last executing test programs:

4.122264796s ago: executing program 2 (id=1526):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li")
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
getpid()
r0 = perf_event_open(0x0, 0x0, 0x200000000, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00003a6000/0x4000)=nil, 0x4000, 0x8000, &(0x7f0000000000)=0x9, 0x8, 0x4)
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000540)={@mcast2}, &(0x7f00000005c0)=0x14)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, '\x00', 0x0, 0x0, 0x2, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x4, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
timer_create(0xfffffffffffffffc, &(0x7f0000000140)={0x0, 0x12}, &(0x7f0000001400))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400)=<r5=>0x0)
clock_gettime(0x0, &(0x7f0000000000)={0x0, <r6=>0x0})
timer_settime(r5, 0x0, &(0x7f0000000040)={{}, {0x0, r6+60000000}}, &(0x7f0000000500))
unshare(0x40000000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000040)={0x800}, 0x10)
sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c0000005e0001"], 0x1c}}, 0x0)

3.511036436s ago: executing program 2 (id=1533):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000000300)={0x80, 0x0, 0x0, 0x400})
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x0, 0xa, 0x4, 0x2, 0x80b}, 0x48)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000003c0))
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'dvmrp1\x00', {0x2, 0x0, @empty}})

3.432226032s ago: executing program 2 (id=1534):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
pipe(&(0x7f0000000500)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0x9, 0x0)
write(r2, &(0x7f0000001100)="94", 0x1)
tee(r1, r4, 0x81, 0x0)
write$binfmt_elf64(r4, &(0x7f0000000580)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)

2.297364834s ago: executing program 4 (id=1546):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=@newqdisc={0xffffffffffffff92}, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0x2}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}}, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li")
r3 = io_uring_setup(0x48ae, &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0xf, &(0x7f0000000540)={0x1000, 0x0, 0x0, 0x0}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x0, 0x5e}, 0x20)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r6, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'lo\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_FLUSH(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, r6, 0x9}, 0x14}}, 0x0)

2.234791069s ago: executing program 4 (id=1549):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f00000007c0)='ext4_es_find_extent_range_exit\x00', r0}, 0x10)
open(0x0, 0x0, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000980)='\x00', 0x1}], 0x1, 0x7bff, 0x0, 0x3)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r3 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0)
sendfile(r3, r2, 0x0, 0x100800001)
r4 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0)
sendfile(r1, r4, 0x0, 0x100000001)

2.176784714s ago: executing program 4 (id=1551):
r0 = socket(0x10, 0x3, 0x4)
unshare(0x2000400)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
quotactl$Q_GETNEXTQUOTA(0x0, 0x0, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000540)=0x400, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit, @alu={0x7, 0x0, 0xb, 0x0, 0xa}]}, &(0x7f0000000000)='GPL\x00'}, 0x90)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c)
socket$can_bcm(0x1d, 0x2, 0x2)
sendto$inet6(r3, &(0x7f0000000080)="02", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e21, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
shutdown(r3, 0x1)
r4 = dup(r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_CREATE(r5, &(0x7f0000000580)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000540)={&(0x7f0000000180)={0x2c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x3}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xd}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x40001)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r4, 0x84, 0x23, &(0x7f00000005c0), 0x8)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r6, &(0x7f00000025c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="c5", 0x1}], 0x1}}, {{&(0x7f0000000500)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000140)='i', 0x1}, {&(0x7f0000000600)="6b56bc0037813cb98b9ab000174c6047acecaa3b73becc61d084b638bcfc86ab1587f94b6007f3189443cb6111b7eda14fc1c5a942f3df481a89d4f00c96bf965c9a01c3062b3bc869a91f9a6de01d06695ac28982f0e9d13d1e6adb418fedf1c9dbcc34977098cea032926a83e028481d3a64560a355a0e7e5e66d9da9db2863e80873aaa9c5be42f09ec999e788b157956afb19e0b1ad845b774c29618265a5cd56a88", 0xa4}], 0x2}}], 0x2, 0x0)
shutdown(r6, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x90)
pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r8 = dup(r7)
write$P9_RLERRORu(r8, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)

1.759836558s ago: executing program 4 (id=1553):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000600)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000340), 0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
open(&(0x7f0000000180)='./bus\x00', 0x10b67e, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r2, 0x2007ffb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r2, 0x0)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00)

1.665898565s ago: executing program 3 (id=1555):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'lo\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, r2, 0x9}, 0x14}}, 0x0)

1.664195735s ago: executing program 3 (id=1556):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810314, &(0x7f0000000080)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@data_err_ignore}, {@norecovery}, {@resuid}, {@prjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@usrjquota}, {@resgid}, {@nodiscard}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ftruncate(r0, 0xc17a)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="180063269349dfded16d06c35dc1761fbb3b64af65ba627abf72a1c2d0087db5774d3206ce6b9d67ed63c27e01b8373540bc2a40e5681a1874f16d77116a4d0cba487bf0db3143fcebc7e19d196d8cfc75a36ab61b0fc86b49e9d1f4ee259c3471321687e71c4b3326f585a2ab944928f4a0771c1fe775bf930e54e34c33097305195b9ae5c454955be89c6226f5c0f499918af2dd82c74e2b31665765a01c334bf7697f29089b9fd5348d21bb193782ab5d4908ae111c10fdcafe8e286cfb6021f730e2363562e1da2e4dbaa3b2c6ab150d26be6f074c7a0d3ed78b64b2092b0d0a55a1bd25c635bbf02c19dc01162bba729449b231cc23b5a9ba5c1808b1b32ca73b70611e33475404cd2a024f2be38937856526b5a7d4e4ce013f703f6fddcb4ff62c2c302850d3795407e3ad3cf283c5c4e2677fd3ff9a"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000140), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000400)=@gcm_128={{0x303, 0x38}, "006852ec2c00", "00000c704a3a000000000000ffff00", "e469d337", "df02000000000ece"}, 0x28)
setsockopt$inet6_tcp_int(r2, 0x6, 0x3, &(0x7f0000000100), 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r3 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600))
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li")
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r5, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r5, 0x0)
getsockopt$inet_int(r4, 0x10d, 0xa7, 0x0, &(0x7f0000000040))
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000c00)=@delchain={0x854, 0x65, 0x200, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xfff1, 0xe}, {0x0, 0xf}, {0x6, 0xa}}, [@filter_kind_options=@f_route={{0xa}, {0x824, 0x2, [@TCA_ROUTE4_POLICE={0x408, 0x5, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x2, 0x401, 0xbc09, 0x401, 0x6, 0x45ab, 0x10000, 0x1ff, 0xc, 0x6, 0x1, 0xfff, 0x3, 0x6, 0x800, 0xe, 0x29e, 0x0, 0x6, 0xc, 0x3, 0x6, 0x7, 0x7, 0x8000, 0x5, 0xffffffff, 0x7, 0x49, 0x9, 0x9a, 0x8, 0x1000, 0x1ff, 0x6, 0x3, 0x4, 0x4, 0xa1e4, 0x786c, 0x5, 0xd, 0x84, 0x6, 0xb5, 0x0, 0x100, 0x6, 0x80000000, 0x7, 0xffffffff, 0x3, 0xa, 0x3, 0x6, 0xffffff2f, 0x8, 0x8000, 0x800, 0x6, 0x3, 0x3, 0x1ff, 0x3ff, 0x9, 0x400, 0x6, 0x10, 0x0, 0x1, 0x3, 0x4, 0x3, 0xfa, 0x2, 0xe0000000, 0x7, 0x8d9, 0x1, 0x240, 0xaaf, 0xf, 0x0, 0x1000, 0xffffaec5, 0x3, 0xe31, 0x401, 0x101, 0x7, 0xa490, 0x400, 0x3ff, 0x0, 0xffffffff, 0x9, 0x7259, 0x7, 0xd, 0x800, 0x9a0, 0xf, 0x80000000, 0xf, 0x43, 0x9, 0x80000000, 0x5, 0x5, 0x1, 0x8, 0x2, 0x9, 0xffffffff, 0x1, 0x800, 0x3, 0x6a2, 0x9, 0xbe, 0x8, 0x80000001, 0x6, 0x0, 0x5c, 0x5, 0xcf04, 0x4, 0xe, 0x8, 0xe, 0x3, 0x4, 0x38000, 0x100, 0xc9e, 0xc20, 0x5b, 0x5, 0x2, 0x6, 0xf31, 0xfffffff7, 0x8, 0x200, 0x3, 0x9, 0x5, 0xf04d, 0xa20b, 0xc0, 0x2, 0x75, 0x706, 0x7, 0x2, 0x5, 0x27, 0x7fffffff, 0xfffff001, 0x80000001, 0x5, 0x9, 0xe, 0x2, 0x3f7, 0x5, 0x0, 0x2, 0x101, 0xffffffff, 0xe2, 0x8, 0x3, 0x0, 0x9, 0x6, 0x1000, 0x2, 0x400, 0x1, 0x2, 0x92c3, 0x4, 0x6, 0x4, 0x2, 0x18, 0xc, 0x2, 0x2, 0x24, 0xd, 0x6, 0x3, 0x835b, 0x4, 0x2, 0xff, 0x87, 0x2, 0xd31, 0x9, 0x5, 0x7, 0x9, 0x3, 0x6, 0x80000000, 0x7fff, 0x4, 0x2, 0x4, 0x4, 0x156, 0x568, 0xf197, 0xaa49, 0x401, 0x80, 0x3, 0xffff7fff, 0x7f, 0xf, 0x3, 0x6, 0x12, 0x81, 0xfffffff8, 0x8001, 0x5, 0x8000, 0x8, 0x1, 0x9, 0x9, 0x7, 0x5, 0x9d4, 0x80000001, 0xbe, 0x4, 0x388d736e, 0x8, 0x7, 0x3, 0x1, 0xd, 0x7c6, 0x80000000, 0x8425, 0xa, 0x1, 0x3, 0xda9b]}]}, @TCA_ROUTE4_TO={0x8, 0x2, 0xcd}, @TCA_ROUTE4_POLICE={0x410, 0x5, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x800}, @TCA_POLICE_RATE={0x404, 0x2, [0x486fa825, 0x80000000, 0x80000, 0x7fffffff, 0x6, 0x10000, 0x52ed6a2f, 0x0, 0x723a0031, 0xfffffffb, 0x4, 0x4, 0x910, 0x6, 0x0, 0x2, 0x80000000, 0x8, 0x7, 0x2, 0x35223638, 0x7, 0x7ff, 0x1, 0x6, 0x7, 0x1, 0x4, 0xffff, 0x0, 0x9, 0x9, 0xffff33da, 0x82, 0x7fffffff, 0xa, 0x40, 0x800, 0xfc10, 0x100, 0x3, 0x8, 0xfffffffc, 0x1, 0x4, 0x401, 0x7, 0xf59, 0x80000000, 0x0, 0x6, 0x5, 0xe, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2, 0x0, 0x9, 0xffff2bdb, 0x7, 0x40, 0x8, 0x5, 0xdf959483, 0x3, 0x8, 0x9, 0x1, 0x4, 0x7, 0x4, 0xd, 0x55, 0x5, 0x1, 0x0, 0x3, 0x5, 0x0, 0xfffffffb, 0x6, 0x4, 0xa1, 0x4, 0x3, 0x4, 0x3, 0xa0, 0x5af1, 0xffff, 0x9a9, 0x472, 0x30, 0x80000000, 0x8, 0xffff5a0f, 0x1, 0x4, 0x8, 0x4, 0x6, 0xfdf7, 0x2, 0x7ff, 0x8001, 0x1a, 0x7f, 0x1, 0x2, 0x3, 0x7f, 0xee, 0x7, 0x5, 0x3, 0x101, 0x8, 0x6, 0x80, 0x3, 0x8, 0x9, 0x5, 0x8, 0x207b, 0xe, 0x0, 0x7, 0x7, 0x6, 0x7f, 0x1, 0x800, 0x1, 0x3, 0x7fffffff, 0x7, 0x6, 0x4, 0xffffffff, 0x9, 0x1d70980a, 0x1, 0xa5e, 0x9, 0x3, 0x9, 0x9a7f, 0x5, 0x3, 0x8, 0x0, 0x7fffffff, 0x1ff, 0x2, 0x80000000, 0x80, 0x8, 0x3, 0x9, 0xda6a, 0x4, 0x2, 0x5, 0x2, 0x3, 0xce4e, 0xc, 0xca, 0x5, 0x200, 0x80000001, 0x4, 0x817, 0x0, 0x9, 0xea, 0x3bb, 0x680c, 0x5, 0x7ac, 0x9, 0x6, 0x6, 0xf0, 0x6, 0x6a2, 0xd46f, 0x6, 0x5, 0x50c00027, 0x9, 0x5, 0x2, 0x101, 0x5, 0x9, 0x2, 0x0, 0x101, 0x2, 0x4, 0x3ff, 0xf, 0x0, 0x3, 0x7, 0xafd, 0x7, 0x9, 0x4, 0x2, 0x1, 0x0, 0x7, 0x6, 0xaf9, 0x1ff, 0xcf, 0x1ff, 0x9c19, 0x8, 0x8000, 0xe730, 0x2, 0x200, 0x1, 0x6, 0x54de, 0x1, 0x8, 0x4b8, 0x8, 0x1, 0xd, 0xfffffffb, 0x7, 0x10001, 0x1, 0x2, 0x5, 0x4, 0x50b3, 0xd, 0x1f0, 0x101, 0x0, 0x9, 0x3ff, 0x1, 0x7, 0x4, 0xffff0001]}]}]}}]}, 0x854}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000800)={0x2, 0x0, @dev}, 0x10)

1.563945854s ago: executing program 1 (id=1557):
syz_io_uring_setup(0x68c2, &(0x7f0000000480)={0x0, 0x1ce9, 0x20, 0x1, 0x356}, &(0x7f0000000140), 0x0)
mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munmap(&(0x7f00007c2000/0x2000)=nil, 0x2000)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000006540000000c0a01010000000000000000010000000900020073797a32000000002800038024000080090026400000000018000b80140001800a0001006c696d697400000004fe02800900010073797a30"], 0xd8}}, 0x0)
syz_io_uring_setup(0x60f2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x3}, 0x0, 0x0)
futex(&(0x7f0000000300), 0x3, 0x1, &(0x7f0000000340)={0x77359400}, &(0x7f0000000380), 0x0)
munmap(&(0x7f0000b04000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000e3b000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000fe1000/0x4000)=nil)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000, 0x7, &(0x7f0000c51000/0x2000)=nil)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x91, 0x8, 0x0, 0x0, 0x0, 0x2, 0x50422, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x5094}, 0x11d620, 0x0, 0x0, 0x7, 0x4, 0x4, 0x0, 0x0, 0x2, 0x0, 0x10000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM_MAP(0x4, 0x3, 0x0, 0xffffff66)
mremap(&(0x7f0000519000/0x4000)=nil, 0x4000, 0x3000, 0x0, &(0x7f0000595000/0x3000)=nil)
mremap(&(0x7f000062b000/0x2000)=nil, 0x1d5000, 0x40000000, 0x3, &(0x7f00009f6000/0x3000)=nil)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x9}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
lgetxattr(&(0x7f0000000600)='./file0/file0\x00', 0x0, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$rds(0x15, 0x5, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x803, 0x0)
r3 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'gretap0\x00'})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=ANY=[@ANYBLOB="400000001400b59500000000000000000a000000", @ANYRES16, @ANYRES8, @ANYRESOCT], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44000051)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="4800000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c0002800500010000000000100005"], 0x48}}, 0x0)

1.502299588s ago: executing program 1 (id=1558):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000100)='./file2\x00', 0x20005e, &(0x7f0000000280)={[{@jqfmt_vfsold}, {@errors_continue}, {@abort}, {@errors_remount}, {@norecovery}, {@minixdf}, {@nolazytime}, {@noquota}, {@norecovery}, {@usrquota}, {@user_xattr}]}, 0x1, 0x476, &(0x7f0000000700)="$eJzs3MtvVNUfAPDvvX3w4/XriPjgoVTRSDS2tKCycAFGExeamOgCl7UtBCnU0JoIIVpc4NKQuDcuTfwLXOnGqCsTt7o3JMSwAV1dc2fu7WM6MxmGgWmZzye59Jz7yDnfnntmzj2H2wD61mj+TxKxIyL+iIiRWnbtCaO1H7dvXp7+5+bl6SSy7N2/k+p5t25eni5PLa/bXmaWavl9DcpduHjp7NTc3OyFIj++eO6j8YWLl148c27q9Ozp2fOTx44dPTLxysuTLzWvfNJ+nHmdbu39dH7/njffv/b29MlrH/zyXVLGXxdHl4w22DdQJp7tcmG9tnNVOhksEgM9qgxty5sob66hav8fiYEYXD42Em983tPKAfdUlmXZlmYHk1jKgAdYEr2uAdAb5Vd9/vxbbvdt8LEB3DhRewDK475dbLUjg5EW5wzVPd92U/60dXLp36/zLe7NPAQAwBo/nKj9XD/+S+PRVecdL9aGKhHxUETsioiHI2J3RDwSUT33sYh4fOWSrJ3lmfpFkvXjn/R6h6G1JR//vVqsba0d/5Wjv6gMFLmd1fiHklNn5mYPR8T/I+JQDG3J8xMtyvjx9d+/bHZsNCIrx3/5lpdfjgWLeqT118xMLU51HvFaN65E7B1sFH+yvBKQt+OeiNh7oLMyzjz/7f5mx0ZXjX8bx9/CYGf1WS37JuK5WvsvRV38paT1+uT4/2Ju9vB4eVes9+tvV99pVv5dxd8Feftva3j/L8dfSVav1y5U9627J1u5+ucXDZ9phtqKP70+WDdBnd//w8l71fRwse+TqcXFCxMRw8lbxf7jK/snV64t8+X5efyHDjbu/7ti5TexLyLym/iJiHgyIg4UdX8qIp6OiIMt4v/5tWc+bHZsI7T/zB21/50nBs7+9P2aQist4k+iQfsfraYOFXva+fxrXp2VOY88rE5/bwAAALCZpBGxI5J0bDmdpmNjtf8vvzu2pXPzC4svnJr/+PxM7R2BSgyl5UzXyKr50IlixqDMTxaP+WX+SDFv/NXA1mp+bHp+bqbXwUOf296k/+f+8v4GPPi6sI4GbFKd9v8syz7rclWA+8z3P/Qv/R/6V4P+v7Uu3/RvBACbW6Pvfw/20B+M/6F/6f/Qv/R/6F/6P/Slu3mvv0hcafGyfXuJ/PPnrqtxHxNZ1qPSh3sf+3Ii0g1RjXuViMpGqEald6X3+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4LAAD//wYf47Q=") (fail_nth: 8)

1.208223042s ago: executing program 1 (id=1560):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f00000007c0)='ext4_es_find_extent_range_exit\x00', r0}, 0x10)
open(0x0, 0x0, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000980)='\x00', 0x1}], 0x1, 0x7bff, 0x0, 0x3)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r3 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0)
sendfile(r3, r2, 0x0, 0x100800001)
r4 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0)
sendfile(r1, r4, 0x0, 0x100000001)

1.093451162s ago: executing program 1 (id=1561):
semctl$SEM_STAT_ANY(0x0, 0x0, 0x14, 0x0)
r0 = semget(0x3, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000b40000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='xprtrdma_cb_setup\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000800)={'ipvlan1\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000001400230300000000000000000a000000", @ANYRES32=r5, @ANYBLOB="080008000004000014000100ff05"], 0x34}}, 0x0)
r6 = socket(0x2, 0x6, 0x0)
getsockopt$WPAN_SECURITY_LEVEL(r6, 0x0, 0x19, &(0x7f0000000000), &(0x7f00000000c0)=0x1)
r7 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYRES16=r0, @ANYRES32=0x0, @ANYBLOB="0000000000000000140003006970766c616e3100000000000000000008000a00", @ANYRES8=r0], 0x3c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000100001000000000074df00000000000a64000000060a09040000001000000000020000000900010073797a30000000000900020073797a320000000038000480340001800b00010065787468647200002400028008000640000000110800034000000000080007"], 0x8c}}, 0x0)

959.274453ms ago: executing program 1 (id=1562):
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
gettid()
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000001c0)=<r0=>0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x7, 0x1, 0xfd, 0x0, 0x0, 0x2, 0x4802, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x5}, 0x0, 0x1000, 0x0, 0x3, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, r0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x0, 0x1c7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000080))
socket(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0x2, 0x4, 0x400, 0x0, 0x108, 0x0, 0x318, 0x318, 0x318, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x108, 0x71000000, {0x15b}}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@arp={@rand_addr, @empty, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8, 0x0, {0x1d000000}}, {0x28}}}}, 0x450)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x1, 0x0}}, 0x20)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, {0x0, @random="0f00a85d4f76"}, 0x1c, {0x2, 0x4e22, @loopback}, 'veth0\x00'})
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r4, &(0x7f0000000040)=[{&(0x7f0000000200)=""/218, 0xda}], 0x1, 0xffff, 0xfffffff5)

906.492677ms ago: executing program 1 (id=1565):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000140), 0x0, 0x0) (async)
syz_io_uring_setup(0x0, &(0x7f0000000140), 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) (async)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil) (async)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) (async)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='mm_page_alloc\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48)
r2 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0xb}, 0x1c) (async)
connect$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0xb}, 0x1c)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000880)=ANY=[@ANYRES16=r0], 0x0, 0x6b, 0x0, 0xfffffffd, 0x1}, 0x20)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) (async)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{}, &(0x7f0000000680), &(0x7f00000006c0)='%+9llu \x00'}, 0x20) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{}, &(0x7f0000000680), &(0x7f00000006c0)='%+9llu \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff})
splice(r5, 0x0, r4, 0x0, 0x1, 0x0) (async)
splice(r5, 0x0, r4, 0x0, 0x1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRESHEX=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r6, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r6, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000040)={@local, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x88, 0x0, @empty}, {0x0, 0x0, 0x8, 0x0, @gue={{0x2}}}}}}}, 0x0)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

888.669038ms ago: executing program 3 (id=1566):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'lo\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, r2, 0x9}, 0x14}}, 0x0)

832.839753ms ago: executing program 4 (id=1567):
syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0xe0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000180), 0x8)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x40, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0), 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x0, &(0x7f0000ffd000/0x1000)=nil)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x0, &(0x7f0000ff5000/0x3000)=nil)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}}, 0x0)

816.376884ms ago: executing program 3 (id=1568):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r1)
close(r1)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendto(r2, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/69, 0x45}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {0x0}], 0x8, &(0x7f0000000600)=""/191, 0xbf}, 0xfffffd39}], 0x1, 0x40000000, &(0x7f0000003700)={0x77359400})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2047, 0x0, 0x7c, 0x0, &(0x7f00000000c0))
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000002040)={0x20, 0xc, &(0x7f0000002180)=ANY=[@ANYRES8, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRES64, @ANYRESDEC, @ANYRES64, @ANYRESOCT=r3, @ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd71, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r5, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x15, 0x0, 0x1, 0xfffffffd}, {}, {0x6, 0x0, 0x0, 0xffffefff}]}, 0x10)

684.883545ms ago: executing program 4 (id=1569):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
open$dir(&(0x7f0000000340)='./file1\x00', 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000010000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
keyctl$KEYCTL_PKEY_SIGN(0x12, &(0x7f0000001580), &(0x7f0000000840)=ANY=[@ANYBLOB='e'], 0x0, 0x0)

529.965117ms ago: executing program 3 (id=1571):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100001e0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024000000000c269b508000140000000000900010073797a300001000054000000060a010400000000000000000100000008000b400000000004802800018008000100666962001c000280080002400000000000000040000000120800034000f41400000000000000010000000000000000000000000af34ab2a50308c8d02c97963f549c2a3337690ca702c6149887ebdeb240d7b68ab715b9789ad31f756df5ddb08a31791a6880bfeabca700490536ca4fc53911951390405f4f3ff3c10ca600ab"], 0xdc}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
io_setup(0x6, &(0x7f0000000680)=<r2=>0x0)
setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000200)='wg0\x00', 0x4)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xe, &(0x7f0000000300)={[{@jqfmt_vfsv0}, {@nouid32}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@dioread_lock}, {@errors_remount}, {@nobh}]}, 0x0, 0x47b, &(0x7f0000000b00)="$eJzs3MtvG8UfAPDvrh3319cvoZRHH0CgICIeSZMW6IELCCQORUKCQzmGJK1K0wY1QaJVBQGhcoRK3BFHJP4CTnBBwAmJK9xRpQr1QsspaO3dJHXWJnaTGOrPR9pkZh+e+Xp37Nkd7wbQt4azP0nEroj4NSLSRvbWFYYb/25cvzR18/qlqSSpLr3+R1Jf78/rl6aKVYvtduaZkTQi/TiJAyXlzl+4eGZydnbmfJ4fWzj7ztj8hYtPnz47eWrm1My5iWPHjh4Zf+7ZiWeKTapF4vJgbOs0zsGsrvvfnzu475U3r7w6deLKWz9+nRTxN8VRbqjTIofbLXxsaanT1/tX270qnVR7WBE6Uskb1kC9/Q9GZaWZxWC8/FFPKwdsqqVci8WLS8AdLIle1wDojeKLPjv/Laat63303rUXGidAWdw38qmxpFq/FhL5udHuTSp/OCJOLP71RTbFuq5DAADcnm+z/s9TZf2/NO5dtd7/8zGUoYi4KyL2RMTdEbE3Iu6JqK97X0Tcv7aI7e3Kbx4kWdv/Sa92Hdw6ZP2/5/OxrVv7f2ksNhJDlXxcbHc9/oHk5OnZmcP5ezISA9uy/HibMr576ZdPWy1b3f/Lpqz8oi+Y1+NqtWm0a3pyYfL2ol5x7cOI/dWy+JPlkYAkIvZFxP4uyzj9xFcHWy375/ibVUuT3Vr6MmqPN/b/YjTFX0jaj0+O/S9mZw6PFUfFWj/9fPm1VuV3Hv/Gyvb/jtLjfzn+oWT1eO1852Vc/u2Tluc03R7/teSNerqWz3tvcmHh/HhELTneqPTq+RMr2xb5Yv0s/pFD5e1/T6y8EwciIjuIH4iIByPiobzuD0fEIxFxqE38P7z46Nvdx7+5svinO9r/K4laNM8pT1TOfP/NLYUOdRJ/tv+P1lMj+Zz1fP6tp17dHc0AAADw35NGxK5I0tHldJqOjjZ+w783dqSzc/MLT56ce/fcdOMegaEYSIsrXYOrroeOL5/W1yLLT+T5YvmR/Lrx55Xt9fzo1NzsdK+Dhz63s0X7z/xe6XXtgE3nfi3oX9o/9K8W7X9gq+sBbD3f/9C/Stp/2x9tA3eOsu//D3pQD2DrNbV/w37QR5z/Q//S/qF/af/Ql+a3x9p742vru6+/PPHZzvyVszkRcfN4xDofFCCxsYmIjXid4kEQTYsibbNVpeSREcUjJzcv5OKBlr1/5++ARA8/lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbQ3wEAAP//YDXkfw==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
io_submit(r2, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r1, 0x0, 0x3}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
pipe(&(0x7f0000000080))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x5, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}, {0x2f, 0x28, 0x8, 0x3}, {0x3, 0x8, 0x7, 0x3}, {0x0, 0x6, 0xff, 0xff}, {0x3a7, 0x10, 0x3, 0x10000}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$pptp(0x18, 0x1, 0x2)
r6 = epoll_create(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000080)={0x40000000})
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x100, 0xffffffffffffffff, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f00000004c0)=ANY=[@ANYRES8=r4, @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

426.933356ms ago: executing program 0 (id=1572):
socket(0x1e, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x2, @mcast1, 0xa}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
socket(0x2c, 0x80000, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x7, &(0x7f00000001c0)=0x6, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x6, &(0x7f00000003c0)=[{0x2, 0x0, 0x2, 0x7ffc0001}, {0x5, 0xfd, 0x0, 0x3}, {0x0, 0x4, 0x1, 0x8}, {0x0, 0xfe, 0x4, 0x8}, {0xa8e, 0x40, 0x82, 0x80000001}, {0x1ff, 0xc, 0x0, 0xe6}]})
openat2$dir(0xffffffffffffff9c, &(0x7f0000000380)='.\x00', &(0x7f0000000040)={0x800, 0x1, 0x2c}, 0x18)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080d004fcf0000e8ffff1a8600", "cf0d00", "8657e2b7e43b34e4"}, 0x28)
r2 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x44c2, 0x0, 0x0, 0x41000, 0x29, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
write$binfmt_script(r0, &(0x7f0000001300), 0x8f)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000240)={&(0x7f00001dc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000740)=0x40)
writev(r0, &(0x7f00000030c0)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x1, 0xfffffffffffffe23)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000180)=0x40)
writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0x1}], 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()

382.181329ms ago: executing program 0 (id=1573):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[], 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xbc)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x24}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

381.81423ms ago: executing program 0 (id=1574):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000003c0))
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={'dvmrp1\x00', {0x2, 0x0, @empty}})

337.377853ms ago: executing program 0 (id=1575):
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
gettid()
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000001c0)=<r0=>0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x7, 0x1, 0xfd, 0x0, 0x0, 0x2, 0x4802, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x5}, 0x0, 0x1000, 0x0, 0x3, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, r0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x0, 0x1c7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000080))
socket(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0x2, 0x4, 0x400, 0x0, 0x108, 0x0, 0x318, 0x318, 0x318, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x108, 0x71000000, {0x15b}}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@arp={@rand_addr, @empty, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8, 0x0, {0x1d000000}}, {0x28}}}}, 0x450)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x1, 0x0}}, 0x20)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, {0x0, @random="0f00a85d4f76"}, 0x1c, {0x2, 0x4e22, @loopback}, 'veth0\x00'})
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r4, &(0x7f0000000040)=[{&(0x7f0000000200)=""/218, 0xda}], 0x1, 0xffff, 0xfffffff5)

336.941843ms ago: executing program 0 (id=1576):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x20, 0x1, 0x1, 0x301, 0x0, 0x0, {}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x2}]}]}, 0x20}}, 0x0) (fail_nth: 8)

280.220077ms ago: executing program 0 (id=1577):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000600)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000340), 0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
open(&(0x7f0000000180)='./bus\x00', 0x10b67e, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r2, 0x2007ffb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r2, 0x0)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00)

191.259654ms ago: executing program 3 (id=1578):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r2, 0x0, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'lo\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, r2, 0x9}, 0x14}}, 0x0)

139.957649ms ago: executing program 2 (id=1579):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[], 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xbc)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000ac0)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0x5}}, [@filter_kind_options=@f_flow={{0x9}, {0x18, 0x2, [@TCA_FLOW_EMATCHES={0x14, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1}]}]}]}}]}, 0x48}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

89.497193ms ago: executing program 2 (id=1580):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'lo\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000300)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
preadv(r4, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x4c, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f0000000080)=0x1, 0x4)
ioctl$TCFLSH(r0, 0x5608, 0x2)

0s ago: executing program 2 (id=1581):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r1)
close(r1)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendto(r2, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/69, 0x45}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {0x0}], 0x8, &(0x7f0000000600)=""/191, 0xbf}, 0xfffffd39}], 0x1, 0x40000000, &(0x7f0000003700)={0x77359400})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2047, 0x0, 0x7c, 0x0, &(0x7f00000000c0))
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000002040)={0x20, 0xc, &(0x7f0000002180)=ANY=[@ANYRES8, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRES64, @ANYRESDEC, @ANYRES64, @ANYRESOCT=r3, @ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd71, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r5, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x15, 0x0, 0x1, 0xfffffffd}, {}, {0x6, 0x0, 0x0, 0xffffefff}]}, 0x10)

kernel console output (not intermixed with test programs):

]" dev="sockfs" ino=25128 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  119.377843][ T7911] FAULT_INJECTION: forcing a failure.
[  119.377843][ T7911] name failslab, interval 1, probability 0, space 0, times 0
[  119.390586][ T7911] CPU: 1 UID: 0 PID: 7911 Comm: syz.1.1213 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  119.394415][ T7913] loop3: detected capacity change from 0 to 256
[  119.401355][ T7911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  119.401372][ T7911] Call Trace:
[  119.401382][ T7911]  <TASK>
[  119.411441][ T7913] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  119.417698][ T7911]  dump_stack_lvl+0xf2/0x150
[  119.440278][ T7911]  dump_stack+0x15/0x20
[  119.444457][ T7911]  should_fail_ex+0x229/0x230
[  119.449151][ T7911]  ? __alloc_skb+0x10b/0x310
[  119.453830][ T7911]  should_failslab+0x8f/0xb0
[  119.458516][ T7911]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  119.464396][ T7911]  __alloc_skb+0x10b/0x310
[  119.468849][ T7911]  netlink_ack+0xef/0x4f0
[  119.473199][ T7911]  netlink_rcv_skb+0x19c/0x230
[  119.477974][ T7911]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  119.483466][ T7911]  nfnetlink_rcv+0x16c/0x15b0
[  119.488155][ T7911]  ? kmem_cache_free+0xd8/0x280
[  119.493061][ T7911]  ? nlmon_xmit+0x51/0x60
[  119.497465][ T7911]  ? __kfree_skb+0x102/0x150
[  119.502073][ T7911]  ? consume_skb+0x57/0x180
[  119.506591][ T7911]  ? nlmon_xmit+0x51/0x60
[  119.510934][ T7911]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  119.516368][ T7911]  ? __dev_queue_xmit+0xb86/0x1fe0
[  119.521487][ T7911]  ? ref_tracker_free+0x3a5/0x410
[  119.526638][ T7911]  ? __dev_queue_xmit+0x161/0x1fe0
[  119.531763][ T7911]  ? __netlink_deliver_tap+0x495/0x4c0
[  119.537312][ T7911]  netlink_unicast+0x593/0x670
[  119.542100][ T7911]  netlink_sendmsg+0x5cc/0x6e0
[  119.546877][ T7911]  ? __pfx_netlink_sendmsg+0x10/0x10
[  119.552191][ T7911]  __sock_sendmsg+0x140/0x180
[  119.556887][ T7911]  ____sys_sendmsg+0x312/0x410
[  119.561701][ T7911]  __sys_sendmsg+0x1e9/0x280
[  119.566383][ T7911]  __x64_sys_sendmsg+0x46/0x50
[  119.571156][ T7911]  x64_sys_call+0x26f8/0x2e00
[  119.575907][ T7911]  do_syscall_64+0xc9/0x1c0
[  119.580425][ T7911]  ? clear_bhb_loop+0x55/0xb0
[  119.585129][ T7911]  ? clear_bhb_loop+0x55/0xb0
[  119.589817][ T7911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.595723][ T7911] RIP: 0033:0x7f7508c073b9
[  119.600139][ T7911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.619831][ T7911] RSP: 002b:00007f7507887048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  119.628325][ T7911] RAX: ffffffffffffffda RBX: 00007f7508d95f80 RCX: 00007f7508c073b9
[  119.636329][ T7911] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000003
[  119.644359][ T7911] RBP: 00007f75078870a0 R08: 0000000000000000 R09: 0000000000000000
[  119.652336][ T7911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.660308][ T7911] R13: 000000000000000b R14: 00007f7508d95f80 R15: 00007ffc45179458
[  119.668285][ T7911]  </TASK>
[  119.690792][ T7913] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  119.724574][ T7919] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7919 comm=syz.0.1214
[  119.751989][   T29] audit: type=1400 audit(1722374855.889:682): avc:  denied  { override_creds } for  pid=7915 comm="syz.4.1217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  119.778117][ T7916] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1217'.
[  119.808685][ T7916] team_slave_0: entered allmulticast mode
[  119.817271][ T7916] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  119.837160][ T7907] netlink: 'syz.0.1214': attribute type 1 has an invalid length.
[  119.846560][ T7124] udevd[7124]: inotify_add_watch(7, /dev/loop11, 10) failed: No such file or directory
[  119.860208][ T7907] 8021q: adding VLAN 0 to HW filter on device bond8
[  119.869455][ T7926] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1220'.
[  120.035086][ T7948] loop2: detected capacity change from 0 to 512
[  120.042141][ T7948] ext4: Bad value for 'init_itable'
[  120.069098][ T7952] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1231'.
[  120.174054][ T7965] loop2: detected capacity change from 0 to 128
[  120.185823][ T7965] smc: net device lo applied user defined pnetid SYZ2
[  120.193120][ T7965] smc: net device lo erased user defined pnetid SYZ2
[  120.242608][ T7970] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7970 comm=syz.1.1238
[  120.257195][ T7970] loop1: detected capacity change from 0 to 512
[  120.265087][ T7970] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  120.280210][ T7970] EXT4-fs (loop1): Remounting filesystem read-only
[  120.286897][ T7970] EXT4-fs (loop1): 1 truncate cleaned up
[  120.293100][ T7970] SELinux: (dev loop1, type ext4) getxattr errno 5
[  120.312885][ T7970] netlink: 'syz.1.1238': attribute type 1 has an invalid length.
[  120.329248][ T7970] 8021q: adding VLAN 0 to HW filter on device bond1
[  120.335263][ T7976] loop2: detected capacity change from 0 to 1024
[  120.345256][ T7976] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f05cc01c, mo2=0002]
[  120.353397][ T7976] System zones: 0-1, 3-36
[  120.382835][ T7981] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1242'.
[  120.420134][ T7983] loop1: detected capacity change from 0 to 2048
[  120.515020][ T7993] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1247'.
[  120.539711][ T7997] FAULT_INJECTION: forcing a failure.
[  120.539711][ T7997] name failslab, interval 1, probability 0, space 0, times 0
[  120.552466][ T7997] CPU: 0 UID: 0 PID: 7997 Comm: syz.1.1249 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  120.563160][ T7997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  120.573254][ T7997] Call Trace:
[  120.576603][ T7997]  <TASK>
[  120.579552][ T7997]  dump_stack_lvl+0xf2/0x150
[  120.584166][ T7997]  dump_stack+0x15/0x20
[  120.588338][ T7997]  should_fail_ex+0x229/0x230
[  120.593049][ T7997]  ? __alloc_skb+0x10b/0x310
[  120.597733][ T7997]  should_failslab+0x8f/0xb0
[  120.602427][ T7997]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  120.608249][ T7997]  __alloc_skb+0x10b/0x310
[  120.612759][ T7997]  netlink_alloc_large_skb+0xad/0xe0
[  120.618119][ T7997]  netlink_sendmsg+0x3b4/0x6e0
[  120.622895][ T7997]  ? __pfx_netlink_sendmsg+0x10/0x10
[  120.628191][ T7997]  __sock_sendmsg+0x140/0x180
[  120.632961][ T7997]  ____sys_sendmsg+0x312/0x410
[  120.637781][ T7997]  __sys_sendmsg+0x1e9/0x280
[  120.642393][ T7997]  __x64_sys_sendmsg+0x46/0x50
[  120.647277][ T7997]  x64_sys_call+0x26f8/0x2e00
[  120.651965][ T7997]  do_syscall_64+0xc9/0x1c0
[  120.656530][ T7997]  ? clear_bhb_loop+0x55/0xb0
[  120.661403][ T7997]  ? clear_bhb_loop+0x55/0xb0
[  120.666140][ T7997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.672047][ T7997] RIP: 0033:0x7f7508c073b9
[  120.676468][ T7997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.696157][ T7997] RSP: 002b:00007f7507887048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  120.704585][ T7997] RAX: ffffffffffffffda RBX: 00007f7508d95f80 RCX: 00007f7508c073b9
[  120.712611][ T7997] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000005
[  120.720587][ T7997] RBP: 00007f75078870a0 R08: 0000000000000000 R09: 0000000000000000
[  120.728619][ T7997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.736599][ T7997] R13: 000000000000000b R14: 00007f7508d95f80 R15: 00007ffc45179458
[  120.744579][ T7997]  </TASK>
[  120.838203][ T8006] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1253'.
[  120.895525][ T8016] loop2: detected capacity change from 0 to 512
[  120.918826][ T8017] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1254'.
[  120.931826][ T8019] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1259'.
[  121.034025][ T8027] loop3: detected capacity change from 0 to 512
[  121.069998][ T8027] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.141209][ T8038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1266'.
[  121.257170][   T29] audit: type=1400 audit(1722374857.283:683): avc:  denied  { read append } for  pid=8051 comm="syz.0.1273" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  121.281095][   T29] audit: type=1400 audit(1722374857.283:684): avc:  denied  { open } for  pid=8051 comm="syz.0.1273" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  121.353176][ T8060] FAULT_INJECTION: forcing a failure.
[  121.353176][ T8060] name failslab, interval 1, probability 0, space 0, times 0
[  121.365886][ T8060] CPU: 0 UID: 0 PID: 8060 Comm: syz.0.1275 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  121.376766][ T8060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  121.386835][ T8060] Call Trace:
[  121.390120][ T8060]  <TASK>
[  121.393305][ T8060]  dump_stack_lvl+0xf2/0x150
[  121.398086][ T8060]  dump_stack+0x15/0x20
[  121.402398][ T8060]  should_fail_ex+0x229/0x230
[  121.407087][ T8060]  ? ctnetlink_alloc_filter+0x50/0x530
[  121.412626][ T8060]  should_failslab+0x8f/0xb0
[  121.417367][ T8060]  __kmalloc_cache_noprof+0x4b/0x2a0
[  121.422754][ T8060]  ctnetlink_alloc_filter+0x50/0x530
[  121.428059][ T8060]  ctnetlink_start+0xc0/0x100
[  121.432748][ T8060]  __netlink_dump_start+0x32a/0x510
[  121.437971][ T8060]  ctnetlink_get_conntrack+0x119/0x440
[  121.443495][ T8060]  ? __pfx_ctnetlink_start+0x10/0x10
[  121.448789][ T8060]  ? __pfx_ctnetlink_dump_table+0x10/0x10
[  121.454588][ T8060]  ? __pfx_ctnetlink_done+0x10/0x10
[  121.459811][ T8060]  nfnetlink_rcv_msg+0x4a9/0x570
[  121.464777][ T8060]  netlink_rcv_skb+0x12c/0x230
[  121.469585][ T8060]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  121.475062][ T8060]  nfnetlink_rcv+0x16c/0x15b0
[  121.479742][ T8060]  ? kmem_cache_free+0xd8/0x280
[  121.484612][ T8060]  ? nlmon_xmit+0x51/0x60
[  121.488969][ T8060]  ? __kfree_skb+0x102/0x150
[  121.493560][ T8060]  ? consume_skb+0x57/0x180
[  121.498130][ T8060]  ? nlmon_xmit+0x51/0x60
[  121.502487][ T8060]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  121.507774][ T8060]  ? __dev_queue_xmit+0xb86/0x1fe0
[  121.512917][ T8060]  ? ref_tracker_free+0x3a5/0x410
[  121.517967][ T8060]  ? __dev_queue_xmit+0x161/0x1fe0
[  121.523086][ T8060]  ? __netlink_deliver_tap+0x495/0x4c0
[  121.528598][ T8060]  netlink_unicast+0x593/0x670
[  121.533374][ T8060]  netlink_sendmsg+0x5cc/0x6e0
[  121.538175][ T8060]  ? __pfx_netlink_sendmsg+0x10/0x10
[  121.543500][ T8060]  __sock_sendmsg+0x140/0x180
[  121.548288][ T8060]  ____sys_sendmsg+0x312/0x410
[  121.553075][ T8060]  __sys_sendmsg+0x1e9/0x280
[  121.557702][ T8060]  __x64_sys_sendmsg+0x46/0x50
[  121.562477][ T8060]  x64_sys_call+0x26f8/0x2e00
[  121.567175][ T8060]  do_syscall_64+0xc9/0x1c0
[  121.571748][ T8060]  ? clear_bhb_loop+0x55/0xb0
[  121.576510][ T8060]  ? clear_bhb_loop+0x55/0xb0
[  121.581259][ T8060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.587243][ T8060] RIP: 0033:0x7efe2d5a73b9
[  121.591653][ T8060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.611265][ T8060] RSP: 002b:00007efe2c227048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  121.619676][ T8060] RAX: ffffffffffffffda RBX: 00007efe2d735f80 RCX: 00007efe2d5a73b9
[  121.627735][ T8060] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  121.635702][ T8060] RBP: 00007efe2c2270a0 R08: 0000000000000000 R09: 0000000000000000
[  121.643677][ T8060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.651673][ T8060] R13: 000000000000000b R14: 00007efe2d735f80 R15: 00007ffc608e9598
[  121.659654][ T8060]  </TASK>
[  121.752105][    C1] eth0: bad gso: type: 1, size: 1408
[  121.770020][ T8066] vlan0: entered allmulticast mode
[  121.775231][ T8066] veth0_vlan: entered allmulticast mode
[  121.930218][ T8080] FAULT_INJECTION: forcing a failure.
[  121.930218][ T8080] name failslab, interval 1, probability 0, space 0, times 0
[  121.942900][ T8080] CPU: 1 UID: 0 PID: 8080 Comm: syz.1.1285 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  121.953640][ T8080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  121.963713][ T8080] Call Trace:
[  121.967083][ T8080]  <TASK>
[  121.970026][ T8080]  dump_stack_lvl+0xf2/0x150
[  121.974651][ T8080]  dump_stack+0x15/0x20
[  121.978873][ T8080]  should_fail_ex+0x229/0x230
[  121.983598][ T8080]  ? __alloc_skb+0x10b/0x310
[  121.988285][ T8080]  should_failslab+0x8f/0xb0
[  121.992923][ T8080]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  121.998738][ T8080]  __alloc_skb+0x10b/0x310
[  122.003236][ T8080]  netlink_ack+0xef/0x4f0
[  122.007572][ T8080]  netlink_rcv_skb+0x19c/0x230
[  122.012332][ T8080]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  122.017821][ T8080]  nfnetlink_rcv+0x16c/0x15b0
[  122.022562][ T8080]  ? kmem_cache_free+0xd8/0x280
[  122.027423][ T8080]  ? nlmon_xmit+0x51/0x60
[  122.031771][ T8080]  ? __kfree_skb+0x102/0x150
[  122.036388][ T8080]  ? consume_skb+0x57/0x180
[  122.040895][ T8080]  ? nlmon_xmit+0x51/0x60
[  122.045258][ T8080]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  122.050548][ T8080]  ? __dev_queue_xmit+0xb86/0x1fe0
[  122.055801][ T8080]  ? ref_tracker_free+0x3a5/0x410
[  122.060877][ T8080]  ? __dev_queue_xmit+0x161/0x1fe0
[  122.065994][ T8080]  ? __netlink_deliver_tap+0x495/0x4c0
[  122.071467][ T8080]  netlink_unicast+0x593/0x670
[  122.076255][ T8080]  netlink_sendmsg+0x5cc/0x6e0
[  122.081101][ T8080]  ? __pfx_netlink_sendmsg+0x10/0x10
[  122.086414][ T8080]  __sock_sendmsg+0x140/0x180
[  122.091172][ T8080]  ____sys_sendmsg+0x312/0x410
[  122.095969][ T8080]  __sys_sendmsg+0x1e9/0x280
[  122.100619][ T8080]  __x64_sys_sendmsg+0x46/0x50
[  122.105396][ T8080]  x64_sys_call+0x26f8/0x2e00
[  122.110106][ T8080]  do_syscall_64+0xc9/0x1c0
[  122.114687][ T8080]  ? clear_bhb_loop+0x55/0xb0
[  122.119367][ T8080]  ? clear_bhb_loop+0x55/0xb0
[  122.124049][ T8080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.130004][ T8080] RIP: 0033:0x7f7508c073b9
[  122.134457][ T8080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.154067][ T8080] RSP: 002b:00007f7507887048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  122.162494][ T8080] RAX: ffffffffffffffda RBX: 00007f7508d95f80 RCX: 00007f7508c073b9
[  122.170576][ T8080] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  122.178572][ T8080] RBP: 00007f75078870a0 R08: 0000000000000000 R09: 0000000000000000
[  122.186624][ T8080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.194657][ T8080] R13: 000000000000000b R14: 00007f7508d95f80 R15: 00007ffc45179458
[  122.202669][ T8080]  </TASK>
[  122.285285][ T8088] xt_hashlimit: size too large, truncated to 1048576
[  122.292099][ T8088] xt_hashlimit: max too large, truncated to 1048576
[  122.298786][ T8088] xt_hashlimit: overflow, try lower: 0/0
[  122.305887][ T8090] loop3: detected capacity change from 0 to 512
[  122.321417][ T8090] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.345768][   T29] audit: type=1400 audit(1722374858.280:685): avc:  denied  { setattr } for  pid=8089 comm="syz.3.1287" path="/36/file0/hugetlb.2MB.rsvd.usage_in_bytes" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  122.371094][   T29] audit: type=1400 audit(1722374858.280:686): avc:  denied  { ioctl } for  pid=8089 comm="syz.3.1287" path="/36/file0/hugetlb.2MB.rsvd.usage_in_bytes" dev="loop3" ino=18 ioctlcmd=0x6609 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  122.398919][ T8090] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.1287: corrupted inode contents
[  122.407889][ T8102] loop1: detected capacity change from 0 to 512
[  122.411257][ T8090] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #19: comm syz.3.1287: mark_inode_dirty error
[  122.434005][ T8102] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  122.435737][ T8090] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.1287: corrupted inode contents
[  122.460760][    C1] eth0: bad gso: type: 1, size: 1408
[  122.467177][ T8102] EXT4-fs (loop1): invalid journal inode
[  122.472880][ T8102] EXT4-fs (loop1): can't get journal size
[  122.478943][ T8090] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3007: inode #19: comm syz.3.1287: mark_inode_dirty error
[  122.491394][ T8090] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3010: inode #19: comm syz.3.1287: mark inode dirty (error -117)
[  122.505834][ T8102] EXT4-fs (loop1): 1 truncate cleaned up
[  122.527335][   T55] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.546532][ T8090] EXT4-fs warning (device loop3): ext4_evict_inode:271: xattr delete (err -117)
[  122.602123][   T29] audit: type=1400 audit(1722374858.520:687): avc:  denied  { getopt } for  pid=8120 comm="syz.3.1296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  122.642510][   T55] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.716666][   T55] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.721626][ T8081] chnl_net:caif_netlink_parms(): no params data found
[  122.787835][   T55] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.794265][ T8140] loop3: detected capacity change from 0 to 512
[  122.818190][ T8140] EXT4-fs (loop3): inodes count not valid: 1 vs 32
[  122.834731][ T8081] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.841880][ T8081] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.844554][ T8142] loop1: detected capacity change from 0 to 2048
[  122.856433][ T8081] bridge_slave_0: entered allmulticast mode
[  122.863946][ T8081] bridge_slave_0: entered promiscuous mode
[  122.895968][ T8081] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.903834][ T8081] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.914536][ T8146] loop3: detected capacity change from 0 to 512
[  122.924219][ T8081] bridge_slave_1: entered allmulticast mode
[  122.930250][ T8146] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  122.945322][ T8081] bridge_slave_1: entered promiscuous mode
[  122.955535][ T8146] EXT4-fs (loop3): invalid journal inode
[  122.965915][ T8146] EXT4-fs (loop3): can't get journal size
[  122.968876][   T29] audit: type=1400 audit(1722374858.861:688): avc:  denied  { listen } for  pid=8151 comm="syz.1.1307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  122.978178][ T8146] EXT4-fs (loop3): 1 truncate cleaned up
[  123.017431][ T8081] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  123.035758][ T8081] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  123.045616][   T55] bridge_slave_1: left allmulticast mode
[  123.051289][   T55] bridge_slave_1: left promiscuous mode
[  123.051379][   T29] audit: type=1400 audit(1722374858.926:689): avc:  denied  { accept } for  pid=8151 comm="syz.1.1307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  123.057002][   T55] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.086897][   T55] bridge_slave_0: left allmulticast mode
[  123.092588][   T55] bridge_slave_0: left promiscuous mode
[  123.098335][   T55] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.340005][   T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  123.350665][   T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  123.361586][   T55] bond0 (unregistering): Released all slaves
[  123.370578][   T55] bond1 (unregistering): Released all slaves
[  123.379900][   T55] bond2 (unregistering): Released all slaves
[  123.389171][   T55] bond3 (unregistering): Released all slaves
[  123.398705][   T55] bond4 (unregistering): Released all slaves
[  123.407517][   T55] bond5 (unregistering): Released all slaves
[  123.417371][   T55] bond6 (unregistering): Released all slaves
[  123.426719][   T55] bond7 (unregistering): Released all slaves
[  123.435984][   T55] bond8 (unregistering): Released all slaves
[  123.471087][ T8081] team0: Port device team_slave_0 added
[  123.494610][ T8081] team0: Port device team_slave_1 added
[  123.515199][ T8175] loop2: detected capacity change from 0 to 128
[  123.553095][   T55] hsr_slave_0: left promiscuous mode
[  123.565913][   T55] hsr_slave_1: left promiscuous mode
[  123.580516][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  123.587254][   T29] audit: type=1400 audit(1722374859.433:690): avc:  denied  { setopt } for  pid=8183 comm="syz.4.1313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  123.588067][   T55] batman_adv: batadv0: Removing interface: batadv_slave_0
[  123.610793][   T29] audit: type=1400 audit(1722374859.452:691): avc:  denied  { shutdown } for  pid=8183 comm="syz.4.1313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  123.640152][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  123.647700][   T55] batman_adv: batadv0: Removing interface: batadv_slave_1
[  123.665880][   T55] veth1_macvtap: left promiscuous mode
[  123.671598][   T55] veth0_macvtap: left promiscuous mode
[  123.769701][   T29] audit: type=1400 audit(1722374859.590:692): avc:  denied  { write } for  pid=8199 comm="syz.4.1317" name="event0" dev="devtmpfs" ino=218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  123.795485][   T55] pim6reg9 (unregistering): left allmulticast mode
[  123.840371][   T55] team0 (unregistering): Port device team_slave_1 removed
[  123.855813][   T55] team0 (unregistering): Port device team_slave_0 removed
[  123.926150][   T55] smc: removing net device lo with user defined pnetid SYZ2
[  123.927565][ T8204] loop1: detected capacity change from 0 to 512
[  123.950910][ T8081] batman_adv: batadv0: Adding interface: batadv_slave_0
[  123.958064][ T8081] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  123.984097][ T8081] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  123.994897][ T8204] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  124.000494][ T8081] batman_adv: batadv0: Adding interface: batadv_slave_1
[  124.010098][ T8081] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  124.036216][ T8081] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  124.051310][ T8204] EXT4-fs (loop1): invalid journal inode
[  124.065978][ T8192] smc: net device lo applied user defined pnetid SYZ2
[  124.070512][ T8204] EXT4-fs (loop1): can't get journal size
[  124.101914][ T8201] smc: net device lo erased user defined pnetid SYZ2
[  124.112265][ T8081] hsr_slave_0: entered promiscuous mode
[  124.118950][ T8081] hsr_slave_1: entered promiscuous mode
[  124.144495][ T8204] EXT4-fs (loop1): 1 truncate cleaned up
[  124.269231][ T8221] loop1: detected capacity change from 0 to 128
[  124.313096][ T8221] smc: net device lo erased user defined pnetid SYZ2
[  124.408305][ T8235] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8235 comm=syz.2.1327
[  124.441665][ T8235] loop2: detected capacity change from 0 to 512
[  124.464606][ T8235] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  124.511467][ T8235] EXT4-fs (loop2): Remounting filesystem read-only
[  124.514983][ T8244] loop1: detected capacity change from 0 to 2048
[  124.544321][ T8235] EXT4-fs (loop2): 1 truncate cleaned up
[  124.568856][ T8235] SELinux: (dev loop2, type ext4) getxattr errno 5
[  124.627583][ T8235] netlink: 'syz.2.1327': attribute type 1 has an invalid length.
[  124.658438][ T8235] 8021q: adding VLAN 0 to HW filter on device bond1
[  124.677267][ T8081] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  124.712884][ T8081] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  124.750567][ T8262] __nla_validate_parse: 10 callbacks suppressed
[  124.750586][ T8262] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1331'.
[  124.795944][ T8081] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  124.814482][   T29] audit: type=1400 audit(1722374860.559:693): avc:  denied  { ioctl } for  pid=8271 comm="syz.2.1334" path="socket:[26442]" dev="sockfs" ino=26442 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  124.849181][ T8081] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  124.861296][ T8275] loop3: detected capacity change from 0 to 512
[  124.883614][ T8275] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.899408][ T8276] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1332'.
[  124.924299][ T8284] loop2: detected capacity change from 0 to 2048
[  124.964783][ T8081] 8021q: adding VLAN 0 to HW filter on device bond0
[  124.983206][ T8284] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  124.985895][ T8289] loop1: detected capacity change from 0 to 2048
[  125.004205][ T8081] 8021q: adding VLAN 0 to HW filter on device team0
[  125.019491][  T983] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.020441][ T8284] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  125.026705][  T983] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.038878][ T8284] EXT4-fs (loop2): This should not happen!! Data will be lost
[  125.038878][ T8284] 
[  125.038895][ T8284] EXT4-fs (loop2): Total free blocks count 0
[  125.061849][ T8284] EXT4-fs (loop2): Free/Dirty block details
[  125.065488][  T983] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.067772][ T8284] EXT4-fs (loop2): free_blocks=2415919104
[  125.074829][  T983] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.080505][ T8284] EXT4-fs (loop2): dirty_blocks=16
[  125.092984][ T8284] EXT4-fs (loop2): Block reservation details
[  125.099052][ T8284] EXT4-fs (loop2): i_reserved_data_blocks=1
[  125.209900][ T8081] 8021q: adding VLAN 0 to HW filter on device batadv0
[  125.364034][ T8081] veth0_vlan: entered promiscuous mode
[  125.372680][ T8081] veth1_vlan: entered promiscuous mode
[  125.404453][ T8081] veth0_macvtap: entered promiscuous mode
[  125.412735][ T8338] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8338 comm=syz.2.1344
[  125.428234][ T8081] veth1_macvtap: entered promiscuous mode
[  125.437911][ T8338] loop2: detected capacity change from 0 to 512
[  125.441624][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.454681][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.464561][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.475070][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.485010][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.495473][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.505511][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.515968][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.525929][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.536456][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.546361][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.556859][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.573172][ T8081] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.586103][ T8338] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  125.605915][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.616437][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.619274][ T8338] EXT4-fs (loop2): Remounting filesystem read-only
[  125.626349][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.641628][ T8338] EXT4-fs (loop2): 1 truncate cleaned up
[  125.643240][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.657744][ T8338] SELinux: (dev loop2, type ext4) getxattr errno 5
[  125.658717][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.675823][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.685702][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.696183][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.706126][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.716650][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.726467][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.736965][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.757345][ T8081] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.769007][ T8081] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.777918][ T8081] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.786690][ T8081] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.795448][ T8081] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.825147][ T8338] netlink: 'syz.2.1344': attribute type 1 has an invalid length.
[  125.846093][ T8365] loop3: detected capacity change from 0 to 512
[  125.848618][ T8338] 8021q: adding VLAN 0 to HW filter on device bond2
[  125.866873][ T8365] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  125.876672][ T8365] EXT4-fs (loop3): invalid journal inode
[  125.886810][ T8365] EXT4-fs (loop3): can't get journal size
[  125.895393][ T8368] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1348'.
[  125.895520][ T8365] EXT4-fs (loop3): 1 truncate cleaned up
[  125.991058][ T8380] loop2: detected capacity change from 0 to 2048
[  126.041683][ T8380] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  126.056827][ T8380] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  126.058557][ T8389] loop3: detected capacity change from 0 to 128
[  126.069065][ T8380] EXT4-fs (loop2): This should not happen!! Data will be lost
[  126.069065][ T8380] 
[  126.069086][ T8380] EXT4-fs (loop2): Total free blocks count 0
[  126.091166][ T8380] EXT4-fs (loop2): Free/Dirty block details
[  126.097129][ T8380] EXT4-fs (loop2): free_blocks=2415919104
[  126.102885][ T8380] EXT4-fs (loop2): dirty_blocks=16
[  126.108088][ T8380] EXT4-fs (loop2): Block reservation details
[  126.114142][ T8380] EXT4-fs (loop2): i_reserved_data_blocks=1
[  126.154691][ T8397] FAULT_INJECTION: forcing a failure.
[  126.154691][ T8397] name failslab, interval 1, probability 0, space 0, times 0
[  126.167533][ T8397] CPU: 0 UID: 0 PID: 8397 Comm: syz.3.1358 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  126.178241][ T8397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  126.188352][ T8397] Call Trace:
[  126.191682][ T8397]  <TASK>
[  126.194712][ T8397]  dump_stack_lvl+0xf2/0x150
[  126.199350][ T8397]  dump_stack+0x15/0x20
[  126.203552][ T8397]  should_fail_ex+0x229/0x230
[  126.208241][ T8397]  ? __alloc_skb+0x10b/0x310
[  126.212833][ T8397]  should_failslab+0x8f/0xb0
[  126.217596][ T8397]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  126.223413][ T8397]  __alloc_skb+0x10b/0x310
[  126.227894][ T8397]  __ip6_append_data+0x17fd/0x2160
[  126.233096][ T8397]  ? __pfx_raw6_getfrag+0x10/0x10
[  126.238187][ T8397]  ? __kmalloc_node_track_caller_noprof+0x17e/0x380
[  126.244963][ T8397]  ? __rcu_read_unlock+0x4e/0x70
[  126.249932][ T8397]  ? ip6_mtu+0xfb/0x120
[  126.254125][ T8397]  ? __pfx_ip6_mtu+0x10/0x10
[  126.258799][ T8397]  ip6_append_data+0x1bc/0x260
[  126.263576][ T8397]  ? __pfx_raw6_getfrag+0x10/0x10
[  126.268620][ T8397]  rawv6_sendmsg+0xd87/0xf40
[  126.273225][ T8397]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  126.278338][ T8397]  inet_sendmsg+0xc5/0xd0
[  126.282729][ T8397]  __sock_sendmsg+0x102/0x180
[  126.287443][ T8397]  __sys_sendto+0x1e5/0x260
[  126.292038][ T8397]  __x64_sys_sendto+0x78/0x90
[  126.296734][ T8397]  x64_sys_call+0x2bc6/0x2e00
[  126.301477][ T8397]  do_syscall_64+0xc9/0x1c0
[  126.306002][ T8397]  ? clear_bhb_loop+0x55/0xb0
[  126.310691][ T8397]  ? clear_bhb_loop+0x55/0xb0
[  126.315392][ T8397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.321407][ T8397] RIP: 0033:0x7f7762d373b9
[  126.325885][ T8397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.345525][ T8397] RSP: 002b:00007f77619b7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  126.353980][ T8397] RAX: ffffffffffffffda RBX: 00007f7762ec5f80 RCX: 00007f7762d373b9
[  126.361974][ T8397] RDX: 0000000000000008 RSI: 0000000020000180 RDI: 0000000000000003
[  126.369944][ T8397] RBP: 00007f77619b70a0 R08: 0000000000000000 R09: 0000000000000000
[  126.378021][ T8397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.385997][ T8397] R13: 000000000000000b R14: 00007f7762ec5f80 R15: 00007fff93c60568
[  126.393971][ T8397]  </TASK>
[  126.439790][ T8407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1361'.
[  126.483306][ T8413] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  126.534031][ T8420] delete_channel: no stack
[  126.582129][ T8424] loop3: detected capacity change from 0 to 2048
[  126.700115][ T8439] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  126.709216][   T29] audit: type=1326 audit(1722374862.313:694): auid=4294967295 uid=16832 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8438 comm="syz.1.1374" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7508c073b9 code=0x0
[  126.752011][   T29] audit: type=1400 audit(1722374862.350:695): avc:  denied  { ioctl } for  pid=8442 comm="syz.3.1376" path="socket:[27759]" dev="sockfs" ino=27759 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  126.752689][ T8443] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1376'.
[  126.791407][ T8443] SELinux:  Context Ž is not valid (left unmapped).
[  126.801631][   T29] audit: type=1400 audit(1722374862.405:696): avc:  denied  { create } for  pid=8442 comm="syz.3.1376" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=8E
[  126.878186][ T8453] delete_channel: no stack
[  126.920884][ T8457] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  127.063274][ T8470] FAULT_INJECTION: forcing a failure.
[  127.063274][ T8470] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.076453][ T8470] CPU: 0 UID: 0 PID: 8470 Comm: syz.4.1387 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  127.087178][ T8470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  127.096969][ T8473] xt_socket: unknown flags 0x50
[  127.097350][ T8470] Call Trace:
[  127.097360][ T8470]  <TASK>
[  127.097372][ T8470]  dump_stack_lvl+0xf2/0x150
[  127.097410][ T8470]  dump_stack+0x15/0x20
[  127.117311][ T8470]  should_fail_ex+0x229/0x230
[  127.122086][ T8470]  should_fail+0xb/0x10
[  127.126270][ T8470]  should_fail_usercopy+0x1a/0x20
[  127.131386][ T8470]  fpu__restore_sig+0x11a/0xaf0
[  127.136266][ T8470]  ? copy_fpstate_to_sigframe+0x61d/0x720
[  127.142016][ T8470]  restore_sigcontext+0x1b5/0x220
[  127.147103][ T8470]  __do_sys_rt_sigreturn+0xc5/0x150
[  127.152331][ T8470]  x64_sys_call+0x2b44/0x2e00
[  127.157119][ T8470]  do_syscall_64+0xc9/0x1c0
[  127.161654][ T8470]  ? clear_bhb_loop+0x55/0xb0
[  127.166433][ T8470]  ? clear_bhb_loop+0x55/0xb0
[  127.171136][ T8470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.177055][ T8470] RIP: 0033:0x7f2cd7ba73b9
[  127.181631][ T8470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.201350][ T8470] RSP: 002b:00007f2cd6827048 EFLAGS: 00000246
[  127.207437][ T8470] RAX: ffffffffffffffea RBX: 00007f2cd7d35f80 RCX: 00007f2cd7ba73b9
[  127.215431][ T8470] RDX: 0000000000000090 RSI: 00000000200003c0 RDI: 0000000000000022
[  127.223502][ T8470] RBP: 00007f2cd68270a0 R08: 0000000000000000 R09: 0000000000000000
[  127.231493][ T8470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.239571][ T8470] R13: 000000000000000b R14: 00007f2cd7d35f80 R15: 00007ffcef82ce28
[  127.247708][ T8470]  </TASK>
[  127.284606][ T8475] syzkaller0: entered promiscuous mode
[  127.290211][ T8475] syzkaller0: entered allmulticast mode
[  127.379265][ T8409] syz.2.1362 (8409) used greatest stack depth: 9552 bytes left
[  127.410048][ T8480] FAULT_INJECTION: forcing a failure.
[  127.410048][ T8480] name failslab, interval 1, probability 0, space 0, times 0
[  127.422750][ T8480] CPU: 0 UID: 0 PID: 8480 Comm: syz.4.1391 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  127.433490][ T8480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  127.443559][ T8480] Call Trace:
[  127.446854][ T8480]  <TASK>
[  127.449858][ T8480]  dump_stack_lvl+0xf2/0x150
[  127.454485][ T8480]  dump_stack+0x15/0x20
[  127.458727][ T8480]  should_fail_ex+0x229/0x230
[  127.463438][ T8480]  ? __kvmalloc_node_noprof+0x72/0x170
[  127.469006][ T8480]  should_failslab+0x8f/0xb0
[  127.473712][ T8480]  __kmalloc_node_noprof+0xa8/0x380
[  127.479094][ T8480]  __kvmalloc_node_noprof+0x72/0x170
[  127.484395][ T8480]  alloc_netdev_mqs+0x9d/0x8d0
[  127.489202][ T8480]  ? __pfx_vlan_setup+0x10/0x10
[  127.494208][ T8480]  rtnl_create_link+0x233/0x680
[  127.499102][ T8480]  rtnl_newlink+0xe12/0x1690
[  127.503821][ T8480]  ? security_capable+0x64/0x80
[  127.508759][ T8480]  ? ns_capable+0x7d/0xb0
[  127.513123][ T8480]  ? __pfx_rtnl_newlink+0x10/0x10
[  127.518170][ T8480]  rtnetlink_rcv_msg+0x6aa/0x710
[  127.523172][ T8480]  ? ref_tracker_free+0x3a5/0x410
[  127.528264][ T8480]  ? __dev_queue_xmit+0x161/0x1fe0
[  127.533434][ T8480]  netlink_rcv_skb+0x12c/0x230
[  127.538276][ T8480]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  127.543826][ T8480]  rtnetlink_rcv+0x1c/0x30
[  127.548268][ T8480]  netlink_unicast+0x593/0x670
[  127.553111][ T8480]  netlink_sendmsg+0x5cc/0x6e0
[  127.557958][ T8480]  ? __pfx_netlink_sendmsg+0x10/0x10
[  127.563321][ T8480]  __sock_sendmsg+0x140/0x180
[  127.568102][ T8480]  ____sys_sendmsg+0x312/0x410
[  127.572941][ T8480]  __sys_sendmsg+0x1e9/0x280
[  127.577560][ T8480]  __x64_sys_sendmsg+0x46/0x50
[  127.582383][ T8480]  x64_sys_call+0x26f8/0x2e00
[  127.587189][ T8480]  do_syscall_64+0xc9/0x1c0
[  127.591733][ T8480]  ? clear_bhb_loop+0x55/0xb0
[  127.596507][ T8480]  ? clear_bhb_loop+0x55/0xb0
[  127.601284][ T8480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.607302][ T8480] RIP: 0033:0x7f2cd7ba73b9
[  127.611740][ T8480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.631397][ T8480] RSP: 002b:00007f2cd6827048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.639904][ T8480] RAX: ffffffffffffffda RBX: 00007f2cd7d35f80 RCX: 00007f2cd7ba73b9
[  127.647989][ T8480] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  127.656076][ T8480] RBP: 00007f2cd68270a0 R08: 0000000000000000 R09: 0000000000000000
[  127.664086][ T8480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.672160][ T8480] R13: 000000000000000b R14: 00007f2cd7d35f80 R15: 00007ffcef82ce28
[  127.680155][ T8480]  </TASK>
[  127.684505][ T8482] smc: net device lo applied user defined pnetid SYZ2
[  127.694229][ T8483] smc: net device lo erased user defined pnetid SYZ2
[  127.711125][ T8485] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8485 comm=syz.4.1393
[  127.729688][ T8485] netlink: 'syz.4.1393': attribute type 1 has an invalid length.
[  127.745712][ T8485] 8021q: adding VLAN 0 to HW filter on device bond1
[  127.766718][ T8488] loop2: detected capacity change from 0 to 2048
[  127.844214][ T8498] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1398'.
[  127.877902][ T8502] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1400'.
[  127.899633][    C1] eth0: bad gso: type: 1, size: 1408
[  127.930862][ T8513] loop1: detected capacity change from 0 to 2048
[  127.948243][ T8515] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8515 comm=syz.2.1405
[  127.977300][ T8515] loop2: detected capacity change from 0 to 512
[  127.996184][ T8515] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  128.011156][ T8513] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1404'.
[  128.026785][ T8515] EXT4-fs (loop2): Remounting filesystem read-only
[  128.043455][ T8526] loop3: detected capacity change from 0 to 2048
[  128.046234][ T8515] EXT4-fs (loop2): 1 truncate cleaned up
[  128.052363][ T8524] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1408'.
[  128.059967][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  128.060052][   T29] audit: type=1400 audit(1722374863.559:702): avc:  denied  { create } for  pid=8508 comm="syz.1.1404" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=rawip_socket permissive=1
[  128.076307][ T8524] vlan2: entered allmulticast mode
[  128.095966][ T8524] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  128.096272][ T8515] SELinux: (dev loop2, type ext4) getxattr errno 5
[  128.113288][ T8528] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  128.127660][ T8528] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13)
[  128.134360][ T8528] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  128.142090][ T8528] vhci_hcd vhci_hcd.0: Device attached
[  128.150528][ T8533] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8533 comm=syz.4.1410
[  128.153350][   T29] audit: type=1400 audit(1722374863.642:703): avc:  denied  { create } for  pid=8508 comm="syz.1.1404" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1
[  128.186933][ T8513] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(15)
[  128.193622][ T8513] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  128.201272][ T8513] vhci_hcd vhci_hcd.0: Device attached
[  128.210780][ T8528] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(18)
[  128.217469][ T8528] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  128.225213][ T8528] vhci_hcd vhci_hcd.0: Device attached
[  128.232577][ T8515] netlink: 'syz.2.1405': attribute type 1 has an invalid length.
[  128.239788][   T29] audit: type=1400 audit(1722374863.698:704): avc:  denied  { read } for  pid=8536 comm="vhci_rx" scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1
[  128.252317][ T8515] 8021q: adding VLAN 0 to HW filter on device bond3
[  128.261465][ T8536] vhci_hcd: connection closed
[  128.268821][ T8538] vhci_hcd: connection closed
[  128.269066][ T8530] vhci_hcd: connection closed
[  128.276489][ T3858] vhci_hcd: stop threads
[  128.281556][ T8533] netlink: 'syz.4.1410': attribute type 1 has an invalid length.
[  128.283020][ T3858] vhci_hcd: release socket
[  128.299701][ T3858] vhci_hcd: disconnect device
[  128.304643][ T3858] vhci_hcd: stop threads
[  128.308943][ T3858] vhci_hcd: release socket
[  128.313366][ T3858] vhci_hcd: disconnect device
[  128.321481][ T3858] vhci_hcd: stop threads
[  128.325737][ T3858] vhci_hcd: release socket
[  128.330024][ T8533] 8021q: adding VLAN 0 to HW filter on device bond2
[  128.330205][ T3858] vhci_hcd: disconnect device
[  128.367208][ T8545] FAULT_INJECTION: forcing a failure.
[  128.367208][ T8545] name failslab, interval 1, probability 0, space 0, times 0
[  128.380084][ T8545] CPU: 1 UID: 0 PID: 8545 Comm: syz.2.1411 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  128.390802][ T8545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  128.400906][ T8545] Call Trace:
[  128.404179][ T8545]  <TASK>
[  128.407159][ T8545]  dump_stack_lvl+0xf2/0x150
[  128.411837][ T8545]  dump_stack+0x15/0x20
[  128.416115][ T8545]  should_fail_ex+0x229/0x230
[  128.420877][ T8545]  ? __alloc_skb+0x10b/0x310
[  128.421255][   T29] audit: type=1400 audit(1722374863.864:705): avc:  denied  { write } for  pid=8543 comm="syz.3.1412" name="net" dev="proc" ino=27946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  128.425472][ T8545]  should_failslab+0x8f/0xb0
[  128.446951][   T29] audit: type=1400 audit(1722374863.864:706): avc:  denied  { add_name } for  pid=8543 comm="syz.3.1412" name="pfkey" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  128.451403][ T8545]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  128.471403][   T29] audit: type=1400 audit(1722374863.864:707): avc:  denied  { create } for  pid=8543 comm="syz.3.1412" name="pfkey" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1
[  128.477126][ T8545]  ? __rtnl_unlock+0x99/0xb0
[  128.497001][   T29] audit: type=1400 audit(1722374863.864:708): avc:  denied  { associate } for  pid=8543 comm="syz.3.1412" name="pfkey" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  128.501552][ T8545]  __alloc_skb+0x10b/0x310
[  128.527009][ T8545]  netlink_ack+0xef/0x4f0
[  128.531367][ T8545]  ? __dev_queue_xmit+0x161/0x1fe0
[  128.536503][ T8545]  netlink_rcv_skb+0x19c/0x230
[  128.541264][ T8545]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  128.546762][ T8545]  rtnetlink_rcv+0x1c/0x30
[  128.551183][ T8545]  netlink_unicast+0x593/0x670
[  128.555994][ T8545]  netlink_sendmsg+0x5cc/0x6e0
[  128.560839][ T8545]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.566372][ T8545]  __sock_sendmsg+0x140/0x180
[  128.571102][ T8545]  ____sys_sendmsg+0x312/0x410
[  128.575871][ T8545]  __sys_sendmsg+0x1e9/0x280
[  128.580548][ T8545]  __x64_sys_sendmsg+0x46/0x50
[  128.585389][ T8545]  x64_sys_call+0x26f8/0x2e00
[  128.590074][ T8545]  do_syscall_64+0xc9/0x1c0
[  128.594661][ T8545]  ? clear_bhb_loop+0x55/0xb0
[  128.599457][ T8545]  ? clear_bhb_loop+0x55/0xb0
[  128.604148][ T8545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.610126][ T8545] RIP: 0033:0x7f0cf0e473b9
[  128.614589][ T8545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.634231][ T8545] RSP: 002b:00007f0cefac7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  128.642643][ T8545] RAX: ffffffffffffffda RBX: 00007f0cf0fd5f80 RCX: 00007f0cf0e473b9
[  128.650633][ T8545] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  128.658609][ T8545] RBP: 00007f0cefac70a0 R08: 0000000000000000 R09: 0000000000000000
[  128.666667][ T8545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.674635][ T8545] R13: 000000000000000b R14: 00007f0cf0fd5f80 R15: 00007ffcd4c90488
[  128.682608][ T8545]  </TASK>
[  128.718791][ T8551] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1414'.
[  128.778717][   T29] audit: type=1400 audit(1722374864.224:709): avc:  denied  { setopt } for  pid=8558 comm="syz.2.1417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  128.803711][ T8557] cgroup: Unknown subsys name 'euid>00000000000000000000'
[  128.812320][ T8557] SELinux:  Context system_u:object_r:systemd_passwd_agent_exec_t:s0 is not valid (left unmapped).
[  128.819169][   T29] audit: type=1400 audit(1722374864.224:710): avc:  denied  { read } for  pid=8558 comm="syz.2.1417" lport=5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  128.843236][   T29] audit: type=1400 audit(1722374864.242:711): avc:  denied  { remount } for  pid=8556 comm="syz.4.1418" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  128.880637][ T8563] delete_channel: no stack
[  128.961899][ T8572] smc: net device lo erased user defined pnetid SYZ2
[  129.028207][ T8581] FAULT_INJECTION: forcing a failure.
[  129.028207][ T8581] name failslab, interval 1, probability 0, space 0, times 0
[  129.040890][ T8581] CPU: 0 UID: 0 PID: 8581 Comm: syz.1.1428 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  129.051606][ T8581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  129.061749][ T8581] Call Trace:
[  129.065033][ T8581]  <TASK>
[  129.068014][ T8581]  dump_stack_lvl+0xf2/0x150
[  129.072649][ T8581]  dump_stack+0x15/0x20
[  129.076868][ T8581]  should_fail_ex+0x229/0x230
[  129.081567][ T8581]  ? __alloc_skb+0x10b/0x310
[  129.086167][ T8581]  should_failslab+0x8f/0xb0
[  129.090784][ T8581]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  129.096712][ T8581]  ? tcp_chrono_stop+0x194/0x200
[  129.101700][ T8581]  __alloc_skb+0x10b/0x310
[  129.106126][ T8581]  tcp_stream_alloc_skb+0x2f/0x1e0
[  129.111299][ T8581]  tcp_connect+0xca4/0x21f0
[  129.115868][ T8581]  ? __set_cyc2ns_scale+0x111/0x1d0
[  129.121150][ T8581]  tcp_v6_connect+0xb99/0xc60
[  129.125843][ T8581]  ? mod_objcg_state+0x2ea/0x4f0
[  129.130889][ T8581]  __inet_stream_connect+0x162/0x790
[  129.136229][ T8581]  ? should_fail_ex+0xd7/0x230
[  129.141012][ T8581]  ? tcp_sendmsg_fastopen+0x163/0x4f0
[  129.146421][ T8581]  ? should_failslab+0x8f/0xb0
[  129.151205][ T8581]  ? __kmalloc_cache_noprof+0x10b/0x2a0
[  129.156768][ T8581]  tcp_sendmsg_fastopen+0x40e/0x4f0
[  129.161993][ T8581]  ? __pfx_tcp_sendmsg+0x10/0x10
[  129.167018][ T8581]  tcp_sendmsg_locked+0x2445/0x2640
[  129.172399][ T8581]  ? mntput+0x49/0x70
[  129.176394][ T8581]  ? __rcu_read_unlock+0x4e/0x70
[  129.181341][ T8581]  ? avc_has_perm_noaudit+0x1cc/0x210
[  129.186722][ T8581]  ? avc_has_perm+0xd4/0x160
[  129.191321][ T8581]  ? _raw_spin_unlock_bh+0x36/0x40
[  129.196524][ T8581]  ? __pfx_tcp_sendmsg+0x10/0x10
[  129.201467][ T8581]  tcp_sendmsg+0x30/0x50
[  129.205744][ T8581]  inet6_sendmsg+0x77/0xd0
[  129.210243][ T8581]  __sock_sendmsg+0x8b/0x180
[  129.214853][ T8581]  __sys_sendto+0x1e5/0x260
[  129.219382][ T8581]  __x64_sys_sendto+0x78/0x90
[  129.224071][ T8581]  x64_sys_call+0x2bc6/0x2e00
[  129.228854][ T8581]  do_syscall_64+0xc9/0x1c0
[  129.233454][ T8581]  ? clear_bhb_loop+0x55/0xb0
[  129.238143][ T8581]  ? clear_bhb_loop+0x55/0xb0
[  129.242893][ T8581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.248866][ T8581] RIP: 0033:0x7f7508c073b9
[  129.253354][ T8581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.273042][ T8581] RSP: 002b:00007f7507887048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  129.281522][ T8581] RAX: ffffffffffffffda RBX: 00007f7508d95f80 RCX: 00007f7508c073b9
[  129.289498][ T8581] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  129.297518][ T8581] RBP: 00007f75078870a0 R08: 0000000020b63fe4 R09: 000000000000001c
[  129.305507][ T8581] R10: 0000000026044011 R11: 0000000000000246 R12: 0000000000000001
[  129.313743][ T8581] R13: 000000000000000b R14: 00007f7508d95f80 R15: 00007ffc45179458
[  129.321723][ T8581]  </TASK>
[  129.365383][ T8585] loop1: detected capacity change from 0 to 512
[  129.366478][ T8588] random: crng reseeded on system resumption
[  129.407040][ T8585] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  129.413641][ T8588] Unrecognized hibernate image header format!
[  129.422234][ T8588] PM: hibernation: Image mismatch: architecture specific data
[  129.425674][ T8585] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1429: bg 0: block 64: padding at end of block bitmap is not set
[  129.457697][ T8585] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.1429: Failed to acquire dquot type 0
[  129.472987][ T8585] EXT4-fs (loop1): 1 truncate cleaned up
[  129.479243][ T8585] EXT4-fs mount: 54 callbacks suppressed
[  129.479257][ T8585] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.480875][ T8594] loop3: detected capacity change from 0 to 2048
[  129.511083][ T8594] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.548741][ T8594] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  129.565544][ T8594] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  129.577846][ T8594] EXT4-fs (loop3): This should not happen!! Data will be lost
[  129.577846][ T8594] 
[  129.587722][ T8594] EXT4-fs (loop3): Total free blocks count 0
[  129.587744][ T8594] EXT4-fs (loop3): Free/Dirty block details
[  129.587759][ T8594] EXT4-fs (loop3): free_blocks=2415919104
[  129.587775][ T8594] EXT4-fs (loop3): dirty_blocks=16
[  129.587789][ T8594] EXT4-fs (loop3): Block reservation details
[  129.587800][ T8594] EXT4-fs (loop3): i_reserved_data_blocks=1
[  129.597475][ T8585] syz.1.1429 (8585) used greatest stack depth: 9392 bytes left
[  129.637101][ T7095] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.649765][ T6932] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.667722][ T8608] delete_channel: no stack
[  129.691556][ T8610] loop3: detected capacity change from 0 to 128
[  129.722639][ T8610] smc: net device lo applied user defined pnetid SYZ2
[  129.736487][ T8610] smc: net device lo erased user defined pnetid SYZ2
[  129.822698][ T8614] loop1: detected capacity change from 0 to 512
[  129.838052][ T8614] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  129.854992][ T8614] System zones: 0-2, 18-18, 34-35
[  129.881688][ T8614] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.895226][ T8614] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.108907][ T7095] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.154880][ T8627] loop3: detected capacity change from 0 to 2048
[  130.191897][ T8627] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.209938][ T8629] loop2: detected capacity change from 0 to 512
[  130.219546][ T8629] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  130.230789][ T8627] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  130.246005][ T8627] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  130.258270][ T8627] EXT4-fs (loop3): This should not happen!! Data will be lost
[  130.258270][ T8627] 
[  130.267957][ T8627] EXT4-fs (loop3): Total free blocks count 0
[  130.273997][ T8627] EXT4-fs (loop3): Free/Dirty block details
[  130.275075][ T8629] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1446: bg 0: block 64: padding at end of block bitmap is not set
[  130.279975][ T8627] EXT4-fs (loop3): free_blocks=2415919104
[  130.299922][ T8627] EXT4-fs (loop3): dirty_blocks=16
[  130.305128][ T8627] EXT4-fs (loop3): Block reservation details
[  130.307306][ T8636] loop1: detected capacity change from 0 to 2048
[  130.311129][ T8627] EXT4-fs (loop3): i_reserved_data_blocks=1
[  130.312761][ T8629] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.1446: Failed to acquire dquot type 0
[  130.331469][ T8636] loop1: detected capacity change from 0 to 256
[  130.350057][ T8629] EXT4-fs (loop2): 1 truncate cleaned up
[  130.352915][ T6932] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.356227][ T8629] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.453152][ T7036] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.476557][ T8651] loop2: detected capacity change from 0 to 512
[  130.496164][ T8651] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.508880][ T8651] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.519640][ T8651] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.578495][ T8653] bridge_slave_0: left allmulticast mode
[  130.584269][ T8653] bridge_slave_0: left promiscuous mode
[  130.590005][ T8653] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.601319][ T8653] bridge_slave_1: left allmulticast mode
[  130.607057][ T8653] bridge_slave_1: left promiscuous mode
[  130.612803][ T8653] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.626543][ T8653] bond0: (slave bond_slave_0): Releasing backup interface
[  130.640687][ T8653] bond0: (slave bond_slave_1): Releasing backup interface
[  130.653752][ T8653] team0: Port device team_slave_0 removed
[  130.665024][ T8653] team0: Port device team_slave_1 removed
[  130.675863][ T8653] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  130.683476][ T8653] batman_adv: batadv0: Removing interface: batadv_slave_0
[  130.693828][ T8653] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  130.701683][ T8653] batman_adv: batadv0: Removing interface: batadv_slave_1
[  130.731057][ T8666] __nla_validate_parse: 2 callbacks suppressed
[  130.731078][ T8666] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1457'.
[  130.801641][ T8671] loop3: detected capacity change from 0 to 2048
[  130.817641][   T55] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.834439][ T8671] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.855926][ T8671] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  130.871117][ T8671] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  130.883607][ T8671] EXT4-fs (loop3): This should not happen!! Data will be lost
[  130.883607][ T8671] 
[  130.893396][ T8671] EXT4-fs (loop3): Total free blocks count 0
[  130.899435][ T8671] EXT4-fs (loop3): Free/Dirty block details
[  130.905378][ T8671] EXT4-fs (loop3): free_blocks=2415919104
[  130.911158][ T8671] EXT4-fs (loop3): dirty_blocks=16
[  130.916316][ T8671] EXT4-fs (loop3): Block reservation details
[  130.922347][ T8671] EXT4-fs (loop3): i_reserved_data_blocks=1
[  130.944291][   T55] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.958124][ T6932] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.968854][ T8680] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8680 comm=syz.4.1463
[  130.988157][ T8680] netlink: 'syz.4.1463': attribute type 1 has an invalid length.
[  131.034087][ T8680] 8021q: adding VLAN 0 to HW filter on device bond3
[  131.046130][   T55] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.061662][ T8692] loop3: detected capacity change from 0 to 512
[  131.083756][ T8692] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.098857][ T8692] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.109771][ T8692] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.110547][   T55] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.200187][ T8700] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1467'.
[  131.213295][ T8700] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1467'.
[  131.235138][   T55] bridge_slave_1: left allmulticast mode
[  131.240828][   T55] bridge_slave_1: left promiscuous mode
[  131.246743][   T55] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.254722][   T55] bridge_slave_0: left allmulticast mode
[  131.260454][   T55] bridge_slave_0: left promiscuous mode
[  131.266362][   T55] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.385509][   T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  131.396686][   T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  131.407220][   T55] bond0 (unregistering): Released all slaves
[  131.416276][   T55] bond1 (unregistering): Released all slaves
[  131.425101][   T55] bond2 (unregistering): Released all slaves
[  131.434598][   T55] bond3 (unregistering): Released all slaves
[  131.507844][ T8682] chnl_net:caif_netlink_parms(): no params data found
[  131.551173][   T55] hsr_slave_0: left promiscuous mode
[  131.558807][   T55] hsr_slave_1: left promiscuous mode
[  131.564759][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  131.572481][   T55] batman_adv: batadv0: Removing interface: batadv_slave_0
[  131.580751][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  131.588224][   T55] batman_adv: batadv0: Removing interface: batadv_slave_1
[  131.598254][   T55] veth1_macvtap: left promiscuous mode
[  131.603897][   T55] veth0_macvtap: left promiscuous mode
[  131.609509][   T55] veth1_vlan: left promiscuous mode
[  131.615082][   T55] veth0_vlan: left promiscuous mode
[  131.704386][   T55] team0 (unregistering): Port device team_slave_1 removed
[  131.714959][   T55] team0 (unregistering): Port device team_slave_0 removed
[  131.787215][ T8682] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.794411][ T8682] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.802638][ T8682] bridge_slave_0: entered allmulticast mode
[  131.809541][ T8682] bridge_slave_0: entered promiscuous mode
[  131.816745][ T8682] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.823871][ T8682] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.831660][ T8682] bridge_slave_1: entered allmulticast mode
[  131.838167][ T8682] bridge_slave_1: entered promiscuous mode
[  131.887319][ T8682] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  131.910020][ T8682] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  131.961264][ T8682] team0: Port device team_slave_0 added
[  131.968431][ T8682] team0: Port device team_slave_1 added
[  131.987970][ T8682] batman_adv: batadv0: Adding interface: batadv_slave_0
[  131.994997][ T8682] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.021048][ T8682] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  132.032871][ T8682] batman_adv: batadv0: Adding interface: batadv_slave_1
[  132.039998][ T8682] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.066049][ T8682] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  132.077728][ T8716] chnl_net:caif_netlink_parms(): no params data found
[  132.143671][ T8682] hsr_slave_0: entered promiscuous mode
[  132.157881][ T8682] hsr_slave_1: entered promiscuous mode
[  132.164301][ T8682] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  132.171868][ T8682] Cannot create hsr debugfs directory
[  132.199741][ T8716] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.206902][ T8716] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.218776][ T8716] bridge_slave_0: entered allmulticast mode
[  132.225620][ T8716] bridge_slave_0: entered promiscuous mode
[  132.246274][   T55] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.259734][ T8716] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.266911][ T8716] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.274332][ T8716] bridge_slave_1: entered allmulticast mode
[  132.280890][ T8716] bridge_slave_1: entered promiscuous mode
[  132.322356][   T55] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.339180][ T8716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  132.369481][ T8716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  132.399996][   T55] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.428535][ T8716] team0: Port device team_slave_0 added
[  132.447152][ T8716] team0: Port device team_slave_1 added
[  132.474030][   T55] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.511775][ T8716] batman_adv: batadv0: Adding interface: batadv_slave_0
[  132.518918][ T8716] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.544872][ T8716] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  132.559580][ T8716] batman_adv: batadv0: Adding interface: batadv_slave_1
[  132.566746][ T8716] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.592696][ T8716] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  132.627590][ T8716] hsr_slave_0: entered promiscuous mode
[  132.633757][ T8716] hsr_slave_1: entered promiscuous mode
[  132.639804][ T8716] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  132.647409][ T8716] Cannot create hsr debugfs directory
[  132.793669][   T55] bond0 (unregistering): Released all slaves
[  132.901391][ T8682] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  132.912840][ T8682] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  132.921880][ T8682] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  132.930856][ T8682] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  132.942194][   T55] hsr_slave_0: left promiscuous mode
[  132.949541][   T55] hsr_slave_1: left promiscuous mode
[  132.957785][   T55] veth1_macvtap: left promiscuous mode
[  132.963361][   T55] veth0_macvtap: left promiscuous mode
[  132.969038][   T55] veth1_vlan: left promiscuous mode
[  132.974301][   T55] veth0_vlan: left promiscuous mode
[  133.208342][ T8682] 8021q: adding VLAN 0 to HW filter on device bond0
[  133.237817][ T8682] 8021q: adding VLAN 0 to HW filter on device team0
[  133.264476][ T3336] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.271687][ T3336] bridge0: port 1(bridge_slave_0) entered forwarding state
[  133.283789][ T3336] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.290978][ T3336] bridge0: port 2(bridge_slave_1) entered forwarding state
[  133.317815][ T8682] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  133.328248][ T8682] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  133.418787][ T8827] chnl_net:caif_netlink_parms(): no params data found
[  133.444452][ T8716] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  133.465560][ T8716] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  133.489729][ T8716] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  133.532822][ T8682] 8021q: adding VLAN 0 to HW filter on device batadv0
[  133.540411][ T8716] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  133.589414][ T8827] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.596763][ T8827] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.608823][ T8827] bridge_slave_0: entered allmulticast mode
[  133.615317][ T8827] bridge_slave_0: entered promiscuous mode
[  133.622653][ T8827] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.629849][ T8827] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.637259][ T8827] bridge_slave_1: entered allmulticast mode
[  133.643759][ T8827] bridge_slave_1: entered promiscuous mode
[  133.681485][ T8827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  133.713978][   T55] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.739494][ T8827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  133.775718][ T8827] team0: Port device team_slave_0 added
[  133.793667][   T55] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.807041][ T8827] team0: Port device team_slave_1 added
[  133.824576][ T8682] veth0_vlan: entered promiscuous mode
[  133.847984][ T8827] batman_adv: batadv0: Adding interface: batadv_slave_0
[  133.854982][ T8827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  133.880989][ T8827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  133.897311][   T55] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.909751][ T8827] batman_adv: batadv0: Adding interface: batadv_slave_1
[  133.916730][ T8827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  133.942863][ T8827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  133.964342][ T8682] veth1_vlan: entered promiscuous mode
[  133.976718][ T8898] loop1: detected capacity change from 0 to 512
[  134.003851][ T8898] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.018611][ T8898] ext4 filesystem being mounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  134.039961][   T55] netdevsim netdevsim4 netdevsim0 (unregistering): left allmulticast mode
[  134.054749][   T55] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.068547][ T8827] hsr_slave_0: entered promiscuous mode
[  134.075300][ T8827] hsr_slave_1: entered promiscuous mode
[  134.082260][ T8827] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  134.089836][ T8827] Cannot create hsr debugfs directory
[  134.101830][ T8716] 8021q: adding VLAN 0 to HW filter on device bond0
[  134.114932][ T8682] veth0_macvtap: entered promiscuous mode
[  134.123284][ T8682] veth1_macvtap: entered promiscuous mode
[  134.142334][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.152843][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.162689][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.173276][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.183173][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.193633][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.203581][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.214041][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.223956][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.234534][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.246464][ T8682] batman_adv: batadv0: Interface activated: batadv_slave_0
[  134.254876][ T8716] 8021q: adding VLAN 0 to HW filter on device team0
[  134.288873][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.299368][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.309352][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.319832][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.329659][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.340218][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.350140][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.360741][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.370564][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.381153][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.391856][ T8682] batman_adv: batadv0: Interface activated: batadv_slave_1
[  134.409897][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.417070][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.426912][ T8682] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  134.435831][ T8682] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  134.444873][ T8682] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  134.453664][ T8682] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  134.477749][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.484870][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  134.521679][   T55] bridge_slave_1: left allmulticast mode
[  134.527489][   T55] bridge_slave_1: left promiscuous mode
[  134.533144][   T55] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.541519][   T55] bridge_slave_0: left allmulticast mode
[  134.547492][   T55] bridge_slave_0: left promiscuous mode
[  134.553329][   T55] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.617323][   T55] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  134.668036][   T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  134.680401][   T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  134.691243][   T55] bond0 (unregistering): Released all slaves
[  134.691457][ T7095] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.700959][   T55] bond1 (unregistering): Released all slaves
[  134.719763][   T55] bond2 (unregistering): Released all slaves
[  134.732809][   T55] bond3 (unregistering): Released all slaves
[  134.776864][ T8716] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  134.819366][   T29] kauditd_printk_skb: 31 callbacks suppressed
[  134.819385][   T29] audit: type=1400 audit(1722374869.789:739): avc:  denied  { write } for  pid=8939 comm="syz.2.1461" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  134.895398][ T8948] openvswitch: netlink: Tunnel attr 16383 out of range max 16
[  134.961610][   T55] hsr_slave_0: left promiscuous mode
[  134.997858][   T55] hsr_slave_1: left promiscuous mode
[  135.037997][ T8953] loop2: detected capacity change from 0 to 512
[  135.061513][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.069039][   T55] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.089067][ T8953] EXT4-fs: Ignoring removed nomblk_io_submit option
[  135.095720][ T8953] EXT4-fs: Ignoring removed nomblk_io_submit option
[  135.152326][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.159839][   T55] batman_adv: batadv0: Removing interface: batadv_slave_1
[  135.172381][ T8953] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  135.202096][ T8953] EXT4-fs (loop2): 1 orphan inode deleted
[  135.207977][ T8953] EXT4-fs (loop2): 1 truncate cleaned up
[  135.241391][ T8953] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.256502][ T8953] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.265694][   T55] veth1_macvtap: left promiscuous mode
[  135.271195][   T55] veth0_macvtap: left promiscuous mode
[  135.276876][   T55] veth1_vlan: left promiscuous mode
[  135.282131][   T55] veth0_vlan: left promiscuous mode
[  135.384565][   T55] team0 (unregistering): Port device team_slave_1 removed
[  135.394716][   T55] team0 (unregistering): Port device team_slave_0 removed
[  135.485270][ T8968] loop2: detected capacity change from 0 to 2048
[  135.495932][ T8716] 8021q: adding VLAN 0 to HW filter on device batadv0
[  135.514562][ T8968] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.537373][ T8968] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  135.566194][ T8827] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  135.575097][ T8968] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  135.587491][ T8968] EXT4-fs (loop2): This should not happen!! Data will be lost
[  135.587491][ T8968] 
[  135.597187][ T8968] EXT4-fs (loop2): Total free blocks count 0
[  135.603215][ T8968] EXT4-fs (loop2): Free/Dirty block details
[  135.609192][ T8968] EXT4-fs (loop2): free_blocks=2415919104
[  135.614931][ T8968] EXT4-fs (loop2): dirty_blocks=16
[  135.620079][ T8968] EXT4-fs (loop2): Block reservation details
[  135.626129][ T8968] EXT4-fs (loop2): i_reserved_data_blocks=1
[  135.637311][ T8827] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  135.654228][ T8827] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  135.664129][ T8827] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  135.693292][ T8682] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.721454][ T8716] veth0_vlan: entered promiscuous mode
[  135.747782][ T8716] veth1_vlan: entered promiscuous mode
[  135.755791][   T29] audit: type=1326 audit(1722374870.657:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8993 comm="syz.1.1487" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7508c073b9 code=0x0
[  135.767829][ T8716] veth0_macvtap: entered promiscuous mode
[  135.799888][ T8716] veth1_macvtap: entered promiscuous mode
[  135.816650][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.827197][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.837127][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.847739][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.857684][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.868295][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.868318][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.868337][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.868358][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.868371][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.870914][ T8716] batman_adv: batadv0: Interface activated: batadv_slave_0
[  135.938282][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.948798][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.958740][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.969216][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.969235][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.969251][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.969283][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.969300][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.969321][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.969334][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.971584][ T8716] batman_adv: batadv0: Interface activated: batadv_slave_1
[  136.057322][ T8827] 8021q: adding VLAN 0 to HW filter on device bond0
[  136.064155][ T8827] 8021q: adding VLAN 0 to HW filter on device team0
[  136.080213][ T8716] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.080340][ T8716] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.080378][ T8716] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.080415][ T8716] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.111066][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.111110][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  136.112556][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.112597][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  136.136677][ T8827] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  136.213486][ T9008] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1469'.
[  136.231429][ T8827] 8021q: adding VLAN 0 to HW filter on device batadv0
[  136.355102][ T8827] veth0_vlan: entered promiscuous mode
[  136.363482][ T8827] veth1_vlan: entered promiscuous mode
[  136.380558][ T8827] veth0_macvtap: entered promiscuous mode
[  136.388013][ T8827] veth1_macvtap: entered promiscuous mode
[  136.399376][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.409811][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.419735][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.430251][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.440099][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.450613][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.460464][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.470921][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.480788][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.491306][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.501129][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.511627][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.522627][ T8827] batman_adv: batadv0: Interface activated: batadv_slave_0
[  136.533889][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.544393][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.554217][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.564704][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.574551][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.585007][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.594906][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.605366][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.615180][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.625628][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.635544][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.645999][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.658017][ T8827] batman_adv: batadv0: Interface activated: batadv_slave_1
[  136.670162][ T8827] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  136.678900][ T8827] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  136.687778][ T8827] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  136.696663][ T8827] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  136.781579][ T9026] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1491'.
[  136.821074][ T9035] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1494'.
[  136.831503][ T9035] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1494'.
[  136.844837][ T9035] vlan2: entered promiscuous mode
[  136.920878][ T9045] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  136.931231][   T29] audit: type=1400 audit(1722374871.755:741): avc:  denied  { getopt } for  pid=9047 comm="syz.4.1497" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  136.988132][ T9052] loop1: detected capacity change from 0 to 2048
[  137.018281][ T9052] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #2: comm syz.1.1498: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  137.052022][ T9052] EXT4-fs (loop1): get root inode failed
[  137.057714][ T9052] EXT4-fs (loop1): mount failed
[  137.079438][ T9052] loop1: detected capacity change from 0 to 512
[  137.091409][ T9052] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  137.102907][ T9052] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec018, mo2=0002]
[  137.116339][ T9052] System zones: 1-12
[  137.121055][ T9052] EXT4-fs (loop1): 1 truncate cleaned up
[  137.128894][ T9052] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.136361][ T9036] chnl_net:caif_netlink_parms(): no params data found
[  137.148596][   T29] audit: type=1400 audit(1722374871.949:742): avc:  denied  { mounton } for  pid=9050 comm="syz.1.1498" path="/121/file2/bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  137.201614][   T29] audit: type=1400 audit(1722374872.005:743): avc:  denied  { unlink } for  pid=9050 comm="syz.1.1498" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  137.230452][   T29] audit: type=1400 audit(1722374872.023:744): avc:  denied  { create } for  pid=9050 comm="syz.1.1498" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  137.256765][ T9077] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1505'.
[  137.267998][ T9036] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.275122][ T9036] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.284392][ T9036] bridge_slave_0: entered allmulticast mode
[  137.292999][ T9036] bridge_slave_0: entered promiscuous mode
[  137.295552][ T9079] loop3: detected capacity change from 0 to 2048
[  137.302733][ T9036] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.312402][ T9036] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.319736][ T9036] bridge_slave_1: entered allmulticast mode
[  137.326547][ T9036] bridge_slave_1: entered promiscuous mode
[  137.330570][ T9079] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.348566][ T9082] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9082 comm=syz.1.1498
[  137.374906][ T9082] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1498'.
[  137.383907][ T9082] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1498'.
[  137.405761][ T9036] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.420968][ T9036] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.435567][ T9079] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  137.444029][ T7095] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /121/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  137.451450][ T9079] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  137.484915][ T9079] EXT4-fs (loop3): This should not happen!! Data will be lost
[  137.484915][ T9079] 
[  137.487538][ T7095] EXT4-fs error (device loop1): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  137.494646][ T9079] EXT4-fs (loop3): Total free blocks count 0
[  137.516926][ T7095] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /121/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  137.520253][ T9079] EXT4-fs (loop3): Free/Dirty block details
[  137.544306][ T7095] EXT4-fs error (device loop1): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  137.547641][ T9079] EXT4-fs (loop3): free_blocks=2415919104
[  137.573064][ T9079] EXT4-fs (loop3): dirty_blocks=16
[  137.578234][ T9079] EXT4-fs (loop3): Block reservation details
[  137.584422][ T9079] EXT4-fs (loop3): i_reserved_data_blocks=1
[  137.585997][ T7095] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /121/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  137.612591][ T7095] EXT4-fs error (device loop1): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  137.614160][ T9036] team0: Port device team_slave_0 added
[  137.638405][ T7095] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /121/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  137.661101][ T7095] EXT4-fs error (device loop1): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  137.661754][ T8716] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.682932][ T7095] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /121/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  137.712643][ T7095] EXT4-fs error (device loop1): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  137.733760][ T9036] team0: Port device team_slave_1 added
[  137.768911][ T9036] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.776094][ T9036] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.802169][ T9036] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.823719][ T9036] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.830881][ T9036] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.856936][ T9036] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.911949][ T9036] hsr_slave_0: entered promiscuous mode
[  137.918667][ T9036] hsr_slave_1: entered promiscuous mode
[  137.930224][ T9036] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  137.940077][ T9036] Cannot create hsr debugfs directory
[  137.954095][ T9097] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1515'.
[  138.027203][ T9102] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9102 comm=syz.4.1517
[  138.041569][ T9036] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.055385][ T9102] netlink: 'syz.4.1517': attribute type 1 has an invalid length.
[  138.139126][ T9036] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.189009][ T7095] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.202403][   T55] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.223911][ T9036] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.253582][   T55] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.308836][ T9036] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.343878][   T55] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.422488][ T9115] chnl_net:caif_netlink_parms(): no params data found
[  138.434741][ T9036] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  138.446502][ T9036] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  138.463265][   T55] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.474429][ T9036] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  138.485155][ T9036] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  138.510807][ T9115] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.517977][ T9115] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.525295][ T9115] bridge_slave_0: entered allmulticast mode
[  138.531907][ T9115] bridge_slave_0: entered promiscuous mode
[  138.539362][ T9115] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.546526][ T9115] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.554054][ T9115] bridge_slave_1: entered allmulticast mode
[  138.560843][ T9115] bridge_slave_1: entered promiscuous mode
[  138.588473][ T9115] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  138.600156][ T9115] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  138.636968][ T9115] team0: Port device team_slave_0 added
[  138.645319][ T9115] team0: Port device team_slave_1 added
[  138.657004][   T55] bridge_slave_1: left allmulticast mode
[  138.662690][   T55] bridge_slave_1: left promiscuous mode
[  138.668433][   T55] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.676540][   T55] bridge_slave_0: left allmulticast mode
[  138.682264][   T55] bridge_slave_0: left promiscuous mode
[  138.687947][   T55] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.807892][   T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  138.818662][   T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  138.828897][   T55] bond0 (unregistering): Released all slaves
[  138.838630][   T55] bond1 (unregistering): Released all slaves
[  138.865706][ T9115] batman_adv: batadv0: Adding interface: batadv_slave_0
[  138.872783][ T9115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  138.898738][ T9115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  138.910857][ T9115] batman_adv: batadv0: Adding interface: batadv_slave_1
[  138.917865][ T9115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  138.943901][ T9115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  138.984233][ T9130] FAULT_INJECTION: forcing a failure.
[  138.984233][ T9130] name failslab, interval 1, probability 0, space 0, times 0
[  138.988610][ T9115] hsr_slave_0: entered promiscuous mode
[  138.996915][ T9130] CPU: 1 UID: 0 PID: 9130 Comm: syz.3.1524 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  139.013119][ T9130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  139.023242][ T9130] Call Trace:
[  139.026520][ T9130]  <TASK>
[  139.029460][ T9130]  dump_stack_lvl+0xf2/0x150
[  139.034110][ T9130]  dump_stack+0x15/0x20
[  139.038318][ T9130]  should_fail_ex+0x229/0x230
[  139.043007][ T9130]  ? build_skb+0x33/0x210
[  139.047349][ T9130]  should_failslab+0x8f/0xb0
[  139.051952][ T9130]  kmem_cache_alloc_noprof+0x4c/0x290
[  139.057397][ T9130]  ? alloc_pages_mpol_noprof+0xd5/0x1e0
[  139.062984][ T9130]  build_skb+0x33/0x210
[  139.067255][ T9130]  __tun_build_skb+0x2b/0x1b0
[  139.071933][ T9130]  ? tun_get_user+0x1474/0x24b0
[  139.076792][ T9130]  tun_get_user+0x1494/0x24b0
[  139.081518][ T9130]  ? kstrtoull+0x110/0x140
[  139.085936][ T9130]  ? ref_tracker_alloc+0x1f5/0x2f0
[  139.091156][ T9130]  tun_chr_write_iter+0x18e/0x240
[  139.096184][ T9130]  vfs_write+0x78f/0x900
[  139.100551][ T9130]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  139.106106][ T9130]  ksys_write+0xeb/0x1b0
[  139.110384][ T9130]  __x64_sys_write+0x42/0x50
[  139.115030][ T9130]  x64_sys_call+0x2a40/0x2e00
[  139.119750][ T9130]  do_syscall_64+0xc9/0x1c0
[  139.124360][ T9130]  ? clear_bhb_loop+0x55/0xb0
[  139.129119][ T9130]  ? clear_bhb_loop+0x55/0xb0
[  139.133805][ T9130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.139749][ T9130] RIP: 0033:0x7f5b9e9b5e9f
[  139.144213][ T9130] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  139.163884][ T9130] RSP: 002b:00007f5b9d637010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  139.172326][ T9130] RAX: ffffffffffffffda RBX: 00007f5b9eb45f80 RCX: 00007f5b9e9b5e9f
[  139.180313][ T9130] RDX: 000000000000009e RSI: 0000000020003680 RDI: 00000000000000c8
[  139.188354][ T9130] RBP: 00007f5b9d6370a0 R08: 0000000000000000 R09: 0000000000000000
[  139.196336][ T9130] R10: 000000000000009e R11: 0000000000000293 R12: 0000000000000001
[  139.204390][ T9130] R13: 000000000000000b R14: 00007f5b9eb45f80 R15: 00007ffec8d0d468
[  139.212377][ T9130]  </TASK>
[  139.223872][ T9115] hsr_slave_1: entered promiscuous mode
[  139.239721][ T9115] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  139.258529][ T9136] loop2: detected capacity change from 0 to 128
[  139.259388][ T9115] Cannot create hsr debugfs directory
[  139.275640][   T55] hsr_slave_0: left promiscuous mode
[  139.284232][   T55] hsr_slave_1: left promiscuous mode
[  139.292968][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  139.293699][ T9135] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1527'.
[  139.300442][   T55] batman_adv: batadv0: Removing interface: batadv_slave_0
[  139.319115][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  139.326682][   T55] batman_adv: batadv0: Removing interface: batadv_slave_1
[  139.337167][   T55] veth1_macvtap: left promiscuous mode
[  139.342892][   T55] veth0_macvtap: left promiscuous mode
[  139.348541][   T55] veth1_vlan: left promiscuous mode
[  139.353902][   T55] veth0_vlan: left allmulticast mode
[  139.359206][   T55] veth0_vlan: left promiscuous mode
[  139.462477][   T55] team0 (unregistering): Port device team_slave_1 removed
[  139.472997][   T55] team0 (unregistering): Port device team_slave_0 removed
[  139.525444][ T9141] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1525'.
[  139.588828][ T9036] 8021q: adding VLAN 0 to HW filter on device bond0
[  139.623635][ T9154] FAULT_INJECTION: forcing a failure.
[  139.623635][ T9154] name failslab, interval 1, probability 0, space 0, times 0
[  139.636528][ T9154] CPU: 0 UID: 0 PID: 9154 Comm: syz.3.1531 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  139.647307][ T9154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  139.657390][ T9154] Call Trace:
[  139.660748][ T9154]  <TASK>
[  139.663694][ T9154]  dump_stack_lvl+0xf2/0x150
[  139.668319][ T9154]  dump_stack+0x15/0x20
[  139.672514][ T9154]  should_fail_ex+0x229/0x230
[  139.677277][ T9154]  ? nfnetlink_rcv+0x994/0x15b0
[  139.682195][ T9154]  should_failslab+0x8f/0xb0
[  139.686844][ T9154]  __kmalloc_cache_noprof+0x4b/0x2a0
[  139.692322][ T9154]  nfnetlink_rcv+0x994/0x15b0
[  139.697044][ T9154]  netlink_unicast+0x593/0x670
[  139.701857][ T9154]  netlink_sendmsg+0x5cc/0x6e0
[  139.706673][ T9154]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.711987][ T9154]  __sock_sendmsg+0x140/0x180
[  139.716710][ T9154]  ____sys_sendmsg+0x312/0x410
[  139.721502][ T9154]  __sys_sendmsg+0x1e9/0x280
[  139.726117][ T9154]  __x64_sys_sendmsg+0x46/0x50
[  139.730884][ T9154]  x64_sys_call+0x26f8/0x2e00
[  139.735636][ T9154]  do_syscall_64+0xc9/0x1c0
[  139.740165][ T9154]  ? clear_bhb_loop+0x55/0xb0
[  139.744923][ T9154]  ? clear_bhb_loop+0x55/0xb0
[  139.749677][ T9154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.755649][ T9154] RIP: 0033:0x7f5b9e9b73b9
[  139.760067][ T9154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.779770][ T9154] RSP: 002b:00007f5b9d637048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.788213][ T9154] RAX: ffffffffffffffda RBX: 00007f5b9eb45f80 RCX: 00007f5b9e9b73b9
[  139.796184][ T9154] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  139.804183][ T9154] RBP: 00007f5b9d6370a0 R08: 0000000000000000 R09: 0000000000000000
[  139.812157][ T9154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.820148][ T9154] R13: 000000000000000b R14: 00007f5b9eb45f80 R15: 00007ffec8d0d468
[  139.828193][ T9154]  </TASK>
[  139.865186][ T9168] loop3: detected capacity change from 0 to 128
[  139.885159][ T9168] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  139.901535][ T9168] ext4 filesystem being mounted at /12/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  139.907286][ T9036] 8021q: adding VLAN 0 to HW filter on device team0
[  139.964271][   T29] audit: type=1400 audit(1722374874.552:745): avc:  denied  { bind } for  pid=9167 comm="syz.3.1532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  139.990209][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.997343][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.021610][  T753] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.028941][  T753] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.029096][ T8716] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  140.110253][ T9178] loop3: detected capacity change from 0 to 512
[  140.155435][ T9178] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  140.174672][ T9178] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.233129][ T9036] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.241167][ T9115] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  140.252003][ T9115] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  140.261456][ T9115] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  140.272469][ T9115] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  140.374455][ T9115] 8021q: adding VLAN 0 to HW filter on device bond0
[  140.409501][ T9115] 8021q: adding VLAN 0 to HW filter on device team0
[  140.439774][ T7355] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.446914][ T7355] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.465319][ T3338] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.472432][ T3338] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.520111][ T9036] veth0_vlan: entered promiscuous mode
[  140.527315][ T9225] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9225 comm=syz.4.1541
[  140.551952][ T9036] veth1_vlan: entered promiscuous mode
[  140.561149][ T9225] netlink: 'syz.4.1541': attribute type 1 has an invalid length.
[  140.586932][ T9036] veth0_macvtap: entered promiscuous mode
[  140.598544][ T9036] veth1_macvtap: entered promiscuous mode
[  140.610638][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.621372][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.631278][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.641874][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.651806][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.662357][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.672645][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.683154][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.693095][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.703721][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.713641][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  140.724196][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.745074][ T9036] batman_adv: batadv0: Interface activated: batadv_slave_0
[  140.769255][ T9115] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.777105][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.787739][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.797664][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.803520][   T29] audit: type=1400 audit(1722374875.318:746): avc:  denied  { connect } for  pid=9251 comm="syz.4.1543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  140.808175][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.837474][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.848110][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.858131][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.868563][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.878378][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.888901][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.898866][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.909382][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.923136][ T9036] batman_adv: batadv0: Interface activated: batadv_slave_1
[  140.936090][ T9036] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.944919][ T9036] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.953819][ T9036] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.962542][ T9036] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.018461][ T8716] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  141.122761][ T9115] veth0_vlan: entered promiscuous mode
[  141.132640][ T9115] veth1_vlan: entered promiscuous mode
[  141.174793][ T9115] veth0_macvtap: entered promiscuous mode
[  141.184880][ T9115] veth1_macvtap: entered promiscuous mode
[  141.218692][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.229336][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.239314][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.249798][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.259654][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.270114][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.278181][ T9282] loop3: detected capacity change from 0 to 512
[  141.280187][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.296972][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.306801][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.317322][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.327169][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.327773][ T9282] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, 
[  141.337641][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.337666][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  141.337680][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.340334][ T9115] batman_adv: batadv0: Interface activated: batadv_slave_0
[  141.346022][ T9282] block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  141.362971][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  141.402553][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.412389][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  141.422942][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.432915][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  141.443461][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.453704][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  141.464240][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.474070][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  141.484582][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.494471][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  141.504947][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.514772][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  141.525286][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  141.526092][ T9282] EXT4-fs (loop3): Remounting filesystem read-only
[  141.544648][ T9282] EXT4-fs (loop3): 1 truncate cleaned up
[  141.550823][ T9282] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.553709][ T9115] batman_adv: batadv0: Interface activated: batadv_slave_1
[  141.566139][ T9282] SELinux: (dev loop3, type ext4) getxattr errno 5
[  141.576109][ T9115] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.580406][ T9282] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.585686][ T9115] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.585756][ T9115] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.585793][ T9115] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.721615][ T9296] loop3: detected capacity change from 0 to 512
[  141.730562][ T9296] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #12: comm syz.3.1556: corrupted in-inode xattr: invalid ea_ino
[  141.744228][ T9296] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1556: couldn't read orphan inode 12 (err -117)
[  141.757414][ T9296] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.776667][ T9299] __nla_validate_parse: 3 callbacks suppressed
[  141.776684][ T9299] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1557'.
[  141.782415][ T9296] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.1556: Directory hole found for htree leaf block 0
[  141.811777][   T29] audit: type=1400 audit(1722374876.250:747): avc:  denied  { tracepoint } for  pid=9298 comm="syz.1.1557" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  141.835490][ T9299] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1557'.
[  141.877513][ T9303] FAULT_INJECTION: forcing a failure.
[  141.877513][ T9303] name failslab, interval 1, probability 0, space 0, times 0
[  141.890307][ T9303] CPU: 1 UID: 0 PID: 9303 Comm: syz.1.1558 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
[  141.901063][ T9303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  141.911148][ T9303] Call Trace:
[  141.914459][ T9303]  <TASK>
[  141.917406][ T9303]  dump_stack_lvl+0xf2/0x150
[  141.922068][ T9303]  dump_stack+0x15/0x20
[  141.926303][ T9303]  should_fail_ex+0x229/0x230
[  141.931104][ T9303]  ? vm_area_alloc+0x2c/0x130
[  141.935922][ T9303]  should_failslab+0x8f/0xb0
[  141.940611][ T9303]  kmem_cache_alloc_noprof+0x4c/0x290
[  141.946052][ T9303]  vm_area_alloc+0x2c/0x130
[  141.950628][ T9303]  mmap_region+0x88b/0x1620
[  141.955155][ T9303]  ? security_mmap_addr+0x4c/0x70
[  141.960291][ T9303]  ? __get_unmapped_area+0x2d1/0x300
[  141.965768][ T9303]  do_mmap+0x72a/0xb70
[  141.969925][ T9303]  ? security_mmap_file+0x128/0x150
[  141.975243][ T9303]  vm_mmap_pgoff+0x133/0x290
[  141.979918][ T9303]  ksys_mmap_pgoff+0xd0/0x340
[  141.984014][ T9296] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.1556: Directory hole found for htree leaf block 0
[  141.984633][ T9303]  ? fpregs_assert_state_consistent+0x83/0xa0
[  142.003604][ T9303]  x64_sys_call+0x1940/0x2e00
[  142.008315][ T9303]  do_syscall_64+0xc9/0x1c0
[  142.012855][ T9303]  ? clear_bhb_loop+0x55/0xb0
[  142.017574][ T9303]  ? clear_bhb_loop+0x55/0xb0
[  142.019778][ T9296] bridge_slave_0: left allmulticast mode
[  142.022350][ T9303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.022390][ T9303] RIP: 0033:0x7ffbebb873f3
[  142.022407][ T9303] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  142.022427][ T9303] RSP: 002b:00007ffbea806e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  142.028078][ T9296] bridge_slave_0: left promiscuous mode
[  142.033947][ T9303] RAX: ffffffffffffffda RBX: 0000000000000474 RCX: 00007ffbebb873f3
[  142.033967][ T9303] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  142.033986][ T9303] RBP: 0000000020000702 R08: 00000000ffffffff R09: 0000000000000000
[  142.034003][ T9303] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[  142.038533][ T9296] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.057989][ T9303] R13: 00007ffbea806f00 R14: 00007ffbea806ec0 R15: 0000000020000280
[  142.058022][ T9303]  </TASK>
[  142.132284][ T9296] bridge_slave_1: left allmulticast mode
[  142.137992][ T9296] bridge_slave_1: left promiscuous mode
[  142.142550][ T9314] loop1: detected capacity change from 0 to 2048
[  142.144144][ T9296] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.163725][ T9296] bond0: (slave bond_slave_0): Releasing backup interface
[  142.169970][ T9314] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.188272][ T9314] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  142.193223][ T9296] bond0: (slave bond_slave_1): Releasing backup interface
[  142.203465][ T9314] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  142.222702][ T9314] EXT4-fs (loop1): This should not happen!! Data will be lost
[  142.222702][ T9314] 
[  142.232453][ T9314] EXT4-fs (loop1): Total free blocks count 0
[  142.238539][ T9314] EXT4-fs (loop1): Free/Dirty block details
[  142.244469][ T9314] EXT4-fs (loop1): free_blocks=2415919104
[  142.250306][ T9314] EXT4-fs (loop1): dirty_blocks=16
[  142.255524][ T9314] EXT4-fs (loop1): Block reservation details
[  142.261607][ T9314] EXT4-fs (loop1): i_reserved_data_blocks=1
[  142.281434][ T9115] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.300436][ T9296] team0: Port device team_slave_0 removed
[  142.324091][ T9296] team0: Port device team_slave_1 removed
[  142.331066][ T9296] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.338615][ T9296] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.348292][ T9296] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.355772][ T9296] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.385508][ T9318] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1559'.
[  142.484110][ T8716] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  142.520688][ T9334] IPv6: Can't replace route, no match found
[  142.581487][   T29] audit: type=1400 audit(1722374876.961:748): avc:  denied  { execute } for  pid=9328 comm="syz.0.1564" path=2F6D656D66643A59FFFF202864656C6574656429 dev="hugetlbfs" ino=31719 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  142.619112][   T29] audit: type=1400 audit(1722374876.970:749): avc:  denied  { mount } for  pid=9328 comm="syz.0.1564" name="/" dev="hugetlbfs" ino=31721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  142.654765][ T9339] loop3: detected capacity change from 0 to 512
[  142.693360][ T9339] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.717213][ T9339] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.749101][ T9339] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.765448][   T29] audit: type=1400 audit(1722374877.127:750): avc:  denied  { unmount } for  pid=9036 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  142.801783][ T9345] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9345 comm=syz.0.1570
[  142.868252][ T9345] netlink: 'syz.0.1570': attribute type 1 has an invalid length.
[  142.971644][ T9352] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1573'.
[  143.189144][   T55] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.252633][   T55] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.319776][   T55] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.349365][ T9372] loop2: detected capacity change from 0 to 512
[  143.379185][ T9372] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.391945][ T9372] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.399782][   T55] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.416467][ T9372] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.429099][ T9372] ==================================================================
[  143.437229][ T9372] BUG: KCSAN: data-race in folios_put_refs / need_mlock_drain
[  143.444735][ T9372] 
[  143.447062][ T9372] write to 0xffff888237c2b370 of 1 bytes by task 9331 on cpu 0:
[  143.454708][ T9372]  folios_put_refs+0x266/0x2b0
[  143.459507][ T9372]  mlock_folio_batch+0x319d/0x31d0
[  143.464651][ T9372]  mlock_new_folio+0x1a3/0x200
[  143.469437][ T9372]  folio_add_lru_vma+0x5d/0x60
[  143.474230][ T9372]  handle_mm_fault+0x2372/0x2940
[  143.479193][ T9372]  __get_user_pages+0x499/0x10d0
[  143.484156][ T9372]  __mm_populate+0x25b/0x3b0
[  143.488772][ T9372]  __se_sys_mremap+0x960/0xf20
[  143.493545][ T9372]  __x64_sys_mremap+0x67/0x80
[  143.498234][ T9372]  x64_sys_call+0x29c8/0x2e00
[  143.502928][ T9372]  do_syscall_64+0xc9/0x1c0
[  143.507458][ T9372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.513380][ T9372] 
[  143.515716][ T9372] read to 0xffff888237c2b370 of 1 bytes by task 9372 on cpu 1:
[  143.523274][ T9372]  need_mlock_drain+0x30/0x50
[  143.527976][ T9372]  __lru_add_drain_all+0x235/0x410
[  143.533118][ T9372]  lru_add_drain_all+0x10/0x20
[  143.537905][ T9372]  invalidate_bdev+0x47/0x70
[  143.542512][ T9372]  ext4_put_super+0x571/0x840
[  143.547215][ T9372]  generic_shutdown_super+0xde/0x210
[  143.552523][ T9372]  kill_block_super+0x2a/0x70
[  143.557241][ T9372]  ext4_kill_sb+0x44/0x80
[  143.561583][ T9372]  deactivate_locked_super+0x7d/0x1c0
[  143.566993][ T9372]  deactivate_super+0x9f/0xb0
[  143.571691][ T9372]  cleanup_mnt+0x268/0x2e0
[  143.576131][ T9372]  __cleanup_mnt+0x19/0x20
[  143.580567][ T9372]  task_work_run+0x13a/0x1a0
[  143.585180][ T9372]  syscall_exit_to_user_mode+0xbe/0x130
[  143.590742][ T9372]  do_syscall_64+0xd6/0x1c0
[  143.595274][ T9372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.601196][ T9372] 
[  143.603527][ T9372] value changed: 0x1f -> 0x02
[  143.608209][ T9372] 
[  143.610535][ T9372] Reported by Kernel Concurrency Sanitizer on:
[  143.616684][ T9372] CPU: 1 UID: 0 PID: 9372 Comm: syz.2.1581 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  143.627460][ T9372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  143.637530][ T9372] ==================================================================
[  143.654576][   T29] audit: type=1400 audit(1722374877.949:751): avc:  denied  { write } for  pid=3245 comm="syz-executor" path="pipe:[624]" dev="pipefs" ino=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  143.693365][   T29] audit: type=1400 audit(1722374877.986:752): avc:  denied  { search } for  pid=2943 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  143.974545][   T55] bond0 (unregistering): Released all slaves
[  144.171316][   T55] hsr_slave_0: left promiscuous mode
[  144.177041][   T55] hsr_slave_1: left promiscuous mode
[  144.185359][   T55] veth1_macvtap: left promiscuous mode
[  144.190975][   T55] veth0_macvtap: left promiscuous mode
[  144.196613][   T55] veth1_vlan: left promiscuous mode
[  144.202023][   T55] veth0_vlan: left promiscuous mode
[  144.746154][   T55] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.799894][   T55] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.842983][   T55] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.931256][   T55] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.994785][   T55] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.038177][   T55] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.081190][   T55] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.156878][   T55] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.253890][   T55] bridge_slave_1: left allmulticast mode
[  145.259581][   T55] bridge_slave_1: left promiscuous mode
[  145.265404][   T55] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.273898][   T55] bridge_slave_0: left allmulticast mode
[  145.279574][   T55] bridge_slave_0: left promiscuous mode
[  145.285324][   T55] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.293458][   T55] bridge_slave_1: left allmulticast mode
[  145.299151][   T55] bridge_slave_1: left promiscuous mode
[  145.304933][   T55] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.312657][   T55] bridge_slave_0: left allmulticast mode
[  145.318330][   T55] bridge_slave_0: left promiscuous mode
[  145.323939][   T55] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.524592][   T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  145.535032][   T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  145.545513][   T55] bond0 (unregistering): Released all slaves
[  145.555219][   T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  145.566039][   T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  145.576395][   T55] bond0 (unregistering): Released all slaves
[  145.764417][   T55] hsr_slave_0: left promiscuous mode
[  145.770068][   T55] hsr_slave_1: left promiscuous mode
[  145.775922][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  145.783450][   T55] batman_adv: batadv0: Removing interface: batadv_slave_0
[  145.791178][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  145.798741][   T55] batman_adv: batadv0: Removing interface: batadv_slave_1
[  145.809916][   T55] hsr_slave_0: left promiscuous mode
[  145.815866][   T55] hsr_slave_1: left promiscuous mode
[  145.821604][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  145.829045][   T55] batman_adv: batadv0: Removing interface: batadv_slave_0
[  145.836637][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  145.844110][   T55] batman_adv: batadv0: Removing interface: batadv_slave_1
[  145.855209][   T55] veth1_macvtap: left promiscuous mode
[  145.860716][   T55] veth0_macvtap: left promiscuous mode
[  145.866213][   T55] veth1_vlan: left promiscuous mode
[  145.871554][   T55] veth0_vlan: left promiscuous mode
[  145.877913][   T55] veth1_macvtap: left promiscuous mode
[  145.883945][   T55] veth0_macvtap: left promiscuous mode
[  145.889465][   T55] veth1_vlan: left promiscuous mode
[  145.894705][   T55] veth0_vlan: left promiscuous mode
[  146.030473][   T55] team0 (unregistering): Port device team_slave_1 removed
[  146.040901][   T55] team0 (unregistering): Port device team_slave_0 removed
[  146.110727][   T55] team0 (unregistering): Port device team_slave_1 removed
[  146.120930][   T55] team0 (unregistering): Port device team_slave_0 removed
[  146.666743][   T55] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.717785][   T55] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.814696][   T55] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.869462][   T55] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.961478][   T55] bridge_slave_1: left allmulticast mode
[  146.967220][   T55] bridge_slave_1: left promiscuous mode
[  146.972908][   T55] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.980835][   T55] bridge_slave_0: left allmulticast mode
[  146.986709][   T55] bridge_slave_0: left promiscuous mode
[  146.992580][   T55] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.106240][   T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  147.116619][   T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  147.126819][   T55] bond0 (unregistering): Released all slaves
[  147.236175][   T55] hsr_slave_0: left promiscuous mode
[  147.242091][   T55] hsr_slave_1: left promiscuous mode
[  147.247970][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  147.255711][   T55] batman_adv: batadv0: Removing interface: batadv_slave_0
[  147.263310][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  147.270829][   T55] batman_adv: batadv0: Removing interface: batadv_slave_1
[  147.280023][   T55] veth1_macvtap: left promiscuous mode
[  147.285520][   T55] veth0_macvtap: left promiscuous mode
[  147.291116][   T55] veth1_vlan: left promiscuous mode
[  147.296335][   T55] veth0_vlan: left promiscuous mode
[  147.379431][   T55] team0 (unregistering): Port device team_slave_1 removed
[  147.390109][   T55] team0 (unregistering): Port device team_slave_0 removed
[  148.195211][   T55] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.234264][   T55] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.289347][   T55] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.352921][   T55] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.420568][   T55] bridge_slave_1: left allmulticast mode
[  148.426314][   T55] bridge_slave_1: left promiscuous mode
[  148.432158][   T55] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.443484][   T55] bridge_slave_0: left allmulticast mode
[  148.449243][   T55] bridge_slave_0: left promiscuous mode
[  148.454987][   T55] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.546877][   T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  148.557073][   T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  148.567527][   T55] bond0 (unregistering): Released all slaves
[  148.666089][   T55] hsr_slave_0: left promiscuous mode
[  148.673434][   T55] hsr_slave_1: left promiscuous mode
[  148.680107][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.687697][   T55] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.695241][   T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.702747][   T55] batman_adv: batadv0: Removing interface: batadv_slave_1
[  148.712016][   T55] veth1_macvtap: left promiscuous mode
[  148.717530][   T55] veth0_macvtap: left promiscuous mode
[  148.723140][   T55] veth1_vlan: left promiscuous mode
[  148.728439][   T55] veth0_vlan: left promiscuous mode
[  148.809019][   T55] team0 (unregistering): Port device team_slave_1 removed
[  148.819114][   T55] team0 (unregistering): Port device team_slave_0 removed