last executing test programs:

13.992449798s ago: executing program 3 (id=5997):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x8a000, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$inet(0x2, 0x2, 0xffff)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r4=>r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = syz_io_uring_setup(0x72c2, &(0x7f0000000380), &(0x7f0000000100), &(0x7f0000000000))
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r2, @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
clock_adjtime(0x0, &(0x7f0000000340)={0xfff, 0x7, 0x9, 0xd4bb, 0xe, 0x9, 0x2, 0xea5f, 0x8, 0x3a, 0x1, 0x400, 0x214, 0x4, 0xb, 0x4, 0x1, 0xc44, 0x3e, 0x800000000, 0x0, 0x7, 0x1, 0x0, 0x3, 0x8000000000000000})
io_uring_enter(r5, 0x0, 0xbd6d, 0x9, 0x0, 0x0)
r8 = syz_clone(0x28208000, 0x0, 0x9, 0x0, 0x0, 0x0)
r9 = syz_pidfd_open(r8, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r9, 0x6612)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r11 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000005c0)=ANY=[@ANYRESOCT=r4], 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000009000000dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359caa1af3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae2acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da31290bce645451b851111dd98ac4d8da9317c2c082020e0b2d634086785f3fe41a3053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456391cffdef93e29f10f4a11f0cfbfc0ff976b20fef6033495b9b94777db9bb9b678ffc1130000009faa798226a080c01e47151268a02dc1a557cfdcf76305fbf6643df66b1b4d2d5e7bf698fc5a18d984ecb91e6683a5f522d536e2f3c43b89823659d1945258fc668950e5aacfffffffffffffff7f7a266c90e64efc8d8f730867202a9ee94e6a00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, 0x0, r11, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0xf5010000}, 0x6d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0xe)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000540)={[{@grpid}, {@journal_async_commit}]}, 0x4, 0x4ec, &(0x7f0000001d40)="$eJzs3c9vVMcdAPDvW3uxMQuGlkNbtYVSWlohFtuAheihcGlVIaSqqKcewLUXy/KaRf5BsMPBHHOPFKSckj8htxwiccoht5yS3HIhh0gkQYlwpBw2em8f9mJ7sRNsL3g/H+n5vZlZ9juzy8zsG1hPAB3raEQsRsSeiLgeEf15fpIfcbFxpI978vju6NLju6NJ1OtXv06y8jQvmv5Mal/+nL0R8Z9/Rvw/WRt3Zn5hcqRarUzn6dOzU7dOz8wvnJoo5DlDw4PDA+fPnBvasrYemXrv0T8mLv/3g/d/9/Djxb++nlar9Mb+rKy5HVup0fRilJryuiPi8nYEa5Pu/O8Pr560t/0iIo5l/b8/urJ3EwDYzer1/qj3N6cBgN0uvf8vRVIo52sBpSgUyuXGGt7h6CtUazOzJ/trczfHIlvDOhjFwo2JamUgXys8GMUkTQ9m1yvpoVXpMxFxKCLe7NmbpcujtepYOz/4AEAH27dq/v+upzH/AwC7XG+7KwAA7DjzPwB0HvM/AHSenzD/+3YgAOwS7v8BoPOY/wGg82w4/9/bmXoAADvi31eupEd9Kf/912O35+f+Vrp9aqwyM1memhstJ7XpW+XxWm28WimP1usbPV+1Vrs1eHY5OTO/cG2qNndz9trE1Mh45VqluM3tAQA2dujIg8+SiFi8sDc7omkvB3M17G6FdlcAaJuudlcAaBvf54HOtYl7fMsAsMuts0XvM1r+F6H7Nn+FV9WJX1v/h05l/R86189b///7ltcD2HnW/6Fz1euJPf8BoMNY4wde6N//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEOVsiMplLO9wBfTn4VyOWJ/RByMYnJjoloZiIgDEfFpT7EnTQ+2u9IAwAsqfJnk+3+d6D9eWl26J/m+JztHxGtvX33rzsjs7PRgmv/Ncv7s/Tx/aE87GgAANLu4NqsxT+fnphv5J4/vjj49drKKjy41NhdN4y7lR6OkO7qzc28UI6Lv2yRPN6SfV7q2IP7ivYj41Ur77zRFKGVrII2dT1fHT2Pv34b4K6//6viFZ+IXsrL0XMxei19uQV2g0zy41Bgn876XdrG8/xXiaHZev//3ZiPUi3s6/i2tGf8Ky+Nf15r4Sdbnjy6nn1+TR2c//NeazHp/o+xexG+614ufLMdPWoy/xzfZxs9/+/tjrcrq70SciPXjN0xlw+zTsfbUxNTIeGW8cnNoaHhweOD8mXNDp7M16sbPj9aL8dWFkwdaxU/b39cifm+L9n+S1+5Pm2z/uz9c/98fnhP/L39c//0/3CJ+Kp0T/7zJ+CN9F1tu353GH2vR/o3e/5ObjP/wi4WxTT4UANgBM/MLkyPVamV6g4v0s+ZGj3Hxal7EYsRLUA0XL9VFu0cmYLutdPp21wQAAAAAAAAAAAAAAGhlZn5hsie29+tE7W4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9ePAQAA//+kMMxg")
syz_mount_image$vfat(&(0x7f0000000ac0), &(0x7f0000000b00)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r12 = open(&(0x7f0000000300)='.\x00', 0x800, 0x17d)
symlinkat(&(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r12, &(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00')
open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000680)=@generic={&(0x7f0000000580)='./file0\x00'}, 0x18)

13.877309796s ago: executing program 3 (id=6002):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000490, &(0x7f0000000000)={[{@orlov}, {@errors_remount}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x10)
mount(0x0, &(0x7f0000001fc0)='./file0\x00', &(0x7f0000002000)='devtmpfs\x00', 0x0, &(0x7f0000002040)='dirsync')
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff000000000300000000000000000000000200"/63], 0x0, 0x56}, 0x20)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f00000004c0)={r5, 0x3, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x3c1, 0x3, 0x378, 0x0, 0xc8, 0x8, 0x6, 0x5803, 0x320, 0x2e8, 0x2e8, 0x320, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [], 'vlan0\x00', 'geneve1\x00'}, 0x0, 0x168, 0x198, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5df11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f35a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r6, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r7, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x42}}]}, 0x3c}}, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mmap$perf(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10010, r1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

13.343036266s ago: executing program 3 (id=6013):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0xd, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
r0 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0)
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706", 0x200)
sendfile(r0, r1, 0x0, 0xe066)
sendfile(r0, r1, 0x0, 0xffff)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r2}, 0x90)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000300), 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x7c, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x24}}}}, [@NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x7e, 0x1}, {0x4, 0x2}, {0x5f, 0x4}, {0x5, 0x5}, {0x1, 0x7}, {0x6, 0x7}, {0x1}, {0x7}, {0xde, 0x6}, {0x3}, {0xf7, 0x5}, {0x7, 0x6}, {0x5, 0x6}], "7b6c7d21f34cfe8c"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0x2, 0x3}, {0x2, 0x6}, {0x22, 0x5}, {0xff, 0x4}, {0xe, 0x3}, {0x6}, {0x27, 0x4}, {0x6, 0x6}, {0x7, 0x1}, {0x9, 0x3}, {0x4f, 0x7}, {0xfe}, {0x7, 0x7}, {0x4, 0x3}, {0x6, 0x4}, {0x6, 0x3}, {0x9, 0x3}, {0x74, 0x2}, {0xd, 0x6}, {0x2}], "9a228d4fa0422131"}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x40800}, 0x4000010)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50}, 0x90)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000680)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r4, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000540)={'ip6_vti0\x00', &(0x7f00000004c0)={'syztnl0\x00', 0x0, 0x29, 0x9, 0x9, 0x4, 0x1, @mcast1, @local, 0x20, 0x80, 0x7fffffff, 0x2}})
connect$phonet_pipe(0xffffffffffffffff, &(0x7f0000002200), 0x10)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x800, 0x0, 0x0)

13.322874137s ago: executing program 3 (id=6014):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x0, 0x0, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x84, 0x84, 0xb, [@typedef={0x10, 0x0, 0x0, 0x8, 0x5}, @union={0xc, 0x7, 0x0, 0x5, 0x1, 0x86, [{0x2, 0x3, 0x87}, {0x10, 0x2, 0x9}, {0xe, 0x2, 0x401}, {0x4, 0x4, 0x6}, {0xf, 0x3, 0x1}, {0xb, 0x4, 0x6}, {0x10, 0x4, 0x6}]}, @ptr={0x0, 0x0, 0x0, 0x2, 0x5}, @func={0xb, 0x0, 0x0, 0xc, 0x1}]}, {0x0, [0x5f, 0x61, 0x5f, 0x61, 0x0, 0x61, 0x61, 0x2e, 0x61]}}, &(0x7f0000000300)=""/157, 0xa7, 0x9d, 0xa6, 0x107}, 0x20)

13.17502061s ago: executing program 3 (id=6016):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000490, &(0x7f0000000000)={[{@orlov}, {@errors_remount}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x10)
mount(0x0, &(0x7f0000001fc0)='./file0\x00', &(0x7f0000002000)='devtmpfs\x00', 0x0, &(0x7f0000002040)='dirsync')
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff000000000300000000000000000000000200"/63], 0x0, 0x56}, 0x20)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f00000004c0)={r5, 0x3, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x3c1, 0x3, 0x378, 0x0, 0xc8, 0x8, 0x6, 0x5803, 0x320, 0x2e8, 0x2e8, 0x320, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [], 'vlan0\x00', 'geneve1\x00'}, 0x0, 0x168, 0x198, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5df11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f35a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r6, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r7, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x42}}]}, 0x3c}}, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r6)
r8 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
mmap$perf(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10010, r1, 0x1)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000680)={r8, &(0x7f0000000f80)="6027e24ecd5f99488e72f8b6213552c8bb5f27776b7675f53d8362752df1520700e432f24a8af381d094bf4b7696f7efca787189f08b41dea497fd3f59ed1b923c3177e4136f53a9f387a97a578b7afa3c39f652c3843faef283e527f621d2036b7b17987d30be17a008a5a296daf17d74b07bfd8a871861462184b74af9c1959659d4050826d6c157e07aeae595f9f145c626fec482d573239a66abfbc628cfb8b25694"}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

6.516010829s ago: executing program 3 (id=6150):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000490, &(0x7f0000000000)={[{@orlov}, {@errors_remount}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x10)
mount(0x0, &(0x7f0000001fc0)='./file0\x00', &(0x7f0000002000)='devtmpfs\x00', 0x0, &(0x7f0000002040)='dirsync')
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff000000000300000000000000000000000200"/63], 0x0, 0x56}, 0x20)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f00000004c0)={r5, 0x3, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x3c1, 0x3, 0x378, 0x0, 0xc8, 0x8, 0x6, 0x5803, 0x320, 0x2e8, 0x2e8, 0x320, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [], 'vlan0\x00', 'geneve1\x00'}, 0x0, 0x168, 0x198, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5df11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f35a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r6, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r7, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x42}}]}, 0x3c}}, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r6)
mmap$perf(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10010, r1, 0x1)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000680)={0xffffffffffffffff, &(0x7f0000000f80)="6027e24ecd5f99488e72f8b6213552c8bb5f27776b7675f53d8362752df1520700e432f24a8af381d094bf4b7696f7efca787189f08b41dea497fd3f59ed1b923c3177e4136f53a9f387a97a578b7afa3c39f652c3843faef283e527f621d2036b7b17987d30be17a008a5a296daf17d74b07bfd8a871861462184b74af9c1959659d4050826d6c157e07aeae595f9f145c626fec482d573239a66abfbc628cfb8b25694"}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.638847819s ago: executing program 2 (id=6219):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48)
r1 = socket$caif_stream(0x25, 0x1, 0x3)
setsockopt$CAIFSO_REQ_PARAM(r1, 0x29, 0x80, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20)
set_mempolicy(0x1, 0x0, 0x9)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000008c0)={[{@nobh}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@resuid}, {@dioread_nolock}, {@usrjquota}, {@discard}, {@jqfmt_vfsv1}]}, 0xfc, 0x564, &(0x7f0000002bc0)="$eJzs3c9rHFUcAPDvbLL9rU2hFPUggR6s1G6axB8VPNSjaLGg97ok01Cy6ZbspjSxYHuwFy9SBBEL4h/gyYvH4j/gX1HQQpES9OAlMpvZdNPdTbbJtkm7nw9M8t7M7L757sz38WbfLhvAwBrN/hQiXo2Ib5OIwy3bhiPfOLq63/LD61PZksTKymd/J5Hk65r7J/n/g3nllYj4/euIk4X2dmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sw7kxPvv/du32J98/y/P3x696Mz3xxf/v6X+0duJ3E2DuXbWuPYhhutldEYzV+TYpx9bMfxPjS2myQ7fQBsyVCe58XI+oDDMZRnPfDi+yoiVoABlch/GFDNcUDz3r5P98HPjQcfrt4Atcc/vPreSOxr3BsdWE7W3Rll97sjfWg/a+O3v+7czpbo3/sQAJu6cTMiTg8Pt/d/Sd7/bd3pHvZ5vA39Hzw7d7Pxz1udxj+FtfFPdBj/HOyQu1uxef4X7vehma6y8d8HHce/a5NWI0N57aXGmK+YXLxUSbO+7eWIOBHFvVl9o/mcM8v3Vtav+XWt1Dr+y5as/eZYMD+O+8N71z96ulwvbzfupgc3I17rOP5N1s5/0uH8Z6/H+R7bOJbeeb3bts3jf7pWfo54o+P5fzSjlWw8PznWuB7GmldFu39uHfujW/s9xF/sY7htsvN/YOP4R5LW+dpat2fqPm/0077/0m7btnr970k+b5T35Ouulev1+fGIPckn7esnHj22WW/un8V/4vjG/V+n639/RHzRNeL1bh291XXXnb7+s/inn+j8P3nh3sdf/tit/d7O/9uN0ol8TS/9X68HuJ3XDgAAAAAAAHabQkQciqRQWisXCqXS6uc7jsaBQqVaq5+8WF24PB2N78qORLHQnOk+3PJ5iPH887DN+sRj9cmIOBIR3w3tb9RLU9XK9E4HDwAAAAAAAAAAAAAAAAAAALvEwYh9nb7/n/lzaKePDnjq2n66QeLDwOj+0y35ln780hOwK3XPf+BFJ/9hcMl/GFzyHwaX/IfBJf9hcMl/GFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAPrq/Llz2bKy/PD6VFafvrq4MFu9emo6rc2W5hamSlPV+SulmWp1ppKWpqpzmz1fpVq9Mj4RC9fG6mmtPlZbXLowV124XL9waa48k15Ii88kKgAAAAAAAAAAAAAAAAAAAHi+1BaXZsuVSjqvoLClwvDuOAyFPhd2umcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEf+DwAA//9MBzmC")
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f000050a000/0x3000)=nil, 0x3000, 0x37fffff, 0x4000013, r4, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000472000/0x3000)=nil, 0x3000, 0x1000004, 0x10, r4, 0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000080)=@IORING_OP_SEND={0x1a, 0x10, 0x0, r4, 0x0, &(0x7f0000000280)="333fc33ad253f5fbd516ca1e0ebecb2b46ea5f1c7d91c3dceee6c5898fd8ffeb803250ce19ed5e7ad79001ab51cad54c4700cb81cd87f32e7efd26a4be0bba4970b13ff9433e644fd3bb77ac42b8156c0e176e41fc1d5c1d5f264faf41dc159b4db81e110c50aaf7fc8d3fd9cc821c169214445f44cfc814066588fe1fe221356c0e913b0e4895e3c54860a8bfb1cf9630688120845cf5506dcee4323aefad6a0819dc555740483936cab0d8c2f1d7173b7bd36a90c57293e84f2534a160fa70a849e8a4f6922207974bb3fcf2e6f5a7798b5107134ce8be746b7e0e94aca4bca5e81966eb56fa400f2f6c513064bceb906e4ece6f386395", 0xf8, 0x800, 0x1, {0x0, r6}})
fallocate(r4, 0x0, 0x0, 0x1000f4)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f000000aa80))
r7 = open(0x0, 0x141042, 0x0)
fallocate(r7, 0x20, 0x0, 0x10000)
ioperm(0x101, 0x5, 0xffffffffffffffff)
open(&(0x7f0000000240)='./file0\x00', 0x62042, 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
acct(0x0)
r8 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0)
fallocate(r8, 0x0, 0x0, 0x10000)
r9 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r9, 0x8983, &(0x7f0000000700)={0x6, 'veth1_to_batadv\x00', {0x1}})
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r9, 0x8982, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)

1.527577897s ago: executing program 2 (id=6220):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
ppoll(0x0, 0x0, &(0x7f0000000580), &(0x7f00000005c0)={[0x8]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x4, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x44}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r2}, 0x10)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_int(r4, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r4, &(0x7f0000000240)={0x2, 0x0, @dev}, 0x10)
sendto$inet(r4, &(0x7f00000001c0)="e1", 0x1, 0x0, 0x0, 0x0)
splice(r4, 0x0, r3, 0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
r7 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r9)
lsetxattr$system_posix_acl(0x0, &(0x7f0000000080)='system.posix_acl_default\x00', 0x0, 0x1c, 0x0)
r10 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r10, 0x4000000000000, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x4001, 0x8000000, 0x240, 0x0, 0x720d, 0x148, 0x0, 0x148, 0x1a8, 0x240, 0x240, 0x1a8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@loopback, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0)
sendto$inet(r10, 0x0, 0x0, 0x24000080, 0x0, 0x0)
listen(r10, 0x0)
accept$inet(r10, 0x0, 0x0)
recvmsg$unix(r5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)

769.691173ms ago: executing program 4 (id=6236):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000940)=@newtfilter={0x174, 0x2c, 0xd27, 0xfffffffe, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {}, {0x1c}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x144, 0x2, [@TCA_CGROUP_EMATCHES={0x140, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x10c, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x7fff, 0x8, 0xf0f9}, {0x4, 0x5, 0x3}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0xfb43, 0x3, 0x7}, {0xffffffff, 0x0, 0xffffffff, 0xffffe1fc}}}, @TCF_EM_META={0x8c, 0x3, 0x0, 0x0, {{0x8, 0x4, 0xc20}, [@TCA_EM_META_RVALUE={0x22, 0x3, [@TCF_META_TYPE_VAR="35ffe53c6d", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="7ebdd9573c", @TCF_META_TYPE_VAR="ad6ae1d551", @TCF_META_TYPE_VAR="5b27e9cde8ea4a", @TCF_META_TYPE_INT=0x8]}, @TCA_EM_META_RVALUE={0x12, 0x3, [@TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="17e314a2", @TCF_META_TYPE_VAR="e874"]}, @TCA_EM_META_LVALUE={0x1b, 0x2, [@TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="0129", @TCF_META_TYPE_VAR="73b87c6df20a984d", @TCF_META_TYPE_VAR="69e205c3", @TCF_META_TYPE_VAR="a0", @TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_RVALUE={0x29, 0x3, [@TCF_META_TYPE_VAR="64a7c83702", @TCF_META_TYPE_VAR="5a8a1cbfaea2", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR='w', @TCF_META_TYPE_VAR="68e3774c1d"]}]}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x2, 0x1, 0xe6}, {0x80000001, 0x2366, 0x2, 0x4, 0x3, 0x0, 0x2}}}, @TCF_EM_META={0x24, 0x1, 0x0, 0x0, {{0x0, 0x4, 0x5765}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0x8, 0x1}, {0x4, 0x5}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x2, 0xa6, 0x275284422451bb0f}, {0x0, 0x6, 0x2}}}]}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x3, 0x7, 0x1}, {{0x0, 0x1}, {0x1, 0x0, 0x1}}}}]}, @TCA_EMATCH_TREE_LIST={0x28, 0x2, 0x0, 0x1, [@TCF_EM_META={0x24, 0x1, 0x0, 0x0, {{0x0, 0x4, 0x6ab2}, [@TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_RVALUE={0x4, 0x3, [@TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x3ff, 0xb7}, {0x8, 0xf, 0x2}}}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}]}]}}]}, 0x174}}, 0x48010)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

756.209884ms ago: executing program 4 (id=6237):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@dioread_nolock}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000340)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x8004587d, &(0x7f00000008c0)={0x0, 0xffffffffffffffff, 0x2, 0x40, 0x200})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000014c0)=@newtaction={0x88c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbc25b5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xaa]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x4, 0x2, 0x0, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb, {0x0, 0x1}}, {0xc, 0xa, {0xcd9ea82f18d77c93}}}}]}]}, 0x88c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getresuid(&(0x7f00000002c0), &(0x7f0000000380), &(0x7f00000003c0)=<r4=>0x0)
setsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000400)={{{@in6=@mcast1, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e22, 0xe34, 0x4e24, 0x2, 0x2, 0xb0, 0x20, 0x33, 0x0, r4}, {0x5, 0xfffffffffffffffc, 0xff, 0x8, 0x0, 0xfffffffffffffffc, 0x6, 0x2}, {0x4, 0x9, 0xdb, 0x52}, 0xffffffff, 0x6e6bbe, 0x1, 0x1, 0x3}, {{@in=@rand_addr=0x64010102, 0x4d5, 0x32}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x8ed6b52fdd7b417, 0x1, 0x0, 0x200000, 0x7, 0x7}}, 0xe8)
socket(0x11, 0x800000003, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d40)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [0x0, 0x0, 0xd]}}}}]}, 0x88}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newtaction={0xa8, 0x31, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x94, 0x1, [@m_mirred={0x90, 0x1, 0x0, 0x0, {{0xb}, {0x64, 0x3, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x3, 0x3, 0x1, 0x1}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0x4, 0x7, 0x7fff, 0x3f}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa8}}, 0x0)

663.06895ms ago: executing program 4 (id=6238):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x240018, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f00001da000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f00001da000/0x2000)=nil, &(0x7f00001db000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f00001db000/0x4000)=nil, &(0x7f00001db000/0x4000)=nil, &(0x7f00000015c0)="77e7cd7adebed31d409e9c44e2e25c25b6bb03521e0ee830313d97e937addecbf0714e9a79fae0cc7673b83c46bdffac5307cd2203772531fe46295dde94722889fe8b5a072ffa652f089b8c1ea20553854c41527c568f8b264ffe9c1cf0b62543eb82e6cf4c8868978538c7aca196bd8d4b99c0edb7e87ae8538b1030bc1d58e5842719c1f86f18b1630604088a7a048a686f618753a6e2978612d96ce49e51ef1b4182593b698308c0b2d09d5db5a2075995ca362c8dfa51ac6bad1835408e350cfcc584c805c1ec91f7306f2e39172c7a36cc0168069d727de659cf0e3ab999679c7cd20f65ffeb3572b4a60d30612fff319926b23cc1b23a527d965fda14dfa1a204b77de9010244f9ac2b862602180ede89159f4006505db33034109cc9ee6477e24513a41367f3947407cdc1aea43c1b23c80205d751df2350689d4715e6760ed55e7fef8b168791212f39c77d480ea1d2ee379beb2f9325dd83d005bfed29c3b9249d192212365f5917a8e682a897517042a14a914933f78c31a73152d55dabc9c76d076a1d4fa08cce6e6759e996a7ecbe889228a8ac8f9e6bb29b65143dc0bc805d4f934652e1180cbb9f91791e4d4ee6582d5394e309558e51d5d2f8ec4dac907327208275586a1c3c88479a35640305cef5d7e68cb7347e707eafc577bc4329d2090aa8e449cb3f0ea76f4a665c7f0caac991400cde7090d6d79fb5daaba740f5afac9e9d4d1ce9d28b5426da94677a01fb7b510b994c673f795d38c804dc4f2c5ec75274eb6c308ca6c1438b6f7363103c736a892c15dbb2c637b0137248ce4aa9ed82bd8188ccd372d07fa06a2e67bb3b720e97ac175c73393e6516897f90c154db89ccd808bfdff6bb7af07be1c70ccd4a60a91f9607f574d6f3f732cb6b236dc00501703e4a3054855aa37fae40ed9f05b147ad7e204197f15874f0ae1cb9eec1304338ae41710621b155903c120fe875e345eefd08c3e0e37dfb051d9b6fc1c4d9ccaab5f7250e631e92ad3b6479ed10740d8689273a946eccc14e26fc75e6a63bec91bfbef974091834d84397d0b5a191bbbdb5afdd5f978b8ce8b5ba762ed251f2dd7ccd4678dff94aa5e1d4ceef00580a4a66522a60c161229f192f80c2e70c483c087ba157a5d86e94054455c9d04438cdbb7b6a463f28df074283c90f27a9dd3dd2230c13f536e2ad98fa0b0b5c28d43a18e7a6e8527121a521ac51bc3db60843d79d8275524c44a09f1fd1c8a5393dfd0c195ba9e51ff2d3c1f56c20353ef41e2763c8a418120f1aface71fabf9f2851d8db91463bfc6878dd2e3078b58d4268dcb8e7bfdffff946dee6b7a41d545621bc7f4630f34a750fb4d92b32faac429e06a6ef46897acf6c48bee5000af8d059dc5c2978e3c0ca5b74a86be30b60159a55f88e947d0473ae0daf8e9d8f53ca8bfd72595e8846d8f059a1e663fcf372d4ca704f6fd8b6d9dbcf0ee8c9c3b55b476ccda21971cb46f73555fbee7276b07567a2db72fbf6c626a4e72458a874c37cba79f9501c1d94b2bed84e6072b48d030cc922da91a6855e13ed4d5a4f34884dcea9fbabc8d0e289ed8ea9b7aafa75f124ea73fa0e2c05882022a7cc0d494f54aa1617e0ae1a5020efcb7d981a1924a92d99bf1cec708f6537d132e08abe6b09fad92a00552c8557e844775f7d7c21b11eab4e61c6db6697df9869a2874d395ac550f22625f68979d7a03b932eea2d5fe19b7501abe4c657d7c1a77692a4cbd9a6fc1ac53980ad9ad86b2ca6060b680fa30db1aed2873f789b62487194520d94bb968f7fecf2f522cac69d4fcdd38b78cc6f787b0fded7140268895c4641e270dc8e5132ecd4bbf6763ecfada39060103f91dc06380378815bae430c6380fd3a9ca137493ebc44ec2219cecb939506823bb4ee036850f5d8498e8eeff22e7143b3ea28b9651d8e3a198a1b1fac4211051a1422daa41375c45dbb7eaa0fb445dc434f4b345b31cb1fb8a0e48ed85685", 0x58a}, 0x68)
mount$tmpfs(0x0, &(0x7f0000001ac0)='./file0\x00', &(0x7f0000001b00), 0x0, &(0x7f0000001b40)=ANY=[@ANYBLOB='fscon'])

451.764006ms ago: executing program 2 (id=6239):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
semop(0x0, 0x0, 0x0)

426.853048ms ago: executing program 4 (id=6240):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0xd, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
r2 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0)
r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706", 0x200)
sendfile(r2, r3, 0x0, 0xe066)
sendfile(r2, r3, 0x0, 0xffff)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r4}, 0x90)
sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000480)={&(0x7f0000000300), 0xc, &(0x7f0000000400)={0x0}, 0x1, 0x0, 0x0, 0x40800}, 0x4000010)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50}, 0x90)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000680)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r6, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000540)={'ip6_vti0\x00', &(0x7f00000004c0)={'syztnl0\x00', 0x0, 0x29, 0x9, 0x9, 0x4, 0x1, @mcast1, @local, 0x20, 0x80, 0x7fffffff, 0x2}})
connect$phonet_pipe(0xffffffffffffffff, &(0x7f0000002200), 0x10)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x800, 0x0, 0x0)

396.582081ms ago: executing program 2 (id=6241):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@dioread_nolock}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000340)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r6, 0x8004587d, &(0x7f00000008c0)={0x0, 0xffffffffffffffff, 0x2, 0x40, 0x200})
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
unlink(&(0x7f0000000480)='./file0/file0\x00')
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000014c0)=@newtaction={0x88c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbc25b5c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xaa]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x4, 0x2, 0x0, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb, {0x0, 0x1}}, {0xc, 0xa, {0xcd9ea82f18d77c93}}}}]}]}, 0x88c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
getresuid(&(0x7f00000002c0), &(0x7f0000000380), &(0x7f00000003c0)=<r8=>0x0)
setsockopt$inet6_IPV6_IPSEC_POLICY(r7, 0x29, 0x22, &(0x7f0000000400)={{{@in6=@mcast1, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e22, 0xe34, 0x4e24, 0x2, 0x2, 0xb0, 0x20, 0x33, 0x0, r8}, {0x5, 0xfffffffffffffffc, 0xff, 0x8, 0x0, 0xfffffffffffffffc, 0x6, 0x2}, {0x4, 0x9, 0xdb, 0x52}, 0xffffffff, 0x6e6bbe, 0x1, 0x1, 0x3}, {{@in=@rand_addr=0x64010102, 0x4d5, 0x32}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x8ed6b52fdd7b417, 0x1, 0x0, 0x200000, 0x7, 0x7}}, 0xe8)
r9 = socket(0x11, 0x800000003, 0x0)
r10 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r9, 0x8933, &(0x7f0000000600)={'team0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d40)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [0x0, 0x0, 0xd]}}}}]}, 0x88}}, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newtaction={0xa8, 0x31, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x94, 0x1, [@m_mirred={0x90, 0x1, 0x0, 0x0, {{0xb}, {0x64, 0x3, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x3, 0x3, 0x1, 0x1}, 0x2, r11}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0x4, 0x7, 0x7fff, 0x3f}, 0x0, r11}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa8}}, 0x0)

369.959982ms ago: executing program 1 (id=6243):
r0 = socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, <r3=>0x0}, &(0x7f00000001c0)=0xc)
setfsuid(r3)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000600)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)

361.663993ms ago: executing program 0 (id=6244):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0xd, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
r2 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0)
r3 = open$dir(0x0, 0x0, 0x0)
write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706", 0x200)
sendfile(r2, r3, 0x0, 0xe066)
sendfile(r2, r3, 0x0, 0xffff)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r4}, 0x90)
sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000480)={&(0x7f0000000300), 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x7c, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x24}}}}, [@NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x7e, 0x1}, {0x4, 0x2}, {0x5f, 0x4}, {0x5, 0x5}, {0x1, 0x7}, {0x6, 0x7}, {0x1}, {0x7}, {0xde, 0x6}, {0x3}, {0xf7, 0x5}, {0x7, 0x6}, {0x5, 0x6}], "7b6c7d21f34cfe8c"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0x2, 0x3}, {0x2, 0x6}, {0x22, 0x5}, {0xff, 0x4}, {0xe, 0x3}, {0x6}, {0x27, 0x4}, {0x6, 0x6}, {0x7, 0x1}, {0x9, 0x3}, {0x4f, 0x7}, {0xfe}, {0x7, 0x7}, {0x4, 0x3}, {0x6, 0x4}, {0x6, 0x3}, {0x9, 0x3}, {0x74, 0x2}, {0xd, 0x6}, {0x2}], "9a228d4fa0422131"}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x40800}, 0x4000010)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50}, 0x90)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000680)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r6, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000540)={'ip6_vti0\x00', &(0x7f00000004c0)={'syztnl0\x00', 0x0, 0x29, 0x9, 0x9, 0x4, 0x1, @mcast1, @local, 0x20, 0x80, 0x7fffffff, 0x2}})
connect$phonet_pipe(0xffffffffffffffff, &(0x7f0000002200), 0x10)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x800, 0x0, 0x0)

281.056249ms ago: executing program 1 (id=6245):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f1568"], &(0x7f0000000340)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

280.473869ms ago: executing program 4 (id=6246):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
prctl$PR_SET_PTRACER(0x59616d61, r1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="24000000180001000000000000000000802000000011000500000000080003000a"], 0x24}}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, &(0x7f00000003c0)=ANY=[@ANYRES32=r5], 0x28)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454c9, 0x7)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000280)={0x3c, @local, 0x4e24, 0x3, 'lblcr\x00', 0x0, 0x2, 0x55}, 0x2c)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000001500000000000000020000000000"], 0x0, 0x1a, 0x0, 0xff, 0xd1}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r7}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f00000003c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000240)='./file0\x00')
r9 = socket$phonet_pipe(0x23, 0x5, 0x2)
ftruncate(r6, 0x8979)
getsockopt$PNPIPE_IFINDEX(r9, 0x113, 0x9, 0x0, &(0x7f0000000740))

224.646303ms ago: executing program 1 (id=6247):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000380)={0x10, 0x14, 0x200, 0x70bd2d, 0x25dfdbfc}, 0x10}], 0x1, &(0x7f0000000d80), 0x0, 0x4881}, 0x20042084)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000088000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='sched_kthread_stop_ret\x00', r2}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}]}, @NFT_MSG_NEWSETELEM={0x30, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14, 0x10}}, 0xb4}}, 0x4000000)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'dummy0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
close(r0)

224.491903ms ago: executing program 0 (id=6248):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)

189.123636ms ago: executing program 0 (id=6249):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioperm(0x0, 0x6, 0x400)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240), &(0x7f00000001c0)=0xc)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001500010000006eb1000000000a380000", @ANYRES32=0x0, @ANYBLOB="140001"], 0x34}}, 0x0)
unshare(0x24020400)
inotify_init1(0x0)
r2 = syz_io_uring_setup(0x44f, &(0x7f0000000140)={0x0, 0x0, 0x10780}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000740)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000040)='./file0/../file0\x00', &(0x7f00000000c0)='./file0\x00'})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x2b8, 0xffffffff, 0x98, 0x98, 0x130, 0xffffffff, 0xffffffff, 0x220, 0x220, 0x220, 0xffffffff, 0x4, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 'veth0_to_hsr\x00', 'team0\x00', {}, {}, 0x6}, 0x0, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@ip={@multicast2, @dev, 0x0, 0x0, 'wlan1\x00', 'veth0\x00'}, 0x0, 0xc8, 0xf0, 0x0, {}, [@common=@ttl={{0x28}}, @common=@ah={{0x30}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x318)
io_uring_enter(r2, 0x42d3e, 0x0, 0x0, 0x0, 0x0)

150.014808ms ago: executing program 2 (id=6250):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x240018, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f00001da000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f00001da000/0x2000)=nil, &(0x7f00001db000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f00001db000/0x4000)=nil, &(0x7f00001db000/0x4000)=nil, &(0x7f00000015c0)="77e7cd7adebed31d409e9c44e2e25c25b6bb03521e0ee830313d97e937addecbf0714e9a79fae0cc7673b83c46bdffac5307cd2203772531fe46295dde94722889fe8b5a072ffa652f089b8c1ea20553854c41527c568f8b264ffe9c1cf0b62543eb82e6cf4c8868978538c7aca196bd8d4b99c0edb7e87ae8538b1030bc1d58e5842719c1f86f18b1630604088a7a048a686f618753a6e2978612d96ce49e51ef1b4182593b698308c0b2d09d5db5a2075995ca362c8dfa51ac6bad1835408e350cfcc584c805c1ec91f7306f2e39172c7a36cc0168069d727de659cf0e3ab999679c7cd20f65ffeb3572b4a60d30612fff319926b23cc1b23a527d965fda14dfa1a204b77de9010244f9ac2b862602180ede89159f4006505db33034109cc9ee6477e24513a41367f3947407cdc1aea43c1b23c80205d751df2350689d4715e6760ed55e7fef8b168791212f39c77d480ea1d2ee379beb2f9325dd83d005bfed29c3b9249d192212365f5917a8e682a897517042a14a914933f78c31a73152d55dabc9c76d076a1d4fa08cce6e6759e996a7ecbe889228a8ac8f9e6bb29b65143dc0bc805d4f934652e1180cbb9f91791e4d4ee6582d5394e309558e51d5d2f8ec4dac907327208275586a1c3c88479a35640305cef5d7e68cb7347e707eafc577bc4329d2090aa8e449cb3f0ea76f4a665c7f0caac991400cde7090d6d79fb5daaba740f5afac9e9d4d1ce9d28b5426da94677a01fb7b510b994c673f795d38c804dc4f2c5ec75274eb6c308ca6c1438b6f7363103c736a892c15dbb2c637b0137248ce4aa9ed82bd8188ccd372d07fa06a2e67bb3b720e97ac175c73393e6516897f90c154db89ccd808bfdff6bb7af07be1c70ccd4a60a91f9607f574d6f3f732cb6b236dc00501703e4a3054855aa37fae40ed9f05b147ad7e204197f15874f0ae1cb9eec1304338ae41710621b155903c120fe875e345eefd08c3e0e37dfb051d9b6fc1c4d9ccaab5f7250e631e92ad3b6479ed10740d8689273a946eccc14e26fc75e6a63bec91bfbef974091834d84397d0b5a191bbbdb5afdd5f978b8ce8b5ba762ed251f2dd7ccd4678dff94aa5e1d4ceef00580a4a66522a60c161229f192f80c2e70c483c087ba157a5d86e94054455c9d04438cdbb7b6a463f28df074283c90f27a9dd3dd2230c13f536e2ad98fa0b0b5c28d43a18e7a6e8527121a521ac51bc3db60843d79d8275524c44a09f1fd1c8a5393dfd0c195ba9e51ff2d3c1f56c20353ef41e2763c8a418120f1aface71fabf9f2851d8db91463bfc6878dd2e3078b58d4268dcb8e7bfdffff946dee6b7a41d545621bc7f4630f34a750fb4d92b32faac429e06a6ef46897acf6c48bee5000af8d059dc5c2978e3c0ca5b74a86be30b60159a55f88e947d0473ae0daf8e9d8f53ca8bfd72595e8846d8f059a1e663fcf372d4ca704f6fd8b6d9dbcf0ee8c9c3b55b476ccda21971cb46f73555fbee7276b07567a2db72fbf6c626a4e72458a874c37cba79f9501c1d94b2bed84e6072b48d030cc922da91a6855e13ed4d5a4f34884dcea9fbabc8d0e289ed8ea9b7aafa75f124ea73fa0e2c05882022a7cc0d494f54aa1617e0ae1a5020efcb7d981a1924a92d99bf1cec708f6537d132e08abe6b09fad92a00552c8557e844775f7d7c21b11eab4e61c6db6697df9869a2874d395ac550f22625f68979d7a03b932eea2d5fe19b7501abe4c657d7c1a77692a4cbd9a6fc1ac53980ad9ad86b2ca6060b680fa30db1aed2873f789b62487194520d94bb968f7fecf2f522cac69d4fcdd38b78cc6f787b0fded7140268895c4641e270dc8e5132ecd4bbf6763ecfada39060103f91dc06380378815bae430c6380fd3a9ca137493ebc44ec2219cecb939506823bb4ee036850f5d8498e8eeff22e7143b3ea28b9651d8e3a198a1b1fac4211051a1422daa41375c45dbb7eaa0fb445dc434f4b345b31cb1fb8a0e48ed85685", 0x58a}, 0x68)
mount$tmpfs(0x0, &(0x7f0000001ac0)='./file0\x00', &(0x7f0000001b00), 0x0, &(0x7f0000001b40)=ANY=[@ANYBLOB='fscon'])

118.613031ms ago: executing program 0 (id=6251):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
semop(0x0, 0x0, 0x0)

79.947564ms ago: executing program 0 (id=6252):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
semop(0x0, 0x0, 0x0)

79.122034ms ago: executing program 1 (id=6253):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x1080000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc27, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x0, 0x0, &(0x7f0000001180), &(0x7f0000000000), 0x0)

66.860775ms ago: executing program 2 (id=6254):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0xd, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
r2 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0)
r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706", 0x200)
sendfile(r2, r3, 0x0, 0xe066)
sendfile(r2, r3, 0x0, 0xffff)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r4}, 0x90)
sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000480)={&(0x7f0000000300), 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x7c, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x24}}}}, [@NL80211_ATTR_QOS_MAP={0x26, 0xc7, {[{0x7e, 0x1}, {0x4, 0x2}, {0x5f, 0x4}, {0x5, 0x5}, {0x1, 0x7}, {0x6, 0x7}, {0x1}, {0x7}, {0xde, 0x6}, {0x3}, {0xf7, 0x5}, {0x7, 0x6}, {0x5, 0x6}], "7b6c7d21f34cfe8c"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0x2, 0x3}, {0x2, 0x6}, {0x22, 0x5}, {0xff, 0x4}, {0xe, 0x3}, {0x6}, {0x27, 0x4}, {0x6, 0x6}, {0x7, 0x1}, {0x9, 0x3}, {0x4f, 0x7}, {0xfe}, {0x7, 0x7}, {0x4, 0x3}, {0x6, 0x4}, {0x6, 0x3}, {0x9, 0x3}, {0x74, 0x2}, {0xd, 0x6}, {0x2}], "9a228d4fa0422131"}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x40800}, 0x4000010)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r5, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000540)={'ip6_vti0\x00', &(0x7f00000004c0)={'syztnl0\x00', 0x0, 0x29, 0x9, 0x9, 0x4, 0x1, @mcast1, @local, 0x20, 0x80, 0x7fffffff, 0x2}})
connect$phonet_pipe(0xffffffffffffffff, &(0x7f0000002200), 0x10)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x800, 0x0, 0x0)

32.071877ms ago: executing program 0 (id=6255):
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000110020850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200088, &(0x7f0000000780)={[{@errors_remount}, {@dax_never}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x13e8}}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@noacl}, {@i_version}, {@dax_always}, {@jqfmt_vfsv1}, {@nouser_xattr}], [{@fsuuid={'fsuuid', 0x3d, {[0x38, 0x62, 0x30, 0x37, 0x38, 0x36, 0x37, 0x35], 0x2d, [0x39, 0x38, 0x32, 0x62], 0x2d, [0x35, 0x32, 0x34, 0x37], 0x2d, [0x32, 0x65, 0x32, 0x38], 0x2d, [0x33, 0x65, 0x36, 0x65, 0x63, 0x31, 0x39, 0x35]}}}]}, 0x3, 0x579, &(0x7f0000001b40)="$eJzs3V9rU+cfAPDvSRut1t/PCiLbLkbBizmcqW33x8FAdzk2mbDdu9AeizQ10qRiO0G9mDe7GTIYY8LYC9j9LmVvYK9C2AQZUraL3XSc9ERj27RpjaZdPh84+jznnPR7njznefI9OQkJoG+NZv8UIl6NiG+SiMMt2wYj3zi6ut/y4xtT2ZLEyspnfyaR5Oua+yf5/8N55ZWI+PWriJOF9XFri0uz5Uolnc/rY/W5q2O1xaVTl+fKM+lMemVicvLMO5MT77/3btfa+uaFv7//9P5HZ74+vvzdzw+P3E3iXBzKt7W24zncaq2Mxmj+nBTj3Jodx7sQbDdJen0A7MhAPs6Lkc0Bh2MgH/XAf9/NiFgB+lRi/EOfauYBzWv7Ll0H7xmPPly9AFrf/sHV90ZiqHFtdHA5eebKKLveHelC/CzGL3/cu5stscX7EDe7EA+g6dbtiDg9OLh+/kvy+W/nTjfePN7c2hj99voDvXQ/y3/e2ij/KTzJf2KD/Gd4g7G7E1uP/8LDLoRpK8v/Ptgw/30ydY0M5LX/NXK+YnLpciU9HRH/j4gTUdyf1Te7n3Nm+cFKu22t+V+2ZPGbuWB+HA8H9z/7mOlyvfw8bW716HbEa0/z3yTWzf9DjVx3bf9nz8eFDmMcS++93m7b1u1v1f0MeOWniDc27P+nd7SSze9PjjXOh7HmWbHeX3eO/dYu/vba331Z/x/cvP0jSev92tr2Y/w49E/abttOz/99yeeN8r583fVyvT4/HrEv+WT9+omnj23Wm/tn7T9xfPP5b6Pz/0BEfNFh++8cvdN2193Q/9Pb6v/tFx58/OUP7eJ31v9vN0on8jWdzH+dHuDzPHcAAAAAAACw2xQi4lAkhdKTcqFQKq1+vuNoHCxUqrX6yUvVhSvT0fiu7EgUC8073YdbPg8xnn8etlmfWFOfjIgjEfHtwIFGvTRVrUz3uvEAAAAAAAAAAAAAAAAAAACwSwy3+f5/5veBXh8d8ML5yW/oX1uO/2780hOwK3n9h/411OsDAHrG6z/0L+Mf+pfxD/3L+If+ZfxD/zL+AQAAAAAAAAAAAAAAAAAAAAAAAAAAoKsunD+fLSvLj29MZfXpa4sLs9Vrp6bT2mxpbmGqNFWdv1qaqVZnKmlpqjrXeNBw+79XqVavjk/EwvWxelqrj9UWly7OVReu1C9enivPpBfT4ktrGQAAAAAAAAAAAAAAAAAAAOwdtcWl2XKlks7vwcL+lxTrbPS6pR0Uiu27Mtmql8/mJ8OOog/2vu0KL6DQ44kJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8GwAA//8rtTKZ")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = add_key(0x0, &(0x7f00000006c0)={'syz', 0x3}, &(0x7f0000000740)="ba13b6a5d0f9cc7f3c1e3e8d347e8e18753534edcb30090ee8fc6d90d69fcfeda2b3d530b1bd5e0dd2b63009bce47775c21fb3a5", 0x34, 0xfffffffffffffff9)
add_key(&(0x7f00000003c0)='blacklist\x00', &(0x7f0000000500)={'syz', 0x1}, 0x0, 0x0, r2)
chdir(&(0x7f0000000000)='./file1\x00')
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc00, 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x0, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
getpid()
madvise(&(0x7f0000b16000/0x4000)=nil, 0x4000, 0x4)

28.146498ms ago: executing program 1 (id=6256):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioperm(0x0, 0x6, 0x400)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240), &(0x7f00000001c0)=0xc)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001500010000006eb1000000000a380000", @ANYRES32=0x0, @ANYBLOB="140001"], 0x34}}, 0x0)
unshare(0x24020400)
r2 = inotify_init1(0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0)
ftruncate(r3, 0x6000000)
inotify_add_watch(r2, &(0x7f0000000200)='./file0\x00', 0xa2000721)
read$usbfs(r3, &(0x7f0000000100)=""/209, 0xd1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000740)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000040)='./file0/../file0\x00', &(0x7f00000000c0)='./file0\x00'})
io_uring_enter(0xffffffffffffffff, 0x42d3e, 0x0, 0x0, 0x0, 0x0)

295.31µs ago: executing program 1 (id=6257):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x1080000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc27, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), 0x0, 0x0)

0s ago: executing program 4 (id=6258):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000000}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

T29] audit: type=1326 audit(2000000004.640:22874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22495 comm="syz.0.5654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  405.594234][   T29] audit: type=1326 audit(2000000004.640:22875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22495 comm="syz.0.5654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  405.617998][   T29] audit: type=1326 audit(2000000004.640:22876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22495 comm="syz.0.5654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  405.641643][   T29] audit: type=1326 audit(2000000004.640:22877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22495 comm="syz.0.5654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  405.665299][   T29] audit: type=1326 audit(2000000004.640:22878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22495 comm="syz.0.5654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  405.688891][   T29] audit: type=1326 audit(2000000004.640:22879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22495 comm="syz.0.5654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  405.725454][T22498] loop2: detected capacity change from 0 to 2048
[  405.732309][T22498] EXT4-fs: Ignoring removed orlov option
[  405.751129][T22500] syz.0.5657[22500] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  405.751219][T22500] syz.0.5657[22500] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  405.768121][T22498] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5655'.
[  405.792442][T22504] loop1: detected capacity change from 0 to 2048
[  405.804060][T22504] EXT4-fs: Ignoring removed orlov option
[  405.822809][T22498] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.834106][T22506] loop4: detected capacity change from 0 to 1024
[  405.841040][T22506] EXT4-fs: Ignoring removed oldalloc option
[  405.855154][T22504] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.869582][T22506] EXT4-fs (loop4): shut down requested (0)
[  405.869965][T22498] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.886961][T22506] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  405.895855][T22506] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  405.904737][T22506] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=13
[  405.913834][T22506] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  405.922762][T22506] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  405.932262][T22506] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=13
[  405.933318][T22504] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.954297][T22506] netlink: 'syz.4.5658': attribute type 3 has an invalid length.
[  405.975317][T22519] loop4: detected capacity change from 0 to 256
[  405.998808][T22498] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.016405][T22504] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.066663][T22498] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.116036][T22504] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.159282][T22498] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  406.169814][T22498] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  406.180254][T22498] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  406.191647][T22498] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  406.224330][T22525] loop2: detected capacity change from 0 to 1024
[  406.231150][T22525] EXT4-fs: Ignoring removed oldalloc option
[  406.256888][T22525] EXT4-fs (loop2): shut down requested (0)
[  406.263775][T22525] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  406.272936][T22525] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  406.281856][T22525] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  406.290854][T22525] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  406.299684][T22525] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  406.308477][T22525] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  406.318067][T22525] netlink: 'syz.2.5664': attribute type 3 has an invalid length.
[  406.348113][T22530] loop2: detected capacity change from 0 to 1024
[  406.355034][T22530] EXT4-fs: Ignoring removed nobh option
[  406.370006][T22530] EXT4-fs error (device loop2): ext4_lookup:1811: inode #12: comm syz.2.5665: iget: bad extended attribute block 768799145984
[  406.383743][T22530] EXT4-fs error (device loop2): ext4_lookup:1811: inode #12: comm syz.2.5665: iget: bad extended attribute block 768799145984
[  406.417737][T22534] loop2: detected capacity change from 0 to 512
[  406.425436][T22534] tmpfs: Bad value for 'fscontext'
[  406.449211][T22536] loop2: detected capacity change from 0 to 2048
[  406.456179][T22536] EXT4-fs: Ignoring removed orlov option
[  406.471293][T22536] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.517262][T22536] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.566123][T22536] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.626025][T22536] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.798804][T22541] bridge0: port 3(vlan0) entered blocking state
[  406.805211][T22541] bridge0: port 3(vlan0) entered disabled state
[  406.811729][T22541] vlan0: entered allmulticast mode
[  406.817586][T22541] vlan0: left allmulticast mode
[  406.901919][T22550] loop4: detected capacity change from 0 to 1024
[  406.909201][T22550] EXT4-fs: Ignoring removed oldalloc option
[  406.926931][T22550] EXT4-fs (loop4): shut down requested (0)
[  406.933681][T22550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  406.942631][T22550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  406.951854][T22550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=13
[  406.960994][T22550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  406.970093][T22550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  406.979235][T22550] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=13
[  406.993085][T22550] netlink: 'syz.4.5672': attribute type 3 has an invalid length.
[  407.128991][T22563] loop4: detected capacity change from 0 to 1024
[  407.136198][T22563] EXT4-fs: Ignoring removed nobh option
[  407.150284][T22563] EXT4-fs error (device loop4): ext4_lookup:1811: inode #12: comm syz.4.5677: iget: bad extended attribute block 768799145984
[  407.164022][T22563] EXT4-fs error (device loop4): ext4_lookup:1811: inode #12: comm syz.4.5677: iget: bad extended attribute block 768799145984
[  407.232600][T22569] netlink: 'syz.0.5678': attribute type 3 has an invalid length.
[  407.929262][T22574] loop0: detected capacity change from 0 to 256
[  408.006254][T22580] loop0: detected capacity change from 0 to 128
[  408.012737][T22580] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  408.024730][T22580] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  408.035147][T22580] FAULT_INJECTION: forcing a failure.
[  408.035147][T22580] name failslab, interval 1, probability 0, space 0, times 0
[  408.047815][T22580] CPU: 1 UID: 0 PID: 22580 Comm: syz.0.5683 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
[  408.058680][T22580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  408.068726][T22580] Call Trace:
[  408.072061][T22580]  <TASK>
[  408.074976][T22580]  dump_stack_lvl+0xf2/0x150
[  408.079559][T22580]  dump_stack+0x15/0x20
[  408.083802][T22580]  should_fail_ex+0x229/0x230
[  408.088460][T22580]  ? getname_flags+0x81/0x3b0
[  408.093142][T22580]  should_failslab+0x8f/0xb0
[  408.097724][T22580]  kmem_cache_alloc_noprof+0x4c/0x290
[  408.103137][T22580]  getname_flags+0x81/0x3b0
[  408.104747][T22374] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, 
[  408.107694][T22580]  __x64_sys_renameat+0x50/0x80
[  408.115967][T22374] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  408.120740][T22580]  x64_sys_call+0x764/0x2d60
[  408.131600][T22374] EXT4-fs (loop1): Remounting filesystem read-only
[  408.134032][T22580]  do_syscall_64+0xc9/0x1c0
[  408.145119][T22580]  ? clear_bhb_loop+0x55/0xb0
[  408.149859][T22580]  ? clear_bhb_loop+0x55/0xb0
[  408.154637][T22580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.160598][T22580] RIP: 0033:0x7f130b429eb9
[  408.165001][T22580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.184670][T22580] RSP: 002b:00007f130a0a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000108
[  408.193158][T22580] RAX: ffffffffffffffda RBX: 00007f130b5c5f80 RCX: 00007f130b429eb9
[  408.201169][T22580] RDX: 0000000000000006 RSI: 0000000020000400 RDI: 0000000000000006
[  408.209189][T22580] RBP: 00007f130a0a7090 R08: 0000000000000000 R09: 0000000000000000
[  408.217240][T22580] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  408.225267][T22580] R13: 0000000000000000 R14: 00007f130b5c5f80 R15: 00007ffc1d747e68
[  408.233241][T22580]  </TASK>
[  408.377644][T22584] loop4: detected capacity change from 0 to 128
[  408.384279][T22584] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  408.399866][T22584] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  408.425369][T16544] FAT-fs (loop4): error, invalid access to FAT (entry 0xffff0000)
[  408.433239][T16544] FAT-fs (loop4): Filesystem has been set read-only
[  408.440510][T16544] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  408.449075][T16544] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  408.538569][T22590] loop0: detected capacity change from 0 to 512
[  408.546765][T22590] tmpfs: Bad value for 'fscontext'
[  408.569557][T22592] loop0: detected capacity change from 0 to 2048
[  408.576331][T22592] EXT4-fs: Ignoring removed orlov option
[  408.587157][T22592] EXT4-fs mount: 86 callbacks suppressed
[  408.587167][T22592] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  408.609460][T22592] __nla_validate_parse: 3 callbacks suppressed
[  408.609471][T22592] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5690'.
[  408.625873][T22592] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.676077][T22592] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.704757][T22374] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  408.719828][T22374] EXT4-fs (loop2): Remounting filesystem read-only
[  408.726549][T22374] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  408.741598][T22374] EXT4-fs (loop0): Remounting filesystem read-only
[  408.743618][T22592] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.749381][T16544] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  408.771910][ T3375] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.796533][T22592] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.856230][ T3375] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.912609][T22596] chnl_net:caif_netlink_parms(): no params data found
[  408.941843][T22596] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.949092][T22596] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.956266][T22596] bridge_slave_0: entered allmulticast mode
[  408.962736][T22596] bridge_slave_0: entered promiscuous mode
[  408.970231][ T3375] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.980997][T22596] bridge0: port 2(bridge_slave_1) entered blocking state
[  408.988119][T22596] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.995454][T22596] bridge_slave_1: entered allmulticast mode
[  409.001732][T22596] bridge_slave_1: entered promiscuous mode
[  409.017044][T22596] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  409.027564][ T3375] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  409.039693][T22596] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  409.057480][T22596] team0: Port device team_slave_0 added
[  409.063925][T22596] team0: Port device team_slave_1 added
[  409.079743][T22596] batman_adv: batadv0: Adding interface: batadv_slave_0
[  409.086792][T22596] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.112700][T22596] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  409.123845][T22596] batman_adv: batadv0: Adding interface: batadv_slave_1
[  409.130803][T22596] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.156889][T22596] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  409.193329][T22596] hsr_slave_0: entered promiscuous mode
[  409.199296][T22596] hsr_slave_1: entered promiscuous mode
[  409.213257][ T3375] bridge_slave_1: left allmulticast mode
[  409.219111][ T3375] bridge_slave_1: left promiscuous mode
[  409.224805][ T3375] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.232382][ T3375] bridge_slave_0: left allmulticast mode
[  409.238161][ T3375] bridge_slave_0: left promiscuous mode
[  409.243840][ T3375] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.317592][ T3375] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  409.327578][ T3375] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  409.338047][ T3375] bond0 (unregistering): Released all slaves
[  409.407112][ T3375] hsr_slave_0: left promiscuous mode
[  409.413076][ T3375] hsr_slave_1: left promiscuous mode
[  409.418826][ T3375] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  409.426316][ T3375] batman_adv: batadv0: Removing interface: batadv_slave_0
[  409.435215][ T3375] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  409.442615][ T3375] batman_adv: batadv0: Removing interface: batadv_slave_1
[  409.453647][ T3375] veth1_macvtap: left promiscuous mode
[  409.459267][ T3375] veth0_macvtap: left promiscuous mode
[  409.464897][ T3375] veth1_vlan: left promiscuous mode
[  409.470115][ T3375] veth0_vlan: left promiscuous mode
[  409.534277][ T3375] team0 (unregistering): Port device team_slave_1 removed
[  409.544355][ T3375] team0 (unregistering): Port device team_slave_0 removed
[  409.840280][T22596] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  409.850265][T22596] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  409.859126][T22596] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  409.869250][T22596] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  409.917233][T22596] 8021q: adding VLAN 0 to HW filter on device bond0
[  409.934414][T22596] 8021q: adding VLAN 0 to HW filter on device team0
[  409.943948][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  409.951062][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  409.978433][T22596] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  409.988924][T22596] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  410.002734][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  410.009817][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  410.056983][T22596] 8021q: adding VLAN 0 to HW filter on device batadv0
[  410.152589][T22596] veth0_vlan: entered promiscuous mode
[  410.160686][T22596] veth1_vlan: entered promiscuous mode
[  410.175156][T22596] veth0_macvtap: entered promiscuous mode
[  410.182406][T22596] veth1_macvtap: entered promiscuous mode
[  410.192372][T22596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  410.202835][T22596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  410.212759][T22596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  410.223284][T22596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  410.233089][T22596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  410.243557][T22596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  410.253480][T22596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  410.263954][T22596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  410.274641][T22596] batman_adv: batadv0: Interface activated: batadv_slave_0
[  410.285165][T22596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  410.295656][T22596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  410.305563][T22596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  410.315984][T22596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  410.325788][T22596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  410.336224][T22596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  410.346060][T22596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  410.356519][T22596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  410.367401][T22596] batman_adv: batadv0: Interface activated: batadv_slave_1
[  410.376927][T22596] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  410.385753][T22596] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  410.394410][T22596] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  410.403145][T22596] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  410.447490][T22711] loop4: detected capacity change from 0 to 1024
[  410.454247][T22711] EXT4-fs: Ignoring removed oldalloc option
[  410.466328][T22711] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  410.479613][T22711] EXT4-fs (loop4): shut down requested (0)
[  410.483535][T22592] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  410.494585][T22711] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  410.496411][T22592] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  410.504782][T22711] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  410.514537][T22592] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  410.528657][T22711] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=13
[  410.531847][T22592] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  410.537685][T22711] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  410.554931][T22711] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  410.564262][T16688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.566991][T22715] netlink: 'syz.4.5692': attribute type 3 has an invalid length.
[  410.573359][T22711] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=13
[  410.604360][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.641566][   T29] kauditd_printk_skb: 286 callbacks suppressed
[  410.641581][   T29] audit: type=1326 audit(2000000009.960:23166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22721 comm="syz.4.5695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  410.671896][   T29] audit: type=1326 audit(2000000009.960:23167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22721 comm="syz.4.5695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  410.695603][   T29] audit: type=1326 audit(2000000009.960:23168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22721 comm="syz.4.5695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  410.915836][T22726] netlink: 'syz.0.5696': attribute type 3 has an invalid length.
[  411.418682][T22504] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  411.429581][T22504] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  411.440028][T22504] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  411.450775][T22504] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  411.465394][T16618] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.490322][T22728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=52892 sclass=netlink_route_socket pid=22728 comm=syz.4.5698
[  411.515176][ T3311] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.544398][   T29] audit: type=1400 audit(2000000010.860:23169): avc:  denied  { setopt } for  pid=22733 comm="syz.1.5700" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  411.559459][T22736] loop4: detected capacity change from 0 to 512
[  411.564131][   T29] audit: type=1400 audit(2000000010.860:23170): avc:  denied  { bind } for  pid=22733 comm="syz.1.5700" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  411.589775][   T29] audit: type=1400 audit(2000000010.860:23171): avc:  denied  { name_bind } for  pid=22733 comm="syz.1.5700" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  411.611696][   T29] audit: type=1400 audit(2000000010.860:23172): avc:  denied  { node_bind } for  pid=22733 comm="syz.1.5700" saddr=127.0.0.1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  411.634939][   T29] audit: type=1400 audit(2000000010.900:23173): avc:  denied  { name_connect } for  pid=22733 comm="syz.1.5700" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  411.657204][   T29] audit: type=1400 audit(2000000010.900:23174): avc:  denied  { read } for  pid=22733 comm="syz.1.5700" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  411.712876][T22536] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  411.737480][T22536] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  411.764836][T22536] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  411.778459][T22743] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5704'.
[  411.787447][T22743] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5704'.
[  411.799549][T22536] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  411.847680][   T29] audit: type=1326 audit(2000000011.150:23175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22735 comm="syz.4.5701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  411.885831][T16529] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.964359][T22751] loop0: detected capacity change from 0 to 256
[  411.978491][T22751] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  412.529854][T22763] loop4: detected capacity change from 0 to 256
[  412.706073][T22764] chnl_net:caif_netlink_parms(): no params data found
[  412.738372][T22764] bridge0: port 1(bridge_slave_0) entered blocking state
[  412.745707][T22764] bridge0: port 1(bridge_slave_0) entered disabled state
[  412.752931][T22764] bridge_slave_0: entered allmulticast mode
[  412.759548][T22764] bridge_slave_0: entered promiscuous mode
[  412.766452][T22764] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.773561][T22764] bridge0: port 2(bridge_slave_1) entered disabled state
[  412.780882][T22764] bridge_slave_1: entered allmulticast mode
[  412.787369][T22764] bridge_slave_1: entered promiscuous mode
[  412.806202][   T28] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.826247][T22793] loop4: detected capacity change from 0 to 1024
[  412.832963][T22793] EXT4-fs: Ignoring removed oldalloc option
[  412.843952][T22764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  412.855114][T22764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  412.855694][T22793] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  412.896884][   T28] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.912206][T22793] EXT4-fs (loop4): shut down requested (0)
[  412.922561][T22793] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  412.935304][T22800] loop1: detected capacity change from 0 to 1024
[  412.941913][T22800] EXT4-fs: Ignoring removed oldalloc option
[  412.948388][T22793] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  412.949794][T22764] team0: Port device team_slave_0 added
[  412.957241][T22793] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=13
[  412.971670][T22793] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  412.973114][T22764] team0: Port device team_slave_1 added
[  412.980693][T22793] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  412.992254][T22800] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  413.002348][T22793] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=13
[  413.030070][   T28] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.043355][T22800] EXT4-fs (loop1): shut down requested (0)
[  413.055382][T22764] batman_adv: batadv0: Adding interface: batadv_slave_0
[  413.062390][T22764] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  413.088358][T22764] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  413.123253][T22815] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  413.132243][T22815] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  413.139450][T22804] netlink: 'syz.4.5718': attribute type 3 has an invalid length.
[  413.158227][   T28] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.178302][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.189171][T22764] batman_adv: batadv0: Adding interface: batadv_slave_1
[  413.196273][T22764] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  413.222318][T22764] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  413.263536][T22800] netlink: 'syz.1.5720': attribute type 3 has an invalid length.
[  413.292892][T16618] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.420545][   T28] bridge_slave_1: left allmulticast mode
[  413.426316][   T28] bridge_slave_1: left promiscuous mode
[  413.432089][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  413.514538][T22828] loop1: detected capacity change from 0 to 1024
[  413.529345][T22828] EXT4-fs: Ignoring removed nobh option
[  413.578408][T22828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  413.606692][T22828] EXT4-fs error (device loop1): ext4_lookup:1811: inode #12: comm syz.1.5730: iget: bad extended attribute block 768799145984
[  413.622132][T22828] EXT4-fs error (device loop1): ext4_lookup:1811: inode #12: comm syz.1.5730: iget: bad extended attribute block 768799145984
[  413.696800][T22833] loop0: detected capacity change from 0 to 1024
[  413.704459][T22833] EXT4-fs: Ignoring removed oldalloc option
[  413.736663][T22833] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  413.757795][T22833] EXT4-fs (loop0): shut down requested (0)
[  413.768432][T22833] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  413.777533][T22833] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  413.789396][T22833] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=13
[  413.798289][T22833] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  413.804604][   T28] bridge_slave_0: left allmulticast mode
[  413.807390][T22833] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  413.812717][   T28] bridge_slave_0: left promiscuous mode
[  413.822833][T22833] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=13
[  413.827114][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  413.928631][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  413.938853][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  413.949364][   T28] bond0 (unregistering): Released all slaves
[  413.958380][   T28] bond1 (unregistering): (slave batadv1): Removing an active aggregator
[  413.967285][   T28] bond1 (unregistering): (slave batadv1): Releasing backup interface
[  413.977110][   T28] bond1 (unregistering): Released all slaves
[  413.986798][T22764] hsr_slave_0: entered promiscuous mode
[  413.992750][T22764] hsr_slave_1: entered promiscuous mode
[  413.999006][T22764] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  414.006773][T22764] Cannot create hsr debugfs directory
[  414.019043][T22839] netlink: 'syz.0.5731': attribute type 3 has an invalid length.
[  414.054740][T16618] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.055017][T16688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.122073][   T28] hsr_slave_0: left promiscuous mode
[  414.191986][   T28] hsr_slave_1: left promiscuous mode
[  414.207509][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  414.215069][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  414.242195][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  414.249643][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  414.297088][   T28] veth1_macvtap: left promiscuous mode
[  414.302684][   T28] veth0_macvtap: left promiscuous mode
[  414.308359][   T28] veth1_vlan: left promiscuous mode
[  414.313561][   T28] veth0_vlan: left promiscuous mode
[  414.394653][   T28] team0 (unregistering): Port device team_slave_1 removed
[  414.407048][   T28] team0 (unregistering): Port device team_slave_0 removed
[  414.631091][T22886] loop1: detected capacity change from 0 to 256
[  414.902251][T22764] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  414.926611][T22764] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  414.965706][T22926] loop1: detected capacity change from 0 to 512
[  414.989364][T22764] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  414.993755][T22928] loop4: detected capacity change from 0 to 256
[  415.010048][T22764] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  415.015984][T22926] tmpfs: Bad value for 'fscontext'
[  415.141987][T22936] netlink: 'syz.1.5748': attribute type 3 has an invalid length.
[  415.159661][T22764] 8021q: adding VLAN 0 to HW filter on device bond0
[  415.218379][T22764] 8021q: adding VLAN 0 to HW filter on device team0
[  415.254205][ T3375] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.261333][ T3375] bridge0: port 1(bridge_slave_0) entered forwarding state
[  415.332250][ T3375] bridge0: port 2(bridge_slave_1) entered blocking state
[  415.339441][ T3375] bridge0: port 2(bridge_slave_1) entered forwarding state
[  415.455144][T22945] loop1: detected capacity change from 0 to 2048
[  415.468679][T22945] EXT4-fs: Ignoring removed orlov option
[  415.501967][T22958] FAULT_INJECTION: forcing a failure.
[  415.501967][T22958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  415.515152][T22958] CPU: 1 UID: 0 PID: 22958 Comm: syz.4.5753 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
[  415.525959][T22958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  415.536083][T22958] Call Trace:
[  415.539427][T22958]  <TASK>
[  415.542353][T22958]  dump_stack_lvl+0xf2/0x150
[  415.546957][T22958]  dump_stack+0x15/0x20
[  415.551196][T22958]  should_fail_ex+0x229/0x230
[  415.555965][T22958]  should_fail+0xb/0x10
[  415.559853][T22962] netlink: 112 bytes leftover after parsing attributes in process `syz.2.5754'.
[  415.560202][T22958]  should_fail_usercopy+0x1a/0x20
[  415.560246][T22958]  _copy_from_user+0x1e/0xd0
[  415.560266][T22958]  do_handle_open+0x164/0x570
[  415.583617][T22958]  __x64_sys_open_by_handle_at+0x46/0x50
[  415.589260][T22958]  x64_sys_call+0x2909/0x2d60
[  415.594075][T22958]  do_syscall_64+0xc9/0x1c0
[  415.598582][T22958]  ? clear_bhb_loop+0x55/0xb0
[  415.599141][T22764] 8021q: adding VLAN 0 to HW filter on device batadv0
[  415.603280][T22958]  ? clear_bhb_loop+0x55/0xb0
[  415.614702][T22958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.620607][T22958] RIP: 0033:0x7fee77449eb9
[  415.625025][T22958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  415.644635][T22958] RSP: 002b:00007fee760c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  415.653114][T22958] RAX: ffffffffffffffda RBX: 00007fee775e5f80 RCX: 00007fee77449eb9
[  415.661172][T22958] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  415.669147][T22958] RBP: 00007fee760c7090 R08: 0000000000000000 R09: 0000000000000000
[  415.677253][T22958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  415.684182][T22764] veth0_vlan: entered promiscuous mode
[  415.685211][T22958] R13: 0000000000000000 R14: 00007fee775e5f80 R15: 00007ffedfb073d8
[  415.685239][T22958]  </TASK>
[  415.710942][T22945] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  415.737663][T22764] veth1_vlan: entered promiscuous mode
[  415.753264][T22945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5750'.
[  415.759010][T22764] veth0_macvtap: entered promiscuous mode
[  415.771579][T22764] veth1_macvtap: entered promiscuous mode
[  415.780881][T22945] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.783697][T22980] loop4: detected capacity change from 0 to 1024
[  415.797642][T22980] EXT4-fs: Ignoring removed oldalloc option
[  415.802370][T22764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  415.814074][T22764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.823944][T22764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  415.834577][T22764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.844437][T22764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  415.854978][T22764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.865521][T22764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  415.874370][T22980] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  415.876173][T22764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.893662][T22980] EXT4-fs (loop4): shut down requested (0)
[  415.900244][T22764] batman_adv: batadv0: Interface activated: batadv_slave_0
[  415.912193][T22764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  415.922812][T22764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.932724][T22764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  415.943456][T22764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.953291][T22764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  415.963724][T22764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.973545][T22764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  415.984015][T22764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.998687][T22992] netlink: 'syz.0.5759': attribute type 3 has an invalid length.
[  416.010370][T22764] batman_adv: batadv0: Interface activated: batadv_slave_1
[  416.023319][T22945] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.041708][T22980] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  416.051838][T22980] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  416.061927][T22980] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=13
[  416.071445][T22980] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  416.083311][T22764] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  416.092104][T22764] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  416.100817][T22764] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  416.109678][T22764] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  416.121240][T22980] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  416.130424][T22980] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=13
[  416.147166][T22945] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.160567][T22980] netlink: 'syz.4.5756': attribute type 3 has an invalid length.
[  416.179742][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  416.206519][T22945] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.252495][   T29] kauditd_printk_skb: 180 callbacks suppressed
[  416.252510][   T29] audit: type=1326 audit(2000000015.570:23356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22995 comm="syz.4.5760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  416.299519][   T29] audit: type=1326 audit(2000000015.600:23357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22995 comm="syz.4.5760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  416.323309][   T29] audit: type=1326 audit(2000000015.600:23358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22995 comm="syz.4.5760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  416.347107][   T29] audit: type=1326 audit(2000000015.600:23359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22995 comm="syz.4.5760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  416.382126][   T29] audit: type=1400 audit(2000000015.700:23360): avc:  denied  { name_bind } for  pid=23001 comm="syz.0.5762" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  416.400948][T23007] netlink: 112 bytes leftover after parsing attributes in process `syz.4.5765'.
[  416.411236][   T29] audit: type=1400 audit(2000000015.720:23361): avc:  denied  { mounton } for  pid=23005 comm="syz.3.5764" path="/1/file0" dev="tmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  416.527223][T23017] loop4: detected capacity change from 0 to 512
[  416.536311][T23017] tmpfs: Unknown parameter '1˸ äŽØV…'
[  416.623797][T23022] FAULT_INJECTION: forcing a failure.
[  416.623797][T23022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  416.636900][T23022] CPU: 0 UID: 0 PID: 23022 Comm: syz.2.5771 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
[  416.647965][T23022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  416.658022][T23022] Call Trace:
[  416.661282][T23022]  <TASK>
[  416.664192][T23022]  dump_stack_lvl+0xf2/0x150
[  416.668768][T23022]  dump_stack+0x15/0x20
[  416.672906][T23022]  should_fail_ex+0x229/0x230
[  416.677598][T23022]  should_fail+0xb/0x10
[  416.681786][T23022]  should_fail_usercopy+0x1a/0x20
[  416.686797][T23022]  _copy_from_user+0x1e/0xd0
[  416.691425][T23022]  move_addr_to_kernel+0x82/0x120
[  416.696582][T23022]  __sys_connect+0x74/0x1c0
[  416.701099][T23022]  __x64_sys_connect+0x41/0x50
[  416.705863][T23022]  x64_sys_call+0x2220/0x2d60
[  416.710526][T23022]  do_syscall_64+0xc9/0x1c0
[  416.715046][T23022]  ? clear_bhb_loop+0x55/0xb0
[  416.719702][T23022]  ? clear_bhb_loop+0x55/0xb0
[  416.724357][T23022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.730269][T23022] RIP: 0033:0x7f5bb30d9eb9
[  416.734681][T23022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.754289][T23022] RSP: 002b:00007f5bb1d51038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  416.762703][T23022] RAX: ffffffffffffffda RBX: 00007f5bb3275f80 RCX: 00007f5bb30d9eb9
[  416.770675][T23022] RDX: 000000000000001e RSI: 0000000020000080 RDI: 0000000000000006
[  416.778642][T23022] RBP: 00007f5bb1d51090 R08: 0000000000000000 R09: 0000000000000000
[  416.786168][T23025] netlink: 'syz.4.5770': attribute type 3 has an invalid length.
[  416.786603][T23022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  416.802287][T23022] R13: 0000000000000000 R14: 00007f5bb3275f80 R15: 00007ffc89efe968
[  416.810282][T23022]  </TASK>
[  416.846211][   T29] audit: type=1326 audit(2000000016.170:23362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23028 comm="syz.2.5773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  416.870582][   T29] audit: type=1326 audit(2000000016.170:23363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23028 comm="syz.2.5773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  416.894283][   T29] audit: type=1326 audit(2000000016.170:23364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23028 comm="syz.2.5773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  416.918172][   T29] audit: type=1326 audit(2000000016.170:23365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23028 comm="syz.2.5773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  416.973477][T23035] netlink: 112 bytes leftover after parsing attributes in process `syz.2.5776'.
[  417.091783][T23044] loop2: detected capacity change from 0 to 512
[  417.100114][T23044] tmpfs: Unknown parameter 'fsconäŽØV…'
[  417.141718][T23048] loop0: detected capacity change from 0 to 1024
[  417.149535][T23048] EXT4-fs: Ignoring removed oldalloc option
[  417.165946][T23048] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  417.180738][T23048] EXT4-fs (loop0): shut down requested (0)
[  417.187999][T23048] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  417.196968][T23048] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  417.205934][T23048] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=13
[  417.214828][T23048] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  417.223598][T23048] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  417.232529][T23048] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=13
[  417.244707][T23048] netlink: 'syz.0.5782': attribute type 3 has an invalid length.
[  417.257558][T16688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  417.452799][T23059] Process accounting resumed
[  417.558441][T23063] netlink: 112 bytes leftover after parsing attributes in process `syz.4.5787'.
[  417.703232][T23068] loop4: detected capacity change from 0 to 1024
[  417.710368][T23068] EXT4-fs: Ignoring removed nobh option
[  417.725749][T23068] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  417.745394][T23068] EXT4-fs error (device loop4): ext4_lookup:1811: inode #12: comm syz.4.5790: iget: bad extended attribute block 768799145984
[  417.759498][T23068] EXT4-fs error (device loop4): ext4_lookup:1811: inode #12: comm syz.4.5790: iget: bad extended attribute block 768799145984
[  417.785733][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  417.943763][T23086] netlink: 88 bytes leftover after parsing attributes in process `syz.4.5796'.
[  417.955187][T22978] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  417.970637][T22978] EXT4-fs (loop1): Remounting filesystem read-only
[  418.007703][T23095] netlink: 112 bytes leftover after parsing attributes in process `syz.2.5800'.
[  418.114137][T23104] loop2: detected capacity change from 0 to 1024
[  418.121349][T23104] EXT4-fs: Ignoring removed oldalloc option
[  418.136115][T23104] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  418.152371][T23104] EXT4-fs (loop2): shut down requested (0)
[  418.167729][T23104] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  418.177061][T23104] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  418.193723][T23104] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  418.202736][T23104] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  418.224018][T22945] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  418.233986][T23104] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  418.245021][T22945] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  418.259157][T23104] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  418.273632][T22945] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  418.289606][T22945] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  418.307230][T16618] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.321016][T23118] netlink: 88 bytes leftover after parsing attributes in process `syz.0.5808'.
[  418.381006][T23104] netlink: 'syz.2.5803': attribute type 3 has an invalid length.
[  418.393902][T23127] FAULT_INJECTION: forcing a failure.
[  418.393902][T23127] name failslab, interval 1, probability 0, space 0, times 0
[  418.406554][T23127] CPU: 0 UID: 0 PID: 23127 Comm: syz.0.5811 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
[  418.417374][T23127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  418.427438][T23127] Call Trace:
[  418.430712][T23127]  <TASK>
[  418.433635][T23127]  dump_stack_lvl+0xf2/0x150
[  418.438286][T23127]  dump_stack+0x15/0x20
[  418.442436][T23127]  should_fail_ex+0x229/0x230
[  418.447123][T23127]  ? security_file_alloc+0x32/0xe0
[  418.452243][T23127]  should_failslab+0x8f/0xb0
[  418.456852][T23127]  kmem_cache_alloc_noprof+0x4c/0x290
[  418.462290][T23127]  security_file_alloc+0x32/0xe0
[  418.467386][T23127]  alloc_empty_file+0x121/0x310
[  418.472246][T23127]  alloc_file_pseudo+0xc3/0x140
[  418.477109][T23127]  anon_inode_getfile+0xa3/0x130
[  418.482116][T23127]  __se_sys_perf_event_open+0x1777/0x2180
[  418.488010][T23127]  __x64_sys_perf_event_open+0x67/0x80
[  418.493534][T23127]  x64_sys_call+0x18d7/0x2d60
[  418.498281][T23127]  do_syscall_64+0xc9/0x1c0
[  418.502784][T23127]  ? clear_bhb_loop+0x55/0xb0
[  418.507483][T23127]  ? clear_bhb_loop+0x55/0xb0
[  418.512154][T23127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.518106][T23127] RIP: 0033:0x7f130b429eb9
[  418.522523][T23127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  418.542198][T23127] RSP: 002b:00007f130a0a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  418.550632][T23127] RAX: ffffffffffffffda RBX: 00007f130b5c5f80 RCX: 00007f130b429eb9
[  418.558588][T23127] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000000
[  418.566612][T23127] RBP: 00007f130a0a7090 R08: 0000000000000000 R09: 0000000000000000
[  418.574569][T23127] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  418.582524][T23127] R13: 0000000000000000 R14: 00007f130b5c5f80 R15: 00007ffc1d747e68
[  418.590506][T23127]  </TASK>
[  418.610414][T16529] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.642315][T23133] loop0: detected capacity change from 0 to 1024
[  418.649865][T23133] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  418.660809][T23133] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  418.672795][T23136] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5813'.
[  418.683361][T23133] jbd2_journal_init_inode: Cannot locate journal superblock
[  418.690719][T23133] EXT4-fs (loop0): Could not load journal inode
[  418.763132][T23133] loop0: detected capacity change from 0 to 1024
[  418.769654][T23133] ext4: Unknown parameter 'fowner>00000000000000000000'
[  418.961863][T23151] loop4: detected capacity change from 0 to 512
[  418.983894][T23152] loop0: detected capacity change from 0 to 164
[  418.991983][T23152] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  419.003183][T23152] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  419.045590][T23151] tmpfs: Unknown parameter 'fsconteØV…'
[  419.727014][T23169] FAULT_INJECTION: forcing a failure.
[  419.727014][T23169] name failslab, interval 1, probability 0, space 0, times 0
[  419.739789][T23169] CPU: 0 UID: 0 PID: 23169 Comm: syz.0.5826 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
[  419.750967][T23169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  419.761022][T23169] Call Trace:
[  419.764278][T23169]  <TASK>
[  419.767270][T23169]  dump_stack_lvl+0xf2/0x150
[  419.771848][T23169]  dump_stack+0x15/0x20
[  419.776010][T23169]  should_fail_ex+0x229/0x230
[  419.780666][T23169]  ? __request_module+0x1ba/0x3e0
[  419.785758][T23169]  should_failslab+0x8f/0xb0
[  419.790358][T23169]  __kmalloc_cache_noprof+0x4b/0x2a0
[  419.795640][T23169]  ? dev_load+0x5e/0xb0
[  419.799831][T23169]  __request_module+0x1ba/0x3e0
[  419.804666][T23169]  ? capable+0x7c/0xb0
[  419.808782][T23169]  ? security_capable+0x64/0x80
[  419.813621][T23169]  dev_load+0x5e/0xb0
[  419.817580][T23169]  dev_ioctl+0x741/0xab0
[  419.821907][T23169]  sock_do_ioctl+0x11c/0x260
[  419.826482][T23169]  sock_ioctl+0x470/0x640
[  419.830900][T23169]  ? __pfx_sock_ioctl+0x10/0x10
[  419.835791][T23169]  __se_sys_ioctl+0xd3/0x150
[  419.840482][T23169]  __x64_sys_ioctl+0x43/0x50
[  419.845064][T23169]  x64_sys_call+0x15cc/0x2d60
[  419.849723][T23169]  do_syscall_64+0xc9/0x1c0
[  419.854216][T23169]  ? clear_bhb_loop+0x55/0xb0
[  419.858880][T23169]  ? clear_bhb_loop+0x55/0xb0
[  419.863582][T23169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.869534][T23169] RIP: 0033:0x7f130b429eb9
[  419.874001][T23169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.893678][T23169] RSP: 002b:00007f130a0a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  419.902118][T23169] RAX: ffffffffffffffda RBX: 00007f130b5c5f80 RCX: 00007f130b429eb9
[  419.910067][T23169] RDX: 0000000020000040 RSI: 0000000000008923 RDI: 0000000000000003
[  419.918021][T23169] RBP: 00007f130a0a7090 R08: 0000000000000000 R09: 0000000000000000
[  419.925978][T23169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.933931][T23169] R13: 0000000000000000 R14: 00007f130b5c5f80 R15: 00007ffc1d747e68
[  419.941928][T23169]  </TASK>
[  419.987185][T23175] loop1: detected capacity change from 0 to 128
[  420.001325][T23175] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  420.019543][T23184] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5831'.
[  420.024731][T23175] ext4 filesystem being mounted at /401/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  420.062866][T23184] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.137181][T23184] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.236113][T23184] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.254461][T23193] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.286037][T23184] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.306312][T23193] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.321985][T23184] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  420.332723][T23184] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  420.343529][T23184] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  420.354649][T23184] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  420.364385][T23193] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.381948][T23196] loop2: detected capacity change from 0 to 512
[  420.417265][T23193] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.479476][T23193] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  420.490128][T23193] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  420.500653][T23193] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  420.512676][T23193] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  420.619257][T23200] netlink: 'syz.0.5835': attribute type 37 has an invalid length.
[  420.662856][T23206] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  420.732555][T23213] FAULT_INJECTION: forcing a failure.
[  420.732555][T23213] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  420.745773][T23213] CPU: 0 UID: 0 PID: 23213 Comm: syz.0.5841 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
[  420.756597][T23213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  420.766926][T23213] Call Trace:
[  420.770355][T23213]  <TASK>
[  420.773343][T23213]  dump_stack_lvl+0xf2/0x150
[  420.777934][T23213]  dump_stack+0x15/0x20
[  420.782102][T23213]  should_fail_ex+0x229/0x230
[  420.786778][T23213]  should_fail+0xb/0x10
[  420.790941][T23213]  should_fail_usercopy+0x1a/0x20
[  420.796004][T23213]  _copy_from_iter+0xd3/0xb00
[  420.800664][T23213]  ? kmalloc_reserve+0x16e/0x190
[  420.805588][T23213]  ? __build_skb_around+0x196/0x1f0
[  420.810804][T23213]  ? __alloc_skb+0x21f/0x310
[  420.815406][T23213]  ? __virt_addr_valid+0x1ed/0x250
[  420.820515][T23213]  ? __check_object_size+0x35b/0x510
[  420.825943][T23213]  netlink_sendmsg+0x460/0x6e0
[  420.830793][T23213]  ? __pfx_netlink_sendmsg+0x10/0x10
[  420.836072][T23213]  __sock_sendmsg+0x140/0x180
[  420.840804][T23213]  ____sys_sendmsg+0x312/0x410
[  420.845565][T23213]  __sys_sendmsg+0x1e9/0x280
[  420.850183][T23213]  __x64_sys_sendmsg+0x46/0x50
[  420.854941][T23213]  x64_sys_call+0x2689/0x2d60
[  420.859612][T23213]  do_syscall_64+0xc9/0x1c0
[  420.864108][T23213]  ? clear_bhb_loop+0x55/0xb0
[  420.868789][T23213]  ? clear_bhb_loop+0x55/0xb0
[  420.873453][T23213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  420.879412][T23213] RIP: 0033:0x7f130b429eb9
[  420.883822][T23213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  420.903421][T23213] RSP: 002b:00007f130a0a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  420.911923][T23213] RAX: ffffffffffffffda RBX: 00007f130b5c5f80 RCX: 00007f130b429eb9
[  420.919907][T23213] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000004
[  420.927938][T23213] RBP: 00007f130a0a7090 R08: 0000000000000000 R09: 0000000000000000
[  420.935901][T23213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  420.943872][T23213] R13: 0000000000000000 R14: 00007f130b5c5f80 R15: 00007ffc1d747e68
[  420.951896][T23213]  </TASK>
[  420.989785][T16618] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  420.995516][T23215] loop0: detected capacity change from 0 to 512
[  421.007830][T23215] tmpfs: Unknown parameter 'fsconteØV…'
[  421.056054][T23224] __nla_validate_parse: 1 callbacks suppressed
[  421.056078][T23224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5845'.
[  421.071336][T23224] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5845'.
[  421.100457][T23228] loop0: detected capacity change from 0 to 1024
[  421.107408][T23228] EXT4-fs: Ignoring removed nobh option
[  421.126145][T23228] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  421.145437][T23228] EXT4-fs error (device loop0): ext4_lookup:1811: inode #12: comm syz.0.5847: iget: bad extended attribute block 768799145984
[  421.159554][T23228] EXT4-fs error (device loop0): ext4_lookup:1811: inode #12: comm syz.0.5847: iget: bad extended attribute block 768799145984
[  421.432665][T23237] netlink: 'syz.2.5848': attribute type 3 has an invalid length.
[  421.494849][   T29] kauditd_printk_skb: 423 callbacks suppressed
[  421.494862][   T29] audit: type=1326 audit(2000000020.820:23789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23238 comm="syz.4.5849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  421.566245][   T29] audit: type=1326 audit(2000000020.820:23790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23238 comm="syz.4.5849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  421.589895][   T29] audit: type=1326 audit(2000000020.850:23791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23238 comm="syz.4.5849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  421.613454][   T29] audit: type=1326 audit(2000000020.850:23792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23238 comm="syz.4.5849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  421.637018][   T29] audit: type=1326 audit(2000000020.850:23793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23238 comm="syz.4.5849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  421.709551][T23243] pim6reg1: entered promiscuous mode
[  421.714895][T23243] pim6reg1: entered allmulticast mode
[  421.916213][T23248] loop1: detected capacity change from 0 to 1024
[  421.922969][T23248] EXT4-fs: Ignoring removed oldalloc option
[  421.936542][T23248] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  421.951864][T23248] EXT4-fs (loop1): shut down requested (0)
[  421.960649][T23248] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  421.971190][T23248] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  421.982292][T23248] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  421.991469][T23248] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  422.001646][T23248] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  422.010545][T23248] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  422.023152][T23252] netlink: 'syz.1.5853': attribute type 3 has an invalid length.
[  422.042808][T16618] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.142070][T23254] loop2: detected capacity change from 0 to 512
[  422.154385][T23254] tmpfs: Unknown parameter 'fscontexV…'
[  422.226967][T23262] loop2: detected capacity change from 0 to 512
[  422.254896][   T29] audit: type=1326 audit(2000000021.570:23794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23263 comm="syz.1.5859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a8ec79eb9 code=0x7ffc0000
[  422.278532][   T29] audit: type=1326 audit(2000000021.570:23795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23263 comm="syz.1.5859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f4a8ec79eb9 code=0x7ffc0000
[  422.300042][T23266] loop1: detected capacity change from 0 to 256
[  422.302235][   T29] audit: type=1326 audit(2000000021.570:23796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23263 comm="syz.1.5859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a8ec79eb9 code=0x7ffc0000
[  422.332326][   T29] audit: type=1326 audit(2000000021.570:23797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23263 comm="syz.1.5859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a8ec79eb9 code=0x7ffc0000
[  422.355917][   T29] audit: type=1326 audit(2000000021.570:23798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23263 comm="syz.1.5859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a8ec79eb9 code=0x7ffc0000
[  422.584660][T23271] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5861'.
[  422.740177][T16688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.751603][T23276] loop4: detected capacity change from 0 to 2048
[  422.763645][T23278] netlink: 'syz.3.5864': attribute type 3 has an invalid length.
[  422.772077][T23276] EXT4-fs: Ignoring removed bh option
[  422.777510][T23276] EXT4-fs: Ignoring removed nomblk_io_submit option
[  422.796548][T23276] EXT4-fs: Ignoring removed nobh option
[  422.859449][T23276] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  422.874402][T23276] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  422.889093][T23276] EXT4-fs error (device loop4): __ext4_remount:6491: comm syz.4.5863: Abort forced by user
[  422.899662][T23276] EXT4-fs (loop4): Remounting filesystem read-only
[  422.908112][T23276] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[  422.917116][T23276] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[  422.928413][T23276] raw_sendmsg: syz.4.5863 forgot to set AF_INET. Fix it!
[  422.949877][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.995030][T23294] netlink: 'syz.0.5865': attribute type 3 has an invalid length.
[  423.181945][T23304] loop4: detected capacity change from 0 to 1024
[  423.189950][T23304] EXT4-fs: Ignoring removed nobh option
[  423.217458][T23304] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  423.279142][T23304] EXT4-fs error (device loop4): ext4_lookup:1811: inode #12: comm syz.4.5873: iget: bad extended attribute block 768799145984
[  423.299795][T23304] EXT4-fs error (device loop4): ext4_lookup:1811: inode #12: comm syz.4.5873: iget: bad extended attribute block 768799145984
[  423.327439][T23316] loop2: detected capacity change from 0 to 512
[  423.336154][T23316] tmpfs: Unknown parameter 'fscontexV…'
[  423.342456][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.387435][T23325] netlink: 'syz.2.5881': attribute type 4 has an invalid length.
[  423.404397][T23327] loop4: detected capacity change from 0 to 256
[  423.425721][T23325] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5881'.
[  423.492317][T23325] netlink: 'syz.2.5881': attribute type 17 has an invalid length.
[  423.550464][T23342] Process accounting resumed
[  423.647900][T23352] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23352 comm=syz.4.5891
[  423.666725][T23351] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5888'.
[  423.681868][T23355] loop0: detected capacity change from 0 to 256
[  423.753373][T23358] netlink: 'syz.3.5892': attribute type 3 has an invalid length.
[  424.597320][T23385] xt_hashlimit: max too large, truncated to 1048576
[  424.607845][T23385] IPv4: Oversized IP packet from 172.20.20.24
[  424.614033][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  424.620199][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  424.639491][T23386] netlink: 'syz.2.5905': attribute type 3 has an invalid length.
[  424.701568][T23392] netlink: 'syz.4.5903': attribute type 3 has an invalid length.
[  425.043327][T23405] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23405 comm=syz.2.5909
[  425.107593][T23411] loop2: detected capacity change from 0 to 512
[  425.301227][T23414] netlink: 'syz.1.5911': attribute type 3 has an invalid length.
[  426.632127][   T29] kauditd_printk_skb: 352 callbacks suppressed
[  426.632141][   T29] audit: type=1326 audit(2000000025.950:24151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  426.794627][   T29] audit: type=1326 audit(2000000025.950:24152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  426.818413][   T29] audit: type=1326 audit(2000000025.950:24153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  426.841976][   T29] audit: type=1326 audit(2000000025.950:24154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  426.865538][   T29] audit: type=1326 audit(2000000025.950:24155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  426.889198][   T29] audit: type=1326 audit(2000000025.950:24156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  426.912763][   T29] audit: type=1326 audit(2000000025.950:24157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  426.936389][   T29] audit: type=1326 audit(2000000025.950:24158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  426.959911][   T29] audit: type=1326 audit(2000000025.950:24159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  426.983581][   T29] audit: type=1326 audit(2000000025.950:24160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f130b429eb9 code=0x7ffc0000
[  428.314785][T23472] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  428.414679][T23472] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  431.649542][   T29] kauditd_printk_skb: 8350 callbacks suppressed
[  431.649557][   T29] audit: type=1326 audit(2000000030.970:32511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f130b3c5839 code=0x7ffc0000
[  431.679328][   T29] audit: type=1326 audit(2000000030.970:32512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f130b3c5839 code=0x7ffc0000
[  431.702894][   T29] audit: type=1326 audit(2000000030.970:32513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f130b3c5839 code=0x7ffc0000
[  431.726364][   T29] audit: type=1326 audit(2000000030.970:32514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f130b3c5839 code=0x7ffc0000
[  431.749860][   T29] audit: type=1326 audit(2000000030.970:32515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f130b3c5839 code=0x7ffc0000
[  431.773392][   T29] audit: type=1326 audit(2000000030.970:32516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f130b3c5839 code=0x7ffc0000
[  431.797083][   T29] audit: type=1326 audit(2000000030.970:32517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f130b3c5839 code=0x7ffc0000
[  431.820693][   T29] audit: type=1326 audit(2000000030.970:32518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f130b3c5839 code=0x7ffc0000
[  431.844158][   T29] audit: type=1326 audit(2000000030.970:32519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f130b3c5839 code=0x7ffc0000
[  431.867638][   T29] audit: type=1326 audit(2000000030.970:32520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23473 comm="syz.0.5934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f130b3c5839 code=0x7ffc0000
[  433.485258][T23474] loop0: detected capacity change from 0 to 1024
[  433.492385][T23474] EXT4-fs: Ignoring removed nobh option
[  433.715076][T23474] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  434.824768][T23474] EXT4-fs error (device loop0): ext4_lookup:1811: inode #12: comm syz.0.5934: iget: bad extended attribute block 768799145984
[  435.426715][T23483] FAULT_INJECTION: forcing a failure.
[  435.426715][T23483] name failslab, interval 1, probability 0, space 0, times 0
[  435.439381][T23483] CPU: 0 UID: 0 PID: 23483 Comm: syz.2.5935 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
[  435.450172][T23483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  435.460218][T23483] Call Trace:
[  435.463484][T23483]  <TASK>
[  435.466420][T23483]  dump_stack_lvl+0xf2/0x150
[  435.471007][T23483]  dump_stack+0x15/0x20
[  435.475152][T23483]  should_fail_ex+0x229/0x230
[  435.479836][T23483]  ? build_skb+0x33/0x210
[  435.484155][T23483]  should_failslab+0x8f/0xb0
[  435.488770][T23483]  kmem_cache_alloc_noprof+0x4c/0x290
[  435.494185][T23483]  ? alloc_pages_mpol_noprof+0xd5/0x1e0
[  435.499856][T23483]  build_skb+0x33/0x210
[  435.504052][T23483]  __tun_build_skb+0x2b/0x1b0
[  435.508726][T23483]  ? tun_get_user+0x1474/0x24b0
[  435.513627][T23483]  tun_get_user+0x1494/0x24b0
[  435.518392][T23483]  ? ref_tracker_alloc+0x1f5/0x2f0
[  435.523587][T23483]  tun_chr_write_iter+0x18e/0x240
[  435.528766][T23483]  vfs_write+0x78f/0x900
[  435.533001][T23483]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  435.538592][T23483]  ksys_write+0xeb/0x1b0
[  435.542909][T23483]  __x64_sys_write+0x42/0x50
[  435.547495][T23483]  x64_sys_call+0x27dd/0x2d60
[  435.552166][T23483]  do_syscall_64+0xc9/0x1c0
[  435.556658][T23483]  ? clear_bhb_loop+0x55/0xb0
[  435.561406][T23483]  ? clear_bhb_loop+0x55/0xb0
[  435.566111][T23483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.572012][T23483] RIP: 0033:0x7f5bb30d899f
[  435.576414][T23483] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  435.596129][T23483] RSP: 002b:00007f5bb1d51000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  435.604536][T23483] RAX: ffffffffffffffda RBX: 00007f5bb3275f80 RCX: 00007f5bb30d899f
[  435.612544][T23483] RDX: 0000000000000082 RSI: 0000000020000180 RDI: 00000000000000c8
[  435.620576][T23483] RBP: 00007f5bb1d51090 R08: 0000000000000000 R09: 0000000000000000
[  435.628626][T23483] R10: 0000000000000082 R11: 0000000000000293 R12: 0000000000000001
[  435.636583][T23483] R13: 0000000000000000 R14: 00007f5bb3275f80 R15: 00007ffc89efe968
[  435.644625][T23483]  </TASK>
[  435.655480][T16688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  435.662175][T23486] loop1: detected capacity change from 0 to 512
[  435.701005][T23490] loop0: detected capacity change from 0 to 256
[  435.988120][T23524] xt_CT: You must specify a L4 protocol and not use inversions on it
[  436.689516][T23541] loop0: detected capacity change from 0 to 2048
[  436.703403][T23541] EXT4-fs: Ignoring removed orlov option
[  436.729246][T23541] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  436.800728][T23541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5959'.
[  436.811778][T23541] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.891857][T23541] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.925599][T23549] netlink: 'syz.1.5960': attribute type 4 has an invalid length.
[  436.991026][T23541] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.010304][T23549] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5960'.
[  437.050404][T23541] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.109365][T23549] netlink: 'syz.1.5960': attribute type 17 has an invalid length.
[  437.236829][   T29] kauditd_printk_skb: 3829 callbacks suppressed
[  437.236844][   T29] audit: type=1326 audit(2000000036.560:36350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23555 comm="syz.1.5962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a8ec79eb9 code=0x7ffc0000
[  437.257505][T23541] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  437.284555][T23541] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  437.305012][T23541] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  437.311162][   T29] audit: type=1326 audit(2000000036.600:36351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23555 comm="syz.1.5962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4a8ec79eb9 code=0x7ffc0000
[  437.336853][   T29] audit: type=1326 audit(2000000036.600:36352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23555 comm="syz.1.5962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a8ec79eb9 code=0x7ffc0000
[  437.360481][   T29] audit: type=1326 audit(2000000036.600:36353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23555 comm="syz.1.5962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a8ec79eb9 code=0x7ffc0000
[  437.375877][T23541] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  437.432660][T23563] loop1: detected capacity change from 0 to 512
[  437.443823][T16688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.466622][T23563] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002]
[  437.475264][T23563] System zones: 0-2, 18-18, 34-35
[  437.484911][T23563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.512459][T23563] ext4 filesystem being mounted at /420/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  437.540429][   T29] audit: type=1400 audit(2000000036.860:36354): avc:  denied  { append } for  pid=23562 comm="syz.1.5964" name="ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  437.541819][T23563] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.5964: Directory hole found for htree leaf block 0
[  437.584596][T23578] loop4: detected capacity change from 0 to 1024
[  437.596376][T23563] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5964'.
[  437.615048][T23578] EXT4-fs: Ignoring removed oldalloc option
[  437.621311][   T29] audit: type=1400 audit(2000000036.860:36355): avc:  denied  { create } for  pid=23562 comm="syz.1.5964" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  437.671394][T23578] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  437.696938][   T29] audit: type=1326 audit(2000000037.010:36356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23584 comm="syz.2.5975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  437.720584][   T29] audit: type=1326 audit(2000000037.010:36357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23584 comm="syz.2.5975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  437.744325][   T29] audit: type=1326 audit(2000000037.010:36358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23584 comm="syz.2.5975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  437.767907][   T29] audit: type=1326 audit(2000000037.010:36359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23584 comm="syz.2.5975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  437.795577][T23578] netlink: 'syz.4.5972': attribute type 3 has an invalid length.
[  437.810326][T16618] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.842713][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.883839][T23603] loop1: detected capacity change from 0 to 256
[  437.909851][T23605] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  437.916418][T23605] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  437.925330][T23605] vhci_hcd vhci_hcd.0: Device attached
[  437.934444][T23607] usbip_core: unknown command
[  437.939185][T23607] vhci_hcd: unknown pdu 589373486
[  437.944219][T23607] usbip_core: unknown command
[  437.958740][T10458] vhci_hcd: stop threads
[  437.963036][T10458] vhci_hcd: release socket
[  437.967465][T10458] vhci_hcd: disconnect device
[  438.149641][T23629] FAULT_INJECTION: forcing a failure.
[  438.149641][T23629] name failslab, interval 1, probability 0, space 0, times 0
[  438.162393][T23629] CPU: 0 UID: 0 PID: 23629 Comm: syz.1.5992 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
[  438.173152][T23629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  438.183201][T23629] Call Trace:
[  438.186591][T23629]  <TASK>
[  438.189559][T23629]  dump_stack_lvl+0xf2/0x150
[  438.194224][T23629]  dump_stack+0x15/0x20
[  438.198441][T23629]  should_fail_ex+0x229/0x230
[  438.203110][T23629]  ? build_skb+0x33/0x210
[  438.207480][T23629]  should_failslab+0x8f/0xb0
[  438.212066][T23629]  kmem_cache_alloc_noprof+0x4c/0x290
[  438.217515][T23629]  ? alloc_pages_mpol_noprof+0xd5/0x1e0
[  438.223170][T23629]  build_skb+0x33/0x210
[  438.227350][T23629]  __tun_build_skb+0x2b/0x1b0
[  438.232014][T23629]  ? tun_get_user+0x1474/0x24b0
[  438.236912][T23629]  tun_get_user+0x1494/0x24b0
[  438.241683][T23629]  ? ref_tracker_alloc+0x1f5/0x2f0
[  438.246835][T23629]  tun_chr_write_iter+0x18e/0x240
[  438.251957][T23629]  vfs_write+0x78f/0x900
[  438.256227][T23629]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  438.261769][T23629]  ksys_write+0xeb/0x1b0
[  438.266039][T23629]  __x64_sys_write+0x42/0x50
[  438.270710][T23629]  x64_sys_call+0x27dd/0x2d60
[  438.275428][T23629]  do_syscall_64+0xc9/0x1c0
[  438.279913][T23629]  ? clear_bhb_loop+0x55/0xb0
[  438.284729][T23629]  ? clear_bhb_loop+0x55/0xb0
[  438.289389][T23629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.295357][T23629] RIP: 0033:0x7f4a8ec7899f
[  438.299815][T23629] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  438.319423][T23629] RSP: 002b:00007f4a8d8f1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  438.327816][T23629] RAX: ffffffffffffffda RBX: 00007f4a8ee15f80 RCX: 00007f4a8ec7899f
[  438.335799][T23629] RDX: 0000000000000082 RSI: 0000000020000180 RDI: 00000000000000c8
[  438.343752][T23629] RBP: 00007f4a8d8f1090 R08: 0000000000000000 R09: 0000000000000000
[  438.351719][T23629] R10: 0000000000000082 R11: 0000000000000293 R12: 0000000000000001
[  438.359779][T23629] R13: 0000000000000000 R14: 00007f4a8ee15f80 R15: 00007ffce04a0398
[  438.367812][T23629]  </TASK>
[  438.429803][T23634] netlink: zone id is out of range
[  438.435287][T23634] netlink: set zone limit has 8 unknown bytes
[  438.463344][T23641] loop2: detected capacity change from 0 to 256
[  438.474308][T23644] loop1: detected capacity change from 0 to 256
[  438.592585][T23657] loop2: detected capacity change from 0 to 1024
[  438.600942][T23653] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6002'.
[  438.608672][T23657] EXT4-fs: Ignoring removed oldalloc option
[  438.629124][T23653] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.633892][T23659] loop1: detected capacity change from 0 to 256
[  438.651813][T23657] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  438.699143][T23657] netlink: 'syz.2.6003': attribute type 3 has an invalid length.
[  438.718607][T16529] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.731693][T23653] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.775581][T23653] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.817636][T23672] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6009'.
[  438.843303][T23672] x_tables: ip_tables: ah match: only valid for protocol 51
[  438.854872][T23653] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.870402][T23671] loop0: detected capacity change from 0 to 8192
[  438.913279][T23676] netlink: 'syz.2.6011': attribute type 1 has an invalid length.
[  438.927783][T23653] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  438.948574][T23653] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  438.960600][T23653] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  438.973289][T23653] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  439.057630][T23671] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  439.065303][T23671] FAT-fs (loop0): Filesystem has been set read-only
[  439.073993][T23677] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  439.107174][T23671] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  439.117519][T23671] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  439.126526][T23671] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  439.135830][T23671] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  439.145272][T23671] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  439.155218][T23671] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  439.164002][T23671] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  439.180736][T23681] netlink: 112 bytes leftover after parsing attributes in process `syz.1.6012'.
[  439.231756][T23687] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6016'.
[  439.242047][T23687] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.262065][T23689] loop1: detected capacity change from 0 to 1024
[  439.268931][T23689] EXT4-fs: Ignoring removed oldalloc option
[  439.286126][T23689] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  439.300024][T23687] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.313572][T23689] netlink: 'syz.1.6017': attribute type 3 has an invalid length.
[  439.328148][T16618] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  439.360521][T23687] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.429571][T23687] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.595027][T23709] loop4: detected capacity change from 0 to 4096
[  439.609430][T23709] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  439.635191][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  439.726976][T23716] netlink: 112 bytes leftover after parsing attributes in process `syz.0.6025'.
[  439.828412][T23724] loop4: detected capacity change from 0 to 1024
[  439.835534][T23724] EXT4-fs: Ignoring removed oldalloc option
[  439.848022][T23724] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  439.863763][T23724] netlink: 'syz.4.6029': attribute type 3 has an invalid length.
[  439.882428][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  439.908647][T23736] netlink: 'syz.4.6034': attribute type 4 has an invalid length.
[  439.927692][T23736] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6034'.
[  439.945073][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811529d400: rx timeout, send abort
[  439.953250][    C1] vcan0: j1939_tp_rxtimer: 0xffff888114ce0a00: rx timeout, send abort
[  439.961492][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811529d400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  439.975802][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888114ce0a00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  439.996193][T23738] netlink: 'syz.4.6034': attribute type 17 has an invalid length.
[  440.014221][T23741] netlink: 112 bytes leftover after parsing attributes in process `syz.0.6036'.
[  440.195431][T23760] pim6reg1: entered promiscuous mode
[  440.200779][T23760] pim6reg1: entered allmulticast mode
[  440.201402][T23762] loop4: detected capacity change from 0 to 2048
[  440.212853][T23762] EXT4-fs: Ignoring removed orlov option
[  440.225862][T23762] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  440.245685][T23762] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.303887][T23762] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.372276][T23762] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.384403][T23773] loop0: detected capacity change from 0 to 256
[  440.415209][    C1] vcan0: j1939_tp_rxtimer: 0xffff888115262200: rx timeout, send abort
[  440.423439][    C1] vcan0: j1939_tp_rxtimer: 0xffff888115263600: rx timeout, send abort
[  440.431785][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888115262200: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  440.434352][T23762] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.446072][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888115263600: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  440.490503][T23776] loop1: detected capacity change from 0 to 512
[  440.501948][T23776] tmpfs: Bad value for 'fscontext'
[  440.522280][T23762] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  440.537658][T23762] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  440.549103][T23762] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  440.560745][T23762] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  440.580654][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  440.613483][T23784] loop1: detected capacity change from 0 to 256
[  440.700155][T23793] x_tables: ip_tables: ah match: only valid for protocol 51
[  440.764975][T23799] loop0: detected capacity change from 0 to 512
[  440.772726][T23800] FAULT_INJECTION: forcing a failure.
[  440.772726][T23800] name failslab, interval 1, probability 0, space 0, times 0
[  440.778692][T23799] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002]
[  440.785434][T23800] CPU: 1 UID: 0 PID: 23800 Comm: syz.1.6060 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
[  440.793516][T23799] System zones: 
[  440.804052][T23800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  440.804066][T23800] Call Trace:
[  440.804074][T23800]  <TASK>
[  440.804082][T23800]  dump_stack_lvl+0xf2/0x150
[  440.807631][T23799] 0-2
[  440.817646][T23800]  dump_stack+0x15/0x20
[  440.820915][T23799] , 18-18
[  440.823823][T23800]  should_fail_ex+0x229/0x230
[  440.828431][T23799] , 34-35
[  440.830944][T23800]  ? __kvmalloc_node_noprof+0x72/0x170
[  440.835096][T23799] 
[  440.853403][T23800]  should_failslab+0x8f/0xb0
[  440.858094][T23800]  __kmalloc_node_noprof+0xa8/0x380
[  440.860963][T23799] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  440.863303][T23800]  __kvmalloc_node_noprof+0x72/0x170
[  440.877751][T23799] ext4 filesystem being mounted at /446/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  440.880946][T23800]  pfifo_fast_init+0xce/0x360
[  440.896038][T23800]  qdisc_create_dflt+0xce/0x280
[  440.900934][T23800]  dev_activate+0x20e/0x9e0
[  440.905457][T23800]  __dev_open+0x263/0x2e0
[  440.909878][T23800]  __dev_change_flags+0x155/0x410
[  440.914902][T23800]  dev_change_flags+0x59/0xd0
[  440.919575][T23800]  dev_ifsioc+0x67f/0xa10
[  440.923952][T23800]  dev_ioctl+0x7fa/0xab0
[  440.928185][T23800]  sock_do_ioctl+0x11c/0x260
[  440.932805][T23800]  sock_ioctl+0x470/0x640
[  440.937203][T23800]  ? __pfx_sock_ioctl+0x10/0x10
[  440.942114][T23800]  __se_sys_ioctl+0xd3/0x150
[  440.946770][T23800]  __x64_sys_ioctl+0x43/0x50
[  440.951397][T23800]  x64_sys_call+0x15cc/0x2d60
[  440.956217][T23800]  do_syscall_64+0xc9/0x1c0
[  440.960726][T23800]  ? clear_bhb_loop+0x55/0xb0
[  440.965400][T23800]  ? clear_bhb_loop+0x55/0xb0
[  440.970079][T23800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.976018][T23800] RIP: 0033:0x7f4a8ec79eb9
[  440.980420][T23800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  441.000038][T23800] RSP: 002b:00007f4a8d8f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  441.008628][T23800] RAX: ffffffffffffffda RBX: 00007f4a8ee15f80 RCX: 00007f4a8ec79eb9
[  441.016641][T23800] RDX: 0000000020000100 RSI: 0000000000008914 RDI: 0000000000000008
[  441.024602][T23800] RBP: 00007f4a8d8f1090 R08: 0000000000000000 R09: 0000000000000000
[  441.032659][T23800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  441.040620][T23800] R13: 0000000000000000 R14: 00007f4a8ee15f80 R15: 00007ffce04a0398
[  441.048587][T23800]  </TASK>
[  441.051683][T23800] pim6reg1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  441.073122][T23804] loop2: detected capacity change from 0 to 512
[  441.083682][T23804] tmpfs: Bad value for 'fscontext'
[  441.126190][T23800] pim6reg1: entered promiscuous mode
[  441.131593][T23800] pim6reg1: entered allmulticast mode
[  441.271093][T23811] loop2: detected capacity change from 0 to 2048
[  441.309697][T16688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.323717][T23811] EXT4-fs: Ignoring removed orlov option
[  441.406995][T23811] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  441.427367][T23811] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.476752][T23811] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.555211][T23832] loop4: detected capacity change from 0 to 512
[  441.566457][T23832] tmpfs: Bad value for 'fscontext'
[  441.578544][T23811] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.628006][T23841] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  441.636834][T23841] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  441.646324][T23811] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.698036][T23847] 9pnet_fd: Insufficient options for proto=fd
[  441.707055][T23847] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  441.711344][T23811] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  441.723691][T23847] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  441.728124][T23811] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  441.742451][T23811] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  441.752842][T23811] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  441.771057][T16529] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.867185][T23855] loop2: detected capacity change from 0 to 256
[  441.966772][T23862] loop2: detected capacity change from 0 to 512
[  441.975374][T23862] tmpfs: Bad value for 'fscontext'
[  442.280782][T23871] loop0: detected capacity change from 0 to 256
[  442.368745][T23873] loop0: detected capacity change from 0 to 1024
[  442.385977][T23873] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  442.401241][   T29] kauditd_printk_skb: 451 callbacks suppressed
[  442.401255][   T29] audit: type=1400 audit(2000000099.722:36811): avc:  denied  { write } for  pid=23872 comm="syz.0.6091" path="socket:[89584]" dev="sockfs" ino=89584 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  442.433316][ T3375] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  442.448587][ T3375] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  442.460847][ T3375] EXT4-fs (loop0): This should not happen!! Data will be lost
[  442.460847][ T3375] 
[  442.470554][ T3375] EXT4-fs (loop0): Total free blocks count 0
[  442.476627][ T3375] EXT4-fs (loop0): Free/Dirty block details
[  442.482586][ T3375] EXT4-fs (loop0): free_blocks=68451041280
[  442.488411][ T3375] EXT4-fs (loop0): dirty_blocks=16
[  442.493519][ T3375] EXT4-fs (loop0): Block reservation details
[  442.499582][ T3375] EXT4-fs (loop0): i_reserved_data_blocks=1
[  442.506323][T16688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  442.531282][T23877] loop0: detected capacity change from 0 to 2048
[  442.537880][T23877] EXT4-fs: Ignoring removed orlov option
[  442.546105][T23877] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  442.561430][T23877] __nla_validate_parse: 4 callbacks suppressed
[  442.561444][T23877] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6092'.
[  442.577743][T23877] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.626251][T23877] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.686115][T23877] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.746303][T23877] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.897311][T23886] loop2: detected capacity change from 0 to 256
[  442.988057][   T29] audit: type=1326 audit(2000000100.312:36812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  443.011879][   T29] audit: type=1326 audit(2000000100.312:36813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  443.036574][   T29] audit: type=1326 audit(2000000100.312:36814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  443.060192][   T29] audit: type=1326 audit(2000000100.312:36815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  443.083845][   T29] audit: type=1326 audit(2000000100.312:36816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  443.107502][   T29] audit: type=1326 audit(2000000100.312:36817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  443.126614][T23892] netlink: 'syz.2.6098': attribute type 4 has an invalid length.
[  443.131157][   T29] audit: type=1326 audit(2000000100.312:36818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  443.162520][   T29] audit: type=1326 audit(2000000100.312:36819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  443.186308][   T29] audit: type=1326 audit(2000000100.312:36820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bb30d9eb9 code=0x7ffc0000
[  443.211541][T23893] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6098'.
[  443.223103][T23892] netlink: 'syz.2.6098': attribute type 17 has an invalid length.
[  443.359231][T23911] netlink: 'syz.2.6103': attribute type 4 has an invalid length.
[  443.370613][T23911] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6103'.
[  443.381209][T23911] netlink: 'syz.2.6103': attribute type 17 has an invalid length.
[  443.406510][T23913] loop2: detected capacity change from 0 to 512
[  443.415310][T23913] tmpfs: Bad value for 'fscontext'
[  443.514778][T23693] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  443.530373][T23693] EXT4-fs (loop0): Remounting filesystem read-only
[  443.543750][T23921] loop2: detected capacity change from 0 to 256
[  443.641641][T23923] loop2: detected capacity change from 0 to 1024
[  443.648392][T23923] EXT4-fs: Ignoring removed oldalloc option
[  443.665991][T23923] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  443.679070][T23923] EXT4-fs (loop2): shut down requested (0)
[  443.685988][T23923] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  443.694901][T23923] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  443.703714][T23923] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  443.712525][T23923] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  443.721445][T23923] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  443.730247][T23923] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  443.750832][T23923] netlink: 'syz.2.6109': attribute type 3 has an invalid length.
[  443.762668][T16529] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.780522][T23931] netlink: 'syz.2.6110': attribute type 4 has an invalid length.
[  443.790682][T23931] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6110'.
[  443.800952][T23931] netlink: 'syz.2.6110': attribute type 17 has an invalid length.
[  443.850771][T23937] loop2: detected capacity change from 0 to 256
[  444.049944][T23949] loop2: detected capacity change from 0 to 256
[  444.070333][T23877] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  444.081650][T23877] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  444.092994][T23877] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  444.104347][T23877] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  444.120946][T16688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  444.152829][T23955] netlink: 'syz.2.6122': attribute type 4 has an invalid length.
[  444.163067][T23955] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6122'.
[  444.227439][T23955] netlink: 'syz.2.6122': attribute type 17 has an invalid length.
[  444.312440][T23969] xt_CT: You must specify a L4 protocol and not use inversions on it
[  444.376369][T23975] FAULT_INJECTION: forcing a failure.
[  444.376369][T23975] name failslab, interval 1, probability 0, space 0, times 0
[  444.389101][T23975] CPU: 0 UID: 0 PID: 23975 Comm: syz.0.6130 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
[  444.400007][T23975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  444.410095][T23975] Call Trace:
[  444.413380][T23975]  <TASK>
[  444.416299][T23975]  dump_stack_lvl+0xf2/0x150
[  444.420892][T23975]  dump_stack+0x15/0x20
[  444.425027][T23975]  should_fail_ex+0x229/0x230
[  444.429688][T23975]  ? fdb_create+0x111/0x9d0
[  444.434184][T23975]  should_failslab+0x8f/0xb0
[  444.438777][T23975]  kmem_cache_alloc_noprof+0x4c/0x290
[  444.444211][T23975]  fdb_create+0x111/0x9d0
[  444.448526][T23975]  ? fdb_delete+0x6c7/0x860
[  444.453015][T23975]  ? fdb_find_rcu+0x277/0x290
[  444.457694][T23975]  fdb_add_local+0xe9/0x1b0
[  444.462282][T23975]  br_fdb_changeaddr+0x16d/0x260
[  444.467312][T23975]  br_device_event+0x2fe/0x570
[  444.472085][T23975]  ? __pfx_br_device_event+0x10/0x10
[  444.477355][T23975]  raw_notifier_call_chain+0x6f/0x1d0
[  444.482775][T23975]  call_netdevice_notifiers_info+0xae/0x100
[  444.488680][T23975]  dev_set_mac_address+0x1ff/0x260
[  444.493812][T23975]  dev_set_mac_address_user+0x31/0x50
[  444.499253][T23975]  dev_ifsioc+0x8c3/0xa10
[  444.503655][T23975]  dev_ioctl+0x7fa/0xab0
[  444.507900][T23975]  sock_do_ioctl+0x11c/0x260
[  444.512477][T23975]  sock_ioctl+0x470/0x640
[  444.516894][T23975]  ? __pfx_sock_ioctl+0x10/0x10
[  444.521793][T23975]  __se_sys_ioctl+0xd3/0x150
[  444.526365][T23975]  __x64_sys_ioctl+0x43/0x50
[  444.531376][T23975]  x64_sys_call+0x15cc/0x2d60
[  444.536106][T23975]  do_syscall_64+0xc9/0x1c0
[  444.540664][T23975]  ? clear_bhb_loop+0x55/0xb0
[  444.545376][T23975]  ? clear_bhb_loop+0x55/0xb0
[  444.550101][T23975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.556144][T23975] RIP: 0033:0x7f130b429eb9
[  444.560548][T23975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.580215][T23975] RSP: 002b:00007f130a0a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  444.588614][T23975] RAX: ffffffffffffffda RBX: 00007f130b5c5f80 RCX: 00007f130b429eb9
[  444.596574][T23975] RDX: 0000000020000000 RSI: 0000000000008924 RDI: 0000000000000008
[  444.605302][T23975] RBP: 00007f130a0a7090 R08: 0000000000000000 R09: 0000000000000000
[  444.613262][T23975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  444.621237][T23975] R13: 0000000000000000 R14: 00007f130b5c5f80 R15: 00007ffc1d747e68
[  444.629298][T23975]  </TASK>
[  444.647960][T23977] loop1: detected capacity change from 0 to 2048
[  444.654679][T23977] EXT4-fs: Ignoring removed orlov option
[  444.666892][T23977] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  444.681930][T23977] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6131'.
[  444.692749][T23977] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.786922][T23977] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.864957][T23989] netlink: 'syz.0.6132': attribute type 3 has an invalid length.
[  444.900816][T23977] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.977069][T23977] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  445.008849][T23990] loop4: detected capacity change from 0 to 512
[  445.044089][T23990] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.6134: bg 0: block 393: padding at end of block bitmap is not set
[  445.112160][T23977] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  445.132374][T23990] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  445.143328][T23977] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  445.157278][T23990] EXT4-fs (loop4): 2 truncates cleaned up
[  445.165497][T23977] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  445.174721][T23990] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  445.188335][T23990] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.189356][T23977] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  445.236277][T16618] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.290437][T23999] loop1: detected capacity change from 0 to 512
[  445.299895][T23999] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.6138: Parent and EA inode have the same ino 15
[  445.313286][T23999] EXT4-fs (loop1): Remounting filesystem read-only
[  445.320062][T23999] EXT4-fs (loop1): 1 orphan inode deleted
[  445.326863][T23999] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  445.339519][T23999] SELinux: (dev loop1, type ext4) getxattr errno 5
[  445.348139][T23999] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.411469][T24002] loop1: detected capacity change from 0 to 256
[  445.555248][T24006] loop1: detected capacity change from 0 to 1024
[  445.562970][T24006] EXT4-fs: Ignoring removed oldalloc option
[  445.592407][T24006] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  445.633574][T16618] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.758208][T24021] xt_CT: You must specify a L4 protocol and not use inversions on it
[  445.830560][T24026] loop0: detected capacity change from 0 to 256
[  445.833018][T23687] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  445.850054][T23687] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  445.866202][T23687] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  445.880288][T23687] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  445.951651][T24029] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6150'.
[  446.032533][T24029] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.121719][T24033] loop2: detected capacity change from 0 to 256
[  446.165171][T24035] loop0: detected capacity change from 0 to 512
[  446.179684][T24029] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.227571][T24029] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.241881][T24039] loop0: detected capacity change from 0 to 2048
[  446.248614][T24039] EXT4-fs: Ignoring removed orlov option
[  446.267587][T24039] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  446.281708][T24029] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.295676][T24039] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6154'.
[  446.296419][T24047] loop2: detected capacity change from 0 to 512
[  446.312306][T24039] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.326001][T24047] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  446.338861][T24047] ext4 filesystem being mounted at /558/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  446.367202][T24039] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.378336][T16529] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  446.426345][T24039] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  446.525724][T24039] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  447.077010][T24074] loop4: detected capacity change from 0 to 1024
[  447.111293][T24074] EXT4-fs: Ignoring removed i_version option
[  447.152757][T24074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  447.323627][T24080] loop2: detected capacity change from 0 to 256
[  447.334713][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.402852][T24082] syz.4.6164[24082] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  447.402907][T24082] syz.4.6164[24082] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  447.493458][T24088] loop4: detected capacity change from 0 to 256
[  447.595986][   T29] kauditd_printk_skb: 185 callbacks suppressed
[  447.596046][   T29] audit: type=1326 audit(2000000104.922:37006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24090 comm="syz.4.6167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  447.644861][T24091] loop4: detected capacity change from 0 to 1024
[  447.658615][   T29] audit: type=1326 audit(2000000104.922:37007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24090 comm="syz.4.6167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  447.682314][   T29] audit: type=1326 audit(2000000104.922:37008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24090 comm="syz.4.6167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  447.706161][   T29] audit: type=1326 audit(2000000104.922:37009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24090 comm="syz.4.6167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  447.729984][   T29] audit: type=1326 audit(2000000104.922:37010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24090 comm="syz.4.6167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  447.730897][T24091] EXT4-fs: Ignoring removed nobh option
[  447.753686][   T29] audit: type=1326 audit(2000000104.922:37011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24090 comm="syz.4.6167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  447.782791][   T29] audit: type=1326 audit(2000000104.922:37012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24090 comm="syz.4.6167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  447.806414][   T29] audit: type=1326 audit(2000000104.922:37013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24090 comm="syz.4.6167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  447.830084][   T29] audit: type=1326 audit(2000000104.922:37014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24090 comm="syz.4.6167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  447.853785][   T29] audit: type=1326 audit(2000000104.922:37015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24090 comm="syz.4.6167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee77449eb9 code=0x7ffc0000
[  447.856125][T24091] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  447.910441][T24091] EXT4-fs error (device loop4): ext4_lookup:1811: inode #12: comm syz.4.6167: iget: bad extended attribute block 768799145984
[  447.924799][T24091] EXT4-fs error (device loop4): ext4_lookup:1811: inode #12: comm syz.4.6167: iget: bad extended attribute block 768799145984
[  447.949848][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.990664][T24105] xt_CT: You must specify a L4 protocol and not use inversions on it
[  448.820399][T24119] loop1: detected capacity change from 0 to 1024
[  448.824912][T24121] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6179'.
[  448.828008][T24119] EXT4-fs: Ignoring removed oldalloc option
[  448.855555][T24124] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6180'.
[  448.855914][T24119] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  448.886349][T24119] EXT4-fs (loop1): shut down requested (0)
[  448.893727][T24119] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  448.904481][T24119] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  448.913456][T24119] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  448.924461][T24119] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  448.933525][T24119] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  448.942413][T24119] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=13
[  448.953653][T24119] validate_nla: 3 callbacks suppressed
[  448.953666][T24119] netlink: 'syz.1.6178': attribute type 3 has an invalid length.
[  448.970684][T16618] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  449.066460][T24139] xt_CT: You must specify a L4 protocol and not use inversions on it
[  449.856062][T24147] loop1: detected capacity change from 0 to 256
[  449.948090][T24151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6191'.
[  449.983940][T24153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6192'.
[  450.264754][T24045] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  450.279786][T24045] EXT4-fs (loop0): Remounting filesystem read-only
[  450.403126][T24184] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6205'.
[  450.452299][T24188] loop2: detected capacity change from 0 to 256
[  450.541247][T24190] loop2: detected capacity change from 0 to 256
[  450.554015][T24192] loop4: detected capacity change from 0 to 256
[  450.631296][T24202] netlink: 'syz.2.6214': attribute type 4 has an invalid length.
[  450.645219][T24202] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6214'.
[  450.708516][T24202] netlink: 'syz.2.6214': attribute type 17 has an invalid length.
[  450.731964][T24207] loop2: detected capacity change from 0 to 512
[  450.740053][T24207] tmpfs: Unknown parameter '1˸ äŽØV…'
[  450.771276][T24211] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6218'.
[  450.799392][T24213] loop2: detected capacity change from 0 to 1024
[  450.806065][T24213] EXT4-fs: Ignoring removed nobh option
[  450.816032][T24213] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  450.834196][T24213] EXT4-fs error (device loop2): ext4_lookup:1811: inode #12: comm syz.2.6219: iget: bad extended attribute block 768799145984
[  450.848075][T24213] EXT4-fs error (device loop2): ext4_lookup:1811: inode #12: comm syz.2.6219: iget: bad extended attribute block 768799145984
[  450.866967][T24204] loop4: detected capacity change from 0 to 512
[  450.873440][T24204] EXT4-fs: Ignoring removed orlov option
[  450.879947][T24204] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  450.889449][T24204] EXT4-fs (loop4): orphan cleanup on readonly fs
[  450.896648][T24204] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.6215: bg 0: block 248: padding at end of block bitmap is not set
[  450.911363][T24204] EXT4-fs error (device loop4): ext4_acquire_dquot:6848: comm syz.4.6215: Failed to acquire dquot type 1
[  450.912185][T16529] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  450.923986][T24204] EXT4-fs (loop4): 1 truncate cleaned up
[  450.938612][T24204] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  451.089925][T24223] loop1: detected capacity change from 0 to 256
[  451.260029][T24039] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  451.270982][T24039] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  451.281390][T24039] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  451.292559][T24039] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  451.307000][T16688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  451.343887][T24235] loop0: detected capacity change from 0 to 256
[  451.427032][T24237] loop0: detected capacity change from 0 to 512
[  451.436496][T24237] tmpfs: Unknown parameter '1˸ äŽØV…'
[  451.469886][T24241] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6229'.
[  451.479392][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  451.493614][T24243] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6231'.
[  451.551034][T24249] loop0: detected capacity change from 0 to 256
[  451.681230][T24258] loop4: detected capacity change from 0 to 1024
[  451.689265][T24258] EXT4-fs: Ignoring removed oldalloc option
[  451.720418][T24259] netlink: 'syz.0.6235': attribute type 1 has an invalid length.
[  451.731020][T24258] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  451.747601][T24258] netlink: 'syz.4.6237': attribute type 3 has an invalid length.
[  451.763870][T22596] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  451.832002][T24265] loop0: detected capacity change from 0 to 1024
[  451.846766][T24265] EXT4-fs: Ignoring removed i_version option
[  451.857005][T24265] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  451.961802][T24269] loop4: detected capacity change from 0 to 512
[  451.979607][T24269] tmpfs: Unknown parameter 'fsconäŽØV…'
[  452.017575][T24273] loop4: detected capacity change from 0 to 256
[  452.064646][T16688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  452.078388][T24275] loop2: detected capacity change from 0 to 1024
[  452.089031][T24275] EXT4-fs: Ignoring removed oldalloc option
[  452.111132][T24275] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  452.128179][T24282] loop0: detected capacity change from 0 to 256
[  452.134616][T24275] EXT4-fs (loop2): shut down requested (0)
[  452.147732][T24275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  452.165030][T24275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  452.173916][T24275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  452.182936][T24275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  452.192012][T24275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  452.207965][T24275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=13
[  452.249949][T24275] netlink: 'syz.2.6241': attribute type 3 has an invalid length.
[  452.258190][T24299] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6249'.
[  452.272410][T16529] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  452.299913][T24301] loop2: detected capacity change from 0 to 512
[  452.320321][T24301] tmpfs: Unknown parameter 'fsconäŽØV…'
[  452.377488][T24310] loop2: detected capacity change from 0 to 256
[  452.439089][T24314] loop0: detected capacity change from 0 to 1024
[  452.455804][T24314] EXT4-fs: dax option not supported
[  452.471494][T24310] ==================================================================
[  452.479593][T24310] BUG: KCSAN: data-race in page_cache_sync_ra / page_cache_sync_ra
[  452.487493][T24310] 
[  452.489802][T24310] write to 0xffff88810eff4678 of 8 bytes by task 24321 on cpu 0:
[  452.497504][T24310]  page_cache_sync_ra+0x41f/0x670
[  452.502527][T24310]  filemap_get_pages+0x252/0xfb0
[  452.507462][T24310]  filemap_splice_read+0x360/0x920
[  452.512570][T24310]  splice_direct_to_actor+0x26c/0x670
[  452.517944][T24310]  do_splice_direct+0xd7/0x150
[  452.522704][T24310]  do_sendfile+0x3ab/0x950
[  452.527112][T24310]  __x64_sys_sendfile64+0x110/0x150
[  452.532307][T24310]  x64_sys_call+0xed5/0x2d60
[  452.536895][T24310]  do_syscall_64+0xc9/0x1c0
[  452.541387][T24310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.547282][T24310] 
[  452.549592][T24310] write to 0xffff88810eff4678 of 8 bytes by task 24310 on cpu 1:
[  452.557294][T24310]  page_cache_sync_ra+0x41f/0x670
[  452.562312][T24310]  filemap_get_pages+0x252/0xfb0
[  452.567249][T24310]  filemap_splice_read+0x360/0x920
[  452.572358][T24310]  splice_direct_to_actor+0x26c/0x670
[  452.577729][T24310]  do_splice_direct+0xd7/0x150
[  452.582502][T24310]  do_sendfile+0x3ab/0x950
[  452.586909][T24310]  __x64_sys_sendfile64+0x110/0x150
[  452.592111][T24310]  x64_sys_call+0xed5/0x2d60
[  452.596694][T24310]  do_syscall_64+0xc9/0x1c0
[  452.601193][T24310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.607086][T24310] 
[  452.609394][T24310] value changed: 0x0000000000000007 -> 0x0000000000000008
[  452.616481][T24310] 
[  452.618786][T24310] Reported by Kernel Concurrency Sanitizer on:
[  452.624924][T24310] CPU: 1 UID: 0 PID: 24310 Comm: syz.2.6254 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
[  452.635676][T24310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  452.645718][T24310] ==================================================================
[  453.118437][T24029] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  453.129268][T24029] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  453.139973][T24029] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  453.152249][T24029] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0