last executing test programs:

2.284917564s ago: executing program 2 (id=3979):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_int(r4, 0x1, 0x7, &(0x7f0000000080), 0x4)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x80, 0xe011)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x90)
close(r3)

2.08421851s ago: executing program 2 (id=3983):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r1)
sendmsg$NLBL_CALIPSO_C_REMOVE(r0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0)
setuid(0xee00)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

1.999658757s ago: executing program 2 (id=3984):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8}]}], {0x14, 0x10}}, 0x64}}, 0x0)

1.96402913s ago: executing program 2 (id=3985):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x40086602, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000440)={0x0, 0x0, 0xf6})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
fstatfs(0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000021000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x64}]}, 0x18}}, 0x4008001)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, &(0x7f0000000240)={@mcast2}, 0x14)
r4 = open(0x0, 0x14927e, 0x0)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fallocate(r4, 0x0, 0x0, 0x1000f4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x64, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth1_to_batadv\x00'}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_COUNTERS={0x10, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0x9}]}]}], {0x14, 0x10}}, 0xac}}, 0x0)

1.857066949s ago: executing program 2 (id=3986):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$inet6(0xa, 0x0, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2}, 0x1c)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./bus\x00', 0x400000, &(0x7f0000000500)=ANY=[@ANYBLOB="666c7573682c6e6f646f74732c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c646d61736b3d30303030303030303030303030303030303030303137372c646f74732c6e6f646f74732c71756965742c646f74732c0023c3cb4d2e3cbf18508098ee0de2af38db67d42d1bc4ab714d52f019082433fc9ca2d7174b2c4e5531c9f4c7a4d53914e100"/167], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
open(&(0x7f0000000000)='./bus\x00', 0x141b42, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r4, 0x4c12, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ee289f413bb90152f7d6d1ce5ca93c0f7c41499dc28ac63a01000000000000004faa2ad9c084a003ea00", "03bdbcef549ba19704007ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c20c62df7a8d5da5c00000000ff030000fff2ff008900"})

1.187913463s ago: executing program 3 (id=3939):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000008100000086dd"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x2}, 0x48)
io_submit(0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(0xffffffffffffffff, 0x4, 0x0, 0x1)

1.104185s ago: executing program 2 (id=3990):
socket$inet(0x2, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000300)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x4}, 0x1c)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000c50000009e0000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b00)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
ppoll(&(0x7f0000000d40)=[{r0}], 0x1, &(0x7f0000000dc0)={0x0, 0x3938700}, 0x0, 0x0)

1.10365614s ago: executing program 3 (id=3991):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@bridge_getvlan={0x50, 0x72, 0x701, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x50}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000280)={'bridge_slave_0\x00', &(0x7f00000000c0)=@ethtool_eee={0x44, 0x3, 0xffffffff, 0x0, 0xffff, 0x3, 0x7, 0xffffffff, [0x214f, 0xffffffc0]}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)

1.042024145s ago: executing program 4 (id=3994):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x0, 0x3c000000}, @NFT_MSG_NEWCHAIN={0x14}], {0x14, 0x10}}, 0x50}}, 0x0)

992.023609ms ago: executing program 3 (id=3995):
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000003200)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec06000000000000002176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f3cc2b0da31fa21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e03564f7f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf05003f6cded6a2f8550b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c10a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d02000000a3ff4f8a4cf796b07a6ff61c5d52417fd703f7f14d8b78ac02ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c9ad943e392955f4f979ea13201bafe4f0f6ea5080000000cdcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12289ee34463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b0030000000000ea8809820000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f55e550fafa4cedd763ada3104f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2a81425ef1b71c1d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e6f523d9c8c21578fe3245097c280abe51427b9f6cd72b51b7689969c72fb632d1c072492d9da6d0252803c66730cd5eac907f09b9695906313f88735fce513974a24eee239baa91322608c6fc01e1b9e16587bb5f721303e6b89000000fa08ad0731c4b839688b22c4da2a6bc4cf45dbeea042f9b33393f85a0417854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296ac2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692baffffffff5c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b042d84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf53928867d596987024952b698d4a01c08aca45ea8727be6c8bc8fdcdff1917db98f152625b8465bc46dbe9762d1183ec79f4ab393541a6d9cabc4de71c5a65d228e4cb483cca06858dc6727c7a2322c9580d9afc33f6fcf87518ecca6dd027cb995f1eb4e98e4b500b5843d4ee1d28831707923f0"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write(r2, &(0x7f0000000000)="fa", 0xfffffdef) (fail_nth: 30)

666.864876ms ago: executing program 0 (id=3998):
syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r1 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0xffffff99}], 0x27})
io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = dup(r4)
mount$9p_fd(0x20102200, &(0x7f0000000380)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

490.49243ms ago: executing program 4 (id=4000):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{0x1, <r0=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000000c0)}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xd, 0x10, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000020646c2500000000002020207b1a00fe00000000bda100000000000007010000f8ffffffb702000008000000b7030000000000008500000076000000950000000000000085100000010000001829000000000000000000", @ANYRESHEX=r0, @ANYBLOB="00184b0000000300000000"], &(0x7f0000000180)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x90)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0xc000, 0x0, 0x0)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
syz_io_uring_setup(0x3b, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f0000000080)="18", 0x10, 0x0, &(0x7f00000000c0)={0x11, 0xc, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r7, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x200000000000019f, 0x0, 0x0}, 0x90)
r8 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x28, 0x52, 0x1, 0xffffffff, 0x0, {0xa}, [@typed={0x14, 0x7, 0x0, 0x0, @ipv6=@mcast1}]}, 0x28}}, 0x0)
r9 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r9, 0x6, 0x80000000000002, &(0x7f0000000040)=0x7a, 0x4)
sendto$inet(r9, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
write$binfmt_elf64(r9, &(0x7f00000002c0)=ANY=[], 0x40e2)
sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000002500)={0x0, 0x0, &(0x7f00000024c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001200010a00000000000000000000003f00000000000000000000000000000000000000e0ffffffff454b086007ecaec800000000e0798deb5d64018ebcdfdc8817"], 0x50}}, 0x0)

477.122961ms ago: executing program 0 (id=4001):
fallocate(0xffffffffffffffff, 0xc, 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
utimensat(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @private0}, {0xa, 0x0, 0x0, @mcast1}, 0x0, {[0x691, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}}, 0x5c)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000003c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r5, 0x0)
connect$pppl2tp(r2, &(0x7f0000000980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x26)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_group_source_req(r6, 0x0, 0x2f, &(0x7f0000001e40)={0x55a21ebd, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
r7 = socket$kcm(0x10, 0x2, 0x4)
close(r7)
socket$kcm(0x10, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240)={[{@user_xattr}, {@nombcache}, {@noblock_validity}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r8, &(0x7f00000003c0)='./bus\x00', 0x0)
renameat2(r8, &(0x7f0000000300)='./bus\x00', r8, &(0x7f00000001c0)='./file0\x00', 0x4)
sendmsg$inet(r7, &(0x7f0000000040)={0x0, 0x9, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514000cc00800190004000200060007000364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r9 = memfd_secret(0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0xc, 0x12, r9, 0x2e29a000)

423.380645ms ago: executing program 3 (id=4002):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110)

422.869426ms ago: executing program 1 (id=4003):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={0x0, 0x44}}, 0x0)

385.703679ms ago: executing program 1 (id=4004):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000000000)=[{r1}, {r2}, {r2, 0x9086}], 0x3, 0x0, 0x0, 0x0)
close(r0)

385.258389ms ago: executing program 0 (id=4005):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_sctp(0xa, 0x0, 0x84)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
add_key$keyring(&(0x7f0000000240), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f00000005c0)={[{@noauto_da_alloc}, {@errors_remount}, {@dioread_nolock}]}, 0x3, 0x4cf, &(0x7f0000000740)="$eJzs3E9sFNUfAPDvbFta/v3oDxEFUYtobCS2UFA4mBiMJh40MeJBj01bCFKooSURgmZJDB4NiXfj0asHr+qFGE8mXvFoYkiI4QKYGNfM7szudpltabvt2vTzSZZ5b/699+bNm33zXpcANqyh9J+kFr4ZETsiotS6w1Btce/OlYn7d65MRLlSOflnUj3sbhrPZKeJrVlkuBRR+ixpbGgye+ny2fHp6akLWXx07txHo7OXLr945tz46anTU+fHjh8/euTwsZfHXlp6oQrSS8t1d++nM/v2vPnB9bcnevP1A9myuRydMhRDRVmpeq7TiXXZ9qZw0tvFjLAk6f2fVldftf3viJ5QebBRVCqVSn/7zeVKq6sPrAHWrSS6nQOgO/Iv+vT9N/8UdQQ2rU73o+tun6i9AKXlvpd9Ip6urszHQfpa3m87aSgi3i//9VX6iVUahwAAaPbDibwn2NL/G6zNjPx98car6fJ/2RzKYET8PyJ2RsQjEbErIh6NiN0R8VhEPN5y/p6IqCyQ/lBLvJ5+fRKqdKtDRS2U9v9eyea2Gv2/eRkY7Mli2yPyDvPUoeyaDEdf/6kz01OHF0jjx9d//aLdtub+X/pJ08/7glk+bvW2DNBNjs+NL7vALW5fjdjb21r+pDciqc8EJBGxJyL2LuG8g03hMy98s68e6Zu/3+Llr6oUzqN1YKqi8nXE87X6L8e8+m+kmCw8Pzk6ENNTh0bTu+BQYRo//3LtnXbpL1r+735vPeSNY9+fzFrWyqX1v6Xp/o98/rZR/sEkIqnP184uPY1rv33e9p1muff/puS9ajh/L/14fG7uwuGITclbD64faxybx9NllGvlHz5Q3P53ZsekV+KJiEhv4icj4qmovSGmed8fEc9ExIEFyv/Ta89+uPzyr660/JOFz7959d+Yr28XSMq1vQs29Zzdf/N+m4fHw9X/0WpoOFtT/PxL5j0i2uU0/7ZL1/yz0osHAAAA60QpIrY1jSVti1JpZKQ2BrQrtpSmZ2bnDp6auXh+Mt0WMRh9pXykqzYe3Jfk45+DTfGxlviRbNz4y57N1fjIxMz0ZFdLDmyttvmkNFJ/FtTaf+qPzgwxA/9lfvIDG9dC7T/txO++voaZAdbUw3//3/hkVTMCrLmm9l9us0t5GX/3BawD3v+BhnbdgAbPDFj/KtoybGhLav8HF+8bAOtHb7xbD5e6mhNgren/w4a06O/6VxSo9BdvGogHd46BhU/YE8vLxuaCtLoSSHtWXUl983KOyv83hbb7RGlpJ+yPztTpqRVejfKF2dO7O37zV7K/le90DX67Ju20KNCVxxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDH/RsAAP//sp/iug==")
r0 = open(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000005b00)=0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r0, 0x0)

383.599509ms ago: executing program 4 (id=4006):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@bridge_getvlan={0x50, 0x72, 0x701, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}, @BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x50}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000280)={'bridge_slave_0\x00', &(0x7f00000000c0)=@ethtool_eee={0x44, 0x3, 0xffffffff, 0x0, 0xffff, 0x3, 0x7, 0xffffffff, [0x214f, 0xffffffc0]}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)

324.601454ms ago: executing program 4 (id=4007):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000140), r1)
sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0)
setuid(0xee00)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

271.412448ms ago: executing program 3 (id=4008):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r1 = syz_io_uring_setup(0xd7c, &(0x7f00000035c0)={0x0, 0x0, 0x10100}, &(0x7f0000000a00)=<r2=>0x0, &(0x7f0000000a40)=<r3=>0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000300)=@in={0x2, 0x0, @local}})
io_uring_enter(r1, 0x291c, 0x0, 0xfeffffffffffffff, 0x0, 0x0)

247.43097ms ago: executing program 1 (id=4009):
sched_setscheduler(0x0, 0x5, &(0x7f000000d380))
ioprio_set$pid(0x1, 0x0, 0x0)
open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x0, 0x0)
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_SIGNAL_INFO(r0, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x33fe0}, 0x33fe0}}, 0x0)
sendmsg$AUDIT_SIGNAL_INFO(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x10}, 0x10}}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000200)=@filter={'filter\x00', 0xe, 0x4, 0x340, 0xffffffff, 0xd0, 0xd0, 0x1a0, 0xffffffff, 0xffffffff, 0x3e0, 0x3e0, 0x3e0, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@local, @empty, [], [], 'tunl0\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}, {{@ipv6={@dev, @private1, [], [], 'veth0\x00', 'geneve1\x00'}, 0x0, 0xa8, 0xd0}, @REJECT={0x28}}, {{@ipv6={@private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'team_slave_1\x00', 'bond_slave_1\x00'}, 0x0, 0xa8, 0xd0}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3a0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
acct(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00')
acct(0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000005c0)={0x5, &(0x7f0000000100)=[{0x101, 0x9, 0x4, 0x4}, {0x8000, 0x5, 0x7, 0x1}, {0xf, 0x8, 0x6, 0x3}, {0x4, 0x9, 0x94, 0x8}, {0x8, 0x9, 0x4, 0x2}]})

214.638892ms ago: executing program 1 (id=4010):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000040), 0xffffff94)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}}, 0x9c)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
epoll_create1(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
syncfs(0xffffffffffffffff)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x1000, 0x40000}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec06000000000000002176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f3cc2b0da31fa21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bca84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e03564f7f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf05003f6cded6a2f8550b973b818184ebad0485fbaa816e3b26199d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c10a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d02000000a3ff4f8a4cf796b07a6ff61c5d52417fd703f7f14d8b78ac02ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c9ad943e392955f4f979ea13201bafe4f0f6ea5080000000cdcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12289ee34463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b0030000000000ea8809820000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f55e550fafa4cedd763ada3104f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2a81425ef1b71c1d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efc794874eac73381e6f523d9c8c21578fe3245097c280abe51427b9f6cd72b51b7689969c72fb632d1c072492d9da6d0252803c66730cd5eac907f09b9695906313f88735fce513974a24eee239baa91322608c6fc01e1b9e16587bb5f721303e6b89000000fa08ad0731c4b839688b22c4da2a74c4cf45dbeea042f9b33393f85a0417854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296ac2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692baffffffff5c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b042d84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf53928867d596987024952b698d4a01c08aca45ea8727be6c8bc8fdcdff1917db98f152625b8465bc46dbe9762d1183ec79f4ab393541a6d9cabc4de71c5a65d228e4cb483cca06858dc6727c7a2322c9580d9afc33f6fcf87518ecca6dd027cb995f1eb4e98e4b500b5843d4ee19210490639d0f4893d7d2c79c2d5cec4ebf2e04aeb1e36e370645e52e1328e70f011a950f8ae1dfa42b14ea99ffe35186534534630ad8a4881ff625e1b389cedc085acdba51308f2c4ab4b781e3756adbe6d012874666b157d1f077614a1e7c90180694efeb4094dc87f969af3e0a4ecdae32a091fd3ca0b86d732d130b983602ff21887eb1692e622d880a8378b129731c379bdcc7db13d2ab8b189ff83ca71d967fd7e1c46def217e7a9d0ac26bb6f65bbe904e3"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfdcd}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)=@o_path={0x0}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="74000000000201040000000000000000020000002400028014000180080001000000000008000200ac1414bb0c00028004000100000000002400038014000180403ae1a30000000008000200000000000c0002800500010000000000180001801400018008000100ac1414bb08000200ac141400"], 0x74}}, 0x0)
r6 = socket(0x15, 0x5, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8740, 0xffffffffffffffe0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_script(r8, &(0x7f0000000200), 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
getsockopt$inet6_int(r6, 0x29, 0x12, &(0x7f0000000100), &(0x7f0000000180)=0x4)
getsockopt(r6, 0x200000000114, 0x271e, 0x0, &(0x7f0000000000))

168.091127ms ago: executing program 3 (id=4011):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'hsr0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}}, 0x0)

167.616267ms ago: executing program 4 (id=4012):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x40086602, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
ioctl$TIOCSRS485(r0, 0x542f, &(0x7f0000000440)={0x0, 0x0, 0xf6})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
fstatfs(0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000021000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x64}]}, 0x18}}, 0x4008001)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, &(0x7f0000000240)={@mcast2}, 0x14)
r4 = open(0x0, 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4002011, r4, 0x0)
fallocate(r4, 0x0, 0x0, 0x1000f4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x64, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth1_to_batadv\x00'}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_COUNTERS={0x10, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0x9}]}]}], {0x14, 0x10}}, 0xac}}, 0x0)

166.941736ms ago: executing program 0 (id=4013):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = io_uring_setup(0x6f6, &(0x7f0000005100))
io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f0000005500)={0x3, 0x0, 0x0, &(0x7f0000005480)=[{0x0}, {0x0}, {&(0x7f0000005380)=""/255, 0xff}], 0x0}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000007cc0)={0x2, 0x20, &(0x7f0000007c40)=[{0x0}], 0x0, 0x1}, 0x20)

112.091371ms ago: executing program 0 (id=4014):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1], 0x44}}, 0x0)

97.154602ms ago: executing program 0 (id=4015):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x90)
pipe2$9p(&(0x7f0000000140), 0x0) (async)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x208e24b)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) (async)
write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xaffffff7ffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x208000, 0x1, 0x1}, 0x48) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x208000, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x15, &(0x7f0000002bc0)={{r4}, &(0x7f0000002b40), 0x0}, 0x20)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x5452, &(0x7f0000000780)='\x02;\xe5\b\x00\x1c\x9c\x00\x00\x00\x00\x00\x00\x91\xecB\xdcZ\xe5\xbd$\x05\x90\xa9\xf3\xc7\xcb\xb7\xf0\xa1;#\x989\xe9\x12\xdf^6\xfc\xf3\x01\x02\xbc\xbf\xc0\xf0\x10\xee\xd3\\yy\xa4\xf9\xe8\x00\xdd\xe97 0_\xe4]W\xf7~\xacVK\xc9t\x9e+:\x85\xef\x94\x0e\x19\x9cV[N.\xeb\x9fJ>\xd9\x99\x88\xd8\xdd\xb8Y\xc3$\xc6\x93\v\x04REY\xf4\xea\xf2\xcd\xcd.\x16\x861\xa1\v\x8d\x8e\x84R\xa6\x83\x84\xc0\x01e\xc3\xc8\xcc?\xc8?\x19\xb2\xa2\xe1\xac<\xe9f\x11\xff3\xc7S\x03U\xe0\xd8t\xe3%96\x00'/168)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000200)=0x7fff) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000200)=0x7fff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00'}, 0x90) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0}, 0x20) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000100)={0x6, 0x80, 0x20, 0x9c, 0x1, 0x3f, 0x0, 0x1, 0x2bf284ac81b4994e, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x9, 0x0, @perf_config_ext={0x100000000, 0x45}, 0x0, 0x10000, 0xfffffffe, 0x6, 0x7, 0x80, 0x2, 0x0, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open$cgroup(&(0x7f0000000100)={0x6, 0x80, 0x20, 0x9c, 0x1, 0x3f, 0x0, 0x1, 0x2bf284ac81b4994e, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x9, 0x0, @perf_config_ext={0x100000000, 0x45}, 0x0, 0x10000, 0xfffffffe, 0x6, 0x7, 0x80, 0x2, 0x0, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e02742e8680d85ff9782762f0800", 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x5, 0xffffffffffffffff, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) (async)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x30)
write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="7f450700000053c407cd"], 0x7c8) (async)
write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="7f450700000053c407cd"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="17b5b7b1895e972cdebe850da9a54a1fd0effc2296a22859108f591ea944070db3abfdb8413184710f3679a35990d385cbc7d44191922c84a77269a686d5a3aba214f13503825d96768e4f0c674a93057432cea38ad47088631af52ae5ed92feea9bb5b891bf3cff54da085568604b952c70863ac08d2f9f62df510248f9bf31d36a26f4f33b64bb0b72a52b155aaff11c53b9152ab46df4f19c6ff70e526d1e40ceb653e9518e859752f9063943c678ef0cd5e4e1c9b5b0c1ce72"])

86.082153ms ago: executing program 1 (id=4016):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0)
getsockopt$WPAN_SECURITY(r0, 0x0, 0x1, 0x0, &(0x7f0000000040))
syz_emit_ethernet(0x7a, &(0x7f0000000180)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x58, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x0, 0x0, {0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @broadcast=0xac14140a, @broadcast=0xac1414bb, {[@timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@local}, {@loopback}, {@dev}]}, @cipso={0x86, 0x1d, 0x0, [{0x0, 0xe, "e02f39d6d0b9b47f6b961e3e"}, {0x0, 0x9, "4ef661e96b4014"}]}]}}}}}}}, 0x0)

53.984526ms ago: executing program 4 (id=4017):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14"], 0x18}, 0x0)
recvmmsg(r1, &(0x7f0000001140), 0x700, 0x0, 0x0)

0s ago: executing program 1 (id=4018):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="480140ffd79a9128b3f4495d0b113deee437d73473000001000000000064aac9d51b867dea6bc4e9de910251d1b9ec75abdcffeec5cc7700040000b01e5739204109b401fb80010353e2af00000000000000000099e6b8035bd173b2be19e78e6da329d6ba2de5f6e1983bb3cf125078881bc5a2535918f8791b6ddfc891684ee557606a5eaf1d3b9e0f8deb3163eea1f7e95b2a307f5687a2d23c32d05ba2c6", @ANYRES16=r3, @ANYBLOB="010000000000000000000100000008000100030000002400048005000300010000000500030000000000050003008000000005000300800000000800020003000000"], 0x48}}, 0x0)
perf_event_open(&(0x7f0000002100)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='flush,nocase,discard,dots,fmask=00000000000000000000177,dots,nodots,nodots,dots,\x00', @ANYRESOCT], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000000)=0x7, 0x4)
r4 = syz_open_dev$usbfs(&(0x7f0000000040), 0x80000000003, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r4, 0x802c550a, &(0x7f0000000080)=ANY=[@ANYBLOB="0200a006002a17006000000002000020"])
recvmmsg(r1, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/155, 0x9b}, {&(0x7f00000004c0)=""/253, 0xfd}], 0x2, &(0x7f00000005c0)=""/236, 0xec}, 0x7fff}], 0x1, 0x2000, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
ioctl$USBDEVFS_REAPURBNDELAY(r4, 0x4008550c, 0x0)
r5 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r6=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005400e501000000000000000007000000", @ANYRES32=r6, @ANYBLOB="20000100", @ANYRES32=r8, @ANYBLOB="01000300ffffffff00000000000000000000000000000020"], 0x38}}, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x7, 0x0, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

truncate cleaned up
[  221.787828][T14271] loop4: detected capacity change from 0 to 512
[  221.794426][T14271] EXT4-fs: Ignoring removed nomblk_io_submit option
[  221.802595][T14271] EXT4-fs: Ignoring removed orlov option
[  221.809546][T14271] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  221.817534][T14271] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002]
[  221.825617][T14271] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[  221.835262][T14271] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[  221.885109][ T7456] kernel write not supported for file /sg0 (pid: 7456 comm: kworker/0:6)
[  221.949492][T14284] netlink: 9 bytes leftover after parsing attributes in process `syz.0.3376'.
[  221.959216][T14284] gretap0: entered promiscuous mode
[  221.980618][T14284] 0猉功D: renamed from gretap0
[  221.987440][T14284] 0猉功D: left promiscuous mode
[  221.992400][T14284] 0猉功D: entered allmulticast mode
[  222.040730][T14292] loop3: detected capacity change from 0 to 512
[  222.085971][T14296] loop2: detected capacity change from 0 to 1024
[  222.097575][T14296] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  222.126690][  T922] kernel write not supported for file /sg0 (pid: 922 comm: kworker/1:2)
[  222.137053][T14296] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  222.154653][T14296] EXT4-fs (loop2): orphan cleanup on readonly fs
[  222.165956][T14296] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.3382: Invalid inode table block 0 in block_group 0
[  222.179051][T14296] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  222.188573][T14296] EXT4-fs error (device loop2): ext4_quota_write:7232: inode #3: comm syz.2.3382: mark_inode_dirty error
[  222.200226][T14296] Quota error (device loop2): write_blk: dquota write failed
[  222.207688][T14296] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  222.217656][T14296] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz.2.3382: Failed to acquire dquot type 0
[  222.230464][T14296] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.3382: Invalid inode table block 0 in block_group 0
[  222.232543][T14310] loop4: detected capacity change from 0 to 512
[  222.243359][T14296] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  222.251745][T14310] EXT4-fs: Ignoring removed nomblk_io_submit option
[  222.260791][T14296] EXT4-fs error (device loop2): ext4_ext_truncate:4432: inode #15: comm syz.2.3382: mark_inode_dirty error
[  222.265726][T14310] EXT4-fs: Ignoring removed orlov option
[  222.279010][T14296] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.3382: Invalid inode table block 0 in block_group 0
[  222.284097][T14310] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  222.295359][T14296] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  222.303195][T14310] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002]
[  222.303434][T14310] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[  222.314520][T14296] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  222.320521][T14310] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[  222.333227][T14296] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.3382: Invalid inode table block 0 in block_group 0
[  222.361124][T14296] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  222.370765][T14296] EXT4-fs error (device loop2): ext4_truncate:4162: inode #15: comm syz.2.3382: mark_inode_dirty error
[  222.382064][T14296] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  222.391091][T14296] EXT4-fs (loop2): 1 truncate cleaned up
[  222.440512][T14314] loop4: detected capacity change from 0 to 128
[  222.496919][T14317] 0猉功D: entered promiscuous mode
[  222.502156][T14317] 0猉功D: left allmulticast mode
[  222.518357][T14317] 1猉功D: renamed from 
30猉功D
[  222.527792][T14317] 1猉功D: left promiscuous mode
[  222.532743][T14317] 1猉功D: entered allmulticast mode
[  222.539630][T14317] net_ratelimit: 8 callbacks suppressed
[  222.539646][T14317] A link change request failed with some changes committed already. Interface 
31猉功D may have been left with an inconsistent configuration, please check.
[  222.619217][  T922] kernel write not supported for file /sg0 (pid: 922 comm: kworker/1:2)
[  222.709957][T14339] loop2: detected capacity change from 0 to 1024
[  222.717205][T14339] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  222.728333][T14339] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  222.738012][T14339] EXT4-fs (loop2): orphan cleanup on readonly fs
[  222.744964][T14339] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.3397: Invalid inode table block 0 in block_group 0
[  222.762287][ T3162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.762412][T14339] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  222.781067][T14339] EXT4-fs error (device loop2): ext4_quota_write:7232: inode #3: comm syz.2.3397: mark_inode_dirty error
[  222.793291][T14339] Quota error (device loop2): write_blk: dquota write failed
[  222.800771][T14339] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  222.810753][T14339] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz.2.3397: Failed to acquire dquot type 0
[  222.822132][T14339] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.3397: Invalid inode table block 0 in block_group 0
[  222.835223][T14339] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  222.847960][T14339] EXT4-fs error (device loop2): ext4_ext_truncate:4432: inode #15: comm syz.2.3397: mark_inode_dirty error
[  222.859555][T14339] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.3397: Invalid inode table block 0 in block_group 0
[  222.873063][T14339] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  222.883738][T14339] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  222.892956][T14339] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.3397: Invalid inode table block 0 in block_group 0
[  222.906816][T14339] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  222.916938][T14339] EXT4-fs error (device loop2): ext4_truncate:4162: inode #15: comm syz.2.3397: mark_inode_dirty error
[  222.929513][T14339] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  222.938604][T14339] EXT4-fs (loop2): 1 truncate cleaned up
[  223.077963][T14349] netlink: 'syz.2.3399': attribute type 4 has an invalid length.
[  223.113646][T14351] loop2: detected capacity change from 0 to 512
[  223.124795][T14353] loop3: detected capacity change from 0 to 164
[  223.142240][T14351] ext4 filesystem being mounted at /210/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.195654][T14359] 0猉功D: entered promiscuous mode
[  223.200904][T14359] 0猉功D: left allmulticast mode
[  223.220416][T14359] 1猉功D: renamed from 
30猉功D
[  223.229901][T14359] 1猉功D: left promiscuous mode
[  223.234927][T14359] 1猉功D: entered allmulticast mode
[  223.242500][T14359] A link change request failed with some changes committed already. Interface 
31猉功D may have been left with an inconsistent configuration, please check.
[  223.287118][T11053] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  223.308834][T11053] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  223.322212][T11053] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  223.349447][T11053] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  223.362946][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  223.371890][T11053] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  223.388274][T11053] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  223.404773][T11053] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  223.418493][T11053] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  223.436111][T11053] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  223.450771][T11053] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  223.762422][ T8912] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.905567][ T8912] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.978410][ T8912] team0: Port device netdevsim1 removed
[  223.994654][ T8912] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.063160][ T8912] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.165192][T14383] chnl_net:caif_netlink_parms(): no params data found
[  224.176632][ T8912] bridge_slave_1: left allmulticast mode
[  224.182365][ T8912] bridge_slave_1: left promiscuous mode
[  224.188118][ T8912] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.198675][ T8912] bridge_slave_0: left allmulticast mode
[  224.204452][ T8912] bridge_slave_0: left promiscuous mode
[  224.210130][ T8912] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.531771][ T8912] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  224.542923][ T8912] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  224.555796][ T8912] bond0 (unregistering): Released all slaves
[  224.621768][T14427] FAULT_INJECTION: forcing a failure.
[  224.621768][T14427] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.635001][T14427] CPU: 1 PID: 14427 Comm: syz.1.3427 Tainted: G        W          6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[  224.646726][T14427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  224.656838][T14427] Call Trace:
[  224.660128][T14427]  <TASK>
[  224.663081][T14427]  dump_stack_lvl+0xf2/0x150
[  224.667723][T14427]  dump_stack+0x15/0x20
[  224.671975][T14427]  should_fail_ex+0x229/0x230
[  224.676707][T14427]  should_fail+0xb/0x10
[  224.680940][T14427]  should_fail_usercopy+0x1a/0x20
[  224.685995][T14427]  _copy_to_user+0x1e/0xa0
[  224.686035][T14427]  simple_read_from_buffer+0xa0/0x110
[  224.686072][T14427]  proc_fail_nth_read+0xfc/0x140
[  224.700813][T14427]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  224.706443][T14427]  vfs_read+0x1a2/0x6e0
[  224.710615][T14427]  ? __rcu_read_unlock+0x4e/0x70
[  224.715589][T14427]  ? __fget_files+0x1da/0x210
[  224.720408][T14427]  ksys_read+0xeb/0x1b0
[  224.724638][T14427]  __x64_sys_read+0x42/0x50
[  224.729180][T14427]  x64_sys_call+0x27e5/0x2d70
[  224.733890][T14427]  do_syscall_64+0xc9/0x1c0
[  224.738513][T14427]  ? clear_bhb_loop+0x55/0xb0
[  224.743211][T14427]  ? clear_bhb_loop+0x55/0xb0
[  224.747907][T14427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.753839][T14427] RIP: 0033:0x7f3f695426bc
[  224.758269][T14427] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  224.778086][T14427] RSP: 002b:00007f3f687c5040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  224.786515][T14427] RAX: ffffffffffffffda RBX: 00007f3f696d1f60 RCX: 00007f3f695426bc
[  224.794534][T14427] RDX: 000000000000000f RSI: 00007f3f687c50b0 RDI: 0000000000000005
[  224.802579][T14427] RBP: 00007f3f687c50a0 R08: 0000000000000000 R09: 0000000000000000
[  224.810566][T14427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.818552][T14427] R13: 000000000000000b R14: 00007f3f696d1f60 R15: 00007fffcb8ec458
[  224.826562][T14427]  </TASK>
[  224.844704][T14383] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.851818][T14383] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.859406][T14383] bridge_slave_0: entered allmulticast mode
[  224.924930][T14383] bridge_slave_0: entered promiscuous mode
[  224.965704][ T8912] hsr_slave_0: left promiscuous mode
[  224.971630][ T8912] hsr_slave_1: left promiscuous mode
[  224.977375][ T8912] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  224.984873][ T8912] batman_adv: batadv0: Removing interface: batadv_slave_0
[  225.011065][ T8912] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  225.018533][ T8912] batman_adv: batadv0: Removing interface: batadv_slave_1
[  225.038646][ T8912] veth1_macvtap: left promiscuous mode
[  225.044152][ T8912] veth0_macvtap: left promiscuous mode
[  225.049743][ T8912] veth1_vlan: left promiscuous mode
[  225.054971][ T8912] veth0_vlan: left promiscuous mode
[  225.228244][ T8912] team0 (unregistering): Port device team_slave_1 removed
[  225.249115][ T8912] team0 (unregistering): Port device team_slave_0 removed
[  225.334791][T14383] bridge0: port 2(bridge_slave_1) entered blocking state
[  225.342057][T14383] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.349192][T14383] bridge_slave_1: entered allmulticast mode
[  225.355739][T14383] bridge_slave_1: entered promiscuous mode
[  225.368811][T14443] __nla_validate_parse: 10 callbacks suppressed
[  225.368849][T14443] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3433'.
[  225.421014][T14446] netlink: 'syz.1.3435': attribute type 8 has an invalid length.
[  225.463440][T14383] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  225.493932][T14383] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  225.521966][T14383] team0: Port device team_slave_0 added
[  225.532150][T14383] team0: Port device team_slave_1 added
[  225.538257][T14450] atomic_op ffff888101f4a928 conn xmit_atomic 0000000000000000
[  225.554926][T14383] batman_adv: batadv0: Adding interface: batadv_slave_0
[  225.562466][T14383] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  225.588517][T14383] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  225.601152][T14383] batman_adv: batadv0: Adding interface: batadv_slave_1
[  225.608109][T14383] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  225.634822][T14383] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  225.674507][T14383] hsr_slave_0: entered promiscuous mode
[  225.772655][T14458] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3438'.
[  225.783767][T14383] hsr_slave_1: entered promiscuous mode
[  225.809675][T14458] bond_slave_0: entered promiscuous mode
[  225.815383][T14458] bond_slave_1: entered promiscuous mode
[  225.837901][T14455] bond_slave_0: left promiscuous mode
[  225.843372][T14455] bond_slave_1: left promiscuous mode
[  225.991643][T14466] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3441'.
[  226.092540][T14383] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  226.103816][T14383] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  226.112734][T14383] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  226.124149][T14383] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  226.176402][T14383] 8021q: adding VLAN 0 to HW filter on device bond0
[  226.192204][T14383] 8021q: adding VLAN 0 to HW filter on device team0
[  226.216723][  T922] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.223882][  T922] bridge0: port 1(bridge_slave_0) entered forwarding state
[  226.252735][ T3162] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.259919][ T3162] bridge0: port 2(bridge_slave_1) entered forwarding state
[  226.345210][T14383] 8021q: adding VLAN 0 to HW filter on device batadv0
[  226.420636][T14482] sg_write: data in/out 768/17 bytes for SCSI command 0x15-- guessing data in;
[  226.420636][T14482]    program syz.3.3445 not setting count and/or reply_len properly
[  226.484880][T14383] veth0_vlan: entered promiscuous mode
[  226.505447][T14383] veth1_vlan: entered promiscuous mode
[  226.513143][T14489] FAULT_INJECTION: forcing a failure.
[  226.513143][T14489] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.526367][T14489] CPU: 1 PID: 14489 Comm: syz.3.3446 Tainted: G        W          6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[  226.538011][T14489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  226.548095][T14489] Call Trace:
[  226.551387][T14489]  <TASK>
[  226.554338][T14489]  dump_stack_lvl+0xf2/0x150
[  226.558971][T14489]  dump_stack+0x15/0x20
[  226.563165][T14489]  should_fail_ex+0x229/0x230
[  226.567955][T14489]  should_fail+0xb/0x10
[  226.572164][T14489]  should_fail_usercopy+0x1a/0x20
[  226.577200][T14489]  _copy_from_user+0x1e/0xd0
[  226.581950][T14489]  sg_write+0x1fe/0x710
[  226.586140][T14489]  ? terminate_walk+0x260/0x280
[  226.591060][T14489]  vfs_writev+0x402/0x880
[  226.595417][T14489]  ? __pfx_sg_write+0x10/0x10
[  226.600128][T14489]  do_writev+0xf8/0x220
[  226.604401][T14489]  __x64_sys_writev+0x45/0x50
[  226.609138][T14489]  x64_sys_call+0x1ee2/0x2d70
[  226.613846][T14489]  do_syscall_64+0xc9/0x1c0
[  226.618435][T14489]  ? clear_bhb_loop+0x55/0xb0
[  226.623136][T14489]  ? clear_bhb_loop+0x55/0xb0
[  226.627953][T14489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.633876][T14489] RIP: 0033:0x7fb4df102bd9
[  226.638317][T14489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.658080][T14489] RSP: 002b:00007fb4de384048 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  226.666532][T14489] RAX: ffffffffffffffda RBX: 00007fb4df290f60 RCX: 00007fb4df102bd9
[  226.674528][T14489] RDX: 0000000000000001 RSI: 0000000020000400 RDI: 0000000000000004
[  226.682524][T14489] RBP: 00007fb4de3840a0 R08: 0000000000000000 R09: 0000000000000000
[  226.690516][T14489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.698590][T14489] R13: 000000000000000b R14: 00007fb4df290f60 R15: 00007ffc6f082be8
[  226.706631][T14489]  </TASK>
[  226.719025][T14383] veth0_macvtap: entered promiscuous mode
[  226.726627][T14383] veth1_macvtap: entered promiscuous mode
[  226.736695][T14383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.747247][T14383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.757073][T14383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.767789][T14383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.777693][T14383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.788225][T14383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.798073][T14383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.808522][T14383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.818344][T14383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.828835][T14383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.930791][T14383] batman_adv: batadv0: Interface activated: batadv_slave_0
[  226.945528][T14493] bond_slave_0: entered promiscuous mode
[  226.951229][T14493] bond_slave_1: entered promiscuous mode
[  226.963596][T14493] bond_slave_0: left promiscuous mode
[  226.969143][T14493] bond_slave_1: left promiscuous mode
[  227.017567][T14493] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  227.038348][T14493] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  227.055824][T14493] bond0 (unregistering): Released all slaves
[  227.076279][   T29] audit: type=1326 audit(1720045069.031:33748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.1.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f69543bd9 code=0x7ffc0000
[  227.104045][T14383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.105632][   T29] audit: type=1326 audit(1720045069.050:33749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.1.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3f69543bd9 code=0x7ffc0000
[  227.114538][T14383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.138086][   T29] audit: type=1326 audit(1720045069.050:33750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.1.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f69543bd9 code=0x7ffc0000
[  227.147946][T14383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.171493][   T29] audit: type=1326 audit(1720045069.050:33751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.1.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f69543bd9 code=0x7ffc0000
[  227.181890][T14383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.205425][   T29] audit: type=1326 audit(1720045069.050:33752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.1.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3f69543bd9 code=0x7ffc0000
[  227.215246][T14383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.238797][   T29] audit: type=1326 audit(1720045069.050:33753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.1.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f69543bd9 code=0x7ffc0000
[  227.249159][T14383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.249181][T14383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.272734][   T29] audit: type=1326 audit(1720045069.050:33754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.1.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f3f69543bd9 code=0x7ffc0000
[  227.282511][T14383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.282536][T14383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.292925][   T29] audit: type=1326 audit(1720045069.050:33755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.1.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f69543bd9 code=0x7ffc0000
[  227.316429][T14383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.326412][   T29] audit: type=1326 audit(1720045069.050:33756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.1.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3f69543bd9 code=0x7ffc0000
[  227.394328][   T29] audit: type=1326 audit(1720045069.050:33757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14495 comm="syz.1.3449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f69543bd9 code=0x7ffc0000
[  227.420508][T14383] batman_adv: batadv0: Interface activated: batadv_slave_1
[  227.429452][T14383] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.438305][T14383] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.447117][T14383] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.455864][T14383] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.506123][T14498] loop1: detected capacity change from 0 to 512
[  227.530216][T14500] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3451'.
[  227.545780][T14498] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  227.680476][T14511] loop1: detected capacity change from 0 to 1024
[  227.688450][T14511] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  227.704174][T14511] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  227.722492][T14511] EXT4-fs (loop1): orphan cleanup on readonly fs
[  227.738529][T14511] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3453: Invalid inode table block 0 in block_group 0
[  227.751763][T14511] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  227.763510][T14511] EXT4-fs error (device loop1): ext4_quota_write:7232: inode #3: comm syz.1.3453: mark_inode_dirty error
[  227.776633][T14511] EXT4-fs error (device loop1): ext4_acquire_dquot:6860: comm syz.1.3453: Failed to acquire dquot type 0
[  227.788817][T14511] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3453: Invalid inode table block 0 in block_group 0
[  227.802693][T14511] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  227.813793][T14511] EXT4-fs error (device loop1): ext4_ext_truncate:4432: inode #15: comm syz.1.3453: mark_inode_dirty error
[  227.831330][T14511] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3453: Invalid inode table block 0 in block_group 0
[  227.844944][T14511] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  227.925309][T14511] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  227.941125][T14511] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3453: Invalid inode table block 0 in block_group 0
[  227.957958][T14511] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  227.968054][T14511] EXT4-fs error (device loop1): ext4_truncate:4162: inode #15: comm syz.1.3453: mark_inode_dirty error
[  227.993563][T14511] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  228.011636][T14511] EXT4-fs (loop1): 1 truncate cleaned up
[  228.213829][T14538] loop1: detected capacity change from 0 to 512
[  228.238122][T14538] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #15: comm syz.1.3463: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964)
[  228.283304][T14538] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.3463: couldn't read orphan inode 15 (err -117)
[  228.447661][T14547] loop3: detected capacity change from 0 to 128
[  228.457681][T14545] loop1: detected capacity change from 0 to 1024
[  228.513764][T14531] loop0: detected capacity change from 0 to 512
[  228.523122][T14531] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  228.534566][T14531] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  228.543853][T14531] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  228.563247][T14531] System zones: 0-2, 18-18, 34-34
[  228.569802][T14531] EXT4-fs error (device loop0): ext4_orphan_get:1420: comm syz.0.3461: bad orphan inode 15
[  228.581443][T14531] ext4_test_bit(bit=14, block=18) = 1
[  228.586857][T14531] is_bad_inode(inode)=0
[  228.591164][T14531] NEXT_ORPHAN(inode)=2264924160
[  228.596068][T14531] max_ino=32
[  228.599453][T14531] i_nlink=0
[  228.604648][T14531] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  228.619444][T14531] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3461: bg 0: block 80: padding at end of block bitmap is not set
[  228.637465][T14531] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  228.799184][T14564] loop1: detected capacity change from 0 to 1024
[  228.832370][T14564] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  228.877654][T14564] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  228.907549][T14564] EXT4-fs (loop1): orphan cleanup on readonly fs
[  228.940752][T14564] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3472: Invalid inode table block 0 in block_group 0
[  228.994634][T14564] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  229.023483][T14564] EXT4-fs error (device loop1): ext4_quota_write:7232: inode #3: comm syz.1.3472: mark_inode_dirty error
[  229.056320][T14564] EXT4-fs error (device loop1): ext4_acquire_dquot:6860: comm syz.1.3472: Failed to acquire dquot type 0
[  229.087856][T14564] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3472: Invalid inode table block 0 in block_group 0
[  229.110133][T14564] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  229.120423][T14564] EXT4-fs error (device loop1): ext4_ext_truncate:4432: inode #15: comm syz.1.3472: mark_inode_dirty error
[  229.149900][T14564] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3472: Invalid inode table block 0 in block_group 0
[  229.168785][T14564] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  229.190127][T14564] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  229.207772][T14564] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3472: Invalid inode table block 0 in block_group 0
[  229.231403][T14564] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  229.241085][T14564] EXT4-fs error (device loop1): ext4_truncate:4162: inode #15: comm syz.1.3472: mark_inode_dirty error
[  229.262970][T14564] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  229.284573][T14564] EXT4-fs (loop1): 1 truncate cleaned up
[  229.316750][T14581] tipc: Started in network mode
[  229.321716][T14581] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  229.339782][T14581] tipc: New replicast peer: 0000:0000:0000:0000:0000:ffff:ac1e:0003
[  229.347932][T14581] tipc: Enabled bearer <udp:syz1>, priority 10
[  229.405390][T14581] sctp: [Deprecated]: syz.2.3477 (pid 14581) Use of struct sctp_assoc_value in delayed_ack socket option.
[  229.405390][T14581] Use struct sctp_sack_info instead
[  229.488847][T14588] loop2: detected capacity change from 0 to 512
[  229.512165][T14588] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  229.535190][T14588] EXT4-fs (loop2): 1 orphan inode deleted
[  229.541056][T14588] EXT4-fs (loop2): 1 truncate cleaned up
[  229.620091][T14588] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  229.658118][T14588] EXT4-fs (loop2): Remounting filesystem read-only
[  229.758085][T14608] netlink: 'syz.2.3483': attribute type 3 has an invalid length.
[  229.766023][T14608] netlink: 'syz.2.3483': attribute type 3 has an invalid length.
[  229.802183][T14608] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3483'.
[  229.836552][T14613] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3485'.
[  229.969763][T14617] loop1: detected capacity change from 0 to 1024
[  229.984592][T14622] loop2: detected capacity change from 0 to 128
[  229.989915][T14617] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  230.013278][T14617] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  230.041973][T14617] EXT4-fs (loop1): orphan cleanup on readonly fs
[  230.139329][T14617] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3488: Invalid inode table block 0 in block_group 0
[  230.193675][T14617] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  230.226109][T14617] EXT4-fs error (device loop1): ext4_quota_write:7232: inode #3: comm syz.1.3488: mark_inode_dirty error
[  230.269728][T14617] EXT4-fs error (device loop1): ext4_acquire_dquot:6860: comm syz.1.3488: Failed to acquire dquot type 0
[  230.308500][T14617] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3488: Invalid inode table block 0 in block_group 0
[  230.334565][T14617] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  230.366129][T14617] EXT4-fs error (device loop1): ext4_ext_truncate:4432: inode #15: comm syz.1.3488: mark_inode_dirty error
[  230.394966][T14617] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3488: Invalid inode table block 0 in block_group 0
[  230.423397][T14617] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  230.442902][T14617] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  230.455942][T14648] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3495'.
[  230.464397][T14617] EXT4-fs error (device loop1): __ext4_get_inode_loc:4357: comm syz.1.3488: Invalid inode table block 0 in block_group 0
[  230.515825][T14617] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  230.539071][T14617] EXT4-fs error (device loop1): ext4_truncate:4162: inode #15: comm syz.1.3488: mark_inode_dirty error
[  230.551175][ T7457] tipc: Node number set to 1
[  230.590119][T14617] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  230.605952][T14617] EXT4-fs (loop1): 1 truncate cleaned up
[  230.746178][T14666] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3502'.
[  230.769864][T14665] loop2: detected capacity change from 0 to 1024
[  230.801757][T14665] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  231.221278][T14706] loop2: detected capacity change from 0 to 128
[  231.228701][T14708] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3518'.
[  231.260693][T14706] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.290130][T14704] syz_tun: entered promiscuous mode
[  231.324473][T14704] bridge0: entered promiscuous mode
[  231.330569][T14704] hsr1: Slave B (bridge0) is not up; please bring it up to get a fully working HSR network
[  231.352050][T14712] selection: kmalloc() failed
[  231.390665][T14721] loop3: detected capacity change from 0 to 512
[  231.689214][T14749] netlink: 9 bytes leftover after parsing attributes in process `syz.2.3531'.
[  231.741906][T14749] gretap0: entered promiscuous mode
[  231.788871][T14757] netlink: 5 bytes leftover after parsing attributes in process `syz.2.3531'.
[  231.807801][T14757] 0猉功D: renamed from gretap0
[  231.820101][T14757] 0猉功D: left promiscuous mode
[  231.824992][T14757] 0猉功D: entered allmulticast mode
[  231.855314][T14757] A link change request failed with some changes committed already. Interface 
30猉功D may have been left with an inconsistent configuration, please check.
[  231.871235][T14755] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3534'.
[  231.911962][T14762] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3536'.
[  231.951603][T14762] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14762 comm=syz.3.3536
[  232.080067][T14776] 9pnet_fd: Insufficient options for proto=fd
[  232.117566][T14782] syz_tun: entered promiscuous mode
[  232.133837][T14531] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz.0.3461: path /107/file0/.: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  232.134327][T14782] bridge0: entered promiscuous mode
[  232.178453][T14782] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  232.192337][T14787] loop3: detected capacity change from 0 to 256
[  232.196989][T14782] Cannot create hsr debugfs directory
[  232.283274][T14791] loop0: detected capacity change from 0 to 128
[  232.302876][T14793] netlink: 9 bytes leftover after parsing attributes in process `syz.3.3548'.
[  232.320538][T14793] 0猉功D: entered promiscuous mode
[  232.325759][T14793] 0猉功D: left allmulticast mode
[  232.355475][T14793] netlink: 5 bytes leftover after parsing attributes in process `syz.3.3548'.
[  232.370514][T14793] 1猉功D: renamed from 
30猉功D
[  232.379019][T14793] 1猉功D: left promiscuous mode
[  232.384008][T14793] 1猉功D: entered allmulticast mode
[  232.394303][T14793] A link change request failed with some changes committed already. Interface 
31猉功D may have been left with an inconsistent configuration, please check.
[  232.566028][T14823] loop2: detected capacity change from 0 to 128
[  232.589758][   T29] kauditd_printk_skb: 64 callbacks suppressed
[  232.589775][   T29] audit: type=1400 audit(1720045074.126:33816): avc:  denied  { accept } for  pid=14822 comm="syz.2.3555" path="socket:[55889]" dev="sockfs" ino=55889 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  232.650636][T14830] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3558'.
[  232.661264][   T29] audit: type=1326 audit(1720045074.191:33817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14829 comm="syz.0.3558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5fe48bd9 code=0x7ffc0000
[  232.711074][   T29] audit: type=1326 audit(1720045074.218:33818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14829 comm="syz.0.3558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7f1a5fe48bd9 code=0x7ffc0000
[  232.734843][   T29] audit: type=1326 audit(1720045074.218:33819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14829 comm="syz.0.3558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5fe48bd9 code=0x7ffc0000
[  232.758610][   T29] audit: type=1326 audit(1720045074.218:33820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14829 comm="syz.0.3558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5fe48bd9 code=0x7ffc0000
[  232.782340][   T29] audit: type=1326 audit(1720045074.218:33821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14829 comm="syz.0.3558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f1a5fe48bd9 code=0x7ffc0000
[  232.806043][   T29] audit: type=1326 audit(1720045074.218:33822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14829 comm="syz.0.3558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5fe48bd9 code=0x7ffc0000
[  232.829661][   T29] audit: type=1326 audit(1720045074.218:33823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14829 comm="syz.0.3558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5fe48bd9 code=0x7ffc0000
[  232.853379][   T29] audit: type=1326 audit(1720045074.218:33824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14829 comm="syz.0.3558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1a5fe48bd9 code=0x7ffc0000
[  232.877032][   T29] audit: type=1326 audit(1720045074.218:33825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14829 comm="syz.0.3558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5fe48bd9 code=0x7ffc0000
[  232.901348][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  232.921282][T14840] loop0: detected capacity change from 0 to 512
[  232.929324][T14840] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #15: comm syz.0.3562: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964)
[  232.961002][T14840] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz.0.3562: couldn't read orphan inode 15 (err -117)
[  232.980245][T14844] netlink: 9 bytes leftover after parsing attributes in process `syz.1.3563'.
[  232.991884][T14844] 1猉功D: entered promiscuous mode
[  232.997094][T14844] 1猉功D: left allmulticast mode
[  233.020686][T14844] netlink: 5 bytes leftover after parsing attributes in process `syz.1.3563'.
[  233.029715][T14844] 0猉功D: renamed from 
31猉功D
[  233.041179][T14844] 0猉功D: left promiscuous mode
[  233.046297][T14844] 0猉功D: entered allmulticast mode
[  233.064676][T14844] A link change request failed with some changes committed already. Interface 
30猉功D may have been left with an inconsistent configuration, please check.
[  233.065283][ T3158] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  233.118278][T14852] loop1: detected capacity change from 0 to 512
[  233.126496][T14852] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  233.141678][T14852] EXT4-fs (loop1): 1 orphan inode deleted
[  233.147523][T14852] EXT4-fs (loop1): 1 truncate cleaned up
[  233.156909][T14853] loop0: detected capacity change from 0 to 128
[  233.415489][T14867] loop3: detected capacity change from 0 to 512
[  233.486509][T14873] FAULT_INJECTION: forcing a failure.
[  233.486509][T14873] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.499641][T14873] CPU: 1 PID: 14873 Comm: syz.1.3576 Tainted: G        W          6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[  233.511330][T14873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  233.521400][T14873] Call Trace:
[  233.524704][T14873]  <TASK>
[  233.527646][T14873]  dump_stack_lvl+0xf2/0x150
[  233.532376][T14873]  dump_stack+0x15/0x20
[  233.536563][T14873]  should_fail_ex+0x229/0x230
[  233.541278][T14873]  should_fail+0xb/0x10
[  233.545553][T14873]  should_fail_usercopy+0x1a/0x20
[  233.550601][T14873]  strncpy_from_user+0x25/0x270
[  233.555595][T14873]  ? should_failslab+0x9/0x20
[  233.560374][T14873]  ? kmem_cache_alloc_noprof+0x10c/0x290
[  233.566069][T14873]  getname_flags+0xb4/0x360
[  233.570724][T14873]  getname+0x19/0x20
[  233.574678][T14873]  __se_sys_quotactl+0x15e/0x670
[  233.579656][T14873]  __x64_sys_quotactl+0x55/0x70
[  233.584537][T14873]  x64_sys_call+0x1da4/0x2d70
[  233.589250][T14873]  do_syscall_64+0xc9/0x1c0
[  233.593820][T14873]  ? clear_bhb_loop+0x55/0xb0
[  233.598550][T14873]  ? clear_bhb_loop+0x55/0xb0
[  233.603310][T14873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.609354][T14873] RIP: 0033:0x7f3f69543bd9
[  233.613815][T14873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.633440][T14873] RSP: 002b:00007f3f687c5048 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  233.641891][T14873] RAX: ffffffffffffffda RBX: 00007f3f696d1f60 RCX: 00007f3f69543bd9
[  233.649878][T14873] RDX: 0000000000000000 RSI: 0000000020002040 RDI: 0000000000000000
[  233.657873][T14873] RBP: 00007f3f687c50a0 R08: 0000000000000000 R09: 0000000000000000
[  233.665882][T14873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.673875][T14873] R13: 000000000000000b R14: 00007f3f696d1f60 R15: 00007fffcb8ec458
[  233.681904][T14873]  </TASK>
[  233.771678][T14890] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  233.810008][T14896] loop3: detected capacity change from 0 to 512
[  233.904456][T14896] loop3: detected capacity change from 0 to 1024
[  234.057042][T14875] chnl_net:caif_netlink_parms(): no params data found
[  234.090913][T14923] loop1: detected capacity change from 0 to 8192
[  234.107286][T14923] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  234.174755][T14875] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.181951][T14875] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.203162][ T8912] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.212157][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.220858][ T3162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  234.232894][T14875] bridge_slave_0: entered allmulticast mode
[  234.248371][T14875] bridge_slave_0: entered promiscuous mode
[  234.263639][T14875] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.270889][T14875] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.296201][T14875] bridge_slave_1: entered allmulticast mode
[  234.311227][T14875] bridge_slave_1: entered promiscuous mode
[  234.348504][T14875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  234.372388][T14875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  234.416261][T14875] team0: Port device team_slave_0 added
[  234.430834][T14875] team0: Port device team_slave_1 added
[  234.447209][T14931] loop1: detected capacity change from 0 to 512
[  234.473900][T14875] batman_adv: batadv0: Adding interface: batadv_slave_0
[  234.481033][T14875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.507031][T14875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  234.517909][T14931] journal_path: Lookup failure for './file1'
[  234.523905][T14931] EXT4-fs: error: could not find journal device path
[  234.531503][T14875] batman_adv: batadv0: Adding interface: batadv_slave_1
[  234.538613][T14875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  234.564614][T14875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  234.617985][T14931] loop1: detected capacity change from 0 to 1024
[  234.618649][T14875] hsr_slave_0: entered promiscuous mode
[  234.645170][T14875] hsr_slave_1: entered promiscuous mode
[  234.652205][T14875] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  234.671590][T14875] Cannot create hsr debugfs directory
[  234.679803][T14931] vhci_hcd: invalid port number 97
[  234.684970][T14931] vhci_hcd: default hub control req: d364 v6665 i0061 l29804
[  234.851310][T14875] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.959260][T14875] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.052784][T14875] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.085623][T14966] FAULT_INJECTION: forcing a failure.
[  235.085623][T14966] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.098785][T14966] CPU: 0 PID: 14966 Comm: syz.1.3605 Tainted: G        W          6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[  235.110455][T14966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  235.120675][T14966] Call Trace:
[  235.123968][T14966]  <TASK>
[  235.126912][T14966]  dump_stack_lvl+0xf2/0x150
[  235.131532][T14966]  dump_stack+0x15/0x20
[  235.135720][T14966]  should_fail_ex+0x229/0x230
[  235.140521][T14966]  should_fail+0xb/0x10
[  235.144765][T14966]  should_fail_usercopy+0x1a/0x20
[  235.149821][T14966]  _copy_to_user+0x1e/0xa0
[  235.154321][T14966]  simple_read_from_buffer+0xa0/0x110
[  235.159730][T14966]  proc_fail_nth_read+0xfc/0x140
[  235.164775][T14966]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  235.170396][T14966]  vfs_read+0x1a2/0x6e0
[  235.174564][T14966]  ? __rcu_read_unlock+0x4e/0x70
[  235.179529][T14966]  ? __fget_files+0x1da/0x210
[  235.184285][T14966]  ksys_read+0xeb/0x1b0
[  235.188599][T14966]  __x64_sys_read+0x42/0x50
[  235.193125][T14966]  x64_sys_call+0x27e5/0x2d70
[  235.197895][T14966]  do_syscall_64+0xc9/0x1c0
[  235.202592][T14966]  ? clear_bhb_loop+0x55/0xb0
[  235.207372][T14966]  ? clear_bhb_loop+0x55/0xb0
[  235.212075][T14966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.218051][T14966] RIP: 0033:0x7f3f695426bc
[  235.222473][T14966] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  235.242119][T14966] RSP: 002b:00007f3f687c5040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  235.250550][T14966] RAX: ffffffffffffffda RBX: 00007f3f696d1f60 RCX: 00007f3f695426bc
[  235.258614][T14966] RDX: 000000000000000f RSI: 00007f3f687c50b0 RDI: 0000000000000005
[  235.266658][T14966] RBP: 00007f3f687c50a0 R08: 0000000000000000 R09: 0000000000000000
[  235.274641][T14966] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  235.282653][T14966] R13: 000000000000000b R14: 00007f3f696d1f60 R15: 00007fffcb8ec458
[  235.290675][T14966]  </TASK>
[  235.293938][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.321499][  T922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.402825][T14875] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.541284][T14875] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  235.574265][T14982] 1猉功D: entered promiscuous mode
[  235.579587][T14982] 1猉功D: left allmulticast mode
[  235.600793][T14875] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  235.620257][T14982] 0猉功D: renamed from 
31猉功D
[  235.640805][T14982] 0猉功D: left promiscuous mode
[  235.645826][T14982] 0猉功D: entered allmulticast mode
[  235.663854][T14875] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  235.692120][T14875] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  235.757819][T14993] loop1: detected capacity change from 0 to 128
[  235.872839][T14875] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.897699][T14998] loop1: detected capacity change from 0 to 512
[  235.917342][T14875] 8021q: adding VLAN 0 to HW filter on device team0
[  235.941762][  T922] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.948960][  T922] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.970937][T14998] EXT4-fs mount: 46 callbacks suppressed
[  235.970977][T14998] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.001256][  T922] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.008522][  T922] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.027544][T14998] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.101021][T12408] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.189607][T14875] 8021q: adding VLAN 0 to HW filter on device batadv0
[  236.363551][T15024] 0猉功D: entered promiscuous mode
[  236.368786][T15024] 0猉功D: left allmulticast mode
[  236.483767][T15033] loop1: detected capacity change from 0 to 764
[  236.486638][T14875] veth0_vlan: entered promiscuous mode
[  236.502333][T15033] rock: directory entry would overflow storage
[  236.508776][T15033] rock: sig=0x4654, size=5, remaining=4
[  236.513915][T14875] veth1_vlan: entered promiscuous mode
[  236.549675][T14875] veth0_macvtap: entered promiscuous mode
[  236.567398][T14875] veth1_macvtap: entered promiscuous mode
[  236.592488][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.603153][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.612993][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.623576][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.633441][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.643978][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.653828][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.664374][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.674258][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.684784][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.694670][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.705320][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.717199][T14875] batman_adv: batadv0: Interface activated: batadv_slave_0
[  236.755876][T15038] loop1: detected capacity change from 0 to 256
[  236.773262][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.783799][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.793668][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.794596][T15036] loop3: detected capacity change from 0 to 512
[  236.804172][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.804193][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.825046][T15038] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  236.830861][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.852542][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.863051][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.873035][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.883491][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.893366][T14875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.903883][T14875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.920928][T15040] loop0: detected capacity change from 0 to 512
[  236.927947][T15040] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  236.939391][T14875] batman_adv: batadv0: Interface activated: batadv_slave_1
[  236.940210][T15038] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  236.948265][T14875] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  236.965914][T14875] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  236.974615][T14875] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  236.983465][T14875] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  236.997131][T15040] EXT4-fs (loop0): 1 orphan inode deleted
[  237.003052][T15040] EXT4-fs (loop0): 1 truncate cleaned up
[  237.021258][T15040] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.056392][T15042] __nla_validate_parse: 11 callbacks suppressed
[  237.056409][T15042] netlink: 112 bytes leftover after parsing attributes in process `syz.3.3625'.
[  237.101285][T12361] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.211865][T15048] loop4: detected capacity change from 0 to 256
[  237.223664][T15048] FAT-fs (loop4): Unrecognized mount option "shorte=winnt" or missing value
[  237.359377][T15062] FAULT_INJECTION: forcing a failure.
[  237.359377][T15062] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.372653][T15062] CPU: 1 PID: 15062 Comm: syz.4.3633 Tainted: G        W          6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[  237.384304][T15062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  237.394431][T15062] Call Trace:
[  237.397712][T15062]  <TASK>
[  237.400646][T15062]  dump_stack_lvl+0xf2/0x150
[  237.405293][T15062]  dump_stack+0x15/0x20
[  237.409537][T15062]  should_fail_ex+0x229/0x230
[  237.414261][T15062]  should_fail+0xb/0x10
[  237.418476][T15062]  should_fail_usercopy+0x1a/0x20
[  237.423531][T15062]  _copy_from_user+0x1e/0xd0
[  237.428208][T15062]  input_event_from_user+0x126/0x1e0
[  237.433663][T15062]  ? input_inject_event+0xe1/0x100
[  237.438873][T15062]  evdev_write+0x288/0x420
[  237.443307][T15062]  ? __pfx_evdev_write+0x10/0x10
[  237.448327][T15062]  vfs_write+0x28b/0x900
[  237.452730][T15062]  ? __fget_files+0x1da/0x210
[  237.457427][T15062]  ksys_write+0xeb/0x1b0
[  237.461705][T15062]  __x64_sys_write+0x42/0x50
[  237.466350][T15062]  x64_sys_call+0x27ef/0x2d70
[  237.471050][T15062]  do_syscall_64+0xc9/0x1c0
[  237.475593][T15062]  ? clear_bhb_loop+0x55/0xb0
[  237.480424][T15062]  ? clear_bhb_loop+0x55/0xb0
[  237.485182][T15062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.491152][T15062] RIP: 0033:0x7f7c0da3dbd9
[  237.495658][T15062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.515308][T15062] RSP: 002b:00007f7c0ccbf048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  237.523823][T15062] RAX: ffffffffffffffda RBX: 00007f7c0dbcbf60 RCX: 00007f7c0da3dbd9
[  237.531802][T15062] RDX: 0000000000001b18 RSI: 0000000020000040 RDI: 0000000000000005
[  237.539847][T15062] RBP: 00007f7c0ccbf0a0 R08: 0000000000000000 R09: 0000000000000000
[  237.547907][T15062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  237.555884][T15062] R13: 000000000000000b R14: 00007f7c0dbcbf60 R15: 00007fff6e933f18
[  237.563904][T15062]  </TASK>
[  237.623767][T15066] loop0: detected capacity change from 0 to 128
[  237.630411][T15064] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3634'.
[  237.630414][  T922] net_ratelimit: 7 callbacks suppressed
[  237.630428][  T922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  237.677102][T15068] loop3: detected capacity change from 0 to 512
[  237.700603][T15066] 9pnet_fd: Insufficient options for proto=fd
[  237.767833][T15072] loop1: detected capacity change from 0 to 256
[  238.015546][T15095] loop3: detected capacity change from 0 to 512
[  238.066852][T15097] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3647'.
[  238.103533][T15095] 9pnet_fd: Insufficient options for proto=fd
[  238.125136][T15095] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3646'.
[  238.247785][T10654] syz_tun (unregistering): left promiscuous mode
[  238.451752][T15107] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=960 sclass=netlink_route_socket pid=15107 comm=syz.4.3652
[  238.544384][ T8914] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.604510][ T8914] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.672494][ T8914] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.756392][ T8914] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.853330][T15135] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.3662' sets config #858743910
[  238.880845][ T8914] bridge_slave_1: left allmulticast mode
[  238.886685][ T8914] bridge_slave_1: left promiscuous mode
[  238.892377][ T8914] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.925776][ T8914] bridge_slave_0: left allmulticast mode
[  238.931609][ T8914] bridge_slave_0: left promiscuous mode
[  238.937363][ T8914] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.100230][ T8914] bridge0 (unregistering): left promiscuous mode
[  239.546602][ T8914] bond1 (unregistering): Released all slaves
[  239.567150][ T8914] bond2 (unregistering): Released all slaves
[  239.588716][ T8914] bond3 (unregistering): Released all slaves
[  239.652446][T15152] 9pnet_fd: Insufficient options for proto=fd
[  239.709198][T15117] chnl_net:caif_netlink_parms(): no params data found
[  239.754379][ T8914] hsr_slave_0: left promiscuous mode
[  239.773492][ T8914] hsr_slave_1: left promiscuous mode
[  239.779384][ T8914] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  239.787042][ T8914] batman_adv: batadv0: Removing interface: batadv_slave_0
[  239.799465][ T8914] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  239.806953][ T8914] batman_adv: batadv0: Removing interface: batadv_slave_1
[  239.827895][ T8914] veth1_macvtap: left promiscuous mode
[  239.833424][ T8914] veth0_macvtap: left promiscuous mode
[  239.839157][ T8914] veth1_vlan: left promiscuous mode
[  239.844857][ T8914] veth0_vlan: left promiscuous mode
[  239.895518][T15175] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=960 sclass=netlink_route_socket pid=15175 comm=syz.0.3678
[  240.043359][ T8914] team0 (unregistering): Port device team_slave_1 removed
[  240.064678][ T8914] team0 (unregistering): Port device team_slave_0 removed
[  240.300006][T15117] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.307261][T15117] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.359965][T15117] bridge_slave_0: entered allmulticast mode
[  240.388296][T15184] loop4: detected capacity change from 0 to 8192
[  240.388748][T15117] bridge_slave_0: entered promiscuous mode
[  240.428271][T15117] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.435475][T15117] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.441366][T15184] RDS: rds_bind could not find a transport for ::ffff:10.1.1.1, load rds_tcp or rds_rdma?
[  240.456219][T15117] bridge_slave_1: entered allmulticast mode
[  240.463460][T15117] bridge_slave_1: entered promiscuous mode
[  240.479230][   T29] kauditd_printk_skb: 126 callbacks suppressed
[  240.479243][   T29] audit: type=1400 audit(1720045081.409:33952): avc:  denied  { ioctl } for  pid=15183 comm="syz.4.3680" path="socket:[57291]" dev="sockfs" ino=57291 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  240.479865][T15184] SELinux:  Context system_u:object_r:ldconfig_cache_t:s0 is not valid (left unmapped).
[  240.490318][   T29] audit: type=1400 audit(1720045081.409:33953): avc:  denied  { relabelfrom } for  pid=15183 comm="syz.4.3680" name="UDP" dev="sockfs" ino=57292 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  240.543010][   T29] audit: type=1400 audit(1720045081.409:33954): avc:  denied  { mac_admin } for  pid=15183 comm="syz.4.3680" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  240.566361][   T29] audit: type=1400 audit(1720045081.436:33955): avc:  denied  { relabelto } for  pid=15183 comm="syz.4.3680" name="UDP" dev="sockfs" ino=57292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=udp_socket permissive=1 trawcon="system_u:object_r:ldconfig_cache_t:s0"
[  240.598130][T15117] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  240.614763][T15117] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  240.649198][T15196] loop1: detected capacity change from 0 to 128
[  240.661917][T15196] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  240.663386][T15117] team0: Port device team_slave_0 added
[  240.672041][T15196] FAT-fs (loop1): Filesystem has been set read-only
[  240.685206][   T29] audit: type=1400 audit(1720045081.593:33956): avc:  denied  { read } for  pid=15195 comm="syz.1.3684" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  240.747071][T15117] team0: Port device team_slave_1 added
[  240.786575][T15117] batman_adv: batadv0: Adding interface: batadv_slave_0
[  240.793683][T15117] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.819676][T15117] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  240.832524][T15117] batman_adv: batadv0: Adding interface: batadv_slave_1
[  240.839593][T15117] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.865902][T15117] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  240.900493][T15117] hsr_slave_0: entered promiscuous mode
[  240.920973][T15117] hsr_slave_1: entered promiscuous mode
[  240.926848][T15117] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  240.939517][T15117] Cannot create hsr debugfs directory
[  240.970481][   T29] audit: type=1326 audit(1720045081.852:33957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15206 comm="syz.4.3687" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7c0da3dbd9 code=0x0
[  241.102406][T15209] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3687'.
[  241.111481][T15209] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3687'.
[  241.250723][T15218] 9pnet_fd: Insufficient options for proto=fd
[  241.284829][T15218] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun!
[  241.327137][T15117] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  241.345316][T15117] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  241.363602][T15117] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  241.380599][T15117] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  241.444554][T15117] 8021q: adding VLAN 0 to HW filter on device bond0
[  241.457924][T15117] 8021q: adding VLAN 0 to HW filter on device team0
[  241.471826][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.478960][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.505334][ T4343] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.512446][ T4343] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.550044][T15196] delete_channel: no stack
[  241.569083][T12408] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  241.660042][T15117] 8021q: adding VLAN 0 to HW filter on device batadv0
[  241.774342][   T29] audit: type=1326 audit(1720045082.590:33958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15226 comm="syz.1.3691" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3f69543bd9 code=0x0
[  241.858609][T15117] veth0_vlan: entered promiscuous mode
[  241.876578][T15117] veth1_vlan: entered promiscuous mode
[  241.911305][T15117] veth0_macvtap: entered promiscuous mode
[  241.926329][T15117] veth1_macvtap: entered promiscuous mode
[  241.956422][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  241.966941][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.976907][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  241.987505][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.997618][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.008175][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.018063][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.028688][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.038671][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.049305][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.059180][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.069609][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.081922][T15117] batman_adv: batadv0: Interface activated: batadv_slave_0
[  242.099455][T15240] netlink: 24576 bytes leftover after parsing attributes in process `syz.4.3694'.
[  242.127837][T15242] loop0: detected capacity change from 0 to 128
[  242.142453][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.152966][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.162865][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.173534][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.183532][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.194066][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.204039][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.214478][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.224367][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.234860][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.244693][T15117] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.255520][T15117] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.280281][T15117] batman_adv: batadv0: Interface activated: batadv_slave_1
[  242.291741][T15117] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  242.300577][T15117] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  242.309414][T15117] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  242.318178][T15117] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  242.418239][T15256] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3656'.
[  242.535352][T15263] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3701'.
[  242.557046][T15263] loop0: detected capacity change from 0 to 128
[  242.589995][T15263] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  242.646050][T15271] netlink: 'syz.1.3705': attribute type 5 has an invalid length.
[  242.668877][T15271] loop1: detected capacity change from 0 to 164
[  242.692496][T15275] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  242.718138][T15275] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  242.740666][T15271] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  242.783522][T15279] loop0: detected capacity change from 0 to 1024
[  242.808980][T15279] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  242.841702][T15279] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.846095][T15281] loop3: detected capacity change from 0 to 2048
[  242.905640][T12361] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.018401][T15298] block device autoloading is deprecated and will be removed.
[  243.040095][T15298] bio_check_eod: 7 callbacks suppressed
[  243.040117][T15298] syz.0.3713: attempt to access beyond end of device
[  243.040117][T15298] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  243.066031][ T7457] kernel write not supported for file bpf-prog (pid: 7457 comm: kworker/0:7)
[  243.283120][   T29] audit: type=1400 audit(1720045083.993:33959): avc:  denied  { connect } for  pid=15328 comm="syz.0.3723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  243.302599][T15330] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3722'.
[  243.323738][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3723'.
[  243.373140][T15334] loop3: detected capacity change from 0 to 2048
[  243.435579][T15338] loop4: detected capacity change from 0 to 128
[  243.599538][T15343] syz_tun: entered promiscuous mode
[  243.614907][T15343] syz_tun: left promiscuous mode
[  244.110743][T15358] loop1: detected capacity change from 0 to 2048
[  244.126568][T15358] EXT4-fs: Ignoring removed orlov option
[  244.139501][T15358] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.197379][T15362] loop0: detected capacity change from 0 to 256
[  244.211087][T12408] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.279303][T15362] Process accounting resumed
[  244.439468][T15376] netlink: 'syz.1.3741': attribute type 4 has an invalid length.
[  244.465100][T15379] loop0: detected capacity change from 0 to 128
[  244.490293][T15376] netlink: 'syz.1.3741': attribute type 4 has an invalid length.
[  244.583976][T15385] loop1: detected capacity change from 0 to 2048
[  244.601907][T15385] EXT4-fs: Ignoring removed orlov option
[  244.628158][T15385] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.663548][T12408] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.768653][T15397] loop0: detected capacity change from 0 to 1024
[  244.809840][T15397] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.841471][T15397] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.899182][T15410] FAULT_INJECTION: forcing a failure.
[  244.899182][T15410] name failslab, interval 1, probability 0, space 0, times 0
[  244.911872][T15410] CPU: 0 PID: 15410 Comm: syz.1.3751 Tainted: G        W          6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[  244.923524][T15410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  244.933582][T15410] Call Trace:
[  244.936962][T15410]  <TASK>
[  244.940043][T15410]  dump_stack_lvl+0xf2/0x150
[  244.944741][T15410]  dump_stack+0x15/0x20
[  244.948913][T15410]  should_fail_ex+0x229/0x230
[  244.953840][T15410]  ? br_vlan_init+0x34/0x110
[  244.958433][T15410]  __should_failslab+0x92/0xa0
[  244.963205][T15410]  should_failslab+0x9/0x20
[  244.967724][T15410]  kmalloc_trace_noprof+0x4b/0x2a0
[  244.972920][T15410]  br_vlan_init+0x34/0x110
[  244.977364][T15410]  br_dev_init+0x5d/0xf0
[  244.981700][T15410]  register_netdevice+0x220/0xdd0
[  244.986747][T15410]  ? alloc_netdev_mqs+0x898/0x8b0
[  244.991780][T15410]  ? validate_linkmsg+0x526/0x5a0
[  244.996845][T15410]  br_dev_newlink+0x25/0xe0
[  245.001399][T15410]  ? __pfx_br_dev_newlink+0x10/0x10
[  245.006606][T15410]  rtnl_newlink+0xefd/0x1690
[  245.011213][T15410]  ? security_capable+0x64/0x80
[  245.016140][T15410]  ? ns_capable+0x7d/0xb0
[  245.020536][T15410]  ? __pfx_rtnl_newlink+0x10/0x10
[  245.025575][T15410]  rtnetlink_rcv_msg+0x85e/0x910
[  245.030528][T15410]  ? memcg_list_lru_alloc+0xd2/0x740
[  245.035841][T15410]  ? mod_objcg_state+0x2e2/0x4e0
[  245.040887][T15410]  ? __memcg_slab_free_hook+0xc9/0x1e0
[  245.046618][T15410]  ? xas_load+0x3ae/0x3d0
[  245.051004][T15410]  ? kmem_cache_free+0xd8/0x280
[  245.055926][T15410]  ? nlmon_xmit+0x51/0x60
[  245.060317][T15410]  ? __kfree_skb+0x102/0x150
[  245.064913][T15410]  ? consume_skb+0x57/0x180
[  245.069550][T15410]  ? nlmon_xmit+0x51/0x60
[  245.073907][T15410]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  245.079256][T15410]  ? __dev_queue_xmit+0xb21/0x1e50
[  245.084364][T15410]  ? ref_tracker_free+0x3a5/0x410
[  245.089573][T15410]  netlink_rcv_skb+0x12c/0x230
[  245.094342][T15410]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  245.099822][T15410]  rtnetlink_rcv+0x1c/0x30
[  245.104315][T15410]  netlink_unicast+0x58d/0x660
[  245.109163][T15410]  netlink_sendmsg+0x5ca/0x6e0
[  245.113980][T15410]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.119270][T15410]  __sock_sendmsg+0x140/0x180
[  245.123948][T15410]  ____sys_sendmsg+0x312/0x410
[  245.128731][T15410]  __sys_sendmsg+0x1e9/0x280
[  245.133375][T15410]  __x64_sys_sendmsg+0x46/0x50
[  245.138141][T15410]  x64_sys_call+0xb25/0x2d70
[  245.142747][T15410]  do_syscall_64+0xc9/0x1c0
[  245.147272][T15410]  ? clear_bhb_loop+0x55/0xb0
[  245.151957][T15410]  ? clear_bhb_loop+0x55/0xb0
[  245.156636][T15410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.162538][T15410] RIP: 0033:0x7f3f69543bd9
[  245.166994][T15410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.186596][T15410] RSP: 002b:00007f3f687c5048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  245.195110][T15410] RAX: ffffffffffffffda RBX: 00007f3f696d1f60 RCX: 00007f3f69543bd9
[  245.203076][T15410] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  245.211041][T15410] RBP: 00007f3f687c50a0 R08: 0000000000000000 R09: 0000000000000000
[  245.219014][T15410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  245.226981][T15410] R13: 000000000000000b R14: 00007f3f696d1f60 R15: 00007fffcb8ec458
[  245.234977][T15410]  </TASK>
[  245.313875][T12361] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.430127][T15425] ebt_among: src integrity fail: 300
[  245.441706][   T29] audit: type=1400 audit(1720045085.987:33960): avc:  denied  { accept } for  pid=15424 comm="syz.3.3756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  245.514236][T15398] chnl_net:caif_netlink_parms(): no params data found
[  245.539262][T15420] macvlan0: entered promiscuous mode
[  245.555001][T15429] loop3: detected capacity change from 0 to 2048
[  245.567584][T15429] EXT4-fs: Ignoring removed orlov option
[  245.579178][T15420] ipvlan0: entered promiscuous mode
[  245.602526][T15420] ipvlan0: left promiscuous mode
[  245.622800][T15420] macvlan0: left promiscuous mode
[  245.726135][T15398] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.733693][T15398] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.775754][T15447] loop4: detected capacity change from 0 to 128
[  245.778337][T15398] bridge_slave_0: entered allmulticast mode
[  245.799490][T15398] bridge_slave_0: entered promiscuous mode
[  245.818188][T15398] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.825403][T15398] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.848811][T15398] bridge_slave_1: entered allmulticast mode
[  245.878381][T15455] netlink: 'syz.4.3763': attribute type 9 has an invalid length.
[  245.891203][T15455] syz.4.3763: attempt to access beyond end of device
[  245.891203][T15455] loop4: rw=2049, sector=217, nr_sectors = 120 limit=128
[  245.919369][T15398] bridge_slave_1: entered promiscuous mode
[  245.976768][T15398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  246.002653][T15398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  246.049255][T15398] team0: Port device team_slave_0 added
[  246.066767][T15398] team0: Port device team_slave_1 added
[  246.112818][T15398] batman_adv: batadv0: Adding interface: batadv_slave_0
[  246.119833][T15398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.145813][T15398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  246.195905][T15398] batman_adv: batadv0: Adding interface: batadv_slave_1
[  246.202974][T15398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.222498][T15464] loop0: detected capacity change from 0 to 2048
[  246.229007][T15398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  246.270509][T15464] EXT4-fs: Ignoring removed orlov option
[  246.318454][T15464] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.336643][T12361] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.371818][T15398] hsr_slave_0: entered promiscuous mode
[  246.397991][T15398] hsr_slave_1: entered promiscuous mode
[  246.413012][T15398] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  246.423130][T15398] Cannot create hsr debugfs directory
[  246.593697][T15398] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.655450][T15398] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.729971][ T8914] kworker/u8:17: attempt to access beyond end of device
[  246.729971][ T8914] loop4: rw=1, sector=337, nr_sectors = 1 limit=128
[  246.760393][T15398] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.803167][T15482] loop1: detected capacity change from 0 to 256
[  246.811952][T15482] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  246.853909][T15398] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.878331][T15482] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  246.982569][T15398] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  247.010273][T15398] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  247.030172][T15398] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  247.050566][T15486] ip6gretap0: entered promiscuous mode
[  247.080377][T15486] ip6gretap0: left promiscuous mode
[  247.097039][T15493] loop4: detected capacity change from 0 to 2048
[  247.115531][T15398] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  247.126659][T15493] EXT4-fs: Ignoring removed orlov option
[  247.251311][T15398] 8021q: adding VLAN 0 to HW filter on device bond0
[  247.258517][T15493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.289218][T15398] 8021q: adding VLAN 0 to HW filter on device team0
[  247.350302][ T4343] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.357443][ T4343] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.391586][T14875] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.409288][T15510] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3785'.
[  247.424009][ T4343] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.431127][ T4343] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.536780][T15398] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.612773][T15528] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3789'.
[  247.651661][T15527] loop4: detected capacity change from 0 to 1024
[  247.659102][T15533] ip6erspan0: entered promiscuous mode
[  247.759012][T15398] veth0_vlan: entered promiscuous mode
[  247.790415][T15398] veth1_vlan: entered promiscuous mode
[  247.837649][T15398] veth0_macvtap: entered promiscuous mode
[  247.851824][T15545] loop0: detected capacity change from 0 to 2048
[  247.862041][T15398] veth1_macvtap: entered promiscuous mode
[  247.893813][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.904442][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.914395][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.924822][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.934676][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.945211][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.955143][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.965645][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.975699][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.986246][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.996065][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.006501][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.016321][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.026824][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.039788][T15398] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.049649][T15545]  loop0: p2 < >
[  248.052556][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.063640][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.073468][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.083983][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.093869][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.104320][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.114201][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.124702][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.134511][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.145037][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.154969][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.165422][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.175294][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.185726][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.198776][T15398] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.210116][T15398] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.218977][T15398] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.227768][T15398] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.236788][T15398] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.324388][T15550] loop4: detected capacity change from 0 to 2048
[  248.379179][T15550] EXT4-fs: Ignoring removed orlov option
[  248.418317][T15553] loop0: detected capacity change from 0 to 512
[  248.423279][T15550] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.457413][T15553] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.3795: invalid block
[  248.501136][T15564] syz_tun: entered promiscuous mode
[  248.538183][T15564] bridge0: entered promiscuous mode
[  248.547597][T15553] EXT4-fs (loop0): Remounting filesystem read-only
[  248.649630][T15553] EXT4-fs (loop0): 2 truncates cleaned up
[  248.666308][T15553] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.685694][T15579] loop1: detected capacity change from 0 to 1024
[  248.693768][T15553] SELinux: (dev loop0, type ext4) getxattr errno 5
[  248.702304][T14875] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.713850][T15553] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.732874][T15579] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.787263][   T29] audit: type=1400 audit(1720045089.069:33961): avc:  denied  { map } for  pid=15552 comm="syz.0.3795" path="/194/file0" dev="tmpfs" ino=1056 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  248.827797][T15579] EXT4-fs error (device loop1): ext4_lookup:1858: inode #2: comm syz.1.3800: deleted inode referenced: 12
[  248.880018][T15579] EXT4-fs (loop1): Remounting filesystem read-only
[  248.968106][T12408] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.032948][T15600] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3806'.
[  249.080930][T15606] loop1: detected capacity change from 0 to 128
[  249.163330][T15610] loop0: detected capacity change from 0 to 512
[  249.184554][T15610] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.3812: invalid block
[  249.212245][T15610] EXT4-fs (loop0): Remounting filesystem read-only
[  249.222276][T15610] EXT4-fs (loop0): 2 truncates cleaned up
[  249.231710][T15610] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.261732][T15610] SELinux: (dev loop0, type ext4) getxattr errno 5
[  249.270628][T15610] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.005486][T15647] loop2: detected capacity change from 0 to 512
[  250.062034][T15647] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  250.184234][T15647] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.241498][   T29] audit: type=1326 audit(1720045090.417:33962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15646 comm="syz.2.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8b2a15bd9 code=0x7ffc0000
[  250.292852][   T29] audit: type=1326 audit(1720045090.445:33963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15646 comm="syz.2.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8b2a15bd9 code=0x7ffc0000
[  250.316506][   T29] audit: type=1326 audit(1720045090.445:33964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15646 comm="syz.2.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7fe8b2a15bd9 code=0x7ffc0000
[  250.340082][   T29] audit: type=1326 audit(1720045090.454:33965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15646 comm="syz.2.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8b2a15bd9 code=0x7ffc0000
[  250.363748][   T29] audit: type=1326 audit(1720045090.454:33966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15646 comm="syz.2.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fe8b2a15bd9 code=0x7ffc0000
[  250.387413][   T29] audit: type=1326 audit(1720045090.454:33967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15646 comm="syz.2.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8b2a15bd9 code=0x7ffc0000
[  250.411135][   T29] audit: type=1326 audit(1720045090.454:33968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15646 comm="syz.2.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8b2a15bd9 code=0x7ffc0000
[  250.434878][   T29] audit: type=1326 audit(1720045090.454:33969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15646 comm="syz.2.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe8b2a15bd9 code=0x7ffc0000
[  250.540147][   T29] audit: type=1326 audit(1720045090.639:33970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15646 comm="syz.2.3824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8b2a15bd9 code=0x7ffc0000
[  250.597096][T15398] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.914138][T15690] loop4: detected capacity change from 0 to 128
[  250.991573][T15692] loop1: detected capacity change from 0 to 512
[  251.030056][T15692] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.3839: invalid block
[  251.079424][T15692] EXT4-fs (loop1): Remounting filesystem read-only
[  251.101535][T15692] EXT4-fs (loop1): 2 truncates cleaned up
[  251.122709][T15692] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.152299][T15702] loop2: detected capacity change from 0 to 1024
[  251.163312][T15692] SELinux: (dev loop1, type ext4) getxattr errno 5
[  251.191454][T15692] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.226088][T15702] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.269555][T15702] EXT4-fs error (device loop2): ext4_lookup:1858: inode #2: comm syz.2.3842: deleted inode referenced: 12
[  251.321271][T15707] netlink: 9 bytes leftover after parsing attributes in process `syz.1.3844'.
[  251.359147][T15702] EXT4-fs (loop2): Remounting filesystem read-only
[  251.371253][T15707] netlink: 5 bytes leftover after parsing attributes in process `syz.1.3844'.
[  251.404072][T15707] 1猉功D: renamed from 
30猉功D
[  251.432459][T15707] 1猉功D: left promiscuous mode
[  251.437345][T15707] 1猉功D: entered allmulticast mode
[  251.450739][T15398] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.462161][T15707] A link change request failed with some changes committed already. Interface 
31猉功D may have been left with an inconsistent configuration, please check.
[  251.566422][T15712] loop0: detected capacity change from 0 to 8192
[  251.940726][T15741] loop1: detected capacity change from 0 to 2048
[  252.004321][T15741]  loop1: p1 < > p4
[  252.008760][T15741] loop1: p4 size 8388608 extends beyond EOD, truncated
[  252.094203][T15748] netlink: 9 bytes leftover after parsing attributes in process `syz.2.3858'.
[  252.126757][T15748] gretap0: entered promiscuous mode
[  252.175167][T15750] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3859'.
[  252.184355][T15754] netlink: 5 bytes leftover after parsing attributes in process `syz.2.3858'.
[  252.211887][T15754] 0猉功D: renamed from gretap0
[  252.243624][T15754] 0猉功D: left promiscuous mode
[  252.248525][T15754] 0猉功D: entered allmulticast mode
[  252.285919][T15754] A link change request failed with some changes committed already. Interface 
30猉功D may have been left with an inconsistent configuration, please check.
[  252.445706][T15769] loop2: detected capacity change from 0 to 2048
[  252.484801][T15769] EXT4-fs: Ignoring removed orlov option
[  252.572916][T15769] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.865892][T15797] netlink: 9 bytes leftover after parsing attributes in process `syz.4.3874'.
[  252.909324][T15797] gretap0: entered promiscuous mode
[  252.914833][T15802] loop0: detected capacity change from 0 to 128
[  252.944574][T15803] netlink: 5 bytes leftover after parsing attributes in process `syz.4.3874'.
[  252.991234][T15803] 0猉功D: renamed from gretap0
[  253.000909][T15803] 0猉功D: left promiscuous mode
[  253.005792][T15803] 0猉功D: entered allmulticast mode
[  253.090183][T15803] A link change request failed with some changes committed already. Interface 
30猉功D may have been left with an inconsistent configuration, please check.
[  253.215120][T15817] netlink: 'syz.4.3882': attribute type 1 has an invalid length.
[  253.233334][T15817] mmap: syz.4.3882 (15817): VmData 45850624 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  253.402051][T15795] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  253.445615][T15795] EXT4-fs (loop2): Remounting filesystem read-only
[  253.476467][T15800] EXT4-fs (loop2): ext4_do_writepages: jbd2_start: 9223372036854775807 pages, ino 18; err -5
[  253.672556][T15840] FAULT_INJECTION: forcing a failure.
[  253.672556][T15840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.685675][T15840] CPU: 1 PID: 15840 Comm: syz.0.3892 Tainted: G        W          6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[  253.697316][T15840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  253.707396][T15840] Call Trace:
[  253.710675][T15840]  <TASK>
[  253.713611][T15840]  dump_stack_lvl+0xf2/0x150
[  253.718329][T15840]  dump_stack+0x15/0x20
[  253.722497][T15840]  should_fail_ex+0x229/0x230
[  253.727199][T15840]  should_fail+0xb/0x10
[  253.731398][T15840]  should_fail_usercopy+0x1a/0x20
[  253.736702][T15840]  _copy_from_user+0x1e/0xd0
[  253.741448][T15840]  sctp_setsockopt+0xbe/0xea0
[  253.746210][T15840]  sock_common_setsockopt+0x64/0x80
[  253.751520][T15840]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  253.757509][T15840]  __sys_setsockopt+0x1d8/0x250
[  253.762444][T15840]  __x64_sys_setsockopt+0x66/0x80
[  253.767498][T15840]  x64_sys_call+0x1183/0x2d70
[  253.772197][T15840]  do_syscall_64+0xc9/0x1c0
[  253.776721][T15840]  ? clear_bhb_loop+0x55/0xb0
[  253.781494][T15840]  ? clear_bhb_loop+0x55/0xb0
[  253.786193][T15840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.792112][T15840] RIP: 0033:0x7f1a5fe48bd9
[  253.796538][T15840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.816225][T15840] RSP: 002b:00007f1a5f0ca048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  253.824708][T15840] RAX: ffffffffffffffda RBX: 00007f1a5ffd6f60 RCX: 00007f1a5fe48bd9
[  253.832683][T15840] RDX: 0000000000000019 RSI: 0000000000000084 RDI: 0000000000000003
[  253.840661][T15840] RBP: 00007f1a5f0ca0a0 R08: 0000000000000008 R09: 0000000000000000
[  253.848643][T15840] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  253.856631][T15840] R13: 000000000000000b R14: 00007f1a5ffd6f60 R15: 00007ffe70963648
[  253.864629][T15840]  </TASK>
[  253.887421][T15398] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.002520][T15850] netlink: 'syz.2.3890': attribute type 4 has an invalid length.
[  254.030735][T15853] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3896'.
[  254.525869][T15892] sctp: [Deprecated]: syz.1.3908 (pid 15892) Use of int in max_burst socket option.
[  254.525869][T15892] Use struct sctp_assoc_value instead
[  254.671344][T15904] loop4: detected capacity change from 0 to 2048
[  254.686410][T15904] EXT4-fs: Ignoring removed orlov option
[  254.697380][T15905] loop2: detected capacity change from 0 to 512
[  254.721598][T15905] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.3910: attempt to clear invalid blocks 1 len 1
[  254.737966][T15904] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.750808][T15905] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3910: bg 0: block 343: padding at end of block bitmap is not set
[  254.783242][T15905] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  254.839329][T15905] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.3910: invalid indirect mapped block 1819239214 (level 0)
[  254.887017][T15905] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.3910: invalid indirect mapped block 1819239214 (level 1)
[  254.970138][T15905] EXT4-fs (loop2): 1 truncate cleaned up
[  255.008654][T15905] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.249403][T15920] FAULT_INJECTION: forcing a failure.
[  255.249403][T15920] name failslab, interval 1, probability 0, space 0, times 0
[  255.262181][T15920] CPU: 0 PID: 15920 Comm: syz.1.3916 Tainted: G        W          6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[  255.273824][T15920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  255.283962][T15920] Call Trace:
[  255.287353][T15920]  <TASK>
[  255.290372][T15920]  dump_stack_lvl+0xf2/0x150
[  255.294989][T15920]  dump_stack+0x15/0x20
[  255.299303][T15920]  should_fail_ex+0x229/0x230
[  255.304003][T15920]  ? getname_flags+0x86/0x360
[  255.308704][T15920]  __should_failslab+0x92/0xa0
[  255.313543][T15920]  should_failslab+0x9/0x20
[  255.318111][T15920]  kmem_cache_alloc_noprof+0x4c/0x290
[  255.323604][T15920]  getname_flags+0x86/0x360
[  255.328144][T15920]  user_path_at_empty+0x2c/0x120
[  255.333165][T15920]  __se_sys_mount+0x24b/0x2d0
[  255.337938][T15920]  __x64_sys_mount+0x67/0x80
[  255.342608][T15920]  x64_sys_call+0x25c9/0x2d70
[  255.347296][T15920]  do_syscall_64+0xc9/0x1c0
[  255.351918][T15920]  ? clear_bhb_loop+0x55/0xb0
[  255.356601][T15920]  ? clear_bhb_loop+0x55/0xb0
[  255.361312][T15920]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.367250][T15920] RIP: 0033:0x7f3f69543bd9
[  255.371670][T15920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.391349][T15920] RSP: 002b:00007f3f687c5048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  255.399775][T15920] RAX: ffffffffffffffda RBX: 00007f3f696d1f60 RCX: 00007f3f69543bd9
[  255.407751][T15920] RDX: 00000000200002c0 RSI: 0000000020000280 RDI: 0000000020000100
[  255.415778][T15920] RBP: 00007f3f687c50a0 R08: 0000000020000300 R09: 0000000000000000
[  255.423790][T15920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.431884][T15920] R13: 000000000000000b R14: 00007f3f696d1f60 R15: 00007fffcb8ec458
[  255.439875][T15920]  </TASK>
[  255.440693][T15909] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  255.534834][T15909] EXT4-fs (loop4): Remounting filesystem read-only
[  255.535476][T15398] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.541914][T15912] EXT4-fs (loop4): ext4_do_writepages: jbd2_start: 9223372036854775807 pages, ino 18; err -5
[  255.693628][T15934] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3919'.
[  255.702674][T15934] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3919'.
[  255.738199][   T29] kauditd_printk_skb: 21 callbacks suppressed
[  255.738221][   T29] audit: type=1326 audit(1720045095.484:33992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15935 comm="syz.0.3923" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a5fe48bd9 code=0x0
[  255.785617][T15938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3924'.
[  255.858272][T14875] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.955540][T15952] ref_ctr going negative. vaddr: 0x20002082, curr val: -11067, delta: 1
[  255.964085][T15952] ref_ctr increment failed for inode: 0x5ac offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff88810a75a4c0
[  256.207891][T15971] loop1: detected capacity change from 0 to 128
[  256.372162][T15976] FAULT_INJECTION: forcing a failure.
[  256.372162][T15976] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  256.385533][T15976] CPU: 0 PID: 15976 Comm: syz.1.3938 Tainted: G        W          6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[  256.397274][T15976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  256.407390][T15976] Call Trace:
[  256.410677][T15976]  <TASK>
[  256.413614][T15976]  dump_stack_lvl+0xf2/0x150
[  256.418228][T15976]  dump_stack+0x15/0x20
[  256.422425][T15976]  should_fail_ex+0x229/0x230
[  256.427303][T15976]  __should_fail_alloc_page+0xfd/0x110
[  256.432914][T15976]  __alloc_pages_noprof+0x109/0x360
[  256.438151][T15976]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  256.443696][T15976]  alloc_pages_noprof+0xe1/0x100
[  256.448664][T15976]  pte_alloc_one+0x32/0xf0
[  256.453151][T15976]  __pte_alloc+0x33/0x270
[  256.457493][T15976]  handle_mm_fault+0x1ade/0x2a80
[  256.462500][T15976]  exc_page_fault+0x296/0x650
[  256.467191][T15976]  asm_exc_page_fault+0x26/0x30
[  256.472087][T15976] RIP: 0010:__put_user_4+0x11/0x20
[  256.477254][T15976] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  256.496964][T15976] RSP: 0018:ffffc9000123fbd8 EFLAGS: 00050206
[  256.503122][T15976] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000200005c0
[  256.511197][T15976] RDX: 00000000000001d5 RSI: 0000000000000000 RDI: ffffc9000123fbe0
[  256.519222][T15976] RBP: 0000000000000000 R08: 0001c9000123fbe3 R09: 0000000000000000
[  256.527199][T15976] R10: 0001ffffffffffff R11: 0001c9000123fbe0 R12: ffff88810689af40
[  256.535252][T15976] R13: ffffffff855092c0 R14: 00000000200005c0 R15: 000000000000541b
[  256.543296][T15976]  sk_ioctl+0x25c/0x3c0
[  256.547485][T15976]  ? path_openat+0x1a6f/0x1fa0
[  256.552261][T15976]  inet6_ioctl+0x13f/0x190
[  256.556724][T15976]  ? _parse_integer+0x27/0x30
[  256.561422][T15976]  ? __rcu_read_unlock+0x4e/0x70
[  256.566454][T15976]  sock_do_ioctl+0x81/0x260
[  256.571011][T15976]  sock_ioctl+0x470/0x640
[  256.575420][T15976]  ? file_has_perm+0x347/0x390
[  256.580262][T15976]  ? __pfx_sock_ioctl+0x10/0x10
[  256.585133][T15976]  do_vfs_ioctl+0x96f/0x1560
[  256.589738][T15976]  ? selinux_file_ioctl+0x1c6/0x380
[  256.595012][T15976]  __se_sys_ioctl+0x81/0x150
[  256.599713][T15976]  __x64_sys_ioctl+0x43/0x50
[  256.604361][T15976]  x64_sys_call+0x1581/0x2d70
[  256.609064][T15976]  do_syscall_64+0xc9/0x1c0
[  256.613606][T15976]  ? clear_bhb_loop+0x55/0xb0
[  256.618300][T15976]  ? clear_bhb_loop+0x55/0xb0
[  256.623029][T15976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.628967][T15976] RIP: 0033:0x7f3f69543bd9
[  256.633398][T15976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.653031][T15976] RSP: 002b:00007f3f687c5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  256.661463][T15976] RAX: ffffffffffffffda RBX: 00007f3f696d1f60 RCX: 00007f3f69543bd9
[  256.669479][T15976] RDX: 00000000200005c0 RSI: 000000000000541b RDI: 0000000000000003
[  256.677464][T15976] RBP: 00007f3f687c50a0 R08: 0000000000000000 R09: 0000000000000000
[  256.685462][T15976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.693440][T15976] R13: 000000000000000b R14: 00007f3f696d1f60 R15: 00007fffcb8ec458
[  256.701458][T15976]  </TASK>
[  256.795352][T15988] netlink: 'syz.0.3943': attribute type 1 has an invalid length.
[  256.866118][T15997] loop1: detected capacity change from 0 to 128
[  256.878949][T15992] loop2: detected capacity change from 0 to 2048
[  256.921879][T15992] EXT4-fs: Ignoring removed orlov option
[  256.951589][T16003] loop0: detected capacity change from 0 to 512
[  256.988107][T16002] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3948'.
[  256.997505][T16003] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  257.093347][T15992] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.161934][T16018] loop1: detected capacity change from 0 to 512
[  257.168507][T16018] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  257.268313][T15994] chnl_net:caif_netlink_parms(): no params data found
[  257.440234][T15994] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.447419][T15994] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.486627][T15994] bridge_slave_0: entered allmulticast mode
[  257.510781][T15994] bridge_slave_0: entered promiscuous mode
[  257.520812][T16042] netlink: 'syz.4.3956': attribute type 1 has an invalid length.
[  257.545395][T15994] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.552584][T15994] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.578468][T15994] bridge_slave_1: entered allmulticast mode
[  257.598381][T15994] bridge_slave_1: entered promiscuous mode
[  257.673560][T15994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  257.709490][T15994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  257.723897][T16016] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  257.761226][T15994] team0: Port device team_slave_0 added
[  257.763622][T16016] EXT4-fs (loop2): Remounting filesystem read-only
[  257.802019][T15994] team0: Port device team_slave_1 added
[  257.856002][T15994] batman_adv: batadv0: Adding interface: batadv_slave_0
[  257.863040][T15994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.889068][T15994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  257.994524][T15994] batman_adv: batadv0: Adding interface: batadv_slave_1
[  258.001538][T15994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.022155][T15398] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.027534][T15994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  258.127171][T15994] hsr_slave_0: entered promiscuous mode
[  258.145706][T16058] netlink: 'syz.4.3962': attribute type 1 has an invalid length.
[  258.153866][T15994] hsr_slave_1: entered promiscuous mode
[  258.170737][T15994] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  258.189135][T15994] Cannot create hsr debugfs directory
[  258.257874][   T29] audit: type=1400 audit(1720045097.810:33993): avc:  denied  { mounton } for  pid=16059 comm="syz.4.3963" path="/80/file0" dev="tmpfs" ino=442 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  258.257884][T16062] 9pnet_fd: Insufficient options for proto=fd
[  258.346847][T16063] netlink: 312 bytes leftover after parsing attributes in process `syz.2.3960'.
[  258.347429][T16064] loop4: detected capacity change from 0 to 512
[  258.391961][T16064] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  258.400019][T16064] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  258.463719][T15994] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.559341][T16064] System zones: 0-1, 15-15, 18-18, 34-34
[  258.565218][T16064] EXT4-fs (loop4): orphan cleanup on readonly fs
[  258.624512][T16064] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0
[  258.679591][T15994] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.771457][T15994] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.780632][T16064] EXT4-fs warning (device loop4): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  258.796418][T16064] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  258.913254][T15994] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.920453][T16064] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3963: bg 0: block 40: padding at end of block bitmap is not set
[  259.031025][T16064] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  259.057725][T15994] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  259.077677][T16064] EXT4-fs (loop4): 1 truncate cleaned up
[  259.083802][T16064] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  259.137908][T15994] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  259.166298][T15994] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  259.179347][T15994] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  259.221021][T16095] netlink: 'syz.2.3972': attribute type 1 has an invalid length.
[  259.272798][T16062] EXT4-fs error (device loop4): ext4_encrypted_get_link:46: inode #16: comm syz.4.3963: bad symlink.
[  259.430480][T15994] 8021q: adding VLAN 0 to HW filter on device bond0
[  259.480225][T16102] vlan2: entered promiscuous mode
[  259.485312][T16102] syz_tun: entered promiscuous mode
[  259.519229][T14875] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.528398][T16102] syz_tun: left promiscuous mode
[  259.589513][T15994] 8021q: adding VLAN 0 to HW filter on device team0
[  259.613769][ T4335] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.620987][ T4335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  259.683752][ T4335] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.690901][ T4335] bridge0: port 2(bridge_slave_1) entered forwarding state
[  259.780065][T15994] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  259.790485][T15994] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  259.852698][T16106] Dead loop on virtual device ip6_vti0, fix it urgently!
[  260.019758][T15994] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.134206][T16130] loop1: detected capacity change from 0 to 1024
[  260.161335][T16130] EXT4-fs: Invalid want_extra_isize 125
[  260.236483][T15994] veth0_vlan: entered promiscuous mode
[  260.278505][T15994] veth1_vlan: entered promiscuous mode
[  260.296776][T16130] loop1: detected capacity change from 0 to 2048
[  260.328433][T16143] netlink: 'syz.2.3985': attribute type 1 has an invalid length.
[  260.334925][T15994] veth0_macvtap: entered promiscuous mode
[  260.359857][T15994] veth1_macvtap: entered promiscuous mode
[  260.396172][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.396207][T16130] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.406706][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.428623][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.439087][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.449021][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.459482][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.461334][T16148] loop2: detected capacity change from 0 to 512
[  260.469324][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.469345][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.469365][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.469381][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.516174][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.526619][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.536493][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.546984][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.556856][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.567349][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.618479][T16148] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.640186][T16148] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.660626][T15994] batman_adv: batadv0: Interface activated: batadv_slave_0
[  260.673088][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  260.683638][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.693491][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  260.703955][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.713802][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  260.724382][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.734199][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  260.744700][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.754623][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  260.765219][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.775101][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  260.785538][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.795488][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  260.806061][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.816148][T15994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  260.826656][T15994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.848165][T15994] batman_adv: batadv0: Interface activated: batadv_slave_1
[  260.880282][T15994] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  260.889304][T15994] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  260.898144][T15994] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  260.906947][T15994] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  261.039661][T12408] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.100955][T15398] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  261.134738][T16168] loop0: detected capacity change from 0 to 512
[  261.158521][T15398] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  261.182455][T16168] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #15: comm syz.0.3992: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964)
[  261.211976][T16168] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz.0.3992: couldn't read orphan inode 15 (err -117)
[  261.229848][T15398] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  261.255849][T15398] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  261.256336][T16168] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.359203][T16186] FAULT_INJECTION: forcing a failure.
[  261.359203][T16186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.372359][T16186] CPU: 0 PID: 16186 Comm: syz.3.3995 Tainted: G        W          6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[  261.384534][T16186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  261.394647][T16186] Call Trace:
[  261.397971][T16186]  <TASK>
[  261.400900][T16186]  dump_stack_lvl+0xf2/0x150
[  261.405510][T16186]  dump_stack+0x15/0x20
[  261.409700][T16186]  should_fail_ex+0x229/0x230
[  261.414452][T16186]  should_fail+0xb/0x10
[  261.418641][T16186]  should_fail_usercopy+0x1a/0x20
[  261.423699][T16186]  _copy_from_iter+0xd3/0xb00
[  261.428451][T16186]  ? __alloc_pages_noprof+0x1bc/0x360
[  261.433859][T16186]  copy_page_from_iter+0x14f/0x280
[  261.438992][T16186]  pipe_write+0x44a/0xd30
[  261.443454][T16186]  vfs_write+0x78f/0x900
[  261.447829][T16186]  ? __pfx_pipe_write+0x10/0x10
[  261.452725][T16186]  ksys_write+0xeb/0x1b0
[  261.456983][T16186]  __x64_sys_write+0x42/0x50
[  261.461578][T16186]  x64_sys_call+0x27ef/0x2d70
[  261.466300][T16186]  do_syscall_64+0xc9/0x1c0
[  261.470878][T16186]  ? clear_bhb_loop+0x55/0xb0
[  261.475564][T16186]  ? clear_bhb_loop+0x55/0xb0
[  261.480282][T16186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.486263][T16186] RIP: 0033:0x7f9708449bd9
[  261.490687][T16186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.510304][T16186] RSP: 002b:00007f97076aa048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  261.518774][T16186] RAX: ffffffffffffffda RBX: 00007f97085d8038 RCX: 00007f9708449bd9
[  261.526748][T16186] RDX: 00000000fffffdef RSI: 0000000020000000 RDI: 0000000000000000
[  261.534733][T16186] RBP: 00007f97076aa0a0 R08: 0000000000000000 R09: 0000000000000000
[  261.542771][T16186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  261.550769][T16186] R13: 000000000000006e R14: 00007f97085d8038 R15: 00007ffe53314378
[  261.558867][T16186]  </TASK>
[  261.589396][T12361] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.609667][T15398] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  261.645138][T15398] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  261.660579][   T29] audit: type=1400 audit(1720045100.958:33994): avc:  denied  { getattr } for  pid=16188 comm="syz.1.3997" name="/" dev="pidfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  261.723956][T15398] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  261.737991][    T8] kernel write not supported for file /vcsa1 (pid: 8 comm: kworker/0:0)
[  261.800694][   T29] audit: type=1400 audit(1720045101.087:33995): avc:  denied  { map } for  pid=16203 comm="syz.0.4001" path="/dev/null" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:null_device_t tclass=chr_file permissive=1
[  261.829717][T15398] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  261.900835][T15398] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  261.914642][T16213] loop0: detected capacity change from 0 to 512
[  261.929428][T16213] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.4005: invalid block
[  261.941775][T15398] EXT4-fs error (device loop2): ext4_empty_dir:3089: inode #12: comm syz-executor: Directory hole found for htree leaf block
[  261.966279][T16213] EXT4-fs (loop0): Remounting filesystem read-only
[  261.981160][T16213] EXT4-fs (loop0): 2 truncates cleaned up
[  261.987456][T16213] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.002961][T16213] SELinux: (dev loop0, type ext4) getxattr errno 5
[  262.023346][T16213] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.086203][T16233] netlink: 'syz.1.4010': attribute type 1 has an invalid length.
[  262.112356][T16236] netlink: 'syz.4.4012': attribute type 1 has an invalid length.
[  262.219830][T16245] ==================================================================
[  262.227961][T16245] BUG: KCSAN: data-race in inode_update_timestamps / inode_update_timestamps
[  262.236762][T16245] 
[  262.239088][T16245] write to 0xffff88810520b180 of 8 bytes by task 16247 on cpu 1:
[  262.246812][T16245]  inode_update_timestamps+0x16f/0x280
[  262.252295][T16245]  file_update_time+0x22f/0x2c0
[  262.257166][T16245]  pipe_write+0xa87/0xd30
[  262.261506][T16245]  vfs_write+0x78f/0x900
[  262.265757][T16245]  ksys_write+0xeb/0x1b0
[  262.270007][T16245]  __x64_sys_write+0x42/0x50
[  262.274609][T16245]  x64_sys_call+0x27ef/0x2d70
[  262.279299][T16245]  do_syscall_64+0xc9/0x1c0
[  262.283810][T16245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.289711][T16245] 
[  262.292036][T16245] read to 0xffff88810520b180 of 8 bytes by task 16245 on cpu 0:
[  262.299669][T16245]  inode_update_timestamps+0x8a/0x280
[  262.305078][T16245]  file_update_time+0x22f/0x2c0
[  262.309944][T16245]  pipe_write+0xa87/0xd30
[  262.314285][T16245]  vfs_write+0x78f/0x900
[  262.318532][T16245]  ksys_write+0xeb/0x1b0
[  262.322781][T16245]  __x64_sys_write+0x42/0x50
[  262.327378][T16245]  x64_sys_call+0x27ef/0x2d70
[  262.332071][T16245]  do_syscall_64+0xc9/0x1c0
[  262.336586][T16245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.342488][T16245] 
[  262.344807][T16245] value changed: 0x000000001b3712ef -> 0x000000001c50c050
[  262.351908][T16245] 
[  262.354238][T16245] Reported by Kernel Concurrency Sanitizer on:
[  262.360396][T16245] CPU: 0 PID: 16245 Comm: syz.0.4015 Tainted: G        W          6.10.0-rc6-syzkaller-00067-g8a9c6c40432e #0
[  262.372039][T16245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  262.382126][T16245] ==================================================================
[  262.459847][T16247] 9pnet_fd: Insufficient options for proto=fd
[  262.477772][T16250] loop1: detected capacity change from 0 to 128
[  262.537585][T16250] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  262.563613][T16250] vhci_hcd: invalid port number 219
[  262.568898][T16250] vhci_hcd: default hub control req: 0000 v6ab1 i00db l1556
[  262.766783][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.779908][T15398] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.852304][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.894904][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.959805][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.031753][   T11] bridge_slave_1: left allmulticast mode
[  263.037493][   T11] bridge_slave_1: left promiscuous mode
[  263.043136][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.055649][   T11] bridge_slave_0: left allmulticast mode
[  263.061312][   T11] bridge_slave_0: left promiscuous mode
[  263.067031][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.225094][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  263.263193][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  263.280952][   T11] bond0 (unregistering): Released all slaves
[  263.392553][   T11] hsr_slave_0: left promiscuous mode
[  263.413167][   T11] hsr_slave_1: left promiscuous mode
[  263.418946][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  263.426464][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  263.455049][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  263.462525][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  263.492508][   T11] veth1_macvtap: left promiscuous mode
[  263.498045][   T11] veth0_macvtap: left promiscuous mode
[  263.503633][   T11] veth1_vlan: left promiscuous mode
[  263.508973][   T11] veth0_vlan: left promiscuous mode
[  263.761429][   T11] team0 (unregistering): Port device team_slave_1 removed
[  263.783594][   T11] team0 (unregistering): Port device team_slave_0 removed