last executing test programs:

3.499266014s ago: executing program 0 (id=3810):
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x301, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x1c, 0x2, 0x3, 0x201, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8}]}, 0x1c}}, 0x0)
r1 = socket$kcm(0x10, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000540)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
tkill(0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
syz_open_procfs$userns(r3, &(0x7f0000000140))
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f0000000080)={'batadv0\x00', 0x3})
write$selinux_access(0xffffffffffffffff, &(0x7f00000002c0)={'system_u:object_r:removable_device_t:s0', 0x20, 'unconfined', 0x20, 0xe1c7}, 0x48)

3.498665144s ago: executing program 0 (id=3811):
pipe(&(0x7f00000001c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x80010, 0xffffffffffffffff, 0xf4123000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_open_dev$usbfs(&(0x7f0000000180), 0x5de1, 0x24000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0xa, 0x3, 0x4)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000740)={{{@in=@multicast2, @in6=@local, 0x0, 0x0, 0x4e22, 0x6, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x32}, 0x0, @in6=@private1}}, 0xe8)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x1010, 0xffffffffffffffff, 0x0, '\x00', r5, 0xffffffffffffffff, 0x20000000}, 0x48)
bpf$MAP_GET_NEXT_KEY(0xf, &(0x7f0000000700)={r6, 0x0, 0x0}, 0x20)
connect$unix(r1, &(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="186b1c174a6c97e46035124b1a264f9664000000000000ffff0000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000956ba4315303d922fd7ec0063391c0caf5ee66b9a5bd19be4f0c645fc7e59f51782ba1fd390831f7cbe1d7ff4b558bb5894511f4b6c80ce7c4107df4c12b190e7c97480917099b888ba808d4b89624ab9fe86ed37ff88e8365c94a6c41a5f549aaf7f05087ca17a9948bbb59083ef352"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10)
r9 = socket(0xf, 0x5, 0xffffffff)
r10 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f0000000100)={0xa0179e1d})
mkdir(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10)
keyctl$setperm(0x5, 0x0, 0x0)
socket(0x0, 0x4, 0x8000)

3.498086314s ago: executing program 0 (id=3813):
capset(&(0x7f0000000080), &(0x7f0000000040))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000380)={'nat\x00', 0x0, 0x0, 0x0, [0xfffffffffffffff7, 0xffff, 0x0, 0xd9fa, 0x5, 0xe6]}, &(0x7f0000000400)=0x78)

3.484989755s ago: executing program 0 (id=3814):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791028000000000069003000000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r2 = socket(0xa, 0x2, 0x0)
getsockopt$nfc_llcp(r2, 0x11, 0xb, 0x0, 0x2000005b)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7f}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000280)={'ip6_vti0\x00', 0x0, 0x2f, 0x81, 0x1f, 0x0, 0x20, @dev, @loopback, 0x0, 0x10, 0x1, 0xe0}})
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x28}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000008c0)=@newqdisc={0x4c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}}, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
unlink(&(0x7f0000000000)='./file1\x00')
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r8}, 0x10)
r9 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
pwritev2(r9, &(0x7f0000000600)=[{&(0x7f0000000380)='`', 0x1}], 0x1, 0xac04, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=@newqdisc={0x24, 0x25, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
write$UHID_CREATE(r0, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x0}}, 0x120)

3.401822642s ago: executing program 0 (id=3818):
pipe(&(0x7f00000001c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x2c, 0x3, 0x0)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000100)={0xa0179e1d, 0x11})
mkdir(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
keyctl$setperm(0x5, 0x0, 0x0)
socket(0x0, 0x4, 0x8000)

2.298775732s ago: executing program 0 (id=3830):
r0 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000029000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r1, 0xa, 0x12)
ppoll(0x0, 0x0, 0x0, &(0x7f0000000080)={[0x8001a0ffffffff]}, 0x8)
dup2(r1, r2)
fcntl$setown(r2, 0x8, r0)
tkill(r0, 0x13)

2.031947644s ago: executing program 3 (id=3838):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000001c0)={0x8, 0x200}, 0x10)
r1 = socket$inet(0x2, 0x6, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000580)='pim6reg\x00', 0x10)
connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10)
writev(r1, &(0x7f0000000800)=[{&(0x7f00000001c0)="a4", 0x1}], 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="60000000020605e12cd8e35a19f746b17d000000dc050e7eca63b504269186aa4400000000000900020073797a32000000001400078005001400000000020800084000000000050005000a000000050001000600000011000300686173683a6e65742c6e657400000000"], 0x60}}, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendto$inet(r0, &(0x7f0000000080)='<', 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)

2.024944794s ago: executing program 3 (id=3840):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00100000000000120000d1850000000500000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000100))

1.990744338s ago: executing program 3 (id=3841):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
ioperm(0x0, 0x10e, 0x8000000000004)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0xc)
unshare(0x2c060000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000500), 0x1, 0x487, &(0x7f00000010c0)="$eJzs3M1vVFUbAPDn3n5A+Wrf9+VFQdAqGokfLS2oLNxoNHGhiYkucFnbgshADa2JECLVGFwaEvfGpYl/gTs3Rl0YE3dGE5eGhCgxAV2NuV8wHWZKgWkHmN8vucw5957pOc/ce+49cw93AuhZo9k/ScSmiPglIoaL7NICo8XL5Yunp/++eHo6iXr9tT+SvNyli6enq6LV+zZGxPokYk8akX6UlJUsNX/y1NGpWm32RJkfX6ifGZ8/eerJI8emDs8enj0+eeDA/n0Tzzw9+VRH4sziurTj/bmd219649wr0wfPvfndl1l7t+0qtjfG0SmjWeB/1nPN2x7pdGVdtrkhnfR3sSHckL6IyHbXQN7/h6Mvru684Xjxw642DlhV2bVpXfvNi3XgLpZEt1sAdEd1oc++/1bLGg09bgsXnouY/rmI/3K5FFv6Iy3LDKxi/aMRcXDxn8+yJVbpPgQAQKN8bPNEq/FfGtvy12JWZ0s5hzISEf+JiP9GxP8iYmtE/D8iL3tPRNxbvLk+vML6m6eGrh3/pOdvKcDryMZ/z5ZzW9WyWNRbVh8jfWVucx7/QHLoSG12b/mZ7ImBdVl+Ypk6vn7hp0+a1w2Vr43jv2zJ6q/GgqXz/U036GamFqY6NSi98EHEjv6l8RdbkiszAdkRsD0idtzYn95SJY489sXOdoVWEH97HZhnqn8e8Wix/xejKf5Kks9PHnunzfzk+Pqoze4dr46Ka33/49lX29V/S/F3QLb/Nyw9/ptKDP+VFPO1A1GrzZ6Yv/E6zv76cdvvNNePP215/A8mr+dz1j+8Vax7b2ph4cRExGDycp4fjIb1k1ffW+Wr8ln8e3a3Ov7T/BwX5f6/LyKyg3hXRNwfEQ+UbX8wIh6KiN3LxP/t8w+/ffPxr64s/plo3f9LI0njfP38yVPVZ3t1zfKJvqPffJW0qX9l+39/LObn2kJ+/ruOlbTr5o5mAAAAuPOkEbEpknTsSjpNx8aK/8O/NTaktbn5hccPzb17fKZ4RmAkBtLqTtdww/3QiWSx/ItFfrK8V1xt31feN/60byjPj03P1Wa6HDv0uo1t+n/m975utw5YdZ7Xgt7V3P/TLrUDWHuu/9C7WvT/oW60A1h7rv/Qu1r1/zNNeXMBcHe6tv//1uIn6yqDq90cYA0Z/0Pv0v+hd+n/0JOWPBJ/fPNKH5uX6PlEpLdFMzqbGFrxj1rc+Ynssr9MmW6fmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj3wAAAP//YyLvrA==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setresgid(0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)
socket$inet_sctp(0x2, 0x0, 0x84)

1.616090818s ago: executing program 3 (id=3846):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
accept4(r0, 0x0, &(0x7f0000000040), 0x80800)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
pipe(&(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x101082, 0x0)
write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r2, 0x0, r4, 0x0, 0x4ffe6, 0x0)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000002200)={r6}, &(0x7f0000002240)=0xc)

1.080699252s ago: executing program 4 (id=3858):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000240)={0x0, 0xd00, &(0x7f0000000100)={&(0x7f0000000f80)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r0, @ANYBLOB="010000000000000000000c000000a401038015000200070000005600050070e68f25ce0c924f2a8195afe1c770786adf6f083f0b66dfdbd403cacc428f32d42ea86e754b241d6785cc2edb9c0a270ec963a7a5f5cbc9e316cf560e6d83fb35aae47917175ae1ca22311a3eb4236403a6000004000100d40005001ddc22bea333cbca2de3c71f47a57bbbeec0b6ca1b412ff7f21ccf8b0afacf865b658e3841dc5fa1a2b4396dba58656ae0705ecc674e531fdcaa486d041b51771487420b154826c1dea20802e17f73edb41a275bcdc48fbfaffcab68ce1a6d05fcb5b2cc0d88b3607c9d562208c2af6a962396f238c2aceac9406d2a80889b1f2935be4b149ec3bb65adf0bad7aee90737087c40498241dbe3b07929ec2c33a262e98d4114152c50be2d2e8c736d3961ad843af71107ddcd9c6d7b1b5a8a97f27374d0d7a244ae1bf8b5c24f0a4af29816000400e74ec8efdbd43a13c66fff7b90fd52fafc7a000050000380200001800800010052a90000070002002a290000060002003a000000040003002c0001800a000200757365725f75000004000300080001000700000008000200252c2900080001000000000020000180140002006c6f000000000000000000000000000008000100", @ANYRES32=r2], 0x1d8}}, 0x0)

991.978969ms ago: executing program 4 (id=3860):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0xc0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xa7020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0xd}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
close(0xffffffffffffffff)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x2, 0x10100, 0x3}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x3})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000ff1000/0xd000)=nil, 0xd000, 0x3000007, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
set_mempolicy(0x0, 0x0, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r3], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x12, r5, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
r6 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r6, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e)
socket$pppoe(0x18, 0x1, 0x0)
r7 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r7, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'team_slave_1\x00'}}, 0x1e)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, 'veth1_to_batadv\x00'}}, 0x1e)

952.121622ms ago: executing program 2 (id=3862):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x3, 0x18, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040001f0ffffffb70200000800000018230000a43668528cfcdea56c32a2a11abc3ca5790e880c8dc19361320ec028eb8abccbac60f886d0639f5f9a8ff87cbacd0df5c9212a399d5e04446d5906f31dc825b07d614e048774afb912f1e95993193dd357b774a0e479dc7c7324400a1bd177037498b44f5bcff3f4a736be4e630046162fbc7afe88086eb528f0e0a262f94a889fb7c99e640cf2a4b6581234ebbca76d29b71b48db5942653c8a9e9259172d4a659a84ff801260271f03422f54f1432cc18635d043f407766791c8d778776b8583209a7e", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f0000000300)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r1, &(0x7f00000001c0)={&(0x7f0000000040), 0x10, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="0500"/14, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$rxrpc(0x21, 0x2, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

890.554917ms ago: executing program 2 (id=3863):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00100000000000120000d1850000000500000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000100))

867.4633ms ago: executing program 2 (id=3864):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000001840)='wg0\x00', 0x4)
bind$xdp(r1, &(0x7f0000001880), 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYBLOB="00000000010000001400030073797a5f74756e00000000000000000008000a00", @ANYRES32=r2], 0x3c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e6400000000040002800a000100ffffffffffbf0000"], 0x40}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB="0d00ff0000000000830000000000000045"], 0x0, 0x6}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0)
preadv(r4, &(0x7f0000000400)=[{&(0x7f0000000300)=""/113, 0x71}], 0x1, 0x401, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f1, &(0x7f0000000580)='\x1a\xca\x10\xea\x1a\x87\xe7\xebz\xbd\xb5B\x99\xf9\x96]\xe7\xb7N\n\xaa.y\xc2V\x04`\n\x00\x00\x00\x00\x02\b\x00\x00\x9d\xf2u\x94\xa2\x86(\xf9\xc1\x9c\x05W\x80\x17T\'\xcd\x8e\xe2\xaf$\xc4\xc0\x90\xf3~\x1dV\xc6\x12!\xc2\xf5I\t\xed;$\v\xdcz\xc7e\xa0](\t\xca\xadj\xa4\xd1>\xb8#\xe7`\xf0 \xe4P\xbe\f\x10B\xd2\xcd\xf1\x18\"\x11D\x8d\x93ME\xe6\as\x9d\x86\xde\xc2\r\xde*1\x89\t\xe3&\xf6W9]\xae\xfc\x04w\xc1g\xbc\xec\x15C\x8e\x83\x8a\xac\xde`\xc4\xfb\xb9K\x89\xf2\x90\xba+S1\xf2=L\xdez\xc0L\xb5\xd1|z\x192\xce\x1d\tr\x83g\xcbg\xef\x9b\x947H\xb6sT)\v\xe03\x189\xb8RKt\xe5W\t8\x0e\x10\x86\x8d\xac4\xb0\xe4\xb2^\xcf\x88%\xac\x96\x0e\xb9\xf7\x1e\xcc!\x13\xe6\t\xd3\x1b\x84\xee\x1d\xfew\xb0\x947\xcd!`r\x9aV\x1d\x89\x89\xe9\xfa\x1e\xc3\xacc7\x02\xa6\v\x9f\xc8H\x91m\xe7\x13\xa1t=j\xeck\x9a\xc8z&\x8a\x8c]&A\xc1Z:\xb9\xc8j\xdfs\xcc\xfc\x15\r!\xfd\xb2\xeb\x97f\xf5\xc2\x1d}5&\x85\xac\xfe\x9az\x15\xfd\xf9\xccH\xc1`\xd9n\xf3\b\x8b\x01\xd5\xbc\xe7\x9a\'76R9ag\x16\xfc\x83')
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000540)={r4, 0xffffffffffffffff, 0x33, 0x0, @val=@tcx={@prog_fd=r4}}, 0x40)
r6 = io_uring_setup(0x7bde, &(0x7f0000000080)={0x0, 0x3617})
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0x1a, 0x20000009, r7)

842.142502ms ago: executing program 1 (id=3865):
r0 = syz_usbip_server_init(0x2)
write$usbip_server(r0, &(0x7f0000000000)=@ret_submit={{0x3, 0x5, 0x0, 0x0, 0x3}, 0x2, 0x25, 0xfff, 0x312, 0x5, 0x0, "840a7772d34358f690d157a1a80df12023bdfb8c3a303879e11d74f6e3577ec5d61251de13", [{0x7f, 0x80000001, 0x5, 0xc}, {0x2, 0x6, 0x4, 0x31}, {0xc79, 0x1, 0x8000, 0xc9}, {0x6a, 0x908f, 0x2, 0x3}, {0xd0, 0x52, 0x401, 0x8}, {0xdc000, 0x5, 0x0, 0x1}, {0x7fffffff, 0x7, 0xd, 0x7fff}, {0x7ff0, 0x8, 0x8, 0xf}, {0x4, 0x7, 0x1}, {0x10, 0xffff, 0x81, 0x6}, {0x3, 0x8, 0xf4, 0x3}, {0x151, 0x9, 0x100, 0xa4dc}, {0x4d, 0x10, 0xfd, 0x4}, {0xffff, 0x12f2, 0x6, 0x2}, {0x6, 0x8, 0x9, 0x80}, {0x7, 0x2, 0xfff, 0x5}, {0x1ff, 0x10001, 0x9, 0xffffffff}, {0x80000001, 0x3ff, 0x3, 0x9e}, {0x0, 0x8, 0xa443}, {0x5, 0xffffb923, 0x3, 0x154}, {0x400, 0x263308c6, 0x81, 0x2}, {0x4, 0x1000, 0xd, 0xe}, {0x14000000, 0x732, 0x8, 0x32}, {0x12c4, 0x8000, 0x6, 0x1ff}, {0x800000, 0xe498, 0x262, 0xf7}, {0x8, 0x10001, 0x1, 0x5}, {0xffffffff, 0x4, 0x8, 0xfffffffe}, {0x2, 0x4, 0x1, 0x1}, {0x5, 0x80, 0xfffffffb, 0xe4}, {0x9, 0x8, 0x0, 0x1ad3}, {0xa39, 0xe, 0x2, 0x75}, {0x2, 0x3806, 0x101, 0x80}, {0x40, 0x9, 0x4, 0x3}, {0x92, 0x46e80195, 0x4, 0xfffffffb}, {0x6000, 0x40, 0x3, 0x7}, {0xfffffff9, 0x7, 0x8, 0x6}, {0x4, 0x9, 0x758, 0x6}, {0x96a7, 0xfffffffb, 0x2, 0x4}, {0x2, 0xb7, 0x3, 0x2}, {0x983, 0x13, 0x3, 0x2000}, {0xbf01, 0xe52, 0x9, 0x6cca}, {0x10, 0x7000000, 0x7, 0x5}, {0x735, 0xf79, 0x60c, 0x6}, {0x4, 0x8000000, 0x6, 0x2}, {0x7, 0x2, 0x2}, {0x4, 0x0, 0x4, 0x6}, {0xa6b, 0xc, 0xfffffeaa, 0xc}, {0xfffffff8, 0x0, 0x5, 0x631c}, {0x7fff, 0x7fffffff, 0x2, 0x91}, {0x1, 0xfff, 0x3, 0x3}, {0x1, 0x9, 0xbf, 0x10}, {0x1ff, 0x3, 0x3, 0x2}, {0xbd9, 0x4, 0x5}, {0x2, 0x9, 0x81, 0x8}, {0x8e, 0x16, 0x1, 0x3ff}, {0x4, 0x9, 0x4, 0x1}, {0x8, 0x6, 0x8, 0x7}, {0xfffffff8, 0x5, 0x4f5, 0x9}, {0x88, 0xf6, 0x10001, 0x3f}, {0xbc6, 0xf, 0x5, 0x8}, {0x8c3b, 0x7, 0x81, 0x401}, {0xa05, 0x4, 0x3, 0x200}, {0x7, 0x9, 0x8, 0x5}, {0x4, 0x595, 0xf, 0x2}, {0x8, 0x1, 0x8, 0x6}, {0x6, 0x6, 0x80000001, 0xfffffff7}, {0x7, 0x1000, 0x800, 0xbf81}, {0x8, 0x101, 0x7, 0xffff}, {0x80, 0xe, 0x3, 0x7}, {0x9, 0x7, 0x9, 0x8}, {0x16e, 0x4f, 0xfff, 0x3dd0bfda}, {0x7, 0x6, 0x8, 0xe6b8}, {0xd, 0xce, 0xfffffff2, 0x63f}, {0xff, 0x800, 0x9, 0x1}, {0x7, 0x0, 0x3, 0x221e}, {0x5, 0x0, 0x1000, 0x3}, {0x4, 0x3, 0x2}, {0x6cb9, 0x6, 0x9, 0xffffc2eb}, {0x8, 0x84, 0x1, 0x5fd}, {0x2, 0x769, 0x0, 0x2}, {0x8, 0x7f, 0xfffffff8, 0x4}, {0x7, 0x3, 0xfffffff9, 0x5}, {0x100, 0xfffffffa, 0x0, 0x3}, {0x4, 0x8, 0x27ab2165, 0xb71b}, {0xfffff472, 0x1, 0x100, 0x4000000}, {0x8, 0x8, 0x1}, {0x0, 0x3, 0x2, 0x2}, {0x4, 0x15d2, 0x8, 0x81}, {0xc0, 0x35b, 0xfffffff7, 0x3}, {0x2, 0x5, 0x774, 0x10001}, {0x3, 0x222e052b, 0x5, 0x7f2}, {0x6, 0xe2fe, 0x6, 0x4958}, {0x8000, 0x5, 0x6911ba94, 0x9}, {0x5, 0xc, 0x3, 0xc093}, {0x9b, 0x100, 0x400, 0x3}, {0x5, 0x7, 0x9, 0x1}, {0x841, 0x6, 0x6, 0x8}, {0xfffffffa, 0x5, 0x6, 0x101}, {0x52b, 0x9, 0x5, 0x799}, {0x1, 0x5, 0x0, 0xfffff000}, {0xfff, 0xab, 0x8, 0x95}, {0x8, 0x8b, 0x81, 0x4c74}, {0x9, 0xfffffffe, 0x5, 0x6}, {0x8, 0x7f, 0x80000, 0x7}, {0x2, 0x1, 0x9, 0x3}, {0x8, 0x5b, 0xe, 0x2}, {0x100, 0x4, 0x6000000, 0x749587bb}, {0x1, 0x8000, 0x7, 0x1}, {0x9, 0x8, 0x7d9, 0x1000}, {0x7, 0x80000001, 0xcb, 0x7fff}, {0x4, 0x8, 0x5, 0x5}, {0x3, 0x1, 0x4, 0xc00}, {0x2, 0x1, 0xffffdbd4, 0x81}, {0xfff, 0x400, 0xffff, 0x2}, {0x0, 0x3, 0x4}, {0x4, 0x800, 0x8a, 0x10000}, {0x2, 0x7fffffff, 0x1000, 0x4}, {0x5, 0x7f, 0x6ca802bd, 0xfffffff7}, {0x81, 0x24, 0x6f6fb3b6, 0x4}, {0x1, 0x80000001, 0x7a7, 0x4}, {0x2, 0x0, 0x7}, {0x2, 0x3, 0x7, 0x101}, {0x8, 0x5, 0x0, 0xa}, {0x437, 0xfff, 0x7ff, 0x5}, {0x8a, 0x0, 0xfff, 0xc0c9}, {0x2, 0x5, 0x3, 0xd59}, {0x2, 0x8, 0x4, 0x40}, {0x7fff, 0x5, 0x8, 0x400}, {0x8, 0x5, 0x7, 0x7}, {0x9, 0x80000001, 0x7ff, 0x2}, {0x6, 0x400, 0x2, 0x4}, {0x0, 0x6, 0xffffffff, 0x5}, {0xe, 0xc001, 0xfffffe0e, 0x40}, {0x7, 0x9, 0x7, 0xe}, {0x7, 0x6, 0xf, 0x4}, {0x3, 0x101, 0x3, 0xff}, {0x3ff, 0x7fdcf61f, 0x8c8b, 0x1}, {0x4, 0xc, 0x5, 0xfffffffe}, {0x8, 0xe32, 0x7, 0x3}, {0xfff, 0x970, 0x0, 0x10000}, {0x8, 0xc9c, 0x0, 0x8}, {0x100, 0x9, 0xdef, 0xfff}, {0x26, 0x1, 0xffff, 0x9}, {0x2, 0x10, 0x2dc, 0x4}, {0x1, 0x5, 0x3b40a4bb, 0x7}, {0x2, 0x2000, 0xffffffff, 0xf}, {0x9, 0xa, 0xc, 0x4}, {0x0, 0x7ff, 0x1, 0x60a0e214}, {0x2800000, 0x10001, 0x3, 0x4f2}, {0x7, 0x1, 0x7, 0x6}, {0x4, 0x3, 0x8, 0x61}, {0x1, 0x6, 0x9, 0x10}, {0x8, 0x5, 0x7fff, 0x8}, {0x0, 0x5, 0xbb, 0x6}, {0x6000, 0xff, 0x9, 0x1ff}, {0x9, 0x3, 0x3, 0x8}, {0x1, 0x5, 0x800}, {0xa5f39d3, 0xffffffff, 0x4, 0x200}, {0x4, 0x3ff, 0x8, 0x5}, {0x1, 0x8, 0x1, 0x3}, {0x0, 0x8, 0xd}, {0x7, 0x2, 0x1000, 0x8}, {0x3, 0x9, 0xf3, 0xf}, {0x8000, 0x6, 0x0, 0x10000}, {0x7f, 0x2cd, 0xfffffff8, 0x101}, {0x8, 0x101, 0x1, 0x5}, {0x2, 0x6, 0x10001, 0x1}, {0x2000, 0x10, 0x96c, 0xbe7}, {0x8001, 0x8, 0xfffff000}, {0x9, 0xf, 0x9, 0x9}, {0x100, 0xff, 0x1c9a, 0xca7b}, {0xffff, 0x7, 0x6bc, 0x5}, {0xffff7fff, 0x4, 0xa5, 0xffff}, {0x40, 0x19b, 0x1, 0x7f}, {0x401, 0xfffffe41, 0xfffffff7, 0xb}, {0x2, 0x96ea, 0x7ff, 0xe6}, {0x0, 0x100, 0x8}, {0x77, 0x2, 0x4, 0xad5d}, {0xd, 0x1e32, 0xd9a, 0x8001}, {0x0, 0x10, 0xe5, 0x8}, {0x4, 0x1, 0xcb74, 0x401}, {0xff, 0x4, 0x0, 0x68}, {0x25c, 0x3, 0x3, 0xfffffff6}, {0x4, 0x4, 0x5, 0x7}, {0x0, 0x9, 0x2, 0x1}, {0x5, 0x9, 0x0, 0xff}, {0x83, 0x6, 0xfffffff0, 0x8000}, {0xffffffff, 0x3, 0x4, 0x6}, {0x0, 0xff, 0x0, 0x1}, {0xfffffff7, 0x9, 0x5, 0x8001}, {0x2, 0xc4f9, 0x2, 0x4}, {0x46a6, 0x6, 0xfffffffa, 0x4}, {0x4c70, 0x6, 0x1, 0x8}, {0x76, 0xfffffffe, 0xff, 0x2}, {0x8, 0x65, 0x6, 0x1}, {0x2, 0xfffff817, 0x9, 0x5}, {0x73, 0x4, 0xe040, 0x3}, {0xdfa, 0x6, 0x7f, 0x8000}, {0x2, 0x1, 0x6, 0x9}, {0x9, 0x5, 0x80, 0x9}, {0x0, 0x8, 0x9, 0x400}, {0x0, 0x7, 0x1000, 0x1}, {0xfffffff8, 0x1, 0x240, 0x5}, {0xf8e, 0x543, 0xfffffffb, 0x4}, {0xc6e, 0x8, 0x6, 0x6}, {0x4e51, 0xc, 0x9, 0x7f}, {0xfffffff9, 0x5, 0xc7cb, 0x6}, {0xff, 0x10001, 0x81, 0xff}, {0x7f, 0x1, 0xe44e, 0x8}, {0x4, 0x3ff, 0x1, 0x9}, {0x5, 0xa, 0xd4, 0x4}, {0x200, 0xe8, 0x8, 0x5}, {0xffffffff, 0x3, 0x3, 0x41e}, {0x0, 0x0, 0x401, 0x5}, {0x3, 0x80000000, 0x6, 0xd}, {0xffffff0c, 0x1, 0x5, 0xffffffff}, {0x8001, 0x7fff, 0xffffffff, 0x40}, {0x0, 0x5, 0x8, 0x4e28}, {0x8, 0x101, 0xfffffffe, 0x7}, {0x9, 0x3, 0x7fffffff, 0x4}, {0x3, 0x5, 0x0, 0x8}, {0xb, 0x2, 0x8, 0x2}, {0x0, 0x5, 0x1000, 0x60}, {0x6, 0x7, 0x9, 0x1a}, {0xba6, 0xf, 0x9, 0x3ff}, {0x1ff, 0x8, 0x5, 0xfffffffb}, {0x800, 0x2761, 0xde21, 0xfffffffe}, {0x1, 0x3afd, 0x9, 0x1}, {0x3, 0xb, 0xfffffff0, 0x2}, {0x10, 0x3, 0x1c, 0x80}, {0x10, 0x7fffffff, 0x4, 0x10001}, {0x0, 0xb90, 0x2, 0x5}, {0x7, 0x0, 0x6}, {0xe4b, 0x5c82, 0x8000, 0x1}, {0xa, 0xc0, 0x5, 0xad}, {0x7fff, 0x9, 0x7, 0x7}, {0x5, 0xb4, 0xc, 0x9}, {0x2, 0x6, 0x2}, {0xc730, 0x7f, 0xd, 0x6}, {0x5, 0xfffffffc, 0x4, 0x70a}, {0x80000001, 0x1, 0x2, 0x1ff}, {0xaf6d, 0x7, 0x5, 0x8}, {0xe, 0x3, 0xfffffffc, 0x10001}, {0x5d8b, 0xffff, 0x6, 0x1}, {0x9, 0xfb, 0x5, 0x10}, {0x1, 0x2, 0x3, 0x8}, {0x2, 0x80, 0x8, 0x8c}, {0xf58, 0x8, 0xe7, 0xff}, {0x4, 0x2, 0x80, 0x80000000}, {0x1, 0xffffa1ec, 0x234, 0x9}, {0x4, 0x8, 0x2, 0x4}, {0x4, 0x1, 0x2, 0x3}, {0x4, 0xe, 0x3, 0x3f1}, {0xfffff001, 0x23, 0x3, 0x83}, {0x4, 0xd0f, 0x1, 0x3}, {0x80000000, 0xc53f, 0x1000, 0xffffffd2}, {0xffffffff, 0x9, 0xbd, 0x4022cc0}, {0x80000000, 0x81, 0x0, 0x2}, {0x10000, 0x18, 0x1, 0x7fffffff}, {0x3, 0xfffffff7, 0x332, 0x9}, {0x9, 0x949, 0x6, 0x5}, {0x83, 0x8, 0x86e, 0x1}, {0x6, 0x80, 0x9, 0x3}, {0x98e1, 0x4, 0x6fa29afc, 0x4}, {0x7, 0x2, 0x0, 0x8}, {0x3, 0x5, 0xef5, 0x2}, {0x0, 0x6, 0x10000, 0x4}, {0x7, 0x1, 0x6, 0x8}, {0x6, 0x3a, 0x80}, {0x8e6, 0x7, 0x1, 0x3f4}, {0xfffffffa, 0x7, 0xffffffff, 0x6}, {0xa570, 0x54, 0x4, 0x1}, {0x6, 0x9, 0x8000, 0xff}, {0x3, 0x8f5f, 0x200}, {0x3, 0xfffffffc, 0x6, 0x3}, {0x1b11c0, 0x80000001, 0xffffffff, 0x8}, {0x76, 0x3, 0xbfb, 0x8}, {0x1, 0xca, 0xf, 0x7}, {0x80000000, 0xb, 0xff, 0x3}, {0x1, 0x401, 0x1, 0x29d}, {0x40a, 0x5, 0x2, 0x3}, {0x9, 0x8001, 0x2, 0x8}, {0x87f0, 0x5, 0x1, 0x7ff}, {0x1459, 0x9, 0x101, 0x5}, {0x8, 0x9, 0x5, 0x8}, {0x30, 0xffffffff, 0x4, 0x2}, {0x2, 0xd2d6, 0xd0, 0x5}, {0x2, 0x5, 0x7909a6be, 0xffff1a65}, {0x8, 0x9, 0xf, 0x6}, {0x8, 0xdebd, 0x3, 0xfffffffb}, {0x5, 0x5, 0xfffffe00, 0x49}, {0x2459, 0x10001, 0x9}, {0x0, 0x7, 0x2, 0x900d}, {0x8000, 0x1, 0x81, 0x1}, {0x9, 0xffffff9b, 0x97, 0x8}, {0x0, 0x3ff, 0x42, 0x8001}, {0x800, 0x2, 0x8, 0x3}, {0xffffd81a, 0x1}, {0x8e, 0xfffffffd, 0xfffffff9, 0x7}, {0x9, 0x2, 0xe99}, {0x8, 0x7ff, 0x8d, 0x4}, {0x8, 0x7, 0xfffffffc}, {0x8001, 0x10001, 0xfffffffe, 0x3}, {0x5209, 0x1263, 0xff, 0x3}, {0xffff, 0x6, 0x3, 0x1}, {0x7, 0xfffffff5, 0x0, 0xca}, {0xffff0841, 0x400, 0x5, 0xc}, {0x2, 0x8, 0x0, 0x9}, {0x9, 0x2, 0x7, 0xfffffffb}, {0x0, 0x8, 0xffffffff, 0x9b}, {0x3, 0x3, 0x9, 0x7}, {0x9, 0x0, 0x1, 0x1}, {0x8, 0x7, 0x80, 0x7ff}, {0x8, 0x5, 0x5c, 0x2}, {0x8000000, 0x0, 0x8, 0x5}, {0x3, 0x10000, 0x9684, 0x7}, {0xa66, 0x8001, 0x6, 0x64caef3f}, {0x4, 0x34, 0x9, 0x5}, {0x6, 0xfffffff1, 0x6a, 0x10}, {0x4, 0x1, 0x10, 0x1ff}, {0x8, 0xf4ec, 0x5, 0x3}, {0x76e, 0xfff, 0x2, 0x9}, {0x2, 0xc, 0x93, 0x8}, {0x7fffffff, 0x100, 0x1000}, {0x262f7d4f, 0x80000001, 0xaf0, 0x6}, {0x7, 0x8, 0x5, 0xfffffff9}, {0x5, 0x1, 0x9, 0x9}, {0xc7, 0x0, 0xb, 0xfd}, {0x2, 0x10000, 0x380, 0x6}, {0x1, 0x9, 0x8001, 0x400}, {0x70, 0x3, 0x8, 0x5}, {0x3, 0x8, 0x5e77, 0x1}, {0x5, 0x1, 0x6, 0x2}, {0xffffffff, 0x0, 0x10, 0x5}, {0x4, 0x1, 0x7f, 0x5}, {0x800, 0x287e, 0x3, 0x6}, {0x9, 0x5, 0x8, 0x5}, {0x8, 0x401, 0x8001, 0x8}, {0x4, 0x9, 0x4, 0xf}, {0x0, 0x10, 0x71, 0xe}, {0x95, 0x7, 0x1, 0x6}, {0x1ff, 0x2, 0x6, 0x6043}, {0x4, 0x7, 0x5, 0xbb}, {0x7f, 0xa, 0x7, 0x2}, {0x730, 0x9, 0x4, 0x3f}, {0x1ff, 0x0, 0xfff, 0x9}, {0x8001, 0x200, 0x10, 0x4}, {0x0, 0x8, 0x0, 0x96c}, {0xb028, 0x7, 0x3, 0xad25}, {0x7, 0xa, 0x3, 0x5}, {0x7, 0x9, 0x3, 0x5}, {0x5, 0x0, 0xc, 0x4}, {0x7f, 0x4, 0x3fb8, 0xe}, {0x7, 0x0, 0x9, 0x6}, {0xa4bd, 0x10000, 0xfffff415, 0xafe}, {0xd5e5, 0x8, 0xffff8000, 0x6}, {0x7, 0x60f8, 0xd, 0xfa}, {0x0, 0x4, 0x1ff, 0x2}, {0x2, 0x9b, 0x2, 0x9}, {0x7, 0x7, 0x0, 0x1}, {0x6, 0x400, 0x7, 0x4}, {0x0, 0x8, 0x10000, 0x1}, {0xfffffff8, 0x6, 0xfffffffa, 0x8}, {0xd0ba, 0x4, 0xc72b, 0x6}, {0x2, 0xfffffbff, 0x10, 0x8}, {0xff, 0x1, 0x9, 0x7}, {0x6, 0x7ff, 0x1, 0x6}, {0x7, 0x1, 0x4, 0xc}, {0x2, 0xc, 0x6, 0x7}, {0x3, 0xaa50, 0x7, 0x9}, {0xffffff67, 0x0, 0x5, 0x6}, {0x1, 0x5, 0x2c4, 0x9}, {0x6, 0x3, 0xdb53, 0x7fff}, {0x8, 0x6, 0x2, 0x11d}, {0x7, 0x9, 0x3df8, 0x100}, {0x20, 0x8, 0x457e0d65, 0x2}, {0x2, 0xb, 0x2, 0xffff322c}, {0xfff, 0x5, 0xf2, 0x3a}, {0x6, 0x2, 0x7fffffff, 0xce4}, {0x1, 0x4, 0x81, 0x2}, {0x5, 0xfffffffc, 0xf066, 0x4}, {0x80, 0x9, 0x100, 0x1}, {0x5, 0x5, 0x6, 0x65}, {0x10001, 0x4, 0x7fff, 0x6}, {0x74, 0xcad6, 0x8, 0x100}, {0x8, 0x3, 0x8, 0x1}, {0x3bc, 0x7, 0x3, 0x10000}, {0xc45, 0x1, 0x9, 0x8}, {0x2, 0x3, 0x9, 0x4}, {0x3, 0x8, 0xf, 0x1}, {0x4, 0x0, 0x4, 0x80}, {0x8, 0x1000, 0x4, 0x3ff}, {0xfffffff8, 0xfffffff8, 0xffffffff, 0x3}, {0x80, 0x1, 0x6}, {0x1b0f, 0x3, 0x7, 0x2}, {0x401, 0xfffffffc, 0x9, 0x3}, {0x3ff, 0x6, 0x5, 0x1}, {0x8001, 0x5, 0x100, 0x6}, {0x4, 0xf767, 0x8, 0x8}, {0x6, 0x4, 0x8, 0x80000000}, {0x3, 0x6, 0x5, 0xf972}, {0x9, 0x0, 0x10001, 0x8}, {0x4, 0x81, 0x3, 0xc}, {0x0, 0x9, 0x4, 0x9}, {0x5, 0x40800000, 0x400}, {0x0, 0xfffffffe, 0x1, 0xffff}, {0xa, 0x7fff, 0x0, 0x9}, {0x80, 0x81, 0x7, 0x9}, {0x9d32, 0x4, 0x4, 0x80000000}, {0x8, 0xd, 0x400, 0x8f03}, {0x223, 0x8, 0x29d0, 0x1200000}, {0x40, 0x200, 0x81e6, 0x7fff}, {0x8000, 0x6, 0x8, 0xc3}, {0x3, 0x80, 0x6}, {0x6, 0x0, 0x418d2a0d, 0x8}, {0xc, 0x0, 0xc136030, 0x4}, {0x4, 0x3, 0x10001, 0x80000000}, {0x1, 0x10001, 0x2, 0x400}, {0xffffffff, 0x597, 0x2d88, 0x7}, {0x4, 0x1000, 0x5, 0x8}, {0x4, 0xf, 0xfd6, 0xffffff81}, {0x400, 0x8, 0x7f, 0x3}, {0x3, 0xc000, 0xa, 0x5}, {0x2edb, 0x7, 0x8, 0x8}, {0x6, 0x8001, 0x3, 0x3}, {0xffff, 0x9, 0x80000000, 0x4}, {0xb7, 0x6, 0x180, 0xe}, {0x5, 0xb5, 0x1, 0x9}, {0x69, 0x6, 0x40a, 0xffff8000}, {0x1, 0x71f928bc, 0x7, 0x7}, {0xfffffff9, 0x3, 0x5, 0x5}, {0x8b, 0x10001, 0x6, 0x2}, {0x1000, 0xa0, 0x8, 0x7fff}, {0x300, 0x800, 0x8, 0x4}, {0x1, 0x9, 0x0, 0xf2}, {0x4000000, 0xffffffff, 0x7fffffff, 0x4}, {0x1, 0x49d7, 0x0, 0x200}, {0x2, 0x80000001, 0xc2, 0x9a}, {0x5, 0x1, 0x401, 0x3}, {0x8, 0x1, 0x0, 0x4}, {0xf5, 0xf, 0x4, 0x5d}, {0xed, 0x4, 0x9, 0x2}, {0xa, 0x10001, 0x7, 0xae36}, {0x6, 0x9, 0x0, 0x2}, {0x9, 0x9, 0x9, 0x80000001}, {0x8, 0xcfe32fd, 0xfffffffd, 0x7}, {0x200, 0x20000000, 0x5}, {0x6, 0x7fffffff, 0x7ff, 0x2}, {0x7, 0x10001, 0x8, 0x7}, {0x80000000, 0x5, 0xe52, 0xb}, {0x2, 0x40}, {0x1, 0x3ff, 0x10000, 0x5}, {0x7f, 0x5, 0x8, 0x7}, {0x2, 0x8, 0xf8000000, 0x1}, {0x6, 0x2, 0x5, 0xc96a}, {0x5, 0x0, 0x6, 0xe}, {0x8000, 0x6, 0x3d4, 0x5}, {0x56, 0x3, 0x4, 0x1}, {0x3, 0x81, 0x6, 0x9}, {0x285e, 0x7, 0x8, 0x9}, {0x3, 0xfffffffa, 0x7, 0x2e1}, {0x5, 0x4, 0xd, 0x4}, {0x4, 0x6, 0x9c6, 0x9}, {0x8, 0x1, 0xb, 0x6}, {0x80, 0x0, 0x0, 0x7c}, {0xe, 0x101, 0xb, 0x2}, {0x3, 0x3, 0x656, 0x10}, {0x0, 0x4, 0x1, 0x9}, {0xe508, 0xffffffff, 0x2, 0x81}, {0x3, 0x56eb, 0x4, 0x3}, {0x401, 0x401, 0x4, 0x9}, {0x1ff, 0x1, 0xff94, 0x8001}, {0x8, 0x1, 0x9, 0x3ff}, {0x1e, 0xc, 0x4, 0x6d0b}, {0x101, 0x800, 0x8, 0x8001}, {0x4, 0x9071, 0xb, 0x7fffffff}, {0x4, 0x4, 0x7fff}, {0x684, 0x7, 0x9, 0x3}, {0xc, 0x5, 0x5, 0x3}, {0x3, 0x80000001, 0x200, 0x3a2}, {0x5, 0x6e629750, 0x5, 0x4c}, {0x53bc8622, 0x4000, 0x3}, {0x4, 0x4, 0x0, 0x9}, {0x8, 0x10001, 0x8, 0x98c}, {0x3, 0x7, 0x8, 0x4}, {0x3, 0x26c0, 0x48d, 0x2}, {0x1, 0x5a2, 0x80, 0x8}, {0x9, 0x7ff, 0x4, 0x84e}, {0x8, 0xa, 0x2, 0x1}, {0x80, 0x3ff, 0xf8c8, 0x8}, {0x3, 0x4, 0x0, 0x3}, {0x1, 0x7, 0x1, 0xffffffc2}, {0x3, 0xb, 0x6, 0x14}, {0x6, 0x3, 0x1, 0x2}, {0x7f, 0x8001, 0x1, 0x3}, {0xfffffffb, 0x0, 0x1b0, 0x1d}, {0x0, 0x2, 0xa8, 0x10000}, {0x4, 0x8, 0x5795d00b, 0x5}, {0x5, 0x1, 0x101, 0x7}, {0xfff, 0x7, 0x62a1, 0x2}, {0xb59b, 0x7, 0x2, 0x6}, {0x1, 0x3ff, 0xb, 0x80000001}, {0x9, 0x8001, 0xff32, 0x5}, {0x921, 0x7, 0x9, 0xd2f}, {0x7ff, 0x2e7, 0x4, 0x6}, {0x7fff, 0x3, 0xd, 0x287}, {0x9, 0x2, 0xf280, 0x3}, {0xa120, 0x2, 0xffff, 0x7fffffff}, {0x9, 0x10001, 0xffff, 0xfd5c}, {0x6, 0x8000, 0x10, 0x4}, {0xcdbe, 0x4, 0xc70, 0x5}, {0x7f, 0x6, 0x4, 0x1}, {0x6, 0x0, 0x2, 0x8000000}, {0x160, 0x200, 0x80000001, 0x80}, {0x8001, 0x478, 0xb, 0xffffb226}, {0x4, 0xef1, 0x7, 0xe}, {0x9, 0x6, 0x4, 0x2}, {0x2, 0xffffffff, 0x0, 0x4}, {0x200, 0xfffffffa, 0x10000, 0x11}, {0xffffff80, 0x0, 0x10001, 0xf}, {0x0, 0x8, 0x118983e1, 0xb1d7}, {0xf0e0, 0x9, 0x80000001, 0x3}, {0x6, 0x9, 0x8, 0xfffffffa}, {0x240000, 0xbf, 0x97, 0x2}, {0x7fff, 0x7, 0x401, 0x1}, {0x8, 0x3, 0x7, 0x2000000}, {0x10001, 0x1, 0x4, 0x7}, {0x7ff, 0x8, 0xffffffff, 0x2}, {0x7, 0x0, 0x7, 0x40}, {0x5, 0x7, 0x0, 0xd01}, {0x46, 0x8229, 0x1, 0x5}, {0x1, 0x1, 0xc492, 0x6e8}, {0xf, 0x7, 0x7, 0x8b9}, {0x6, 0x9, 0x57, 0x3ff}, {0xd, 0x7d, 0x1, 0xe514}, {0x0, 0x9, 0x1, 0xfff}, {0x4a7, 0xea3, 0x8, 0x5}, {0xff, 0x101, 0x4, 0x4}, {0x1, 0x2, 0x1, 0xf}, {0x2, 0xff, 0xf7, 0x7}, {0x5, 0xd, 0x101, 0xe}, {0x4, 0x0, 0x5, 0x3}, {0x100, 0x8001, 0x6, 0xdc}, {0x6, 0x9, 0x2, 0x9}, {0x7, 0x827, 0x9, 0x5}, {0x85, 0x40, 0x2, 0x8}, {0x59c2, 0x0, 0x3, 0x10}, {0x8, 0x7, 0x1, 0xa00000}, {0x1000, 0x5, 0x306, 0x1}, {0x2, 0xffffffff, 0xffffffff, 0x3}, {0x7fffffff, 0xd2, 0x2, 0x7fffffff}, {0x2, 0xb, 0xffffffff, 0x6}, {0x400, 0xf5, 0x362, 0x3}, {0x1, 0x2, 0x4, 0x80000000}, {0xe845, 0x5, 0x1000, 0x7}, {0x0, 0x4, 0x0, 0x7b02}, {0x754, 0x9, 0x6fa, 0xff}, {0x9, 0xd79a, 0x7, 0xa9}, {0xc210, 0x2, 0x2, 0x5}, {0x7, 0xdaa9, 0xc, 0x401}, {0x1, 0xf, 0x8, 0x1}, {0x1, 0x0, 0x400, 0xbc64}, {0x3, 0x4fe, 0x0, 0x7fffffff}, {0xf0000000, 0x976, 0x9547}, {0x7, 0x4, 0x2, 0x52}, {0x1, 0x1, 0x4a8, 0x1}, {0x2b, 0x28000, 0xbc9}, {0x19a8, 0x400, 0x0, 0xfffffffa}, {0x3, 0x6, 0x6}, {0x4, 0x5, 0x81, 0xa10}, {0x10000, 0x1, 0x744, 0xd08}, {0x2, 0x3, 0x6, 0x1}, {0x9, 0x6, 0x8e9b6b88, 0x80}, {0xffffffff, 0x6, 0x3, 0xe}, {0x9, 0x3, 0x2, 0x9}, {0x7, 0x8c27, 0x4, 0xfffffff0}, {0x8b83, 0x62, 0x800, 0x8}, {0x10001, 0x9, 0x100, 0x1}, {0xfffffffa, 0x1801, 0xffff, 0x4}, {0x1b86, 0x0, 0xe4, 0x437b}, {0xd, 0x9, 0x2, 0x3}, {0x36b, 0x5, 0x100, 0x6}, {0x58, 0x20000000, 0x60000000, 0x2}, {0xffff8000, 0xa, 0x9, 0x4}, {0x5b, 0x4, 0x6249, 0x80000001}, {0x3, 0x200}, {0xe27, 0x5, 0x6, 0x5}, {0x2, 0x9, 0x0, 0x1}, {0x1000, 0x7fffffff, 0xd, 0x10000}, {0x8344, 0xe0bd, 0x0, 0x1}, {0x652e69ae, 0x9c, 0x6c, 0xa59}, {0x4, 0x2, 0x4, 0x401}, {0x588ab32, 0x1, 0x8, 0x5}, {0x334f1c02, 0xfffff37d, 0x0, 0x5}, {0x7ff, 0xfffffffe, 0x8, 0x7}, {0xeb1, 0x7, 0x2, 0x9}, {0x3, 0xc, 0xffffffaa, 0xff800000}, {0x1, 0x9, 0xc, 0x6}, {0x8, 0x40, 0xb43, 0x8}, {0x5, 0x6, 0x8, 0x2}, {0x6, 0x1, 0x7, 0xa17}, {0x1000, 0x5c6, 0x5, 0x8}, {0x80000001, 0x7, 0x9, 0x4}, {0x3, 0x0, 0x3, 0x3}, {0x2, 0xaed, 0x8, 0x400}, {0x76e5, 0x5, 0x0, 0x8}, {0xdac, 0x23, 0x2, 0x1ff}, {0xffffff27, 0xbdd, 0x8, 0x7fff}, {0x4, 0x9971, 0xffff, 0x8000}, {0x8, 0x0, 0xed, 0x3}, {0x9, 0x6, 0x2, 0xb4}, {0x3, 0xfffffffc, 0x5, 0x8}, {0xf1b, 0x80000001, 0x6, 0x80}, {0x8f, 0x3, 0x1, 0x10}, {0x4, 0x7, 0x7}, {0x3, 0x8, 0x2, 0x4}, {0x2, 0x2, 0x8, 0x9}, {0x7, 0xfffffff9, 0x6, 0x7}, {0x9, 0x1, 0xcb, 0xa}, {0xf, 0x80f4, 0x800, 0x2}, {0x5, 0x2, 0x2}, {0x7, 0xf, 0x7, 0x1}, {0x5, 0x4f, 0xfffffff8, 0xf}, {0x7, 0xc0, 0x243f, 0xfffffff8}, {0x101, 0x0, 0x6, 0x2}, {0x7ff, 0x0, 0x7, 0x7}, {0x8, 0xfffffff8, 0x1, 0x400000}, {0x8, 0x8, 0x9, 0x800}, {0xf0, 0x8000, 0x3, 0x80}, {0x9, 0x100, 0x5, 0x8}, {0x4, 0x101, 0x2, 0x4}, {0x2, 0x81, 0x800, 0x8}, {0x1, 0xffffffff, 0x2, 0x9}, {0xfffffff7, 0x4, 0xff, 0x2}, {0x6, 0x73, 0x13c00000, 0xd}, {0x3, 0xe, 0x8, 0x5}, {0x8, 0x26658cdb, 0x3ff, 0x9}, {0x7fffffff, 0x5, 0x6079aeeb, 0xfffffffb}, {0xfffeffff, 0x2, 0xfff, 0xfffffffd}, {0xd, 0x4, 0x1, 0x1}, {0x8, 0x9, 0x5, 0x3}, {0x8, 0x80, 0x8, 0x88}, {0x2b61, 0x4, 0x5, 0x219}, {0x4c025666, 0x2, 0x5, 0x8}, {0x8, 0x6db10e16, 0x8001, 0x100}, {0x4, 0xffffffff, 0x7, 0xffff}, {0x958, 0xff, 0x2, 0x9}, {0x2, 0x9, 0x0, 0xfffff539}, {0x4, 0x1, 0x5, 0x2}, {0x9, 0x401, 0x44, 0x6}, {0x0, 0x2, 0x66bf, 0x9}, {0x8, 0x3cf6, 0x8000}, {0x8d, 0x5, 0x8, 0x3}, {0x3, 0x4, 0x3ff, 0x9}, {0x401, 0x3, 0x6a, 0x6f82}, {0x0, 0xfffffff8, 0x6, 0x8}, {0x2, 0xd, 0x7, 0x4}, {0x9, 0x2, 0x7, 0x6}, {0x2, 0xfffffffe, 0x0, 0x9c}, {0x1e, 0x401, 0x327cdc65, 0xd}, {0x4, 0x1, 0x1, 0x4}, {0xd25, 0x9, 0xfffffff7}, {0x2, 0x4, 0x9, 0x36}, {0x1, 0x5c, 0x0, 0x6}, {0x6, 0x7d, 0x7b, 0x3}, {0xc38d, 0xffffffff, 0x1, 0x1}, {0xb7, 0x6, 0x10, 0xff}, {0x80000000, 0x6, 0x7}, {0x8000, 0x7, 0x4834b2b6, 0x9}, {0x8, 0xf55d, 0x9, 0x400}, {0x6, 0x6, 0x0, 0x5}, {0x81, 0x14, 0xc000, 0x1}, {0x1, 0xfff, 0x1, 0x4}, {0x9, 0x9d7, 0xabe8, 0x1ca77fd8}, {0x2, 0x2, 0x4, 0x44c}, {0x9, 0x3, 0x2, 0x8}, {0x7e0, 0x8, 0x5, 0xffff}, {0x6, 0x4, 0xc47c, 0x6}, {0x5, 0x80000001, 0xd179, 0x7}, {0x4, 0x9, 0x4, 0xfd}, {0x7, 0x5, 0xfffffe01, 0xc}, {0xfff, 0xfffffff8, 0x3, 0x8}, {0x80000001, 0x7, 0x7, 0x80}, {0xcb, 0x80000000, 0x4, 0x9}, {0x6, 0x80000000, 0x910a, 0x9}, {0x6, 0xffff8001, 0x1, 0x5}, {0x35ff258a, 0x81, 0x5, 0x9}, {0x1, 0x8, 0x9, 0x3}, {0x80000001, 0x2, 0x5, 0x401}, {0x20000000, 0x0, 0x6, 0x7fff}, {0x400, 0x1, 0x6, 0x2}, {0x9, 0x1000, 0x3, 0x2ea7c53c}, {0x3, 0x79a, 0x40, 0x9}, {0x1, 0x4a, 0xe, 0x400}, {0x0, 0x9, 0x7, 0x8}, {0x9, 0x80, 0x4, 0x5}, {0x1, 0x8, 0x8, 0x57}, {0x1, 0x8, 0xfff, 0x9}, {0xd, 0x200, 0x1, 0x200}, {0xe5, 0x0, 0x0, 0x3}, {0x5, 0x80000000, 0x5, 0xfff}, {0xc, 0xf6b4, 0x40, 0x673}, {0x6, 0xd302, 0xc, 0x4}, {0x8000000, 0x7, 0x2, 0x4}, {0x0, 0x100, 0x0, 0x2d}, {0x1, 0x8d, 0x1, 0x8}, {0x2, 0x1ff}, {0x1, 0x0, 0x3, 0xfffff3b5}, {0x1, 0x5, 0xcec9e76d, 0x48}, {0x4, 0x7ff, 0xffffffff, 0x401}, {0x0, 0x0, 0xe0, 0x8}, {0x7, 0x7ff, 0x7, 0x7ff}, {0x8, 0xe, 0x1000, 0x7}, {0x6, 0xea, 0x2, 0x9}, {0x8000, 0x5, 0x2, 0x2}, {0x80, 0x383f, 0x9aa9, 0x3ff}, {0x3367, 0x1, 0x8, 0x4}, {0x2, 0x9fd, 0x1fa11051, 0x6}, {0x1617, 0x5, 0x3, 0x2}, {0x3, 0x800, 0x1ff, 0x678}, {0xe3, 0x0, 0x2, 0x9}, {0x1ff, 0x101, 0x6, 0x80}, {0x8, 0x80000000, 0xf0f, 0x6da4}, {0xa, 0xf4, 0x10001, 0x6}, {0xf5, 0x627c, 0x5}, {0x1a3, 0x1, 0x3, 0xfffffff9}, {0x5, 0x4, 0x7ff, 0x92}, {0x7ff, 0x4e0, 0x4, 0x3}, {0x3, 0x3, 0x6, 0x101}, {0x2, 0xffff0000, 0xffffffff, 0x200}, {0x6acf, 0x8, 0xfffffff5, 0xff}, {0x9, 0x3, 0x8, 0x5}, {0x0, 0x8, 0x0, 0x1}, {0x7f, 0x3d, 0x5, 0x7}, {0x92c, 0x2, 0xcaed, 0x5}, {0xcb, 0x5, 0xfffff000, 0x8}, {0x4, 0xffffffff, 0x9, 0x78}, {0xc, 0xfffffffe, 0x1, 0x8}, {0xe, 0x6, 0x5, 0x80}, {0x4, 0x7, 0x4, 0x7ff}, {0x3000000, 0x3, 0xbf}, {0x9, 0x80000001, 0x5, 0x3ff}, {0x7, 0x7, 0x0, 0x1ff}, {0x8, 0x8, 0x1000}, {0x4, 0x1404, 0x1e, 0x9}, {0xa7, 0x8001, 0x10001, 0xffffffb6}, {0x8000, 0xfffffff9, 0x1000, 0xfce8}, {0x40, 0x7, 0x3, 0x2}, {0x401, 0x6, 0x0, 0x7}, {0x7, 0xe9a3, 0x1, 0x9}, {0x11, 0x2, 0x2, 0x7fffffff}, {0x6, 0xa, 0x7}, {0x9, 0x1, 0x0, 0xfffffe01}, {0x0, 0x80000000, 0xba8, 0xfffffc00}, {0x2, 0x401, 0x5, 0x2}, {0x7a0a0000, 0x5, 0x7}, {0x2, 0xb, 0x1, 0x7}, {0x6, 0x5, 0x0, 0x9}, {0x7, 0x10001, 0x1, 0x80}, {0x6, 0xde6c, 0xc397, 0x1}, {0x1ff, 0x6120, 0xfff, 0x8}, {0x4, 0x1, 0xfff, 0x7}, {0x8, 0x8, 0x4, 0x6}, {0x4, 0x3ff, 0xd477, 0x1}, {0xffffffff, 0x0, 0x4, 0x401}, {0x1, 0x8, 0xffff00, 0x7ff}, {0x2b, 0x400, 0x7, 0x80}, {0xc87, 0xbe7, 0x8}, {0x0, 0x2, 0x5, 0x9c}, {0x0, 0x2, 0x65, 0x4}, {0x81, 0x54, 0x2, 0x7}, {0x200, 0x38, 0x7, 0x2856}, {0xf6, 0x9, 0xfff, 0x5}, {0x8, 0x400, 0x9}, {0xda04, 0x40, 0x5, 0x5}, {0x80000000, 0x1, 0xbf1, 0x4}, {0x401, 0x7, 0xff, 0x1}, {0x3, 0x4, 0x9, 0x577}, {0x10000, 0x3, 0xd6, 0x3}, {0x10, 0x7, 0x80000, 0x7}, {0xf8d, 0x3283800, 0x0, 0x5}, {0xff, 0x1, 0x4, 0x6}, {0x7c, 0x0, 0x0, 0x85}, {0x1, 0x800, 0x8, 0x1}, {0xffff, 0x7f, 0x9, 0x6}, {0x5, 0x2, 0x4, 0x24a}]}, 0x3175)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000032c0)={&(0x7f00000031c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x5}, {0x0, [0x0, 0x0, 0x61]}}, &(0x7f0000003200)=""/148, 0x1d, 0x94}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0xffffffffffffffff, 0x0, &(0x7f0000003300))
r1 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r1, &(0x7f0000003340)={0x18, 0x2, {0x2, @multicast2}}, 0x1e)
syz_usbip_server_init(0x5)
ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000003380), 0x2)
r2 = io_uring_setup(0x15e4, &(0x7f00000033c0)={0x0, 0xf22e, 0x20, 0x0, 0x232})
io_uring_enter(r2, 0xd9e, 0x1d80, 0xe211207c25785514, &(0x7f0000003440)={[0x7f]}, 0x8)
r3 = openat$cgroup_type(r1, &(0x7f0000003480), 0x2, 0x0)
write$cgroup_type(r3, &(0x7f00000034c0), 0x9)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FD_FRAMES(r4, 0x65, 0x5, &(0x7f0000003500)=0x1, 0x4)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r1, 0xf50f, 0x0)
r5 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r5, &(0x7f00000048c0)={0x18, 0x2, {0x2, @loopback}}, 0x1e)

841.840212ms ago: executing program 2 (id=3866):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f00000002c0)={[{@init_itable}, {@resuid}, {@stripe}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0)
open_by_handle_at(r1, &(0x7f0000000240)=@reiserfs_2={0x4b}, 0x0)

741.73363ms ago: executing program 3 (id=3867):
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x8100, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

728.133561ms ago: executing program 3 (id=3868):
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x40)
r0 = syz_io_uring_setup(0x6f51, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f0000000000), &(0x7f00000003c0))
io_uring_enter(r0, 0x0, 0x0, 0x9, &(0x7f0000000040), 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_io_uring_setup(0x3570, &(0x7f0000000240), 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r1}, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$inet6(0xa, 0x800000000000002, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f00000000c0)=[{0x25}, {0x25}, {0x16}]})
syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
chown(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=<r4=>0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}]}, 0x1c}}, 0x0)
write$nci(r3, &(0x7f000000a600)=ANY=[@ANYBLOB="6105061802030207081ffca2a1f782fc90eae4"], 0x13)
dup(r2)
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)

719.672271ms ago: executing program 2 (id=3869):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000100)={'veth0_to_team\x00', 0x400})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000002c0)={'pimreg1\x00', 0x600})
close(0x3)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$BTRFS_IOC_GET_FEATURES(r4, 0x80189439, &(0x7f0000000180))
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000000000017000000000000000085000000bc00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r6, 0x6, 0x1, &(0x7f00000000c0)=@gcm_128={{}, "43898657bcc809e8", "835179bc41e8b949acca0097dc2c8001", "a303c0c8", "08248006f13a2001"}, 0x28)
fchmod(r3, 0x61)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r6, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000010000000900010073797a300000000078000000090a010400000000000000000100000008000a40000000000900020073797a30000000000900010073797a300000000008000540000000213c0011800a0001006c696d69740000002c0002800c000240000000000000"], 0xc0}}, 0x0)

580.874443ms ago: executing program 4 (id=3870):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000001c0)={0x8, 0x200}, 0x10)
r1 = socket$inet(0x2, 0x6, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000580)='pim6reg\x00', 0x10)
connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10)
writev(r1, &(0x7f0000000800)=[{&(0x7f00000001c0)="a4", 0x1}], 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$inet(r0, &(0x7f0000000080)='<', 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)

580.176723ms ago: executing program 2 (id=3871):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0x2}}, 0x14, 0x0}, 0x20000801)
perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_read_part_table(0x105c, &(0x7f0000001080)="$eJzsz71Rw0AQBeCnQ0gioBUSOqAHEopBKZUQ0Ae9uAaPPeuR/NeB7eD7gpt7N+9mZ8N9tWxr8V+pLsmwHHPLW6bkJW0tffRTltynxlQyX77XuD91fp6/h7RNxjV9vXe7quuY1+TpePvtz29dPv9utSYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLJDAAAA//+4SRWs")
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg2\x00'})
syz_genetlink_get_family_id$wireguard(&(0x7f0000000340), 0xffffffffffffffff)
epoll_create1(0x0)
openat$sysfs(0xffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x9801}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gre={{0x8}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x34}}, 0x0)
sendmmsg$inet(r1, &(0x7f0000005ac0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @local, @local}}}], 0x20, 0x11000000}}], 0x1, 0x0)

512.378208ms ago: executing program 4 (id=3872):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x35}, {0x6}]}, 0x10)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000680)=ANY=[], 0x24}}, 0x0)

459.877553ms ago: executing program 4 (id=3873):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5}}, 0x1c)
write$P9_RGETLOCK(r0, &(0x7f0000000040)=ANY=[], 0xe6da)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$key(0xf, 0x3, 0x2)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@loopback, @in=@rand_addr=0x3}, {@in=@remote, 0x0, 0x32}, @in=@local, {}, {}, {}, 0x0, 0x0, 0xa, 0x1, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x2, 0x0, 0x0, @in=@private=0xa010102}}]}, 0x154}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x58, &(0x7f0000000a00)={[{@inode_readahead_blks}, {@grpid}, {@nomblk_io_submit}, {@stripe={'stripe', 0x3d, 0x4ffff}}, {@norecovery}, {@errors_remount}, {}]}, 0xfe, 0x799, &(0x7f00000001c0)="$eJzs3c1rHGUYAPBnNp+m1UYQbL00Jy2UbtoaWwWh8SSChYKebcNmG2I22ZLdlCbkYBFBEEGLB0Evnv2oN28ievZv8CIiLVXTYsWDrMx+JJtukm7TTdI2vx9M8r4zs/PMs7Pzvu/uDLsB7FpD6Z9MxIGI+CiJ2Fefn0RET7XUHTFaW+/20mIunZKoVN74M6muc2tpMRdNj0ntqVf2R8SP70UczrTGLc0vTI0VCvnZen24PH1huDS/cGRyemwiP5GfOXFsZOT4yRdOnuhcrn//vLD3+sevPvfN6L/vPn31w5+SGI299WXNeXTKUAzVn5Oe9Cms+b7TUR4MyU7vAJuSnppdtbM8DsS+6KqWAIBHWdr/VwCAXSbR/wPALtP4HODW0mKuMe3sJxLb68YrEdFfy79xfbO2pLt+za6/eh104Fay6spIEhGDHYi/PyI+/+6tr9Iptug6JMBa3rkcEecGh1rb/2TlnoVNOtrGOkN31LV/sH1+SMc/L641/sssj39ijfFP3xrn7mYMRfTWN1fVev5nrq0K2nCqA8Hr47+Xa/e2pYk2jf+Wb1ob7KrXHk8rByNispBP27YnIuJQ9PSdnyzkj20Q49DN/26ut2yoafz315W3v0zjp/9X1shc6+5b/ZjxsfLY/eTc7MbliGe6V+7tu93S/jeOeuv498xGGz64Unztpfc/W2+1NP8038bUmv/WqnwR8WysnX9DsuH9icPp4T9a+7t2jG9//XRgvfjNxz+d0viN9wLbIT3+AxvnP5g0369Z6mz8u+e//Ppf3qH09d+bvFkt99bnXRorl2ePRfQmr7fOP76ytUa9sX6af23Di72xKv+V9i9Zo/1L3xOeazPH7ut/fL35/LdWmv/4PR3/ey9cvT3VtV789o7/SLV0qD6nnfav3R28n+cOAAAAAAAAAAAAAAAAAAAAAAAAANqViYi9kWSyy+VMJput/Yb3UzGQKRRL5cPni3Mz41H9rezB6Mk0vupyX62eNL7/dLCpfvyO+vMR8WREfNL3WLWezRUL4zudPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU7Vnn9/9Tv/ft9N4BAFumv2VOpVKpNNdv5jdcDAA8dFr7fwDgUaf/B4DdR/8PALuP/h8Adh/9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvszOnT6VT5Z2kxl9bHL87PTRUvHhnPl6ay03O5bK44eyE7USxOFPLZXHH6btsrFIsXRmJm7tJwOV8qD5fmF85OF+dmymcnp8dOxdl8z7ZkBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3pjS/MDVWKORnH4nCBxHxAOyGQmcLvx35Zf9G61y5y8t4tI1Y/fUT4gFJeecLO9wwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwk/g8AAP//Ez0kyA==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_SECURITY_KEY(r5, 0x110, 0x1, &(0x7f0000000040)='cpu.stat\x00', 0x9)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r4, 0x5761, &(0x7f0000000a80)={0x5, 0x0, [{0x6, 0x401, 0x0, [0x0, 0x0, 0x0, 0x1, 0x9, 0x80, 0x1600000, 0x6]}, {0x6, 0x0, 0xf92, [0x6, 0xa, 0x7f, 0x3, 0xfffffffc, 0x6, 0x9, 0x2]}, {0x60000, 0xcccc, 0xffffffff, [0x8, 0x7, 0x1b86, 0xe, 0x3, 0x7, 0xc000, 0x9]}, {0x8, 0x3, 0x5, [0x7fff, 0xa8, 0xc0, 0xffffff43, 0x5, 0x40, 0x9, 0xa]}, {0x64d, 0x7, 0x3, [0x0, 0x7, 0xf247, 0x7, 0x200, 0xff, 0x0, 0x2]}]})
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0)
open_by_handle_at(r3, &(0x7f0000000240)=@reiserfs_2={0x4b, 0x2, {0xb}}, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r7], 0x20}}, 0x0)

225.860132ms ago: executing program 1 (id=3874):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x3, 0x18, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040001f0ffffffb70200000800000018230000a43668528cfcdea56c32a2a11abc3ca5790e880c8dc19361320ec028eb8abccbac60f886d0639f5f9a8ff87cbacd0df5c9212a399d5e04446d5906f31dc825b07d614e048774afb912f1e95993193dd357b774a0e479dc7c7324400a1bd177037498b44f5bcff3f4a736be4e630046162fbc7afe88086eb528f0e0a262f94a889fb7c99e640cf2a4b6581234ebbca76d29b71b48db5942653c8a9e9259172d4a659a84ff801260271f03422f54f1432cc18635d043f407766791c8d778776b8583209a7e", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f0000000300)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r1, &(0x7f00000001c0)={&(0x7f0000000040), 0x10, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="0500"/14, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$rxrpc(0x21, 0x2, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

137.83171ms ago: executing program 1 (id=3875):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000100))

118.856791ms ago: executing program 1 (id=3876):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f00000001c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000300), 0xffffffffffffffff, 0x7}}, 0x18)

95.222693ms ago: executing program 1 (id=3877):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000001840)='wg0\x00', 0x4)
bind$xdp(r1, &(0x7f0000001880), 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYBLOB="00000000010000001400030073797a5f74756e00000000000000000008000a00", @ANYRES32=r2], 0x3c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e6400000000040002800a000100ffffffffffbf0000"], 0x40}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB="0d00ff0000000000830000000000000045"], 0x0, 0x6}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0)
preadv(r4, &(0x7f0000000400)=[{&(0x7f0000000300)=""/113, 0x71}], 0x1, 0x401, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f1, &(0x7f0000000580)='\x1a\xca\x10\xea\x1a\x87\xe7\xebz\xbd\xb5B\x99\xf9\x96]\xe7\xb7N\n\xaa.y\xc2V\x04`\n\x00\x00\x00\x00\x02\b\x00\x00\x9d\xf2u\x94\xa2\x86(\xf9\xc1\x9c\x05W\x80\x17T\'\xcd\x8e\xe2\xaf$\xc4\xc0\x90\xf3~\x1dV\xc6\x12!\xc2\xf5I\t\xed;$\v\xdcz\xc7e\xa0](\t\xca\xadj\xa4\xd1>\xb8#\xe7`\xf0 \xe4P\xbe\f\x10B\xd2\xcd\xf1\x18\"\x11D\x8d\x93ME\xe6\as\x9d\x86\xde\xc2\r\xde*1\x89\t\xe3&\xf6W9]\xae\xfc\x04w\xc1g\xbc\xec\x15C\x8e\x83\x8a\xac\xde`\xc4\xfb\xb9K\x89\xf2\x90\xba+S1\xf2=L\xdez\xc0L\xb5\xd1|z\x192\xce\x1d\tr\x83g\xcbg\xef\x9b\x947H\xb6sT)\v\xe03\x189\xb8RKt\xe5W\t8\x0e\x10\x86\x8d\xac4\xb0\xe4\xb2^\xcf\x88%\xac\x96\x0e\xb9\xf7\x1e\xcc!\x13\xe6\t\xd3\x1b\x84\xee\x1d\xfew\xb0\x947\xcd!`r\x9aV\x1d\x89\x89\xe9\xfa\x1e\xc3\xacc7\x02\xa6\v\x9f\xc8H\x91m\xe7\x13\xa1t=j\xeck\x9a\xc8z&\x8a\x8c]&A\xc1Z:\xb9\xc8j\xdfs\xcc\xfc\x15\r!\xfd\xb2\xeb\x97f\xf5\xc2\x1d}5&\x85\xac\xfe\x9az\x15\xfd\xf9\xccH\xc1`\xd9n\xf3\b\x8b\x01\xd5\xbc\xe7\x9a\'76R9ag\x16\xfc\x83')
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000540)={r4, 0xffffffffffffffff, 0x33, 0x0, @val=@tcx={@prog_fd=r4}}, 0x40)
r6 = io_uring_setup(0x7bde, &(0x7f0000000080)={0x0, 0x3617})
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0x1a, 0x20000009, r7)

94.829003ms ago: executing program 1 (id=3878):
unshare(0x22020600)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00')
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000180)=@v1={0x0, @adiantum, 0x0, @desc1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYBLOB], 0x0}, 0x90)
add_key$keyring(&(0x7f0000000340), 0x0, 0x0, 0x0, 0xffffffffffffffff)
socket$nl_audit(0x10, 0x3, 0x9)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffcb9}]})
timer_create(0x0, 0x0, &(0x7f0000000100))
timer_gettime(0x0, &(0x7f0000000000))
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="063b5329632d3331746a4a76ca1069a12145d6cac7ee24", @ANYRES16=r6, @ANYBLOB="0100000000000000000039000000080001007063690011000200303030303a30303a31302e300000000008007300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000800030000200000"], 0x60}}, 0x11)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0106000000000000000009000016240004801300010062726f6164636173742d6c696e6b00000c0007800800050002"], 0x38}}, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=ANY=[], 0x44}}, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r7=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r7)
fstat(r0, &(0x7f0000000900))
r8 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x103302)
ioctl$LOOP_CLR_FD(r8, 0x125e)

0s ago: executing program 4 (id=3879):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f00000002c0)={[{@init_itable}, {@resuid}, {@stripe}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000240)=@reiserfs_2={0x4b}, 0x0)

kernel console output (not intermixed with test programs):

vhci_hcd: release socket
[  326.094342][ T9291] vhci_hcd: disconnect device
[  326.122590][T16005] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.122611][T16043] vhci_hcd: connection closed
[  326.122718][ T9313] vhci_hcd: stop threads
[  326.129708][T16005] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.134340][ T9313] vhci_hcd: release socket
[  326.141114][T16005] bridge_slave_0: entered allmulticast mode
[  326.145601][ T9313] vhci_hcd: disconnect device
[  326.161199][T16005] bridge_slave_0: entered promiscuous mode
[  326.168457][T16005] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.175585][T16005] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.182890][T16005] bridge_slave_1: entered allmulticast mode
[  326.189462][T16005] bridge_slave_1: entered promiscuous mode
[  326.207461][T16005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  326.217953][T16005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  326.240025][T16005] team0: Port device team_slave_0 added
[  326.246692][T16005] team0: Port device team_slave_1 added
[  326.261842][T16005] batman_adv: batadv0: Adding interface: batadv_slave_0
[  326.268878][T16005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  326.294964][T16005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  326.306253][T16005] batman_adv: batadv0: Adding interface: batadv_slave_1
[  326.313346][T16005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  326.339337][T16005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  326.364028][T16005] hsr_slave_0: entered promiscuous mode
[  326.370285][T16005] hsr_slave_1: entered promiscuous mode
[  326.376351][T16005] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  326.384042][T16005] Cannot create hsr debugfs directory
[  326.584733][T16048] loop1: detected capacity change from 0 to 8192
[  326.627490][T16048]  loop1: p1 p2 p3 p4
[  326.631566][T16048] loop1: p1 size 108922248 extends beyond EOD, truncated
[  326.635867][T16050] loop3: detected capacity change from 0 to 512
[  326.647096][T16048] loop1: p2 start 861536256 is beyond EOD, truncated
[  326.653804][T16048] loop1: p3 start 851968 is beyond EOD, truncated
[  326.660362][T16048] loop1: p4 size 65536 extends beyond EOD, truncated
[  326.699808][T16050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.715321][T16050] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  326.745256][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.800720][T16071] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  326.807419][T16071] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  326.815091][T16071] vhci_hcd vhci_hcd.0: Device attached
[  326.824933][T16073] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0
[  326.831900][T16071] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  326.831974][ T9291] vhci_hcd: stop threads
[  326.838438][T16071] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  326.838527][T16071] vhci_hcd vhci_hcd.0: Device attached
[  326.842811][ T9291] vhci_hcd: release socket
[  326.842819][ T9291] vhci_hcd: disconnect device
[  326.867308][T16076] vhci_hcd: connection closed
[  326.867504][ T9291] vhci_hcd: stop threads
[  326.876564][ T9291] vhci_hcd: release socket
[  326.881011][ T9291] vhci_hcd: disconnect device
[  326.886181][T16079] netlink: 'syz.1.3504': attribute type 10 has an invalid length.
[  326.906332][T16079] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  326.944901][T16081] loop3: detected capacity change from 0 to 128
[  327.000249][T15906] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.059812][T15906] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.110150][T15906] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.168472][T10464] bridge_slave_1: left allmulticast mode
[  327.174137][T10464] bridge_slave_1: left promiscuous mode
[  327.179858][T10464] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.187744][T10464] bridge_slave_0: left allmulticast mode
[  327.193423][T10464] bridge_slave_0: left promiscuous mode
[  327.199049][T10464] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.273424][T10464] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  327.284110][T10464] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  327.294451][T10464] bond0 (unregistering): Released all slaves
[  327.319837][T16005] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.378167][T16005] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.409248][T10464] hsr_slave_0: left promiscuous mode
[  327.414959][T10464] hsr_slave_1: left promiscuous mode
[  327.420937][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  327.428437][T10464] batman_adv: batadv0: Removing interface: batadv_slave_0
[  327.436031][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  327.443454][T10464] batman_adv: batadv0: Removing interface: batadv_slave_1
[  327.452611][T10464] veth1_macvtap: left promiscuous mode
[  327.458146][T10464] veth0_macvtap: left promiscuous mode
[  327.463751][T10464] veth1_vlan: left promiscuous mode
[  327.469097][T10464] veth0_vlan: left promiscuous mode
[  327.556871][T10464] team0 (unregistering): Port device team_slave_1 removed
[  327.567850][T10464] team0 (unregistering): Port device team_slave_0 removed
[  327.611560][T16005] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.700664][T16005] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.857950][T15906] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  327.866711][T16005] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  327.879633][T16005] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  327.889207][T15906] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  327.898169][T16005] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  327.908902][T16005] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  327.918629][T15906] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  327.925863][T16106] loop1: detected capacity change from 0 to 2048
[  327.935009][T16108] loop2: detected capacity change from 0 to 128
[  327.944467][T16108] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  327.948054][T15906] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  327.956811][T16108] ext4 filesystem being mounted at /120/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  328.003870][T16108] FAULT_INJECTION: forcing a failure.
[  328.003870][T16108] name failslab, interval 1, probability 0, space 0, times 0
[  328.016709][T16108] CPU: 0 PID: 16108 Comm: syz.2.3514 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  328.026947][T16108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  328.037038][T16108] Call Trace:
[  328.039805][T16005] 8021q: adding VLAN 0 to HW filter on device bond0
[  328.040306][T16108]  <TASK>
[  328.040314][T16108]  dump_stack_lvl+0xf2/0x150
[  328.054388][T16108]  dump_stack+0x15/0x20
[  328.057843][T16005] 8021q: adding VLAN 0 to HW filter on device team0
[  328.058540][T16108]  should_fail_ex+0x229/0x230
[  328.058571][T16108]  ? security_inode_alloc+0x32/0xd0
[  328.058601][T16108]  __should_failslab+0x92/0xa0
[  328.058619][T16108]  should_failslab+0x9/0x20
[  328.075518][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[  328.079733][T16108]  kmem_cache_alloc_noprof+0x4c/0x290
[  328.079771][T16108]  security_inode_alloc+0x32/0xd0
[  328.084267][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[  328.091230][T16108]  inode_init_always+0x428/0x470
[  328.113780][T16108]  ? __pfx_ext4_alloc_inode+0x10/0x10
[  328.119244][T16108]  alloc_inode+0x7d/0x160
[  328.123606][T16108]  new_inode+0x1d/0x130
[  328.127004][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[  328.127755][T16108]  __ext4_new_inode+0x13f/0x2270
[  328.134825][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[  328.139695][T16108]  ? __rcu_read_unlock+0x4e/0x70
[  328.151829][T16108]  ? __dquot_initialize+0x13a/0x760
[  328.157037][T16108]  ? avc_has_perm+0xd4/0x160
[  328.161633][T16108]  ext4_mkdir+0x27f/0x740
[  328.165999][T16108]  vfs_mkdir+0x1f4/0x320
[  328.170277][T16108]  do_mkdirat+0x12f/0x2a0
[  328.174675][T16108]  __x64_sys_mkdirat+0x50/0x60
[  328.178830][T15906] 8021q: adding VLAN 0 to HW filter on device bond0
[  328.179430][T16108]  x64_sys_call+0x2ce5/0x2d70
[  328.190662][T16108]  do_syscall_64+0xc9/0x1c0
[  328.195191][T16108]  ? clear_bhb_loop+0x55/0xb0
[  328.199873][T16108]  ? clear_bhb_loop+0x55/0xb0
[  328.204574][T16108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.210586][T16108] RIP: 0033:0x7f6bcbe93517
[  328.215048][T16108] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.220312][T16005] 8021q: adding VLAN 0 to HW filter on device batadv0
[  328.234648][T16108] RSP: 002b:00007f6bcb115e78 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  328.234670][T16108] RAX: ffffffffffffffda RBX: 00007f6bcb115f00 RCX: 00007f6bcbe93517
[  328.234683][T16108] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c
[  328.247194][T15906] 8021q: adding VLAN 0 to HW filter on device team0
[  328.249793][T16108] RBP: 0000000020000000 R08: 0000000020000000 R09: 0000000000000000
[  328.262207][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  328.265688][T16108] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000020000100
[  328.272355][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  328.280200][T16108] R13: 00007f6bcb115ec0 R14: 0000000000000000 R15: 0000000000000000
[  328.302959][T15906] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  328.310267][T16108]  </TASK>
[  328.324314][T15906] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  328.346175][T14629] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  328.357126][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  328.364181][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  328.454400][T15906] 8021q: adding VLAN 0 to HW filter on device batadv0
[  328.467027][   T29] kauditd_printk_skb: 132 callbacks suppressed
[  328.467041][   T29] audit: type=1326 audit(1720138823.007:3631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16135 comm="syz.1.3521" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x0
[  328.533841][T16005] veth0_vlan: entered promiscuous mode
[  328.543614][T16005] veth1_vlan: entered promiscuous mode
[  328.565627][T16005] veth0_macvtap: entered promiscuous mode
[  328.577203][T16005] veth1_macvtap: entered promiscuous mode
[  328.593726][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.604253][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.614110][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.624548][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.634510][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.645064][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.654902][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.665420][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.675228][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.685635][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.695449][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.705870][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.715764][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.726251][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.736131][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  328.746660][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.757617][T16005] batman_adv: batadv0: Interface activated: batadv_slave_0
[  328.768324][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.778860][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.785456][T16167] loop3: detected capacity change from 0 to 1024
[  328.788740][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.788755][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.788770][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.825871][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.828657][T16167] EXT4-fs: Ignoring removed oldalloc option
[  328.835735][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.852086][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.854445][T16167] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  328.861885][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.881319][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.891160][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.901617][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.911423][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.921891][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.931704][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.942110][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.953019][T16005] batman_adv: batadv0: Interface activated: batadv_slave_1
[  328.963080][T16167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.987761][T16167] netlink: 7 bytes leftover after parsing attributes in process `syz.3.3526'.
[  328.991082][T16005] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  329.005558][T16005] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  329.014285][T16005] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  329.022979][T16005] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  329.032711][T16175] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  329.039290][T16175] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  329.047008][T16175] vhci_hcd vhci_hcd.0: Device attached
[  329.061434][T16179] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  329.067981][T16179] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  329.075821][T16179] vhci_hcd vhci_hcd.0: Device attached
[  329.086967][T16181] vhci_hcd: connection closed
[  329.087171][T16176] vhci_hcd: connection closed
[  329.093037][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.093470][T10467] vhci_hcd: stop threads
[  329.111294][T10467] vhci_hcd: release socket
[  329.115698][T10467] vhci_hcd: disconnect device
[  329.120735][T10467] vhci_hcd: stop threads
[  329.124972][T10467] vhci_hcd: release socket
[  329.129570][T10467] vhci_hcd: disconnect device
[  329.139620][T15906] veth0_vlan: entered promiscuous mode
[  329.148051][T15906] veth1_vlan: entered promiscuous mode
[  329.163744][T15906] veth0_macvtap: entered promiscuous mode
[  329.171589][T15906] veth1_macvtap: entered promiscuous mode
[  329.183913][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  329.194800][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.204675][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  329.215215][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.225089][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  329.235509][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.245341][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  329.255872][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.265869][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  329.276793][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.286601][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  329.297553][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.307441][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  329.317871][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.327709][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  329.338122][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.348049][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  329.358480][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.373244][T15906] batman_adv: batadv0: Interface activated: batadv_slave_0
[  329.381923][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.392423][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.402284][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.412706][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.422564][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.432993][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.442897][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.453469][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.463293][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.473843][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.483679][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.494087][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.503889][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.514434][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.524237][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.534690][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.544508][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  329.555022][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  329.569899][T15906] batman_adv: batadv0: Interface activated: batadv_slave_1
[  329.582826][T15906] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  329.591580][T15906] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  329.600311][T15906] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  329.609052][T15906] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  329.665620][T16209] loop1: detected capacity change from 0 to 128
[  329.665842][T16211] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3451'.
[  329.674076][T16209] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  329.694941][T16209] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  329.719973][T15755] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  329.761322][T16220] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  329.779965][   T29] audit: type=1400 audit(1720138824.317:3632): avc:  denied  { setopt } for  pid=16215 comm="syz.0.3537" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  329.848133][T16235] FAULT_INJECTION: forcing a failure.
[  329.848133][T16235] name failslab, interval 1, probability 0, space 0, times 0
[  329.861011][T16235] CPU: 0 PID: 16235 Comm: syz.2.3543 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  329.871217][T16235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  329.881266][T16235] Call Trace:
[  329.884618][T16235]  <TASK>
[  329.887587][T16235]  dump_stack_lvl+0xf2/0x150
[  329.892246][T16235]  dump_stack+0x15/0x20
[  329.896396][T16235]  should_fail_ex+0x229/0x230
[  329.901086][T16235]  ? dst_alloc+0xc0/0x100
[  329.905417][T16235]  __should_failslab+0x92/0xa0
[  329.910185][T16235]  should_failslab+0x9/0x20
[  329.914755][T16235]  kmem_cache_alloc_noprof+0x4c/0x290
[  329.920223][T16235]  ? ip6_dst_lookup_tail+0x6e7/0x940
[  329.925528][T16235]  dst_alloc+0xc0/0x100
[  329.929722][T16235]  ip6_blackhole_route+0x42/0x2b0
[  329.929803][T16238] loop3: detected capacity change from 0 to 1024
[  329.934735][T16235]  xfrm_lookup_route+0xbe/0x110
[  329.945906][T16235]  ip6_dst_lookup_flow+0x98/0xc0
[  329.946603][T16238] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  329.950994][T16235]  sctp_v6_get_dst+0x329/0xa10
[  329.951032][T16235]  sctp_transport_route+0xad/0x1b0
[  329.965911][T16238] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.969526][T16235]  sctp_assoc_add_peer+0x3c0/0xba0
[  329.969578][T16235]  sctp_connect_new_asoc+0x1f8/0x3b0
[  329.969609][T16235]  sctp_sendmsg+0xf05/0x1920
[  329.997006][T16235]  ? __pfx_sctp_sendmsg+0x10/0x10
[  330.002111][T16235]  inet_sendmsg+0xc5/0xd0
[  330.006531][T16235]  __sock_sendmsg+0x102/0x180
[  330.011207][T16235]  __sys_sendto+0x1e5/0x260
[  330.015830][T16235]  __x64_sys_sendto+0x78/0x90
[  330.020497][T16235]  x64_sys_call+0x16d7/0x2d70
[  330.025213][T16235]  do_syscall_64+0xc9/0x1c0
[  330.029707][T16235]  ? clear_bhb_loop+0x55/0xb0
[  330.034394][T16235]  ? clear_bhb_loop+0x55/0xb0
[  330.039164][T16235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.045111][T16235] RIP: 0033:0x7f6bcbe94bd9
[  330.049509][T16235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.069141][T16235] RSP: 002b:00007f6bcb116048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  330.077560][T16235] RAX: ffffffffffffffda RBX: 00007f6bcc022f60 RCX: 00007f6bcbe94bd9
[  330.085518][T16235] RDX: 0000000000000001 RSI: 0000000020847fff RDI: 0000000000000005
[  330.093480][T16235] RBP: 00007f6bcb1160a0 R08: 000000002005ffe4 R09: 000000000000001c
[  330.101443][T16235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.109407][T16235] R13: 000000000000000b R14: 00007f6bcc022f60 R15: 00007ffd43492558
[  330.117368][T16235]  </TASK>
[  330.128265][T16237] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3544'.
[  330.138573][T16240] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  330.145088][T16240] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  330.152659][T16243] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  330.159157][T16243] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  330.166822][T16240] vhci_hcd vhci_hcd.0: Device attached
[  330.166841][T16243] vhci_hcd vhci_hcd.0: Device attached
[  330.180398][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.194358][T16244] vhci_hcd: connection closed
[  330.194514][ T9313] vhci_hcd: stop threads
[  330.203606][ T9313] vhci_hcd: release socket
[  330.208116][ T9313] vhci_hcd: disconnect device
[  330.212946][T16242] vhci_hcd: connection closed
[  330.213231][ T9313] vhci_hcd: stop threads
[  330.222263][ T9313] vhci_hcd: release socket
[  330.226727][ T9313] vhci_hcd: disconnect device
[  330.431036][T16252] loop3: detected capacity change from 0 to 512
[  330.438321][T16252] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  330.487730][T16252] EXT4-fs (loop3): 1 truncate cleaned up
[  330.494078][T16252] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  330.748987][T16258] netlink: 'syz.1.3549': attribute type 10 has an invalid length.
[  330.767444][T16258] 8021q: adding VLAN 0 to HW filter on device batadv0
[  330.777498][T16258] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  330.802736][T16264] loop2: detected capacity change from 0 to 512
[  330.811197][T16264] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  330.832174][T16264] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.845049][T16264] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  330.871512][T14629] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.889578][T16275] loop0: detected capacity change from 0 to 1024
[  330.902957][T16279] loop1: detected capacity change from 0 to 1024
[  330.909943][T16279] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  330.916611][T16275] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3556'.
[  330.930833][T16279] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.945533][T16279] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3558'.
[  330.962433][T16286] FAULT_INJECTION: forcing a failure.
[  330.962433][T16286] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  330.975503][T16286] CPU: 1 PID: 16286 Comm: syz.0.3560 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  330.985776][T16286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  330.995814][T16286] Call Trace:
[  330.999072][T16286]  <TASK>
[  331.001995][T16286]  dump_stack_lvl+0xf2/0x150
[  331.006591][T16286]  dump_stack+0x15/0x20
[  331.010729][T16286]  should_fail_ex+0x229/0x230
[  331.015487][T16286]  should_fail+0xb/0x10
[  331.019701][T16286]  should_fail_usercopy+0x1a/0x20
[  331.024703][T16286]  _copy_to_user+0x1e/0xa0
[  331.029120][T16286]  put_itimerspec64+0x69/0x120
[  331.033901][T16286]  __x64_sys_timerfd_gettime+0x80/0xc0
[  331.039433][T16286]  x64_sys_call+0x2d2b/0x2d70
[  331.044114][T16286]  do_syscall_64+0xc9/0x1c0
[  331.048770][T16286]  ? clear_bhb_loop+0x55/0xb0
[  331.053426][T16286]  ? clear_bhb_loop+0x55/0xb0
[  331.058113][T16286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.064257][T16286] RIP: 0033:0x7fe6c1d24bd9
[  331.068648][T16286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.088411][T16286] RSP: 002b:00007fe6c0fa6048 EFLAGS: 00000246 ORIG_RAX: 000000000000011f
[  331.096815][T16286] RAX: ffffffffffffffda RBX: 00007fe6c1eb2f60 RCX: 00007fe6c1d24bd9
[  331.104779][T16286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  331.112736][T16286] RBP: 00007fe6c0fa60a0 R08: 0000000000000000 R09: 0000000000000000
[  331.120697][T16286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.128717][T16286] R13: 000000000000000b R14: 00007fe6c1eb2f60 R15: 00007fffaa8b3628
[  331.136706][T16286]  </TASK>
[  331.150537][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.162538][   T29] audit: type=1326 audit(1720138825.707:3633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16288 comm="syz.0.3561" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0
[  331.203692][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.245400][T16294] 9pnet_fd: Insufficient options for proto=fd
[  331.254305][T16294] loop3: detected capacity change from 0 to 256
[  331.261773][T16294] FAT-fs (loop3): Unrecognized mount option "n" or missing value
[  331.297665][T16300] 9pnet_fd: Insufficient options for proto=fd
[  331.306221][T16294] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  331.312628][T16294] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  331.364578][T16303] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  331.378743][T16303] FAULT_INJECTION: forcing a failure.
[  331.378743][T16303] name failslab, interval 1, probability 0, space 0, times 0
[  331.391472][T16303] CPU: 0 PID: 16303 Comm: syz.3.3566 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  331.401695][T16303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  331.411753][T16303] Call Trace:
[  331.415031][T16303]  <TASK>
[  331.418032][T16303]  dump_stack_lvl+0xf2/0x150
[  331.422700][T16303]  dump_stack+0x15/0x20
[  331.426888][T16303]  should_fail_ex+0x229/0x230
[  331.431575][T16303]  ? __alloc_skb+0x10b/0x300
[  331.436181][T16303]  __should_failslab+0x92/0xa0
[  331.440946][T16303]  should_failslab+0x9/0x20
[  331.445485][T16303]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  331.451322][T16303]  ? nlmon_xmit+0x51/0x60
[  331.455712][T16303]  __alloc_skb+0x10b/0x300
[  331.460138][T16303]  netlink_ack+0xef/0x4f0
[  331.464580][T16303]  netlink_rcv_skb+0x19c/0x230
[  331.469357][T16303]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  331.474829][T16303]  rtnetlink_rcv+0x1c/0x30
[  331.479259][T16303]  netlink_unicast+0x58d/0x660
[  331.484095][T16303]  netlink_sendmsg+0x5ca/0x6e0
[  331.488901][T16303]  ? __pfx_netlink_sendmsg+0x10/0x10
[  331.494220][T16303]  __sock_sendmsg+0x140/0x180
[  331.498909][T16303]  ____sys_sendmsg+0x312/0x410
[  331.503680][T16303]  __sys_sendmsg+0x1e9/0x280
[  331.508305][T16303]  __x64_sys_sendmsg+0x46/0x50
[  331.513069][T16303]  x64_sys_call+0xb25/0x2d70
[  331.517749][T16303]  do_syscall_64+0xc9/0x1c0
[  331.522297][T16303]  ? clear_bhb_loop+0x55/0xb0
[  331.527021][T16303]  ? clear_bhb_loop+0x55/0xb0
[  331.531782][T16303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.537924][T16303] RIP: 0033:0x7fa815826bd9
[  331.542342][T16303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.561953][T16303] RSP: 002b:00007fa814aa8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  331.570386][T16303] RAX: ffffffffffffffda RBX: 00007fa8159b4f60 RCX: 00007fa815826bd9
[  331.578377][T16303] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  331.586354][T16303] RBP: 00007fa814aa80a0 R08: 0000000000000000 R09: 0000000000000000
[  331.594324][T16303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  331.602327][T16303] R13: 000000000000000b R14: 00007fa8159b4f60 R15: 00007ffe239f7648
[  331.610346][T16303]  </TASK>
[  331.628075][T16305] loop3: detected capacity change from 0 to 256
[  331.643377][T16305] FAT-fs (loop3): Directory bread(block 64) failed
[  331.650152][T16305] FAT-fs (loop3): Directory bread(block 65) failed
[  331.659202][T16305] FAT-fs (loop3): Directory bread(block 66) failed
[  331.665924][T16305] FAT-fs (loop3): Directory bread(block 67) failed
[  331.675264][T16305] FAT-fs (loop3): Directory bread(block 68) failed
[  331.683942][T16305] FAT-fs (loop3): Directory bread(block 69) failed
[  331.690534][T16305] FAT-fs (loop3): Directory bread(block 70) failed
[  331.698961][T16305] FAT-fs (loop3): Directory bread(block 71) failed
[  331.705776][T16305] FAT-fs (loop3): Directory bread(block 72) failed
[  331.705794][T16305] FAT-fs (loop3): Directory bread(block 73) failed
[  331.723176][T16309] loop1: detected capacity change from 0 to 1024
[  331.730916][T16309] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  331.741475][T16309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.755196][T16309] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3569'.
[  331.771412][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.840710][   T29] audit: type=1326 audit(1720138826.377:3634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16312 comm="syz.1.3570" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x0
[  331.886001][T16314] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3567'.
[  332.506564][T16326] loop3: detected capacity change from 0 to 1024
[  332.513396][T16326] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  332.524223][T16326] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.538865][T16326] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3572'.
[  332.554738][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.695183][T16336] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  332.761918][T16346] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  332.768455][T16346] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  332.776173][T16346] vhci_hcd vhci_hcd.0: Device attached
[  332.786489][T16347] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0
[  332.795393][   T29] audit: type=1326 audit(1720138827.327:3635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.3.3581" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x0
[  332.819098][T10464] vhci_hcd: stop threads
[  332.820678][T16340] loop0: detected capacity change from 0 to 8192
[  332.823370][T10464] vhci_hcd: release socket
[  332.834401][T16346] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  332.834421][T16346] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  332.848644][T10464] vhci_hcd: disconnect device
[  332.848652][T16346] vhci_hcd vhci_hcd.0: Device attached
[  332.861116][T16351] vhci_hcd: connection closed
[  332.861286][T10464] vhci_hcd: stop threads
[  332.870354][T10464] vhci_hcd: release socket
[  332.874784][T10464] vhci_hcd: disconnect device
[  332.876954][T16340]  loop0: p1 p2 p3 p4
[  332.883467][T16340] loop0: p1 size 108922248 extends beyond EOD, truncated
[  332.891150][T16340] loop0: p2 start 861536256 is beyond EOD, truncated
[  332.897877][T16340] loop0: p3 start 851968 is beyond EOD, truncated
[  332.904299][T16340] loop0: p4 size 65536 extends beyond EOD, truncated
[  332.994495][T16359] sctp: [Deprecated]: syz.0.3582 (pid 16359) Use of struct sctp_assoc_value in delayed_ack socket option.
[  332.994495][T16359] Use struct sctp_sack_info instead
[  333.014168][T16359] loop0: detected capacity change from 0 to 512
[  333.160575][T16363] loop4: detected capacity change from 0 to 1024
[  333.167743][T16363] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  333.178278][T16363] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.192236][T16363] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3583'.
[  333.210269][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.283454][T16369] loop4: detected capacity change from 0 to 1024
[  333.290402][T16369] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  333.300907][T16369] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.314795][T16369] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3585'.
[  333.332184][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.378387][T16372] loop1: detected capacity change from 0 to 512
[  333.384991][T16372] EXT4-fs: Ignoring removed orlov option
[  333.387904][T16374] loop4: detected capacity change from 0 to 512
[  333.397872][T16372] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102]
[  333.405895][T16372] System zones: 1-12
[  333.410253][T16372] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz.1.3587: casefold flag without casefold feature
[  333.419634][T16374] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.423219][T16372] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.3587: couldn't read orphan inode 15 (err -117)
[  333.437251][T16374] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  333.449351][T16372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.475013][T16372] EXT4-fs (loop1): shut down requested (0)
[  333.502879][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.587139][   T29] audit: type=1326 audit(1720138828.127:3636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16382 comm="syz.1.3589" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x0
[  333.625304][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.769505][T16400] loop4: detected capacity change from 0 to 512
[  333.776286][T16400] EXT4-fs: Ignoring removed nobh option
[  333.784028][T16400] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  333.826631][T16403] loop0: detected capacity change from 0 to 1024
[  333.846048][T16400] EXT4-fs (loop4): 1 truncate cleaned up
[  333.852418][T16400] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.886118][T16407] loop0: detected capacity change from 0 to 1024
[  333.927730][T16409] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  333.934269][T16409] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  333.941997][T16409] vhci_hcd vhci_hcd.0: Device attached
[  333.949247][T16410] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0
[  333.949930][T16409] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  333.960853][T10467] vhci_hcd: stop threads
[  333.962665][T16409] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  333.966933][T10467] vhci_hcd: release socket
[  333.974574][T16409] vhci_hcd vhci_hcd.0: Device attached
[  333.979003][T10467] vhci_hcd: disconnect device
[  333.986479][T16415] loop0: detected capacity change from 0 to 512
[  334.000571][T16412] vhci_hcd: connection closed
[  334.000800][   T29] audit: type=1400 audit(1720138828.537:3637): avc:  denied  { mounton } for  pid=16414 comm="syz.0.3598" path="/dev/ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  334.029238][T10467] vhci_hcd: stop threads
[  334.033657][T10467] vhci_hcd: release socket
[  334.038145][T10467] vhci_hcd: disconnect device
[  334.147792][   T29] audit: type=1326 audit(1720138828.687:3638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16421 comm="syz.0.3600" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0
[  334.431694][T16430] loop1: detected capacity change from 0 to 128
[  334.439983][T16430] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  334.452792][T16430] ext4 filesystem being mounted at /52/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  334.489125][   T29] audit: type=1400 audit(1720138829.027:3639): avc:  denied  { setattr } for  pid=16429 comm="syz.1.3601" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  334.517637][T15755] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  334.559410][T16437] loop2: detected capacity change from 0 to 512
[  334.578891][T16437] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.586756][T16441] loop1: detected capacity change from 0 to 512
[  334.592724][T16437] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  334.618840][T16441] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.633681][T16441] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  334.666940][T16437] loop2: detected capacity change from 512 to 0
[  334.667132][T16444] syz.2.3605: attempt to access beyond end of device
[  334.667132][T16444] loop2: rw=12288, sector=88, nr_sectors = 4 limit=0
[  334.706561][T16444] EXT4-fs error (device loop2): __ext4_find_entry:1684: inode #2: comm syz.2.3605: reading directory lblock 0
[  334.731714][T16444] syz.2.3605: attempt to access beyond end of device
[  334.731714][T16444] loop2: rw=145409, sector=0, nr_sectors = 4 limit=0
[  334.745090][T16444] Buffer I/O error on dev loop2, logical block 0, lost sync page write
[  334.755521][T16444] EXT4-fs (loop2): I/O error while writing superblock
[  334.792070][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.812658][T14629] syz-executor: attempt to access beyond end of device
[  334.812658][T14629] loop2: rw=12288, sector=88, nr_sectors = 4 limit=0
[  334.849008][T16448] loop1: detected capacity change from 0 to 1024
[  334.859546][T15208] syz.2.3232: attempt to access beyond end of device
[  334.859546][T15208] loop2: rw=524288, sector=140, nr_sectors = 4 limit=0
[  334.860614][T16448] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  334.877745][T15208] syz.2.3232: attempt to access beyond end of device
[  334.877745][T15208] loop2: rw=524288, sector=144, nr_sectors = 4 limit=0
[  334.885966][T16448] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.895443][T15208] syz.2.3232: attempt to access beyond end of device
[  334.895443][T15208] loop2: rw=12288, sector=136, nr_sectors = 4 limit=0
[  334.913175][T16448] __nla_validate_parse: 2 callbacks suppressed
[  334.913186][T16448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3606'.
[  334.921909][T15208] EXT4-fs error (device loop2): ext4_get_inode_loc:4495: inode #2: block 34: comm syz.2.3232: unable to read itable block
[  334.934593][T16452] loop3: detected capacity change from 0 to 1024
[  334.936900][T15208] syz.2.3232: attempt to access beyond end of device
[  334.936900][T15208] loop2: rw=145409, sector=0, nr_sectors = 4 limit=0
[  334.961855][T16452] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  334.968619][T15208] Buffer I/O error on dev loop2, logical block 0, lost sync page write
[  334.982062][T16452] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.986511][T15208] EXT4-fs (loop2): I/O error while writing superblock
[  335.002700][T16452] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3608'.
[  335.004627][T15208] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: IO failure
[  335.004733][T15208] syz.2.3232: attempt to access beyond end of device
[  335.004733][T15208] loop2: rw=145409, sector=0, nr_sectors = 4 limit=0
[  335.014258][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.022191][T15208] Buffer I/O error on dev loop2, logical block 0, lost sync page write
[  335.022298][T15208] EXT4-fs (loop2): I/O error while writing superblock
[  335.060692][T15208] EXT4-fs error (device loop2): ext4_dirty_inode:5935: inode #2: comm syz.2.3232: mark_inode_dirty error
[  335.061423][T15208] syz.2.3232: attempt to access beyond end of device
[  335.061423][T15208] loop2: rw=145409, sector=0, nr_sectors = 4 limit=0
[  335.085587][T15208] Buffer I/O error on dev loop2, logical block 0, lost sync page write
[  335.094549][T15208] EXT4-fs (loop2): I/O error while writing superblock
[  335.101506][ T9315] kworker/u8:26: attempt to access beyond end of device
[  335.101506][ T9315] loop2: rw=524288, sector=140, nr_sectors = 4 limit=0
[  335.103425][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.124739][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.127068][ T9315] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4480: inode #3: block 34: comm kworker/u8:26: unable to read itable block
[  335.148458][ T9315] Buffer I/O error on dev loop2, logical block 0, lost sync page write
[  335.157635][ T9315] EXT4-fs (loop2): I/O error while writing superblock
[  335.169294][ T9315] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4480: inode #18: block 35: comm kworker/u8:26: unable to read itable block
[  335.183580][ T9315] Buffer I/O error on dev loop2, logical block 0, lost sync page write
[  335.191928][ T9315] EXT4-fs (loop2): I/O error while writing superblock
[  335.191967][ T9315] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4480: inode #2: block 34: comm kworker/u8:26: unable to read itable block
[  335.191998][ T9315] Buffer I/O error on dev loop2, logical block 0, lost sync page write
[  335.192012][ T9315] EXT4-fs (loop2): I/O error while writing superblock
[  335.194617][T15208] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.195283][T15208] Buffer I/O error on dev loop2, logical block 0, lost sync page write
[  335.195297][T15208] EXT4-fs (loop2): I/O error while writing superblock
[  335.201030][T16462] ipip0: entered promiscuous mode
[  335.291972][T16438] Buffer I/O error on dev loop2, logical block 12, lost sync page write
[  335.301338][   T29] audit: type=1326 audit(1720138829.847:3640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16463 comm="syz.3.3611" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x0
[  335.302759][T16471] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  335.330898][T16471] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  335.338520][T16471] vhci_hcd vhci_hcd.0: Device attached
[  335.354467][T16471] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  335.354489][T16471] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  335.354541][T16471] vhci_hcd vhci_hcd.0: Device attached
[  335.381537][T16474] vhci_hcd: connection closed
[  335.393593][T16476] loop4: detected capacity change from 0 to 512
[  335.405917][T16472] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0
[  335.413250][ T9291] vhci_hcd: stop threads
[  335.417510][ T9291] vhci_hcd: release socket
[  335.421907][ T9291] vhci_hcd: disconnect device
[  335.429060][T16476] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  335.441884][T16476] EXT4-fs (loop4): 1 truncate cleaned up
[  335.448265][T16476] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  335.468725][ T9291] vhci_hcd: stop threads
[  335.472978][ T9291] vhci_hcd: release socket
[  335.477440][ T9291] vhci_hcd: disconnect device
[  335.546696][ T4178] vhci_hcd: vhci_device speed not set
[  335.642143][T10464] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.683360][T10464] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.720736][T10464] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.769883][T10464] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.809651][T16483] chnl_net:caif_netlink_parms(): no params data found
[  335.848417][T10464] bridge_slave_1: left allmulticast mode
[  335.854141][T10464] bridge_slave_1: left promiscuous mode
[  335.859854][T10464] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.867488][T10464] bridge_slave_0: left allmulticast mode
[  335.873138][T10464] bridge_slave_0: left promiscuous mode
[  335.878819][T10464] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.907402][T16498] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3616'.
[  335.923689][T16498] loop1: detected capacity change from 0 to 512
[  335.930322][T16498] EXT4-fs: Ignoring removed mblk_io_submit option
[  335.938304][T16498] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  335.949658][T16498] EXT4-fs (loop1): 1 truncate cleaned up
[  335.955680][T16498] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  335.968948][T16498] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3616'.
[  336.003836][T10464] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  336.025737][T16501] loop0: detected capacity change from 0 to 512
[  336.035742][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.048717][T10464] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  336.063697][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.064405][T10464] bond0 (unregistering): Released all slaves
[  336.081600][T10464] bond1 (unregistering): Released all slaves
[  336.101350][T10464] bond2 (unregistering): Released all slaves
[  336.133449][T16507] loop4: detected capacity change from 0 to 512
[  336.147267][T16483] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.154326][T16483] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.174692][T16508] loop3: detected capacity change from 0 to 1024
[  336.182579][T16507] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  336.186858][T16483] bridge_slave_0: entered allmulticast mode
[  336.203105][T16483] bridge_slave_0: entered promiscuous mode
[  336.205809][T16508] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  336.210587][T16507] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  336.222766][T16513] loop0: detected capacity change from 0 to 256
[  336.242035][T16483] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.249337][T16483] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.259033][T16508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  336.260594][T16483] bridge_slave_1: entered allmulticast mode
[  336.278165][T16483] bridge_slave_1: entered promiscuous mode
[  336.288515][T16516] loop1: detected capacity change from 0 to 1024
[  336.293952][T16505] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3620'.
[  336.304191][T16516] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  336.320348][T16516] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  336.326863][T10464] hsr_slave_0: left promiscuous mode
[  336.335844][T16516] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3621'.
[  336.351084][T16507] loop4: detected capacity change from 512 to 0
[  336.357630][T10464] hsr_slave_1: left promiscuous mode
[  336.363225][T16519] EXT4-fs error (device loop4): __ext4_find_entry:1684: inode #2: comm syz.4.3619: reading directory lblock 0
[  336.364060][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.377011][T16519] Buffer I/O error on dev loop4, logical block 0, lost sync page write
[  336.392384][T16519] EXT4-fs (loop4): I/O error while writing superblock
[  336.399333][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  336.406915][T10464] batman_adv: batadv0: Removing interface: batadv_slave_0
[  336.418119][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  336.425574][T10464] batman_adv: batadv0: Removing interface: batadv_slave_1
[  336.433193][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.450106][T10464] veth1_macvtap: left promiscuous mode
[  336.455614][T10464] veth0_macvtap: left promiscuous mode
[  336.461135][T10464] veth1_vlan: left promiscuous mode
[  336.466376][T10464] veth0_vlan: left promiscuous mode
[  336.473502][   T29] audit: type=1326 audit(1720138831.007:3641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16518 comm="syz.0.3622" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0
[  336.582186][T16535] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  336.588777][T16535] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  336.596369][T16535] vhci_hcd vhci_hcd.0: Device attached
[  336.606939][T16536] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0
[  336.609271][T16535] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  336.614184][T10467] vhci_hcd: stop threads
[  336.620409][T16535] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  336.620531][T16535] vhci_hcd vhci_hcd.0: Device attached
[  336.624677][T10467] vhci_hcd: release socket
[  336.642361][T10467] vhci_hcd: disconnect device
[  336.672691][T10464] team0 (unregistering): Port device team_slave_1 removed
[  336.683533][T10464] team0 (unregistering): Port device team_slave_0 removed
[  336.733549][T16522] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3623'.
[  336.748034][T16538] vhci_hcd: connection closed
[  336.748334][ T9291] vhci_hcd: stop threads
[  336.752205][T16483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  336.753021][ T9291] vhci_hcd: release socket
[  336.770756][ T9291] vhci_hcd: disconnect device
[  336.776297][T16483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.797233][T15906] EXT4-fs error (device loop4): ext4_get_inode_loc:4495: inode #2: block 34: comm syz-executor: unable to read itable block
[  336.814380][T15906] EXT4-fs (loop4): I/O error while writing superblock
[  336.821198][T15906] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5731: IO failure
[  336.830333][T15906] EXT4-fs (loop4): I/O error while writing superblock
[  336.837114][T15906] EXT4-fs error (device loop4): ext4_dirty_inode:5935: inode #2: comm syz-executor: mark_inode_dirty error
[  336.849368][T15906] EXT4-fs (loop4): I/O error while writing superblock
[  336.861652][ T9313] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:4480: inode #3: block 34: comm kworker/u8:25: unable to read itable block
[  336.876080][ T9313] EXT4-fs (loop4): I/O error while writing superblock
[  336.883179][ T9313] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:4480: inode #18: block 35: comm kworker/u8:25: unable to read itable block
[  336.897254][ T9313] EXT4-fs (loop4): I/O error while writing superblock
[  336.904107][ T9313] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:4480: inode #2: block 34: comm kworker/u8:25: unable to read itable block
[  336.918251][ T9313] EXT4-fs (loop4): I/O error while writing superblock
[  336.919652][T16483] team0: Port device team_slave_0 added
[  336.932257][T16483] team0: Port device team_slave_1 added
[  336.932458][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.949453][T15906] EXT4-fs (loop4): I/O error while writing superblock
[  336.965370][T16483] batman_adv: batadv0: Adding interface: batadv_slave_0
[  336.972409][T16483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.998340][T16483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  337.011926][T16483] batman_adv: batadv0: Adding interface: batadv_slave_1
[  337.018963][T16483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  337.045247][T16483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  337.063304][T16548] loop3: detected capacity change from 0 to 512
[  337.070472][T16548] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  337.108563][T16483] hsr_slave_0: entered promiscuous mode
[  337.114916][T16483] hsr_slave_1: entered promiscuous mode
[  337.125407][T16483] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  337.132999][T16483] Cannot create hsr debugfs directory
[  337.159936][T16548] EXT4-fs (loop3): 1 truncate cleaned up
[  337.343979][T16555] loop1: detected capacity change from 0 to 512
[  337.362820][T10464] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.379718][T16555] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  337.441121][T10464] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.478333][T16571] loop0: detected capacity change from 0 to 1024
[  337.509417][T16483] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  337.524114][T16483] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  337.533551][T16571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3634'.
[  337.550029][T10464] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.570128][T16483] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  337.580538][T16483] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  337.592091][T16556] chnl_net:caif_netlink_parms(): no params data found
[  337.610429][T10464] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.704983][T16556] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.712139][T16556] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.721289][T16556] bridge_slave_0: entered allmulticast mode
[  337.727899][T16556] bridge_slave_0: entered promiscuous mode
[  337.770934][T16578] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3635'.
[  337.783109][T10464] bridge_slave_1: left allmulticast mode
[  337.788781][T10464] bridge_slave_1: left promiscuous mode
[  337.794511][T10464] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.808214][T16578] loop3: detected capacity change from 0 to 512
[  337.815139][T10464] bridge_slave_0: left allmulticast mode
[  337.820851][T10464] bridge_slave_0: left promiscuous mode
[  337.826735][T10464] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.826945][T16578] EXT4-fs: Ignoring removed mblk_io_submit option
[  337.840968][T16578] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  337.854057][T16578] EXT4-fs (loop3): 1 truncate cleaned up
[  337.864276][T16578] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3635'.
[  337.972017][T10464] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  337.984556][T10464] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  337.996006][T10464] bond0 (unregistering): Released all slaves
[  338.005058][T16556] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.012258][T16556] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.021388][T16556] bridge_slave_1: entered allmulticast mode
[  338.027891][T16556] bridge_slave_1: entered promiscuous mode
[  338.058966][T16556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  338.081747][T16556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  338.093822][T10464] hsr_slave_0: left promiscuous mode
[  338.096889][T16589] FAULT_INJECTION: forcing a failure.
[  338.096889][T16589] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  338.112237][T16589] CPU: 0 PID: 16589 Comm: syz.3.3639 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  338.122426][T16589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  338.132534][T16589] Call Trace:
[  338.135804][T16589]  <TASK>
[  338.138757][T16589]  dump_stack_lvl+0xf2/0x150
[  338.143391][T16589]  dump_stack+0x15/0x20
[  338.147619][T16589]  should_fail_ex+0x229/0x230
[  338.152301][T16589]  should_fail+0xb/0x10
[  338.156484][T16589]  should_fail_usercopy+0x1a/0x20
[  338.161508][T16589]  _copy_from_user+0x1e/0xd0
[  338.166130][T16589]  __se_sys_cachestat+0x77/0x6d0
[  338.171081][T16589]  ? kmem_cache_free+0xd8/0x280
[  338.175954][T16589]  ? xfd_validate_state+0x46/0xf0
[  338.180975][T16589]  ? ksys_write+0x169/0x1b0
[  338.185509][T16589]  __x64_sys_cachestat+0x55/0x70
[  338.190534][T16589]  x64_sys_call+0x26eb/0x2d70
[  338.195221][T16589]  do_syscall_64+0xc9/0x1c0
[  338.199812][T16589]  ? clear_bhb_loop+0x55/0xb0
[  338.204511][T16589]  ? clear_bhb_loop+0x55/0xb0
[  338.209190][T16589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.215083][T16589] RIP: 0033:0x7fa815826bd9
[  338.219547][T16589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.239147][T16589] RSP: 002b:00007fa814aa8048 EFLAGS: 00000246 ORIG_RAX: 00000000000001c3
[  338.247609][T16589] RAX: ffffffffffffffda RBX: 00007fa8159b4f60 RCX: 00007fa815826bd9
[  338.255574][T16589] RDX: 00000000200008c0 RSI: 0000000020000880 RDI: 0000000000000003
[  338.263570][T16589] RBP: 00007fa814aa80a0 R08: 0000000000000000 R09: 0000000000000000
[  338.271540][T16589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  338.279560][T16589] R13: 000000000000000b R14: 00007fa8159b4f60 R15: 00007ffe239f7648
[  338.287527][T16589]  </TASK>
[  338.291104][T10464] hsr_slave_1: left promiscuous mode
[  338.309689][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  338.317140][T10464] batman_adv: batadv0: Removing interface: batadv_slave_0
[  338.330810][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  338.338366][T10464] batman_adv: batadv0: Removing interface: batadv_slave_1
[  338.354652][T10464] veth1_macvtap: left promiscuous mode
[  338.360249][T10464] veth0_macvtap: left promiscuous mode
[  338.365817][T10464] veth1_vlan: left promiscuous mode
[  338.371266][T10464] veth0_vlan: left promiscuous mode
[  338.400638][   T29] audit: type=1326 audit(1720138832.937:3642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16590 comm="syz.0.3641" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0
[  338.511790][T10464] team0 (unregistering): Port device team_slave_1 removed
[  338.525932][T10464] team0 (unregistering): Port device team_slave_0 removed
[  338.589569][T16556] team0: Port device team_slave_0 added
[  338.604900][T16556] team0: Port device team_slave_1 added
[  338.610890][T16606] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  338.617395][T16606] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  338.625144][T16606] vhci_hcd vhci_hcd.0: Device attached
[  338.639690][T16607] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0
[  338.661605][T16556] batman_adv: batadv0: Adding interface: batadv_slave_0
[  338.668615][T16556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  338.694574][T16556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  338.713610][T16611] loop1: detected capacity change from 0 to 512
[  338.724732][T16611] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  338.740666][T16606] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  338.747182][T16606] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  338.754910][T16606] vhci_hcd vhci_hcd.0: Device attached
[  338.764175][T16611] EXT4-fs (loop1): 1 truncate cleaned up
[  338.772680][T10467] vhci_hcd: stop threads
[  338.777052][T10467] vhci_hcd: release socket
[  338.781524][T10467] vhci_hcd: disconnect device
[  338.791075][T16609] vhci_hcd: connection closed
[  338.792283][T16556] batman_adv: batadv0: Adding interface: batadv_slave_1
[  338.803950][T16556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  338.829898][T16556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  338.843982][   T35] vhci_hcd: vhci_device speed not set
[  338.850231][T10467] vhci_hcd: stop threads
[  338.854611][T10467] vhci_hcd: release socket
[  338.859145][T10467] vhci_hcd: disconnect device
[  338.872929][T16483] 8021q: adding VLAN 0 to HW filter on device bond0
[  338.890688][T16483] 8021q: adding VLAN 0 to HW filter on device team0
[  338.913971][  T923] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.921044][  T923] bridge0: port 1(bridge_slave_0) entered forwarding state
[  338.937818][T16556] hsr_slave_0: entered promiscuous mode
[  338.943780][T16556] hsr_slave_1: entered promiscuous mode
[  338.950684][T16556] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  338.958270][T16556] Cannot create hsr debugfs directory
[  338.964490][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.971596][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[  338.993895][T16483] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  339.004237][T16483] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  339.084137][T16483] 8021q: adding VLAN 0 to HW filter on device batadv0
[  339.162445][T16483] veth0_vlan: entered promiscuous mode
[  339.171772][T16483] veth1_vlan: entered promiscuous mode
[  339.184187][T16483] veth0_macvtap: entered promiscuous mode
[  339.195332][T16483] veth1_macvtap: entered promiscuous mode
[  339.210796][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.221327][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.231141][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.241565][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.251432][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.261875][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.271669][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.282073][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.291904][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.302302][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.312185][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.322820][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.332719][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.343472][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.353334][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.364082][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.383014][T16483] batman_adv: batadv0: Interface activated: batadv_slave_0
[  339.394925][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.405409][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.415212][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.425640][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.435503][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.445936][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.455857][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.466309][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.476162][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.486579][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.496497][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.507279][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.517183][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.527598][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.537400][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.547817][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.558630][T16483] batman_adv: batadv0: Interface activated: batadv_slave_1
[  339.574580][T16483] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  339.576495][T16632] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  339.583441][T16483] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  339.589791][T16632] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  339.589907][T16632] vhci_hcd vhci_hcd.0: Device attached
[  339.598608][T16483] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  339.620464][T16483] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  339.622365][T16633] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 0
[  339.639454][ T9313] vhci_hcd: stop threads
[  339.643728][ T9313] vhci_hcd: release socket
[  339.648185][ T9313] vhci_hcd: disconnect device
[  339.676972][T16556] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  339.689219][T16639] loop1: detected capacity change from 0 to 1024
[  339.690732][T16556] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  339.696080][T16639] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  339.712907][T16556] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  339.721668][T16556] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  339.774186][T16556] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.793407][T16556] 8021q: adding VLAN 0 to HW filter on device team0
[  339.795162][T16642] loop2: detected capacity change from 0 to 8192
[  339.802640][T16644] loop1: detected capacity change from 0 to 512
[  339.810414][ T2751] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.819963][ T2751] bridge0: port 1(bridge_slave_0) entered forwarding state
[  339.831099][ T2751] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.838229][ T2751] bridge0: port 2(bridge_slave_1) entered forwarding state
[  339.850519][T16644] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  339.861355][T16642]  loop2: p1 p2 p3 p4
[  339.862913][T16556] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  339.865350][T16642] loop2: p1 size 108922248 extends beyond EOD, 
[  339.875735][T16556] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  339.875855][   T35] vhci_hcd: vhci_device speed not set
[  339.882009][T16642] truncated
[  339.912801][T16642] loop2: p2 start 861536256 is beyond EOD, truncated
[  339.919619][T16642] loop2: p3 start 851968 is beyond EOD, truncated
[  339.926071][T16642] loop2: p4 size 65536 extends beyond EOD, truncated
[  339.988846][T16556] 8021q: adding VLAN 0 to HW filter on device batadv0
[  340.050951][T16659] loop2: detected capacity change from 0 to 512
[  340.070666][T16659] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  340.167095][T16556] veth0_vlan: entered promiscuous mode
[  340.172864][T16674] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  340.176188][T16556] veth1_vlan: entered promiscuous mode
[  340.179363][T16674] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  340.179482][T16674] vhci_hcd vhci_hcd.0: Device attached
[  340.193638][T16556] veth0_macvtap: entered promiscuous mode
[  340.209815][T16556] veth1_macvtap: entered promiscuous mode
[  340.215901][   T29] audit: type=1326 audit(1720138834.747:3643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16671 comm="syz.0.3654" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0
[  340.231681][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.249494][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.259414][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.270075][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.279983][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.290594][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.300638][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.311220][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.321090][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.331526][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.341337][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.351795][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.361669][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.366858][T16678] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  340.372096][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.378550][T16678] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  340.388388][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.396064][T16678] vhci_hcd vhci_hcd.0: Device attached
[  340.406425][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.421952][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.432614][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.448261][T16556] batman_adv: batadv0: Interface activated: batadv_slave_0
[  340.460736][T16675] vhci_hcd: connection closed
[  340.460761][T16679] vhci_hcd: connection closed
[  340.465668][T10467] vhci_hcd: stop threads
[  340.467211][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.470396][T10467] vhci_hcd: release socket
[  340.474554][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.474565][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.474576][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.474585][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.474596][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.474605][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.485041][T10467] vhci_hcd: disconnect device
[  340.555419][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.565234][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.575676][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.585513][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.595956][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.605758][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.616180][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.616764][T10467] vhci_hcd: stop threads
[  340.626063][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.630326][T10467] vhci_hcd: release socket
[  340.630336][T10467] vhci_hcd: disconnect device
[  340.649892][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.659746][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.670159][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.687430][   T35] vhci_hcd: vhci_device speed not set
[  340.694047][T16556] batman_adv: batadv0: Interface activated: batadv_slave_1
[  340.705506][T16556] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  340.714418][T16556] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  340.723330][T16556] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  340.732228][T16556] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  340.893653][   T29] audit: type=1326 audit(1720138835.427:3644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16687 comm="syz.4.3640" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0
[  340.961913][T16691] __nla_validate_parse: 2 callbacks suppressed
[  340.961927][T16691] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3656'.
[  341.051014][T16700] loop0: detected capacity change from 0 to 512
[  341.191592][T16717] loop3: detected capacity change from 0 to 1024
[  341.198682][T16717] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  341.230015][T16719] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3664'.
[  341.267348][T16722] loop3: detected capacity change from 0 to 512
[  341.274232][T16722] EXT4-fs (loop3): unsupported inode size: 264
[  341.280501][T16722] EXT4-fs (loop3): blocksize: 1024
[  341.360169][   T29] audit: type=1326 audit(1720138835.897:3645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16725 comm="syz.3.3668" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x0
[  341.673810][T16734] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  341.680432][T16734] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  341.688064][T16734] vhci_hcd vhci_hcd.0: Device attached
[  341.695346][T16736] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 1
[  341.702538][ T9291] vhci_hcd: stop threads
[  341.703126][T16734] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  341.706971][ T9291] vhci_hcd: release socket
[  341.713241][T16734] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  341.713382][T16734] vhci_hcd vhci_hcd.0: Device attached
[  341.717775][ T9291] vhci_hcd: disconnect device
[  341.741368][T16738] vhci_hcd: connection closed
[  341.741743][ T9315] vhci_hcd: stop threads
[  341.750950][ T9315] vhci_hcd: release socket
[  341.755359][ T9315] vhci_hcd: disconnect device
[  341.766838][T16743] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:20002
[  341.791494][T16743] SELinux:  Context /sbin/dhclient is not valid (left unmapped).
[  341.799751][   T29] audit: type=1400 audit(1720138836.347:3646): avc:  denied  { relabelto } for  pid=16742 comm="syz.1.3672" name="file0" dev="tmpfs" ino=418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="/sbin/dhclient"
[  341.814427][T16747] loop1: detected capacity change from 0 to 512
[  341.824704][   T29] audit: type=1400 audit(1720138836.347:3647): avc:  denied  { associate } for  pid=16742 comm="syz.1.3672" name="file0" dev="tmpfs" ino=418 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="/sbin/dhclient"
[  341.860161][   T29] audit: type=1400 audit(1720138836.347:3648): avc:  denied  { unlink } for  pid=15755 comm="syz-executor" name="file0" dev="tmpfs" ino=418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="/sbin/dhclient"
[  341.878123][T16747] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  342.044377][T16752] vlan2: entered promiscuous mode
[  342.051780][T16752] syz_tun: entered promiscuous mode
[  342.058655][T16752] team0: Port device vlan2 added
[  342.143549][T16758] loop0: detected capacity change from 0 to 256
[  342.287784][T16761] loop4: detected capacity change from 0 to 512
[  342.296741][T16761] EXT4-fs (loop4): unsupported inode size: 264
[  342.303043][T16761] EXT4-fs (loop4): blocksize: 1024
[  342.348228][T16763] loop0: detected capacity change from 0 to 1024
[  342.492884][   T29] audit: type=1326 audit(1720138837.027:3649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16767 comm="syz.0.3680" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0
[  342.666626][T16776] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3681'.
[  342.692827][T16778] loop3: detected capacity change from 0 to 1024
[  342.699970][T16778] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  342.712594][T16778] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3683'.
[  342.745700][T16787] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  342.752282][T16787] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  342.759916][T16787] vhci_hcd vhci_hcd.0: Device attached
[  342.766840][T16788] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0
[  342.767325][T16787] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  342.777405][ T9291] vhci_hcd: stop threads
[  342.780182][T16787] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  342.784394][ T9291] vhci_hcd: release socket
[  342.796520][ T9291] vhci_hcd: disconnect device
[  342.796598][T16787] vhci_hcd vhci_hcd.0: Device attached
[  342.808192][T16794] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3685'.
[  342.817301][T16790] vhci_hcd: connection closed
[  342.818817][ T9315] vhci_hcd: stop threads
[  342.827815][ T9315] vhci_hcd: release socket
[  342.832229][ T9315] vhci_hcd: disconnect device
[  342.925578][T16804] loop3: detected capacity change from 0 to 128
[  342.940547][T16803] FAULT_INJECTION: forcing a failure.
[  342.940547][T16803] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  342.953643][T16803] CPU: 0 PID: 16803 Comm: syz.3.3689 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  342.963794][T16803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  342.973910][T16803] Call Trace:
[  342.977171][T16803]  <TASK>
[  342.980100][T16803]  dump_stack_lvl+0xf2/0x150
[  342.984732][T16803]  dump_stack+0x15/0x20
[  342.988905][T16803]  should_fail_ex+0x229/0x230
[  342.993662][T16803]  should_fail+0xb/0x10
[  342.997913][T16803]  should_fail_usercopy+0x1a/0x20
[  343.002989][T16803]  _copy_from_iter+0xd3/0xb00
[  343.007702][T16803]  ? kmalloc_reserve+0x16e/0x190
[  343.012652][T16803]  ? __build_skb_around+0x196/0x1f0
[  343.018281][T16803]  ? __alloc_skb+0x217/0x300
[  343.022856][T16803]  ? __virt_addr_valid+0x1dd/0x240
[  343.027982][T16803]  ? __check_object_size+0x35b/0x510
[  343.033297][T16803]  netlink_sendmsg+0x460/0x6e0
[  343.038056][T16803]  ? __pfx_netlink_sendmsg+0x10/0x10
[  343.043790][T16803]  __sock_sendmsg+0x140/0x180
[  343.048589][T16803]  ____sys_sendmsg+0x312/0x410
[  343.053339][T16803]  __sys_sendmsg+0x1e9/0x280
[  343.057966][T16803]  __x64_sys_sendmsg+0x46/0x50
[  343.062731][T16803]  x64_sys_call+0xb25/0x2d70
[  343.067374][T16803]  do_syscall_64+0xc9/0x1c0
[  343.071885][T16803]  ? clear_bhb_loop+0x55/0xb0
[  343.076546][T16803]  ? clear_bhb_loop+0x55/0xb0
[  343.081205][T16803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.087080][T16803] RIP: 0033:0x7fa815826bd9
[  343.091472][T16803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.111067][T16803] RSP: 002b:00007fa814aa8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  343.119516][T16803] RAX: ffffffffffffffda RBX: 00007fa8159b4f60 RCX: 00007fa815826bd9
[  343.127568][T16803] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000008
[  343.135520][T16803] RBP: 00007fa814aa80a0 R08: 0000000000000000 R09: 0000000000000000
[  343.143549][T16803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  343.151555][T16803] R13: 000000000000000b R14: 00007fa8159b4f60 R15: 00007ffe239f7648
[  343.159583][T16803]  </TASK>
[  343.259770][   T29] audit: type=1326 audit(1720138837.797:3650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16807 comm="syz.3.3691" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x0
[  343.299502][T16810] loop0: detected capacity change from 0 to 512
[  343.343215][   T29] audit: type=1400 audit(1720138837.877:3651): avc:  denied  { setopt } for  pid=16811 comm="syz.1.3693" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  343.367447][T16812] loop1: detected capacity change from 0 to 1024
[  343.375088][T16812] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  343.385501][T16812] JBD2: no valid journal superblock found
[  343.391317][T16812] EXT4-fs (loop1): Could not load journal inode
[  343.460617][T16812] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3693'.
[  343.472517][T16812] syzkaller1: entered promiscuous mode
[  343.476535][T16810] loop0: detected capacity change from 0 to 256
[  343.478010][T16812] syzkaller1: entered allmulticast mode
[  343.556932][T16820] loop0: detected capacity change from 0 to 512
[  343.618879][T16822] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3695'.
[  343.641397][T16824] loop0: detected capacity change from 0 to 1024
[  343.695760][T16831] loop0: detected capacity change from 0 to 512
[  343.796132][T16842] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  343.802767][T16842] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  343.810368][T16842] vhci_hcd vhci_hcd.0: Device attached
[  343.819437][T16843] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 1
[  343.828397][T10464] vhci_hcd: stop threads
[  343.830437][T16842] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  343.832708][T10464] vhci_hcd: release socket
[  343.843628][T16842] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  343.851454][T10464] vhci_hcd: disconnect device
[  343.851499][T16842] vhci_hcd vhci_hcd.0: Device attached
[  343.867055][T16845] vhci_hcd: connection closed
[  343.867252][T10464] vhci_hcd: stop threads
[  343.876224][T10464] vhci_hcd: release socket
[  343.880860][T10464] vhci_hcd: disconnect device
[  344.298420][   T29] audit: type=1326 audit(1720138838.837:3652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16847 comm="syz.1.3704" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x0
[  344.409543][T16855] loop4: detected capacity change from 0 to 512
[  344.428144][T16855] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  344.528779][T16861] loop2: detected capacity change from 0 to 8192
[  344.541178][T16864] loop3: detected capacity change from 0 to 512
[  344.548309][T16864] EXT4-fs (loop3): unsupported inode size: 264
[  344.554515][T16864] EXT4-fs (loop3): blocksize: 1024
[  344.560242][T16861]  loop2: p1 p2 p3 p4
[  344.565918][T16861] loop2: p1 size 108922248 extends beyond EOD, truncated
[  344.573574][T16861] loop2: p2 start 861536256 is beyond EOD, truncated
[  344.573935][T16868] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3708'.
[  344.580302][T16861] loop2: p3 start 851968 is beyond EOD, truncated
[  344.595566][T16861] loop2: p4 size 65536 extends beyond EOD, truncated
[  344.615618][T16870] loop4: detected capacity change from 0 to 1024
[  344.622668][T16870] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  344.701090][T16883] FAULT_INJECTION: forcing a failure.
[  344.701090][T16883] name failslab, interval 1, probability 0, space 0, times 0
[  344.713761][T16883] CPU: 1 PID: 16883 Comm: syz.3.3712 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  344.723955][T16883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  344.733996][T16883] Call Trace:
[  344.737319][T16883]  <TASK>
[  344.740234][T16883]  dump_stack_lvl+0xf2/0x150
[  344.744825][T16883]  dump_stack+0x15/0x20
[  344.749002][T16883]  should_fail_ex+0x229/0x230
[  344.753739][T16883]  ? usb_control_msg+0x59/0x240
[  344.758680][T16883]  __should_failslab+0x92/0xa0
[  344.763449][T16883]  should_failslab+0x9/0x20
[  344.767983][T16883]  kmalloc_trace_noprof+0x4b/0x2a0
[  344.773162][T16883]  usb_control_msg+0x59/0x240
[  344.777838][T16883]  hub_ext_port_status+0xbf/0x480
[  344.782855][T16883]  hub_activate+0x4c8/0xf30
[  344.787374][T16883]  hub_resume+0x48/0x1e0
[  344.791612][T16883]  ? mutex_lock+0xd/0x40
[  344.795925][T16883]  usb_resume_both+0x3ed/0x5b0
[  344.800682][T16883]  ? __pfx_usb_runtime_resume+0x10/0x10
[  344.806218][T16883]  usb_runtime_resume+0x21/0x30
[  344.811082][T16883]  __rpm_callback+0x299/0x720
[  344.815790][T16883]  ? __pfx_usb_runtime_resume+0x10/0x10
[  344.821329][T16883]  rpm_resume+0x8e6/0xd00
[  344.825733][T16883]  ? klist_dec_and_del+0xb7/0x270
[  344.830796][T16883]  __pm_runtime_resume+0xdc/0x100
[  344.835814][T16883]  usb_autoresume_device+0x25/0xd0
[  344.840922][T16883]  usbdev_open+0xfe/0x480
[  344.845308][T16883]  ? selinux_file_open+0x34c/0x3b0
[  344.850404][T16883]  chrdev_open+0x323/0x3a0
[  344.854865][T16883]  ? __pfx_chrdev_open+0x10/0x10
[  344.859794][T16883]  do_dentry_open+0x647/0xa60
[  344.864494][T16883]  vfs_open+0x3b/0x1f0
[  344.868628][T16883]  path_openat+0x1ad9/0x1fa0
[  344.873213][T16883]  ? _parse_integer+0x27/0x30
[  344.877882][T16883]  ? kstrtoull+0x110/0x140
[  344.882286][T16883]  do_filp_open+0xf7/0x200
[  344.886737][T16883]  do_sys_openat2+0xab/0x120
[  344.891314][T16883]  __x64_sys_openat+0xf3/0x120
[  344.896065][T16883]  x64_sys_call+0x1057/0x2d70
[  344.900784][T16883]  do_syscall_64+0xc9/0x1c0
[  344.905329][T16883]  ? clear_bhb_loop+0x55/0xb0
[  344.909996][T16883]  ? clear_bhb_loop+0x55/0xb0
[  344.914661][T16883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.920543][T16883] RIP: 0033:0x7fa815825610
[  344.924970][T16883] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 79 8d 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 cc 8d 02 00 8b 44
[  344.944586][T16883] RSP: 002b:00007fa814a86b80 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  344.952984][T16883] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa815825610
[  344.961004][T16883] RDX: 0000000000000000 RSI: 00007fa814a86c20 RDI: 00000000ffffff9c
[  344.969032][T16883] RBP: 00007fa814a86c20 R08: 0000000000000000 R09: 0000000000000000
[  344.976986][T16883] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  344.985016][T16883] R13: 000000000000006e R14: 00007fa8159b5038 R15: 00007ffe239f7648
[  344.992999][T16883]  </TASK>
[  344.996360][T16883] hub 7-0:1.0: hub_ext_port_status failed (err = -12)
[  345.000885][T16888] loop0: detected capacity change from 0 to 128
[  345.021022][T16890] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3716'.
[  345.060541][T16888] loop0: detected capacity change from 0 to 512
[  345.113434][T16894] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  345.120053][T16894] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  345.127662][T16894] vhci_hcd vhci_hcd.0: Device attached
[  345.134630][T16895] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0
[  345.135337][T16894] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  345.141838][ T9313] vhci_hcd: stop threads
[  345.147950][T16894] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  345.148125][T16894] vhci_hcd vhci_hcd.0: Device attached
[  345.152192][ T9313] vhci_hcd: release socket
[  345.152200][ T9313] vhci_hcd: disconnect device
[  345.174674][T16897] vhci_hcd: connection closed
[  345.175026][ T9313] vhci_hcd: stop threads
[  345.184064][ T9313] vhci_hcd: release socket
[  345.188541][ T9313] vhci_hcd: disconnect device
[  345.495588][T16904] loop3: detected capacity change from 0 to 512
[  345.508136][T16904] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.560213][T16908] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3720'.
[  345.630536][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  345.630549][   T29] audit: type=1326 audit(1720138840.167:3654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16912 comm="syz.0.3722" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0
[  345.704589][T16920] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  345.711177][T16920] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  345.718760][T16916] wireguard0: entered promiscuous mode
[  345.718949][T16920] vhci_hcd vhci_hcd.0: Device attached
[  345.724220][T16916] wireguard0: entered allmulticast mode
[  345.790185][T16921] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 0
[  345.797699][ T9313] vhci_hcd: stop threads
[  345.801965][ T9313] vhci_hcd: release socket
[  345.806385][ T9313] vhci_hcd: disconnect device
[  346.016168][   T29] audit: type=1326 audit(1720138840.547:3655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16935 comm="syz.2.3728" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f17df46bbd9 code=0x0
[  346.033276][T16934] loop1: detected capacity change from 0 to 8192
[  346.047569][T16934]  loop1: p1 p2 p3 p4
[  346.051839][T16934] loop1: p1 size 108922248 extends beyond EOD, truncated
[  346.059405][T16934] loop1: p2 start 861536256 is beyond EOD, truncated
[  346.066126][T16934] loop1: p3 start 851968 is beyond EOD, truncated
[  346.072700][T16934] loop1: p4 size 65536 extends beyond EOD, truncated
[  346.141356][T16943] ALSA: seq fatal error: cannot create timer (-22)
[  346.159821][   T29] audit: type=1326 audit(1720138840.697:3656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="syz.4.3730" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0
[  346.481147][T16952] loop0: detected capacity change from 0 to 512
[  346.633682][T16952] loop0: detected capacity change from 0 to 256
[  346.691486][T16963] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  346.697989][T16963] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  346.705627][T16963] vhci_hcd vhci_hcd.0: Device attached
[  346.712804][T16964] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 2
[  346.720304][T10467] vhci_hcd: stop threads
[  346.724598][T10467] vhci_hcd: release socket
[  346.729021][T10467] vhci_hcd: disconnect device
[  346.878980][T16967] wireguard0: entered promiscuous mode
[  346.884466][T16967] wireguard0: entered allmulticast mode
[  347.005894][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.020191][   T29] audit: type=1326 audit(1720138841.557:3657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16972 comm="syz.4.3738" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0
[  347.125340][T16975] loop2: detected capacity change from 0 to 8192
[  347.168063][T16975]  loop2: p1 p2 p4 < >
[  347.172321][T16975] loop2: partition table partially beyond EOD, truncated
[  347.179612][T16975] loop2: p1 size 108986237 extends beyond EOD, truncated
[  347.188091][T16975] loop2: p2 start 65535 is beyond EOD, truncated
[  347.194610][T16975] loop2: p4 start 50331648 is beyond EOD, truncated
[  347.204277][T16975] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3739'.
[  347.226418][T16982] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3740'.
[  347.258927][T16975] team0: Port device team_slave_0 removed
[  347.329336][   T29] audit: type=1326 audit(1720138841.867:3658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16985 comm="syz.0.3743" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0
[  347.394107][T16990] loop2: detected capacity change from 0 to 8192
[  347.436215][   T29] audit: type=1326 audit(1720138841.967:3659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16995 comm="syz.1.3746" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x0
[  347.460847][T16990]  loop2: p1 p2 p3 p4
[  347.464864][T16990] loop2: p1 size 108922248 extends beyond EOD, truncated
[  347.473005][T16990] loop2: p2 start 861536256 is beyond EOD, truncated
[  347.479871][T16990] loop2: p3 start 851968 is beyond EOD, truncated
[  347.486298][T16990] loop2: p4 size 65536 extends beyond EOD, truncated
[  347.854604][T17009] loop4: detected capacity change from 0 to 512
[  347.862904][T17009] EXT4-fs (loop4): unsupported inode size: 264
[  347.869077][T17009] EXT4-fs (loop4): blocksize: 1024
[  347.898455][   T29] audit: type=1326 audit(1720138842.437:3660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17008 comm="syz.4.3747" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0
[  348.186088][T17012] wireguard0: entered promiscuous mode
[  348.191757][T17012] wireguard0: entered allmulticast mode
[  348.238330][T17018] FAULT_INJECTION: forcing a failure.
[  348.238330][T17018] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.251418][T17018] CPU: 0 PID: 17018 Comm: syz.2.3750 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  348.261607][T17018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  348.271669][T17018] Call Trace:
[  348.274932][T17018]  <TASK>
[  348.277840][T17018]  dump_stack_lvl+0xf2/0x150
[  348.282512][T17018]  dump_stack+0x15/0x20
[  348.286782][T17018]  should_fail_ex+0x229/0x230
[  348.291449][T17018]  should_fail+0xb/0x10
[  348.295588][T17018]  should_fail_usercopy+0x1a/0x20
[  348.300656][T17018]  _copy_from_user+0x1e/0xd0
[  348.305415][T17018]  copy_msghdr_from_user+0x54/0x2a0
[  348.310604][T17018]  __sys_sendmsg+0x17d/0x280
[  348.315190][T17018]  __x64_sys_sendmsg+0x46/0x50
[  348.319946][T17018]  x64_sys_call+0xb25/0x2d70
[  348.324598][T17018]  do_syscall_64+0xc9/0x1c0
[  348.329135][T17018]  ? clear_bhb_loop+0x55/0xb0
[  348.333846][T17018]  ? clear_bhb_loop+0x55/0xb0
[  348.338543][T17018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.344469][T17018] RIP: 0033:0x7f17df46bbd9
[  348.348878][T17018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.368495][T17018] RSP: 002b:00007f17de6ed048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  348.376905][T17018] RAX: ffffffffffffffda RBX: 00007f17df5f9f60 RCX: 00007f17df46bbd9
[  348.384852][T17018] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004
[  348.392803][T17018] RBP: 00007f17de6ed0a0 R08: 0000000000000000 R09: 0000000000000000
[  348.400835][T17018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.408789][T17018] R13: 000000000000000b R14: 00007f17df5f9f60 R15: 00007ffe137f6628
[  348.416781][T17018]  </TASK>
[  348.430816][T17020] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  348.437324][T17020] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  348.445044][T17020] vhci_hcd vhci_hcd.0: Device attached
[  348.458514][T17021] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 0
[  348.465715][T10467] vhci_hcd: stop threads
[  348.469995][T10467] vhci_hcd: release socket
[  348.470389][T17024] loop1: detected capacity change from 0 to 1024
[  348.474408][T10467] vhci_hcd: disconnect device
[  348.485794][T17024] EXT4-fs: Ignoring removed nobh option
[  348.491369][T17024] EXT4-fs: Ignoring removed orlov option
[  348.542204][T17026] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3753'.
[  348.563214][T17034] loop0: detected capacity change from 0 to 512
[  348.632255][T17034] loop0: detected capacity change from 0 to 1024
[  348.730089][   T29] audit: type=1326 audit(1720138843.267:3661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17045 comm="syz.4.3758" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0
[  348.797964][T17053] loop0: detected capacity change from 0 to 8192
[  348.837005][T17053]  loop0: p1 p2 p3 p4
[  348.841004][T17053] loop0: p1 size 108922248 extends beyond EOD, truncated
[  348.848535][T17053] loop0: p2 start 861536256 is beyond EOD, truncated
[  348.855206][T17053] loop0: p3 start 851968 is beyond EOD, truncated
[  348.861643][T17053] loop0: p4 size 65536 extends beyond EOD, truncated
[  349.029070][T17062] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3761'.
[  349.335616][T17064] ALSA: seq fatal error: cannot create timer (-22)
[  349.364901][T17070] wireguard0: entered promiscuous mode
[  349.370461][T17070] wireguard0: entered allmulticast mode
[  349.394342][   T29] audit: type=1326 audit(1720138843.927:3662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17073 comm="syz.1.3765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x7ffc0000
[  349.419110][   T29] audit: type=1326 audit(1720138843.927:3663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17073 comm="syz.1.3765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x7ffc0000
[  349.436027][T17074] loop1: detected capacity change from 0 to 8192
[  349.487222][T17074]  loop1: p1 < > p2 < p5 > p4
[  349.493007][T17074] loop1: p4 size 16776960 extends beyond EOD, truncated
[  349.500368][T17074] loop1: p5 size 16776960 extends beyond EOD, truncated
[  349.537199][T17078] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3766'.
[  349.614293][T17089] ALSA: seq fatal error: cannot create timer (-22)
[  349.626165][T17093] loop1: detected capacity change from 0 to 1024
[  349.635315][T17093] EXT4-fs: Ignoring removed nobh option
[  349.640991][T17093] EXT4-fs: Ignoring removed orlov option
[  349.656303][T17091] loop0: detected capacity change from 0 to 512
[  349.871331][T17109] loop2: detected capacity change from 0 to 512
[  349.888413][T17109] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  349.909161][T17111] loop4: detected capacity change from 0 to 1024
[  350.032020][T17118] loop4: detected capacity change from 0 to 8192
[  350.085179][T17121] loop2: detected capacity change from 0 to 8192
[  350.106886][T17118]  loop4: p1 p2 p3 p4
[  350.110954][T17118] loop4: p1 size 108922248 extends beyond EOD, truncated
[  350.118455][T17118] loop4: p2 start 861536256 is beyond EOD, truncated
[  350.125214][T17118] loop4: p3 start 851968 is beyond EOD, truncated
[  350.127392][T17121]  loop2: p1 < > p2 < p5 > p4
[  350.131700][T17118] loop4: p4 size 65536 extends beyond EOD, truncated
[  350.138929][T17121] loop2: p4 size 16776960 extends beyond EOD, truncated
[  350.150536][T17121] loop2: p5 size 16776960 extends beyond EOD, truncated
[  350.460299][T15755] EXT4-fs unmount: 33 callbacks suppressed
[  350.460316][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.516288][T17142] loop1: detected capacity change from 0 to 256
[  350.580045][T17144] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3785'.
[  351.078342][T17147] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3786'.
[  351.092632][T17147] loop0: detected capacity change from 0 to 512
[  351.099331][T17147] EXT4-fs: Ignoring removed mblk_io_submit option
[  351.148984][T17155] loop0: detected capacity change from 0 to 512
[  351.190042][T17156] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3788'.
[  351.295115][T17160] ipip0: entered promiscuous mode
[  351.337791][T17162] loop0: detected capacity change from 0 to 8192
[  351.376888][T17162]  loop0: p1 p2 p3 p4
[  351.380987][T17162] loop0: p1 size 108922248 extends beyond EOD, truncated
[  351.390173][T17162] loop0: p2 start 861536256 is beyond EOD, truncated
[  351.396915][T17162] loop0: p3 start 851968 is beyond EOD, truncated
[  351.403389][T17162] loop0: p4 size 65536 extends beyond EOD, truncated
[  351.436140][T17166] loop1: detected capacity change from 0 to 1024
[  351.443019][T17166] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  351.453664][T17166] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.477422][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.530412][   T29] kauditd_printk_skb: 148 callbacks suppressed
[  351.530427][   T29] audit: type=1326 audit(1720138846.067:3812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17172 comm="syz.0.3797" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0
[  351.551328][T17175] loop1: detected capacity change from 0 to 1024
[  351.566483][T17175] EXT4-fs: Ignoring removed nobh option
[  351.572174][T17175] EXT4-fs: Ignoring removed orlov option
[  351.588536][T17175] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.629315][T17183] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3799'.
[  351.643159][T17183] loop2: detected capacity change from 0 to 512
[  351.649970][T17183] EXT4-fs: Ignoring removed mblk_io_submit option
[  351.656594][T17183] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  351.669555][T17183] EXT4-fs (loop2): 1 truncate cleaned up
[  351.675409][T17183] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.690512][T17183] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3799'.
[  351.722265][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.775758][T17192] loop2: detected capacity change from 0 to 512
[  351.782391][T17192] EXT4-fs: Ignoring removed mblk_io_submit option
[  351.789252][T17192] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  351.800387][T17192] EXT4-fs (loop2): 1 truncate cleaned up
[  351.806385][T17192] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.843329][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.894331][T17195] loop2: detected capacity change from 0 to 512
[  351.908285][T17195] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.920793][T17195] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  352.004985][T17200] ipip0: entered promiscuous mode
[  352.046477][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.072649][T17205] loop4: detected capacity change from 0 to 8192
[  352.105705][T17207] loop2: detected capacity change from 0 to 1024
[  352.112743][T17207] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  352.121602][T17205]  loop4: p1 p2 p3 p4
[  352.123288][T17207] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.125676][T17205] loop4: p1 size 108922248 extends beyond EOD, truncated
[  352.145621][T17205] loop4: p2 start 861536256 is beyond EOD, truncated
[  352.152333][T17205] loop4: p3 start 851968 is beyond EOD, truncated
[  352.158849][T17205] loop4: p4 size 65536 extends beyond EOD, truncated
[  352.166319][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.268959][T17212] __nla_validate_parse: 1 callbacks suppressed
[  352.268969][T17212] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3806'.
[  352.383832][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.464733][T17232] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3814'.
[  352.484695][T17232] loop0: detected capacity change from 0 to 128
[  352.508168][T17236] loop4: detected capacity change from 0 to 1024
[  352.522039][T17236] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  352.534773][T17236] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.644481][T16556] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.670611][T17238] loop1: detected capacity change from 0 to 8192
[  352.759230][T17238]  loop1: p1 p2 p3 p4
[  352.768530][T17238] loop1: p1 size 108922248 extends beyond EOD, truncated
[  352.814285][T17238] loop1: p2 start 861536256 is beyond EOD, truncated
[  352.821011][T17238] loop1: p3 start 851968 is beyond EOD, truncated
[  352.827471][T17238] loop1: p4 size 65536 extends beyond EOD, truncated
[  352.879362][   T29] audit: type=1326 audit(1720138847.397:3813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17246 comm="syz.4.3819" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0
[  353.037984][T17257] loop1: detected capacity change from 0 to 1024
[  353.044830][T17257] EXT4-fs: Ignoring removed nobh option
[  353.050502][T17257] EXT4-fs: Ignoring removed orlov option
[  353.086458][T17257] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.146919][T17267] netlink: 88 bytes leftover after parsing attributes in process `syz.3.3825'.
[  353.156015][T17267] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3825'.
[  353.317334][T17275] ALSA: seq fatal error: cannot create timer (-22)
[  353.388208][T17276] FAULT_INJECTION: forcing a failure.
[  353.388208][T17276] name failslab, interval 1, probability 0, space 0, times 0
[  353.400890][T17276] CPU: 0 PID: 17276 Comm: syz.2.3827 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  353.411075][T17276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  353.421123][T17276] Call Trace:
[  353.424435][T17276]  <TASK>
[  353.427363][T17276]  dump_stack_lvl+0xf2/0x150
[  353.432000][T17276]  dump_stack+0x15/0x20
[  353.436152][T17276]  should_fail_ex+0x229/0x230
[  353.440923][T17276]  ? wakeup_source_sysfs_add+0x37/0x1a0
[  353.446467][T17276]  __should_failslab+0x92/0xa0
[  353.451333][T17276]  should_failslab+0x9/0x20
[  353.455906][T17276]  kmalloc_trace_noprof+0x4b/0x2a0
[  353.461022][T17276]  wakeup_source_sysfs_add+0x37/0x1a0
[  353.466394][T17276]  wakeup_source_register+0x106/0x250
[  353.471762][T17276]  ep_insert+0x7da/0xd20
[  353.476037][T17276]  do_epoll_ctl+0x628/0x950
[  353.480581][T17276]  __x64_sys_epoll_ctl+0xc6/0xf0
[  353.485515][T17276]  x64_sys_call+0x1304/0x2d70
[  353.490199][T17276]  do_syscall_64+0xc9/0x1c0
[  353.494733][T17276]  ? clear_bhb_loop+0x55/0xb0
[  353.499425][T17276]  ? clear_bhb_loop+0x55/0xb0
[  353.504098][T17276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.510079][T17276] RIP: 0033:0x7f17df46bbd9
[  353.514485][T17276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.534089][T17276] RSP: 002b:00007f17de6ab048 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  353.542491][T17276] RAX: ffffffffffffffda RBX: 00007f17df5fa110 RCX: 00007f17df46bbd9
[  353.550456][T17276] RDX: 000000000000000a RSI: 0000000000000001 RDI: 000000000000000b
[  353.558421][T17276] RBP: 00007f17de6ab0a0 R08: 0000000000000000 R09: 0000000000000000
[  353.566472][T17276] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000001
[  353.574437][T17276] R13: 000000000000006e R14: 00007f17df5fa110 R15: 00007ffe137f6628
[  353.582494][T17276]  </TASK>
[  353.610765][T17279] loop3: detected capacity change from 0 to 1024
[  353.621450][T17279] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  353.632643][T17279] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.654029][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.736714][T17287] loop3: detected capacity change from 0 to 8192
[  353.761114][T17291] team0: mtu less than device minimum
[  353.766928][T17287]  loop3: p1 p2 p3 p4
[  353.771057][T17287] loop3: p1 size 108922248 extends beyond EOD, truncated
[  353.779112][T17287] loop3: p2 start 861536256 is beyond EOD, truncated
[  353.781396][T17291] loop4: detected capacity change from 0 to 256
[  353.785798][T17287] loop3: p3 start 851968 is beyond EOD, truncated
[  353.785816][T17287] loop3: p4 size 65536 extends beyond EOD, truncated
[  353.868007][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.875089][T17297] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3838'.
[  353.897980][T17299] loop4: detected capacity change from 0 to 1024
[  353.904751][T17299] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  353.923413][T17301] ALSA: seq fatal error: cannot create timer (-22)
[  353.933485][T17303] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  353.940009][T17303] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  353.947673][T17303] vhci_hcd vhci_hcd.0: Device attached
[  353.959401][T17307] loop3: detected capacity change from 0 to 512
[  353.966392][T17307] EXT4-fs (loop3): unsupported inode size: 264
[  353.968611][T17304] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0
[  353.972596][T17307] EXT4-fs (loop3): blocksize: 1024
[  353.988135][ T9315] vhci_hcd: stop threads
[  353.992385][ T9315] vhci_hcd: release socket
[  353.996906][ T9315] vhci_hcd: disconnect device
[  354.003921][T17303] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  354.010437][T17303] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  354.018217][T17303] vhci_hcd vhci_hcd.0: Device attached
[  354.025588][   T29] audit: type=1326 audit(1720138848.557:3814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17309 comm="syz.4.3842" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0
[  354.075347][   T29] audit: type=1326 audit(1720138848.597:3815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000
[  354.098866][   T29] audit: type=1326 audit(1720138848.597:3816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000
[  354.111362][T17308] vhci_hcd: connection closed
[  354.122355][   T29] audit: type=1326 audit(1720138848.597:3817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000
[  354.128648][ T9291] vhci_hcd: stop threads
[  354.150496][   T29] audit: type=1326 audit(1720138848.597:3818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000
[  354.150536][   T29] audit: type=1326 audit(1720138848.597:3819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa815825610 code=0x7ffc0000
[  354.150625][   T29] audit: type=1326 audit(1720138848.597:3820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000
[  354.150651][   T29] audit: type=1326 audit(1720138848.597:3821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000
[  354.250589][ T9291] vhci_hcd: release socket
[  354.255500][ T9291] vhci_hcd: disconnect device
[  354.310179][T17324] loop2: detected capacity change from 0 to 8192
[  354.347247][T17324]  loop2: p1 p2 p3 p4
[  354.351267][T17324] loop2: p1 size 108922248 extends beyond EOD, truncated
[  354.358695][T17324] loop2: p2 start 861536256 is beyond EOD, truncated
[  354.365506][T17324] loop2: p3 start 851968 is beyond EOD, truncated
[  354.372036][T17324] loop2: p4 size 65536 extends beyond EOD, truncated
[  354.454291][T17329] team0: mtu less than device minimum
[  354.462807][T17329] loop2: detected capacity change from 0 to 256
[  354.547236][T17333] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:f02:0:5efe:150.125.240.108, load rds_tcp or rds_rdma?
[  354.627565][T17337] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3851'.
[  354.647410][T17343] ALSA: seq fatal error: cannot create timer (-22)
[  354.734761][T17348] loop2: detected capacity change from 0 to 512
[  354.741932][T17348] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  354.752859][T17348] EXT4-fs (loop2): 1 truncate cleaned up
[  354.758797][T17348] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  354.800805][T17351] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3855'.
[  354.817441][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.863793][T17354] netlink: 'syz.4.3858': attribute type 2 has an invalid length.
[  354.874823][T17357] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3856'.
[  354.903648][T17356] loop1: detected capacity change from 0 to 8192
[  354.912077][T17359] loop2: detected capacity change from 0 to 1024
[  354.920978][T17359] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  354.939010][T17356]  loop1: p1 p2 p3 p4
[  354.943073][T17356] loop1: p1 size 108922248 extends beyond EOD, truncated
[  354.950656][T17356] loop1: p2 start 861536256 is beyond EOD, truncated
[  354.957378][T17356] loop1: p3 start 851968 is beyond EOD, truncated
[  354.963791][T17356] loop1: p4 size 65536 extends beyond EOD, truncated
[  355.028136][T17363] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3862'.
[  355.065364][T17371] ALSA: seq fatal error: cannot create timer (-22)
[  355.081638][T17373] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3864'.
[  355.102461][T17375] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  355.108984][T17375] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  355.116729][T17375] vhci_hcd vhci_hcd.0: Device attached
[  355.125293][T17379] loop2: detected capacity change from 0 to 512
[  355.131976][T17376] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0
[  355.139106][T17379] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  355.160636][T17375] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  355.161113][T17379] EXT4-fs (loop2): 1 truncate cleaned up
[  355.167187][T17375] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  355.167267][T17375] vhci_hcd vhci_hcd.0: Device attached
[  355.173232][T17379] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.180811][ T9315] vhci_hcd: stop threads
[  355.202328][ T9315] vhci_hcd: release socket
[  355.206777][ T9315] vhci_hcd: disconnect device
[  355.214792][T17380] vhci_hcd: connection closed
[  355.219441][ T9315] vhci_hcd: stop threads
[  355.228558][ T9315] vhci_hcd: release socket
[  355.233117][ T9315] vhci_hcd: disconnect device
[  355.238409][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.412377][T17395] loop2: detected capacity change from 0 to 8192
[  355.448464][T17395]  loop2: p1 p2 p3 p4
[  355.452600][T17395] loop2: p1 size 108922248 extends beyond EOD, truncated
[  355.457441][T17402] loop4: detected capacity change from 0 to 2048
[  355.460494][T17395] loop2: p2 start 861536256 is beyond EOD, truncated
[  355.466223][T17402] EXT4-fs: Ignoring removed nomblk_io_submit option
[  355.472691][T17395] loop2: p3 start 851968 is beyond EOD, truncated
[  355.472708][T17395] loop2: p4 size 65536 extends beyond EOD, truncated
[  355.498267][T17402] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.515736][T17402] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.3873: bg 0: block 2: invalid block bitmap
[  355.530766][T17402] EXT4-fs (loop4): Remounting filesystem read-only
[  355.546047][T17402] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[  355.557691][T17402] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[  355.566584][T17402] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[  355.576556][T17402] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[  355.811841][T17409] ALSA: seq fatal error: cannot create timer (-22)
[  355.900643][T16556] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.911009][T16556] ==================================================================
[  355.919100][T16556] BUG: KCSAN: data-race in __lru_add_drain_all / folio_add_lru_vma
[  355.926975][T16556] 
[  355.929277][T16556] read-write to 0xffff888237d2ac08 of 1 bytes by task 17416 on cpu 1:
[  355.937401][T16556]  folio_add_lru_vma+0x74/0x170
[  355.942228][T16556]  handle_mm_fault+0x2411/0x2a80
[  355.947155][T16556]  exc_page_fault+0x3b9/0x650
[  355.951823][T16556]  asm_exc_page_fault+0x26/0x30
[  355.956660][T16556] 
[  355.958963][T16556] read to 0xffff888237d2ac08 of 1 bytes by task 16556 on cpu 0:
[  355.966572][T16556]  __lru_add_drain_all+0x12c/0x410
[  355.971676][T16556]  lru_add_drain_all+0x10/0x20
[  355.976425][T16556]  invalidate_bdev+0x47/0x70
[  355.981003][T16556]  ext4_put_super+0x51b/0x7e0
[  355.985674][T16556]  generic_shutdown_super+0xde/0x210
[  355.990943][T16556]  kill_block_super+0x2a/0x70
[  355.995604][T16556]  ext4_kill_sb+0x44/0x80
[  355.999921][T16556]  deactivate_locked_super+0x7d/0x1c0
[  356.005277][T16556]  deactivate_super+0x9f/0xb0
[  356.009934][T16556]  cleanup_mnt+0x268/0x2e0
[  356.014338][T16556]  __cleanup_mnt+0x19/0x20
[  356.018739][T16556]  task_work_run+0x13a/0x1a0
[  356.023318][T16556]  syscall_exit_to_user_mode+0xbe/0x130
[  356.028849][T16556]  do_syscall_64+0xd6/0x1c0
[  356.033338][T16556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.039238][T16556] 
[  356.041541][T16556] value changed: 0x0f -> 0x10
[  356.046204][T16556] 
[  356.048515][T16556] Reported by Kernel Concurrency Sanitizer on:
[  356.054652][T16556] CPU: 0 PID: 16556 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0
[  356.065062][T16556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  356.075104][T16556] ==================================================================
[  356.131577][T17420] loop4: detected capacity change from 0 to 512
[  356.138401][T17420] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  356.153505][T17420] EXT4-fs (loop4): 1 truncate cleaned up
[  356.160119][T17420] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  356.177534][T16556] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.