last executing test programs:

4.295351768s ago: executing program 1 (id=4555):
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000000206010100000000000000000000000005000100070000000900020073797a30000000000c0007800800124000000c000500050002000000050004000000000010000300686173683a6970"], 0x54}}, 0x0)

3.117050462s ago: executing program 1 (id=4571):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x100000, 0xd, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xe6, 0x0, 0x31, 0x8, 0x0, 0xfffffffffffffff7, 0x12014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x9}, 0xa, 0x0, 0x7fffffff, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb0100180000000000000018efffff1700000004000000000000000100000500000000020000000000d1fc0000000000002e00"], 0x0, 0x34}, 0x20)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000400)='./bus\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES64], 0x1, 0x36a, &(0x7f00000004c0)="$eJzs3c2LG3UYwPEn2WxetnSTgygKsg960cuwGz2rQVoQA5ZtI7aCMO1ONGRMlpkQiYi7nryKN/8BwdJjwUNB/Qf24q1evHhyLwVBi4hT5i2bZCdJk6Zsdvf7gd08ye/3zMwvbzxPIJPDD775tFl3jbrZkXReJSUi8lCkJGmJpcKLrCTYl1cv/HX/xavXb7xbqVYvbaterlx7rayq6xs/ffZFIZp2LycHpY8OH5T/OHj24PnD/6990nC14Wqr3VFTb7Z/75g3bUt3Gm7TUL1iW6ZraaPlWk443g7H63Z7d7enZmvn4tquY7mumq2eNq2edtracXpqfmw2WmoYhl5cSzrcMyw/R07t9va2WZlzh7fmzMOi/et53oRhx6mYKyJG4dhI7fZTPS4AALCURur/7+IaoSTpfkGZinqBbBAPtwF+/R/HQf3vNwtH9f+dl37pXHj/7npU/9/LJtX/r/8W5g/V//7eF17//zBy/XhFdOrtzTL5iep/LIeN4Vfkn0cde8Sv//1XQ7+j/+rDO5tBQP0PAAAAAAAAAAAAAAAAAAAAAMBp8NDzip7nFePL+O/oKwTR9fjapC8a49QZ9/jnojMK9J8POJOuXr8h+eCLe5l1Efvrbq1bCy+j8XjiphTlv+D5EAlPOLEfDKqvJD/be93aapSwEvyviKjYYsmWFKU0lB/El9+pXtrSUJgf7H+vW0tl1vz8ujSC/LIU5Znk/HJiflZeeXkg35Ci/HpL2mLLTvQ+Fud/uaX69nvVkfxCMC/Jm0/3IQEAAAAAYOEM1XzUPpeG+9+wfzcM1aRxv5eXwf78+OcD/f56M7E/zxRfyJzs2gEAAAAAOC/c7OdN07Ytx+2NDQoybU4u2trk7SQHmVkm+8H9IFidNGdlYIWPu+Vs9AsaMxy8zLZS07b/zkninRmfwnVoKP8E96ppx+t/jMn5WR8Cx03PvnbLcTf849G5ljMQxB8bjZsjV+bd8rggPnPutMnPffv9P/PtIhWdtXdw6I27+SkrDYLUyC37U560Dzxv6vGsJr9b/DjPj8wAAAAAWBJx0V9w41veOtkDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgHFroadLGBCe9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBZPAoAAP//zbj3kg==")
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
syz_io_uring_setup(0x1114, 0x0, &(0x7f00000001c0), &(0x7f0000000040))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x80, 0x0, 0x7ffffcb9}]})
eventfd(0x0)
setreuid(0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="3400000015000100000000000000000002180000", @ANYRES32=r1, @ANYBLOB="14000300766574683000"/20], 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d}, 0x90)
socket$packet(0x11, 0x2, 0x300)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0)
r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
accept(r4, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xe)
writev(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)

2.968120374s ago: executing program 1 (id=4575):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
unshare(0x40020000)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
syz_emit_ethernet(0x22, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @void, {@arp={0x806, @generic={0x302, 0x88b5, 0x6, 0x0, 0x0, @remote, "", @broadcast}}}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000058c0)=[{{&(0x7f0000000180)=@nfc_llcp, 0x80, &(0x7f0000000400)=[{&(0x7f0000000200)=""/119, 0x77}, {&(0x7f0000000280)}, {&(0x7f00000002c0)=""/4, 0x4}, {&(0x7f0000000300)=""/213, 0xd5}], 0x4, &(0x7f0000000440)=""/99, 0x63}}, {{&(0x7f00000004c0)=@in={0x2, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000001b80)=""/21, 0x15}, 0xac5}, {{&(0x7f0000001bc0)=@ieee802154, 0x80, &(0x7f0000002f80)=[{&(0x7f0000001c40)=""/166, 0xa6}, {&(0x7f0000001d00)=""/167, 0xa7}, {0x0}], 0x3, &(0x7f0000003000)=""/207, 0xcf}, 0x1}], 0x3, 0x2140, &(0x7f0000005a00)={0x77359400})
bpf$ENABLE_STATS(0x20, &(0x7f0000005a40), 0x4)
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
open$dir(0x0, 0x10840, 0x6)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000007000)=@dstopts={0x0, 0x10, '\x00', [@jumbo={0xc2, 0x4, 0xffffffff}, @jumbo={0xc2, 0x4, 0xffffffff}, @generic={0x4, 0x5f, "c879920a94db66586f4900dada416377cbc85e6963aba6dd146b546b97f0ea928654554501a5987fb76ddc26a93fe7491880b6248c0a4746226e7c779b4bf4422292e5d7070da1e051857e614ff9b5f4787d1bd01b29acc7ebe2a38cb8bdb1"}, @ra={0x5, 0x2, 0x1}, @hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x90)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r2=>0x0})
r3 = syz_open_procfs(r2, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r3, 0x40286608, &(0x7f0000000180)={@desc={0x1, 0x2000000, @desc3}})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl(r4, 0x0, &(0x7f0000000000)="b2671e06706622d907a1ec938626453857a976996eb6bd037269d427f4b228c7c5a2fa342816cd7efb394b")
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1, 0x1c, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000080000850000008200000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7020000000000008500000008000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.794399098s ago: executing program 1 (id=4577):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x104000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x189505a, 0x0)
mount$bind(0x0, &(0x7f0000000480)='./file0/../file0\x00', 0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
bind$unix(r0, &(0x7f0000000380)=@file={0x1, './file0/../file0\x00'}, 0xfffffffffffffe55)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
r1 = io_uring_setup(0x168e, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002e00)=ANY=[@ANYBLOB="14000000100001000000f0ff000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021840000000c0a0101000000000000d955070000000900020073797a31000000000900010073797a30000000005800038054000080080003400000000248000b80340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c000140000000000000000910"], 0x108}}, 0x0)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x30}}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)

2.75910719s ago: executing program 1 (id=4578):
socket$nl_route(0x10, 0x3, 0x0)
io_uring_setup(0x30d6, &(0x7f0000000000)={0x0, 0x0, 0x20, 0x0, 0xfffffffd})
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x5d4}, {&(0x7f00000007c0)=""/154, 0x76c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r3)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
syz_io_uring_setup(0x535e, &(0x7f0000000040)={0x0, 0x47c8, 0x2}, 0x0, 0x0)
io_uring_setup(0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x4, 0x0, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{0x0}], 0x1}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f00000001c0)={0x0, 0x2, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[], 0x30}}, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)

2.456634464s ago: executing program 1 (id=4583):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
getsockname(r1, &(0x7f00000000c0)=@xdp={0x2c, 0x0, <r2=>0x0}, &(0x7f0000000140)=0x80)
sendmsg$nl_route(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="340000001000810500"/20, @ANYRES32=r2, @ANYBLOB="5989ffffffdf0000140012800a000100767863616e"], 0x34}}, 0x0)
bind$can_raw(r0, &(0x7f00000002c0)={0x1d, r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
getpid()
socket$can_raw(0x1d, 0x3, 0x1)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0)

2.406124089s ago: executing program 2 (id=4587):
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)=@ipv4_newroute={0x1c, 0x18, 0x1, 0x0, 0x0, {0x2, 0x80}}, 0x1c}}, 0x0)
socketpair(0x0, 0x0, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a80)={r2, 0xe0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, &(0x7f0000000940)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000940)=ANY=[@ANYBLOB="540000001900010000000000000000001d0100000800050000000000000000008c4ca3f27e2102d75a"], 0x54}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r3, 0x10e, 0x3, &(0x7f0000000ac0)=0x1fc245da, 0x4)
sendmsg$NL80211_CMD_GET_MPP(r3, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000180)=ANY=[@ANYBLOB="28000000690005"], 0x28}}, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r3, 0x10e, 0x8, &(0x7f0000000440)=0xfffffbff, 0x4)
recvmmsg(r3, &(0x7f0000000800)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=""/91, 0x5b}}, {{&(0x7f0000000000)=@isdn, 0x0, &(0x7f0000000640)=[{&(0x7f0000000080)=""/225}, {&(0x7f00000001c0)=""/65}, {&(0x7f0000000d40)=""/4096}, {&(0x7f0000000240)=""/99}, {&(0x7f00000002c0)=""/122}, {&(0x7f0000000340)=""/217}, {&(0x7f00000008c0)=""/35}, {&(0x7f0000000500)=""/227}, {&(0x7f0000000600)=""/1}]}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000700)=""/27}], 0x0, &(0x7f0000000780)=""/112}}], 0x40000000000024a, 0x40002002, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x401c5820, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000480)='./file0\x00', 0x446, &(0x7f0000004940)=ANY=[@ANYRES32=0x0, @ANYRES16, @ANYRES16=0x0, @ANYRESHEX, @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d01a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a007f32b6eee3c941a5c942ed139eb5673792cae80335732030f9aeabaf3bbad3bca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b9941e63b0f31d41783b25cdce079be35f08275e2b4b4477c6fcf4806134e839aa39ffffffffffff0000006a", @ANYRES64], 0x8, 0x2eb, &(0x7f0000000080)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wg2\x00'})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1.904046758s ago: executing program 2 (id=4591):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'bond_slave_0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10}}}, @TCA_RATE={0x6}]}, 0x4c}}, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000})
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000240)={0xffffff80, <r3=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x17, 0x8, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x5}, [@generic={0x81, 0x8, 0x0, 0x8, 0x3ff}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x2}]}, &(0x7f0000000140)='syzkaller\x00', 0x800, 0x5a, &(0x7f0000000180)=""/90, 0x41000, 0x41, '\x00', r1, 0x28, r2, 0x8, &(0x7f0000000200)={0x7, 0x3}, 0x8, 0x10, 0x0, 0x0, r3, 0xffffffffffffffff, 0x7, &(0x7f0000000280)=[r2, r2, r2, r2], &(0x7f00000002c0)=[{0x1, 0x2, 0x7, 0x4}, {0x4, 0x5, 0xa}, {0x2, 0x2, 0x5, 0xa}, {0x3, 0x5, 0x8, 0xb}, {0x2, 0x4, 0xe, 0x6}, {0x1, 0x1, 0x4, 0xb}, {0x1, 0x4, 0x1}], 0x10, 0xff}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

1.789513258s ago: executing program 0 (id=4594):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x50, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0xfff0}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}]}, 0x50}}, 0x0)

1.716946414s ago: executing program 2 (id=4596):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001400)={&(0x7f00000012c0)=ANY=[@ANYBLOB="9feb010118000000000008402400000024000000020000000000040000006a0000ffffffe800"/62], &(0x7f0000001340)=""/154, 0x3e, 0x9a, 0x1, 0x4}, 0x20)
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x1000, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7, 0x4)
creat(&(0x7f0000000300)='./file0\x00', 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007e9, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_usbip_server_init(0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r0, 0x4b40, 0xfffffffffffffffc)
rename(&(0x7f0000000100)='./file0\x00', 0x0)
mknod$loop(&(0x7f0000000240)='./file0\x00', 0xa58903b443b8bdc5, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x2, @link_local, 'macvlan1\x00'}}, 0x1e)
write$binfmt_script(r1, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x40, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000340)=@assoc_value, &(0x7f0000000380)=0x8)
creat(&(0x7f0000000180)='./file1\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x96, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8, 0xff4, 0x9}, 0x0, 0xe, 0xffffffffffffffff, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
r3 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r3, 0xa, 0x13)
fcntl$setlease(r3, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x4}, &(0x7f0000000280))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200))
getpid()

1.716452294s ago: executing program 0 (id=4597):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x4}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x25}]}, &(0x7f0000000000)='syzkaller\x00'}, 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
r1 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3)
r4 = socket(0x2, 0x0, 0xff)
bind$inet(r4, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
shutdown(r4, 0x1)
sendmmsg$unix(r4, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}}], 0x1, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$PPPIOCSCOMPRESS(0xffffffffffffffff, 0x4010744d)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (fail_nth: 12)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(0x0, r7)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4ec, &(0x7f0000000300)="$eJzs3U1vG1sZAODXzpeTm3uTC10AAlpKoaCqTuK2UdUFlBVCqBKiS5DakLhRFDuOYqc0oYv0PyBRiRUs+QGsu2LPBsGOTVkg8RGBmkosjGY8Sd3EbkLz4RI/jzSaOWfsec+xM+c0b2qfAPrWpYjYiojhiHgYERNZfS7b4m5rSx73avvp/M720/lcNJv3/5FLzyd10facxEfZNQsR8cPvRvwkdzBufWNzea5SKa9l5alGdXWqvrF5fak6t1heLK+USrMzs9O3b9wqnVhfL1aHs6Mvvfz91jd/ljRrPKtp78dJanV9aC9OZK/5908jWA8MRMRg9vPD/5989h5eTu//iRhI300A4DxrNieiOdFeBgDOu3yaA8vli1kuYDzy+WKxlcO7EGP5Sq3euPaotr6y0MqVTcZQ/tFSpTyd5QonYyiXlGfS4zfl0r7yjYj4NCJ+PjKalovztcpCL//hAwB97KN98/+/R1rzPwBwzhV63QAA4MyZ/wGg/5j/AaD/mP8BoP+Y/wGg/5j/AaD/mP8BoK/84N69ZGvuZN9/vfB4Y3259vj6Qrm+XKyuzxfna2urxcVabTH9zp7qYder1GqrMzdj/cnkt1brjan6xuaDam19pfEg/V7vB+WhM+kVAPAun1588adcRGzdGU23aFvLwVwN51u+1w0Aemag1w0AesZqX9C/jvE7vvQAnBMdluh9SyEiRvdXNpvN5uk1CThlVz8v/w/9qi3/738BQ5+R/4f+Jf8P/avZzB11zf846gMBgA+bHD/Q5e//n8n2v8n+OPDjhf2PeL6/wicKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6B+76/8Ws5U7xiOfLxYjPo6IyRjKPVqqlKcj4pOI+OPI0EhSnulxmwGA48r/NZet/3V14sr4/rPDudcj6T4ifvrL+794MtdorP0hqf/nXn3jeVZf6kX7AYDD7M7T6b7tF/lX20/nd7ezbM/fvhMRhVb8ne3h2NmLPxiD6b4QQxEx9q9cVm7JteUujmPrWUR8rlP/czGe5kBaK5/uj5/E/vhM4+ffip9Pz7X2yWvx2RNoC/SbF8n4c7fT/ZePS+m+8/1fSEeo48vGv+RS8zvpGPgm/u74N9Bl/Lt01Bg3f/e91tHowXPPIr4wGLEbe6dt/NmNn+sS/8rBy3X05y9++XK3c81fRVyNzvHbY001qqtT9Y3N60vVucXyYnmlVJqdmZ2+feNWaSrNUU91nw3+fufaJ93OJf0f6xK/cEj/v3a07sev//PwR195R/xvfLVT/HxceEf8ZE78+hHjz439ttDtXBJ/oUv/D3v/rx0x/su/bB5YNhwA6J36xubyXKVSXnPg4MM/SH5kTz/W5Hs969tn9SIMx//0rGbzvWJ1GzFOIusGfAj2bvqIeN3rxgAAAAAAAAAAAAAAAB2dxSeWet1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzq//BgAA//9rztH0")

1.716215863s ago: executing program 4 (id=4598):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x1}}, {@usrquota}]}, 0x1, 0x4f0, &(0x7f00000003c0)="$eJzs3c9vG1kdAPDvOL+cbHaTXfYACNiyLBRU1Unc3Wi1B1hOCKGVEHsEqQ2JG0Wx4yh2lib0kP4PSFTiBEf+AM49ceeC4MalHJD4EYGaShxmNeNJ6iZxkzZtHMWfjzSaee9N/H2vrt+rv278AhhYVyJiJyLSNE1vRcRUUZ8UR3zcObL7Hu3eXdzbvbuYRJp++u8kb8/qoutnMq8Vj1mOiJ/8IOLnydG4ra3t1YV6vbZRlGfajfWZ1tb29ZXGwnJtubZWrc7Pzc9+eOOD6ksb6zuN0eLqqw//tPOdX2bdmixqusfxMnWGPnIQJzMcET96FcH6YKgYz2i/O8ILKUXEWxHxbkTciqkYyp9NAOAyS9OpSKe6ywDAZVfKc2BJqVLkAiajVKpUOjm8t2OiVG+22tduNzfXljq5sukYKd1eqddmi1zhdIwkWXkuv35Srh4q34iINyPiV2Pjebmy2Kwv9fMfPgAwwF47tP7/b6yz/gMAl1z5cMVYf/oBAJyfI+s/AHDpWf8BYPBY/wFg8Fj/AWDwWP8BYPBY/wFgoPz4k0+yI90rvv966bOtzdXmZ9eXaq3VSmNzsbLY3FivLDeby/l39jROerx6s7k+935s3pn+7nqrPdPa2r7ZaG6utW/m3+t9szZyLqMCAJ7lzXce/DWJiJ2PxvMjuvZysFbD5VbqdweAvhnqdweAvrHbFwyuM7zHlx6AS+KYLXqfUo6I8cOVaZqmT9ccuQW4uK5+Sf4fBlVX/t//AoYBI/8Pg0v+HwZXmian3fM/TnsjAHCxyfEDPT7/f6s4/774cOBnS4fvuP8qewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX2/7+v5ViL/DJKJUqlYjXI2I6RpLbK/XabES8ERF/GRsZy8pzfe4zAHBWpX8kxf5fV6femzzcOpo8HsvPEfGL33z66zsL7fbGn7P6/xzUt+8X9dV+9B8AOMn+Op2fu97IP9q9u7h/nGd//vn9iCh34u/tjsbeQfzhGM7P5RiJiIn/JkW5I+nKXZzFzr2I+OJx409iMs+BdHY+PRw/i/36ucYvPRW/lLd1ztmfxReeJ6hNnyH3IJt/Pj7u9VeKK/n5+Nd/OZ+hzq6Y/7KHWtzL58An8ffnv6Ee89+V08Z4/48/7FyNH227F/Hl4Yj92Htd889+/KRH/PdOGf9vX/nau73a0t9GXI3j43fHmmk31mdaW9vXVxoLy7Xl2lq1Oj83P/vhjQ+qM3mOeqb3avCvj6690astG/9Ej/jlE8b/zVOO/3f/v/XTrz8j/re/cVz8Urz9jPjZFP6tU8ZfmPhDuVdbFn+px/hPev6vnTL+w79vH9k2HADon9bW9upCvV7bcOHi4l9kf2VPvjnpSw+/d16xRuO5fipNXyhWrxnjZWTdgIvg4EUfEY/73RkAAAAAAAAAAAAAAOBY5/EbS/0eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJfX5wEAAP//m0DV2A==")

1.358158122s ago: executing program 0 (id=4599):
open(0x0, 0x0, 0x0) (async)
r0 = open(0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
syz_open_dev$sg(0x0, 0x0, 0x0) (async)
syz_open_dev$sg(0x0, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000a00)=[{&(0x7f0000000180)='0', 0x1}], 0x1) (async)
writev(0xffffffffffffffff, &(0x7f0000000a00)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sendmsg$xdp(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)="08e8242b1c10bf9d7646d102bbcb1e9833ee27d0c80715d569fc0e2e9dc92fc81eb6cd2c095e173aeb03247dc24dc1405dc102d3a018159bf7737256d007f0f3c78db0a26ad98cf6319a0e7e50e6fe818925882a6a3e13c2f2b6dac186cf0b36b4f12e742df3223d6032d1dd15786b1085ef9a0a987c9844d12d9a531cad858c32b469ee85cf6e218ab04b402cdbc9bb6d2d69b25d6d79045eb9972cb92b3611506e8fe32d223a2e39f01078220d77b32142f025379fae75eec21e628ad1e612fc7e9e993edcd54962df8b4433f199ba56c2599b4b51fb5d2c93a1ee57ad23bbd626dcf716edb8d0d3e03c7e7c87d5e46cbccce6d217", 0xf6}, {&(0x7f0000000100)="15c36775521ea7f1ebf08cbc6eb1457b37d8848b70b5bc5c681fd980d04ec767d38af428", 0x24}, {&(0x7f00000003c0)="9ab8d186817f0bbb39f06953db17f546fc6985ec35d784e9aad5294fa126883999e8b4501b7356ed9f4a875777a0559af700520768c6e3964b084d97fa234ea8c6dddd5a9ce676ef3a90256e42ea7888ec22f114900172855b0b12ec4123f8de47c503fd4d75f3fe5e72b08faf9cc8d57548db612dd75a3d0470f916c1631701d9270a8dc318e935ac0bbb68008d603c66a1d2305b4d4c9f04e6df2307322e303948fcae6bee3f3cad2314b925b02c36bb9b826ad3d4f06a346231df34c3a5814a3ca9bf2c99401fc08ac9523d7fd333e4afd17aca563c9e8cfe61c8beee", 0xde}, {&(0x7f00000004c0)="c43d09333e083ac7b7a4be43c611b112970cd12ef3e84fd62cae39803f1061209c639734cf43398af778966e43d8119e68fa76531a4bd8ab75cca875b97fa4b75d3261d1bdcb30704b037e5c5b040bc99363616b30215472593606334d965e831c2c6e1828645adc1c0b096318bb8197eeada561b1bce0ec48bec33872b3963fb94efa72a83c5e897f88d539", 0x8c}], 0x4, 0x0, 0x0, 0x4}, 0x4004085) (async)
sendmsg$xdp(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)="08e8242b1c10bf9d7646d102bbcb1e9833ee27d0c80715d569fc0e2e9dc92fc81eb6cd2c095e173aeb03247dc24dc1405dc102d3a018159bf7737256d007f0f3c78db0a26ad98cf6319a0e7e50e6fe818925882a6a3e13c2f2b6dac186cf0b36b4f12e742df3223d6032d1dd15786b1085ef9a0a987c9844d12d9a531cad858c32b469ee85cf6e218ab04b402cdbc9bb6d2d69b25d6d79045eb9972cb92b3611506e8fe32d223a2e39f01078220d77b32142f025379fae75eec21e628ad1e612fc7e9e993edcd54962df8b4433f199ba56c2599b4b51fb5d2c93a1ee57ad23bbd626dcf716edb8d0d3e03c7e7c87d5e46cbccce6d217", 0xf6}, {&(0x7f0000000100)="15c36775521ea7f1ebf08cbc6eb1457b37d8848b70b5bc5c681fd980d04ec767d38af428", 0x24}, {&(0x7f00000003c0)="9ab8d186817f0bbb39f06953db17f546fc6985ec35d784e9aad5294fa126883999e8b4501b7356ed9f4a875777a0559af700520768c6e3964b084d97fa234ea8c6dddd5a9ce676ef3a90256e42ea7888ec22f114900172855b0b12ec4123f8de47c503fd4d75f3fe5e72b08faf9cc8d57548db612dd75a3d0470f916c1631701d9270a8dc318e935ac0bbb68008d603c66a1d2305b4d4c9f04e6df2307322e303948fcae6bee3f3cad2314b925b02c36bb9b826ad3d4f06a346231df34c3a5814a3ca9bf2c99401fc08ac9523d7fd333e4afd17aca563c9e8cfe61c8beee", 0xde}, {&(0x7f00000004c0)="c43d09333e083ac7b7a4be43c611b112970cd12ef3e84fd62cae39803f1061209c639734cf43398af778966e43d8119e68fa76531a4bd8ab75cca875b97fa4b75d3261d1bdcb30704b037e5c5b040bc99363616b30215472593606334d965e831c2c6e1828645adc1c0b096318bb8197eeada561b1bce0ec48bec33872b3963fb94efa72a83c5e897f88d539", 0x8c}], 0x4, 0x0, 0x0, 0x4}, 0x4004085)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000005c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
getsockopt$inet_int(r0, 0x0, 0x32, &(0x7f00000001c0), 0x0) (async)
getsockopt$inet_int(r0, 0x0, 0x32, &(0x7f00000001c0), 0x0)
fsetxattr$trusted_overlay_redirect(r3, 0x0, 0x0, 0x0, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x8, 0xffffffffffffffff, 0x0) (async)
r4 = perf_event_open(0x0, 0x0, 0x8, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, r4, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r6, 0x0)
ftruncate(r6, 0xc17a)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="85000000080000007d000000000000009500000000000000615174cbd6dbdceb86cd42370cc4142e9416ff247d8badd2d6c4f49c7342b41fd352942a0433af88264ee97351565eeb2589073a42f57b1a7fa35dbafe7e12aeb4ee072da59e9fd957b7828f739024a17392ff9d0584768f9d7784d635a2d78e7dea75a9e2b3f7fce61a2e902ad80e30b1314bae043c4a2e6170e12a19f966ffaf377b6010640beb1fb8e7f4492f4a9eec6084440578773bef4534b378d07b03f5f6ba1f20cf1d759d8b4adec176e80af3c6a2f5ad3f66efcc2d67103349c8f7563968742e256d6cf5d0559b9adb2db8b000c5a584d2f791e633b2"], &(0x7f0000000000)='GPL\x00', 0x5, 0x487, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffdfd}, 0x48)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000011008188040f80ec59acbc0413a181004000000004000000000000000e000a000d00000002800200121f", 0x2e}], 0x1}, 0x0)
socket$inet6(0xa, 0x802, 0x0) (async)
r7 = socket$inet6(0xa, 0x802, 0x0)
bind$inet6(r7, &(0x7f0000000640)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
syz_io_uring_setup(0xd79, &(0x7f00000035c0), &(0x7f0000000100), &(0x7f0000003580)) (async)
r8 = syz_io_uring_setup(0xd79, &(0x7f00000035c0), &(0x7f0000000100), &(0x7f0000003580))
io_uring_register$IORING_UNREGISTER_RING_FDS(r8, 0x15, &(0x7f0000002ac0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, {0x0, 0x0, 0x0, 0x0, 0x0}], 0x2)

1.245767641s ago: executing program 4 (id=4600):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x275a, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3000000035000100d1d0718a41469b090400000004000000180001801400100010000b0009", @ANYRES32=r0], 0x30}}, 0x4000040)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x4010, r0, 0x443b3000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000000000000", @ANYRESDEC=r2, @ANYBLOB="0000000000000000240012800b00010067656e65766500001400028005000d00140000000800010000000000"], 0x44}}, 0x0)
ftruncate(r0, 0x3)
socket$inet(0x2, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x143142, 0xbcb693a615ac867a)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x2, 0x12, r3, 0x8000000)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x406906, &(0x7f0000000340)={0x0, 0x535, 0x400, 0x1, 0x81}, &(0x7f0000000140), &(0x7f0000000100)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000023c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
socket$packet(0x11, 0x3, 0x300)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x24, 0x1, 0x93, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000180), 0xb}, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x2000}, 0x0, 0x10, r0, 0xa)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
pipe(&(0x7f0000000200))
splice(r6, 0x0, 0xffffffffffffffff, 0x0, 0x8000f28, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a07, 0x1700)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x7e)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)

1.144548519s ago: executing program 4 (id=4601):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000200001042bbd700000000000020010000000000001000100"], 0x1c}}, 0x0)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x9bc1, 0x200007, 0x4400}, 0x14)
listen(0xffffffffffffffff, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000140)}], 0x1)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, &(0x7f00000000c0)=0xa080, 0x4)
socket$key(0xf, 0x3, 0x2)
ioctl$PPPOEIOCSFWD(0xffffffffffffffff, 0x4008b100, &(0x7f0000000140)={0x18, 0x0, {0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 'caif0\x00'}})
socket$kcm(0x10, 0x2, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000005c0)=ANY=[], 0x6ce)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x8, 0x3, 0x338, 0x0, 0xe138, 0x198, 0x1c0, 0x198, 0x2a0, 0x358, 0x358, 0x2a0, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bond\x00'}, 0x0, 0x158, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0004000000050000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0x8}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x398)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001500)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1, 0x0, 0x0, 0xa000000}, 0x0)

1.054283216s ago: executing program 0 (id=4602):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
dup(0xffffffffffffffff)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001e00)={'bond0\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000001e40)={0x0, 0x3, 0x6}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000006000000000000000000", @ANYRES32=r2], 0x20}}, 0x0)

1.00460047s ago: executing program 4 (id=4603):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
dup(0xffffffffffffffff)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001e00)={'bond0\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000001e40)={0x0, 0x3, 0x6}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000006000000000000000000", @ANYRES32=r2], 0x20}}, 0x0)

961.030184ms ago: executing program 0 (id=4604):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x500, &(0x7f00000005c0)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e1406020000000028000a001000000002800000128c", 0x2e}], 0x1}, 0x0)

826.884354ms ago: executing program 2 (id=4607):
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000240)="390000001300034700bb65e1c3e4ffff01000000010000005600000025", 0x1d}], 0x1)
bind(0xffffffffffffffff, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x11, 0x800000003, 0x0)
bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff)
getsockname$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x14, 0x2, @loopback}]}, 0x2c}}, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000300010000004500000025000000190011000600ad000200000010000006040000000000000000", 0x39}], 0x1)

620.491401ms ago: executing program 0 (id=4608):
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x4, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000080fb25000000ffff3f90950000000000000018100000", @ANYRES32, @ANYBLOB="100000000000002505000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x2, 0xa, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000040)=[{0x2, 0x3, 0xe, 0x7ffc0000}]})
rt_sigaction(0x19, &(0x7f00000005c0)={0xfffffffffffffffc, 0x44000006, 0x0, {[0xffc]}}, 0x0, 0x8, &(0x7f0000000440))
r0 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r0, 0x0, 0x400000000000000, 0x7)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000040))
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000580), 0x1c100, 0x0)
r2 = syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0xfffffffe, 0x2, 0x0, 0x0, 0x0, r1}, &(0x7f0000000100), &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_setup(0x5e2, &(0x7f0000000200), &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000280))
syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x2})
io_uring_enter(r2, 0xa3d, 0x0, 0x0, 0x0, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x29)
r6 = getpid()
fcntl$setown(r5, 0x8, r6)
fcntl$setsig(r5, 0xa, 0x21)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = socket$qrtr(0x2a, 0x2, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r8)
recvmsg$qrtr(r7, &(0x7f0000000500)={&(0x7f00000000c0), 0xc, &(0x7f00000004c0)=[{&(0x7f0000000300)=""/37, 0x25}, {&(0x7f0000000380)=""/56, 0x38}, {&(0x7f00000003c0)=""/243, 0xf3}], 0x3, &(0x7f0000000740)=[{0x60, 0x0, 0x0, ""/74}, {0x1010, 0x0, 0x0, ""/4096}, {0x78, 0x0, 0x0, ""/101}], 0x10e8, 0x40000000}, 0x38, 0x60010101)

620.176911ms ago: executing program 3 (id=4609):
r0 = socket(0x2, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000a00), 0x4)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x10012, r1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x29, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x990, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000e00], 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b00000000000000000062726964676530000000000000000000766c616e300000000000000000000000736974300000000000000000000000007465716c3000000000000000000000000000000000000000000000000180c20000000000000000000000b8080000b808000030090000616d6f6e670000000000000000000000000000002000000000000000000000002008000000000000140400000c000000000000000a000000000000040000000000000000000000000000080000000000000000000000000000b085da05d603888318a0cce400000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000fdffffffff00000000000000000000e4ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000006fb7cd02b734bcce41ef6e95bd000000008000000000000000000000000000000000000000000000000000000000000000eeff3f000000008fc7660c490587b3ab213098a6767c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f8f0000000000000000dbd5a834b3ab2a0cc27081310000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000440a05000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000f18a0afe993500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4f016fa70c1255400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008c7f8f1b44f000000000feffffff00000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000062f75a00627f34dd71012eed00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0ffffff00000000000000000000000000000000000000000000001b00000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000f200000000000000000000000000000000000000000000000000000000000000fffffff90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f2573bd04a330000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000ff7f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000cb33322c9c564ae5f8eef74d5aa7cc9c000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000003f7f1c00000000000000000000000000000000ecffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000afe96d981b6f119c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d3d2e85100000000000000000000000000000000000000000000000000844caab24e79bd260000000000000000000000000000000000000000005080000000000000000000000000000000010000a600a9e85725d89818472e65aba21d9bbc1b20e8331c6fd24a5aceaeefe102e42a013ac2c00eeb782c34eab997013e0506220c21a44cc58ff5bc83d5e4066c7700"/2448]}, 0xa08)

596.540573ms ago: executing program 2 (id=4610):
r0 = socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000001300)=ANY=[@ANYRES32=r1], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={0x0}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000240)={0x7, 0x80, 0xa4, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f0000000480)="0032e141e44a823bcbf94a95969cdd4a2d502d2e60fff00070", 0x19, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r7 = dup2(r4, r6)
write$P9_RGETLOCK(r7, &(0x7f0000000580)=ANY=[@ANYRESOCT=r3, @ANYRES32=r0, @ANYRES16=r2, @ANYRES32=r4, @ANYRES16=r1, @ANYBLOB="8386b1673e0fca2150aa6a86a61a03fbf2353f2b97c7bc54c0268ef678c26a04b020eaf512aae93702d4f44df20c815e639bf414247065e6b0d229bbe597b4a135926d65e3773c6a5072ac166a8996a19597d487b712af5ebbafca4ca43914bf7351e8765f096df9a280b62f4b3ba3e0d8116f763cbe513dd5eb0645000000000000", @ANYBLOB="33cc9ac4aae5131f66347391fce5be805aa38ed43bd73ed316c3fcad64a1539c5f6ab2249061ef937df565f9d8ccd157af74051dc877e6f5290c16bb87b1409bc3b99977893ae19e2c5821a626f0c8a1bbc0e25831767459aa8e840fafe47a2e22989050324c2b60ca48922532027e382dd8f95448c3f0fa2eb31f653b4b0c817ce5df47b8512a2a831b71c18d3a468896339a24def726bd52a92215c0ce"], 0x2c)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0)
r8 = timerfd_create(0x0, 0x0)
timerfd_settime(r8, 0x3, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0)
socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x2f, &(0x7f0000000040)=0x1803, 0x4)
epoll_create1(0x0)
socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r9=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r9, r9, r9)
clock_adjtime(0x0, &(0x7f0000000480)={0x7fffffffffffffff, 0x4, 0x4, 0x0, 0x0, 0xfffffffffffffffe})
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x1f, 0x1, 0x2, 0x0, 0x0, 0x1, 0x708, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}, 0x0, 0x10000000000, 0xfffffffc, 0x0, 0x10, 0x13}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
clock_settime(0x0, &(0x7f0000000200)={0x0, 0x989680})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r7)

596.230683ms ago: executing program 3 (id=4611):
pipe(0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, 0x0, &(0x7f0000000080)='syzkaller\x00'}, 0x90)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="d80000001c0081044e81f782db44b904021d080201000000040000a118000c000600142603600e1208000f0100810401a80016002000014003", 0x39}], 0x1, 0x0, 0x0, 0x7400}, 0x0) (async)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1303000054009155090893b31b71a54a07"], 0xfe33) (async)
socket$igmp(0x2, 0x3, 0x2)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x4058534c, &(0x7f0000000180)={0x80}) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000680)=@raw={'raw\x00', 0x8, 0x3, 0x290, 0x120, 0xb, 0xd0e0011, 0x120, 0xc6, 0x1f8, 0x1d8, 0x190, 0x1f8, 0x1d8, 0x5, 0x0, {[{{@ip={@rand_addr, @broadcast, 0x0, 0x0, 'nr0\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x120, 0x2000000, {}, [@common=@icmp={{0x28}, {0x0, "0010", 0x3}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT0={0x48}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'bridge_slave_1\x00', 'veth0_to_hsr\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x1, 0x42, 0x40, 0x2100, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x800000}, 0x48)
syz_open_dev$usbfs(0x0, 0x0, 0x0)

590.446783ms ago: executing program 4 (id=4612):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
lsetxattr$trusted_overlay_redirect(&(0x7f0000000300)='./file1\x00', &(0x7f0000000340), 0x0, 0x0, 0x300)

527.005198ms ago: executing program 3 (id=4613):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
dup(0xffffffffffffffff)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001e00)={'bond0\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000001e40)={0x0, 0x3, 0x6}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000006000000000000000000", @ANYRES32=r2], 0x20}}, 0x0)

175.547036ms ago: executing program 3 (id=4614):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
accept4$llc(r0, &(0x7f00000005c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast}, &(0x7f0000000640)=0x10, 0x80800)
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
readv(r2, &(0x7f0000000580)=[{&(0x7f0000000240)=""/131, 0x83}, {&(0x7f0000000380)=""/40, 0x28}, {&(0x7f0000000400)=""/116, 0x74}, {&(0x7f0000000480)=""/252, 0xfc}], 0x4)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000100)={r4}, &(0x7f0000000140)=0x8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000180)={r4, @in={{0x2, 0x4e21, @rand_addr=0x64010102}}}, &(0x7f0000000040)=0x84)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9c00000010000100"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000740016807000010104000500000000000000000018000c80140001000000008100000000000000000000000010000200000000000000000000000000100002000000000000000000000000002800010000000000000000000000000000000000000000000000000000000000feff000000000000050011"], 0x9c}}, 0x0)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs(r8, &(0x7f0000000600)='fd/4\x00')
fsetxattr$trusted_overlay_opaque(r9, &(0x7f0000000300), 0x0, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x15)
socket$netlink(0x10, 0x3, 0x0)

68.788684ms ago: executing program 3 (id=4615):
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newlink={0x54, 0x10, 0x409, 0x8000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x100}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x1c, 0x5, 0x0, 0x1, [@IFLA_BRPORT_UNICAST_FLOOD={0x5}, @IFLA_BRPORT_NEIGH_SUPPRESS={0x5}, @IFLA_BRPORT_LEARNING={0x5}]}}}]}, 0x54}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4c00000010000104000000ffffa8880000000000", @ANYRES32=r3, @ANYBLOB="000000000000000024001280110001006272696467655f736c617665000000000c000580050019000300000008000a"], 0x4c}}, 0x0)

64.781215ms ago: executing program 2 (id=4616):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001400)={&(0x7f00000012c0)=ANY=[@ANYBLOB="9feb010118000000000008402400000024000000020000000000040000006a0000ffffffe800"/62], &(0x7f0000001340)=""/154, 0x3e, 0x9a, 0x1, 0x4}, 0x20)
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x1000, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7, 0x4)
creat(&(0x7f0000000300)='./file0\x00', 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007e9, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_usbip_server_init(0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r0, 0x4b40, 0xfffffffffffffffc)
rename(&(0x7f0000000100)='./file0\x00', 0x0)
mknod$loop(&(0x7f0000000240)='./file0\x00', 0xa58903b443b8bdc5, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x2, @link_local, 'macvlan1\x00'}}, 0x1e)
write$binfmt_script(r1, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x40, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000340)=@assoc_value, &(0x7f0000000380)=0x8)
creat(&(0x7f0000000180)='./file1\x00', 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x96, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8, 0xff4, 0x9}, 0x0, 0xe, 0xffffffffffffffff, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
r3 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r3, 0xa, 0x13)
fcntl$setlease(r3, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x4}, &(0x7f0000000280))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200))
getpid()

8.077909ms ago: executing program 3 (id=4617):
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010034"], 0x1c}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e0000000000000000000000000040000000000000000000000000000000000000000000380003"], 0x78)
close(r1)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETDEBUG(r2, 0x400454c9, &(0x7f0000000100))
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/14, @ANYRES32, @ANYBLOB="ee00000000000000b70300000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10)
write$cgroup_devices(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1e0306003c5c980128876360864666702c1ffe8000"], 0xffdd)

0s ago: executing program 4 (id=4618):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x0, 0x0)
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x25, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x4, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = open(&(0x7f0000000240)='./file0\x00', 0x145142, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
sendfile(r2, r2, 0x0, 0x1)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x0, 0x84)
r3 = syz_open_dev$usbfs(&(0x7f0000000c40), 0x310decfa, 0x1)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r4, &(0x7f0000000100)=ANY=[], 0xc1)
ioctl$USBDEVFS_CONTROL(r3, 0x80045505, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

lesystem 00000000-0000-0000-0000-000000000000.
[  279.564509][T21757] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  279.641101][T21762] loop2: detected capacity change from 0 to 2048
[  279.689803][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.704470][T21762] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  279.723281][T21766] loop4: detected capacity change from 0 to 256
[  279.747134][T18899] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.752539][T21766] __nla_validate_parse: 3 callbacks suppressed
[  279.752554][T21766] netlink: 92 bytes leftover after parsing attributes in process `syz.4.4080'.
[  279.771313][T21766] netlink: 92 bytes leftover after parsing attributes in process `syz.4.4080'.
[  279.795826][T20488] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  279.815606][T20488] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  279.837282][T21779] loop2: detected capacity change from 0 to 512
[  279.857207][T21779] EXT4-fs: journaled quota format not specified
[  279.958875][T21788] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4084'.
[  280.030707][T21797] netlink: 9 bytes leftover after parsing attributes in process `syz.2.4086'.
[  280.061629][T21801] loop0: detected capacity change from 0 to 512
[  280.081407][T21797] gretap0: entered promiscuous mode
[  280.096511][T21801] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.115677][T21801] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  280.143271][T18892] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.167563][ T3299] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.196334][T21805] netlink: 5 bytes leftover after parsing attributes in process `syz.2.4086'.
[  280.258173][ T3299] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.324234][T21817] loop0: detected capacity change from 0 to 512
[  280.342252][ T3299] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.376223][T21817] EXT4-fs (loop0): too many log groups per flexible block group
[  280.384279][T21817] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  280.397174][T21817] EXT4-fs (loop0): mount failed
[  280.421608][ T3299] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.460242][T21863] ip6gretap0: entered allmulticast mode
[  280.508662][T21789] chnl_net:caif_netlink_parms(): no params data found
[  280.597649][   T29] audit: type=1400 audit(1720324292.302:2699): avc:  denied  { mount } for  pid=21988 comm="syz.0.4094" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  280.598928][T21989] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4094'.
[  280.647118][T22002] loop2: detected capacity change from 0 to 512
[  280.690145][T21989] loop0: detected capacity change from 0 to 1024
[  280.702158][   T29] audit: type=1400 audit(1720324292.402:2700): avc:  denied  { mounton } for  pid=21988 comm="syz.0.4094" path="/68/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  280.728148][T21989] syz.0.4094: attempt to access beyond end of device
[  280.728148][T21989] loop0: rw=4096, sector=2, nr_sectors = 2 limit=0
[  280.741299][T21989] EXT4-fs (loop0): unable to read superblock
[  280.769101][T22002] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.806848][T22013] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4097'.
[  280.816628][T22013] netlink: 6 bytes leftover after parsing attributes in process `syz.3.4097'.
[  280.831234][T22002] ext4 filesystem being mounted at /111/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  280.842533][T21789] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.849674][T21789] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.856943][   T29] audit: type=1400 audit(1720324292.542:2701): avc:  denied  { unmount } for  pid=18892 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  280.868590][T22129] loop0: detected capacity change from 0 to 512
[  280.881395][T21789] bridge_slave_0: entered allmulticast mode
[  280.894147][T22129] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  280.894638][T21789] bridge_slave_0: entered promiscuous mode
[  280.913088][T21789] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.920301][T21789] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.938145][T22129] EXT4-fs (loop0): 1 orphan inode deleted
[  280.943988][T22129] EXT4-fs (loop0): 1 truncate cleaned up
[  280.951504][T21789] bridge_slave_1: entered allmulticast mode
[  280.957959][T21789] bridge_slave_1: entered promiscuous mode
[  280.964308][T22129] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  280.978610][ T3299] bridge_slave_1: left allmulticast mode
[  280.984370][ T3299] bridge_slave_1: left promiscuous mode
[  280.990047][ T3299] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.018345][T17968] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.028288][ T3299] bridge_slave_0: left allmulticast mode
[  281.033936][ T3299] bridge_slave_0: left promiscuous mode
[  281.039688][ T3299] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.207024][ T3299] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.227535][ T3299] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.250155][ T3299] bond0 (unregistering): Released all slaves
[  281.306671][T22130] syzkaller0: entered promiscuous mode
[  281.312156][T22130] syzkaller0: entered allmulticast mode
[  281.354016][T22135] syzkaller0: refused to change device tx_queue_len
[  281.367533][ T3299] hsr_slave_0: left promiscuous mode
[  281.373405][ T3299] hsr_slave_1: left promiscuous mode
[  281.383416][ T3299] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  281.390901][ T3299] batman_adv: batadv0: Removing interface: batadv_slave_0
[  281.419004][ T3299] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  281.426471][ T3299] batman_adv: batadv0: Removing interface: batadv_slave_1
[  281.453180][T22162] loop2: detected capacity change from 0 to 164
[  281.463281][ T3299] veth1_macvtap: left promiscuous mode
[  281.468827][ T3299] veth0_macvtap: left promiscuous mode
[  281.474382][ T3299] veth1_vlan: left promiscuous mode
[  281.479630][ T3299] veth0_vlan: left promiscuous mode
[  281.485905][T22162] Unable to read rock-ridge attributes
[  281.666480][ T3299] team0 (unregistering): Port device team_slave_1 removed
[  281.684400][ T3299] team0 (unregistering): Port device team_slave_0 removed
[  281.767195][T21806] chnl_net:caif_netlink_parms(): no params data found
[  281.801854][T21789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  281.818926][T21789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.850192][T18892] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.928873][T21789] team0: Port device team_slave_0 added
[  281.960928][T21789] team0: Port device team_slave_1 added
[  281.979987][T22264] loop0: detected capacity change from 0 to 1024
[  282.010120][T22274] loop3: detected capacity change from 0 to 1024
[  282.016375][T22264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.045620][T21806] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.046712][T22297] loop2: detected capacity change from 0 to 512
[  282.052744][T21806] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.075757][T22274] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.090043][T22264] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.104327][T21806] bridge_slave_0: entered allmulticast mode
[  282.111219][T21806] bridge_slave_0: entered promiscuous mode
[  282.118103][T21806] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.125289][T21806] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.132581][T21806] bridge_slave_1: entered allmulticast mode
[  282.139399][T21806] bridge_slave_1: entered promiscuous mode
[  282.149350][T22274] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  282.166662][T21789] batman_adv: batadv0: Adding interface: batadv_slave_0
[  282.173646][T21789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.199650][T21789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  282.214159][T22274] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  282.226533][T22274] EXT4-fs (loop3): This should not happen!! Data will be lost
[  282.226533][T22274] 
[  282.236290][T22274] EXT4-fs (loop3): Total free blocks count 0
[  282.242282][T22274] EXT4-fs (loop3): Free/Dirty block details
[  282.248243][T22274] EXT4-fs (loop3): free_blocks=68451041280
[  282.254180][   T29] audit: type=1400 audit(1720324293.922:2702): avc:  denied  { ioctl } for  pid=22273 comm="syz.3.4106" path="/261/bus/file1" dev="loop3" ino=15 ioctlcmd=0x6628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  282.254192][T22274] EXT4-fs (loop3): dirty_blocks=96
[  282.254206][T22274] EXT4-fs (loop3): Block reservation details
[  282.289794][T22274] EXT4-fs (loop3): i_reserved_data_blocks=6
[  282.310366][T21789] batman_adv: batadv0: Adding interface: batadv_slave_1
[  282.317498][T21789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.343470][T21789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  282.355388][   T29] audit: type=1401 audit(1720324294.022:2703): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  282.381697][   T29] audit: type=1326 audit(1720324294.082:2704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22273 comm="syz.3.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0479968bd9 code=0x7ffc0000
[  282.414198][   T29] audit: type=1326 audit(1720324294.082:2705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22273 comm="syz.3.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0479968bd9 code=0x7ffc0000
[  282.437835][   T29] audit: type=1326 audit(1720324294.082:2706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22273 comm="syz.3.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0479968bd9 code=0x7ffc0000
[  282.461312][   T29] audit: type=1326 audit(1720324294.082:2707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22273 comm="syz.3.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0479968bd9 code=0x7ffc0000
[  282.484823][   T29] audit: type=1326 audit(1720324294.082:2708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22273 comm="syz.3.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0479968bd9 code=0x7ffc0000
[  282.496177][T21806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.527487][T22307] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4106'.
[  282.559012][T22336] FAULT_INJECTION: forcing a failure.
[  282.559012][T22336] name failslab, interval 1, probability 0, space 0, times 0
[  282.571675][T22336] CPU: 0 PID: 22336 Comm: syz.2.4109 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  282.581819][T22336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  282.591935][T22336] Call Trace:
[  282.595204][T22336]  <TASK>
[  282.598133][T22336]  dump_stack_lvl+0xf2/0x150
[  282.602772][T22336]  dump_stack+0x15/0x20
[  282.606917][T22336]  should_fail_ex+0x229/0x230
[  282.611590][T22336]  ? kernfs_fop_write_iter+0xe7/0x2c0
[  282.617023][T22336]  __should_failslab+0x92/0xa0
[  282.621779][T22336]  should_failslab+0x9/0x20
[  282.626339][T22336]  __kmalloc_noprof+0xa5/0x370
[  282.631097][T22336]  kernfs_fop_write_iter+0xe7/0x2c0
[  282.636292][T22336]  vfs_write+0x78f/0x900
[  282.640530][T22336]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  282.646393][T22336]  ksys_write+0xeb/0x1b0
[  282.650629][T22336]  __x64_sys_write+0x42/0x50
[  282.655249][T22336]  x64_sys_call+0x27ef/0x2d70
[  282.659926][T22336]  do_syscall_64+0xc9/0x1c0
[  282.664420][T22336]  ? clear_bhb_loop+0x55/0xb0
[  282.669091][T22336]  ? clear_bhb_loop+0x55/0xb0
[  282.673763][T22336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.679685][T22336] RIP: 0033:0x7f3c225fbbd9
[  282.684089][T22336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.703700][T22336] RSP: 002b:00007f3c2187d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  282.712173][T22336] RAX: ffffffffffffffda RBX: 00007f3c22789f60 RCX: 00007f3c225fbbd9
[  282.720197][T22336] RDX: 0000000000000005 RSI: 00000000200001c0 RDI: 0000000000000005
[  282.728156][T22336] RBP: 00007f3c2187d0a0 R08: 0000000000000000 R09: 0000000000000000
[  282.736149][T22336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  282.744109][T22336] R13: 000000000000000b R14: 00007f3c22789f60 R15: 00007fffd9371758
[  282.752150][T22336]  </TASK>
[  282.765623][T21806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  282.808136][T21789] hsr_slave_0: entered promiscuous mode
[  282.824757][T21789] hsr_slave_1: entered promiscuous mode
[  282.834293][T21789] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  282.842018][T21789] Cannot create hsr debugfs directory
[  282.866224][ T3299] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.890152][T22386] netlink: 'syz.0.4111': attribute type 27 has an invalid length.
[  282.909760][ T3272] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  282.966252][T22386] gretap0: left promiscuous mode
[  283.210596][T22386] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.217884][T22386] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.628400][T22386] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  283.692752][T22386] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  284.088680][T22386] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  284.097742][T22386] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  284.106849][T22386] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  284.115846][T22386] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  284.222330][T22386] delete_channel: no stack
[  284.256451][T21806] team0: Port device team_slave_0 added
[  284.266222][T21806] team0: Port device team_slave_1 added
[  284.283663][ T3299] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.305070][T22408] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4113'.
[  284.348358][T22421] netlink: 'syz.0.4114': attribute type 10 has an invalid length.
[  284.391505][ T3299] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.424047][T21806] batman_adv: batadv0: Adding interface: batadv_slave_0
[  284.431117][T21806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.457241][T21806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  284.504811][T21806] batman_adv: batadv0: Adding interface: batadv_slave_1
[  284.510737][T22474] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  284.511762][T21806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.524115][T22474] vhci_hcd: invalid port number 23
[  284.545138][T21806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  284.577860][T22443] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  284.603556][T22474] loop0: detected capacity change from 0 to 2048
[  284.630714][ T3299] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.635384][T22474] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.677502][T21806] hsr_slave_0: entered promiscuous mode
[  284.688706][T21806] hsr_slave_1: entered promiscuous mode
[  284.695196][T21806] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  284.702777][T21806] Cannot create hsr debugfs directory
[  284.746562][T18892] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.788718][ T3299] bridge_slave_1: left allmulticast mode
[  284.794488][ T3299] bridge_slave_1: left promiscuous mode
[  284.800362][ T3299] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.856708][ T3299] bridge_slave_0: left allmulticast mode
[  284.862365][ T3299] bridge_slave_0: left promiscuous mode
[  284.868173][ T3299] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.033261][T22564] __nla_validate_parse: 1 callbacks suppressed
[  285.033277][T22564] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4120'.
[  285.048496][T22564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4120'.
[  285.069052][T22572] macvlan2: entered promiscuous mode
[  285.074753][T22572] macvlan2: entered allmulticast mode
[  285.092518][T22572] batman_adv: batadv0: Adding interface: macvlan2
[  285.099007][T22572] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1450) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.124583][T22572] batman_adv: batadv0: Not using interface macvlan2 (retrying later): interface not active
[  285.191366][T22620] loop3: detected capacity change from 0 to 764
[  285.205716][ T3299] hsr_slave_0: left promiscuous mode
[  285.211725][ T3299] hsr_slave_1: left promiscuous mode
[  285.211826][T22620] iso9660: Unknown parameter 'vcan0'
[  285.222701][ T3299] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.230222][ T3299] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.241724][ T3299] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.249260][ T3299] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.311418][ T3299] veth1_macvtap: left promiscuous mode
[  285.316946][ T3299] veth0_macvtap: left promiscuous mode
[  285.322587][ T3299] veth1_vlan: left promiscuous mode
[  285.328075][ T3299] veth0_vlan: left promiscuous mode
[  285.480641][ T3299] team0 (unregistering): Port device team_slave_1 removed
[  285.497812][ T3299] team0 (unregistering): Port device team_slave_0 removed
[  285.552040][T22664] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4127'.
[  285.649917][T22684] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  285.654997][T22685] loop2: detected capacity change from 0 to 512
[  285.697240][T22685] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.744269][T22685] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.791541][T17968] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.897356][T22699] loop2: detected capacity change from 0 to 512
[  285.912321][T21789] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  285.930397][T22699] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.931297][T21789] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  285.955835][T21789] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  285.974071][T22699] ext4 filesystem being mounted at /132/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  286.001986][T21789] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  286.061322][   T29] kauditd_printk_skb: 20 callbacks suppressed
[  286.061337][   T29] audit: type=1401 audit(1720324297.762:2729): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  286.121719][T22726] loop3: detected capacity change from 0 to 1024
[  286.129976][T17968] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.140917][T22726] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  286.167132][T21789] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.174598][T22726] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  286.182671][T22726] EXT4-fs (loop3): orphan cleanup on readonly fs
[  286.200189][T21789] 8021q: adding VLAN 0 to HW filter on device team0
[  286.207226][T22726] Quota error (device loop3): v2_read_file_info: Can't read info structure
[  286.233298][ T4268] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.240420][ T4268] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.265491][T22726] EXT4-fs warning (device loop3): ext4_enable_quotas:7078: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  286.280108][T22726] EXT4-fs (loop3): Cannot turn on quotas: error -5
[  286.336928][ T3161] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.344029][ T3161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.356796][T22726] EXT4-fs (loop3): 1 truncate cleaned up
[  286.362978][T22726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  286.377830][T22726] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.389994][T22752] loop0: detected capacity change from 0 to 512
[  286.410774][T21806] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  286.426137][T21806] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  286.432996][T22752] EXT4-fs error (device loop0): ext4_get_journal_inode:5752: comm syz.0.4139: inode #196608: comm syz.0.4139: iget: illegal inode #
[  286.450256][T21806] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  286.465667][T22752] EXT4-fs (loop0): Remounting filesystem read-only
[  286.472219][T22752] EXT4-fs (loop0): no journal found
[  286.477528][T22752] EXT4-fs (loop0): can't get journal size
[  286.483463][T21806] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  286.514479][T22752] EXT4-fs (loop0): failed to initialize system zone (-22)
[  286.524013][T22752] EXT4-fs (loop0): mount failed
[  286.532735][T21789] 8021q: adding VLAN 0 to HW filter on device batadv0
[  286.670883][T21806] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.762738][T22776] xfrm0 speed is unknown, defaulting to 1000
[  286.769014][T22776] xfrm0 speed is unknown, defaulting to 1000
[  286.775522][T22776] xfrm0 speed is unknown, defaulting to 1000
[  286.782042][T22776] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  286.789778][T22776] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  286.802010][T22776] xfrm0 speed is unknown, defaulting to 1000
[  286.808659][T22776] xfrm0 speed is unknown, defaulting to 1000
[  286.815212][T22776] xfrm0 speed is unknown, defaulting to 1000
[  286.821587][T22776] xfrm0 speed is unknown, defaulting to 1000
[  286.828166][T22776] xfrm0 speed is unknown, defaulting to 1000
[  286.834936][T22776] xfrm0 speed is unknown, defaulting to 1000
[  286.841404][T22776] xfrm0 speed is unknown, defaulting to 1000
[  286.847805][T22776] xfrm0 speed is unknown, defaulting to 1000
[  286.979875][T21806] 8021q: adding VLAN 0 to HW filter on device team0
[  287.024996][ T3162] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.032166][ T3162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.041711][ T3162] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.048827][ T3162] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.116102][T21806] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  287.126751][T21806] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  287.185193][T22789] loop2: detected capacity change from 0 to 1024
[  287.203615][T21789] veth0_vlan: entered promiscuous mode
[  287.218869][T22789] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  287.237808][T21806] 8021q: adding VLAN 0 to HW filter on device batadv0
[  287.247950][T21789] veth1_vlan: entered promiscuous mode
[  287.271997][T22789] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  287.282935][T22789] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  287.295429][T21789] veth0_macvtap: entered promiscuous mode
[  287.304933][T21789] veth1_macvtap: entered promiscuous mode
[  287.327103][T21789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.337699][T21789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.347900][T21789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.358443][T21789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.368407][T21789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.372495][T22789] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  287.379057][T21789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.399283][T21789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.409964][T21789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.419850][T21789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  287.430792][T21789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.444344][T21789] batman_adv: batadv0: Interface activated: batadv_slave_0
[  287.456182][T21789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.464387][T22789] journal_load_superblock: Cannot read journal superblock
[  287.466770][T21789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.473838][T22789] EXT4-fs (loop2): Could not load journal inode
[  287.483844][T21789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.483928][T21789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.483942][T21789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.521065][T21789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.530979][T21789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.541591][T21789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.551679][T21789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  287.562190][T21789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  287.610067][T21789] batman_adv: batadv0: Interface activated: batadv_slave_1
[  287.624296][T21789] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  287.633441][T21789] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  287.642426][T21789] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  287.651390][T21789] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  287.662919][   T29] audit: type=1326 audit(1720324555.335:2730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22788 comm="syz.2.4141" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3c225fbbd9 code=0x0
[  287.737078][T22819] netlink: 9 bytes leftover after parsing attributes in process `syz.0.4146'.
[  287.764958][T22819] gretap0: entered promiscuous mode
[  287.794876][T22819] netlink: 5 bytes leftover after parsing attributes in process `syz.0.4146'.
[  287.857189][T22827] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4147'.
[  287.897380][T21806] veth0_vlan: entered promiscuous mode
[  287.916115][T22832] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4148'.
[  287.940157][T22830] loop1: detected capacity change from 0 to 512
[  287.960780][T21806] veth1_vlan: entered promiscuous mode
[  287.973590][T22830] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.4085: attempt to clear invalid blocks 1 len 1
[  287.994920][T21806] veth0_macvtap: entered promiscuous mode
[  288.002024][T22830] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4085: bg 0: block 343: padding at end of block bitmap is not set
[  288.010227][T21806] veth1_macvtap: entered promiscuous mode
[  288.032142][T22830] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  288.042449][T22830] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.4085: invalid indirect mapped block 1819239214 (level 0)
[  288.059705][T22839] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4150'.
[  288.072365][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.082932][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.092898][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.103338][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.113182][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.123647][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.133336][T22830] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.4085: invalid indirect mapped block 1819239214 (level 1)
[  288.133500][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.158450][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.168347][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.178814][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.188698][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.199408][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.211529][T21806] batman_adv: batadv0: Interface activated: batadv_slave_0
[  288.219205][T22830] EXT4-fs (loop1): 1 truncate cleaned up
[  288.223813][T22843] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4152'.
[  288.225328][T22830] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.273985][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.284652][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.294599][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.305044][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.314885][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.325456][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.335278][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.345881][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.355810][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.366269][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.377204][T21806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.387636][T21806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.399928][T21806] batman_adv: batadv0: Interface activated: batadv_slave_1
[  288.408169][T21789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.409916][T21806] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.425919][T21806] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  288.434760][T21806] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  288.443529][T21806] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  288.508497][T22859] loop2: detected capacity change from 0 to 1024
[  288.540581][T22859] EXT4-fs: Ignoring removed i_version option
[  288.557112][T22875] loop4: detected capacity change from 0 to 512
[  288.558762][T22859] EXT4-fs: dax option not supported
[  288.574329][T22866] tmpfs: Bad value for 'mpol'
[  288.612596][T22875] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz.4.4089: corrupted in-inode xattr: e_name out of bounds
[  288.630207][   T29] audit: type=1400 audit(1720324556.335:2731): avc:  denied  { ioctl } for  pid=22879 comm="syz.3.4158" path="socket:[65888]" dev="sockfs" ino=65888 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  288.667173][T22859] netlink: 'syz.2.4155': attribute type 11 has an invalid length.
[  288.671472][T22881] loop1: detected capacity change from 0 to 2048
[  288.675172][T22859] netlink: 148940 bytes leftover after parsing attributes in process `syz.2.4155'.
[  288.691676][T22875] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.4089: couldn't read orphan inode 15 (err -117)
[  288.784667][T22881] EXT4-fs: Ignoring removed orlov option
[  288.806252][T22875] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.821544][T22895] loop0: detected capacity change from 0 to 512
[  288.825463][T22881] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.851615][T22895] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  288.860567][T22859] loop2: detected capacity change from 0 to 2048
[  288.906461][T22895] EXT4-fs (loop0): 1 orphan inode deleted
[  288.912383][T22895] EXT4-fs (loop0): 1 truncate cleaned up
[  288.921403][T22859]  loop2: p4 < >
[  288.941089][T22881] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  288.958619][T22895] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.073131][T22881] EXT4-fs (loop1): Remounting filesystem read-only
[  289.109388][T21806] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.222874][T22922] rose0: tun_chr_ioctl cmd 1074812118
[  289.241293][T18892] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.253992][T21789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.290967][T22931] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  289.488906][T22944] bridge0: entered promiscuous mode
[  289.517172][T22946] loop0: detected capacity change from 0 to 7
[  289.607973][T22957] batadv0: entered promiscuous mode
[  289.636835][T22957] macvtap0: entered promiscuous mode
[  289.659027][T22957] macvtap0: left promiscuous mode
[  289.679431][T22957] batadv0: left promiscuous mode
[  289.749708][T22969] loop2: detected capacity change from 0 to 512
[  289.788335][T22969] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.4172: corrupted in-inode xattr: e_name out of bounds
[  289.842265][T22969] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.4172: couldn't read orphan inode 15 (err -117)
[  289.888278][T22969] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.941151][T22975] FAULT_INJECTION: forcing a failure.
[  289.941151][T22975] name failslab, interval 1, probability 0, space 0, times 0
[  289.953815][T22975] CPU: 1 PID: 22975 Comm: syz.4.4174 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  289.964067][T22975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  289.974123][T22975] Call Trace:
[  289.977448][T22975]  <TASK>
[  289.980367][T22975]  dump_stack_lvl+0xf2/0x150
[  289.984973][T22975]  dump_stack+0x15/0x20
[  289.989164][T22975]  should_fail_ex+0x229/0x230
[  289.993904][T22975]  ? __get_vm_area_node+0xf7/0x1b0
[  289.999030][T22975]  __should_failslab+0x92/0xa0
[  290.003862][T22975]  should_failslab+0x9/0x20
[  290.008375][T22975]  kmalloc_node_trace_noprof+0x50/0x2b0
[  290.013985][T22975]  __get_vm_area_node+0xf7/0x1b0
[  290.018994][T22975]  __vmalloc_node_range_noprof+0x2eb/0xef0
[  290.024877][T22975]  ? do_replace+0x19c/0x2d0
[  290.029397][T22975]  ? avc_has_perm+0xd4/0x160
[  290.033999][T22975]  ? avc_has_perm_noaudit+0x1cc/0x210
[  290.039381][T22975]  ? do_replace+0x19c/0x2d0
[  290.043958][T22975]  __vmalloc_noprof+0x5e/0x70
[  290.048692][T22975]  ? do_replace+0x19c/0x2d0
[  290.053205][T22975]  do_replace+0x19c/0x2d0
[  290.057543][T22975]  do_ebt_set_ctl+0x1bd/0xb80
[  290.062239][T22975]  ? _parse_integer_limit+0x167/0x180
[  290.067652][T22975]  ? _parse_integer+0x27/0x30
[  290.072348][T22975]  ? kstrtoull+0x110/0x140
[  290.076777][T22975]  ? tcp_release_cb+0xfe/0x380
[  290.081539][T22975]  ? _raw_spin_unlock_bh+0x36/0x40
[  290.086712][T22975]  ? release_sock+0x117/0x150
[  290.091476][T22975]  ? sockopt_release_sock+0x42/0x50
[  290.096680][T22975]  ? do_ip_setsockopt+0x1fcf/0x2340
[  290.101895][T22975]  nf_setsockopt+0x195/0x1b0
[  290.106527][T22975]  ip_setsockopt+0xea/0x100
[  290.111063][T22975]  tcp_setsockopt+0x93/0xb0
[  290.115567][T22975]  sock_common_setsockopt+0x64/0x80
[  290.120772][T22975]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  290.126673][T22975]  __sys_setsockopt+0x1d8/0x250
[  290.131920][T22975]  __x64_sys_setsockopt+0x66/0x80
[  290.137007][T22975]  x64_sys_call+0x1183/0x2d70
[  290.141742][T22975]  do_syscall_64+0xc9/0x1c0
[  290.146249][T22975]  ? clear_bhb_loop+0x55/0xb0
[  290.150996][T22975]  ? clear_bhb_loop+0x55/0xb0
[  290.155678][T22975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.161697][T22975] RIP: 0033:0x7f20b56febd9
[  290.166119][T22975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.185791][T22975] RSP: 002b:00007f20b4980048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  290.194354][T22975] RAX: ffffffffffffffda RBX: 00007f20b588cf60 RCX: 00007f20b56febd9
[  290.202333][T22975] RDX: 0000000000000080 RSI: 0a00000000000000 RDI: 0000000000000003
[  290.210304][T22975] RBP: 00007f20b49800a0 R08: 0000000000000a08 R09: 0000000000000000
[  290.218337][T22975] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  290.226305][T22975] R13: 000000000000000b R14: 00007f20b588cf60 R15: 00007ffe4e6ddaf8
[  290.234300][T22975]  </TASK>
[  290.237709][T22975] syz.4.4174: vmalloc error: size 256, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=syz4,mems_allowed=0
[  290.252735][T22975] CPU: 1 PID: 22975 Comm: syz.4.4174 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  290.262892][T22975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  290.272947][T22975] Call Trace:
[  290.276224][T22975]  <TASK>
[  290.279236][T22975]  dump_stack_lvl+0xf2/0x150
[  290.283915][T22975]  dump_stack+0x15/0x20
[  290.288128][T22975]  warn_alloc+0x145/0x1b0
[  290.292469][T22975]  __vmalloc_node_range_noprof+0x310/0xef0
[  290.298414][T22975]  ? avc_has_perm+0xd4/0x160
[  290.303138][T22975]  ? avc_has_perm_noaudit+0x1cc/0x210
[  290.308537][T22975]  ? do_replace+0x19c/0x2d0
[  290.313152][T22975]  __vmalloc_noprof+0x5e/0x70
[  290.317842][T22975]  ? do_replace+0x19c/0x2d0
[  290.322390][T22975]  do_replace+0x19c/0x2d0
[  290.326787][T22975]  do_ebt_set_ctl+0x1bd/0xb80
[  290.331474][T22975]  ? _parse_integer_limit+0x167/0x180
[  290.336917][T22975]  ? _parse_integer+0x27/0x30
[  290.341600][T22975]  ? kstrtoull+0x110/0x140
[  290.346094][T22975]  ? tcp_release_cb+0xfe/0x380
[  290.350934][T22975]  ? _raw_spin_unlock_bh+0x36/0x40
[  290.356048][T22975]  ? release_sock+0x117/0x150
[  290.360758][T22975]  ? sockopt_release_sock+0x42/0x50
[  290.365965][T22975]  ? do_ip_setsockopt+0x1fcf/0x2340
[  290.371222][T22975]  nf_setsockopt+0x195/0x1b0
[  290.375821][T22975]  ip_setsockopt+0xea/0x100
[  290.380455][T22975]  tcp_setsockopt+0x93/0xb0
[  290.384969][T22975]  sock_common_setsockopt+0x64/0x80
[  290.390268][T22975]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  290.396265][T22975]  __sys_setsockopt+0x1d8/0x250
[  290.401168][T22975]  __x64_sys_setsockopt+0x66/0x80
[  290.406200][T22975]  x64_sys_call+0x1183/0x2d70
[  290.410977][T22975]  do_syscall_64+0xc9/0x1c0
[  290.415579][T22975]  ? clear_bhb_loop+0x55/0xb0
[  290.420269][T22975]  ? clear_bhb_loop+0x55/0xb0
[  290.425059][T22975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.431029][T22975] RIP: 0033:0x7f20b56febd9
[  290.435463][T22975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.455082][T22975] RSP: 002b:00007f20b4980048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  290.463503][T22975] RAX: ffffffffffffffda RBX: 00007f20b588cf60 RCX: 00007f20b56febd9
[  290.471539][T22975] RDX: 0000000000000080 RSI: 0a00000000000000 RDI: 0000000000000003
[  290.479509][T22975] RBP: 00007f20b49800a0 R08: 0000000000000a08 R09: 0000000000000000
[  290.487480][T22975] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  290.495454][T22975] R13: 000000000000000b R14: 00007f20b588cf60 R15: 00007ffe4e6ddaf8
[  290.503448][T22975]  </TASK>
[  290.506552][T22975] Mem-Info:
[  290.509715][T22975] active_anon:141 inactive_anon:28414 isolated_anon:0
[  290.509715][T22975]  active_file:13167 inactive_file:7990 isolated_file:0
[  290.509715][T22975]  unevictable:0 dirty:182 writeback:0
[  290.509715][T22975]  slab_reclaimable:2757 slab_unreclaimable:18621
[  290.509715][T22975]  mapped:24058 shmem:16289 pagetables:749
[  290.509715][T22975]  sec_pagetables:0 bounce:0
[  290.509715][T22975]  kernel_misc_reclaimable:0
[  290.509715][T22975]  free:1824609 free_pcp:14952 free_cma:0
[  290.555180][T22975] Node 0 active_anon:564kB inactive_anon:113928kB active_file:52672kB inactive_file:31896kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:96272kB dirty:744kB writeback:0kB shmem:65080kB writeback_tmp:0kB kernel_stack:3664kB pagetables:2940kB sec_pagetables:0kB all_unreclaimable? no
[  290.583350][T22975] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  290.610445][T22975] lowmem_reserve[]: 0 2874 7852 0
[  290.615498][T22975] Node 0 DMA32 free:2957056kB boost:0kB min:4144kB low:7084kB high:10024kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2960692kB mlocked:0kB bounce:0kB free_pcp:3636kB local_pcp:3540kB free_cma:0kB
[  290.644191][T22975] lowmem_reserve[]: 0 0 4978 0
[  290.649032][T22975] Node 0 Normal free:4328816kB boost:0kB min:7180kB low:12276kB high:17372kB reserved_highatomic:0KB active_anon:564kB inactive_anon:114392kB active_file:52672kB inactive_file:31896kB unevictable:0kB writepending:744kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:52688kB local_pcp:8352kB free_cma:0kB
[  290.679896][T22975] lowmem_reserve[]: 0 0 0 0
[  290.684569][T22975] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  290.697327][T22975] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 3*16kB (M) 4*32kB (M) 3*64kB (M) 3*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 1*2048kB (M) 720*4096kB (M) = 2957056kB
[  290.713420][T22975] Node 0 Normal: 1942*4kB (UME) 1008*8kB (UM) 385*16kB (UME) 215*32kB (UME) 17*64kB (UME) 13*128kB (UME) 42*256kB (UME) 50*512kB (UME) 93*1024kB (UE) 18*2048kB (UM) 1008*4096kB (UM) = 4328840kB
[  290.732668][T22975] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  290.741976][T22975] 37411 total pagecache pages
[  290.746696][T22975] 4 pages in swap cache
[  290.750834][T22975] Free swap  = 124292kB
[  290.755059][T22975] Total swap = 124996kB
[  290.759255][T22975] 2097051 pages RAM
[  290.763126][T22975] 0 pages HighMem/MovableOnly
[  290.767834][T22975] 78486 pages reserved
[  290.869325][T22984] loop1: detected capacity change from 0 to 512
[  290.869469][T22984] ext3: Unknown parameter 'uid>00000000000000000000'
[  290.926942][T17968] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.151883][T23011] siw: device registration error -23
[  291.161703][T23012] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  291.358104][T23020] loop1: detected capacity change from 0 to 1024
[  291.386917][T23022] __nla_validate_parse: 5 callbacks suppressed
[  291.386936][T23022] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4180'.
[  291.515907][T23020] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.519548][T23027] loop4: detected capacity change from 0 to 164
[  291.546435][T23020] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.631049][T23036] bridge_slave_1: left allmulticast mode
[  291.636801][T23036] bridge_slave_1: left promiscuous mode
[  291.642567][T23036] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.705088][T23044] loop1: detected capacity change from 0 to 512
[  291.719231][T23044] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz.1.4190: corrupted in-inode xattr: e_name out of bounds
[  291.744422][T23044] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.4190: couldn't read orphan inode 15 (err -117)
[  291.766050][T23046] loop2: detected capacity change from 0 to 2048
[  291.775381][T23044] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.790773][T23052] loop0: detected capacity change from 0 to 512
[  291.808027][T23046] EXT4-fs: Ignoring removed orlov option
[  291.831777][T23052] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  291.842708][T23046] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.866539][T23052] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  291.891558][T23052] System zones: 0-2, 18-18, 34-35
[  291.904225][T23052] EXT4-fs (loop0): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.921656][T21789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.957112][T23060] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  291.982163][T23049] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4192'.
[  292.005832][T23062] usb usb8: usbfs: process 23062 (syz.0.4192) did not claim interface 0 before use
[  292.023539][T23060] EXT4-fs (loop2): Remounting filesystem read-only
[  292.032703][T18892] EXT4-fs (loop0): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  292.042917][T23068] loop1: detected capacity change from 0 to 512
[  292.071965][T23072] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4196'.
[  292.081198][T23072] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4196'.
[  292.104712][T23068] Quota error (device loop1): v2_read_file_info: Number of blocks too big for quota file size (6144 > 1280).
[  292.139966][T23068] EXT4-fs warning (device loop1): ext4_enable_quotas:7078: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  292.154810][T23068] EXT4-fs (loop1): mount failed
[  292.184552][T17968] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.231064][T23091] loop1: detected capacity change from 0 to 1024
[  292.274692][T23091] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  292.292519][T23094] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4198'.
[  292.301610][T23094] netlink: 43 bytes leftover after parsing attributes in process `syz.2.4198'.
[  292.304235][T23091] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  292.310837][T23094] netlink: 'syz.2.4198': attribute type 5 has an invalid length.
[  292.321599][T23091] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  292.329326][T23094] netlink: 43 bytes leftover after parsing attributes in process `syz.2.4198'.
[  292.424280][T23091] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  292.455569][T23091] journal_load_superblock: Cannot read journal superblock
[  292.458364][T23098] loop2: detected capacity change from 0 to 512
[  292.462798][T23091] EXT4-fs (loop1): Could not load journal inode
[  292.495693][T23098] EXT4-fs error (device loop2): ext4_get_journal_inode:5752: comm syz.2.4201: inode #196608: comm syz.2.4201: iget: illegal inode #
[  292.522174][   T29] audit: type=1326 audit(1720324560.225:2732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23090 comm="syz.1.4200" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fddd8d09bd9 code=0x0
[  292.565639][T23098] EXT4-fs (loop2): Remounting filesystem read-only
[  292.572178][T23098] EXT4-fs (loop2): no journal found
[  292.577435][T23098] EXT4-fs (loop2): can't get journal size
[  292.619144][T23098] EXT4-fs (loop2): get root inode failed
[  292.624881][T23098] EXT4-fs (loop2): mount failed
[  292.639209][T23106] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4203'.
[  292.816272][T23119] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4207'.
[  292.850282][T23122] loop0: detected capacity change from 0 to 7
[  292.862883][T23124] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4209'.
[  293.037666][T23143] loop2: detected capacity change from 0 to 164
[  293.060021][T23139] xfrm0 speed is unknown, defaulting to 1000
[  293.062754][T23143] Unable to read rock-ridge attributes
[  293.085633][T23154] loop3: detected capacity change from 0 to 256
[  293.176194][T23181] loop0: detected capacity change from 0 to 7
[  293.206431][T23139] sg_write: data in/out 54/154 bytes for SCSI command 0x0-- guessing data in;
[  293.206431][T23139]    program syz.3.4215 not setting count and/or reply_len properly
[  293.272016][T23206] loop0: detected capacity change from 0 to 512
[  293.292899][T23207] loop1: detected capacity change from 0 to 1764
[  293.390719][T23207] iso9660: Bad value for 'gid'
[  293.397505][T23206] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.410179][T23206] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.417836][T23219] loop3: detected capacity change from 0 to 1024
[  293.439846][T18892] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.469979][T23219] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  293.509774][T23219] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  293.520732][T23219] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  293.584155][T23219] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  293.586509][T23223] xfrm0 speed is unknown, defaulting to 1000
[  293.626997][T23244] loop0: detected capacity change from 0 to 512
[  293.634002][T23219] journal_load_superblock: Cannot read journal superblock
[  293.641310][T23219] EXT4-fs (loop3): Could not load journal inode
[  293.650827][ T3274] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.706989][   T29] audit: type=1326 audit(1720324561.415:2733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23218 comm="syz.3.4228" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0479968bd9 code=0x0
[  293.747246][ T3274] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.763609][T23269] RDS: rds_bind could not find a transport for 300a:6675:6e63:2331:2040:390a:303a:2052, load rds_tcp or rds_rdma?
[  293.775897][T23248] rose0: tun_chr_ioctl cmd 1074812118
[  293.827465][ T3274] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.839714][T23269] loop0: detected capacity change from 0 to 1764
[  293.863906][T23269] iso9660: Unknown parameter 'overriderkckperm'
[  293.907688][ T3274] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.010327][T23374] loop2: detected capacity change from 0 to 512
[  294.020975][T23223] chnl_net:caif_netlink_parms(): no params data found
[  294.054844][T23374] EXT4-fs (loop2): bad block size 8192
[  294.060463][T23369] netlink: 'syz.0.4241': attribute type 4 has an invalid length.
[  294.070885][ T3274] bridge_slave_0: left allmulticast mode
[  294.076638][ T3274] bridge_slave_0: left promiscuous mode
[  294.082374][ T3274] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.277235][ T3274] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  294.291644][ T3274] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  294.308805][ T3274] bond0 (unregistering): Released all slaves
[  294.428033][ T3274] hsr_slave_0: left promiscuous mode
[  294.445538][ T3274] hsr_slave_1: left promiscuous mode
[  294.465235][ T3274] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  294.472704][ T3274] batman_adv: batadv0: Removing interface: batadv_slave_0
[  294.498718][ T3274] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  294.506282][ T3274] batman_adv: batadv0: Removing interface: batadv_slave_1
[  294.544349][ T3274] veth1_macvtap: left promiscuous mode
[  294.549867][ T3274] veth0_macvtap: left promiscuous mode
[  294.555513][ T3274] veth1_vlan: left promiscuous mode
[  294.560892][ T3274] veth0_vlan: left promiscuous mode
[  294.750803][ T3274] team0 (unregistering): Port device team_slave_1 removed
[  294.775325][ T3274] team0 (unregistering): Port device team_slave_0 removed
[  294.854583][T23223] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.861718][T23223] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.883194][T23223] bridge_slave_0: entered allmulticast mode
[  294.893698][T23223] bridge_slave_0: entered promiscuous mode
[  294.913532][T23223] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.920667][T23223] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.938005][T23223] bridge_slave_1: entered allmulticast mode
[  294.952611][T23223] bridge_slave_1: entered promiscuous mode
[  294.953166][T23482] loop0: detected capacity change from 0 to 7
[  294.979274][T23478] xfrm0 speed is unknown, defaulting to 1000
[  294.999560][T23492] loop2: detected capacity change from 0 to 1024
[  295.009736][T23223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  295.037519][T23223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  295.057596][T23492] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  295.089676][T23492] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  295.100634][T23492] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  295.115768][T23223] team0: Port device team_slave_0 added
[  295.125256][T23223] team0: Port device team_slave_1 added
[  295.169068][T23492] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  295.185111][T23223] batman_adv: batadv0: Adding interface: batadv_slave_0
[  295.192079][T23223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  295.218178][T23223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  295.231299][T23223] batman_adv: batadv0: Adding interface: batadv_slave_1
[  295.238347][T23223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  295.242114][T23492] journal_load_superblock: Cannot read journal superblock
[  295.264472][T23223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  295.282254][T23492] EXT4-fs (loop2): Could not load journal inode
[  295.293395][T23568] loop3: detected capacity change from 0 to 512
[  295.312291][T23223] hsr_slave_0: entered promiscuous mode
[  295.325072][T23223] hsr_slave_1: entered promiscuous mode
[  295.331107][T23223] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  295.344261][T23223] Cannot create hsr debugfs directory
[  295.370236][T23568] EXT4-fs (loop3): too many log groups per flexible block group
[  295.378138][T23568] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  295.385047][T23568] EXT4-fs (loop3): mount failed
[  295.431229][   T29] audit: type=1326 audit(1720324563.135:2734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23490 comm="syz.2.4253" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3c225fbbd9 code=0x0
[  295.546753][T23691] netlink: 'syz.3.4258': attribute type 10 has an invalid length.
[  295.652193][T23707] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23707 comm=syz.3.4260
[  295.770791][T23223] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  295.811034][T23223] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  295.827536][T23223] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  295.846654][T23223] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  295.863316][T23735] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23735 comm=syz.3.4265
[  295.878734][T23739] loop0: detected capacity change from 0 to 128
[  295.924448][T23739] FAT-fs (loop0): Unrecognized mount option "Šþ'0177777777777777777777718446744073709551615" or missing value
[  295.950837][T23223] 8021q: adding VLAN 0 to HW filter on device bond0
[  295.982995][T23223] 8021q: adding VLAN 0 to HW filter on device team0
[  295.996148][T23743] SELinux:  Context :yz1bß±½U×Loç¬�kÎ-õ@»�;èöÿQªi’k;ÝM¢á-ØÞ is not valid (left unmapped).
[  296.006780][   T29] audit: type=1400 audit(1720324563.715:2735): avc:  denied  { relabelto } for  pid=23742 comm="syz.3.4268" name="file0" dev="tmpfs" ino=1645 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=3A797A31621ADFB1BD55D74C6FE7AC81106BCE2DF540BB9D3BE8F6FF5104AA69926B1B3BDD4DA2E12D0ED8DE
[  296.008144][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.038012][   T29] audit: type=1400 audit(1720324563.715:2736): avc:  denied  { associate } for  pid=23742 comm="syz.3.4268" name="file0" dev="tmpfs" ino=1645 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=3A797A31621ADFB1BD55D74C6FE7AC81106BCE2DF540BB9D3BE8F6FF5104AA69926B1B3BDD4DA2E12D0ED8DE
[  296.045016][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.143893][T23749] loop3: detected capacity change from 0 to 512
[  296.199565][T23751] vxcan3: entered promiscuous mode
[  296.215587][T23749] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.229193][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.235615][   T29] audit: type=1400 audit(1720324563.835:2737): avc:  denied  { unlink } for  pid=13011 comm="syz-executor" name="file0" dev="tmpfs" ino=1645 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=3A797A31621ADFB1BD55D74C6FE7AC81106BCE2DF540BB9D3BE8F6FF5104AA69926B1B3BDD4DA2E12D0ED8DE
[  296.236454][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.276110][T23749] ext4 filesystem being mounted at /299/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  296.289340][T23759] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23759 comm=syz.0.4270
[  296.344061][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.372424][T23761] vlan5: entered promiscuous mode
[  296.377725][T23761] vlan5: entered allmulticast mode
[  296.389206][T23761] bridge0: port 3(vlan5) entered blocking state
[  296.395775][T23761] bridge0: port 3(vlan5) entered disabled state
[  296.409252][T23767] loop3: detected capacity change from 0 to 512
[  296.442391][T23767] EXT4-fs error (device loop3): ext4_orphan_get:1420: comm syz.3.4271: bad orphan inode 17
[  296.503717][T23767] ext4_test_bit(bit=16, block=4) = 1
[  296.509329][T23767] is_bad_inode(inode)=0
[  296.513571][T23767] NEXT_ORPHAN(inode)=0
[  296.517802][T23767] max_ino=32
[  296.520998][T23767] i_nlink=1
[  296.557230][T23767] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.613474][T23223] 8021q: adding VLAN 0 to HW filter on device batadv0
[  296.635516][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.649120][T23779] loop0: detected capacity change from 0 to 1024
[  296.694999][T23779] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  296.707322][T23779] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  296.718416][T23779] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  296.756483][T23779] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  296.768013][T23791] __nla_validate_parse: 19 callbacks suppressed
[  296.768026][T23791] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4278'.
[  296.798086][T23779] journal_load_superblock: Cannot read journal superblock
[  296.805263][T23779] EXT4-fs (loop0): Could not load journal inode
[  296.816127][T23795] loop3: detected capacity change from 0 to 512
[  296.832699][T23795] EXT4-fs (loop3): 1 truncate cleaned up
[  296.838660][   T29] audit: type=1326 audit(1720324564.535:2738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23778 comm="syz.0.4275" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4316f62bd9 code=0x0
[  296.877605][T23795] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.938519][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.953741][T23808] random: crng reseeded on system resumption
[  296.963198][   T29] audit: type=1400 audit(1720324564.655:2739): avc:  denied  { write } for  pid=23805 comm="syz.2.4280" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  296.995157][T23807] loop1: detected capacity change from 0 to 512
[  297.003570][T23223] veth0_vlan: entered promiscuous mode
[  297.016029][T23807] EXT4-fs error (device loop1): ext4_get_journal_inode:5752: comm syz.1.4277: inode #196608: comm syz.1.4277: iget: illegal inode #
[  297.047846][T23807] EXT4-fs (loop1): Remounting filesystem read-only
[  297.054555][T23807] EXT4-fs (loop1): no journal found
[  297.059940][T23807] EXT4-fs (loop1): can't get journal size
[  297.068142][T23223] veth1_vlan: entered promiscuous mode
[  297.082400][T23223] veth0_macvtap: entered promiscuous mode
[  297.101570][T23807] EXT4-fs (loop1): get root inode failed
[  297.107384][T23807] EXT4-fs (loop1): mount failed
[  297.122878][T23223] veth1_macvtap: entered promiscuous mode
[  297.147261][T23815] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4281'.
[  297.157302][T23817] loop2: detected capacity change from 0 to 512
[  297.161366][T23815] vxcan3: entered promiscuous mode
[  297.176644][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.187325][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.197226][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.207675][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.217645][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.228166][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.238067][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.241347][T23817] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  297.248591][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.248612][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.248625][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.248650][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.282551][T23817] EXT4-fs (loop2): invalid journal inode
[  297.287320][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.316725][T23824] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23824 comm=syz.3.4281
[  297.350946][T23223] batman_adv: batadv0: Interface activated: batadv_slave_0
[  297.361201][T23817] EXT4-fs (loop2): can't get journal size
[  297.361615][T23824] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4281'.
[  297.376045][T23826] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4283'.
[  297.386290][T23817] EXT4-fs (loop2): 1 truncate cleaned up
[  297.394734][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.405204][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.411460][T23817] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  297.415064][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.437661][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.447512][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.457945][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.467828][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.478423][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.488265][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.498720][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.508563][T23223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.519034][T23223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.666933][T23223] batman_adv: batadv0: Interface activated: batadv_slave_1
[  297.682718][T23817] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4282'.
[  297.700012][T23223] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  297.702169][T23847] loop3: detected capacity change from 0 to 512
[  297.708793][T23223] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  297.708823][T23223] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  297.708849][T23223] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  297.766933][T23847] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.781331][T23845] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4282'.
[  297.803854][T23851] tmpfs: Bad value for 'mpol'
[  297.827717][T23847] ext4 filesystem being mounted at /304/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  297.852945][T17968] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.878991][T23858] loop0: detected capacity change from 0 to 256
[  297.896102][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.951871][T23865] netlink: 160 bytes leftover after parsing attributes in process `syz.4.4292'.
[  298.011559][T23880] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4296'.
[  298.013336][T23881] loop1: detected capacity change from 0 to 512
[  298.036403][T23881] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz.1.4294: corrupted in-inode xattr: e_name out of bounds
[  298.103219][T23880] netlink: 16162 bytes leftover after parsing attributes in process `syz.3.4296'.
[  298.115747][T23894] loop0: detected capacity change from 0 to 256
[  298.115980][T23881] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.4294: couldn't read orphan inode 15 (err -117)
[  298.178931][T23881] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.215480][T23911] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4301'.
[  298.272901][T23924] macvlan3: entered promiscuous mode
[  298.278390][T23924] macvlan3: entered allmulticast mode
[  298.283996][   T29] audit: type=1400 audit(1720324565.975:2740): avc:  denied  { search } for  pid=23923 comm="syz.2.4304" name="/" dev="configfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  298.319492][T23924] batman_adv: batadv0: Adding interface: macvlan3
[  298.325969][T23924] batman_adv: batadv0: The MTU of interface macvlan3 is too small (1450) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.351459][T23924] batman_adv: batadv0: Not using interface macvlan3 (retrying later): interface not active
[  298.354830][T21789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.430126][T23948] loop2: detected capacity change from 0 to 512
[  298.436319][T23950] vlan5: entered promiscuous mode
[  298.441716][T23950] ip_vti0: entered promiscuous mode
[  298.455365][T23950] ip_vti0: left promiscuous mode
[  298.500130][T23967] 0·X: renamed from hsr0 (while UP)
[  298.509312][T23948] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  298.535005][T23967] A link change request failed with some changes committed already. Interface 
c0·X may have been left with an inconsistent configuration, please check.
[  298.603403][T23948] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  298.671900][T23984] bridge_slave_1: left allmulticast mode
[  298.677715][T23984] bridge_slave_1: left promiscuous mode
[  298.683399][T23984] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.694509][T17968] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.708488][T23982] loop0: detected capacity change from 0 to 1024
[  298.726234][T23980] vlan0: entered allmulticast mode
[  298.731395][T23980] veth0_vlan: entered allmulticast mode
[  298.737724][T23982] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  298.772026][T23982] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  298.782970][T23982] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  298.809459][T23990] loop1: detected capacity change from 0 to 512
[  298.828354][T23982] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  298.843718][T23995] batadv0: entered promiscuous mode
[  298.850356][T23990] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  298.871228][T23995] macvtap0: entered promiscuous mode
[  298.881306][T23982] journal_load_superblock: Cannot read journal superblock
[  298.888459][T23982] EXT4-fs (loop0): Could not load journal inode
[  298.903584][T23990] EXT4-fs (loop1): 1 truncate cleaned up
[  298.911943][T23995] macvtap0: left promiscuous mode
[  298.921072][T23990] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.939212][T23995] batadv0: left promiscuous mode
[  298.979433][   T29] audit: type=1326 audit(1720324566.685:2741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23981 comm="syz.0.4319" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4316f62bd9 code=0x0
[  299.012831][T21789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.132502][T24027] loop3: detected capacity change from 0 to 128
[  299.164627][T24027] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  299.189387][T24027] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.222770][T24027] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  299.413965][T24051] loop2: detected capacity change from 0 to 2048
[  299.448148][T24051] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.558247][T17968] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.615673][T24057] loop0: detected capacity change from 0 to 256
[  299.675336][T24063] loop0: detected capacity change from 0 to 7
[  299.731907][T24074] loop1: detected capacity change from 0 to 128
[  299.744414][T24074] FAT-fs (loop1): Unrecognized mount option "ÿÿÿÿ0177777777777777777777718446744073709551615" or missing value
[  299.790438][   T29] audit: type=1400 audit(1720324567.495:2742): avc:  denied  { write } for  pid=24075 comm="syz.2.4340" lport=42381 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  300.186394][T24107] loop0: detected capacity change from 0 to 7
[  300.251470][T24120] netlink: 'syz.3.4350': attribute type 10 has an invalid length.
[  300.276748][T24120] veth0_vlan: left allmulticast mode
[  300.282153][T24120] vlan0: left allmulticast mode
[  300.286586][T24122] loop4: detected capacity change from 0 to 128
[  300.304855][T24122] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978)
[  300.318885][T24120] team0: Port device vlan0 added
[  300.330979][T24122] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #11: comm syz.4.4351: No space for directory leaf checksum. Please run e2fsck -D.
[  300.346469][T24122] EXT4-fs error (device loop4): __ext4_find_entry:1695: inode #11: comm syz.4.4351: checksumming directory block 0
[  300.432957][T24139] loop3: detected capacity change from 0 to 1024
[  300.450578][   T29] audit: type=1326 audit(1720324568.145:2743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24121 comm="syz.4.4351" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7b95dc5bd9 code=0x0
[  300.485252][T24139] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  300.506057][T24139] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  300.514286][T24139] EXT4-fs (loop3): orphan cleanup on readonly fs
[  300.525199][T24139] EXT4-fs error (device loop3): __ext4_get_inode_loc:4357: comm syz.3.4356: Invalid inode table block 0 in block_group 0
[  300.560750][T24139] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  300.584814][T24139] EXT4-fs error (device loop3): ext4_quota_write:7232: inode #3: comm syz.3.4356: mark_inode_dirty error
[  300.620731][T24139] Quota error (device loop3): write_blk: dquota write failed
[  300.628286][T24139] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  300.638213][T24139] EXT4-fs error (device loop3): ext4_acquire_dquot:6860: comm syz.3.4356: Failed to acquire dquot type 0
[  300.676504][T24139] EXT4-fs error (device loop3): __ext4_get_inode_loc:4357: comm syz.3.4356: Invalid inode table block 0 in block_group 0
[  300.714322][T24139] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  300.734155][T24139] EXT4-fs error (device loop3): ext4_ext_truncate:4432: inode #15: comm syz.3.4356: mark_inode_dirty error
[  300.755069][T24139] EXT4-fs error (device loop3): __ext4_get_inode_loc:4357: comm syz.3.4356: Invalid inode table block 0 in block_group 0
[  300.785406][T24139] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  300.795028][T24139] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  300.804116][T24139] EXT4-fs error (device loop3): __ext4_get_inode_loc:4357: comm syz.3.4356: Invalid inode table block 0 in block_group 0
[  300.827320][T24139] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  300.854155][T24139] EXT4-fs error (device loop3): ext4_truncate:4162: inode #15: comm syz.3.4356: mark_inode_dirty error
[  300.865445][T24139] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  300.884464][T24139] EXT4-fs (loop3): 1 truncate cleaned up
[  300.893543][T24151] loop0: detected capacity change from 0 to 7
[  301.181422][T24188] loop3: detected capacity change from 0 to 764
[  301.198991][T24188] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  301.632082][T24206] netlink: 'syz.2.4369': attribute type 4 has an invalid length.
[  301.815829][T24212] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  301.929279][T24221] loop2: detected capacity change from 0 to 512
[  301.944790][T24221] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  301.962607][T24221] EXT4-fs (loop2): 1 orphan inode deleted
[  301.968374][T24221] EXT4-fs (loop2): 1 truncate cleaned up
[  302.118408][T24239] loop4: detected capacity change from 0 to 512
[  302.126997][   T29] audit: type=1326 audit(1720324569.835:2744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24242 comm="syz.2.4377" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c225fbbd9 code=0x0
[  302.226137][T24239] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.281885][T24252] loop2: detected capacity change from 0 to 2048
[  302.335301][T24252]  loop2: p1 < > p3
[  302.347204][T24252] loop2: p3 size 134217728 extends beyond EOD, truncated
[  302.380245][T24261] loop4: detected capacity change from 0 to 512
[  302.426154][T24261] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.606087][   T29] audit: type=1400 audit(1720324570.315:2745): avc:  denied  { lock } for  pid=24281 comm="syz.3.4389" path="socket:[68469]" dev="sockfs" ino=68469 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1
[  302.606691][T24282] netlink: 'syz.3.4389': attribute type 4 has an invalid length.
[  302.793686][T24299] __nla_validate_parse: 15 callbacks suppressed
[  302.793717][T24299] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4394'.
[  302.835080][T24300] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4393'.
[  302.843970][T24300] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4393'.
[  302.869595][T24299] netlink: 16162 bytes leftover after parsing attributes in process `syz.3.4394'.
[  302.955804][T24320] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4398'.
[  302.999754][T24327] netlink: 'syz.3.4401': attribute type 5 has an invalid length.
[  303.039017][T24336] loop3: detected capacity change from 0 to 512
[  303.060433][T24336] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2234: inode #15: comm syz.3.4403: corrupted in-inode xattr: e_name out of bounds
[  303.089107][T24336] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.4403: couldn't read orphan inode 15 (err -117)
[  303.113406][T24343] loop1: detected capacity change from 0 to 512
[  303.127517][T24343] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz.1.4404: corrupted in-inode xattr: e_name out of bounds
[  303.128128][T24345] loop2: detected capacity change from 0 to 512
[  303.160475][T24343] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.4404: couldn't read orphan inode 15 (err -117)
[  303.206099][T24345] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.4405: corrupted in-inode xattr: e_name out of bounds
[  303.230291][T24345] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.4405: couldn't read orphan inode 15 (err -117)
[  303.275825][T24345] FAULT_INJECTION: forcing a failure.
[  303.275825][T24345] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.289074][T24345] CPU: 1 PID: 24345 Comm: syz.2.4405 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  303.299406][T24345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  303.309466][T24345] Call Trace:
[  303.312746][T24345]  <TASK>
[  303.315731][T24345]  dump_stack_lvl+0xf2/0x150
[  303.320326][T24345]  dump_stack+0x15/0x20
[  303.324540][T24345]  should_fail_ex+0x229/0x230
[  303.329321][T24345]  should_fail+0xb/0x10
[  303.333495][T24345]  should_fail_usercopy+0x1a/0x20
[  303.338646][T24345]  _copy_from_user+0x1e/0xd0
[  303.343260][T24345]  io_submit_one+0x54/0x1240
[  303.347849][T24345]  ? __rcu_read_unlock+0x4e/0x70
[  303.352907][T24345]  __se_sys_io_submit+0xf5/0x280
[  303.353564][T24364] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24364 comm=syz.0.4409
[  303.357926][T24345]  __x64_sys_io_submit+0x43/0x50
[  303.357961][T24345]  x64_sys_call+0x2ab5/0x2d70
[  303.358021][T24345]  do_syscall_64+0xc9/0x1c0
[  303.358043][T24345]  ? clear_bhb_loop+0x55/0xb0
[  303.389470][T24345]  ? clear_bhb_loop+0x55/0xb0
[  303.394155][T24345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.400087][T24345] RIP: 0033:0x7f3c225fbbd9
[  303.404506][T24345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.411363][T24364] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4409'.
[  303.424156][T24345] RSP: 002b:00007f3c2187d048 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  303.424211][T24345] RAX: ffffffffffffffda RBX: 00007f3c22789f60 RCX: 00007f3c225fbbd9
[  303.424223][T24345] RDX: 0000000020000540 RSI: 0000000000000001 RDI: 00007f3c21854000
[  303.457460][T24345] RBP: 00007f3c2187d0a0 R08: 0000000000000000 R09: 0000000000000000
[  303.465454][T24345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.473444][T24345] R13: 000000000000000b R14: 00007f3c22789f60 R15: 00007fffd9371758
[  303.481496][T24345]  </TASK>
[  303.583747][T24383] loop3: detected capacity change from 0 to 512
[  303.594013][T24388] vlan5: entered promiscuous mode
[  303.599159][T24388] ip_vti0: entered promiscuous mode
[  303.607361][T24378] loop1: detected capacity change from 0 to 2048
[  303.614773][T24383] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  303.624826][T24388] ip_vti0: left promiscuous mode
[  303.645394][T24383] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  303.662279][T24378] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  303.700452][T24383] EXT4-fs (loop3): Remounting filesystem read-only
[  303.712726][T24408] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4418'.
[  303.719464][T24383] EXT4-fs warning (device loop3): ext4_evict_inode:254: couldn't mark inode dirty (err -5)
[  303.721742][T24408] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4418'.
[  303.742092][T24378] netlink: 'syz.1.4411': attribute type 9 has an invalid length.
[  303.746341][T24410] loop2: detected capacity change from 0 to 2048
[  303.751506][T24417] netlink: 9 bytes leftover after parsing attributes in process `syz.0.4421'.
[  303.767026][T24383] EXT4-fs (loop3): 1 orphan inode deleted
[  303.773089][T24383] SELinux: (dev loop3, type ext4) getxattr errno 5
[  303.784174][T24417] 0·X: renamed from hsr0
[  303.790312][T24417] A link change request failed with some changes committed already. Interface 
c0·X may have been left with an inconsistent configuration, please check.
[  303.881496][T24436] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4426'.
[  303.893554][   T29] audit: type=1400 audit(1720324571.595:2746): avc:  denied  { setopt } for  pid=24429 comm="syz.3.4425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  303.938596][   T29] audit: type=1401 audit(1720324571.625:2747): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  303.967575][T24443] netlink: 'syz.3.4429': attribute type 10 has an invalid length.
[  303.975783][T24450] loop1: detected capacity change from 0 to 512
[  303.990291][T24450] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  303.999056][   T29] audit: type=1400 audit(1720324571.695:2748): avc:  denied  { checkpoint_restore } for  pid=24446 comm="syz.2.4423" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  304.014752][T24455] netlink: 'syz.3.4432': attribute type 10 has an invalid length.
[  304.033129][T24450] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e842e11c, mo2=0002]
[  304.046025][T24455] bridge0: port 2(
c0·X) entered blocking state
[  304.052358][T24455] bridge0: port 2(
c0·X) entered disabled state
[  304.059853][T24450] System zones: 1-12
[  304.066139][T24450] EXT4-fs (loop1): orphan cleanup on readonly fs
[  304.075766][T24455] A link change request failed with some changes committed already. Interface 
c0·X may have been left with an inconsistent configuration, please check.
[  304.100239][T24460] loop2: detected capacity change from 0 to 1024
[  304.114155][T24450] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4430: bg 0: block 361: padding at end of block bitmap is not set
[  304.134566][T24459] batadv0: entered promiscuous mode
[  304.145414][T24450] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  304.165902][T24460] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  304.176447][T24450] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #11: comm syz.1.4430: attempt to clear invalid blocks 33619980 len 1
[  304.200868][T24459] macvtap0: entered promiscuous mode
[  304.210237][T24460] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  304.220464][T24459] macvtap0: left promiscuous mode
[  304.227598][T24450] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.4430: invalid indirect mapped block 1811939328 (level 0)
[  304.243930][T24460] EXT4-fs (loop2): orphan cleanup on readonly fs
[  304.255138][T24459] batadv0: left promiscuous mode
[  304.260349][T24450] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.4430: invalid indirect mapped block 2 (level 2)
[  304.278322][T24460] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.4433: Invalid inode table block 0 in block_group 0
[  304.301422][T24450] EXT4-fs (loop1): 1 truncate cleaned up
[  304.328503][T24460] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  304.365491][T24460] EXT4-fs error (device loop2): ext4_quota_write:7232: inode #3: comm syz.2.4433: mark_inode_dirty error
[  304.394434][T24460] Quota error (device loop2): write_blk: dquota write failed
[  304.402037][T24460] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  304.412175][T24460] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz.2.4433: Failed to acquire dquot type 0
[  304.536225][T24460] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.4433: Invalid inode table block 0 in block_group 0
[  304.554043][   T29] audit: type=1401 audit(1720324572.255:2749): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  304.556409][T24472] dummy0: entered promiscuous mode
[  304.581258][T24472] dummy0: left promiscuous mode
[  304.601348][T24460] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  304.622404][T24460] EXT4-fs error (device loop2): ext4_ext_truncate:4432: inode #15: comm syz.2.4433: mark_inode_dirty error
[  304.638597][T24460] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.4433: Invalid inode table block 0 in block_group 0
[  304.651883][T24460] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  304.662826][T24460] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  304.684281][T24460] EXT4-fs error (device loop2): __ext4_get_inode_loc:4357: comm syz.2.4433: Invalid inode table block 0 in block_group 0
[  304.700255][T24460] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: Corrupt filesystem
[  304.721715][T24460] EXT4-fs error (device loop2): ext4_truncate:4162: inode #15: comm syz.2.4433: mark_inode_dirty error
[  304.733940][T24460] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  304.747314][T24498] vxcan5: entered promiscuous mode
[  304.760369][T24493] loop1: detected capacity change from 0 to 512
[  304.768356][T24498] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24498 comm=syz.0.4443
[  304.790050][T24493] EXT4-fs (loop1): too many log groups per flexible block group
[  304.797831][T24493] EXT4-fs (loop1): failed to initialize mballoc (-12)
[  304.809076][T24493] EXT4-fs (loop1): mount failed
[  304.814130][T24460] EXT4-fs (loop2): 1 truncate cleaned up
[  304.936279][T24534] loop2: detected capacity change from 0 to 2048
[  304.987185][ T3273] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  305.027880][T24550] netlink: 'syz.1.4449': attribute type 5 has an invalid length.
[  305.124458][   T29] audit: type=1401 audit(1720324572.835:2750): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  305.259461][T24570] team0 (unregistering): Port device team_slave_0 removed
[  305.294409][T24570] team0 (unregistering): Failed to send options change via netlink (err -105)
[  305.314376][T24570] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[  305.332005][T24578] loop4: detected capacity change from 0 to 512
[  305.338722][T24570] team0 (unregistering): Port device team_slave_1 removed
[  305.355345][T24572] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.4456' sets config #0
[  305.360924][T24570] team0 (unregistering): Failed to send options change via netlink (err -105)
[  305.382170][T24578] ext4 filesystem being mounted at /27/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  305.384476][T24570] team0 (unregistering): Failed to send port change of device macvlan0 via netlink (err -105)
[  305.426296][T24570] team0 (unregistering): Port device macvlan0 removed
[  305.457366][T24570] team0 (unregistering): Failed to send options change via netlink (err -105)
[  305.484874][T24570] team0 (unregistering): Failed to send port change of device vlan0 via netlink (err -105)
[  305.525347][T24570] team0 (unregistering): Port device vlan0 removed
[  305.638110][T24634] loop1: detected capacity change from 0 to 1024
[  305.650580][T24634] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  305.668044][   T29] audit: type=1401 audit(1720324573.375:2751): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  305.694797][T24634] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  305.702851][T24634] EXT4-fs (loop1): orphan cleanup on readonly fs
[  305.714524][T24634] Quota error (device loop1): v2_read_file_info: Can't read info structure
[  305.723189][T24634] EXT4-fs warning (device loop1): ext4_enable_quotas:7078: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  305.737764][T24634] EXT4-fs (loop1): Cannot turn on quotas: error -5
[  305.752336][T24634] EXT4-fs (loop1): 1 truncate cleaned up
[  305.753526][T24648] loop3: detected capacity change from 0 to 164
[  305.790941][T24648] Unable to read rock-ridge attributes
[  305.881556][   T29] audit: type=1400 audit(1720324573.585:2752): avc:  denied  { unmount } for  pid=23223 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  305.964506][T24666] veth5: entered allmulticast mode
[  305.996302][T24682] vxcan3: entered promiscuous mode
[  306.014825][T24682] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24682 comm=syz.1.4471
[  306.056910][T24661] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.4468' sets config #0
[  306.111630][T24689] team0 (unregistering): Port device team_slave_0 removed
[  306.142485][T24689] team0 (unregistering): Failed to send options change via netlink (err -105)
[  306.164968][T24689] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[  306.175437][T24709] tmpfs: Bad value for 'nr_blocks'
[  306.187290][T24689] team0 (unregistering): Port device team_slave_1 removed
[  306.315143][T24749] loop4: detected capacity change from 0 to 512
[  306.331790][T24749] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[  306.449250][T24763] loop4: detected capacity change from 0 to 512
[  306.497040][T24770] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  306.506740][T24763] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  306.695999][T24777] loop4: detected capacity change from 0 to 512
[  306.760095][T24780] FAULT_INJECTION: forcing a failure.
[  306.760095][T24780] name failslab, interval 1, probability 0, space 0, times 0
[  306.771739][T24777] EXT4-fs error (device loop4): ext4_get_journal_inode:5752: comm syz.4.4489: inode #196608: comm syz.4.4489: iget: illegal inode #
[  306.772835][T24780] CPU: 0 PID: 24780 Comm: syz.0.4491 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  306.796489][T24780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  306.806642][T24780] Call Trace:
[  306.809921][T24780]  <TASK>
[  306.812850][T24780]  dump_stack_lvl+0xf2/0x150
[  306.817465][T24780]  dump_stack+0x15/0x20
[  306.821628][T24780]  should_fail_ex+0x229/0x230
[  306.826426][T24780]  ? alloc_workqueue+0x192/0x12c0
[  306.831453][T24780]  __should_failslab+0x92/0xa0
[  306.836391][T24780]  should_failslab+0x9/0x20
[  306.840898][T24780]  kmalloc_trace_noprof+0x4b/0x2a0
[  306.846020][T24780]  alloc_workqueue+0x192/0x12c0
[  306.850922][T24780]  nci_register_device+0x129/0x580
[  306.856070][T24780]  virtual_ncidev_open+0xdc/0x140
[  306.861105][T24780]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  306.866939][T24780]  misc_open+0x207/0x240
[  306.871201][T24780]  chrdev_open+0x323/0x3a0
[  306.875695][T24780]  ? __pfx_chrdev_open+0x10/0x10
[  306.880639][T24780]  do_dentry_open+0x647/0xa60
[  306.885345][T24780]  vfs_open+0x3b/0x1f0
[  306.889423][T24780]  path_openat+0x1ad9/0x1fa0
[  306.894024][T24780]  ? _parse_integer+0x27/0x30
[  306.898706][T24780]  ? kstrtoull+0x110/0x140
[  306.903135][T24780]  do_filp_open+0xf7/0x200
[  306.907560][T24780]  do_sys_openat2+0xab/0x120
[  306.912173][T24780]  __x64_sys_openat+0xf3/0x120
[  306.916965][T24780]  x64_sys_call+0x1057/0x2d70
[  306.918716][T24777] EXT4-fs (loop4): Remounting filesystem read-only
[  306.921671][T24780]  do_syscall_64+0xc9/0x1c0
[  306.928183][T24777] EXT4-fs (loop4): no journal found
[  306.932622][T24780]  ? clear_bhb_loop+0x55/0xb0
[  306.932650][T24780]  ? clear_bhb_loop+0x55/0xb0
[  306.937888][T24777] EXT4-fs (loop4): can't get journal size
[  306.942476][T24780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.958847][T24780] RIP: 0033:0x7f4316f62bd9
[  306.963264][T24780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.982882][T24780] RSP: 002b:00007f43161e4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  306.991445][T24780] RAX: ffffffffffffffda RBX: 00007f43170f0f60 RCX: 00007f4316f62bd9
[  306.999423][T24780] RDX: 0000000000000002 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  307.007410][T24780] RBP: 00007f43161e40a0 R08: 0000000000000000 R09: 0000000000000000
[  307.015417][T24780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  307.023409][T24780] R13: 000000000000000b R14: 00007f43170f0f60 R15: 00007ffdca22d7c8
[  307.031476][T24780]  </TASK>
[  307.073204][T24777] EXT4-fs (loop4): get root inode failed
[  307.078989][T24777] EXT4-fs (loop4): mount failed
[  307.090464][T24785] team0 (unregistering): Port device team_slave_0 removed
[  307.108911][T24785] team0 (unregistering): Failed to send options change via netlink (err -105)
[  307.135311][T24785] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[  307.154736][T24785] team0 (unregistering): Port device team_slave_1 removed
[  307.224392][T24821] loop4: detected capacity change from 0 to 512
[  307.259437][T24821] ext4 filesystem being mounted at /38/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  307.460746][T24834] xfrm0 speed is unknown, defaulting to 1000
[  307.538944][T24851] loop4: detected capacity change from 0 to 512
[  307.557488][T24851] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  307.565618][T24851] System zones: 1-12
[  307.569613][T24851] EXT4-fs (loop4): orphan cleanup on readonly fs
[  307.582990][T24851] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4501: bg 0: block 328: padding at end of block bitmap is not set
[  307.597584][T24851] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  307.606425][T24851] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.4501: invalid indirect mapped block 65280 (level 0)
[  307.620691][T24851] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.4501: attempt to clear invalid blocks 33619980 len 1
[  307.634426][T24851] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.4501: invalid indirect mapped block 1819239214 (level 0)
[  307.648528][T24851] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.4501: invalid indirect mapped block 1819239214 (level 1)
[  307.662740][T24851] EXT4-fs (loop4): 1 orphan inode deleted
[  307.675791][T24861] netlink: 'syz.2.4500': attribute type 4 has an invalid length.
[  307.801738][T24875] __nla_validate_parse: 11 callbacks suppressed
[  307.801755][T24875] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4503'.
[  307.867548][T24884] loop1: detected capacity change from 0 to 512
[  307.875826][T24884] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  307.908764][T24884] EXT4-fs (loop1): 1 orphan inode deleted
[  307.914688][T24884] EXT4-fs (loop1): 1 truncate cleaned up
[  307.915633][T24889] netlink: 'syz.0.4507': attribute type 17 has an invalid length.
[  307.936886][T24878] EXT4-fs error (device loop4): ext4_map_blocks:580: inode #2: block 2: comm syz.4.4501: lblock 0 mapped to illegal pblock 2 (length 1)
[  307.953078][T24878] EXT4-fs warning (device loop4): dx_probe:822: inode #2: lblock 0: comm syz.4.4501: error -117 reading directory block
[  308.204620][T24917] netlink: 72 bytes leftover after parsing attributes in process `syz.1.4514'.
[  308.213585][T24917] netlink: 72 bytes leftover after parsing attributes in process `syz.1.4514'.
[  308.239992][T24921] loop3: detected capacity change from 0 to 512
[  308.266480][T24921] ext4 filesystem being mounted at /356/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  308.377860][T24942] netlink: 160 bytes leftover after parsing attributes in process `syz.3.4521'.
[  308.493678][T24950] loop3: detected capacity change from 0 to 2048
[  308.511388][T24952] loop4: detected capacity change from 0 to 512
[  308.521376][T24952] EXT4-fs (loop4): bad block size 8192
[  308.533386][T24960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4529'.
[  308.557437][T24960] vxcan5: entered promiscuous mode
[  308.581898][T24950] bond0: entered promiscuous mode
[  308.587000][T24950] bond0: entered allmulticast mode
[  308.604211][T24950] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.623011][T25002] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=25002 comm=syz.1.4529
[  308.656621][T25001] netlink: 'syz.3.4526': attribute type 19 has an invalid length.
[  308.664615][T25001] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4526'.
[  308.674853][T24960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4529'.
[  308.698785][T25006] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4530'.
[  308.762260][T25009] loop4: detected capacity change from 0 to 128
[  308.775559][T25010] loop1: detected capacity change from 0 to 512
[  308.783666][T25010] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  308.791819][T25010] System zones: 1-12
[  308.795928][T25010] EXT4-fs (loop1): orphan cleanup on readonly fs
[  308.802982][T25010] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4533: bg 0: block 328: padding at end of block bitmap is not set
[  308.818715][T25010] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  308.827930][T25010] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.4533: invalid indirect mapped block 65280 (level 0)
[  308.843370][T25010] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.4533: attempt to clear invalid blocks 33619980 len 1
[  308.858614][T25010] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.4533: invalid indirect mapped block 1819239214 (level 0)
[  308.873506][T25010] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.4533: invalid indirect mapped block 1819239214 (level 1)
[  308.889043][T25010] EXT4-fs (loop1): 1 orphan inode deleted
[  308.894450][T25009] FAT-fs (loop4): Unrecognized mount option "ÿÿÿÿ0177777777777777777777718446744073709551615" or missing value
[  308.917898][T25015] loop3: detected capacity change from 0 to 2048
[  308.926452][T25019] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4534'.
[  308.935399][T25019] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4534'.
[  308.958985][T25023] loop2: detected capacity change from 0 to 512
[  309.045704][T25023] ext4 filesystem being mounted at /219/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  309.084875][T25026] EXT4-fs error (device loop1): ext4_map_blocks:580: inode #2: block 2: comm syz.1.4533: lblock 0 mapped to illegal pblock 2 (length 1)
[  309.170755][T25026] EXT4-fs warning (device loop1): dx_probe:822: inode #2: lblock 0: comm syz.1.4533: error -117 reading directory block
[  309.186956][T25032] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=46 sclass=netlink_tcpdiag_socket pid=25032 comm=syz.3.4531
[  309.370652][   T29] kauditd_printk_skb: 38 callbacks suppressed
[  309.370666][   T29] audit: type=1400 audit(1720324577.075:2791): avc:  denied  { read } for  pid=25007 comm="syz.4.4532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  309.513184][T25040] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  309.539371][T25040] vhci_hcd: invalid port number 23
[  309.554379][T17968] EXT4-fs unmount: 43 callbacks suppressed
[  309.554393][T17968] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.603671][T21789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.604046][   T29] audit: type=1401 audit(1720324577.305:2792): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  309.683923][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.740500][T25056] loop3: detected capacity change from 0 to 512
[  309.749295][T25060] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:0000:0000 with DS=0x2
[  309.750172][T25055] vxcan5: entered promiscuous mode
[  309.783133][T25056] EXT4-fs (loop3): 1 truncate cleaned up
[  309.790217][T25056] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  309.816545][   T29] audit: type=1400 audit(1720324577.525:2793): avc:  denied  { execute_no_trans } for  pid=25054 comm="syz.3.4540" path="/360/bus/file1" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  309.849842][T25055] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=25055 comm=syz.0.4543
[  309.903346][T25087] loop2: detected capacity change from 0 to 512
[  309.944071][T25091] loop1: detected capacity change from 0 to 512
[  309.970115][T25087] EXT4-fs (loop2): orphan cleanup on readonly fs
[  309.979349][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.009224][T25091] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.040576][T25087] Quota error (device loop2): do_check_range: Getting block 71 out of range 1-5
[  310.050065][T25087] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  310.059627][T25087] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz.2.4545: Failed to acquire dquot type 0
[  310.087851][T25097] RDS: rds_bind could not find a transport for ::ffff:172.30.0.1, load rds_tcp or rds_rdma?
[  310.098993][T25091] ext4 filesystem being mounted at /80/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  310.137383][T25106] loop3: detected capacity change from 0 to 512
[  310.151174][T25087] EXT4-fs (loop2): 1 truncate cleaned up
[  310.155256][T25106] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2234: inode #15: comm syz.3.4550: corrupted in-inode xattr: e_name out of bounds
[  310.170764][T25106] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.4550: couldn't read orphan inode 15 (err -117)
[  310.195461][T21789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.213308][T25087] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  310.231868][T25106] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.346586][   T29] audit: type=1400 audit(1720324578.055:2794): avc:  denied  { getopt } for  pid=25086 comm="syz.2.4545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  310.451105][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.630621][T25122] ip_vti0: entered promiscuous mode
[  310.658368][T25122] vlan2: entered promiscuous mode
[  310.725460][T25122] ip_vti0: left promiscuous mode
[  310.871691][T25132] vxcan3: entered promiscuous mode
[  310.913454][T25132] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=25132 comm=syz.4.4557
[  311.243858][T25157] loop4: detected capacity change from 0 to 512
[  311.270503][T25157] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  311.302628][T25157] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e842e11c, mo2=0002]
[  311.337771][T25157] System zones: 1-12
[  311.350632][T25157] EXT4-fs (loop4): orphan cleanup on readonly fs
[  311.379921][T25157] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4565: bg 0: block 361: padding at end of block bitmap is not set
[  311.521782][T25166] batadv0: entered promiscuous mode
[  311.527273][T25157] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  311.538144][T25166] macvtap0: entered promiscuous mode
[  311.558464][T25166] macvtap0: left promiscuous mode
[  311.571192][   T29] audit: type=1401 audit(1720324579.275:2795): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  311.573693][T25166] batadv0: left promiscuous mode
[  311.615851][T25157] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #11: comm syz.4.4565: attempt to clear invalid blocks 33619980 len 1
[  311.648844][T25157] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.4565: invalid indirect mapped block 1811939328 (level 0)
[  311.719243][T25157] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.4565: invalid indirect mapped block 2 (level 2)
[  311.752895][T25157] EXT4-fs (loop4): 1 truncate cleaned up
[  311.781235][T25157] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  311.800592][T17968] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.813119][T25189] vxcan7: entered promiscuous mode
[  311.826655][T25189] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=25189 comm=syz.0.4570
[  311.827636][T25187] loop1: detected capacity change from 0 to 128
[  311.870732][   T29] audit: type=1400 audit(1720324579.575:2796): avc:  denied  { accept } for  pid=25186 comm="syz.1.4571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  311.899320][T23223] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  311.974411][T25214] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  311.975318][T25203] xfrm0 speed is unknown, defaulting to 1000
[  312.011996][T25217] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1 (only 8 groups)
[  312.049319][T25215] loop4: detected capacity change from 0 to 2048
[  312.085096][T25215] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.101261][T25213] 9pnet_fd: Insufficient options for proto=fd
[  312.213653][T23223] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.413249][ T3273] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.431133][T25258] loop4: detected capacity change from 0 to 512
[  312.457954][ T3273] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.483104][T25258] EXT4-fs (loop4): orphan cleanup on readonly fs
[  312.513248][ T3273] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.528612][T25267] bond0 (unregistering): Released all slaves
[  312.544048][T25258] Quota error (device loop4): do_check_range: Getting block 71 out of range 1-5
[  312.553143][T25258] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[  312.562651][T25258] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz.4.4582: Failed to acquire dquot type 0
[  312.588507][ T3273] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.644737][T25258] EXT4-fs (loop4): 1 truncate cleaned up
[  312.659641][T25258] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  312.675832][T25313] loop2: detected capacity change from 0 to 128
[  312.677338][T25262] xfrm0 speed is unknown, defaulting to 1000
[  312.737070][T23223] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.753611][T25315] netlink: 'syz.3.4589': attribute type 11 has an invalid length.
[  312.785935][ T3273] bridge_slave_0: left allmulticast mode
[  312.791852][ T3273] bridge_slave_0: left promiscuous mode
[  312.797649][ T3273] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.897727][T25344] loop4: detected capacity change from 0 to 512
[  312.936586][T25344] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz.4.4590: corrupted in-inode xattr: invalid ea_ino
[  312.971170][T25344] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.4590: couldn't read orphan inode 15 (err -117)
[  312.993634][T25344] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  313.012906][T25349] __nla_validate_parse: 19 callbacks suppressed
[  313.012919][T25349] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4592'.
[  313.039532][ T3273] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  313.062044][ T3273] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  313.079893][ T3273] bond0 (unregistering): Released all slaves
[  313.184639][T23223] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.201968][ T3273] hsr_slave_0: left promiscuous mode
[  313.211835][T25369] FAULT_INJECTION: forcing a failure.
[  313.211835][T25369] name failslab, interval 1, probability 0, space 0, times 0
[  313.224504][T25369] CPU: 0 PID: 25369 Comm: syz.0.4597 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  313.234650][T25369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  313.244695][T25369] Call Trace:
[  313.247972][T25369]  <TASK>
[  313.250927][T25369]  dump_stack_lvl+0xf2/0x150
[  313.255601][T25369]  dump_stack+0x15/0x20
[  313.259750][T25369]  should_fail_ex+0x229/0x230
[  313.264509][T25369]  ? alloc_workqueue+0x50d/0x12c0
[  313.269557][T25369]  __should_failslab+0x92/0xa0
[  313.274419][T25369]  should_failslab+0x9/0x20
[  313.278925][T25369]  kmalloc_node_trace_noprof+0x50/0x2b0
[  313.284601][T25369]  alloc_workqueue+0x50d/0x12c0
[  313.289460][T25369]  nci_register_device+0x129/0x580
[  313.294606][T25369]  virtual_ncidev_open+0xdc/0x140
[  313.299684][T25369]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  313.305337][T25369]  misc_open+0x207/0x240
[  313.309571][T25369]  chrdev_open+0x323/0x3a0
[  313.314024][T25369]  ? __pfx_chrdev_open+0x10/0x10
[  313.319044][T25369]  do_dentry_open+0x647/0xa60
[  313.323726][T25369]  vfs_open+0x3b/0x1f0
[  313.327792][T25369]  path_openat+0x1ad9/0x1fa0
[  313.332437][T25369]  ? _parse_integer+0x27/0x30
[  313.337112][T25369]  ? kstrtoull+0x110/0x140
[  313.341605][T25369]  do_filp_open+0xf7/0x200
[  313.346072][T25369]  do_sys_openat2+0xab/0x120
[  313.350671][T25369]  __x64_sys_openat+0xf3/0x120
[  313.355434][T25369]  x64_sys_call+0x1057/0x2d70
[  313.360159][T25369]  do_syscall_64+0xc9/0x1c0
[  313.364749][T25369]  ? clear_bhb_loop+0x55/0xb0
[  313.369428][T25369]  ? clear_bhb_loop+0x55/0xb0
[  313.374166][T25369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.380107][T25369] RIP: 0033:0x7f4316f62bd9
[  313.384584][T25369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.404334][T25369] RSP: 002b:00007f43161e4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  313.412739][T25369] RAX: ffffffffffffffda RBX: 00007f43170f0f60 RCX: 00007f4316f62bd9
[  313.420717][T25369] RDX: 0000000000000002 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  313.428766][T25369] RBP: 00007f43161e40a0 R08: 0000000000000000 R09: 0000000000000000
[  313.436727][T25369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  313.444721][T25369] R13: 000000000000000b R14: 00007f43170f0f60 R15: 00007ffdca22d7c8
[  313.452706][T25369]  </TASK>
[  313.456291][ T3273] hsr_slave_1: left promiscuous mode
[  313.462307][T25415] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  313.462384][ T3273] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  313.478040][ T3273] batman_adv: batadv0: Removing interface: batadv_slave_0
[  313.486430][ T3273] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  313.493868][ T3273] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.503321][ T3273] veth1_macvtap: left promiscuous mode
[  313.508828][ T3273] veth0_macvtap: left promiscuous mode
[  313.514341][ T3273] veth1_vlan: left promiscuous mode
[  313.514377][ T3273] veth0_vlan: left promiscuous mode
[  313.582400][T25426] loop4: detected capacity change from 0 to 512
[  313.682588][T25431] openvswitch: netlink: VXLAN extension message has 12 unknown bytes.
[  313.698171][ T3273] team0 (unregistering): Port device team_slave_1 removed
[  313.709752][ T3273] team0 (unregistering): Port device team_slave_0 removed
[  313.773239][T25424] netlink: 'syz.0.4599': attribute type 10 has an invalid length.
[  313.802437][T25262] chnl_net:caif_netlink_parms(): no params data found
[  313.832480][T25474] netlink: 'syz.4.4601': attribute type 4 has an invalid length.
[  313.840261][T25474] netlink: 17 bytes leftover after parsing attributes in process `syz.4.4601'.
[  313.942372][T25262] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.949528][T25262] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.973426][T25262] bridge_slave_0: entered allmulticast mode
[  313.997460][T25262] bridge_slave_0: entered promiscuous mode
[  314.016976][T25262] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.024137][T25262] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.049297][T25262] bridge_slave_1: entered allmulticast mode
[  314.069215][T25262] bridge_slave_1: entered promiscuous mode
[  314.122198][T25521] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  314.148188][T25521] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  314.181714][T25521] bond0 (unregistering): Released all slaves
[  314.206114][T25536] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4604'.
[  314.233414][T25543] netlink: 'syz.2.4607': attribute type 17 has an invalid length.
[  314.262385][T25262] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  314.283005][T25262] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  314.337715][T25262] team0: Port device team_slave_0 added
[  314.343486][T25621] netlink: 703 bytes leftover after parsing attributes in process `syz.3.4611'.
[  314.359726][T25635] loop4: detected capacity change from 0 to 512
[  314.364428][T25262] team0: Port device team_slave_1 added
[  314.405295][T25262] batman_adv: batadv0: Adding interface: batadv_slave_0
[  314.412241][T25262] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.438300][T25262] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  314.450332][   T29] audit: type=1326 audit(1720324582.155:2797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25633 comm="syz.2.4610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c225fbbd9 code=0x7ffc0000
[  314.474027][   T29] audit: type=1326 audit(1720324582.155:2798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25633 comm="syz.2.4610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c225fbbd9 code=0x7ffc0000
[  314.516009][T25262] batman_adv: batadv0: Adding interface: batadv_slave_1
[  314.523048][T25262] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.548973][T25262] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  314.570400][   T29] audit: type=1326 audit(1720324582.205:2799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25633 comm="syz.2.4610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c225fbbd9 code=0x7ffc0000
[  314.593914][   T29] audit: type=1326 audit(1720324582.205:2800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25633 comm="syz.2.4610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c225fbbd9 code=0x7ffc0000
[  314.617451][   T29] audit: type=1326 audit(1720324582.205:2801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25633 comm="syz.2.4610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c225fbbd9 code=0x7ffc0000
[  314.641052][   T29] audit: type=1326 audit(1720324582.215:2802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25633 comm="syz.2.4610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3c225fbbd9 code=0x7ffc0000
[  314.664517][   T29] audit: type=1326 audit(1720324582.215:2803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25633 comm="syz.2.4610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c225fbbd9 code=0x7ffc0000
[  314.688054][   T29] audit: type=1326 audit(1720324582.215:2804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25633 comm="syz.2.4610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c225fbbd9 code=0x7ffc0000
[  314.711538][   T29] audit: type=1326 audit(1720324582.215:2805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25633 comm="syz.2.4610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f3c225fbbd9 code=0x7ffc0000
[  314.719508][T25635] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  314.735186][   T29] audit: type=1326 audit(1720324582.215:2806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25633 comm="syz.2.4610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c225fbbd9 code=0x7ffc0000
[  314.771851][T25635] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  314.805537][T25262] hsr_slave_0: entered promiscuous mode
[  314.813070][T25262] hsr_slave_1: entered promiscuous mode
[  314.830496][T25262] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  314.855758][T25262] Cannot create hsr debugfs directory
[  314.905759][T23223] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.932093][T25737] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  314.940270][T25601] ==================================================================
[  314.940303][T25601] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  314.958197][T25601] 
[  314.960514][T25601] read-write to 0xffffffff860079c0 of 8 bytes by interrupt on cpu 0:
[  314.968575][T25601]  tick_do_update_jiffies64+0x112/0x1b0
[  314.974136][T25601]  tick_nohz_handler+0x7c/0x2d0
[  314.979005][T25601]  __hrtimer_run_queues+0x20d/0x5e0
[  314.984210][T25601]  hrtimer_interrupt+0x210/0x7b0
[  314.989145][T25601]  __sysvec_apic_timer_interrupt+0x5c/0x1a0
[  314.995040][T25601]  sysvec_apic_timer_interrupt+0x6e/0x80
[  315.000670][T25601]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  315.006655][T25601]  console_flush_all+0x4fc/0x710
[  315.011605][T25601]  console_unlock+0x7b/0x280
[  315.016195][T25601]  vprintk_emit+0x3ed/0x5e0
[  315.020703][T25601]  vprintk_default+0x26/0x30
[  315.025289][T25601]  vprintk+0x75/0x80
[  315.029173][T25601]  _printk+0x7a/0xa0
[  315.033065][T25601]  attach_store+0x35b/0x680
[  315.037568][T25601]  dev_attr_store+0x47/0x70
[  315.042062][T25601]  sysfs_kf_write+0xae/0xd0
[  315.046555][T25601]  kernfs_fop_write_iter+0x1ce/0x2c0
[  315.051861][T25601]  vfs_write+0x78f/0x900
[  315.056102][T25601]  ksys_write+0xeb/0x1b0
[  315.060335][T25601]  __x64_sys_write+0x42/0x50
[  315.064933][T25601]  x64_sys_call+0x27ef/0x2d70
[  315.069601][T25601]  do_syscall_64+0xc9/0x1c0
[  315.074102][T25601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.079990][T25601] 
[  315.082298][T25601] read to 0xffffffff860079c0 of 8 bytes by task 25601 on cpu 1:
[  315.089911][T25601]  mem_cgroup_flush_stats_ratelimited+0x29/0x100
[  315.096260][T25601]  workingset_test_recent+0x114/0x410
[  315.101625][T25601]  workingset_refault+0x1e9/0x460
[  315.106641][T25601]  filemap_add_folio+0x116/0x1b0
[  315.111571][T25601]  page_cache_ra_unbounded+0x148/0x2e0
[  315.117016][T25601]  ondemand_readahead+0x542/0x6b0
[  315.122034][T25601]  page_cache_async_ra+0x94/0xa0
[  315.126957][T25601]  filemap_fault+0x2d3/0xa60
[  315.131544][T25601]  __do_fault+0xb6/0x200
[  315.135781][T25601]  handle_mm_fault+0xdeb/0x2a80
[  315.140631][T25601]  __get_user_pages+0x49d/0xf10
[  315.145475][T25601]  get_dump_page+0xb8/0x1b0
[  315.149964][T25601]  dump_user_range+0xc6/0x550
[  315.154635][T25601]  elf_core_dump+0x1aeb/0x1c30
[  315.159382][T25601]  do_coredump+0xff6/0x1860
[  315.163885][T25601]  get_signal+0xdc1/0x1080
[  315.168292][T25601]  arch_do_signal_or_restart+0x95/0x4b0
[  315.173823][T25601]  irqentry_exit_to_user_mode+0x94/0x130
[  315.179447][T25601]  irqentry_exit+0x12/0x50
[  315.183848][T25601]  asm_exc_page_fault+0x26/0x30
[  315.188690][T25601]  _end+0x76fda000/0x0
[  315.192750][T25601] 
[  315.195055][T25601] value changed: 0x00000001000005a9 -> 0x00000001000005aa
[  315.202159][T25601] 
[  315.204476][T25601] Reported by Kernel Concurrency Sanitizer on:
[  315.210608][T25601] CPU: 1 PID: 25601 Comm: syz.0.4608 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  315.220749][T25601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  315.230813][T25601] ==================================================================
[  315.504715][T25777] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.4618' sets config #0
[  315.539762][T25262] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  315.564944][T25262] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  315.580625][T25262] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  315.596055][T25262] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  315.655679][T25262] 8021q: adding VLAN 0 to HW filter on device bond0
[  315.680549][T25262] 8021q: adding VLAN 0 to HW filter on device team0
[  315.698793][ T3162] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.705868][ T3162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  315.743413][ T3162] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.750486][ T3162] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.781116][T25262] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  315.791503][T25262] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  315.937959][T25262] 8021q: adding VLAN 0 to HW filter on device batadv0
[  316.058894][T25262] veth0_vlan: entered promiscuous mode
[  316.076978][T25262] veth1_vlan: entered promiscuous mode
[  316.100899][T25262] veth0_macvtap: entered promiscuous mode
[  316.118141][T25262] veth1_macvtap: entered promiscuous mode
[  316.138408][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.148945][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.158827][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.169253][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.179214][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.189673][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.199494][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.209901][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.219710][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.230228][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.240056][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.250506][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.262354][T25262] batman_adv: batadv0: Interface activated: batadv_slave_0
[  316.270651][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.281205][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.291153][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.301573][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.311487][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.321902][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.331788][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.342213][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.352035][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.362478][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.372316][T25262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  316.382766][T25262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.396425][T25262] batman_adv: batadv0: Interface activated: batadv_slave_1
[  316.409224][T25262] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  316.418105][T25262] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  316.426881][T25262] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  316.435624][T25262] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0