_kb'
[  132.878775][T10155] EXT4-fs: Ignoring removed mblk_io_submit option
[  132.887125][T10155] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  132.900589][T10155] ext4 filesystem being mounted at /444/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  132.947705][ T3418] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  132.967825][T10157] syzkaller0: entered promiscuous mode
[  132.973523][T10157] syzkaller0: entered allmulticast mode
[  133.132593][T10174] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  133.142967][T10174] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.221119][T10174] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  133.231588][T10174] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.259437][T10192] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10192 comm=syz.4.2142
[  133.294024][T10192] loop4: detected capacity change from 0 to 512
[  133.309980][T10192] ext4: Bad value for 'max_dir_size_kb'
[  133.341337][T10174] bond0: (slave netdevsim1): Releasing backup interface
[  133.352917][T10174] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  133.363288][T10174] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.395403][T10195] loop4: detected capacity change from 0 to 1024
[  133.412621][T10195] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.441228][T10174] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  133.451615][T10174] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.504999][T10174] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  133.513510][T10174] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  133.533341][T10174] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  133.541643][T10174] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  133.555716][ T3436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.558501][T10174] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  133.573030][T10174] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  133.588360][T10174] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  133.596793][T10174] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  133.638582][T10212] FAULT_INJECTION: forcing a failure.
[  133.638582][T10212] name failslab, interval 1, probability 0, space 0, times 0
[  133.651363][T10212] CPU: 0 PID: 10212 Comm: syz.1.2150 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  133.661546][T10212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  133.671673][T10212] Call Trace:
[  133.674965][T10212]  <TASK>
[  133.677896][T10212]  dump_stack_lvl+0xf2/0x150
[  133.682504][T10212]  dump_stack+0x15/0x20
[  133.686690][T10212]  should_fail_ex+0x229/0x230
[  133.691389][T10212]  ? anon_vma_fork+0x12c/0x2d0
[  133.696203][T10212]  __should_failslab+0x92/0xa0
[  133.700978][T10212]  should_failslab+0x9/0x20
[  133.705550][T10212]  kmem_cache_alloc_noprof+0x4c/0x290
[  133.711022][T10212]  anon_vma_fork+0x12c/0x2d0
[  133.715627][T10212]  copy_mm+0x71a/0x11d0
[  133.719830][T10212]  copy_process+0xee1/0x1f90
[  133.724462][T10212]  kernel_clone+0x16a/0x570
[  133.728972][T10212]  __x64_sys_clone+0xe8/0x120
[  133.733733][T10212]  x64_sys_call+0x23e7/0x2d70
[  133.738422][T10212]  do_syscall_64+0xc9/0x1c0
[  133.743000][T10212]  ? clear_bhb_loop+0x55/0xb0
[  133.747686][T10212]  ? clear_bhb_loop+0x55/0xb0
[  133.752525][T10212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.758466][T10212] RIP: 0033:0x7f5692a83bd9
[  133.762994][T10212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.782628][T10212] RSP: 002b:00007f5691d04ff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  133.791065][T10212] RAX: ffffffffffffffda RBX: 00007f5692c11f60 RCX: 00007f5692a83bd9
[  133.799157][T10212] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  133.807128][T10212] RBP: 00007f5691d050a0 R08: 0000000000000000 R09: 0000000000000000
[  133.815098][T10212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  133.823070][T10212] R13: 000000000000000b R14: 00007f5692c11f60 R15: 00007ffd74aece98
[  133.831046][T10212]  </TASK>
[  133.855983][T10219] 9pnet: p9_errstr2errno: server reported unknown error 
[  133.950229][T10234] validate_nla: 5 callbacks suppressed
[  133.950317][T10234] netlink: 'syz.4.2154': attribute type 10 has an invalid length.
[  134.147267][T10249] loop4: detected capacity change from 0 to 512
[  134.162272][T10249] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.175051][T10249] ext4 filesystem being mounted at /491/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.402800][ T3436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.511139][T10268] FAULT_INJECTION: forcing a failure.
[  134.511139][T10268] name failslab, interval 1, probability 0, space 0, times 0
[  134.523827][T10268] CPU: 0 PID: 10268 Comm: syz.4.2168 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  134.533982][T10268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  134.544044][T10268] Call Trace:
[  134.547321][T10268]  <TASK>
[  134.550251][T10268]  dump_stack_lvl+0xf2/0x150
[  134.554859][T10268]  dump_stack+0x15/0x20
[  134.559038][T10268]  should_fail_ex+0x229/0x230
[  134.563934][T10268]  ? kvmalloc_node_noprof+0x72/0x170
[  134.569242][T10268]  __should_failslab+0x92/0xa0
[  134.574186][T10268]  should_failslab+0x9/0x20
[  134.578745][T10268]  __kmalloc_node_noprof+0xa8/0x380
[  134.584010][T10268]  kvmalloc_node_noprof+0x72/0x170
[  134.589133][T10268]  alloc_fdtable+0xa2/0x190
[  134.593678][T10268]  dup_fd+0x53f/0x690
[  134.597713][T10268]  copy_files+0xc1/0x130
[  134.602018][T10268]  copy_process+0xe45/0x1f90
[  134.606712][T10268]  kernel_clone+0x16a/0x570
[  134.611310][T10268]  __se_sys_clone3+0x1b5/0x1f0
[  134.616168][T10268]  __x64_sys_clone3+0x31/0x40
[  134.620854][T10268]  x64_sys_call+0x28df/0x2d70
[  134.625605][T10268]  do_syscall_64+0xc9/0x1c0
[  134.630169][T10268]  ? clear_bhb_loop+0x55/0xb0
[  134.634856][T10268]  ? clear_bhb_loop+0x55/0xb0
[  134.639589][T10268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.645491][T10268] RIP: 0033:0x7fc7a3d10bd9
[  134.649969][T10268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.669681][T10268] RSP: 002b:00007fc7a2f91f18 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  134.678120][T10268] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fc7a3d10bd9
[  134.686118][T10268] RDX: 00007fc7a2f91f30 RSI: 0000000000000058 RDI: 00007fc7a2f91f30
[  134.694092][T10268] RBP: 00007fc7a2f920a0 R08: 0000000000000000 R09: 0000000000000058
[  134.702136][T10268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.710116][T10268] R13: 000000000000000b R14: 00007fc7a3e9ef60 R15: 00007ffe52461368
[  134.718130][T10268]  </TASK>
[  134.744084][T10273] sg_write: data in/out 157/14 bytes for SCSI command 0x0-- guessing data in;
[  134.744084][T10273]    program syz.4.2170 not setting count and/or reply_len properly
[  134.761120][T10273] FAULT_INJECTION: forcing a failure.
[  134.761120][T10273] name failslab, interval 1, probability 0, space 0, times 0
[  134.773851][T10273] CPU: 1 PID: 10273 Comm: syz.4.2170 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  134.784006][T10273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  134.794133][T10273] Call Trace:
[  134.797416][T10273]  <TASK>
[  134.800391][T10273]  dump_stack_lvl+0xf2/0x150
[  134.805071][T10273]  dump_stack+0x15/0x20
[  134.809251][T10273]  should_fail_ex+0x229/0x230
[  134.813942][T10273]  ? bio_kmalloc+0x43/0x50
[  134.818430][T10273]  __should_failslab+0x92/0xa0
[  134.823308][T10273]  should_failslab+0x9/0x20
[  134.827831][T10273]  __kmalloc_noprof+0xa5/0x370
[  134.832612][T10273]  bio_kmalloc+0x43/0x50
[  134.836861][T10273]  blk_rq_map_user_iov+0xc89/0x1c20
[  134.842137][T10273]  ? __pfx_autoremove_wake_function+0x10/0x10
[  134.848234][T10273]  ? __perf_event_task_sched_in+0x7c4/0x7f0
[  134.854230][T10273]  ? import_ubuf+0xe9/0x120
[  134.858820][T10273]  blk_rq_map_user_io+0x193/0x260
[  134.863872][T10273]  ? tracing_record_taskinfo_sched_switch+0x6f/0x270
[  134.870558][T10273]  ? _raw_spin_unlock+0x26/0x50
[  134.875419][T10273]  ? __schedule+0x5e8/0x940
[  134.879939][T10273]  ? sg_link_reserve+0x118/0x140
[  134.884924][T10273]  sg_common_write+0x823/0x8e0
[  134.889751][T10273]  sg_write+0x69e/0x710
[  134.893935][T10273]  ? __pfx_sg_write+0x10/0x10
[  134.898657][T10273]  vfs_write+0x28b/0x900
[  134.902955][T10273]  ? __fget_files+0x1da/0x210
[  134.907808][T10273]  ksys_write+0xeb/0x1b0
[  134.912065][T10273]  __x64_sys_write+0x42/0x50
[  134.916681][T10273]  x64_sys_call+0x27ef/0x2d70
[  134.921368][T10273]  do_syscall_64+0xc9/0x1c0
[  134.926040][T10273]  ? clear_bhb_loop+0x55/0xb0
[  134.930792][T10273]  ? clear_bhb_loop+0x55/0xb0
[  134.935496][T10273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.941490][T10273] RIP: 0033:0x7fc7a3d10bd9
[  134.945998][T10273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.965697][T10273] RSP: 002b:00007fc7a2f92048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  134.974186][T10273] RAX: ffffffffffffffda RBX: 00007fc7a3e9ef60 RCX: 00007fc7a3d10bd9
[  134.982222][T10273] RDX: 0000000000000038 RSI: 0000000020000440 RDI: 0000000000000005
[  134.990788][T10273] RBP: 00007fc7a2f920a0 R08: 0000000000000000 R09: 0000000000000000
[  134.998906][T10273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  135.006974][T10273] R13: 000000000000000b R14: 00007fc7a3e9ef60 R15: 00007ffe52461368
[  135.014979][T10273]  </TASK>
[  135.051579][T10276] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10276 comm=syz.3.2172
[  135.063881][T10280] loop1: detected capacity change from 0 to 512
[  135.068188][T10276] loop3: detected capacity change from 0 to 512
[  135.074180][T10283] loop4: detected capacity change from 0 to 512
[  135.083242][T10276] ext4: Bad value for 'max_dir_size_kb'
[  135.089500][T10286] netlink: 'syz.2.2171': attribute type 10 has an invalid length.
[  135.101491][T10280] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.114127][T10280] ext4 filesystem being mounted at /450/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.130658][T10290] __nla_validate_parse: 4 callbacks suppressed
[  135.130675][T10290] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2175'.
[  135.152467][ T3418] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.270165][T10303] FAULT_INJECTION: forcing a failure.
[  135.270165][T10303] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  135.283472][T10303] CPU: 0 PID: 10303 Comm: syz.4.2181 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  135.293662][T10303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  135.303746][T10303] Call Trace:
[  135.306191][T10307] loop1: detected capacity change from 0 to 256
[  135.307027][T10303]  <TASK>
[  135.307037][T10303]  dump_stack_lvl+0xf2/0x150
[  135.320795][T10303]  dump_stack+0x15/0x20
[  135.324965][T10303]  should_fail_ex+0x229/0x230
[  135.329675][T10303]  __should_fail_alloc_page+0xfd/0x110
[  135.335155][T10303]  __alloc_pages_noprof+0x109/0x360
[  135.340362][T10303]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  135.345749][T10303]  alloc_pages_noprof+0xe1/0x100
[  135.350700][T10303]  pte_alloc_one+0x32/0xf0
[  135.355138][T10303]  __pte_alloc+0x33/0x270
[  135.359576][T10303]  copy_page_range+0x32bf/0x37e0
[  135.364528][T10303]  ? mas_wr_walk_descend+0x359/0x410
[  135.369824][T10303]  ? mas_wr_end_piv+0x15f/0x480
[  135.374698][T10303]  copy_mm+0xa0a/0x11d0
[  135.378891][T10303]  copy_process+0xee1/0x1f90
[  135.383526][T10303]  kernel_clone+0x16a/0x570
[  135.388034][T10303]  __x64_sys_clone+0xe8/0x120
[  135.392722][T10303]  x64_sys_call+0x23e7/0x2d70
[  135.398019][T10303]  do_syscall_64+0xc9/0x1c0
[  135.402537][T10303]  ? clear_bhb_loop+0x55/0xb0
[  135.407315][T10303]  ? clear_bhb_loop+0x55/0xb0
[  135.412004][T10303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.417914][T10303] RIP: 0033:0x7fc7a3d10bd9
[  135.422336][T10303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.441956][T10303] RSP: 002b:00007fc7a2f91ff8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  135.450404][T10303] RAX: ffffffffffffffda RBX: 00007fc7a3e9ef60 RCX: 00007fc7a3d10bd9
[  135.458378][T10303] RDX: 0000000020000500 RSI: 0000000000000000 RDI: 0000000000100000
[  135.466355][T10303] RBP: 00007fc7a2f920a0 R08: 0000000000000000 R09: 0000000000000000
[  135.474331][T10303] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  135.482394][T10303] R13: 000000000000000b R14: 00007fc7a3e9ef60 R15: 00007ffe52461368
[  135.490548][T10303]  </TASK>
[  135.500351][T10307] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  135.518289][T10307] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  135.546522][T10318] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10318 comm=syz.0.2187
[  135.549076][T10317] loop4: detected capacity change from 0 to 1024
[  135.568408][T10318] loop0: detected capacity change from 0 to 512
[  135.575192][T10318] ext4: Bad value for 'max_dir_size_kb'
[  135.579267][T10307] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2183'.
[  135.584311][T10317] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.610764][ T3436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.676435][   T29] kauditd_printk_skb: 103 callbacks suppressed
[  135.676449][   T29] audit: type=1400 audit(1720231559.362:1202): avc:  denied  { cmd } for  pid=10323 comm="syz.0.2189" path="socket:[30576]" dev="sockfs" ino=30576 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  135.728742][T10328] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2190'.
[  135.775574][T10339] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  135.830582][T10349] loop4: detected capacity change from 0 to 256
[  135.837422][T10349] FAT-fs (loop4): Unrecognized mount option "errs=remount-ro" or missing value
[  135.867454][T10353] loop1: detected capacity change from 0 to 512
[  135.876001][T10353] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  135.885139][T10353] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[  135.894738][T10353] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2199: bg 0: block 18: invalid block bitmap
[  135.908419][T10353] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  135.917444][T10353] EXT4-fs (loop1): 1 truncate cleaned up
[  135.923446][T10353] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.935944][T10353] ext2 filesystem being mounted at /457/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.953631][T10359] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10359 comm=syz.2.2201
[  135.969148][ T3418] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.969251][T10359] loop2: detected capacity change from 0 to 512
[  135.984875][T10359] ext4: Bad value for 'max_dir_size_kb'
[  136.073208][T10362] loop3: detected capacity change from 0 to 512
[  136.080062][T10362] EXT4-fs: Ignoring removed i_version option
[  136.086137][T10362] EXT4-fs: Ignoring removed nobh option
[  136.095274][T10362] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  136.132692][T10362] EXT4-fs (loop3): 1 truncate cleaned up
[  136.148873][T10371] netlink: 'syz.0.2206': attribute type 10 has an invalid length.
[  136.157966][T10362] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.174039][T10371] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  136.202819][   T29] audit: type=1400 audit(1720231559.892:1203): avc:  denied  { mounton } for  pid=10361 comm="syz.3.2203" path="/328/bus/bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  136.227741][T10371] batman_adv: batadv0: Removing interface: batadv_slave_0
[  136.252628][T10371] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  136.279979][T10362] loop3: detected capacity change from 512 to 0
[  136.289390][T10376] syz.3.2203: attempt to access beyond end of device
[  136.289390][T10376] loop3: rw=524288, sector=12, nr_sectors = 2 limit=0
[  136.314727][T10376] syz.3.2203: attempt to access beyond end of device
[  136.314727][T10376] loop3: rw=524288, sector=14, nr_sectors = 2 limit=0
[  136.329955][T10376] syz.3.2203: attempt to access beyond end of device
[  136.329955][T10376] loop3: rw=524288, sector=18, nr_sectors = 2 limit=0
[  136.349732][T10376] syz.3.2203: attempt to access beyond end of device
[  136.349732][T10376] loop3: rw=12288, sector=16, nr_sectors = 2 limit=0
[  136.395479][T10376] EXT4-fs error (device loop3): ext4_get_inode_loc:4495: inode #16: block 8: comm syz.3.2203: unable to read itable block
[  136.408428][T10376] syz.3.2203: attempt to access beyond end of device
[  136.408428][T10376] loop3: rw=145409, sector=2, nr_sectors = 2 limit=0
[  136.411486][T10380] loop0: detected capacity change from 0 to 4096
[  136.421706][T10376] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[  136.421860][T10376] EXT4-fs (loop3): I/O error while writing superblock
[  136.443274][T10376] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5731: IO failure
[  136.452452][T10401] netlink: 'syz.2.2209': attribute type 10 has an invalid length.
[  136.461537][T10380] EXT4-fs: Ignoring removed nobh option
[  136.467118][T10380] EXT4-fs: Ignoring removed i_version option
[  136.473762][T10376] syz.3.2203: attempt to access beyond end of device
[  136.473762][T10376] loop3: rw=145409, sector=2, nr_sectors = 2 limit=0
[  136.487133][T10376] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[  136.502805][T10401] bond0: (slave netdevsim1): Releasing backup interface
[  136.514486][T10401] team0: Port device netdevsim1 added
[  136.520664][T10403] netlink: 'syz.2.2209': attribute type 10 has an invalid length.
[  136.520848][T10376] EXT4-fs (loop3): I/O error while writing superblock
[  136.535326][T10376] EXT4-fs error (device loop3): ext4_setattr:5330: inode #16: comm syz.3.2203: mark_inode_dirty error
[  136.547748][T10376] syz.3.2203: attempt to access beyond end of device
[  136.547748][T10376] loop3: rw=145409, sector=2, nr_sectors = 2 limit=0
[  136.548899][T10403] team0: Port device netdevsim1 removed
[  136.561121][T10376] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[  136.576472][T10376] EXT4-fs (loop3): I/O error while writing superblock
[  136.583870][T10380] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.596246][T10403] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  136.613774][ T4976] syz-executor: attempt to access beyond end of device
[  136.613774][ T4976] loop3: rw=12288, sector=26, nr_sectors = 2 limit=0
[  136.627667][ T4976] EXT4-fs error (device loop3): ext4_check_bdev_write_error:225: comm syz-executor: Error while async write back metadata
[  136.628518][ T5462] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.640989][ T4976] syz-executor: attempt to access beyond end of device
[  136.640989][ T4976] loop3: rw=145409, sector=2, nr_sectors = 2 limit=0
[  136.663384][ T4976] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[  136.672110][ T4976] EXT4-fs (loop3): I/O error while writing superblock
[  136.688522][ T4976] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.710406][ T4976] syz-executor: attempt to access beyond end of device
[  136.710406][ T4976] loop3: rw=145409, sector=2, nr_sectors = 2 limit=0
[  136.723927][ T4976] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[  136.754751][ T4976] EXT4-fs (loop3): I/O error while writing superblock
[  136.775255][T10408] loop0: detected capacity change from 0 to 512
[  136.809396][T10408] EXT4-fs (loop0): 1 truncate cleaned up
[  136.815563][T10408] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.840731][ T5462] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.921256][T10421] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10421 comm=syz.0.2215
[  136.953648][T10421] loop0: detected capacity change from 0 to 512
[  136.961370][T10427] loop1: detected capacity change from 0 to 2048
[  136.968501][T10421] ext4: Bad value for 'max_dir_size_kb'
[  136.990929][T10427] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.013595][T10438] netlink: 'syz.2.2223': attribute type 10 has an invalid length.
[  137.083430][T10438] bond0: (slave netdevsim1): Releasing backup interface
[  137.121289][T10438] team0: Port device netdevsim1 added
[  137.131780][T10448] loop0: detected capacity change from 0 to 736
[  137.144492][T10444] netlink: 'syz.2.2223': attribute type 10 has an invalid length.
[  137.180578][T10448] rock: directory entry would overflow storage
[  137.186857][T10448] rock: sig=0x3b10, size=4, remaining=3
[  137.202635][T10444] team0: Port device netdevsim1 removed
[  137.214841][T10444] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  137.249823][ T5978] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  137.284523][ T5978] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  137.296873][ T5978] EXT4-fs (loop1): This should not happen!! Data will be lost
[  137.296873][ T5978] 
[  137.306665][ T5978] EXT4-fs (loop1): Total free blocks count 0
[  137.312683][ T5978] EXT4-fs (loop1): Free/Dirty block details
[  137.318640][ T5978] EXT4-fs (loop1): free_blocks=2415919104
[  137.324390][ T5978] EXT4-fs (loop1): dirty_blocks=16
[  137.329508][ T5978] EXT4-fs (loop1): Block reservation details
[  137.335533][ T5978] EXT4-fs (loop1): i_reserved_data_blocks=1
[  137.355029][ T5978] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 10 with max blocks 2 with error 28
[  137.512819][T10477] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10477 comm=syz.1.2236
[  137.554965][T10451] chnl_net:caif_netlink_parms(): no params data found
[  137.569518][T10477] loop1: detected capacity change from 0 to 512
[  137.580761][T10477] ext4: Bad value for 'max_dir_size_kb'
[  137.584838][T10487] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2241'.
[  137.598924][T10491] loop4: detected capacity change from 0 to 128
[  137.613684][T10491] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  137.623443][T10497] loop2: detected capacity change from 0 to 512
[  137.633236][T10451] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.640493][T10451] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.641596][T10491] ext4 filesystem being mounted at /524/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  137.648751][T10451] bridge_slave_0: entered allmulticast mode
[  137.664638][T10451] bridge_slave_0: entered promiscuous mode
[  137.672191][T10451] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.679294][T10451] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.692464][   T29] audit: type=1400 audit(1720231561.372:1204): avc:  denied  { listen } for  pid=10496 comm="syz.2.2243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  137.693798][T10451] bridge_slave_1: entered allmulticast mode
[  137.720342][T10451] bridge_slave_1: entered promiscuous mode
[  137.739752][T10451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.756775][T10451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.772336][ T3436] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  137.797736][T10451] team0: Port device team_slave_0 added
[  137.804495][T10451] team0: Port device team_slave_1 added
[  137.829020][T10502] loop1: detected capacity change from 0 to 256
[  137.837209][T10451] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.844253][T10451] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.870326][T10451] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.881672][   T29] audit: type=1326 audit(1720231561.582:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.0.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb599337bd9 code=0x7fc00000
[  137.909836][T10451] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.916985][T10451] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.942985][T10451] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.971016][   T29] audit: type=1326 audit(1720231561.652:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.0.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb59932ec27 code=0x7fc00000
[  137.994774][   T29] audit: type=1326 audit(1720231561.652:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.0.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb5992d35c9 code=0x7fc00000
[  138.018681][   T29] audit: type=1326 audit(1720231561.652:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.0.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fb5992d368f code=0x7fc00000
[  138.042312][   T29] audit: type=1326 audit(1720231561.652:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10519 comm="syz.0.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fb599337bd9 code=0x7fc00000
[  138.067132][T10525] netlink: 'syz.4.2247': attribute type 10 has an invalid length.
[  138.087744][T10525] bond0: (slave netdevsim1): Releasing backup interface
[  138.108920][T10525] team0: Port device netdevsim1 added
[  138.120158][T10529] FAULT_INJECTION: forcing a failure.
[  138.120158][T10529] name failslab, interval 1, probability 0, space 0, times 0
[  138.132823][T10529] CPU: 0 PID: 10529 Comm: syz.1.2252 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  138.143035][T10529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  138.153103][T10529] Call Trace:
[  138.156394][T10529]  <TASK>
[  138.159334][T10529]  dump_stack_lvl+0xf2/0x150
[  138.163985][T10529]  dump_stack+0x15/0x20
[  138.168160][T10529]  should_fail_ex+0x229/0x230
[  138.172877][T10529]  ? vm_area_dup+0x2c/0x130
[  138.177410][T10529]  __should_failslab+0x92/0xa0
[  138.182341][T10529]  should_failslab+0x9/0x20
[  138.186872][T10529]  kmem_cache_alloc_noprof+0x4c/0x290
[  138.192346][T10529]  vm_area_dup+0x2c/0x130
[  138.196706][T10529]  copy_mm+0x6a5/0x11d0
[  138.200885][T10529]  copy_process+0xee1/0x1f90
[  138.205604][T10529]  kernel_clone+0x16a/0x570
[  138.210208][T10529]  __x64_sys_clone+0xe8/0x120
[  138.214964][T10529]  x64_sys_call+0x23e7/0x2d70
[  138.219766][T10529]  do_syscall_64+0xc9/0x1c0
[  138.224359][T10529]  ? clear_bhb_loop+0x55/0xb0
[  138.229148][T10529]  ? clear_bhb_loop+0x55/0xb0
[  138.233876][T10529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.239827][T10529] RIP: 0033:0x7f5692a83bd9
[  138.244346][T10529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.264107][T10529] RSP: 002b:00007f5691d04ff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  138.272616][T10529] RAX: ffffffffffffffda RBX: 00007f5692c11f60 RCX: 00007f5692a83bd9
[  138.280661][T10529] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  138.288716][T10529] RBP: 00007f5691d050a0 R08: 0000000000000000 R09: 0000000000000000
[  138.296696][T10529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  138.304674][T10529] R13: 000000000000000b R14: 00007f5692c11f60 R15: 00007ffd74aece98
[  138.312742][T10529]  </TASK>
[  138.316624][T10526] netlink: 'syz.4.2247': attribute type 10 has an invalid length.
[  138.342061][T10526] team0: Port device netdevsim1 removed
[  138.361182][T10526] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  138.374654][T10535] loop1: detected capacity change from 0 to 512
[  138.381347][T10533] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10533 comm=syz.2.2254
[  138.413623][T10451] hsr_slave_0: entered promiscuous mode
[  138.420286][T10451] hsr_slave_1: entered promiscuous mode
[  138.427188][T10535] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.441667][T10451] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  138.449222][T10451] Cannot create hsr debugfs directory
[  138.457483][T10533] loop2: detected capacity change from 0 to 512
[  138.467933][T10533] ext4: Bad value for 'max_dir_size_kb'
[  138.479031][T10535] ext4 filesystem being mounted at /465/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.506837][T10535] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2255'.
[  138.640533][ T8847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.681679][T10451] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.743503][T10451] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.768234][   T29] audit: type=1400 audit(1720231562.452:1210): avc:  denied  { watch watch_reads } for  pid=10556 comm="syz.4.2263" path="/530/file0" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  138.794688][T10570] loop4: detected capacity change from 0 to 256
[  138.801748][T10571] netlink: 'syz.0.2267': attribute type 10 has an invalid length.
[  138.812845][   T29] audit: type=1400 audit(1720231562.502:1211): avc:  denied  { mounton } for  pid=10556 comm="syz.4.2263" path="/530/file0" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  138.852188][T10451] bond0: (slave netdevsim1): Releasing backup interface
[  138.873244][T10451] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.961899][T10451] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.020773][T10576] loop2: detected capacity change from 0 to 512
[  139.068808][T10451] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  139.077720][T10451] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  139.087996][T10451] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  139.096189][T10575] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2270'.
[  139.096988][T10581] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2272'.
[  139.114155][T10451] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  139.163412][T10451] 8021q: adding VLAN 0 to HW filter on device bond0
[  139.178097][T10451] 8021q: adding VLAN 0 to HW filter on device team0
[  139.190222][T10587] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2275'.
[  139.205987][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.213185][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.222255][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.229368][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.349165][T10451] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.360627][T10604] netlink: 'syz.2.2280': attribute type 10 has an invalid length.
[  139.443626][T10451] veth0_vlan: entered promiscuous mode
[  139.454523][T10451] veth1_vlan: entered promiscuous mode
[  139.475975][T10451] veth0_macvtap: entered promiscuous mode
[  139.484094][T10451] veth1_macvtap: entered promiscuous mode
[  139.497252][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.507798][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.517756][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.528267][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.538370][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.549073][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.559273][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.569998][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.581526][T10451] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.593144][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.603752][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.613935][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.624442][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.634304][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.644744][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.654586][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.665166][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.675040][T10451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.685525][T10451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.697651][T10451] batman_adv: batadv0: Interface activated: batadv_slave_1
[  139.715296][T10451] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.724305][T10451] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.733146][T10451] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.742119][T10451] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.775115][T10622] loop4: detected capacity change from 0 to 1024
[  139.848457][T10622] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10622 comm=syz.4.2283
[  139.861687][T10630] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10630 comm=syz.3.2229
[  139.903059][T10631] loop2: detected capacity change from 0 to 512
[  140.012433][T10627] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2287'.
[  140.063277][T10637] netlink: 'syz.3.2289': attribute type 15 has an invalid length.
[  140.071341][T10637] netlink: 723 bytes leftover after parsing attributes in process `syz.3.2289'.
[  140.134413][T10642] netlink: 'syz.4.2290': attribute type 10 has an invalid length.
[  140.306282][T10664] netlink: 'syz.0.2297': attribute type 10 has an invalid length.
[  140.335752][T10664] bond0: (slave netdevsim1): Releasing backup interface
[  140.350593][T10664] team0: Port device netdevsim1 added
[  140.365116][T10673] netlink: 'syz.0.2297': attribute type 10 has an invalid length.
[  140.377624][T10672] loop2: detected capacity change from 0 to 1024
[  140.385827][T10673] team0: Port device netdevsim1 removed
[  140.402895][T10672] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  140.405452][T10673] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  140.430170][T10672] EXT4-fs (loop2): stripe (10) is not aligned with cluster size (16), stripe is disabled
[  140.440060][T10672] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  140.522382][T10676] loop4: detected capacity change from 0 to 128
[  140.529492][T10676] FAT-fs (loop4): Directory bread(block 160) failed
[  140.537700][T10676] FAT-fs (loop4): Directory bread(block 161) failed
[  140.558519][T10676] FAT-fs (loop4): Directory bread(block 162) failed
[  140.565640][T10676] FAT-fs (loop4): Directory bread(block 163) failed
[  140.573690][T10676] FAT-fs (loop4): Directory bread(block 164) failed
[  140.580619][T10676] FAT-fs (loop4): Directory bread(block 165) failed
[  140.587294][T10676] FAT-fs (loop4): Directory bread(block 166) failed
[  140.595122][T10676] FAT-fs (loop4): Directory bread(block 167) failed
[  140.607889][T10676] FAT-fs (loop4): Directory bread(block 160) failed
[  140.616674][T10681] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2306'.
[  140.625431][T10676] FAT-fs (loop4): Directory bread(block 161) failed
[  140.638864][T10676] netlink: 'syz.4.2304': attribute type 10 has an invalid length.
[  140.786342][T10705] netlink: 'syz.0.2314': attribute type 10 has an invalid length.
[  140.828422][T10708] netlink: 'syz.2.2317': attribute type 10 has an invalid length.
[  140.864110][T10708] bond0: (slave netdevsim1): Releasing backup interface
[  140.888327][T10708] team0: Port device netdevsim1 added
[  140.911058][T10709] netlink: 'syz.2.2317': attribute type 10 has an invalid length.
[  140.948843][T10709] team0: Port device netdevsim1 removed
[  140.967845][T10709] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  141.063285][T10722] loop0: detected capacity change from 0 to 512
[  141.071010][T10722] EXT4-fs: Ignoring removed bh option
[  141.076734][T10722] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  141.099801][T10722] EXT4-fs (loop0): 1 truncate cleaned up
[  141.104059][T10728] loop4: detected capacity change from 0 to 512
[  141.110128][T10722] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.125402][T10728] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  141.139721][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  141.139735][   T29] audit: type=1326 audit(1720231564.822:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10662 comm="syz.3.2301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa66e255c27 code=0x7fc00000
[  141.156209][T10728] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c018, mo2=0002]
[  141.177843][T10728] EXT4-fs (loop4): orphan cleanup on readonly fs
[  141.184422][T10722] loop0: detected capacity change from 512 to 64
[  141.194048][T10728] EXT4-fs warning (device loop4): ext4_enable_quotas:7078: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  141.198995][T10721] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 19: block 141:freeing already freed block (bit 140); block bitmap corrupt.
[  141.220329][T10728] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  141.223532][T10721] EXT4-fs (loop0): pa ffff8881057c1930: logic 0, phys. 129, len 64
[  141.231557][T10728] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.2326: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  141.238233][T10721] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5368: group 0, free 52, pa_free 51
[  141.267806][T10728] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.2326: couldn't read orphan inode 13 (err -117)
[  141.281768][T10728] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  141.294593][   T29] audit: type=1400 audit(1720231564.992:1216): avc:  denied  { unlink } for  pid=5462 comm="syz-executor" name="bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  141.317786][ T5462] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.327521][ T3436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.410780][T10753] netlink: 'syz.3.2333': attribute type 10 has an invalid length.
[  141.508871][T10764] bond0: (slave netdevsim1): Releasing backup interface
[  141.508955][   T29] audit: type=1326 audit(1720231565.192:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="syz.4.2339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a3d10bd9 code=0x7fc00000
[  141.541301][T10764] team0: Port device netdevsim1 added
[  141.558196][T10765] team0: Port device netdevsim1 removed
[  141.572555][T10765] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  141.834853][T10788] loop3: detected capacity change from 0 to 128
[  142.120458][T10797] loop3: detected capacity change from 0 to 512
[  142.126987][T10797] EXT4-fs: Ignoring removed nomblk_io_submit option
[  142.133780][T10797] EXT4-fs: Ignoring removed nobh option
[  142.153035][T10797] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.165744][T10797] ext4 filesystem being mounted at /21/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  142.172501][T10801] loop2: detected capacity change from 0 to 512
[  142.205498][T10801] ext4: Unknown parameter 'permit_directio'
[  142.209868][   T29] audit: type=1400 audit(1720231565.892:1218): avc:  denied  { read } for  pid=10796 comm="syz.3.2352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  142.232542][T10451] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.326476][   T29] audit: type=1326 audit(1720231566.012:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="syz.4.2339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc7a3d07c27 code=0x7fc00000
[  142.354497][T10825] xt_hashlimit: max too large, truncated to 1048576
[  142.366621][T10825] x_tables: ip_tables: icmp match: only valid for protocol 1
[  142.474131][T10835] syzkaller0: entered promiscuous mode
[  142.479648][T10835] syzkaller0: entered allmulticast mode
[  142.587177][   T29] audit: type=1326 audit(1720231566.272:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10856 comm="syz.3.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa66e25ebd9 code=0x7fc00000
[  142.634485][T10859] loop0: detected capacity change from 0 to 256
[  142.652185][T10859] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  142.669274][   T29] audit: type=1400 audit(1720231566.352:1221): avc:  denied  { execute } for  pid=10858 comm="syz.0.2374" path="/dev/bsg/blkio.throttle.io_service_bytes_recursive" dev="devtmpfs" ino=811 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=file permissive=1
[  142.723938][   T29] audit: type=1326 audit(1720231566.382:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10856 comm="syz.3.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa66e255c27 code=0x7fc00000
[  142.725223][ T5974] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  142.747355][   T29] audit: type=1326 audit(1720231566.382:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10856 comm="syz.3.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa66e1fa5c9 code=0x7fc00000
[  142.747390][   T29] audit: type=1326 audit(1720231566.382:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10856 comm="syz.3.2373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fa66e1fa68f code=0x7fc00000
[  142.804728][ T5974] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.873842][ T5974] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  142.883816][ T5974] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.972411][T10887] syzkaller0: entered promiscuous mode
[  142.978075][T10887] syzkaller0: entered allmulticast mode
[  142.988900][ T5974] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  142.998713][ T5974] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.055177][ T5974] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  143.065076][ T5974] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.164122][T10865] chnl_net:caif_netlink_parms(): no params data found
[  143.399657][ T5974] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  143.420362][ T5974] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  143.441395][ T5974] bond0 (unregistering): Released all slaves
[  143.451245][ T5974] bond1 (unregistering): Released all slaves
[  143.463128][T10914] loop3: detected capacity change from 0 to 128
[  143.501726][T10919] loop2: detected capacity change from 0 to 512
[  143.512356][T10919] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.2392: corrupted in-inode xattr: e_name out of bounds
[  143.527218][T10865] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.527967][T10919] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.2392: couldn't read orphan inode 15 (err -117)
[  143.534329][T10865] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.557938][T10865] bridge_slave_0: entered allmulticast mode
[  143.560032][T10919] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.564877][T10865] bridge_slave_0: entered promiscuous mode
[  143.598408][T10865] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.605549][T10865] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.612867][T10865] bridge_slave_1: entered allmulticast mode
[  143.619546][T10865] bridge_slave_1: entered promiscuous mode
[  143.670880][T10923] syzkaller0: entered promiscuous mode
[  143.676420][T10923] syzkaller0: entered allmulticast mode
[  143.684284][ T8739] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.698497][T10865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  143.709541][T10865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  143.728938][ T5974] hsr_slave_0: left promiscuous mode
[  143.735500][ T5974] hsr_slave_1: left promiscuous mode
[  143.741273][ T5974] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.748684][ T5974] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.757164][ T5974] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.764640][ T5974] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.774545][ T5974] veth1_macvtap: left promiscuous mode
[  143.780066][ T5974] veth0_macvtap: left promiscuous mode
[  143.785624][ T5974] veth1_vlan: left promiscuous mode
[  143.790978][ T5974] veth0_vlan: left promiscuous mode
[  143.877584][ T5974] team0 (unregistering): Port device team_slave_1 removed
[  143.888777][ T5974] team0 (unregistering): Port device team_slave_0 removed
[  143.954086][T10865] team0: Port device team_slave_0 added
[  143.961144][T10865] team0: Port device team_slave_1 added
[  143.974831][T10937] loop2: detected capacity change from 0 to 512
[  143.984216][T10865] batman_adv: batadv0: Adding interface: batadv_slave_0
[  143.991200][T10865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.017159][T10865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  144.023004][T10937] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.028728][T10865] batman_adv: batadv0: Adding interface: batadv_slave_1
[  144.040858][T10937] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.047351][T10865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.083958][T10865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  144.111875][ T8739] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.135252][T10865] hsr_slave_0: entered promiscuous mode
[  144.143531][T10865] hsr_slave_1: entered promiscuous mode
[  144.151791][T10865] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  144.160399][T10865] Cannot create hsr debugfs directory
[  144.191969][T10954] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2401'.
[  144.200945][T10954] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2401'.
[  144.229844][T10954] FAULT_INJECTION: forcing a failure.
[  144.229844][T10954] name failslab, interval 1, probability 0, space 0, times 0
[  144.242588][T10954] CPU: 0 PID: 10954 Comm: syz.2.2401 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  144.252955][T10954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  144.263259][T10954] Call Trace:
[  144.266540][T10954]  <TASK>
[  144.269558][T10954]  dump_stack_lvl+0xf2/0x150
[  144.274216][T10954]  dump_stack+0x15/0x20
[  144.278381][T10954]  should_fail_ex+0x229/0x230
[  144.283083][T10954]  ? nft_connlimit_clone+0x65/0x120
[  144.288328][T10954]  __should_failslab+0x92/0xa0
[  144.293169][T10954]  should_failslab+0x9/0x20
[  144.297720][T10954]  kmalloc_trace_noprof+0x4b/0x2a0
[  144.302874][T10954]  nft_connlimit_clone+0x65/0x120
[  144.307913][T10954]  nft_set_elem_expr_clone+0xf7/0x270
[  144.313327][T10954]  nf_tables_newsetelem+0xdf0/0x2530
[  144.318618][T10954]  ? nf_tables_delrule+0x8bb/0xaa0
[  144.323833][T10954]  ? nft_trans_set_add+0x38/0x190
[  144.328983][T10954]  nfnetlink_rcv+0xb1d/0x15b0
[  144.333734][T10954]  netlink_unicast+0x58d/0x660
[  144.338564][T10954]  netlink_sendmsg+0x5ca/0x6e0
[  144.343382][T10954]  ? __pfx_netlink_sendmsg+0x10/0x10
[  144.348705][T10954]  __sock_sendmsg+0x140/0x180
[  144.353396][T10954]  ____sys_sendmsg+0x312/0x410
[  144.358254][T10954]  __sys_sendmsg+0x1e9/0x280
[  144.362863][T10954]  __x64_sys_sendmsg+0x46/0x50
[  144.367677][T10954]  x64_sys_call+0xb25/0x2d70
[  144.372281][T10954]  do_syscall_64+0xc9/0x1c0
[  144.376863][T10954]  ? clear_bhb_loop+0x55/0xb0
[  144.381635][T10954]  ? clear_bhb_loop+0x55/0xb0
[  144.386410][T10954]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.392336][T10954] RIP: 0033:0x7f458c6d3bd9
[  144.396750][T10954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.416366][T10954] RSP: 002b:00007f458b955048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  144.424831][T10954] RAX: ffffffffffffffda RBX: 00007f458c861f60 RCX: 00007f458c6d3bd9
[  144.432824][T10954] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 000000000000000b
[  144.440799][T10954] RBP: 00007f458b9550a0 R08: 0000000000000000 R09: 0000000000000000
[  144.448774][T10954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  144.456761][T10954] R13: 000000000000000b R14: 00007f458c861f60 R15: 00007ffe2934ca38
[  144.464740][T10954]  </TASK>
[  144.479558][T10956] validate_nla: 5 callbacks suppressed
[  144.479576][T10956] netlink: 'syz.0.2403': attribute type 10 has an invalid length.
[  144.567433][T10960] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3744 sclass=netlink_route_socket pid=10960 comm=syz.2.2405
[  144.733592][T10971] loop2: detected capacity change from 0 to 128
[  144.744523][T10971] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  144.756905][T10971] ext4 filesystem being mounted at /150/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  144.825126][ T8739] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  144.826962][T10865] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  144.842974][T10865] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  144.855036][T10865] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  144.857224][T10977] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2413'.
[  144.875478][T10865] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  144.910658][T10984] FAULT_INJECTION: forcing a failure.
[  144.910658][T10984] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  144.924099][T10984] CPU: 1 PID: 10984 Comm: syz.2.2412 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  144.934318][T10984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  144.944389][T10984] Call Trace:
[  144.947677][T10984]  <TASK>
[  144.950611][T10984]  dump_stack_lvl+0xf2/0x150
[  144.955221][T10984]  dump_stack+0x15/0x20
[  144.959395][T10984]  should_fail_ex+0x229/0x230
[  144.964203][T10984]  __should_fail_alloc_page+0xfd/0x110
[  144.969751][T10984]  __alloc_pages_noprof+0x109/0x360
[  144.974968][T10984]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  144.980374][T10984]  vma_alloc_folio_noprof+0x176/0x2d0
[  144.985775][T10984]  do_wp_page+0x62b/0x22b0
[  144.990207][T10984]  ? __rcu_read_lock+0x36/0x50
[  144.995055][T10984]  handle_mm_fault+0xb9b/0x2a80
[  144.999956][T10984]  ? mas_walk+0x204/0x320
[  145.004313][T10984]  exc_page_fault+0x3b9/0x650
[  145.009090][T10984]  asm_exc_page_fault+0x26/0x30
[  145.013970][T10984] RIP: 0033:0x7f458c599500
[  145.018405][T10984] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41
[  145.038158][T10984] RSP: 002b:00007f458b9544b0 EFLAGS: 00010202
[  145.044298][T10984] RAX: 0000000000007005 RBX: 00007f458b954550 RCX: 0000000000000101
[  145.052275][T10984] RDX: 00000000000007ff RSI: 0000000000002000 RDI: 00007f458b9545f0
[  145.060312][T10984] RBP: 0000000000000102 R08: 00007f4583535000 R09: 0000000000000010
[  145.068410][T10984] R10: 0000000020000542 R11: 00000000000004f2 R12: 0000000000001801
[  145.076528][T10984] R13: 00007f458c753fa0 R14: 0000000000000019 R15: 00007f458b9545f0
[  145.084513][T10984]  </TASK>
[  145.087619][T10984] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  145.106682][T10989] FAULT_INJECTION: forcing a failure.
[  145.106682][T10989] name failslab, interval 1, probability 0, space 0, times 0
[  145.119880][T10989] CPU: 0 PID: 10989 Comm: syz.4.2417 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  145.127823][T10865] 8021q: adding VLAN 0 to HW filter on device bond0
[  145.130048][T10989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  145.130065][T10989] Call Trace:
[  145.130073][T10989]  <TASK>
[  145.130081][T10989]  dump_stack_lvl+0xf2/0x150
[  145.142557][T10865] 8021q: adding VLAN 0 to HW filter on device team0
[  145.146710][T10989]  dump_stack+0x15/0x20
[  145.156586][  T909] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.157505][T10989]  should_fail_ex+0x229/0x230
[  145.164149][  T909] bridge0: port 1(bridge_slave_0) entered forwarding state
[  145.168241][T10989]  ? sctp_add_bind_addr+0x6f/0x1e0
[  145.189103][T10865] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  145.192225][T10989]  __should_failslab+0x92/0xa0
[  145.192254][T10989]  should_failslab+0x9/0x20
[  145.202678][T10865] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  145.207416][T10989]  kmalloc_trace_noprof+0x4b/0x2a0
[  145.217420][  T909] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.222301][T10989]  sctp_add_bind_addr+0x6f/0x1e0
[  145.227458][  T909] bridge0: port 2(bridge_slave_1) entered forwarding state
[  145.234433][T10989]  sctp_copy_local_addr_list+0x19b/0x220
[  145.252523][T10989]  sctp_copy_one_addr+0x83/0x410
[  145.257486][T10989]  sctp_bind_addr_copy+0x81/0x2b0
[  145.259109][T10984] loop2: detected capacity change from 0 to 512
[  145.262611][T10989]  sctp_assoc_set_bind_addr_from_ep+0xc0/0xd0
[  145.262643][T10989]  sctp_connect_new_asoc+0x1d0/0x3b0
[  145.262686][T10989]  sctp_sendmsg+0xf05/0x1920
[  145.262768][T10989]  ? __pfx_sctp_sendmsg+0x10/0x10
[  145.290045][T10989]  inet_sendmsg+0xc5/0xd0
[  145.294480][T10989]  __sock_sendmsg+0x102/0x180
[  145.299253][T10989]  __sys_sendto+0x1e5/0x260
[  145.303806][T10989]  __x64_sys_sendto+0x78/0x90
[  145.308507][T10989]  x64_sys_call+0x16d7/0x2d70
[  145.313197][T10989]  do_syscall_64+0xc9/0x1c0
[  145.317714][T10989]  ? clear_bhb_loop+0x55/0xb0
[  145.322410][T10989]  ? clear_bhb_loop+0x55/0xb0
[  145.327249][T10989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.333154][T10989] RIP: 0033:0x7fc7a3d10bd9
[  145.337653][T10989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.357372][T10989] RSP: 002b:00007fc7a2f92048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  145.365802][T10989] RAX: ffffffffffffffda RBX: 00007fc7a3e9ef60 RCX: 00007fc7a3d10bd9
[  145.373869][T10989] RDX: 0000000000000001 RSI: 0000000020000500 RDI: 0000000000000003
[  145.381846][T10989] RBP: 00007fc7a2f920a0 R08: 0000000020000100 R09: 000000000000001c
[  145.389818][T10989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  145.397864][T10989] R13: 000000000000000b R14: 00007fc7a3e9ef60 R15: 00007ffe52461368
[  145.405932][T10989]  </TASK>
[  145.412850][T10984] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  145.432666][T10984] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  145.451405][T10984] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.2412: bg 0: block 18: invalid block bitmap
[  145.464546][T10984] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  145.490215][T10984] EXT4-fs (loop2): 1 truncate cleaned up
[  145.495346][T10865] 8021q: adding VLAN 0 to HW filter on device batadv0
[  145.500356][T10984] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.515296][T10984] ext2 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.547429][ T8739] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.556615][T11003] netlink: 'syz.4.2418': attribute type 10 has an invalid length.
[  145.599967][T10865] veth0_vlan: entered promiscuous mode
[  145.608589][T10865] veth1_vlan: entered promiscuous mode
[  145.629664][T10865] veth0_macvtap: entered promiscuous mode
[  145.639131][T10865] veth1_macvtap: entered promiscuous mode
[  145.656286][T10865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.666816][T10865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.676673][T10865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.687423][T10865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.697407][T10865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.707937][T10865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.717835][T10865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.728352][T10865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.739073][T10865] batman_adv: batadv0: Interface activated: batadv_slave_0
[  145.749928][T10865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.760493][T10865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.770324][T10865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.780772][T10865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.790620][T10865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.801104][T10865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.810940][T10865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.821400][T10865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.831418][T10865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.841898][T10865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.854510][T10865] batman_adv: batadv0: Interface activated: batadv_slave_1
[  145.863135][T10865] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.872098][T10865] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.880945][T10865] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.889804][T10865] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.971717][T11027] loop1: detected capacity change from 0 to 1024
[  145.981776][T11027] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.367562][T11034] netlink: 'syz.4.2427': attribute type 10 has an invalid length.
[  146.448940][T11034] bond0: (slave netdevsim1): Releasing backup interface
[  146.524756][T11034] team0: Port device netdevsim1 added
[  146.552675][T11035] netlink: 'syz.4.2427': attribute type 10 has an invalid length.
[  146.577542][T11035] team0: Port device netdevsim1 removed
[  146.585735][T11035] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  146.856832][T10865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.978848][   T29] kauditd_printk_skb: 79 callbacks suppressed
[  146.978866][   T29] audit: type=1326 audit(1720231570.662:1304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.2441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb599337bd9 code=0x7ffc0000
[  147.009079][   T29] audit: type=1326 audit(1720231570.682:1305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.2441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb599337bd9 code=0x7ffc0000
[  147.021219][T11075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2441'.
[  147.032648][   T29] audit: type=1326 audit(1720231570.682:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.2441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb599337bd9 code=0x7ffc0000
[  147.032684][   T29] audit: type=1326 audit(1720231570.702:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.2441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb599337bd9 code=0x7ffc0000
[  147.035063][   T29] audit: type=1326 audit(1720231570.702:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.2441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb599337bd9 code=0x7ffc0000
[  147.043108][T11075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2441'.
[  147.065248][   T29] audit: type=1326 audit(1720231570.702:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.2441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fb599337bd9 code=0x7ffc0000
[  147.144775][   T29] audit: type=1326 audit(1720231570.702:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.2441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb599337bd9 code=0x7ffc0000
[  147.159778][T11077] syzkaller0: entered promiscuous mode
[  147.168295][   T29] audit: type=1326 audit(1720231570.702:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.2441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb599337bd9 code=0x7ffc0000
[  147.173815][T11077] syzkaller0: entered allmulticast mode
[  147.197434][   T29] audit: type=1326 audit(1720231570.702:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.2441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb599337bd9 code=0x7ffc0000
[  147.226761][   T29] audit: type=1326 audit(1720231570.702:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.0.2441" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb599337bd9 code=0x7ffc0000
[  147.336239][T11098] FAULT_INJECTION: forcing a failure.
[  147.336239][T11098] name failslab, interval 1, probability 0, space 0, times 0
[  147.349044][T11098] CPU: 0 PID: 11098 Comm: syz.0.2451 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  147.359334][T11098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  147.369476][T11098] Call Trace:
[  147.372783][T11098]  <TASK>
[  147.375722][T11098]  dump_stack_lvl+0xf2/0x150
[  147.380332][T11098]  dump_stack+0x15/0x20
[  147.384531][T11098]  should_fail_ex+0x229/0x230
[  147.389227][T11098]  ? sctp_stream_init_ext+0x38/0x130
[  147.394553][T11098]  __should_failslab+0x92/0xa0
[  147.399326][T11098]  should_failslab+0x9/0x20
[  147.403855][T11098]  kmalloc_trace_noprof+0x4b/0x2a0
[  147.408980][T11098]  sctp_stream_init_ext+0x38/0x130
[  147.414282][T11098]  sctp_sendmsg_to_asoc+0xb36/0xbe0
[  147.419577][T11098]  ? sctp_assoc_add_peer+0xaed/0xba0
[  147.424957][T11098]  sctp_sendmsg+0x136f/0x1920
[  147.429730][T11098]  ? __pfx_sctp_sendmsg+0x10/0x10
[  147.434825][T11098]  inet_sendmsg+0xc5/0xd0
[  147.439206][T11098]  __sock_sendmsg+0x102/0x180
[  147.443961][T11098]  __sys_sendto+0x1e5/0x260
[  147.448482][T11098]  __x64_sys_sendto+0x78/0x90
[  147.453269][T11098]  x64_sys_call+0x16d7/0x2d70
[  147.457967][T11098]  do_syscall_64+0xc9/0x1c0
[  147.462553][T11098]  ? clear_bhb_loop+0x55/0xb0
[  147.467247][T11098]  ? clear_bhb_loop+0x55/0xb0
[  147.472023][T11098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.477932][T11098] RIP: 0033:0x7fb599337bd9
[  147.482349][T11098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.502199][T11098] RSP: 002b:00007fb5985b9048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  147.510803][T11098] RAX: ffffffffffffffda RBX: 00007fb5994c5f60 RCX: 00007fb599337bd9
[  147.518866][T11098] RDX: 0000000000034000 RSI: 0000000020000580 RDI: 0000000000000005
[  147.526842][T11098] RBP: 00007fb5985b90a0 R08: 0000000020000100 R09: 000000000000001c
[  147.534843][T11098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.542820][T11098] R13: 000000000000000b R14: 00007fb5994c5f60 R15: 00007fffce1f8378
[  147.550801][T11098]  </TASK>
[  147.559880][T11099] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2449'.
[  147.571282][T11099] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11099 comm=syz.4.2449
[  147.756017][T11121] syzkaller0: entered promiscuous mode
[  147.761566][T11121] syzkaller0: entered allmulticast mode
[  147.768801][T11102] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2452'.
[  147.784995][T11124] loop4: detected capacity change from 0 to 1024
[  147.820624][T11124] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.851948][T11125] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2452'.
[  147.854111][ T3436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.894304][T11134] loop1: detected capacity change from 0 to 2048
[  147.916128][T11134] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.952089][T11134] netlink: 'syz.1.2467': attribute type 1 has an invalid length.
[  147.959997][T11134] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2467'.
[  148.026062][ T3185] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 2 with error 28
[  148.034132][T11160] loop4: detected capacity change from 0 to 1024
[  148.038380][ T3185] EXT4-fs (loop1): This should not happen!! Data will be lost
[  148.038380][ T3185] 
[  148.054390][ T3185] EXT4-fs (loop1): Total free blocks count 0
[  148.057493][T11160] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.060655][ T3185] EXT4-fs (loop1): Free/Dirty block details
[  148.079156][ T3185] EXT4-fs (loop1): free_blocks=0
[  148.084158][ T3185] EXT4-fs (loop1): dirty_blocks=0
[  148.089326][ T3185] EXT4-fs (loop1): Block reservation details
[  148.095355][ T3185] EXT4-fs (loop1): i_reserved_data_blocks=0
[  148.105192][T10865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.158023][T11154] loop0: detected capacity change from 0 to 512
[  148.186411][ T3436] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.197088][T11166] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2474'.
[  148.206588][T11154] syz.0.2474: attempt to access beyond end of device
[  148.206588][T11154] loop0: rw=4096, sector=2, nr_sectors = 2 limit=0
[  148.220692][T11154] EXT4-fs (loop0): unable to read superblock
[  148.280691][T11182] loop3: detected capacity change from 0 to 128
[  148.291155][T11174] syzkaller0: entered promiscuous mode
[  148.296660][T11174] syzkaller0: entered allmulticast mode
[  148.298137][T11178] loop2: detected capacity change from 0 to 8192
[  148.355257][T11178] vhci_hcd: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub
[  148.523348][T11206] FAULT_INJECTION: forcing a failure.
[  148.523348][T11206] name failslab, interval 1, probability 0, space 0, times 0
[  148.536078][T11206] CPU: 0 PID: 11206 Comm: syz.4.2491 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  148.546244][T11206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  148.556403][T11206] Call Trace:
[  148.559716][T11206]  <TASK>
[  148.562723][T11206]  dump_stack_lvl+0xf2/0x150
[  148.567380][T11206]  dump_stack+0x15/0x20
[  148.571759][T11206]  should_fail_ex+0x229/0x230
[  148.576474][T11206]  ? mas_alloc_nodes+0x1d3/0x4a0
[  148.581454][T11206]  __should_failslab+0x92/0xa0
[  148.586286][T11206]  should_failslab+0x9/0x20
[  148.590876][T11206]  kmem_cache_alloc_noprof+0x4c/0x290
[  148.596357][T11206]  mas_alloc_nodes+0x1d3/0x4a0
[  148.601166][T11206]  mas_preallocate+0x773/0xc30
[  148.605976][T11206]  vma_merge+0xc37/0x1640
[  148.610337][T11206]  copy_vma+0x1bf/0x4a0
[  148.614537][T11206]  move_vma+0x3d1/0xd10
[  148.618885][T11206]  ? arch_get_unmapped_area_topdown_vmflags+0x173/0x490
[  148.625912][T11206]  ? cap_mmap_addr+0xdf/0x1a0
[  148.630607][T11206]  __se_sys_mremap+0xd09/0xf20
[  148.635450][T11206]  ? fput+0x13b/0x180
[  148.639504][T11206]  __x64_sys_mremap+0x67/0x80
[  148.644250][T11206]  x64_sys_call+0x1029/0x2d70
[  148.648999][T11206]  do_syscall_64+0xc9/0x1c0
[  148.653570][T11206]  ? clear_bhb_loop+0x55/0xb0
[  148.658348][T11206]  ? clear_bhb_loop+0x55/0xb0
[  148.663051][T11206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.668979][T11206] RIP: 0033:0x7fc7a3d10bd9
[  148.673408][T11206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.693080][T11206] RSP: 002b:00007fc7a2f92048 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  148.701540][T11206] RAX: ffffffffffffffda RBX: 00007fc7a3e9ef60 RCX: 00007fc7a3d10bd9
[  148.709577][T11206] RDX: 0000000000003000 RSI: 0000000000003000 RDI: 0000000020ffd000
[  148.717625][T11206] RBP: 00007fc7a2f920a0 R08: 0000000020ff5000 R09: 0000000000000000
[  148.725615][T11206] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  148.733772][T11206] R13: 000000000000000b R14: 00007fc7a3e9ef60 R15: 00007ffe52461368
[  148.741757][T11206]  </TASK>
[  148.766471][T11210] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6 sclass=netlink_route_socket pid=11210 comm=syz.4.2493
[  148.861380][T11227] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.929471][T11233] loop0: detected capacity change from 0 to 128
[  148.956032][T11235] openvswitch: netlink: Geneve opt len 3 is not a multiple of 4.
[  148.973245][T11227] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.050436][T11227] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.103428][T11262] loop0: detected capacity change from 0 to 1024
[  149.111278][T11262] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  149.133675][T11262] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #11: comm syz.0.2517: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  149.152451][T11227] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.178449][T11262] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz.0.2517: couldn't read orphan inode 11 (err -117)
[  149.195155][T11269] FAULT_INJECTION: forcing a failure.
[  149.195155][T11269] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  149.203960][T11262] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.208471][T11269] CPU: 0 PID: 11269 Comm: syz.4.2519 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  149.231116][T11269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  149.237054][T11262] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2517: Invalid block bitmap block 0 in block_group 0
[  149.241182][T11269] Call Trace:
[  149.241194][T11269]  <TASK>
[  149.241243][T11269]  dump_stack_lvl+0xf2/0x150
[  149.241280][T11269]  dump_stack+0x15/0x20
[  149.241306][T11269]  should_fail_ex+0x229/0x230
[  149.274395][T11269]  __should_fail_alloc_page+0xfd/0x110
[  149.279911][T11269]  __alloc_pages_noprof+0x109/0x360
[  149.285201][T11269]  probe_event_enable+0x531/0x780
[  149.290242][T11269]  ? __pfx_uprobe_perf_filter+0x10/0x10
[  149.295995][T11269]  trace_uprobe_register+0x8e/0x3d0
[  149.301214][T11269]  perf_trace_event_init+0x360/0x7c0
[  149.306534][T11269]  perf_uprobe_init+0xf9/0x140
[  149.311430][T11269]  perf_uprobe_event_init+0xe2/0x140
[  149.316732][T11269]  perf_try_init_event+0xc3/0x2b0
[  149.321782][T11269]  perf_event_alloc+0xa45/0x16d0
[  149.326751][T11269]  __se_sys_perf_event_open+0x837/0x2170
[  149.332410][T11269]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  149.338074][T11269]  ? __fget_files+0x1da/0x210
[  149.342841][T11269]  __x64_sys_perf_event_open+0x67/0x80
[  149.348394][T11269]  x64_sys_call+0x1909/0x2d70
[  149.353117][T11269]  do_syscall_64+0xc9/0x1c0
[  149.357658][T11269]  ? clear_bhb_loop+0x55/0xb0
[  149.362412][T11269]  ? clear_bhb_loop+0x55/0xb0
[  149.367188][T11269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.373183][T11269] RIP: 0033:0x7fc7a3d10bd9
[  149.377635][T11269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.397351][T11269] RSP: 002b:00007fc7a2f92048 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  149.405838][T11269] RAX: ffffffffffffffda RBX: 00007fc7a3e9ef60 RCX: 00007fc7a3d10bd9
[  149.413840][T11269] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[  149.421872][T11269] RBP: 00007fc7a2f920a0 R08: 0000000000000000 R09: 0000000000000000
[  149.429937][T11269] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[  149.437916][T11269] R13: 000000000000000b R14: 00007fc7a3e9ef60 R15: 00007ffe52461368
[  149.445898][T11269]  </TASK>
[  149.452120][T11262] EXT4-fs error (device loop0): ext4_acquire_dquot:6860: comm syz.0.2517: Failed to acquire dquot type 0
[  149.475671][T11273] netlink: 'syz.4.2520': attribute type 1 has an invalid length.
[  149.490927][ T5462] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.506709][T11227] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  149.529619][T11227] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.563609][T11227] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  149.578497][T11227] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.618787][T11287] loop3: detected capacity change from 0 to 1024
[  149.627005][T11287] EXT4-fs: Ignoring removed i_version option
[  149.633824][T11287] EXT4-fs (loop3): stripe (255) is not aligned with cluster size (16), stripe is disabled
[  149.665818][T11286] tipc: Started in network mode
[  149.671017][T11286] tipc: Node identity e0000002, cluster identity 4711
[  149.677986][T11286] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  149.807449][T11297] loop4: detected capacity change from 0 to 2048
[  150.006165][T11306] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2533'.
[  150.022673][T11306] netlink: 'syz.4.2533': attribute type 10 has an invalid length.
[  150.499613][T11318] loop0: detected capacity change from 0 to 512
[  150.511539][T11318] ext4 filesystem being mounted at /365/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.654938][T11337] FAULT_INJECTION: forcing a failure.
[  150.654938][T11337] name failslab, interval 1, probability 0, space 0, times 0
[  150.667689][T11337] CPU: 1 PID: 11337 Comm: syz.0.2545 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  150.677861][T11337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  150.687995][T11337] Call Trace:
[  150.691298][T11337]  <TASK>
[  150.694303][T11337]  dump_stack_lvl+0xf2/0x150
[  150.698909][T11337]  dump_stack+0x15/0x20
[  150.703124][T11337]  should_fail_ex+0x229/0x230
[  150.707820][T11337]  ? dst_alloc+0xc0/0x100
[  150.712203][T11337]  __should_failslab+0x92/0xa0
[  150.716977][T11337]  should_failslab+0x9/0x20
[  150.721568][T11337]  kmem_cache_alloc_noprof+0x4c/0x290
[  150.726979][T11337]  dst_alloc+0xc0/0x100
[  150.731243][T11337]  ? ip_vs_dh_schedule+0x2/0x150
[  150.736204][T11337]  ip_route_output_key_hash_rcu+0xb90/0x12d0
[  150.742277][T11337]  ip_route_output_key_hash+0x7b/0xb0
[  150.747696][T11337]  tcp_v4_connect+0x3c4/0xad0
[  150.752382][T11337]  __inet_stream_connect+0x162/0x790
[  150.757682][T11337]  ? _raw_spin_unlock_bh+0x36/0x40
[  150.762838][T11337]  ? release_sock+0x117/0x150
[  150.767637][T11337]  ? _raw_spin_unlock_bh+0x36/0x40
[  150.772904][T11337]  ? lock_sock_nested+0x10f/0x140
[  150.778000][T11337]  ? selinux_netlbl_socket_connect+0xea/0x100
[  150.784142][T11337]  inet_stream_connect+0x48/0x70
[  150.789163][T11337]  ? __pfx_inet_stream_connect+0x10/0x10
[  150.794945][T11337]  __sys_connect+0x1a9/0x1c0
[  150.799549][T11337]  __x64_sys_connect+0x41/0x50
[  150.804505][T11337]  x64_sys_call+0x2961/0x2d70
[  150.809200][T11337]  do_syscall_64+0xc9/0x1c0
[  150.813734][T11337]  ? clear_bhb_loop+0x55/0xb0
[  150.818436][T11337]  ? clear_bhb_loop+0x55/0xb0
[  150.823126][T11337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.829030][T11337] RIP: 0033:0x7fb599337bd9
[  150.833611][T11337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.853230][T11337] RSP: 002b:00007fb5985b9048 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  150.861715][T11337] RAX: ffffffffffffffda RBX: 00007fb5994c5f60 RCX: 00007fb599337bd9
[  150.869735][T11337] RDX: 0000000000000010 RSI: 0000000020000440 RDI: 0000000000000003
[  150.877721][T11337] RBP: 00007fb5985b90a0 R08: 0000000000000000 R09: 0000000000000000
[  150.885854][T11337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.893829][T11337] R13: 000000000000000b R14: 00007fb5994c5f60 R15: 00007fffce1f8378
[  150.901868][T11337]  </TASK>
[  150.913654][T11338] team0: Port device vlan2 added
[  150.966873][T11350] FAULT_INJECTION: forcing a failure.
[  150.966873][T11350] name failslab, interval 1, probability 0, space 0, times 0
[  150.979729][T11350] CPU: 0 PID: 11350 Comm: syz.0.2552 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  150.989922][T11350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  151.000007][T11350] Call Trace:
[  151.003293][T11350]  <TASK>
[  151.006219][T11350]  dump_stack_lvl+0xf2/0x150
[  151.010817][T11350]  dump_stack+0x15/0x20
[  151.015113][T11350]  should_fail_ex+0x229/0x230
[  151.019842][T11350]  ? mas_alloc_nodes+0x1d3/0x4a0
[  151.024811][T11350]  __should_failslab+0x92/0xa0
[  151.029579][T11350]  should_failslab+0x9/0x20
[  151.034100][T11350]  kmem_cache_alloc_noprof+0x4c/0x290
[  151.039485][T11350]  mas_alloc_nodes+0x1d3/0x4a0
[  151.044435][T11350]  mas_preallocate+0x773/0xc30
[  151.049288][T11350]  vma_merge+0xc37/0x1640
[  151.053666][T11350]  copy_vma+0x1bf/0x4a0
[  151.057855][T11350]  move_vma+0x3d1/0xd10
[  151.062010][T11350]  ? arch_get_unmapped_area_topdown_vmflags+0x173/0x490
[  151.069121][T11350]  ? cap_mmap_addr+0xdf/0x1a0
[  151.073800][T11350]  __se_sys_mremap+0xd09/0xf20
[  151.078613][T11350]  ? fput+0x13b/0x180
[  151.082649][T11350]  __x64_sys_mremap+0x67/0x80
[  151.087322][T11350]  x64_sys_call+0x1029/0x2d70
[  151.092004][T11350]  do_syscall_64+0xc9/0x1c0
[  151.096527][T11350]  ? clear_bhb_loop+0x55/0xb0
[  151.101205][T11350]  ? clear_bhb_loop+0x55/0xb0
[  151.105901][T11350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.111827][T11350] RIP: 0033:0x7fb599337bd9
[  151.116243][T11350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.135858][T11350] RSP: 002b:00007fb5985b9048 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  151.144357][T11350] RAX: ffffffffffffffda RBX: 00007fb5994c5f60 RCX: 00007fb599337bd9
[  151.152465][T11350] RDX: 0000000000003000 RSI: 0000000000003000 RDI: 0000000020ffd000
[  151.160527][T11350] RBP: 00007fb5985b90a0 R08: 0000000020ff5000 R09: 0000000000000000
[  151.168508][T11350] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  151.176505][T11350] R13: 000000000000000b R14: 00007fb5994c5f60 R15: 00007fffce1f8378
[  151.184509][T11350]  </TASK>
[  151.190786][T11351] loop4: detected capacity change from 0 to 512
[  151.198375][T11351] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  151.210143][T11351] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 not in group (block 5)!
[  151.220455][T11351] EXT4-fs (loop4): group descriptors corrupted!
[  151.269517][T11360] tap0: tun_chr_ioctl cmd 2147767517
[  151.277180][T11360] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2556'.
[  151.291216][T11360] team_slave_0: entered promiscuous mode
[  151.296993][T11360] team_slave_1: entered promiscuous mode
[  151.297461][T11364] loop2: detected capacity change from 0 to 2048
[  151.309387][T11360] team_slave_0: left promiscuous mode
[  151.314822][T11360] team_slave_1: left promiscuous mode
[  151.383362][T11364] loop2: detected capacity change from 0 to 1024
[  151.390274][T11364] EXT4-fs: Ignoring removed nomblk_io_submit option
[  151.400865][T11364] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a043c018, mo2=0002]
[  151.409003][T11364] System zones: 0-1, 3-12
[  151.414912][T11364] EXT4-fs error (device loop2): __ext4_iget:4906: inode #12: block 17104912: comm syz.2.2558: invalid block
[  151.427483][T11364] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  151.445103][T11364] EXT4-fs error (device loop2): __ext4_iget:4906: inode #12: block 17104912: comm syz.2.2558: invalid block
[  151.533342][T11377] loop0: detected capacity change from 0 to 256
[  151.739756][T11405] netlink: 'syz.0.2569': attribute type 10 has an invalid length.
[  151.913635][T11417] loop4: detected capacity change from 0 to 256
[  152.049126][T11432] loop0: detected capacity change from 0 to 512
[  152.127672][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  152.127687][   T29] audit: type=1326 audit(1720231575.812:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11435 comm="syz.4.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a3d10bd9 code=0x7ffc0000
[  152.159137][   T29] audit: type=1326 audit(1720231575.812:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11435 comm="syz.4.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a3d10bd9 code=0x7ffc0000
[  152.182731][   T29] audit: type=1326 audit(1720231575.812:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11435 comm="syz.4.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fc7a3d10bd9 code=0x7ffc0000
[  152.206344][   T29] audit: type=1326 audit(1720231575.812:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11435 comm="syz.4.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a3d10bd9 code=0x7ffc0000
[  152.214268][T11438] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2579'.
[  152.229871][   T29] audit: type=1326 audit(1720231575.812:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11435 comm="syz.4.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a3d10bd9 code=0x7ffc0000
[  152.229905][   T29] audit: type=1326 audit(1720231575.812:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11435 comm="syz.4.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7a3d10bd9 code=0x7ffc0000
[  152.244098][T11438] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  152.262422][   T29] audit: type=1326 audit(1720231575.812:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11435 comm="syz.4.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a3d10bd9 code=0x7ffc0000
[  152.285914][T11438] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  152.294591][   T29] audit: type=1326 audit(1720231575.812:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11435 comm="syz.4.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7a3d10bd9 code=0x7ffc0000
[  152.318117][T11438] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  152.326811][   T29] audit: type=1326 audit(1720231575.832:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11435 comm="syz.4.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a3d10bd9 code=0x7ffc0000
[  152.350301][T11438] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  152.359093][   T29] audit: type=1326 audit(1720231575.832:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11435 comm="syz.4.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7a3d10bd9 code=0x7ffc0000
[  152.391855][T11438] vxlan0: entered promiscuous mode
[  152.640084][T11453] netlink: 'syz.2.2584': attribute type 10 has an invalid length.
[  152.760890][T11455] netlink: 'syz.2.2585': attribute type 10 has an invalid length.
[  152.772818][T11455] bond0: (slave netdevsim1): Releasing backup interface
[  152.781385][T11455] team0: Port device netdevsim1 added
[  152.788251][T11455] netlink: 'syz.2.2585': attribute type 10 has an invalid length.
[  152.798764][T11455] team0: Port device netdevsim1 removed
[  152.808292][T11455] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  152.831540][T11457] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2586'.
[  152.900657][T11459] loop2: detected capacity change from 0 to 512
[  152.907638][T11459] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  152.908116][T11464] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2589'.
[  152.920302][T11459] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  152.926709][T11464] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2589'.
[  152.935135][T11459] System zones: 1-12
[  152.951370][T11459] EXT4-fs (loop2): 1 truncate cleaned up
[  153.074472][T11481] netlink: 'syz.4.2595': attribute type 10 has an invalid length.
[  153.102819][T11483] netlink: 'syz.0.2597': attribute type 10 has an invalid length.
[  153.121191][T11483] bond0: (slave netdevsim1): Releasing backup interface
[  153.129951][T11483] team0: Port device netdevsim1 added
[  153.138615][T11483] netlink: 'syz.0.2597': attribute type 10 has an invalid length.
[  153.158872][T11483] team0: Port device netdevsim1 removed
[  153.175438][T11483] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  153.267070][T11498] netlink: 'syz.2.2603': attribute type 29 has an invalid length.
[  153.276585][T11498] netlink: 'syz.2.2603': attribute type 29 has an invalid length.
[  153.433816][T11508] loop2: detected capacity change from 0 to 256
[  153.441073][T11508] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  153.453847][T11508] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  153.487609][T11514] bond0: (slave netdevsim1): Releasing backup interface
[  153.496429][T11514] team0: Port device netdevsim1 added
[  153.510761][T11514] team0: Port device netdevsim1 removed
[  153.517862][T11514] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  153.556708][T11524] loop0: detected capacity change from 0 to 1024
[  153.650660][T11540] loop0: detected capacity change from 0 to 2048
[  153.662680][T11540] ext3: Unknown parameter 'pcr'
[  153.668640][T11543] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  153.677006][T11543] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  153.701786][T11543] loop1: detected capacity change from 0 to 2048
[  153.721492][T11540] loop0: detected capacity change from 0 to 512
[  153.733554][T11540] ext4: Unknown parameter 'posixacl'
[  153.750028][T11543]  loop1: p1 < > p3
[  153.754461][T11543] loop1: p3 size 134217728 extends beyond EOD, truncated
[  153.790547][T11540] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  153.798075][T11540] vhci_hcd: default hub control req: 7434 v0000 i0000 l0
[  153.874374][T11566] bond0: (slave netdevsim1): Releasing backup interface
[  153.888562][T11566] team0: Port device netdevsim1 added
[  153.898105][T11566] team0: Port device netdevsim1 removed
[  153.914519][T11566] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  153.939812][T11570] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2630'.
[  153.949359][T11570] macvlan0: entered promiscuous mode
[  154.076590][T11581] loop2: detected capacity change from 0 to 512
[  154.085219][T11581] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  154.093354][T11581] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  154.103962][T11581] EXT4-fs (loop2): 1 truncate cleaned up
[  154.110897][T11581] ext4: Unknown parameter '���������Cr�`U���t?e������'
[  154.272765][T11598] loop0: detected capacity change from 0 to 256
[  154.375199][T11604] loop0: detected capacity change from 0 to 2048
[  154.430437][T11604]  loop0: p1 < > p3 p4 < >
[  154.435663][T11604] loop0: p3 start 4284289 is beyond EOD, truncated
[  154.506986][T11608] loop0: detected capacity change from 0 to 256
[  154.551278][T11589] loop2: detected capacity change from 0 to 65536
[  154.667840][T11621] loop1: detected capacity change from 0 to 8192
[  154.694449][T11623] loop0: detected capacity change from 0 to 2048
[  154.867624][T11636] syzkaller0: entered promiscuous mode
[  154.873176][T11636] syzkaller0: entered allmulticast mode
[  155.042190][T11667] bridge: RTM_NEWNEIGH with invalid state 0x0
[  155.058269][T11669] serio: Serial port pts0
[  155.159504][T11686] syzkaller0: entered promiscuous mode
[  155.165062][T11686] syzkaller0: entered allmulticast mode
[  155.172096][T11689] validate_nla: 7 callbacks suppressed
[  155.172112][T11689] netlink: 'syz.2.2674': attribute type 10 has an invalid length.
[  155.197344][T11689] bond0: (slave netdevsim1): Releasing backup interface
[  155.209102][T11689] team0: Port device netdevsim1 added
[  155.223239][T11690] netlink: 'syz.2.2674': attribute type 10 has an invalid length.
[  155.241032][T11690] team0: Port device netdevsim1 removed
[  155.248729][T11692] loop1: detected capacity change from 0 to 512
[  155.254635][T11690] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  155.267466][T11692] EXT4-fs: Ignoring removed i_version option
[  155.273695][T11692] EXT4-fs: Ignoring removed nobh option
[  155.292790][T11692] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  155.305829][T11692] EXT4-fs (loop1): 1 truncate cleaned up
[  155.354312][T11695] loop0: detected capacity change from 0 to 128
[  155.423989][T11708] loop2: detected capacity change from 0 to 512
[  155.444138][T11708] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2685: bg 0: block 248: padding at end of block bitmap is not set
[  155.447195][T11711] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  155.459037][T11708] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz.2.2685: Failed to acquire dquot type 1
[  155.465668][T11711] IPv6: NLM_F_CREATE should be set when creating new route
[  155.487888][T11708] EXT4-fs (loop2): 1 truncate cleaned up
[  155.494157][T11708] ext4 filesystem being mounted at /228/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.579508][T11730] syz.0.2691 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  155.614074][T11726] syzkaller0: entered promiscuous mode
[  155.619843][T11726] syzkaller0: entered allmulticast mode
[  155.673844][T11737] netlink: 'syz.2.2692': attribute type 10 has an invalid length.
[  155.728965][T11742] loop1: detected capacity change from 0 to 1024
[  155.869804][T11748] loop4: detected capacity change from 0 to 2048
[  155.878868][T11752] loop2: detected capacity change from 0 to 128
[  155.885661][T11752] EXT4-fs: Ignoring removed nomblk_io_submit option
[  155.892539][T11752] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.900934][T11752] ext4 filesystem being mounted at /232/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  155.936054][ T5978] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.958346][T11748] bond4: entered promiscuous mode
[  155.963594][T11748] bond4: entered allmulticast mode
[  155.970303][T11748] 8021q: adding VLAN 0 to HW filter on device bond4
[  155.994855][ T5978] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.033436][T11765] xt_TCPMSS: Only works on TCP SYN packets
[  156.050155][ T5978] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.076810][T11768] bond2: entered promiscuous mode
[  156.081998][T11768] bond2: entered allmulticast mode
[  156.088451][T11768] 8021q: adding VLAN 0 to HW filter on device bond2
[  156.109334][T11768] bond2 (unregistering): Released all slaves
[  156.121690][ T5978] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.165410][T11775] syzkaller0: entered promiscuous mode
[  156.170945][T11775] syzkaller0: entered allmulticast mode
[  156.252334][ T5978] bridge_slave_1: left allmulticast mode
[  156.258094][ T5978] bridge_slave_1: left promiscuous mode
[  156.263786][ T5978] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.273913][ T5978] bridge_slave_0: left allmulticast mode
[  156.279739][ T5978] bridge_slave_0: left promiscuous mode
[  156.285382][ T5978] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.379814][T11800] Cannot find map_set index 0 as target
[  156.393204][ T5978] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  156.405335][ T5978] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  156.416340][ T5978] bond0 (unregistering): Released all slaves
[  156.500191][T11758] chnl_net:caif_netlink_parms(): no params data found
[  156.581072][T11811] loop0: detected capacity change from 0 to 512
[  156.594135][T11812] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2715'.
[  156.608270][T11811] EXT4-fs warning (device loop0): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  156.626614][T11811] EXT4-fs (loop0): mount failed
[  156.656138][T11758] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.663305][T11758] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.671145][T11758] bridge_slave_0: entered allmulticast mode
[  156.696978][T11758] bridge_slave_0: entered promiscuous mode
[  156.699789][T11822] loop0: detected capacity change from 0 to 256
[  156.711200][T11758] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.718367][T11758] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.726165][T11758] bridge_slave_1: entered allmulticast mode
[  156.732533][T11822] FAT-fs (loop0): Unrecognized mount option "0000000000000000000" or missing value
[  156.742833][T11758] bridge_slave_1: entered promiscuous mode
[  156.766949][ T5978] hsr_slave_0: left promiscuous mode
[  156.784168][ T5978] hsr_slave_1: left promiscuous mode
[  156.798529][ T5978] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  156.806233][ T5978] batman_adv: batadv0: Removing interface: batadv_slave_0
[  156.833851][ T5978] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  156.841345][ T5978] batman_adv: batadv0: Removing interface: batadv_slave_1
[  156.872737][ T5978] veth1_macvtap: left promiscuous mode
[  156.878278][ T5978] veth0_macvtap: left promiscuous mode
[  156.883958][ T5978] veth1_vlan: left promiscuous mode
[  156.889188][ T5978] veth0_vlan: left promiscuous mode
[  157.057393][ T5978] team0 (unregistering): Port device team_slave_1 removed
[  157.067694][ T5978] team0 (unregistering): Port device team_slave_0 removed
[  157.111851][T11827] netlink: 'syz.1.2719': attribute type 10 has an invalid length.
[  157.120163][T11829] netlink: 'syz.2.2720': attribute type 10 has an invalid length.
[  157.130266][T11758] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.151535][T11758] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.186073][T11758] team0: Port device team_slave_0 added
[  157.193148][   T29] kauditd_printk_skb: 189 callbacks suppressed
[  157.193164][   T29] audit: type=1400 audit(1720231580.882:1565): avc:  denied  { mounton } for  pid=11837 comm="syz.1.2724" path="/proc/84/cgroup" dev="proc" ino=36849 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  157.230939][T11758] team0: Port device team_slave_1 added
[  157.247442][T11844] netlink: 'syz.0.2726': attribute type 10 has an invalid length.
[  157.272037][T11758] batman_adv: batadv0: Adding interface: batadv_slave_0
[  157.279112][T11758] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.305245][T11758] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  157.319744][   T29] audit: type=1326 audit(1720231580.962:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11839 comm="syz.2.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458c6d3bd9 code=0x7fc00000
[  157.343384][   T29] audit: type=1326 audit(1720231580.962:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11839 comm="syz.2.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f458c6d3bd9 code=0x7fc00000
[  157.367157][   T29] audit: type=1326 audit(1720231580.962:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11839 comm="syz.2.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458c6d3bd9 code=0x7fc00000
[  157.387303][T11758] batman_adv: batadv0: Adding interface: batadv_slave_1
[  157.390629][   T29] audit: type=1326 audit(1720231580.962:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11839 comm="syz.2.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458c6d3bd9 code=0x7fc00000
[  157.397578][T11758] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.421026][   T29] audit: type=1326 audit(1720231580.962:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11839 comm="syz.2.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458c6d3bd9 code=0x7fc00000
[  157.446892][T11758] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  157.481060][   T29] audit: type=1326 audit(1720231580.962:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11839 comm="syz.2.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458c6d3bd9 code=0x7fc00000
[  157.504731][   T29] audit: type=1326 audit(1720231580.962:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11839 comm="syz.2.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458c6d3bd9 code=0x7fc00000
[  157.528232][   T29] audit: type=1326 audit(1720231580.962:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11839 comm="syz.2.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458c6d3bd9 code=0x7fc00000
[  157.551883][   T29] audit: type=1326 audit(1720231580.962:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11839 comm="syz.2.2725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f458c6d3bd9 code=0x7fc00000
[  157.590584][T11758] hsr_slave_0: entered promiscuous mode
[  157.622864][T11758] hsr_slave_1: entered promiscuous mode
[  157.642776][T11758] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  157.672876][T11758] Cannot create hsr debugfs directory
[  157.678400][T11860] netlink: 'syz.0.2731': attribute type 10 has an invalid length.
[  157.742736][T11867] netlink: 'syz.2.2735': attribute type 10 has an invalid length.
[  157.852871][T11871] loop4: detected capacity change from 0 to 1024
[  157.872631][T11871] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  158.038618][T11880] bridge0: port 3(hsr0) entered disabled state
[  158.044905][T11880] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.109954][T11880] bond3: left promiscuous mode
[  158.115090][T11880] bridge0: port 1(bond3) entered disabled state
[  158.159911][T11880] hsr0: left allmulticast mode
[  158.164791][T11880] hsr_slave_0: left allmulticast mode
[  158.170258][T11880] hsr_slave_1: left allmulticast mode
[  158.175722][T11880] hsr0: left promiscuous mode
[  158.180808][T11880] bridge0: port 3(hsr0) entered disabled state
[  158.193027][T11890] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2740'.
[  158.229357][T11880] bridge_slave_1: left allmulticast mode
[  158.235121][T11880] bridge_slave_1: left promiscuous mode
[  158.240886][T11880] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.260912][T11851] loop1: detected capacity change from 0 to 65536
[  158.308954][T11885] netlink: 'syz.0.2741': attribute type 10 has an invalid length.
[  158.328271][T11885] bond0: (slave netdevsim1): Releasing backup interface
[  158.339122][T11885] team0: Port device netdevsim1 added
[  158.349656][T11758] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  158.365828][T11758] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  158.434524][T11892] syzkaller0: entered promiscuous mode
[  158.436862][T11893] syzkaller0: create flow: hash 1297019743 index 0
[  158.440084][T11892] syzkaller0: entered allmulticast mode
[  158.454695][T11758] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  158.464293][T11758] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  158.476579][ T5978] syzkaller0: tun_net_xmit 48
[  158.502902][T11906] loop0: detected capacity change from 0 to 128
[  158.526974][T11908] loop4: detected capacity change from 0 to 128
[  158.534080][T11908] FAT-fs (loop4): Unrecognized mount option "�������" or missing value
[  158.597811][T11758] 8021q: adding VLAN 0 to HW filter on device bond0
[  158.619633][T11892] syzkaller0 (unregistered): delete flow: hash 1297019743 index 0
[  158.631355][T11914] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2751'.
[  158.640746][T11758] 8021q: adding VLAN 0 to HW filter on device team0
[  158.661960][ T3157] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.669254][ T3157] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.725682][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.732832][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.801571][T11932] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2758'.
[  158.821602][T11932] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  158.863840][T11758] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.890623][   T50] nci: nci_extract_activation_params_iso_dep: unsupported activation_rf_tech_and_mode 0x2
[  158.904998][T11925] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2756'.
[  158.973386][T11962] FAULT_INJECTION: forcing a failure.
[  158.973386][T11962] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.986856][T11962] CPU: 0 PID: 11962 Comm: syz.1.2764 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  158.997123][T11962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  159.007236][T11962] Call Trace:
[  159.010534][T11962]  <TASK>
[  159.013481][T11962]  dump_stack_lvl+0xf2/0x150
[  159.018102][T11962]  dump_stack+0x15/0x20
[  159.022331][T11962]  should_fail_ex+0x229/0x230
[  159.027051][T11962]  should_fail+0xb/0x10
[  159.031289][T11962]  should_fail_usercopy+0x1a/0x20
[  159.036325][T11962]  _copy_from_user+0x1e/0xd0
[  159.041111][T11962]  copy_strings+0x32a/0x620
[  159.045682][T11962]  do_execveat_common+0x57d/0x7d0
[  159.050852][T11962]  __x64_sys_execve+0x5a/0x70
[  159.055560][T11962]  x64_sys_call+0x1378/0x2d70
[  159.060276][T11962]  do_syscall_64+0xc9/0x1c0
[  159.064877][T11962]  ? clear_bhb_loop+0x55/0xb0
[  159.069579][T11962]  ? clear_bhb_loop+0x55/0xb0
[  159.074278][T11962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.080278][T11962] RIP: 0033:0x7fa2e6291bd9
[  159.084714][T11962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.096817][T11758] veth0_vlan: entered promiscuous mode
[  159.104348][T11962] RSP: 002b:00007fa2e5513048 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  159.104375][T11962] RAX: ffffffffffffffda RBX: 00007fa2e641ff60 RCX: 00007fa2e6291bd9
[  159.104390][T11962] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000020000280
[  159.104406][T11962] RBP: 00007fa2e55130a0 R08: 0000000000000000 R09: 0000000000000000
[  159.135699][T11758] veth1_vlan: entered promiscuous mode
[  159.142264][T11962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  159.142282][T11962] R13: 000000000000000b R14: 00007fa2e641ff60 R15: 00007ffe4369b308
[  159.142303][T11962]  </TASK>
[  159.180747][T11968] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2766'.
[  159.199633][T11758] veth0_macvtap: entered promiscuous mode
[  159.208123][T11758] veth1_macvtap: entered promiscuous mode
[  159.236475][T11758] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.246965][T11758] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.256811][T11758] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.267268][T11758] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.277150][T11758] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.287642][T11758] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.297717][T11758] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.308366][T11758] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.327223][T11758] batman_adv: batadv0: Interface activated: batadv_slave_0
[  159.340946][T11758] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.351630][T11758] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.361666][T11758] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.372227][T11758] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.382080][T11758] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.392543][T11758] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.402395][T11758] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.412852][T11758] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.422695][T11758] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.433361][T11758] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.449865][T11758] batman_adv: batadv0: Interface activated: batadv_slave_1
[  159.463478][T11758] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  159.472409][T11758] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  159.481221][T11758] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  159.489978][T11758] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  159.516584][T11985] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.523811][T11985] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.561498][T11985] bridge_slave_1: left allmulticast mode
[  159.561800][T11992] program syz.4.2774 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  159.567276][T11985] bridge_slave_1: left promiscuous mode
[  159.567501][T11985] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.592430][T11985] bridge_slave_0: left allmulticast mode
[  159.598199][T11985] bridge_slave_0: left promiscuous mode
[  159.604038][T11985] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.666082][T11989] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2772'.
[  159.791293][T12022] netlink: 'syz.0.2782': attribute type 10 has an invalid length.
[  159.791299][ T5978] ==================================================================
[  159.807261][ T5978] BUG: KCSAN: data-race in n_tty_receive_buf_common / n_tty_write
[  159.815200][ T5978] 
[  159.817533][ T5978] write to 0xffffc900012fd020 of 8 bytes by task 12022 on cpu 0:
[  159.825258][ T5978]  n_tty_write+0x1bc/0xb90
[  159.829696][ T5978]  file_tty_write+0x386/0x690
[  159.834378][ T5978]  tty_write+0x28/0x30
[  159.838460][ T5978]  do_iter_readv_writev+0x339/0x3e0
[  159.843687][ T5978]  vfs_writev+0x2e0/0x880
[  159.848040][ T5978]  do_writev+0xf8/0x220
[  159.852211][ T5978]  __x64_sys_writev+0x45/0x50
[  159.856899][ T5978]  x64_sys_call+0x1ee2/0x2d70
[  159.861589][ T5978]  do_syscall_64+0xc9/0x1c0
[  159.866152][ T5978]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.872072][ T5978] 
[  159.874396][ T5978] read to 0xffffc900012fd020 of 8 bytes by task 5978 on cpu 1:
[  159.881942][ T5978]  n_tty_receive_buf_common+0x892/0xbe0
[  159.887519][ T5978]  n_tty_receive_buf2+0x33/0x40
[  159.892397][ T5978]  tty_ldisc_receive_buf+0x63/0x100
[  159.897612][ T5978]  tty_port_default_receive_buf+0x59/0x90
[  159.903354][ T5978]  flush_to_ldisc+0x1ce/0x410
[  159.908042][ T5978]  process_scheduled_works+0x483/0x9a0
[  159.913526][ T5978]  worker_thread+0x526/0x720
[  159.918212][ T5978]  kthread+0x1d1/0x210
[  159.922301][ T5978]  ret_from_fork+0x4b/0x60
[  159.926743][ T5978]  ret_from_fork_asm+0x1a/0x30
[  159.931522][ T5978] 
[  159.933840][ T5978] value changed: 0x00000000000037d2 -> 0x00000000000037d4
[  159.940951][ T5978] 
[  159.943307][ T5978] Reported by Kernel Concurrency Sanitizer on:
[  159.949453][ T5978] CPU: 1 PID: 5978 Comm: kworker/u8:12 Not tainted 6.10.0-rc6-syzkaller-00210-gd270dd21bee0 #0
[  159.959868][ T5978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  159.969925][ T5978] Workqueue: events_unbound flush_to_ldisc
[  159.975744][ T5978] ==================================================================