last executing test programs:

3.313689209s ago: executing program 0 (id=820):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
poll(&(0x7f0000000180)=[{r0, 0x3}], 0x1, 0xe37e) (async)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x18, 0x0, 0x0, 0x2000}, 0x48) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) (async)
epoll_create1(0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
close(r3)
socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4) (async)
r4 = syz_io_uring_setup(0x6928, &(0x7f0000000300)={0x0, 0x2, 0x2628, 0xfffffffd}, &(0x7f0000000180), &(0x7f0000000100)=<r5=>0x0)
syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000240))
syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) (async)
io_uring_enter(r4, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000080)={0xe0028008})
r7 = socket$inet6(0xa, 0x6, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x2000000, 0x10010, r2, 0x0) (async)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) (async)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x10) (async)
listen(r7, 0x80080400)
r8 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r8, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0) (async)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r10, &(0x7f0000000100), 0xfecc) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r10, 0x0) (async)
ioctl$int_in(r9, 0x5452, &(0x7f0000000100)) (async)
getsockopt$inet_int(r8, 0x10d, 0xe4, &(0x7f0000000080), &(0x7f00000000c0)=0x4) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000030000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000000200)='GPL\x00', 0xb, 0x1003, &(0x7f0000001e40)=""/4099}, 0x90)

3.276457852s ago: executing program 0 (id=821):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000001f0900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DREG={0x8}, @NFTA_IMMEDIATE_DATA={0x1c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}, 0x1, 0x0, 0x1600}, 0x0)

3.205287408s ago: executing program 0 (id=823):
r0 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000029000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$int_in(r1, 0x0, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r1, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r2}], 0x1, 0x0, &(0x7f0000000080)={[0x8001a0ffffffff]}, 0x8)
dup2(r1, r2)
fcntl$setown(r2, 0x8, r0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r3, 0xffffc000)
tkill(r0, 0x13)

998.122408ms ago: executing program 4 (id=860):
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x2882c0, 0x0)
syz_open_pts(r0, 0x80000)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000140)={0xc})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfffffd9d)
sendfile(r1, r2, 0x0, 0x8000002b)

325.309544ms ago: executing program 4 (id=875):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x4}, 0x10)
close(r0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x480, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

308.724235ms ago: executing program 1 (id=876):
socket(0x10, 0x3, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002e00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0300efffffffffffffff070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021840000000c0a0101000000000000d955070000000900020073797a31000000000900010073797a30000000005800038054000080080003400000000248000b80340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000009"], 0x108}}, 0x0)

306.921445ms ago: executing program 4 (id=878):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000140)={'wg0\x00', <r1=>0x0})
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$ARPT_SO_GET_INFO(r2, 0x0, 0x60, &(0x7f0000000180)={'filter\x00', 0x0, [0x6, 0x10001, 0x80]}, &(0x7f0000000080)=0x44)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[@ANYBLOB="500000006800010000000000000000000006000700050000000800050000000000000000", @ANYRES32=r1, @ANYBLOB="28000880240001000200000000000000000004000000000000000000000000000000000000000001"], 0x50}}, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syz_tun\x00', 0x100})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = socket$inet(0x2, 0x80001, 0x84)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r7, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f00000002c0)={r8, @in6={{0xa, 0x0, 0x0, @empty}}}, 0x9c)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8946, &(0x7f0000000080))
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
sendmmsg(r11, &(0x7f0000003b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0)
dup2(r11, r10)
r12 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0), r3)
sendmsg$IPVS_CMD_GET_DAEMON(r3, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x80, r12, 0x800, 0x70bd27, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x64, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast1}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x4f}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@loopback}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x4, 0x13}}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'none\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}]}, 0x80}, 0x1, 0x0, 0x0, 0x80}, 0x1)
mount_setattr(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x800, &(0x7f0000000200)={0x70, 0x0, 0x80000, {r3}}, 0x20)
r13 = socket$packet(0x11, 0x3, 0x300)
fstat(r13, &(0x7f0000000000))

263.062828ms ago: executing program 4 (id=883):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0xa4}, {0x6}]}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0xe0, 0x0, 0x0, 0x0, 0x60ea0000}}}}}, 0x0)
r1 = socket(0x200000000000011, 0x3, 0x7161a0b9)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x0, 0x0, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r2, 0x1, 0x0, 0x0, {@in6_addr=@private1}}}]}, 0x38}}, 0x20040000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000200), 0x12)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3000001, 0x4010, r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x7, 0x95, 0xdb96, 0x414, 0x1, 0x40, '\x00', r2, r3, 0x2, 0x2, 0x4, 0xc}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_emit_ethernet(0x4c, &(0x7f0000000400)={@broadcast, @local, @val={@void, {0x8100, 0x1, 0x0, 0x1}}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x12, 0x11, 0x0, @rand_addr=' \x01\x00', @private2={0xfc, 0x2, '\x00', 0x1}, {[], {0x1, 0xe22, 0x12, 0x0, @gue={{0x1, 0x0, 0x0, 0x2, 0x0, @void}, "0a790cc55a8e"}}}}}}}, 0x0)

262.488978ms ago: executing program 1 (id=884):
timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000014c0)=[{{&(0x7f0000000c40)={0x2, 0x4e21, @loopback=0x7f000004}, 0x10, 0x0}}, {{&(0x7f0000000f80)={0x2, 0x4e23}, 0x10, 0x0, 0x0, &(0x7f00000013c0)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x6, 0x3}]}}}], 0x18}}], 0x2, 0x0)

235.639961ms ago: executing program 2 (id=886):
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/if_inet6\x00')
read$msr(r0, &(0x7f0000000280)=""/61, 0x3d)
mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r3)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000200)={0x1c, r4, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x880}, 0x8004)
write$RDMA_USER_CM_CMD_BIND_IP(r3, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2}}}, 0x30)
write$binfmt_elf64(r3, &(0x7f0000000280)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

235.317441ms ago: executing program 3 (id=887):
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0)
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
dup2(r1, r2)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x100000e, 0x810, r0, 0x43ce3000)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000080)='mem\x00\x10\x00\x00\x00\x00\x00\x00I\xa2l')
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
preadv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/4085, 0xff5}, {&(0x7f00000010c0)=""/143, 0x8f}], 0x2, 0x1ffff000, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBMODE(r4, 0x4b44, &(0x7f0000000000))

233.617211ms ago: executing program 4 (id=888):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0xf5ff, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1400000010000c0000000000000000000000000a14000000030a000000000000000000000000000020000000000a010800000000000000000a0000000900010073797a310000000048000000030a010100f5ffffff0000000a000000080007006e61700014000480080002400000000008000140000000040900010073797a3100000000090003"], 0xa4}}, 0x0)

229.378541ms ago: executing program 1 (id=889):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="680000001000030400"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e003000028008000100100000001c0005800a000400aaaaaaaaaabb00000a600400aaaaaaaaaa0000000800030003"], 0x68}}, 0x0)

202.681384ms ago: executing program 0 (id=890):
unshare(0x2000680)
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x0, 0x0, 0x0)

202.490994ms ago: executing program 3 (id=891):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120c000200080001400400446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)

202.128324ms ago: executing program 2 (id=892):
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x204001, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))
preadv2(r0, &(0x7f0000001380)=[{&(0x7f0000000140)=""/11, 0xb}], 0x1, 0x0, 0x0, 0x0)
ppoll(&(0x7f0000000280)=[{r0, 0x100}], 0x1, 0x0, 0x0, 0x0)

172.717726ms ago: executing program 1 (id=893):
io_setup(0x22, &(0x7f00000003c0)=<r0=>0x0) (async)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0}) (async)
bpf$ENABLE_STATS(0x20, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) (async)
syz_open_dev$usbfs(&(0x7f0000000100), 0x203, 0x0) (async)
r4 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r6)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x1}, 0x8, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) (async)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000240)="0100000200373a4541062101a59ea940d2cb0b3692f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697a793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855bea1ce67fe118aa4acabb5bee7f082d23a16b010c92471eba59152e716af8776ab90ac47a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b410119873dd9827757d96c5e8aa4617cc54c5e67060a9266f416b78f774e53ca1f84e698d1fe3cee10a85882cbecb29f2a22535ac58e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e5cd664c1", 0x129, r3) (async)
r7 = socket$netlink(0x10, 0x3, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_type(r8, &(0x7f0000000000), 0x248800)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0xffffffffffffff19, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0xb0, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x80, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x24, 0x2, 0x0, 0x1, [{0x14}, {0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0xfffffffffffffe1c}]}]}]}}]}, 0xb0}}, 0x0) (async)
r9 = socket$rxrpc(0x21, 0x2, 0xa)
close_range(r9, 0xffffffffffffffff, 0x0) (async)
openat$zero(0xffffffffffffff9c, &(0x7f0000000140), 0x200340, 0x0) (async)
io_submit(r0, 0x1, &(0x7f0000000240)=[&(0x7f0000000040)={0x400000000812d000, 0x9, 0x3, 0x0, 0x0, r9, 0x0}]) (async)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) (async)
r10 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r10)
ptrace$setregs(0xd, r10, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb") (async)
ptrace$getregset(0x4205, r10, 0x2, &(0x7f0000000080)={0x0, 0x500})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)

172.607106ms ago: executing program 2 (id=894):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000002180)={0x2, 0x400000000000003, 0x0, 0x0, 0x1b, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6}, @sadb_lifetime={0x4, 0x4, 0x0, 0x4000000}, @sadb_sa={0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, @sadb_address={0x3, 0x7, 0x0, 0x0, 0x0, @in={0x2, 0x0, @broadcast}}, @sadb_x_sa2={0x2}]}, 0xd8}}, 0x0)

168.388777ms ago: executing program 0 (id=895):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
dup(r0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="5c0000000206050000000000fffff00000000000050001000600000005000500020000000900020073797a3200000000050004000000000014000780080006c00000000008000800000000000d000300686173683a6e657400000000"], 0x5c}}, 0x0)

168.281766ms ago: executing program 4 (id=896):
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo")
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=r0, @ANYBLOB="040000000000800008000000", @ANYRES32=r0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0)

162.351457ms ago: executing program 3 (id=897):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x33}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0xb5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)

140.053129ms ago: executing program 0 (id=898):
lsm_get_self_attr(0x0, 0x0, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = syz_io_uring_setup(0x24f5, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0xa3d, 0x0, 0x0, 0x0, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000073797a300000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000000006a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000065850000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x0)
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)="01000000", 0x4}], 0x1)
rt_sigaction(0x40, &(0x7f0000000080)={&(0x7f00000001c0)="c4017a115804460f1c2bc4a2f99c9022000000c4a2f100270f38e741c44240f23a9a3b47000000c43b3be5c4c441dde5dcf5f5bb559a00000f75be07370b1c2665d2950e000000dbf5", 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000040))
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000000c0)=<r4=>0x0)
r5 = getpid()
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r6 = syz_open_procfs(r4, &(0x7f0000000380)='schedstat\x00')
preadv(r6, &(0x7f0000000000)=[{&(0x7f0000000240)=""/135, 0x87}], 0x1, 0x0, 0x0)

139.815519ms ago: executing program 2 (id=899):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0xa4}, {0x6}]}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0xe0, 0x0, 0x0, 0x0, 0x60ea0000}}}}}, 0x0)
r1 = socket(0x200000000000011, 0x3, 0x7161a0b9)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x0, 0x0, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r2, 0x1, 0x0, 0x0, {@in6_addr=@private1}}}]}, 0x38}}, 0x20040000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000200), 0x12)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3000001, 0x4010, r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x7, 0x95, 0xdb96, 0x414, 0x1, 0x40, '\x00', r2, r3, 0x2, 0x2, 0x4, 0xc}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
syz_emit_ethernet(0x4c, &(0x7f0000000400)={@broadcast, @local, @val={@void, {0x8100, 0x1, 0x0, 0x1}}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x12, 0x11, 0x0, @rand_addr=' \x01\x00', @private2={0xfc, 0x2, '\x00', 0x1}, {[], {0x1, 0xe22, 0x12, 0x0, @gue={{0x1, 0x0, 0x0, 0x2, 0x0, @void}, "0a790cc55a8e"}}}}}}}, 0x0)

139.185819ms ago: executing program 3 (id=900):
timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r0, &(0x7f00000014c0)=[{{&(0x7f0000000c40)={0x2, 0x4e21, @loopback=0x7f000004}, 0x10, 0x0}}, {{&(0x7f0000000f80)={0x2, 0x4e23}, 0x10, 0x0, 0x0, &(0x7f00000013c0)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x6, 0x3}]}}}], 0x18}}], 0x2, 0x0)

127.68111ms ago: executing program 2 (id=901):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_PROMISC(r0, 0x6b, 0x2, &(0x7f0000000240)=0x1, 0x4)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r1, &(0x7f0000001340)=[{&(0x7f0000001380)=""/151, 0x97}], 0x1)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df000000a7d9de16c708db7200"})
r2 = syz_open_pts(r1, 0x42)
r3 = dup3(r2, r1, 0x0)
write$UHID_INPUT(r3, &(0x7f00000001c0)={0xd, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d21c25867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76013256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xffffff5c)

103.659052ms ago: executing program 3 (id=902):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_PROMISC(r0, 0x6b, 0x2, &(0x7f0000000240)=0x1, 0x4)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r1, &(0x7f0000001340)=[{&(0x7f0000001380)=""/151, 0x97}], 0x1)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df000000a7d9de16c708db7200"})
r2 = syz_open_pts(r1, 0x42)
r3 = dup3(r2, r1, 0x0)
write$UHID_INPUT(r3, &(0x7f00000001c0)={0xd, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d21c25867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76013256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xffffff5c)

103.562492ms ago: executing program 1 (id=903):
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000040))
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000880)=ANY=[@ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="540100001a001307000000000000001cac1414000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141417000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x154}}, 0x0)

35.461127ms ago: executing program 1 (id=904):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000180)=""/46, 0x2e)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec5000000f800000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000a00)='rxrpc_rtt_tx\x00', r2}, 0x10)
r3 = socket(0x10, 0x3, 0x20000000)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0x1000005}, 0x10)
write(r3, &(0x7f0000000000)="110000001a005f0214f9f4070009040081", 0x11)
getdents(r1, 0xfffffffffffffffd, 0x58)
recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0xfffffe0f, 0x0, 0x0, 0x0, 0x2c}, 0x3}], 0x1, 0x10001, &(0x7f0000000ac0)={0x77359400})
socket$netlink(0x10, 0x3, 0x7)
perf_event_open(0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0xa)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = syz_mount_image$ext4(&(0x7f0000000a80)='ext3\x00', &(0x7f0000000140)='./file0\x00', 0xc02, &(0x7f0000000940), 0x0, 0x5d6, &(0x7f0000002380)="$eJzs3c9vHFcdAPDvrNc/mjp1Aj1ARUmAQkBR1rHTRlUvbS4gVFVCVByAQ2rsjWWyjkPWLrWJZPcv4AASSJyKxD/AAYkDUk8ckDhwASFxqJDKASlABIqhIAbN7Hi99q69m2TjJd7PRxrNm3m77/vebObXG2deAEPrbERsRcRYRLwREVPF+qSY4pXGlH3u3t3b89t3b88nkaav/zXJ87N10fKdzJNFmRMR8eUvRHwjaY9bX9+4PlerVW8Vy9Oryzen6+sbF5aW5xari9Ubs7OXZy5ffPHSC7MH1v27LelSD209s/zTO59fevUrv/j5s+//Zutz38mqNVnktbZjj80uhY4dnt1o+mgzTqYcEa/2UN/HwUgx77IZdqVp+uhqw/3K9psPRcQn8/1/KkaiPB6Nn6nbv3wA4DGVplORTrUuAwDHXSnvA0tKlaIvYDJKpUql0Yf3dJwo1Vbqq+evrazdWGj0lZ2K0dK1pdq/0tPjf/hWdsGwOJpcW6pVZ/K8PD9fnt23fCkiTkfE98efyJcr8yu1hQFe9wDAMHty3/n/H+ON838POjzVAwAeGxODrgAAcOSc/wFg2JwddAUAgAHo4f6/eNi/9cjrAgAcDf3/ADB8nP8BYPg4/wPAUPnSa69lU7pdvP964c31tesrb15YqNavV5bX5ivz5bhZWVxZWczf2bPcrbzaysrNmedj7a3p1Wp9dbq+vnF1eWXtxurV/L3eV6ujR9IqAOAwp8+8+/skIrZeeiKfomUsB+dqON56GTcHOJ5GminDMsGwKQ+6AsDA9H6P/6tHWg9gcDq+zHuiY3KvH95HEH9nBP9Xzn20tf8/H/q3Q///3ucCwPGg/x+G18gDfevlvtcDOHoP3P//k/7WAzh6aZrsH/N/rJkFABxLvT7//6D9zwPTzb5eiQCD0m0w7748/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBjZjIivhlJqVKMBT4ZpVKlEnEyIk7FaHJtqVa9GBFPxZmIGB3PlmcGXWkA4CGV/pwU43+dm3pucn/uWPLP8XweEd/+0es/eGtudfXWTLb+b8314zvDh83ufq/XcQUBgH45+Oybn79ni3nLjfy9u7fnd6ZDi/7ayZ1UuR81vXMl/lMMRTy/ffd2Pu0U3wgwkbfmxN+TZsCJiHgmIkb6EH/r7Yj4SNz77XvP7mt/kveNnCpGPm2NH0Xsk/2L32H7749f2hO/lOc15tnF14f7UBcYNu9eiYhX9ux/xW5WirP5vPP+P9GnA+CdK43Cdo59u8e/UvP4N7KdtsVPxqKoXw8xnv/lF1uXx1rz3o54ptwpftKMn3Rof7buuR7jv/exj3/v5QPy0ncizkXH+OXWWNOryzen6+sbF5aW5xari9Ubs7OXZy5ffPHSC7PTeR/19E5Pdbu/vHT+qfaW77b/ROf4xS+/v/27ZXy6x/b/+N9vfP0TB+Rl8T/7qc6//9PZ7Hedt392TvxMh/L+2z5Of8yd+NmBw3dn8Rd22z8R3X7/iZ3ciPONZLrZpf3v/2ljoctHAIAjVF/fuD5Xq1VvNRNPZFcMe9Z0T2R3oT1/+H4SWRUba8odqvqQiWjP+mM8QDljfalP+zYcffCt+k7S/9+ia+LXzTXl5rVqf0N8NSvxiNtV2mlFcuAuc3gi2xTVD9I07Ut97nXISjdjc3dP6a2ccrfd/NDDRvuNFPDYqa9vHNg30KcudgAAAAAAAAAAAAAA4CEdxf+g2h9zO007vKUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7t//AgAA//9b3NM2")
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYRES32=r4], &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r5}, 0x10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000080))
write$binfmt_script(r6, &(0x7f0000000380), 0x208e24b)
ioctl$EXT4_IOC_MIGRATE(r6, 0x6609)
r7 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setsig(r7, 0xa, 0x13)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=@newchain={0x80, 0x64, 0x0, 0xfffffff9, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3, 0xfff1}, {0x10, 0xf}, {0x9}}, [@TCA_CHAIN={0x8, 0xb, 0x8}, @filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x4, 0x3, 0x5, 0x8}]}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x7}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x8}]}}, @TCA_RATE={0x6, 0x5, {0x9, 0xcc}}, @TCA_CHAIN={0x8, 0xb, 0x4}, @TCA_RATE={0x6, 0x5, {0x9, 0x3}}]}, 0x80}, 0x1, 0x0, 0x0, 0x2c004814}, 0x0)
sendmsg$rds(r7, &(0x7f0000000b00)={&(0x7f00000001c0)={0x2, 0x4e22, @broadcast}, 0x10, &(0x7f00000007c0)=[{&(0x7f00000002c0)=""/171, 0xab}, {&(0x7f0000000b40)=""/255, 0xff}, {&(0x7f0000000480)=""/185, 0xb9}, {&(0x7f0000000d80)=""/4096, 0x1000}, {&(0x7f0000000540)=""/226, 0xe2}, {&(0x7f0000000640)=""/180, 0xb4}, {&(0x7f0000000c80)=""/104, 0x68}, {&(0x7f0000000700)=""/162, 0xa2}], 0x8, &(0x7f00000008c0)=[@mask_fadd={0x58, 0x114, 0x8, {{0x0, 0x101}, &(0x7f0000000840)=0xfff, &(0x7f0000000880)=0xdd8, 0x6, 0xe0e, 0x33065c91, 0x100006, 0x9, 0x7f}}], 0x58, 0x4c000}, 0x20040085)

34.689187ms ago: executing program 2 (id=905):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="124886dd0100140000000000000060000000000c2100fe880001000000000000060000007d01ff020000000000000040000000000001", @ANYRES8=r1], 0xfdef)

0s ago: executing program 3 (id=906):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a700000008"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000000c0)="c0", 0x1}], 0x1)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2000000000000000, 0x8000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1)

kernel console output (not intermixed with test programs):

ce loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.281: invalid block
[   44.661366][ T4523] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.281: invalid indirect mapped block 4294967295 (level 1)
[   44.676171][ T4523] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.281: invalid indirect mapped block 4294967295 (level 1)
[   44.690904][ T4523] EXT4-fs (loop3): 2 truncates cleaned up
[   44.697361][ T4523] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.741943][ T4533] loop4: detected capacity change from 0 to 512
[   44.750015][ T4535] FAULT_INJECTION: forcing a failure.
[   44.750015][ T4535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   44.750655][ T4533] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.288: bad orphan inode 17
[   44.763253][ T4535] CPU: 0 UID: 0 PID: 4535 Comm: syz.2.289 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   44.783474][ T4535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   44.793676][ T4535] Call Trace:
[   44.796952][ T4535]  <TASK>
[   44.799909][ T4535]  dump_stack_lvl+0xf2/0x150
[   44.804546][ T4535]  dump_stack+0x15/0x20
[   44.808820][ T4535]  should_fail_ex+0x229/0x230
[   44.813667][ T4535]  should_fail+0xb/0x10
[   44.817934][ T4535]  should_fail_usercopy+0x1a/0x20
[   44.823040][ T4535]  _copy_to_user+0x1e/0xa0
[   44.827619][ T4535]  simple_read_from_buffer+0xa0/0x110
[   44.833026][ T4535]  proc_fail_nth_read+0xfc/0x140
[   44.838121][ T4535]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   44.843726][ T4535]  vfs_read+0x1a2/0x6e0
[   44.847940][ T4535]  ? __rcu_read_unlock+0x4e/0x70
[   44.852983][ T4535]  ? __fget_files+0x1da/0x210
[   44.857698][ T4535]  ksys_read+0xeb/0x1b0
[   44.861925][ T4535]  __x64_sys_read+0x42/0x50
[   44.866446][ T4535]  x64_sys_call+0x2a36/0x2e00
[   44.871133][ T4535]  do_syscall_64+0xc9/0x1c0
[   44.875811][ T4535]  ? clear_bhb_loop+0x55/0xb0
[   44.880489][ T4535]  ? clear_bhb_loop+0x55/0xb0
[   44.885164][ T4535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.891171][ T4535] RIP: 0033:0x7f74f46c5d7c
[   44.895591][ T4535] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[   44.915190][ T4535] RSP: 002b:00007f74f3347040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   44.923918][ T4535] RAX: ffffffffffffffda RBX: 00007f74f4855f80 RCX: 00007f74f46c5d7c
[   44.931891][ T4535] RDX: 000000000000000f RSI: 00007f74f33470b0 RDI: 0000000000000007
[   44.939856][ T4535] RBP: 00007f74f33470a0 R08: 0000000000000000 R09: 0000000000000000
[   44.947815][ T4535] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[   44.955845][ T4535] R13: 000000000000000b R14: 00007f74f4855f80 R15: 00007ffe0328cc78
[   44.963850][ T4535]  </TASK>
[   44.968968][ T4533] ext4_test_bit(bit=16, block=4) = 1
[   44.974409][ T4533] is_bad_inode(inode)=0
[   44.978557][ T4533] NEXT_ORPHAN(inode)=0
[   44.982745][ T4533] max_ino=32
[   44.985971][ T4533] i_nlink=1
[   44.995560][ T4533] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.019557][ T3264] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.074958][   T29] audit: type=1400 audit(1721979931.293:336): avc:  denied  { execute } for  pid=4537 comm="syz.2.290" path=2F6D656D66643A59FFFF202864656C6574656429 dev="hugetlbfs" ino=8236 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[   45.134915][   T29] audit: type=1400 audit(1721979931.353:337): avc:  denied  { block_suspend } for  pid=4556 comm="syz.2.295" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   45.157244][    C0] eth0: bad gso: type: 1, size: 1408
[   45.194487][ T4563] No source specified
[   45.199233][   T29] audit: type=1400 audit(1721979931.413:338): avc:  denied  { create } for  pid=4562 comm="syz.4.298" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   45.221187][   T29] audit: type=1400 audit(1721979931.413:339): avc:  denied  { write } for  pid=4562 comm="syz.4.298" name="file0" dev="tmpfs" ino=468 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   45.223477][ T4563] capability: warning: `syz.4.298' uses deprecated v2 capabilities in a way that may be insecure
[   45.243836][   T29] audit: type=1400 audit(1721979931.413:340): avc:  denied  { open } for  pid=4562 comm="syz.4.298" path="/84/file1/file0" dev="tmpfs" ino=468 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   45.263282][ T4563] loop4: detected capacity change from 0 to 512
[   45.308611][ T4567] loop0: detected capacity change from 0 to 512
[   45.330382][ T4567] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.344689][ T4567] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.359281][   T29] audit: type=1400 audit(1721979931.573:341): avc:  denied  { ioctl } for  pid=4568 comm="syz.2.301" path="socket:[7896]" dev="sockfs" ino=7896 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   45.384686][ T3816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.400686][ T3776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.432017][ T4579] loop0: detected capacity change from 0 to 1024
[   45.441033][ T4579] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[   45.505675][ T4590] loop0: detected capacity change from 0 to 1764
[   45.527352][ T4591] loop3: detected capacity change from 0 to 764
[   45.622117][ T4601] syz.0.307 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   45.684901][ T4602] loop2: detected capacity change from 0 to 128
[   46.163807][ T4605] loop4: detected capacity change from 0 to 512
[   46.172742][ T4605] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.312: invalid block
[   46.185764][ T4605] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.312: invalid indirect mapped block 4294967295 (level 1)
[   46.201311][ T4605] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.312: invalid indirect mapped block 4294967295 (level 1)
[   46.216028][ T4605] EXT4-fs (loop4): 2 truncates cleaned up
[   46.222356][ T4605] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.332621][ T4608] FAULT_INJECTION: forcing a failure.
[   46.332621][ T4608] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   46.346355][ T4608] CPU: 0 UID: 0 PID: 4608 Comm: syz.3.313 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   46.356910][ T4608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   46.367590][ T4608] Call Trace:
[   46.371306][ T4608]  <TASK>
[   46.374340][ T4608]  dump_stack_lvl+0xf2/0x150
[   46.379295][ T4608]  dump_stack+0x15/0x20
[   46.384473][ T4608]  should_fail_ex+0x229/0x230
[   46.389845][ T4608]  should_fail_alloc_page+0xfd/0x110
[   46.395599][ T4608]  __alloc_pages_noprof+0x109/0x360
[   46.401079][ T4608]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   46.407164][ T4608]  folio_alloc_mpol_noprof+0x36/0x70
[   46.413520][ T4608]  shmem_get_folio_gfp+0x3eb/0xd80
[   46.418687][ T4608]  shmem_write_begin+0xa0/0x1c0
[   46.423619][ T4608]  generic_perform_write+0x1b4/0x580
[   46.428934][ T4608]  shmem_file_write_iter+0xc8/0xf0
[   46.434301][ T4608]  vfs_write+0x78f/0x900
[   46.438574][ T4608]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   46.444469][ T4608]  ksys_write+0xeb/0x1b0
[   46.448738][ T4608]  __x64_sys_write+0x42/0x50
[   46.453324][ T4608]  x64_sys_call+0x2a40/0x2e00
[   46.458036][ T4608]  do_syscall_64+0xc9/0x1c0
[   46.462730][ T4608]  ? clear_bhb_loop+0x55/0xb0
[   46.467447][ T4608]  ? clear_bhb_loop+0x55/0xb0
[   46.472350][ T4608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.478498][ T4608] RIP: 0033:0x7f2160015e1f
[   46.482956][ T4608] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[   46.503446][ T4608] RSP: 002b:00007f215ec96e00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   46.512038][ T4608] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f2160015e1f
[   46.520124][ T4608] RDX: 0000000000040000 RSI: 00007f2156877000 RDI: 0000000000000004
[   46.528975][ T4608] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000054d
[   46.537161][ T4608] R10: 0000000020001cc2 R11: 0000000000000293 R12: 0000000000000004
[   46.545218][ T4608] R13: 00007f215ec96f00 R14: 00007f215ec96ec0 R15: 00007f2156877000
[   46.553343][ T4608]  </TASK>
[   46.596679][ T4613] netlink: 'syz.2.315': attribute type 10 has an invalid length.
[   46.606044][ T4613] veth0_macvtap: left promiscuous mode
[   46.617623][ T4613] veth0_macvtap: entered promiscuous mode
[   46.626067][ T4613] team0: Device macvtap0 failed to register rx_handler
[   46.633886][ T4613] veth0_macvtap: left promiscuous mode
[   46.724655][ T4627] xt_connbytes: Forcing CT accounting to be enabled
[   46.731406][ T4627] Cannot find add_set index 0 as target
[   46.766059][ T4631] loop2: detected capacity change from 0 to 512
[   46.774187][ T4631] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.323: Invalid inode bitmap blk 4 in block_group 0
[   46.787871][ T4631] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.809978][ T4047] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.844698][ T4645] netlink: 'syz.2.325': attribute type 10 has an invalid length.
[   46.856084][ T4645] team0: Cannot enslave team device to itself
[   46.902373][ T4649] loop2: detected capacity change from 0 to 512
[   46.911521][ T4649] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.327: bg 0: block 35: padding at end of block bitmap is not set
[   46.926579][ T4649] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[   46.936004][ T4649] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.327: invalid indirect mapped block 4294967295 (level 1)
[   46.951059][ T4649] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.327: invalid indirect mapped block 4294967295 (level 2)
[   46.965939][ T3264] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.966076][ T4649] EXT4-fs (loop2): 1 truncate cleaned up
[   46.981371][ T4649] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.005107][ T4047] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.028195][ T4658] __nla_validate_parse: 9 callbacks suppressed
[   47.028209][ T4658] netlink: 44 bytes leftover after parsing attributes in process `syz.2.330'.
[   47.064476][ T4668] netlink: 132 bytes leftover after parsing attributes in process `syz.4.334'.
[   47.095278][ T4673] netlink: 8 bytes leftover after parsing attributes in process `syz.4.337'.
[   47.107184][ T4673] dummy0: entered promiscuous mode
[   47.193911][ T4685] loop2: detected capacity change from 0 to 512
[   47.202342][ T4685] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.338: invalid block
[   47.207840][ T4687] netlink: 28 bytes leftover after parsing attributes in process `syz.4.341'.
[   47.217594][ T4685] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.338: invalid indirect mapped block 4294967295 (level 1)
[   47.239330][ T4685] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.338: invalid indirect mapped block 4294967295 (level 1)
[   47.254101][ T4685] EXT4-fs (loop2): 2 truncates cleaned up
[   47.260100][ T4685] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.452554][ T4691] netlink: 4 bytes leftover after parsing attributes in process `syz.0.343'.
[   47.461584][ T4691] netlink: 44 bytes leftover after parsing attributes in process `syz.0.343'.
[   47.471513][ T4693] 
€Â: renamed from vlan1 (while UP)
[   47.503590][ T4697] xt_HMARK: spi-set and port-set can't be combined
[   47.579923][ T4700] 9pnet_fd: Insufficient options for proto=fd
[   47.587138][ T4700] tmpfs: Bad value for 'nr_inodes'
[   47.604532][ T4702] netlink: 104 bytes leftover after parsing attributes in process `syz.3.348'.
[   47.712085][ T4718] 9pnet_fd: Insufficient options for proto=fd
[   47.767503][ T4724] xt_TPROXY: Can be used only with -p tcp or -p udp
[   47.786972][ T4726] loop3: detected capacity change from 0 to 512
[   47.794107][ T4726] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   47.805718][ T4726] EXT4-fs (loop3): 1 truncate cleaned up
[   47.812125][ T4726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.979373][ T4047] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.012987][ T4731] netlink: 66 bytes leftover after parsing attributes in process `syz.4.360'.
[   48.026475][ T4732] loop2: detected capacity change from 0 to 1024
[   48.036043][ T4732] EXT4-fs: test_dummy_encryption option not supported
[   48.046979][ T4732] loop2: detected capacity change from 0 to 128
[   48.055641][ T4734] IPVS: Unknown mcast interface: dvmrp1
[   48.090774][ T4741] netlink: 'syz.2.361': attribute type 4 has an invalid length.
[   48.098463][ T4741] netlink: 17 bytes leftover after parsing attributes in process `syz.2.361'.
[   48.112613][ T4741] netlink: 'syz.2.361': attribute type 4 has an invalid length.
[   48.148303][ T4741] netlink: 'syz.2.361': attribute type 4 has an invalid length.
[   48.196698][ T4750] FAULT_INJECTION: forcing a failure.
[   48.196698][ T4750] name failslab, interval 1, probability 0, space 0, times 0
[   48.209574][ T4750] CPU: 0 UID: 0 PID: 4750 Comm: syz.4.366 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   48.219979][ T4750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   48.230667][ T4750] Call Trace:
[   48.235520][ T4750]  <TASK>
[   48.238725][ T4750]  dump_stack_lvl+0xf2/0x150
[   48.243503][ T4750]  dump_stack+0x15/0x20
[   48.247784][ T4750]  should_fail_ex+0x229/0x230
[   48.252580][ T4750]  ? __kvmalloc_node_noprof+0x72/0x170
[   48.258522][ T4750]  should_failslab+0x8f/0xb0
[   48.263497][ T4750]  __kmalloc_node_noprof+0xa8/0x380
[   48.268813][ T4750]  __kvmalloc_node_noprof+0x72/0x170
[   48.274301][ T4750]  simple_xattr_set+0x6e/0x2a0
[   48.279110][ T4750]  ? strlen+0x19/0x30
[   48.283606][ T4750]  shmem_xattr_handler_set+0x129/0x220
[   48.289790][ T4750]  ? __pfx_shmem_xattr_handler_set+0x10/0x10
[   48.296939][ T4750]  __vfs_setxattr+0x2e5/0x310
[   48.302360][ T4750]  __vfs_setxattr_noperm+0xed/0x420
[   48.307685][ T4750]  __vfs_setxattr_locked+0x1af/0x1d0
[   48.313356][ T4750]  vfs_setxattr+0x140/0x290
[   48.318010][ T4750]  __se_sys_fsetxattr+0x2b6/0x370
[   48.323335][ T4750]  __x64_sys_fsetxattr+0x67/0x80
[   48.328482][ T4750]  x64_sys_call+0x2ba8/0x2e00
[   48.333416][ T4750]  do_syscall_64+0xc9/0x1c0
[   48.338583][ T4750]  ? clear_bhb_loop+0x55/0xb0
[   48.343373][ T4750]  ? clear_bhb_loop+0x55/0xb0
[   48.348281][ T4750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.354237][ T4750] RIP: 0033:0x7f90504f7299
[   48.358757][ T4750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.378927][ T4750] RSP: 002b:00007f904f177048 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[   48.387333][ T4750] RAX: ffffffffffffffda RBX: 00007f9050685f80 RCX: 00007f90504f7299
[   48.395757][ T4750] RDX: 0000000020000100 RSI: 0000000020000080 RDI: 0000000000000003
[   48.403723][ T4750] RBP: 00007f904f1770a0 R08: 0000000000000000 R09: 0000000000000000
[   48.411697][ T4750] R10: 000000000000001f R11: 0000000000000246 R12: 0000000000000001
[   48.419854][ T4750] R13: 000000000000000b R14: 00007f9050685f80 R15: 00007ffc08a8a308
[   48.427870][ T4750]  </TASK>
[   48.530180][ T4764] netlink: 8 bytes leftover after parsing attributes in process `syz.2.372'.
[   48.592553][ T4778] xt_HMARK: spi-set and port-set can't be combined
[   48.604151][ T4780] loop4: detected capacity change from 0 to 256
[   48.632596][ T3816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.765938][ T4815] loop3: detected capacity change from 0 to 512
[   48.766653][ T4806] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=4806 comm=syz.2.388
[   48.788688][ T4806] netlink: 'syz.2.388': attribute type 9 has an invalid length.
[   48.799812][ T4806] bond0: entered promiscuous mode
[   48.802598][ T4818] loop0: detected capacity change from 0 to 512
[   48.804905][ T4806] bond_slave_0: entered promiscuous mode
[   48.816962][ T4806] bond_slave_1: entered promiscuous mode
[   48.817051][ T4818] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   48.824105][ T4806] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   48.833019][ T4818] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[   48.841435][ T4815] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   48.849567][ T4818] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[   48.861916][ T4815] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.871503][ T4818] System zones: 0-2, 18-18, 34-34
[   48.886597][ T4818] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.391: bad orphan inode 15
[   48.886700][ T4806] bond0: left promiscuous mode
[   48.900452][ T4818] ext4_test_bit(bit=14, block=18) = 1
[   48.903829][ T4806] bond_slave_0: left promiscuous mode
[   48.909527][ T4818] is_bad_inode(inode)=0
[   48.909538][ T4818] NEXT_ORPHAN(inode)=2264924160
[   48.915721][ T4806] bond_slave_1: left promiscuous mode
[   48.919850][ T4818] max_ino=32
[   48.919859][ T4818] i_nlink=0
[   48.937489][ T4818] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   48.958538][ T4818] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.391: bg 0: block 80: padding at end of block bitmap is not set
[   48.976225][ T3816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   48.979561][ T4818] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[   49.001387][ T4818] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.006185][ T4826] xt_HMARK: spi-set and port-set can't be combined
[   49.030155][ T4828] loop4: detected capacity change from 0 to 512
[   49.037544][ T4828] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[   49.048147][ T3776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.061689][    C0] eth0: bad gso: type: 1, size: 1408
[   49.069513][ T4830] loop0: detected capacity change from 0 to 128
[   49.079847][ T4830] FAT-fs (loop0): Directory bread(block 524321) failed
[   49.089809][ T4830] FAT-fs (loop0): Directory bread(block 524322) failed
[   49.097229][ T4830] FAT-fs (loop0): Directory bread(block 524323) failed
[   49.100472][ T4833] syz_tun: entered promiscuous mode
[   49.104607][ T4830] FAT-fs (loop0): Directory bread(block 524324) failed
[   49.118525][ T4830] FAT-fs (loop0): Directory bread(block 524325) failed
[   49.125938][ T4830] FAT-fs (loop0): Directory bread(block 524326) failed
[   49.133698][ T4833] syz_tun: left promiscuous mode
[   49.136897][ T4830] FAT-fs (loop0): Directory bread(block 524327) failed
[   49.145720][ T4830] FAT-fs (loop0): Directory bread(block 524328) failed
[   49.162448][ T4830] vlan3: entered promiscuous mode
[   49.167622][ T4830] vlan3: entered allmulticast mode
[   49.271073][ T4857] xt_HMARK: spi-set and port-set can't be combined
[   49.279155][ T4859] Illegal XDP return value 13826 on prog  (id 82) dev N/A, expect packet loss!
[   49.300826][    C0] eth0: bad gso: type: 1, size: 1408
[   49.315368][ T4853] loop2: detected capacity change from 0 to 1024
[   49.322442][ T4853] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   49.333668][ T4853] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   49.348957][ T4853] jbd2_journal_init_inode: Cannot locate journal superblock
[   49.356905][ T4853] EXT4-fs (loop2): Could not load journal inode
[   49.367798][ T4853] loop2: detected capacity change from 0 to 128
[   49.374661][ T4853] FAT-fs (loop2): bogus number of reserved sectors
[   49.381326][ T4853] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   49.390701][ T4853] FAT-fs (loop2): Can't find a valid FAT filesystem
[   49.529315][ T4883] loop2: detected capacity change from 0 to 8192
[   49.567567][   T29] kauditd_printk_skb: 58 callbacks suppressed
[   49.567581][   T29] audit: type=1400 audit(1721979935.783:400): avc:  denied  { view } for  pid=4885 comm="syz.0.414" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   49.600789][ T4883]  loop2: p1 p2 p4 < >
[   49.605295][ T4883] loop2: partition table partially beyond EOD, truncated
[   49.613796][ T4883] loop2: p1 size 108986237 extends beyond EOD, truncated
[   49.632127][ T4883] loop2: p2 start 65535 is beyond EOD, truncated
[   49.639160][ T4883] loop2: p4 start 50331648 is beyond EOD, truncated
[   49.662443][ T4883] team0: Port device team_slave_0 removed
[   49.734412][ T4901] loop0: detected capacity change from 0 to 512
[   49.743303][ T4901] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.416: invalid block
[   49.757047][ T4901] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.416: invalid indirect mapped block 4294967295 (level 1)
[   49.769689][ T4887] chnl_net:caif_netlink_parms(): no params data found
[   49.771509][ T4901] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.416: invalid indirect mapped block 4294967295 (level 1)
[   49.793862][ T4901] EXT4-fs (loop0): 2 truncates cleaned up
[   49.800460][ T4901] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.829052][ T4921] loop2: detected capacity change from 0 to 136
[   49.836316][ T4887] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.843687][ T4887] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.851571][ T4887] bridge_slave_0: entered allmulticast mode
[   49.858498][ T4887] bridge_slave_0: entered promiscuous mode
[   49.867597][ T4887] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.867707][ T4921] x_tables: duplicate underflow at hook 3
[   49.875006][ T4887] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.888650][ T4887] bridge_slave_1: entered allmulticast mode
[   49.895140][ T4887] bridge_slave_1: entered promiscuous mode
[   49.904251][ T4921] program syz.2.419 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   49.904338][   T29] audit: type=1400 audit(1721979936.123:401): avc:  denied  { map } for  pid=4920 comm="syz.2.419" path="socket:[8920]" dev="sockfs" ino=8920 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   49.943320][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.961747][ T4887] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   49.973539][ T4887] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   49.996476][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.008859][ T4887] team0: Port device team_slave_0 added
[   50.015474][ T4887] team0: Port device team_slave_1 added
[   50.031034][ T4887] batman_adv: batadv0: Adding interface: batadv_slave_0
[   50.037993][ T4887] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   50.064231][ T4887] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   50.070074][ T4929] FAULT_INJECTION: forcing a failure.
[   50.070074][ T4929] name failslab, interval 1, probability 0, space 0, times 0
[   50.075802][ T4887] batman_adv: batadv0: Adding interface: batadv_slave_1
[   50.087848][ T4929] CPU: 0 UID: 0 PID: 4929 Comm: syz.3.423 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   50.087873][ T4929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   50.087889][ T4929] Call Trace:
[   50.094842][ T4887] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   50.105029][ T4929]  <TASK>
[   50.105037][ T4929]  dump_stack_lvl+0xf2/0x150
[   50.115138][ T4887] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   50.118373][ T4929]  dump_stack+0x15/0x20
[   50.167309][ T4929]  should_fail_ex+0x229/0x230
[   50.172077][ T4929]  ? io_cqring_event_overflow+0x5a/0x300
[   50.178187][ T4929]  should_failslab+0x8f/0xb0
[   50.182917][ T4929]  __kmalloc_noprof+0xa5/0x370
[   50.188370][ T4929]  io_cqring_event_overflow+0x5a/0x300
[   50.195059][ T4929]  io_req_cqe_overflow+0x89/0xb0
[   50.200608][ T4929]  __io_submit_flush_completions+0x34e/0xa00
[   50.206654][ T4929]  io_submit_sqes+0xe91/0x1080
[   50.211936][ T4929]  ? kstrtouint_from_user+0xb0/0xe0
[   50.217263][ T4929]  __se_sys_io_uring_enter+0x1c6/0x15a0
[   50.223059][ T4929]  ? __fget_files+0x1da/0x210
[   50.227783][ T4929]  ? fput+0x13b/0x180
[   50.231771][ T4929]  ? ksys_write+0x178/0x1b0
[   50.236454][ T4929]  __x64_sys_io_uring_enter+0x78/0x90
[   50.241832][ T4929]  x64_sys_call+0x26d0/0x2e00
[   50.246545][ T4929]  do_syscall_64+0xc9/0x1c0
[   50.251051][ T4929]  ? clear_bhb_loop+0x55/0xb0
[   50.256952][ T4929]  ? clear_bhb_loop+0x55/0xb0
[   50.261717][ T4929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.267665][ T4929] RIP: 0033:0x7f2160017299
[   50.272944][ T4929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.292987][ T4929] RSP: 002b:00007f215ec97048 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   50.301668][ T4929] RAX: ffffffffffffffda RBX: 00007f21601a5f80 RCX: 00007f2160017299
[   50.310148][ T4929] RDX: 0000000000000000 RSI: 0000000000006256 RDI: 0000000000000004
[   50.318291][ T4929] RBP: 00007f215ec970a0 R08: 0000000000000000 R09: 0000000000000000
[   50.326307][ T4929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   50.334456][ T4929] R13: 000000000000000b R14: 00007f21601a5f80 R15: 00007fff401eedc8
[   50.342436][ T4929]  </TASK>
[   50.354955][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.387917][ T4931] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   50.426059][ T4931] loop3: detected capacity change from 0 to 512
[   50.434326][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.445749][ T4931] EXT4-fs (loop3): external journal device major/minor numbers have changed
[   50.458512][ T4887] hsr_slave_0: entered promiscuous mode
[   50.466832][ T4887] hsr_slave_1: entered promiscuous mode
[   50.473606][ T4887] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   50.478021][ T4931] EXT4-fs (loop3): failed to open journal device unknown-block(0,3) -6
[   50.490368][ T4887] Cannot create hsr debugfs directory
[   50.498289][ T3776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.518451][ T4940] loop0: detected capacity change from 0 to 512
[   50.547769][ T4940] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.575058][ T4940] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.582728][ T4944] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   50.593969][ T4944] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[   50.601192][   T11] bridge_slave_1: left allmulticast mode
[   50.606880][   T11] bridge_slave_1: left promiscuous mode
[   50.612547][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.632181][   T11] bridge_slave_0: left allmulticast mode
[   50.637985][   T11] bridge_slave_0: left promiscuous mode
[   50.643681][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.653733][ T3776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.741343][ T4947] loop0: detected capacity change from 0 to 512
[   50.748328][ T4947] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   50.760310][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   50.770697][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   50.783868][   T11] bond0 (unregistering): Released all slaves
[   50.783954][ T4947] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.808369][ T4947] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.892754][ T4956] loop3: detected capacity change from 0 to 4096
[   50.899553][ T4956] EXT4-fs: Ignoring removed nomblk_io_submit option
[   50.909675][   T11] hsr_slave_0: left promiscuous mode
[   50.920562][   T11] hsr_slave_1: left promiscuous mode
[   50.928955][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   50.937456][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[   50.946937][ T4956] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.960928][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   50.968807][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[   50.983278][ T4956] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #15: comm syz.3.430: corrupted inode contents
[   51.000813][ T4956] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #15: comm syz.3.430: mark_inode_dirty error
[   51.013256][   T11] veth1_macvtap: left promiscuous mode
[   51.018776][   T11] veth0_macvtap: left promiscuous mode
[   51.024487][   T11] veth1_vlan: left promiscuous mode
[   51.029781][   T11] veth0_vlan: left promiscuous mode
[   51.037062][ T4956] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #15: comm syz.3.430: corrupted inode contents
[   51.060693][ T4956] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.430: mark_inode_dirty error
[   51.074134][ T4956] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #15: comm syz.3.430: corrupted inode contents
[   51.091229][ T4956] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.430: mark_inode_dirty error
[   51.106747][ T4956] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #15: comm syz.3.430: corrupted inode contents
[   51.119836][ T4956] EXT4-fs error (device loop3): ext4_truncate:4241: inode #15: comm syz.3.430: mark_inode_dirty error
[   51.131218][ T4956] EXT4-fs error (device loop3) in ext4_setattr:5553: Corrupt filesystem
[   51.154535][ T3816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.173740][   T11] team0 (unregistering): Port device team_slave_1 removed
[   51.228205][ T4975] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   51.235898][ T4982] xt_connbytes: Forcing CT accounting to be enabled
[   51.254253][ T4982] Cannot find add_set index 0 as target
[   51.282412][ T4986] loop3: detected capacity change from 0 to 512
[   51.292405][ T4986] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.439: bg 0: block 35: padding at end of block bitmap is not set
[   51.308391][ T4986] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[   51.319011][ T4986] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.439: invalid indirect mapped block 4294967295 (level 1)
[   51.326051][   T29] audit: type=1400 audit(1721979937.543:402): avc:  denied  { ioctl } for  pid=4990 comm="syz.4.441" path="socket:[9062]" dev="sockfs" ino=9062 ioctlcmd=0x9439 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   51.334974][ T4986] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.439: invalid indirect mapped block 4294967295 (level 2)
[   51.367067][ T3335] IPVS: starting estimator thread 0...
[   51.376335][ T4986] EXT4-fs (loop3): 1 truncate cleaned up
[   51.385403][ T4986] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.414029][ T3816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.460400][ T4992] IPVS: using max 3264 ests per chain, 163200 per kthread
[   51.498411][ T5005] IPv6: Can't replace route, no match found
[   51.514051][ T4887] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   51.529484][ T4887] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   51.545710][ T4887] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   51.555483][ T3776] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.566883][   T29] audit: type=1400 audit(1721979937.783:403): avc:  denied  { write } for  pid=5008 comm="syz.4.449" name="event2" dev="devtmpfs" ino=221 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   51.571447][ T4887] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   51.590586][   T29] audit: type=1400 audit(1721979937.783:404): avc:  denied  { open } for  pid=5008 comm="syz.4.449" path="/dev/input/event2" dev="devtmpfs" ino=221 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   51.627914][ T5010] FAULT_INJECTION: forcing a failure.
[   51.627914][ T5010] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.628093][   T29] audit: type=1400 audit(1721979937.843:405): avc:  denied  { ioctl } for  pid=5008 comm="syz.4.449" path="/dev/input/event2" dev="devtmpfs" ino=221 ioctlcmd=0x4590 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   51.641518][ T5010] CPU: 1 UID: 0 PID: 5010 Comm: syz.4.449 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   51.679413][ T5010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   51.690047][ T5010] Call Trace:
[   51.693668][ T5010]  <TASK>
[   51.697112][ T5010]  dump_stack_lvl+0xf2/0x150
[   51.701907][ T5010]  dump_stack+0x15/0x20
[   51.706491][ T5010]  should_fail_ex+0x229/0x230
[   51.711465][ T5010]  should_fail+0xb/0x10
[   51.715656][ T5010]  should_fail_usercopy+0x1a/0x20
[   51.720707][ T5010]  _copy_from_user+0x1e/0xd0
[   51.725450][ T5010]  input_event_from_user+0x126/0x1e0
[   51.730749][ T5010]  ? input_inject_event+0xe1/0x100
[   51.735905][ T5010]  evdev_write+0x288/0x420
[   51.740491][ T5010]  ? __pfx_evdev_write+0x10/0x10
[   51.745431][ T5010]  vfs_write+0x28b/0x900
[   51.749923][ T5010]  ? __fget_files+0x1da/0x210
[   51.754602][ T5010]  ksys_write+0xeb/0x1b0
[   51.759086][ T5010]  __x64_sys_write+0x42/0x50
[   51.763843][ T5010]  x64_sys_call+0x2a40/0x2e00
[   51.768522][ T5010]  do_syscall_64+0xc9/0x1c0
[   51.773044][ T5010]  ? clear_bhb_loop+0x55/0xb0
[   51.777892][ T5010]  ? clear_bhb_loop+0x55/0xb0
[   51.782819][ T5010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.788805][ T5010] RIP: 0033:0x7f90504f7299
[   51.793301][ T5010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.813435][ T5010] RSP: 002b:00007f904f156048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   51.821878][ T5010] RAX: ffffffffffffffda RBX: 00007f9050686058 RCX: 00007f90504f7299
[   51.830047][ T5010] RDX: 0000000000001068 RSI: 0000000020000040 RDI: 0000000000000004
[   51.838043][ T5010] RBP: 00007f904f1560a0 R08: 0000000000000000 R09: 0000000000000000
[   51.846079][ T5010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   51.854084][ T5010] R13: 000000000000006e R14: 00007f9050686058 R15: 00007ffc08a8a308
[   51.862075][ T5010]  </TASK>
[   51.919191][ T4887] 8021q: adding VLAN 0 to HW filter on device bond0
[   51.932914][ T4887] 8021q: adding VLAN 0 to HW filter on device team0
[   51.942537][  T982] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.949720][  T982] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.970090][  T982] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.977747][  T982] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.036536][ T4887] 8021q: adding VLAN 0 to HW filter on device batadv0
[   52.303157][ T5030] __nla_validate_parse: 12 callbacks suppressed
[   52.303175][ T5030] netlink: 4 bytes leftover after parsing attributes in process `syz.3.452'.
[   52.319543][ T5030] netlink: 44 bytes leftover after parsing attributes in process `syz.3.452'.
[   52.366406][ T4887] veth0_vlan: entered promiscuous mode
[   52.375642][ T4887] veth1_vlan: entered promiscuous mode
[   52.388415][ T5032] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   52.402766][ T4887] veth0_macvtap: entered promiscuous mode
[   52.414235][ T4887] veth1_macvtap: entered promiscuous mode
[   52.431359][ T4887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   52.441936][ T4887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   52.452116][ T4887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   52.462617][ T4887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   52.472657][ T4887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   52.483090][ T4887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   52.493015][ T4887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   52.503542][ T4887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   52.515016][ T4887] batman_adv: batadv0: Interface activated: batadv_slave_0
[   52.525157][ T4887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   52.535995][ T4887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   52.546083][ T4887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   52.556836][ T4887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   52.566906][ T4887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   52.577458][ T4887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   52.587434][ T4887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   52.598021][ T4887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   52.608731][ T4887] batman_adv: batadv0: Interface activated: batadv_slave_1
[   52.619104][ T4887] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   52.627976][ T4887] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   52.636915][ T4887] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   52.644398][   T29] audit: type=1400 audit(1721979938.863:406): avc:  denied  { name_bind } for  pid=5043 comm="syz.3.458" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[   52.645732][ T4887] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   52.722845][ T5049] loop3: detected capacity change from 0 to 4096
[   52.729807][ T5049] EXT4-fs: Ignoring removed nomblk_io_submit option
[   52.742309][ T5049] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.799585][ T5049] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #15: comm syz.3.460: corrupted inode contents
[   52.816680][   T29] audit: type=1400 audit(1721979939.033:407): avc:  denied  { ioctl } for  pid=5055 comm="syz.2.462" path="socket:[9826]" dev="sockfs" ino=9826 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   52.817034][ T5056] netlink: 28 bytes leftover after parsing attributes in process `syz.2.462'.
[   52.851137][ T5056] netlink: 36 bytes leftover after parsing attributes in process `syz.2.462'.
[   52.861235][ T5049] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #15: comm syz.3.460: mark_inode_dirty error
[   52.872815][   T29] audit: type=1400 audit(1721979939.083:408): avc:  denied  { ioctl } for  pid=5055 comm="syz.2.462" path="socket:[9830]" dev="sockfs" ino=9830 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   52.879576][ T5049] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #15: comm syz.3.460: corrupted inode contents
[   52.927250][ T5049] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.460: mark_inode_dirty error
[   52.940384][ T5049] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #15: comm syz.3.460: corrupted inode contents
[   52.950215][ T5060] loop2: detected capacity change from 0 to 512
[   52.953046][ T5049] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.460: mark_inode_dirty error
[   52.970039][ T5049] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #15: comm syz.3.460: corrupted inode contents
[   52.972185][ T5060] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.985764][ T5049] EXT4-fs error (device loop3): ext4_truncate:4241: inode #15: comm syz.3.460: mark_inode_dirty error
[   52.996694][ T5060] ext4 filesystem being mounted at /60/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   53.008978][ T5049] EXT4-fs error (device loop3) in ext4_setattr:5553: Corrupt filesystem
[   53.037137][ T4047] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.049629][ T3816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.082522][ T5066] loop3: detected capacity change from 0 to 2048
[   53.092073][ T5066] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.114350][ T3816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.136443][ T5079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.469'.
[   53.169405][ T5080] loop2: detected capacity change from 0 to 2048
[   53.179028][ T5080] EXT4-fs: Ignoring removed oldalloc option
[   53.186118][ T5080] EXT4-fs (loop2): invalid inodes per group: 63264
[   53.186118][ T5080] 
[   53.207597][ T5085] netlink: 4 bytes leftover after parsing attributes in process `syz.3.472'.
[   53.216917][ T5085] netlink: 56 bytes leftover after parsing attributes in process `syz.3.472'.
[   53.270512][ T5094] loop3: detected capacity change from 0 to 256
[   53.294296][ T5094] Core dump to core aborted: cannot preserve file permissions
[   53.294865][   T29] audit: type=1400 audit(1721979939.513:409): avc:  denied  { listen } for  pid=5096 comm="syz.2.477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   53.313356][ T5099] loop4: detected capacity change from 0 to 136
[   53.331508][ T5099] x_tables: duplicate underflow at hook 3
[   53.369716][ T5108] loop4: detected capacity change from 0 to 512
[   53.376438][ T5108] EXT4-fs: dax option not supported
[   53.398967][ T5111] loop4: detected capacity change from 0 to 1024
[   53.405800][ T5111] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.414338][ T5111] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.429087][ T5111] process 'syz.4.482' launched './file2' with NULL argv: empty string added
[   53.452768][ T3264] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.506136][ T5119] loop4: detected capacity change from 0 to 512
[   53.521800][ T5119] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   53.534481][ T5119] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.547130][ T5119] FAULT_INJECTION: forcing a failure.
[   53.547130][ T5119] name failslab, interval 1, probability 0, space 0, times 0
[   53.560715][ T5119] CPU: 0 UID: 0 PID: 5119 Comm: syz.4.484 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   53.570977][ T5119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   53.581075][ T5119] Call Trace:
[   53.584476][ T5119]  <TASK>
[   53.587442][ T5119]  dump_stack_lvl+0xf2/0x150
[   53.592207][ T5119]  dump_stack+0x15/0x20
[   53.596715][ T5119]  should_fail_ex+0x229/0x230
[   53.601543][ T5119]  ? alloc_pipe_info+0x1cb/0x360
[   53.606703][ T5119]  should_failslab+0x8f/0xb0
[   53.611303][ T5119]  __kmalloc_noprof+0xa5/0x370
[   53.616155][ T5119]  alloc_pipe_info+0x1cb/0x360
[   53.620973][ T5119]  splice_direct_to_actor+0x615/0x670
[   53.626364][ T5119]  ? kstrtouint_from_user+0xb0/0xe0
[   53.631565][ T5119]  ? __pfx_direct_splice_actor+0x10/0x10
[   53.637335][ T5119]  ? avc_policy_seqno+0x15/0x20
[   53.642301][ T5119]  ? selinux_file_permission+0x22c/0x360
[   53.648056][ T5119]  do_splice_direct+0xd7/0x150
[   53.652821][ T5119]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   53.658892][ T5119]  do_sendfile+0x3ab/0x950
[   53.663379][ T5119]  __x64_sys_sendfile64+0x110/0x150
[   53.668632][ T5119]  x64_sys_call+0xfc3/0x2e00
[   53.673225][ T5119]  do_syscall_64+0xc9/0x1c0
[   53.677914][ T5119]  ? clear_bhb_loop+0x55/0xb0
[   53.682708][ T5119]  ? clear_bhb_loop+0x55/0xb0
[   53.687478][ T5119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.693422][ T5119] RIP: 0033:0x7f90504f7299
[   53.698000][ T5119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.717758][ T5119] RSP: 002b:00007f904f177048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   53.726256][ T5119] RAX: ffffffffffffffda RBX: 00007f9050685f80 RCX: 00007f90504f7299
[   53.734245][ T5119] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[   53.742251][ T5119] RBP: 00007f904f1770a0 R08: 0000000000000000 R09: 0000000000000000
[   53.750539][ T5119] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[   53.758797][ T5119] R13: 000000000000000b R14: 00007f9050685f80 R15: 00007ffc08a8a308
[   53.766903][ T5119]  </TASK>
[   53.782099][ T3264] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   53.823871][ T5127] netlink: 16 bytes leftover after parsing attributes in process `syz.4.487'.
[   53.923967][ T5136] xt_HMARK: spi-set and port-set can't be combined
[   54.156587][ T5143] loop2: detected capacity change from 0 to 128
[   54.163371][ T5143] EXT4-fs: Ignoring removed nobh option
[   54.171537][ T5143] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   54.184050][ T5143] ext4 filesystem being mounted at /68/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   54.229164][ T4047] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   54.246106][ T5146] netlink: 380 bytes leftover after parsing attributes in process `syz.2.494'.
[   54.369980][ T5157] netlink: 12 bytes leftover after parsing attributes in process `syz.2.498'.
[   54.411928][ T5159] bridge1: the hash_elasticity option has been deprecated and is always 16
[   54.553819][ T5166] loop2: detected capacity change from 0 to 512
[   54.562250][ T5166] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.501: invalid block
[   54.574363][ T5166] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.501: invalid indirect mapped block 4294967295 (level 1)
[   54.588705][ T5166] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.501: invalid indirect mapped block 4294967295 (level 1)
[   54.603036][ T5166] EXT4-fs (loop2): 2 truncates cleaned up
[   54.706915][ T5174] loop4: detected capacity change from 0 to 512
[   54.714061][ T5174] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   54.724351][ T5174] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002]
[   54.733312][ T5174] EXT4-fs (loop4): orphan cleanup on readonly fs
[   54.740430][ T5174] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.503: bg 0: block 361: padding at end of block bitmap is not set
[   54.756347][ T5174] EXT4-fs (loop4): Remounting filesystem read-only
[   54.765123][ T5174] EXT4-fs (loop4): 1 truncate cleaned up
[   54.772419][ T5174] SELinux: (dev loop4, type ext4) getxattr errno 5
[   54.793630][   T29] kauditd_printk_skb: 6 callbacks suppressed
[   54.793642][   T29] audit: type=1326 audit(1721980453.015:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5176 comm="syz.0.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feee6b27299 code=0x7ffc0000
[   54.800966][ T5179] loop4: detected capacity change from 0 to 1764
[   54.824105][   T29] audit: type=1326 audit(1721980453.015:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5176 comm="syz.0.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feee6b27299 code=0x7ffc0000
[   54.831751][ T5179] iso9660: Unknown parameter 'session3'
[   54.857240][   T29] audit: type=1326 audit(1721980453.075:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5176 comm="syz.0.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7feee6b27299 code=0x7ffc0000
[   54.887799][   T29] audit: type=1326 audit(1721980453.075:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5176 comm="syz.0.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feee6b27299 code=0x7ffc0000
[   54.911924][   T29] audit: type=1326 audit(1721980453.075:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5176 comm="syz.0.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feee6b27299 code=0x7ffc0000
[   54.993680][ T5183] loop0: detected capacity change from 0 to 512
[   55.000621][ T5183] EXT4-fs (loop0): bad block size 8192
[   55.141315][ T5205] xt_HMARK: spi-set and port-set can't be combined
[   55.316501][ T5208] loop2: detected capacity change from 0 to 128
[   55.986064][   T29] audit: type=1400 audit(1721980454.205:421): avc:  denied  { mount } for  pid=5214 comm="syz.0.517" name="/" dev="configfs" ino=1300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   56.057823][   T29] audit: type=1400 audit(1721980454.275:422): avc:  denied  { setattr } for  pid=5214 comm="syz.0.517" name="/" dev="configfs" ino=1300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   56.194988][   T29] audit: type=1400 audit(1721980454.415:423): avc:  denied  { watch watch_reads } for  pid=5223 comm="syz.2.519" path="/78/file0" dev="tmpfs" ino=445 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   56.382158][ T5232] IPv6: Can't replace route, no match found
[   56.466713][ T5242] xt_HMARK: spi-set and port-set can't be combined
[   56.500921][ T5246] FAULT_INJECTION: forcing a failure.
[   56.500921][ T5246] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.514190][ T5246] CPU: 1 UID: 0 PID: 5246 Comm: syz.4.529 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   56.524602][ T5246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   56.534762][ T5246] Call Trace:
[   56.538032][ T5246]  <TASK>
[   56.540977][ T5246]  dump_stack_lvl+0xf2/0x150
[   56.545567][ T5246]  dump_stack+0x15/0x20
[   56.549752][ T5246]  should_fail_ex+0x229/0x230
[   56.554422][ T5246]  should_fail+0xb/0x10
[   56.558591][ T5246]  should_fail_usercopy+0x1a/0x20
[   56.563691][ T5246]  _copy_from_user+0x1e/0xd0
[   56.568340][ T5246]  move_addr_to_kernel+0x82/0x120
[   56.573370][ T5246]  __sys_bind+0xe2/0x1d0
[   56.577888][ T5246]  __x64_sys_bind+0x41/0x50
[   56.582744][ T5246]  x64_sys_call+0x1e45/0x2e00
[   56.588092][ T5246]  do_syscall_64+0xc9/0x1c0
[   56.592762][ T5246]  ? clear_bhb_loop+0x55/0xb0
[   56.597466][ T5246]  ? clear_bhb_loop+0x55/0xb0
[   56.602388][ T5246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.608414][ T5246] RIP: 0033:0x7f90504f7299
[   56.612888][ T5246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.632554][ T5246] RSP: 002b:00007f904f177048 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[   56.640977][ T5246] RAX: ffffffffffffffda RBX: 00007f9050685f80 RCX: 00007f90504f7299
[   56.649025][ T5246] RDX: 0000000000000014 RSI: 0000000020000140 RDI: 0000000000000005
[   56.657073][ T5246] RBP: 00007f904f1770a0 R08: 0000000000000000 R09: 0000000000000000
[   56.665032][ T5246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.673035][ T5246] R13: 000000000000000b R14: 00007f9050685f80 R15: 00007ffc08a8a308
[   56.681001][ T5246]  </TASK>
[   56.698310][    C0] eth0: bad gso: type: 1, size: 1408
[   56.722957][   T29] audit: type=1326 audit(1721980454.945:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.2.530" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f74f46c7299 code=0x0
[   56.831635][   T29] audit: type=1400 audit(1721980455.055:425): avc:  denied  { unmount } for  pid=3776 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   56.915715][ T5270] Cannot find add_set index 0 as target
[   56.924691][ T5272] loop4: detected capacity change from 0 to 512
[   56.950524][ T5272] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   56.958532][ T5272] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[   56.966823][ T5272] System zones: 0-1, 15-15, 18-18, 34-34
[   56.973220][ T5272] EXT4-fs (loop4): orphan cleanup on readonly fs
[   56.979711][ T5272] EXT4-fs warning (device loop4): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   56.994935][ T5272] EXT4-fs (loop4): Cannot turn on quotas: error -22
[   57.003911][ T5272] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.537: bg 0: block 40: padding at end of block bitmap is not set
[   57.022996][ T5272] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[   57.033189][ T5272] EXT4-fs (loop4): 1 truncate cleaned up
[   57.142964][ T5285] netlink: 'syz.0.543': attribute type 1 has an invalid length.
[   57.172897][ T5287] xt_HMARK: spi-set and port-set can't be combined
[   57.216632][ T5285] loop0: detected capacity change from 0 to 1024
[   57.474608][ T5303] __nla_validate_parse: 7 callbacks suppressed
[   57.474624][ T5303] netlink: 44 bytes leftover after parsing attributes in process `syz.1.546'.
[   57.492853][ T5305] loop3: detected capacity change from 0 to 1024
[   57.505040][ T5305] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   57.514324][ T5305] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   57.525406][ T5305] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)!
[   57.535966][ T5305] EXT4-fs (loop3): group descriptors corrupted!
[   57.615328][ T5314] syzkaller1: entered promiscuous mode
[   57.616088][ T5318] netlink: 32 bytes leftover after parsing attributes in process `syz.3.553'.
[   57.621181][ T5314] syzkaller1: entered allmulticast mode
[   57.648881][ T5322] xt_HMARK: spi-set and port-set can't be combined
[   57.662295][ T5320] loop2: detected capacity change from 0 to 512
[   57.673721][ T5314] loop4: detected capacity change from 0 to 1764
[   57.680956][ T5320] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   57.692157][ T5314] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   57.701708][ T5314] ISOFS: unable to read i-node block
[   57.707103][ T5314] isofs_fill_super: get root inode failed
[   57.720852][ T5320] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #17: comm syz.2.554: iget: bad i_size value: -6917529027641081756
[   57.735187][ T5320] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.554: couldn't read orphan inode 17 (err -117)
[   57.796902][ T5342] netlink: 16 bytes leftover after parsing attributes in process `syz.3.560'.
[   57.847964][ T5353] netlink: 68 bytes leftover after parsing attributes in process `syz.2.565'.
[   57.869841][ T5355] netlink: 16 bytes leftover after parsing attributes in process `syz.2.566'.
[   57.917181][ T5366] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   57.932417][ T5369] loop2: detected capacity change from 0 to 136
[   57.941370][ T5369] x_tables: duplicate underflow at hook 3
[   57.961749][ T5372] netlink: 8 bytes leftover after parsing attributes in process `syz.4.572'.
[   57.988830][ T5377] loop4: detected capacity change from 0 to 512
[   58.002673][ T5377] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.042160][ T5385] FAULT_INJECTION: forcing a failure.
[   58.042160][ T5385] name failslab, interval 1, probability 0, space 0, times 0
[   58.055377][ T5385] CPU: 1 UID: 0 PID: 5385 Comm: syz.2.576 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   58.065701][ T5385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   58.076007][ T5385] Call Trace:
[   58.079287][ T5385]  <TASK>
[   58.082230][ T5385]  dump_stack_lvl+0xf2/0x150
[   58.086860][ T5385]  dump_stack+0x15/0x20
[   58.091095][ T5385]  should_fail_ex+0x229/0x230
[   58.095852][ T5385]  ? proc_alloc_inode+0x34/0x90
[   58.100818][ T5385]  should_failslab+0x8f/0xb0
[   58.105435][ T5385]  kmem_cache_alloc_lru_noprof+0x51/0x2a0
[   58.111181][ T5385]  proc_alloc_inode+0x34/0x90
[   58.115943][ T5385]  ? __pfx_proc_alloc_inode+0x10/0x10
[   58.121304][ T5385]  alloc_inode+0x3c/0x160
[   58.125965][ T5385]  new_inode+0x1e/0x100
[   58.130189][ T5385]  proc_pid_make_inode+0x1d/0xd0
[   58.135107][ T5385]  proc_pident_instantiate+0x44/0x180
[   58.140552][ T5385]  proc_fill_cache+0x1bf/0x240
[   58.145435][ T5385]  ? __pfx_proc_pident_instantiate+0x10/0x10
[   58.151416][ T5385]  proc_pident_readdir+0x20b/0x2d0
[   58.156581][ T5385]  proc_tgid_base_readdir+0x29/0x40
[   58.161764][ T5385]  iterate_dir+0x12c/0x330
[   58.166241][ T5385]  __se_sys_getdents+0x88/0x1a0
[   58.171152][ T5385]  ? __pfx_filldir+0x10/0x10
[   58.175851][ T5385]  __x64_sys_getdents+0x43/0x50
[   58.180726][ T5385]  x64_sys_call+0x281a/0x2e00
[   58.185538][ T5385]  do_syscall_64+0xc9/0x1c0
[   58.190059][ T5385]  ? clear_bhb_loop+0x55/0xb0
[   58.194747][ T5385]  ? clear_bhb_loop+0x55/0xb0
[   58.199412][ T5385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.205444][ T5385] RIP: 0033:0x7f74f46c7299
[   58.210197][ T5385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.230139][ T5385] RSP: 002b:00007f74f3347048 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[   58.238531][ T5385] RAX: ffffffffffffffda RBX: 00007f74f4855f80 RCX: 00007f74f46c7299
[   58.246588][ T5385] RDX: 0000000000000ff5 RSI: 0000000020001000 RDI: 0000000000000003
[   58.255019][ T5385] RBP: 00007f74f33470a0 R08: 0000000000000000 R09: 0000000000000000
[   58.262995][ T5385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   58.270958][ T5385] R13: 000000000000000b R14: 00007f74f4855f80 R15: 00007ffe0328cc78
[   58.279069][ T5385]  </TASK>
[   58.300794][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.302484][ T5389] loop2: detected capacity change from 0 to 512
[   58.308246][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.315965][ T5389] EXT4-fs: Ignoring removed bh option
[   58.321952][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.327698][ T5389] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   58.334719][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.345105][ T5389] EXT4-fs (loop2): 1 truncate cleaned up
[   58.350267][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.363497][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.371045][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.371378][ T5391] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=5391 comm=syz.4.577
[   58.378425][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.398664][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.406118][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.413620][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.421124][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.428693][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.436265][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.444103][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.451560][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.459093][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.466628][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.474041][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.481452][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.488840][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.496275][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.503701][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.509321][ T5393] syz_tun: entered promiscuous mode
[   58.511100][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.524379][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.531790][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.539179][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.546600][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.554119][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.561830][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.569278][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.576819][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.584216][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.591806][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.599201][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.606729][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.614223][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.621655][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.629142][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.636548][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.644055][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.651590][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.659058][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   58.666862][ T5393] syz_tun: left promiscuous mode
[   58.672332][   T35] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   58.698496][ T5399] dummy0: Device is already in use.
[   58.751417][ T5411] loop3: detected capacity change from 0 to 512
[   58.752113][ T5404] loop4: detected capacity change from 0 to 4096
[   58.758100][ T5411] EXT4-fs: quotafile must be on filesystem root
[   58.772615][ T5408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.584'.
[   58.786975][ T5404] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #15: comm syz.4.583: corrupted inode contents
[   58.799135][ T5404] EXT4-fs error (device loop4): ext4_dirty_inode:6014: inode #15: comm syz.4.583: mark_inode_dirty error
[   58.800364][ T5414] loop0: detected capacity change from 0 to 128
[   58.811623][ T5404] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #15: comm syz.4.583: corrupted inode contents
[   58.817355][ T5414] EXT4-fs: Ignoring removed nobh option
[   58.829257][ T5404] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #15: comm syz.4.583: mark_inode_dirty error
[   58.856897][ T5414] ext4 filesystem being mounted at /82/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   58.858911][ T5415] 9pnet_fd: Insufficient options for proto=fd
[   58.869225][ T5404] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #15: comm syz.4.583: corrupted inode contents
[   58.888274][ T5404] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #15: comm syz.4.583: mark_inode_dirty error
[   58.899158][ T5418] loop3: detected capacity change from 0 to 512
[   58.900678][ T5404] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #15: comm syz.4.583: corrupted inode contents
[   58.918808][ T5404] EXT4-fs error (device loop4): ext4_truncate:4241: inode #15: comm syz.4.583: mark_inode_dirty error
[   58.922006][ T5418] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.930990][ T5404] EXT4-fs error (device loop4) in ext4_setattr:5553: Corrupt filesystem
[   58.976732][ T5425] netlink: 380 bytes leftover after parsing attributes in process `syz.4.588'.
[   58.997496][ T5427] netlink: 44 bytes leftover after parsing attributes in process `syz.4.589'.
[   59.035286][ T5432] netlink: 14 bytes leftover after parsing attributes in process `syz.4.591'.
[   59.119128][ T5439] loop0: detected capacity change from 0 to 8192
[   59.140455][ T5439]  loop0: p1 p2 p4 < >
[   59.144567][ T5439] loop0: partition table partially beyond EOD, truncated
[   59.152970][ T5439] loop0: p1 size 108986237 extends beyond EOD, truncated
[   59.160824][ T5439] loop0: p2 start 65535 is beyond EOD, truncated
[   59.167227][ T5439] loop0: p4 start 50331648 is beyond EOD, truncated
[   59.189190][ T5439] team0: Port device team_slave_0 removed
[   59.251626][ T5454] loop0: detected capacity change from 0 to 512
[   59.258620][ T5454] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[   59.415517][ T5493] FAULT_INJECTION: forcing a failure.
[   59.415517][ T5493] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.429104][ T5493] CPU: 1 UID: 0 PID: 5493 Comm: syz.0.615 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   59.439658][ T5493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   59.449790][ T5493] Call Trace:
[   59.453140][ T5493]  <TASK>
[   59.456173][ T5493]  dump_stack_lvl+0xf2/0x150
[   59.460978][ T5493]  dump_stack+0x15/0x20
[   59.465280][ T5493]  should_fail_ex+0x229/0x230
[   59.470099][ T5493]  should_fail+0xb/0x10
[   59.474364][ T5493]  should_fail_usercopy+0x1a/0x20
[   59.479930][ T5493]  copy_page_from_iter_atomic+0x22a/0xda0
[   59.485655][ T5493]  ? shmem_write_begin+0xa0/0x1c0
[   59.490744][ T5493]  ? shmem_write_begin+0x10c/0x1c0
[   59.495902][ T5493]  generic_perform_write+0x323/0x580
[   59.501276][ T5493]  shmem_file_write_iter+0xc8/0xf0
[   59.506472][ T5493]  vfs_write+0x78f/0x900
[   59.510701][ T5493]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   59.516521][ T5493]  ksys_write+0xeb/0x1b0
[   59.520865][ T5493]  __x64_sys_write+0x42/0x50
[   59.525461][ T5493]  x64_sys_call+0x2a40/0x2e00
[   59.530759][ T5493]  do_syscall_64+0xc9/0x1c0
[   59.535409][ T5493]  ? clear_bhb_loop+0x55/0xb0
[   59.540220][ T5493]  ? clear_bhb_loop+0x55/0xb0
[   59.544982][ T5493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.550877][ T5493] RIP: 0033:0x7feee6b25e1f
[   59.555336][ T5493] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[   59.574958][ T5493] RSP: 002b:00007feee57a6e00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   59.583496][ T5493] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007feee6b25e1f
[   59.591630][ T5493] RDX: 0000000000040000 RSI: 00007feedd387000 RDI: 0000000000000004
[   59.599682][ T5493] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000054d
[   59.607815][ T5493] R10: 0000000020001cc2 R11: 0000000000000293 R12: 0000000000000004
[   59.615859][ T5493] R13: 00007feee57a6f00 R14: 00007feee57a6ec0 R15: 00007feedd387000
[   59.623823][ T5493]  </TASK>
[   59.628496][ T5493] loop0: detected capacity change from 0 to 512
[   59.638841][ T5493] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[   59.647743][ T5496] xt_HMARK: spi-set and port-set can't be combined
[   59.649167][ T5493] EXT4-fs (loop0): failed to initialize system zone (-117)
[   59.662727][ T5493] EXT4-fs (loop0): mount failed
[   59.694588][ T5504] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   59.724141][ T5509] xt_CT: You must specify a L4 protocol and not use inversions on it
[   59.895236][ T5538] xt_HMARK: spi-set and port-set can't be combined
[   59.906314][ T5540] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   60.058416][   T29] kauditd_printk_skb: 46 callbacks suppressed
[   60.058430][   T29] audit: type=1400 audit(1721980458.275:471): avc:  denied  { write } for  pid=5556 comm="syz.4.638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   60.064884][ T5557] loop4: detected capacity change from 0 to 1024
[   60.101690][ T5557] ext4 filesystem being mounted at /186/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.113066][   T29] audit: type=1400 audit(1721980458.335:472): avc:  denied  { ioctl } for  pid=5556 comm="syz.4.638" path="socket:[11664]" dev="sockfs" ino=11664 ioctlcmd=0x89f0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   60.147657][   T29] audit: type=1400 audit(1721980458.355:473): avc:  denied  { map } for  pid=5556 comm="syz.4.638" path="/186/file1/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   60.170032][   T29] audit: type=1400 audit(1721980458.365:474): avc:  denied  { execute } for  pid=5556 comm="syz.4.638" path="/186/file1/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   60.192892][   T29] audit: type=1400 audit(1721980458.365:475): avc:  denied  { getopt } for  pid=5556 comm="syz.4.638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   60.212292][   T29] audit: type=1400 audit(1721980458.365:476): avc:  denied  { setopt } for  pid=5556 comm="syz.4.638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   60.331649][   T29] audit: type=1400 audit(1721980458.555:477): avc:  denied  { create } for  pid=5577 comm="syz.4.644" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   60.363068][ T5580] xt_HMARK: spi-set and port-set can't be combined
[   60.451714][   T29] audit: type=1400 audit(1721980458.675:478): avc:  denied  { connect } for  pid=5586 comm="syz.4.648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[   60.563220][ T5601] loop4: detected capacity change from 0 to 1024
[   60.571838][ T5603] xt_HMARK: spi-set and port-set can't be combined
[   60.583417][ T5601] netlink: 'syz.4.655': attribute type 5 has an invalid length.
[   60.653891][   T29] audit: type=1400 audit(1721980458.875:479): avc:  denied  { read } for  pid=5615 comm="syz.1.659" name="event0" dev="devtmpfs" ino=218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   60.683885][ T5616] loop1: detected capacity change from 0 to 512
[   60.703148][ T5616] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.771371][ T5631] IPv6: Can't replace route, no match found
[   60.791037][ T5634] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[   60.799521][ T5634] bond0: entered promiscuous mode
[   60.804648][ T5634] bond_slave_0: entered promiscuous mode
[   60.810389][ T5634] bond_slave_1: entered promiscuous mode
[   60.835763][ T5637] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode balance-tlb(5)
[   60.837658][ T5639] xt_HMARK: spi-set and port-set can't be combined
[   60.875090][   T29] audit: type=1400 audit(1721980459.095:480): avc:  denied  { sqpoll } for  pid=5642 comm="syz.0.670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   60.920075][    C0] eth0: bad gso: type: 1, size: 1408
[   61.057729][ T5668] FAULT_INJECTION: forcing a failure.
[   61.057729][ T5668] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.070977][ T5668] CPU: 0 UID: 0 PID: 5668 Comm: syz.0.680 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   61.081211][ T5668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   61.091269][ T5668] Call Trace:
[   61.094585][ T5668]  <TASK>
[   61.097536][ T5668]  dump_stack_lvl+0xf2/0x150
[   61.102224][ T5668]  dump_stack+0x15/0x20
[   61.106364][ T5668]  should_fail_ex+0x229/0x230
[   61.111032][ T5668]  should_fail+0xb/0x10
[   61.115253][ T5668]  should_fail_usercopy+0x1a/0x20
[   61.120269][ T5668]  _copy_from_user+0x1e/0xd0
[   61.124856][ T5668]  move_addr_to_kernel+0x82/0x120
[   61.130019][ T5668]  copy_msghdr_from_user+0x271/0x2a0
[   61.135376][ T5668]  __sys_sendmmsg+0x22a/0x500
[   61.140058][ T5668]  __x64_sys_sendmmsg+0x57/0x70
[   61.144936][ T5668]  x64_sys_call+0x2b4e/0x2e00
[   61.149659][ T5668]  do_syscall_64+0xc9/0x1c0
[   61.154158][ T5668]  ? clear_bhb_loop+0x55/0xb0
[   61.158834][ T5668]  ? clear_bhb_loop+0x55/0xb0
[   61.163533][ T5668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.169411][ T5668] RIP: 0033:0x7feee6b27299
[   61.173966][ T5668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.193714][ T5668] RSP: 002b:00007feee57a7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   61.202209][ T5668] RAX: ffffffffffffffda RBX: 00007feee6cb5f80 RCX: 00007feee6b27299
[   61.210429][ T5668] RDX: 0000000000000001 RSI: 0000000020000380 RDI: 0000000000000003
[   61.218466][ T5668] RBP: 00007feee57a70a0 R08: 0000000000000000 R09: 0000000000000000
[   61.226501][ T5668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.234604][ T5668] R13: 000000000000000b R14: 00007feee6cb5f80 R15: 00007ffec8e71e08
[   61.242594][ T5668]  </TASK>
[   61.287574][ T5685] xt_HMARK: spi-set and port-set can't be combined
[   61.502412][ T5688] ref_tracker: memory allocation failure, unreliable refcount tracker.
[   61.655150][ T5697] loop2: detected capacity change from 0 to 256
[   61.677527][ T4047] FAT-fs (loop2): error, corrupted directory (invalid entries)
[   61.685361][ T4047] FAT-fs (loop2): error, corrupted directory (invalid entries)
[   61.865882][ T5700] loop4: detected capacity change from 0 to 1024
[   61.974214][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.030119][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.083553][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.097296][ T5705] chnl_net:caif_netlink_parms(): no params data found
[   62.139107][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.150717][ T5705] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.157788][ T5705] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.165283][ T5705] bridge_slave_0: entered allmulticast mode
[   62.174055][ T5705] bridge_slave_0: entered promiscuous mode
[   62.180589][ T5723] loop0: detected capacity change from 0 to 512
[   62.182316][ T5705] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.194838][ T5705] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.203016][ T5705] bridge_slave_1: entered allmulticast mode
[   62.209296][ T5723] EXT4-fs (loop0): orphan cleanup on readonly fs
[   62.209551][ T5705] bridge_slave_1: entered promiscuous mode
[   62.216286][ T5723] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   62.236824][ T5723] EXT4-fs (loop0): Cannot turn on quotas: error -22
[   62.243742][ T5723] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz.0.694: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   62.262035][ T5723] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.694: couldn't read orphan inode 13 (err -117)
[   62.276314][ T5705] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.287960][ T5705] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.315907][ T5705] team0: Port device team_slave_0 added
[   62.324192][ T5705] team0: Port device team_slave_1 added
[   62.334716][ T5728] loop0: detected capacity change from 0 to 512
[   62.341533][ T5728] EXT4-fs: dax option not supported
[   62.347726][   T36] bridge_slave_1: left allmulticast mode
[   62.353621][   T36] bridge_slave_1: left promiscuous mode
[   62.359320][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.367899][   T36] bridge_slave_0: left allmulticast mode
[   62.373909][   T36] bridge_slave_0: left promiscuous mode
[   62.379824][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.484473][ T5735] loop0: detected capacity change from 0 to 128
[   62.532656][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   62.542954][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   62.553148][   T36] bond0 (unregistering): Released all slaves
[   62.565369][ T5705] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.572603][ T5705] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.599174][ T5705] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.615596][ T5705] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.622664][ T5705] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.648793][ T5705] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.675572][ T5705] hsr_slave_0: entered promiscuous mode
[   62.681868][ T5705] hsr_slave_1: entered promiscuous mode
[   62.694336][   T36] hsr_slave_0: left promiscuous mode
[   62.700883][   T36] hsr_slave_1: left promiscuous mode
[   62.706811][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   62.714334][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[   62.723302][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   62.730777][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[   62.740394][   T36] veth1_macvtap: left promiscuous mode
[   62.745909][   T36] veth1_vlan: left promiscuous mode
[   62.751320][   T36] veth0_vlan: left promiscuous mode
[   62.841814][   T36] team0 (unregistering): Port device team_slave_1 removed
[   62.986723][ T5745] loop4: detected capacity change from 0 to 512
[   62.994448][ T5745] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   63.011784][ T5745] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #17: comm syz.4.701: iget: bad i_size value: -6917529027641081756
[   63.025516][ T5745] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.701: couldn't read orphan inode 17 (err -117)
[   63.064651][ T5749] xt_HMARK: spi-set and port-set can't be combined
[   63.176506][ T5705] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   63.186020][ T5705] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   63.194823][ T5705] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   63.204081][ T5705] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   63.239037][ T5705] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.250745][ T5705] 8021q: adding VLAN 0 to HW filter on device team0
[   63.261281][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.268445][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.281654][ T3397] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.288990][ T3397] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.308213][ T5705] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   63.318772][ T5705] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   63.369170][ T5705] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.433158][ T5705] veth0_vlan: entered promiscuous mode
[   63.441528][ T5705] veth1_vlan: entered promiscuous mode
[   63.457798][ T5705] veth0_macvtap: entered promiscuous mode
[   63.465685][ T5705] veth1_macvtap: entered promiscuous mode
[   63.476765][ T5705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.488124][ T5705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.498098][ T5705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.509234][ T5705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.519382][ T5705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.529897][ T5705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.539886][ T5705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.550473][ T5705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.562808][ T5705] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.573323][ T5705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.583863][ T5705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.593758][ T5705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.604402][ T5705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.614449][ T5705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.625436][ T5705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.635507][ T5705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.646030][ T5705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.657459][ T5705] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.667608][ T5705] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.676649][ T5705] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.685673][ T5705] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.687490][ T5764] __nla_validate_parse: 17 callbacks suppressed
[   63.687504][ T5764] netlink: 32 bytes leftover after parsing attributes in process `syz.0.704'.
[   63.694921][ T5705] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.821360][    C0] eth0: bad gso: type: 1, size: 1408
[   63.827331][    C0] eth0: bad gso: type: 1, size: 1408
[   63.841898][ T5774] netlink: 80 bytes leftover after parsing attributes in process `syz.0.706'.
[   63.924597][ T5782] netlink: 8 bytes leftover after parsing attributes in process `syz.4.709'.
[   63.937585][ T5784] loop2: detected capacity change from 0 to 512
[   63.945822][ T5785] netlink: 44 bytes leftover after parsing attributes in process `syz.0.708'.
[   63.972567][ T5787] loop4: detected capacity change from 0 to 128
[   63.972818][ T5784] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.982304][ T5787] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.006832][ T5787] Process accounting resumed
[   64.087902][ T5798] loop2: detected capacity change from 0 to 512
[   64.095940][ T5798] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.715: bad orphan inode 17
[   64.106490][ T5798] ext4_test_bit(bit=16, block=4) = 1
[   64.111858][ T5798] is_bad_inode(inode)=0
[   64.116188][ T5798] NEXT_ORPHAN(inode)=0
[   64.120373][ T5798] max_ino=32
[   64.123656][ T5798] i_nlink=1
[   64.128535][ T5798] netlink: 4 bytes leftover after parsing attributes in process `syz.2.715'.
[   64.163389][ T5802] loop2: detected capacity change from 0 to 2048
[   64.391804][ T5810] netlink: 132 bytes leftover after parsing attributes in process `syz.1.718'.
[   64.412753][ T5812] xt_HMARK: spi-set and port-set can't be combined
[   64.791350][ T5821] netlink: 380 bytes leftover after parsing attributes in process `syz.0.722'.
[   64.812877][ T5823] netlink: 14 bytes leftover after parsing attributes in process `syz.0.723'.
[   65.123656][ T5835] netlink: 16 bytes leftover after parsing attributes in process `syz.2.727'.
[   65.149539][ T5837] loop2: detected capacity change from 0 to 128
[   65.156198][ T5837] EXT4-fs: Ignoring removed nobh option
[   65.165002][ T5837] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   65.242799][ T5845] netlink: 44 bytes leftover after parsing attributes in process `syz.0.730'.
[   65.305042][ T5852] loop1: detected capacity change from 0 to 512
[   65.312273][   T29] kauditd_printk_skb: 28 callbacks suppressed
[   65.312286][   T29] audit: type=1400 audit(1721980463.535:509): avc:  denied  { remount } for  pid=5851 comm="syz.1.733" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   65.429910][ T5863] loop2: detected capacity change from 0 to 4096
[   65.495911][ T5880] netlink: 'syz.2.736': attribute type 5 has an invalid length.
[   65.539070][   T29] audit: type=1326 audit(1721980463.755:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5881 comm="syz.1.743" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3101507299 code=0x0
[   66.037675][ T5887] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3584 sclass=netlink_route_socket pid=5887 comm=syz.0.744
[   66.279744][ T5900] loop2: detected capacity change from 0 to 512
[   66.292744][ T5900] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.387446][ T5916] loop1: detected capacity change from 0 to 512
[   66.395628][ T5916] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   66.412608][ T5916] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #17: comm syz.1.752: iget: bad i_size value: -6917529027641081756
[   66.426303][ T5916] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.752: couldn't read orphan inode 17 (err -117)
[   66.489406][   T29] audit: type=1400 audit(1721980464.705:511): avc:  denied  { setattr } for  pid=5938 comm="syz.1.759" name="SCTPv6" dev="sockfs" ino=13519 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   66.513636][ T5939] loop1: detected capacity change from 0 to 512
[   66.532485][ T5939] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.649987][ T5955] FAULT_INJECTION: forcing a failure.
[   66.649987][ T5955] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.665097][ T5955] CPU: 0 UID: 0 PID: 5955 Comm: syz.2.765 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   66.675576][ T5955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   66.685713][ T5955] Call Trace:
[   66.688991][ T5955]  <TASK>
[   66.692005][ T5955]  dump_stack_lvl+0xf2/0x150
[   66.696779][ T5955]  dump_stack+0x15/0x20
[   66.700970][ T5955]  should_fail_ex+0x229/0x230
[   66.705667][ T5955]  should_fail+0xb/0x10
[   66.709894][ T5955]  should_fail_usercopy+0x1a/0x20
[   66.715070][ T5955]  _copy_from_iter+0xd3/0xb00
[   66.719803][ T5955]  ? kmalloc_reserve+0x16e/0x190
[   66.724785][ T5955]  ? __build_skb_around+0x196/0x1f0
[   66.730189][ T5955]  ? __alloc_skb+0x21f/0x310
[   66.734895][ T5955]  ? __virt_addr_valid+0x1ed/0x250
[   66.740002][ T5955]  ? __check_object_size+0x35b/0x510
[   66.745295][ T5955]  netlink_sendmsg+0x460/0x6e0
[   66.750243][ T5955]  ? __pfx_netlink_sendmsg+0x10/0x10
[   66.755553][ T5955]  __sock_sendmsg+0x140/0x180
[   66.760245][ T5955]  ____sys_sendmsg+0x312/0x410
[   66.765079][ T5955]  __sys_sendmsg+0x1e9/0x280
[   66.769839][ T5955]  __x64_sys_sendmsg+0x46/0x50
[   66.774863][ T5955]  x64_sys_call+0x26f8/0x2e00
[   66.779765][ T5955]  do_syscall_64+0xc9/0x1c0
[   66.784558][ T5955]  ? clear_bhb_loop+0x55/0xb0
[   66.789681][ T5955]  ? clear_bhb_loop+0x55/0xb0
[   66.794805][ T5955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.800790][ T5955] RIP: 0033:0x7fcac7c07299
[   66.805344][ T5955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.825670][ T5955] RSP: 002b:00007fcac6887048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   66.834467][ T5955] RAX: ffffffffffffffda RBX: 00007fcac7d95f80 RCX: 00007fcac7c07299
[   66.843128][ T5955] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[   66.851212][ T5955] RBP: 00007fcac68870a0 R08: 0000000000000000 R09: 0000000000000000
[   66.859587][ T5955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.867825][ T5955] R13: 000000000000000b R14: 00007fcac7d95f80 R15: 00007ffc05e751d8
[   66.876314][ T5955]  </TASK>
[   66.902421][ T5957] loop2: detected capacity change from 0 to 2048
[   66.934724][ T5965] can: request_module (can-proto-5) failed.
[   66.981687][ T5974] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   67.044852][ T5978] syz.2.766 (5978) used greatest stack depth: 9640 bytes left
[   67.054610][ T5977] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.766: bg 0: block 234: padding at end of block bitmap is not set
[   67.069459][ T5977] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 117
[   67.083168][ T5977] EXT4-fs (loop2): This should not happen!! Data will be lost
[   67.083168][ T5977] 
[   67.115016][ T5977] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   67.127856][ T5977] EXT4-fs (loop2): This should not happen!! Data will be lost
[   67.127856][ T5977] 
[   67.137948][ T5977] EXT4-fs (loop2): Total free blocks count 0
[   67.143965][ T5977] EXT4-fs (loop2): Free/Dirty block details
[   67.149948][ T5977] EXT4-fs (loop2): free_blocks=0
[   67.155193][ T5977] EXT4-fs (loop2): dirty_blocks=4656
[   67.160511][ T5977] EXT4-fs (loop2): Block reservation details
[   67.167287][ T5977] EXT4-fs (loop2): i_reserved_data_blocks=291
[   67.259897][   T29] audit: type=1400 audit(1721980465.475:512): avc:  denied  { ioctl } for  pid=5999 comm="syz.4.779" path="socket:[14406]" dev="sockfs" ino=14406 ioctlcmd=0x894b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   67.297152][ T6001] Â: renamed from pim6reg1
[   67.322570][   T29] audit: type=1400 audit(1721980465.545:513): avc:  denied  { write } for  pid=6002 comm="syz.2.780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   67.394770][ T6021] loop2: detected capacity change from 0 to 512
[   67.413587][ T6021] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   67.421742][ T6021] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[   67.431684][ T6021] System zones: 0-1, 15-15, 18-18, 34-34
[   67.437920][ T6021] EXT4-fs (loop2): orphan cleanup on readonly fs
[   67.444495][ T6021] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[   67.454841][ T6021] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   67.469608][ T6021] EXT4-fs (loop2): Cannot turn on quotas: error -22
[   67.478410][ T6021] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.787: bg 0: block 40: padding at end of block bitmap is not set
[   67.494036][ T6021] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[   67.503198][ T6021] EXT4-fs (loop2): 1 truncate cleaned up
[   67.511098][ T6021] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.787: corrupted xattr block 19: bad e_name length
[   67.517815][ T6029] dummy0: Device is already in use.
[   67.524669][ T6021] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   67.539174][ T6021] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.787: corrupted xattr block 19: bad e_name length
[   67.553510][ T6021] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   67.562656][ T6021] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.787: corrupted xattr block 19: bad e_name length
[   67.564205][   T29] audit: type=1400 audit(1721980465.785:514): avc:  denied  { read } for  pid=6019 comm="syz.2.787" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   67.581001][ T6021] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   67.608106][   T29] audit: type=1400 audit(1721980465.795:515): avc:  denied  { getopt } for  pid=6032 comm="syz.4.790" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   67.629528][   T29] audit: type=1400 audit(1721980465.795:516): avc:  denied  { create } for  pid=6032 comm="syz.4.790" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   67.649917][   T29] audit: type=1400 audit(1721980465.825:517): avc:  denied  { open } for  pid=6019 comm="syz.2.787" path="/32/file2/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   67.667986][ T6040] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.679799][ T6021] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.787: corrupted xattr block 19: bad e_name length
[   67.683756][ T6040] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.697559][ T6021] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   67.714284][ T6021] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.787: corrupted xattr block 19: bad e_name length
[   67.728185][ T6021] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[   67.738181][ T6021] netlink: 'syz.2.787': attribute type 10 has an invalid length.
[   67.746107][ T6021] bridge0: port 3(team0) entered blocking state
[   67.752578][ T6021] bridge0: port 3(team0) entered disabled state
[   67.758957][ T6021] team0: entered allmulticast mode
[   67.764161][ T6021] team_slave_0: entered allmulticast mode
[   67.769869][ T6021] team_slave_1: entered allmulticast mode
[   67.778163][ T6021] team0: entered promiscuous mode
[   67.783293][ T6021] team_slave_0: entered promiscuous mode
[   67.789015][ T6021] team_slave_1: entered promiscuous mode
[   67.795372][ T6021] bridge0: port 3(team0) entered blocking state
[   67.802382][ T6021] bridge0: port 3(team0) entered forwarding state
[   67.809179][ T6034] netlink: 'syz.2.787': attribute type 10 has an invalid length.
[   68.332077][ T6051] FAULT_INJECTION: forcing a failure.
[   68.332077][ T6051] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.345401][ T6051] CPU: 0 UID: 0 PID: 6051 Comm: syz.1.797 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   68.355735][ T6051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   68.365872][ T6051] Call Trace:
[   68.369251][ T6051]  <TASK>
[   68.372270][ T6051]  dump_stack_lvl+0xf2/0x150
[   68.376898][ T6051]  dump_stack+0x15/0x20
[   68.381159][ T6051]  should_fail_ex+0x229/0x230
[   68.386582][ T6051]  should_fail+0xb/0x10
[   68.391089][ T6051]  should_fail_usercopy+0x1a/0x20
[   68.396125][ T6051]  _copy_from_user+0x1e/0xd0
[   68.400714][ T6051]  input_event_from_user+0x126/0x1e0
[   68.406003][ T6051]  evdev_write+0x288/0x420
[   68.410497][ T6051]  ? __pfx_evdev_write+0x10/0x10
[   68.415483][ T6051]  vfs_write+0x28b/0x900
[   68.419758][ T6051]  ? __fget_files+0x1da/0x210
[   68.424425][ T6051]  ksys_write+0xeb/0x1b0
[   68.428744][ T6051]  __x64_sys_write+0x42/0x50
[   68.433461][ T6051]  x64_sys_call+0x2a40/0x2e00
[   68.438139][ T6051]  do_syscall_64+0xc9/0x1c0
[   68.442639][ T6051]  ? clear_bhb_loop+0x55/0xb0
[   68.447371][ T6051]  ? clear_bhb_loop+0x55/0xb0
[   68.452097][ T6051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.458011][ T6051] RIP: 0033:0x7f3101507299
[   68.462421][ T6051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.482076][ T6051] RSP: 002b:00007f3100166048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   68.490894][ T6051] RAX: ffffffffffffffda RBX: 00007f3101696058 RCX: 00007f3101507299
[   68.498886][ T6051] RDX: 0000000000001068 RSI: 0000000020000040 RDI: 0000000000000004
[   68.506877][ T6051] RBP: 00007f31001660a0 R08: 0000000000000000 R09: 0000000000000000
[   68.514854][ T6051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   68.522877][ T6051] R13: 000000000000006e R14: 00007f3101696058 R15: 00007ffc13a295f8
[   68.530843][ T6051]  </TASK>
[   68.540889][ T6052] loop4: detected capacity change from 0 to 764
[   69.132614][ T3816] EXT4-fs unmount: 52 callbacks suppressed
[   69.132628][ T3816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.213499][ T6066] loop1: detected capacity change from 0 to 512
[   69.223849][ T6059] __nla_validate_parse: 7 callbacks suppressed
[   69.223862][ T6059] netlink: 64 bytes leftover after parsing attributes in process `syz.4.800'.
[   69.242173][ T6059] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=6059 comm=syz.4.800
[   69.249030][ T6066] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.268466][ T6066] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.318719][ T4887] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.365624][ T6056] chnl_net:caif_netlink_parms(): no params data found
[   69.382676][ T6088] netlink: 20 bytes leftover after parsing attributes in process `syz.1.807'.
[   69.393665][ T6088] vlan2: entered promiscuous mode
[   69.399021][ T6088] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[   69.424397][   T50] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.462626][ T6056] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.469784][ T6056] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.477090][ T6056] bridge_slave_0: entered allmulticast mode
[   69.483457][ T6056] bridge_slave_0: entered promiscuous mode
[   69.493435][   T50] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.505152][ T6056] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.512546][ T6056] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.519926][ T6056] bridge_slave_1: entered allmulticast mode
[   69.527385][ T6056] bridge_slave_1: entered promiscuous mode
[   69.535537][ T6099] loop4: detected capacity change from 0 to 512
[   69.543531][ T6099] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.811: bad orphan inode 17
[   69.553765][ T6099] ext4_test_bit(bit=16, block=4) = 1
[   69.559107][ T6099] is_bad_inode(inode)=0
[   69.563320][ T6099] NEXT_ORPHAN(inode)=0
[   69.567436][ T6099] max_ino=32
[   69.571207][ T6101] loop1: detected capacity change from 0 to 764
[   69.578827][ T6099] i_nlink=1
[   69.584493][ T6099] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.585501][   T50] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.599403][ T6099] netlink: 4 bytes leftover after parsing attributes in process `syz.4.811'.
[   69.610865][ T6041] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.626658][ T3264] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.637540][ T6056] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.649343][ T6056] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.671231][ T6104] xt_HMARK: spi-set and port-set can't be combined
[   69.685297][   T50] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.697604][ T6056] team0: Port device team_slave_0 added
[   69.708404][ T6056] team0: Port device team_slave_1 added
[   69.725147][ T6056] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.732225][ T6056] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.758477][ T6056] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.769736][ T6056] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.776798][ T6056] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.802692][ T6056] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.844252][   T50] bridge_slave_1: left allmulticast mode
[   69.850346][   T50] bridge_slave_1: left promiscuous mode
[   69.856339][   T50] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.864174][   T50] bridge_slave_0: left allmulticast mode
[   69.870036][   T50] bridge_slave_0: left promiscuous mode
[   69.875795][   T50] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.963208][   T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   69.973836][   T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   69.984254][   T50] bond0 (unregistering): Released all slaves
[   69.993659][ T6056] hsr_slave_0: entered promiscuous mode
[   69.999804][ T6056] hsr_slave_1: entered promiscuous mode
[   70.007201][ T6056] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   70.014862][ T6056] Cannot create hsr debugfs directory
[   70.075350][   T50] hsr_slave_0: left promiscuous mode
[   70.081043][   T50] hsr_slave_1: left promiscuous mode
[   70.086963][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   70.094529][   T50] batman_adv: batadv0: Removing interface: batadv_slave_0
[   70.102222][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   70.109658][   T50] batman_adv: batadv0: Removing interface: batadv_slave_1
[   70.118822][   T50] veth1_macvtap: left promiscuous mode
[   70.124311][   T50] veth0_macvtap: left promiscuous mode
[   70.129878][   T50] veth1_vlan: left promiscuous mode
[   70.135351][   T50] veth0_vlan: left promiscuous mode
[   70.209089][   T50] team0 (unregistering): Port device team_slave_1 removed
[   70.220943][   T50] team0 (unregistering): Port device team_slave_0 removed
[   70.289367][ T6105] chnl_net:caif_netlink_parms(): no params data found
[   70.326512][ T6105] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.334611][ T6105] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.343208][ T6105] bridge_slave_0: entered allmulticast mode
[   70.344977][ T6124] netlink: 12 bytes leftover after parsing attributes in process `syz.0.816'.
[   70.349731][ T6105] bridge_slave_0: entered promiscuous mode
[   70.367715][ T6105] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.374925][ T6105] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.382417][ T6105] bridge_slave_1: entered allmulticast mode
[   70.392987][ T6105] bridge_slave_1: entered promiscuous mode
[   70.424784][ T6130] 9pnet_fd: Insufficient options for proto=fd
[   70.434261][ T6105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.445055][ T6105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.462543][ T6131] netlink: 'syz.1.818': attribute type 11 has an invalid length.
[   70.490893][ T6105] team0: Port device team_slave_0 added
[   70.501674][ T6105] team0: Port device team_slave_1 added
[   70.511377][ T6131] loop1: detected capacity change from 0 to 512
[   70.554932][ T6131] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.567897][ T6105] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.574875][ T6105] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.600839][ T6105] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.619801][ T6131] ext4 filesystem being mounted at /45/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   70.630937][ T6105] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.637877][ T6105] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.664049][ T6105] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.677813][   T29] kauditd_printk_skb: 8 callbacks suppressed
[   70.677833][   T29] audit: type=1400 audit(1721980468.895:526): avc:  denied  { create } for  pid=6127 comm="syz.1.818" name="blkio.bfq.avg_queue_size" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   70.707171][   T29] audit: type=1400 audit(1721980468.895:527): avc:  denied  { read append open } for  pid=6127 comm="syz.1.818" path="/45/bus/blkio.bfq.avg_queue_size" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   70.743779][ T4887] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.761742][ T6105] hsr_slave_0: entered promiscuous mode
[   70.768308][ T6105] hsr_slave_1: entered promiscuous mode
[   70.778964][ T6105] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   70.783960][ T6159] FAULT_INJECTION: forcing a failure.
[   70.783960][ T6159] name failslab, interval 1, probability 0, space 0, times 0
[   70.786730][ T6105] Cannot create hsr debugfs directory
[   70.799198][ T6159] CPU: 1 UID: 0 PID: 6159 Comm: syz.4.827 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   70.814894][ T6159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   70.825039][ T6159] Call Trace:
[   70.828358][ T6159]  <TASK>
[   70.831328][ T6159]  dump_stack_lvl+0xf2/0x150
[   70.836026][ T6159]  dump_stack+0x15/0x20
[   70.840189][ T6159]  should_fail_ex+0x229/0x230
[   70.841986][ T6165] loop1: detected capacity change from 0 to 512
[   70.844975][ T6159]  ? io_cqring_event_overflow+0x5a/0x300
[   70.857025][ T6159]  should_failslab+0x8f/0xb0
[   70.861936][ T6159]  __kmalloc_noprof+0xa5/0x370
[   70.866713][ T6159]  io_cqring_event_overflow+0x5a/0x300
[   70.872177][ T6159]  io_req_cqe_overflow+0x89/0xb0
[   70.877116][ T6159]  __io_submit_flush_completions+0x34e/0xa00
[   70.883181][ T6159]  io_submit_sqes+0xe91/0x1080
[   70.887989][ T6159]  ? kstrtouint_from_user+0xb0/0xe0
[   70.893200][ T6159]  __se_sys_io_uring_enter+0x1c6/0x15a0
[   70.899091][ T6159]  ? __fget_files+0x1da/0x210
[   70.903759][ T6159]  ? fput+0x13b/0x180
[   70.907807][ T6159]  ? ksys_write+0x178/0x1b0
[   70.912338][ T6159]  __x64_sys_io_uring_enter+0x78/0x90
[   70.917761][ T6159]  x64_sys_call+0x26d0/0x2e00
[   70.922500][ T6159]  do_syscall_64+0xc9/0x1c0
[   70.927000][ T6159]  ? clear_bhb_loop+0x55/0xb0
[   70.931669][ T6159]  ? clear_bhb_loop+0x55/0xb0
[   70.936337][ T6159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.942248][ T6159] RIP: 0033:0x7f90504f7299
[   70.946646][ T6159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.966318][ T6159] RSP: 002b:00007f904f177048 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   70.974897][ T6159] RAX: ffffffffffffffda RBX: 00007f9050685f80 RCX: 00007f90504f7299
[   70.982852][ T6159] RDX: 0000000000000000 RSI: 0000000000006256 RDI: 0000000000000004
[   70.990913][ T6159] RBP: 00007f904f1770a0 R08: 0000000000000000 R09: 0000000000000000
[   70.998944][ T6159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   71.007000][ T6159] R13: 000000000000000b R14: 00007f9050685f80 R15: 00007ffc08a8a308
[   71.014965][ T6159]  </TASK>
[   71.030374][ T6165] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   71.045257][ T6165] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.058399][ T6165] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.090833][ T6165] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[   71.105316][ T6056] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   71.113823][   T29] audit: type=1400 audit(1721980469.335:528): avc:  denied  { rename } for  pid=6164 comm="syz.1.829" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   71.123797][ T6056] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   71.153718][ T6056] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   71.173285][   T50] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.174753][ T6165] netlink: 4 bytes leftover after parsing attributes in process `syz.1.829'.
[   71.200159][ T6056] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   71.214185][   T29] audit: type=1400 audit(1721980469.435:529): avc:  denied  { checkpoint_restore } for  pid=6179 comm="syz.4.832" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   71.244588][   T50] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.259358][ T6056] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.272071][ T6056] 8021q: adding VLAN 0 to HW filter on device team0
[   71.283739][   T50] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.295898][  T785] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.303056][  T785] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.319504][  T785] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.326622][  T785] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.347890][   T50] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.358630][ T6192] netlink: 28 bytes leftover after parsing attributes in process `syz.4.834'.
[   71.372182][ T6056] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   71.382818][ T6056] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   71.383310][ T6194] netlink: 44 bytes leftover after parsing attributes in process `syz.4.835'.
[   71.441171][   T50] team0: left allmulticast mode
[   71.446064][   T50] team_slave_0: left allmulticast mode
[   71.451632][   T50] team_slave_1: left allmulticast mode
[   71.457152][   T50] team0: left promiscuous mode
[   71.462530][   T50] team_slave_0: left promiscuous mode
[   71.467940][   T50] team_slave_1: left promiscuous mode
[   71.473682][   T50] bridge0: port 3(team0) entered disabled state
[   71.481031][   T50] bridge_slave_1: left allmulticast mode
[   71.486717][   T50] bridge_slave_1: left promiscuous mode
[   71.492688][   T50] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.501619][   T50] bridge_slave_0: left allmulticast mode
[   71.507282][   T50] bridge_slave_0: left promiscuous mode
[   71.513000][   T50] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.524994][ T6202] loop4: detected capacity change from 0 to 512
[   71.532044][ T6202] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   71.551582][ T6202] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #17: comm syz.4.836: iget: bad i_size value: -6917529027641081756
[   71.566319][ T6202] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.836: couldn't read orphan inode 17 (err -117)
[   71.578709][ T6202] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.623054][   T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   71.633281][   T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   71.643272][   T50] bond0 (unregistering): Released all slaves
[   71.659592][ T6056] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.684597][ T4887] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.684686][ T3264] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.754753][ T6056] veth0_vlan: entered promiscuous mode
[   71.763283][ T6056] veth1_vlan: entered promiscuous mode
[   71.773731][   T50] hsr_slave_0: left promiscuous mode
[   71.779985][   T50] hsr_slave_1: left promiscuous mode
[   71.786300][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   71.793780][   T50] batman_adv: batadv0: Removing interface: batadv_slave_0
[   71.801834][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   71.809298][   T50] batman_adv: batadv0: Removing interface: batadv_slave_1
[   71.824753][   T50] veth1_macvtap: left promiscuous mode
[   71.824774][   T50] veth0_macvtap: left promiscuous mode
[   71.824843][   T50] veth1_vlan: left promiscuous mode
[   71.824874][   T50] veth0_vlan: left promiscuous mode
[   71.917948][   T50] team0 (unregistering): Port device team_slave_1 removed
[   71.927900][   T50] team0 (unregistering): Port device team_slave_0 removed
[   71.965326][ T6227] netlink: 8 bytes leftover after parsing attributes in process `syz.1.841'.
[   71.977782][ T6227] dummy0: entered promiscuous mode
[   71.998730][ T6056] veth0_macvtap: entered promiscuous mode
[   72.006756][ T6056] veth1_macvtap: entered promiscuous mode
[   72.020641][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.031186][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.041085][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.041945][ T6233] netlink: 44 bytes leftover after parsing attributes in process `syz.1.844'.
[   72.052029][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.052050][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.052064][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.053346][ T6056] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.126142][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.137067][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.147029][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.157647][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.167810][ T6056] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.178274][ T6056] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.189141][ T6056] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.200010][ T6056] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.209264][ T6056] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.218128][ T6056] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.224097][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   72.226840][ T6056] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.257232][ T6241] netlink: 5 bytes leftover after parsing attributes in process `syz.1.847'.
[   72.289497][   T29] audit: type=1400 audit(1721980470.505:530): avc:  denied  { ioctl } for  pid=6245 comm="syz.1.848" path="socket:[15168]" dev="sockfs" ino=15168 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   72.325068][ T6246] loop1: detected capacity change from 0 to 8192
[   72.333986][ T6246] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   72.336623][ T6105] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   72.355941][ T6105] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   72.394952][ T6105] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   72.413458][ T6105] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   72.456308][ T6105] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.492662][ T6105] 8021q: adding VLAN 0 to HW filter on device team0
[   72.508390][  T982] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.515497][  T982] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.526461][  T982] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.533561][  T982] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.558387][ T6105] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.655963][ T6105] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.769222][ T6105] veth0_vlan: entered promiscuous mode
[   72.783399][ T6105] veth1_vlan: entered promiscuous mode
[   72.799257][ T6105] veth0_macvtap: entered promiscuous mode
[   72.813763][ T6105] veth1_macvtap: entered promiscuous mode
[   72.835718][ T6105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.846267][ T6105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.856305][ T6105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.867972][ T6105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.878141][ T6105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.888584][ T6105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.898822][ T6105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.909262][ T6105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.936200][ T6105] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.948154][ T6105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.958709][ T6105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.968978][ T6105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.979680][ T6105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.989605][ T6105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.000079][ T6105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.009967][ T6105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.020425][ T6105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.034808][ T6105] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.044628][ T6105] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.053449][ T6105] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.062237][ T6105] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.070940][ T6105] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.220389][ T6309] dummy0: Device is already in use.
[   73.308631][   T29] audit: type=1400 audit(1721980471.525:531): avc:  denied  { create } for  pid=6328 comm="syz.3.873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   73.309039][ T6329] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6329 comm=syz.3.873
[   73.328417][   T29] audit: type=1400 audit(1721980471.525:532): avc:  denied  { ioctl } for  pid=6328 comm="syz.3.873" path="socket:[15521]" dev="sockfs" ino=15521 ioctlcmd=0x9402 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   73.328458][   T29] audit: type=1400 audit(1721980471.525:533): avc:  denied  { ioctl } for  pid=6328 comm="syz.3.873" path="socket:[15517]" dev="sockfs" ino=15517 ioctlcmd=0x6608 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   73.345129][ T6329] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=6329 comm=syz.3.873
[   73.370655][   T29] audit: type=1400 audit(1721980471.565:534): avc:  denied  { read } for  pid=6328 comm="syz.3.873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   73.605161][    C0] eth0: bad gso: type: 1, size: 1408
[   73.634762][ T6389] loop4: detected capacity change from 0 to 512
[   73.644903][ T3335] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   73.659545][ T3335] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   73.681249][ T6389] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.716234][ T6389] ext4 filesystem being mounted at /263/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.788537][ T3264] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.801840][ T6413] loop1: detected capacity change from 0 to 512
[   73.810250][ T6413] ==================================================================
[   73.818451][ T6413] BUG: KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru
[   73.825843][ T6413] 
[   73.828170][ T6413] write to 0xffff888237d2b950 of 8 bytes by task 3264 on cpu 1:
[   73.835804][ T6413]  invalidate_bh_lru+0x8b/0xf0
[   73.840745][ T6413]  smp_call_function_many_cond+0x690/0xc20
[   73.846547][ T6413]  on_each_cpu_cond_mask+0x3c/0x90
[   73.851650][ T6413]  invalidate_bh_lrus+0x2a/0x30
[   73.856496][ T6413]  invalidate_bdev+0x42/0x70
[   73.861075][ T6413]  ext4_put_super+0x571/0x840
[   73.865921][ T6413]  generic_shutdown_super+0xde/0x210
[   73.871201][ T6413]  kill_block_super+0x2a/0x70
[   73.875865][ T6413]  ext4_kill_sb+0x44/0x80
[   73.880206][ T6413]  deactivate_locked_super+0x7d/0x1c0
[   73.885673][ T6413]  deactivate_super+0x9f/0xb0
[   73.890341][ T6413]  cleanup_mnt+0x268/0x2e0
[   73.894757][ T6413]  __cleanup_mnt+0x19/0x20
[   73.899163][ T6413]  task_work_run+0x13a/0x1a0
[   73.903741][ T6413]  syscall_exit_to_user_mode+0xbe/0x130
[   73.909280][ T6413]  do_syscall_64+0xd6/0x1c0
[   73.913868][ T6413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.919770][ T6413] 
[   73.922085][ T6413] read to 0xffff888237d2b950 of 8 bytes by task 6413 on cpu 0:
[   73.929626][ T6413]  has_bh_in_lru+0x35/0x1f0
[   73.934132][ T6413]  smp_call_function_many_cond+0x2d5/0xc20
[   73.939937][ T6413]  on_each_cpu_cond_mask+0x3c/0x90
[   73.945046][ T6413]  invalidate_bh_lrus+0x2a/0x30
[   73.949896][ T6413]  set_blocksize+0x25b/0x280
[   73.954489][ T6413]  sb_set_blocksize+0x2c/0xb0
[   73.959160][ T6413]  ext4_fill_super+0xdca/0x39e0
[   73.964003][ T6413]  get_tree_bdev+0x256/0x2e0
[   73.968605][ T6413]  ext4_get_tree+0x1c/0x30
[   73.973024][ T6413]  vfs_get_tree+0x56/0x1d0
[   73.977431][ T6413]  do_new_mount+0x227/0x690
[   73.981947][ T6413]  path_mount+0x49b/0xb30
[   73.986271][ T6413]  __se_sys_mount+0x27c/0x2d0
[   73.990947][ T6413]  __x64_sys_mount+0x67/0x80
[   73.995637][ T6413]  x64_sys_call+0xd11/0x2e00
[   74.000221][ T6413]  do_syscall_64+0xc9/0x1c0
[   74.004727][ T6413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.010700][ T6413] 
[   74.013009][ T6413] value changed: 0xffff88810070d138 -> 0x0000000000000000
[   74.020102][ T6413] 
[   74.022411][ T6413] Reported by Kernel Concurrency Sanitizer on:
[   74.028544][ T6413] CPU: 0 UID: 0 PID: 6413 Comm: syz.1.904 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0
[   74.038774][ T6413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   74.048907][ T6413] ==================================================================
[   74.059082][ T6416] openvswitch: netlink: Message has 12 unknown bytes.
[   74.075518][ T6413] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities