last executing test programs:

4.842114035s ago: executing program 3 (id=2153):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
creat(&(0x7f0000000300)='./bus\x00', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r1, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0)
splice(r0, 0x0, r4, 0x0, 0x80, 0x0)
write(r4, &(0x7f0000003300)="ac", 0x1)
write(r2, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r6=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18eeffffffffffffff0000000000000095000010000000006c6fa8953e2d8905f14fa9099961252a8a01b51df0991e0eb0a5eb76f9c7e7a3128062c156c976dd8fce33a55670329a63845c683a2e4b77c0d28a95e547"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6}, 0x90)
socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001000090468fe0700000000000000ff3f02000000480100100000000019002b000a0001000500000000000072000000000000", 0x36}], 0x1)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)

3.851704796s ago: executing program 3 (id=2166):
io_uring_setup(0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f00000018c0)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000260608000fff52004507000002000000240600000ee60000bf050000000000000f630000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ff2d350100000000009500000000000000050000000000000095000000f7ffffff1e1bd1fe4b3af9c97925711095cc1a3a25b9418ffdc4a1da470a14e4391c3fb6915cbff2a4911fe82664d775cdb9dfc83fa32db39b636c1866b526185f4ab35172a74e9afe751664f580a6c5bccf1ef6583e0c1cd1f7fe416be4278613dae5fbcd1714f63b545d08c2963a5a7231a91d595db8ef17d1af77506ab68c1df70237cc61b8b001f5dc9a200bc6328ea3277387562eefdeae09ab8d05ee86edc8f0cce9c7bcc809c5db956dbfa9fff683317a8f7855872008d59426e609"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xf, 0x0, "cd2cf7680800000100f200a0fc380e43c96d22"})
ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000040))
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)

3.80718535s ago: executing program 3 (id=2167):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup(r4)
getsockname$packet(r5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r3, 0x0, 0x0)

3.714894537s ago: executing program 3 (id=2168):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x4b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, 0x0, 0x0, 0x18, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0xd2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x82, &(0x7f0000000040), 0x7, 0x4d6, &(0x7f0000000740)="$eJzs3EFsVEUfAPD/27a0QPnoh4iCqEU0NhpbKCgcTAxGEw+aGPGgx6YtBFmooTURQmRJDB4NiXfj0asHr+rNcDLxikcTQ0IMF8DTM2/3bXe73V3a7bYr9PdLlp2Znbczs/Pm7bwZtgFsWqPZP0nEcETcjIidEVFozDBaebp35/L0/TuXp6OUpif/TrLD4m4WzyX58/Y8MlaIKHyZ1F6oM3/x0tmpYnH2Qh6fWDj36cT8xUuvnDk3dXr29Oz5yePHjx45fOy1yVdX36gm5WXturvvi7n9e9/5+Pp70/3V9KH8ub4d3TIao82qUvZCtwvrsR114aS/Xc431r8yrFh2/mfdNVAe/zujL9p2HvAISdM0HWz9ciltdHVZCvDQSqLXNQB6o/pFn93/Vh/NJgJb1mf60XO3T1RugLJ238sfEc+WE6vrIAMN97fdNBoRH5X++TZ7xDqtQwAA1Pv5RHUm2DD/G4nYU5fvf/keykhE/D8idkXEYxGxOyIej0reJyLiyYb374uItE35ow3x5fOfwq21tbC9bP73er63VZv/Rf0u2EhfHtsRUZ0wzx7KP5OxGBg8daY4e7hNGb+89fvXrV6rn/9lj6z86lwwr8et/oYFupmphamOG9zg9tWIff2N7U/6I5LFnYAkIvZGxL5VvO9IXfjMS9/vX4wMLM334PaXpU330bqwVZF+F/Fipf9LsaT/ayUm7fcnJ4aiOHtoIjsLDjUt48Zv195vVf4D2//jn42HvH3sp5P5yFq7rP+31Z3/Ud2/rbV/JIlIFvdr51dfxrU/vmp5T9Pp+b8l+bAcrt6Xfj61sHDhcMSW5N3l6ZO1Y6vx7DlKlfaPHWw+/nflx2SfxFMRkZ3ET0fEM1G5QxyN9MqBiHguIg62af+vbz7/SeftX19Z+2eaXv+W9H9tvz4LZKkXlqRMFZNSJXctZTHQd/bAzfstLh4r6/+j5dBYntL8+pcsuUQsr0XzwBo/PgAAAHgoFCJiuG4taTgKhfHxyhrQ7thWKM7NL7x8au6z8zOV3wiMxEChutJVWQ8eSKrrnyN18cmG+JF83fibvq3l+Pj0XHGmpy0HtpfHfFIYX7wWVMZ/5q/uLDED/2V+8gOb14PG/57rG1QRYMP5/ofNq278l1pkKfmfMvBoWsn3v7VAeDQ1G/9XOjgGeLikxjJsaqsZ/0vz3tjZ9coAG6o/PlgMF3paE2Cjmf/DprSiH8l3HEgHm780FMszx1D7N+yLzqqxtUlZPQlkM6uelL61k6Oqf02hZZ4orO4NB5f9yYjO+vTU2j+W03u6fvKn+f5Yt3vwhw0Zp80C7a8bk8Prd00CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopn8DAAD//7x926o=")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10010, 0xffffffffffffffff, 0x8000000)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
fsopen(&(0x7f0000000040)='securityfs\x00', 0x0)
bpf$MAP_GET_NEXT_KEY(0x15, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_pressure(r1, &(0x7f0000000380)='memory.pressure\x00', 0x2, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
write(0xffffffffffffffff, &(0x7f0000000140)="92d98149311df0f7b451cebed6047a7c", 0x10)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080d004f1a8600", "cf0d00", "8657e2b7e43934e4"}, 0x28)
sendmsg$inet6(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[], 0x30}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c00000010000304000000000000000000000300", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008004040c0b0ee"], 0x3c}}, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

3.487831396s ago: executing program 1 (id=2175):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002240)=@delchain={0x298, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_CHAIN={0x8}, @TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x248, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_ACT={0x178, 0x6, [@m_connmark={0x174, 0x0, 0x0, 0x0, {{0xd}, {0xac, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}]}, {0x99, 0x6, "91a991d04aa8cb411880b88050856c4a5b99aafe5cf70a535f4e162db7c30535ebf5e9ab54237bf6d2780785c80bcf9eae2d6d6d65f242d28d9992d8a093d12a497447bc2a6c4f73538dbca11ebb12d1c8ea001eac3246ebaf518402b88e3f2b51ce947977543e069be9c85124bbe592bd2ed79c20d83d312cd1c151c51eed4c8c8bce1d810f14cea570fce0fb771c34fdb1d1b4e7"}, {0xc}, {0xc}}}]}, @TCA_ROUTE4_ACT={0xc4, 0x6, [@m_nat={0xc0, 0x0, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @broadcast, @multicast1}}, @TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}, {0x45, 0x6, "17a3a496e0b06ed4b17c112d919b00b3961dacbd47d9dd716cb9e3eeb2118c01ec30dc86f8f94756684ff97abdf1926ea4833cb4d1c8b7635bdd86527c962f82c3"}, {0xc}, {0xc}}}]}]}}]}, 0x298}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x2000000}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

3.418514281s ago: executing program 1 (id=2177):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
creat(&(0x7f0000000300)='./bus\x00', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r1, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0)
splice(r0, 0x0, r4, 0x0, 0x80, 0x0)
write(r4, &(0x7f0000003300)="ac", 0x1)
write(r2, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r6=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18eeffffffffffffff0000000000000095000010000000006c6fa8953e2d8905f14fa9099961252a8a01b51df0991e0eb0a5eb76f9c7e7a3128062c156c976dd8fce33a55670329a63845c683a2e4b77c0d28a95e547"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6}, 0x90)
socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001000090468fe0700000000000000ff3f02000000480100100000000019002b000a0001000500000000000072000000000000", 0x36}], 0x1)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)

3.287152051s ago: executing program 0 (id=2181):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2000858, &(0x7f0000000500)=ANY=[], 0x5, 0x2d6, &(0x7f0000000200)="$eJzs3E1PE2sUwPHTUkopgXZxc2/uTW44uXejmwnUvbExkBibSJAaXxLjAFNtOrak02BqjOjKrfFDuCAs2ZEoX4CNO1du3LExcSEL45jOCxQogoVSXv6/hMyB85zyPFMg55kws3779eNSwTEKZk2iCZWIiMiGSFqiEooEx6gXx6XZC7k48PXjvzfv3L2ezeXGJlXHs1OXMqo6NPzuybP+YNhKn6yl769/yXxe+3Pt7/UfU4+KjhYdLVdqaup05VPNnLYtnS06JUN1wrZMx9Ji2bGqfr7i5wt2ZW6urmZ5djA5V7UcR81yXUtWXWsVrVXraj40i2U1DEMHk4L95BcnJ81sm8UzRzwZdEi1mjV7RKR/Vya/2JUJAQCArtrZ/0cbLX07/X+sZf+/9N9qbeDW8lDQ/6/EG/2/SFP//2Drtbb1/wkR6Xj/v7sjOltc99f5Q/X/OCUa/X8y+P31vLy3NOIF9P8AAAAAAAAAAAAAAAAAAAAAAJwGG66bcl03FR7Djz4RSXh3kPifd3ue6Aze//Nt68EdsSER+9V8fj7vH4MBqyJiiyUjkpLv3s9DoBGH9wJqQ1re2wtB/cJ8vsfLZAtS9OpHJSXpnfWuO34tNzaqvu31vZJsrs9ISv5oXZ9pWR+XC/831RuSkg8zUhFbZoM748L656OqV2/kdtT3e+MAAAAAADgLDN20uX/va84bu/P+/tjPb+6vW14f8PfXIy335zH5J9atVQMAAAAAcL449acl07at6pkLwhUetCr8X4Y9xkQkslfqCILwm5+MU3eAINrWVIfjv/mmtAzCy0Z7jZGJdl7ZTYkc9rT89ebtt6M7z5eXE/ustGNB7/H9BQIAAABwXLaa/vArV7o7IQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzqHjeJxYt9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBQ/AwAA//8Kygul")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
unshare(0x22020400)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip6_flowlabel\x00')
preadv(r1, &(0x7f0000000040)=[{&(0x7f0000000ac0)=""/100, 0x64}, {&(0x7f0000000180)=""/250, 0xfa}], 0x2, 0x0, 0x0)

3.285845952s ago: executing program 0 (id=2182):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000006800)={&(0x7f0000000740)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES8=r1, @ANYBLOB="15060000000000000000070000003000018014000400ff020000000000000000000000000001060005004e220000060001000a"], 0x44}, 0x5}, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f00000002c0)={0x9, {"a2e3ad214fc752f91b2547f70e06d038e7ff7fc6e5539b325d078b089b3b083872090890e0878f0e1ac6e7049b3367959b669a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31340d095d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x1008002, &(0x7f0000000480)={[{@mblk_io_submit}, {@delalloc}, {@resuid}, {@errors_remount}, {@jqfmt_vfsv0}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@journal_path={'journal_path', 0x3d, './file0/../file0'}}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
ppoll(&(0x7f0000001240)=[{r5}], 0x1, 0x0, 0x0, 0x0)
umount2(&(0x7f00000006c0)='./file0\x00', 0x0)

2.565445231s ago: executing program 1 (id=2192):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup(r4)
getsockname$packet(r5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r3, 0x0, 0x0)

2.519000805s ago: executing program 1 (id=2195):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
syz_open_dev$tty20(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x0, 0x0, 0x1}, 0x48)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='memory.numa_stat\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/4\x00')
read$char_usb(r4, &(0x7f0000000000)=""/178, 0xb2)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, 0x0, 0x0}, 0x20)
r5 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)
mount(0x0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x20, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

2.420519952s ago: executing program 0 (id=2198):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r0, 0x0) (fail_nth: 63)

2.08630639s ago: executing program 3 (id=2199):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x4b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, 0x0, 0x0, 0x18, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0xd2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x82, &(0x7f0000000040), 0x7, 0x4d6, &(0x7f0000000740)="$eJzs3EFsVEUfAPD/27a0QPnoh4iCqEU0NhpbKCgcTAxGEw+aGPGgx6YtBFmooTURQmRJDB4NiXfj0asHr+rNcDLxikcTQ0IMF8DTM2/3bXe73V3a7bYr9PdLlp2Znbczs/Pm7bwZtgFsWqPZP0nEcETcjIidEVFozDBaebp35/L0/TuXp6OUpif/TrLD4m4WzyX58/Y8MlaIKHyZ1F6oM3/x0tmpYnH2Qh6fWDj36cT8xUuvnDk3dXr29Oz5yePHjx45fOy1yVdX36gm5WXturvvi7n9e9/5+Pp70/3V9KH8ub4d3TIao82qUvZCtwvrsR114aS/Xc431r8yrFh2/mfdNVAe/zujL9p2HvAISdM0HWz9ciltdHVZCvDQSqLXNQB6o/pFn93/Vh/NJgJb1mf60XO3T1RugLJ238sfEc+WE6vrIAMN97fdNBoRH5X++TZ7xDqtQwAA1Pv5RHUm2DD/G4nYU5fvf/keykhE/D8idkXEYxGxOyIej0reJyLiyYb374uItE35ow3x5fOfwq21tbC9bP73er63VZv/Rf0u2EhfHtsRUZ0wzx7KP5OxGBg8daY4e7hNGb+89fvXrV6rn/9lj6z86lwwr8et/oYFupmphamOG9zg9tWIff2N7U/6I5LFnYAkIvZGxL5VvO9IXfjMS9/vX4wMLM334PaXpU330bqwVZF+F/Fipf9LsaT/ayUm7fcnJ4aiOHtoIjsLDjUt48Zv195vVf4D2//jn42HvH3sp5P5yFq7rP+31Z3/Ud2/rbV/JIlIFvdr51dfxrU/vmp5T9Pp+b8l+bAcrt6Xfj61sHDhcMSW5N3l6ZO1Y6vx7DlKlfaPHWw+/nflx2SfxFMRkZ3ET0fEM1G5QxyN9MqBiHguIg62af+vbz7/SeftX19Z+2eaXv+W9H9tvz4LZKkXlqRMFZNSJXctZTHQd/bAzfstLh4r6/+j5dBYntL8+pcsuUQsr0XzwBo/PgAAAHgoFCJiuG4taTgKhfHxyhrQ7thWKM7NL7x8au6z8zOV3wiMxEChutJVWQ8eSKrrnyN18cmG+JF83fibvq3l+Pj0XHGmpy0HtpfHfFIYX7wWVMZ/5q/uLDED/2V+8gOb14PG/57rG1QRYMP5/ofNq278l1pkKfmfMvBoWsn3v7VAeDQ1G/9XOjgGeLikxjJsaqsZ/0vz3tjZ9coAG6o/PlgMF3paE2Cjmf/DprSiH8l3HEgHm780FMszx1D7N+yLzqqxtUlZPQlkM6uelL61k6Oqf02hZZ4orO4NB5f9yYjO+vTU2j+W03u6fvKn+f5Yt3vwhw0Zp80C7a8bk8Prd00CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopn8DAAD//7x926o=")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10010, 0xffffffffffffffff, 0x8000000)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
fsopen(&(0x7f0000000040)='securityfs\x00', 0x0)
bpf$MAP_GET_NEXT_KEY(0x15, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_pressure(r1, &(0x7f0000000380)='memory.pressure\x00', 0x2, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
write(0xffffffffffffffff, &(0x7f0000000140), 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080d004f1a8600", "cf0d00", "8657e2b7e43934e4"}, 0x28)
sendmsg$inet6(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[], 0x30}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c00000010000304000000000000000000000300", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008004040c0b0ee"], 0x3c}}, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

1.825219091s ago: executing program 0 (id=2202):
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000700)=@base={0xa, 0x16, 0xb4, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="180800000000000000000000008000009500000000000000950090c800000000187255bd7789818a72cb6c837a4dd2132e7fdcae444ee7625034e0993798ed126ee50e02e9b3dbee0561e6cf6a789f0164b17d0b8a8f1d63f631f733ae38de5b43b5aabad57aeaa6264df981ab8bdb1220384f91705233fd162a9e2398586ce02ddee66e0bcec801c9396cd40eb96c900e3475f49ea55cb712caae4eae33a0a6e274e0f7781d465f70f2e31181d774740f7dc1e5412161d87772a57beb069e0830de1f12b4427cf7da5cfe179159da14"], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x4}, 0x90)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0xfffffffd, 0x5}, 0x48)
mmap(&(0x7f00009d2000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x1aa, &(0x7f0000000380)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa008100000086dd602e5cea01703c0020010000000000000000000000000002ff0200000000000000000000000000012b0a0101"], 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f00000001c0)={'filter\x00', 0x5, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x220, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private, @empty}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @local, @private}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
r2 = gettid()
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r3, &(0x7f0000000200)=""/213, 0xd5)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000080)={0x335})
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
fsetxattr$trusted_overlay_redirect(r4, &(0x7f0000000040), 0x0, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r5, 0x0)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r6, 0x84, 0x73, &(0x7f00000012c0)=""/4083, &(0x7f0000000000)=0xff3)
fremovexattr(r4, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00')
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r3, 0xc0bc5310, &(0x7f0000000300)={{}, {0x0, 0x3}})
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc058534b, &(0x7f0000000180))
tkill(r2, 0x7)
openat$incfs(0xffffffffffffffff, &(0x7f0000000a40)='.pending_reads\x00', 0x101003, 0x4)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f00000002c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r7, @ANYRES32=r0, @ANYBLOB="2800000000000000b7050000080000004608f1ff76000000bf98000000000000560800004385ac049e96dd489f421ac03eccebce000000008500000007000000b7000000000000009500000000000000d37377a9a3dce5187c459a2a17cf74fee36ea6ee78fd78b3ebc5bf24bf68b773786f7b7cb2e4ff3681ffdfa2dbefa86699f23d310a84cc4ad2759085897da6897bf7214d766a8ca037a0b10e93e8e22d95a07f74a53a0503ce29c6edcab597a7957d7f658955a8a557ebb914cd74b48c957c9d15d7753f28f1440d227aa2e706fbb5806501664839513a9091f59911ea3a1b5cfa86ddaadae12dc40b0aa0b9c88d19381c80438353d510d19a4664e053d7f2eba89371b7ba8477b323efba6abc25d34f426d587f0af4c8025cb3c942cbb616b1a70a44ae4eea"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
timer_create(0x1, 0x0, &(0x7f0000000000))
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))

1.673922164s ago: executing program 0 (id=2203):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
creat(&(0x7f0000000300)='./bus\x00', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r1, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0)
splice(r0, 0x0, r4, 0x0, 0x80, 0x0)
write(r4, &(0x7f0000003300)="ac", 0x1)
write(r2, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r6=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18eeffffffffffffff0000000000000095000010000000006c6fa8953e2d8905f14fa9099961252a8a01b51df0991e0eb0a5eb76f9c7e7a3128062c156c976dd8fce33a55670329a63845c683a2e4b77c0d28a95e547"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6}, 0x90)
socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001000090468fe0700000000000000ff3f02000000480100100000000019002b000a0001000500000000000072000000000000", 0x36}], 0x1)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)

1.646320556s ago: executing program 1 (id=2204):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000540)='./bus\x00', 0x10, &(0x7f0000000500)=ANY=[@ANYRES64=0x0], 0x81, 0x374, &(0x7f0000000980)="$eJzs3T9oJNUfAPDvZja7uYPfLwELURBWO0HD5TptTJAcHKZRWfxTiIuXU9lEIcFgUlwSC8VSsNTKTkELC7ERRFDEzsLWE+RULDTdgYdPZmd3dpLdhNxhlODnA5m8fe99531n9rE7GXZfnp2P7qXJuLy3dy2mpmpRn394Pq7XYiayGNiJUY0xdQDA6XA9pfg9FY4ZUjvhlACAE9Z7/38+IloxU9S89uVR/ZN3fwA49fp//585qs/UYQ0vn0hKAMAJG7n/f8++5kbvpz54WK98KgAAOK0ef+rpRxaWIh5rtaYiVt/YaG+048Fh+8LleDFWYjnOxXTciCguFPJNrbe9cHFp8Vyr1dqOn2aiHRET/cB2caWwkPXimzFXtpRXGyml7MLHS4tzrZ6I2NnujR+rtY32ZJztj//92VgeXnjMDJKI3ubi0uL5Vn8H7dVB/HbE7vC+RZ7/bEzHt8+Vu0lp8AnGpcUrcxP9B8P4jXYzLpVn4dA7IAAAAAAAAAAAAAAAAAAAAAAAcEtmW6WZcv2clP8uVsqZnR3T3lsfp4jvrw+0W6wPlJopUvrt1fvbb2axb32gg+vzbFhIEAAAAAAAAAAAAAAAAAAAAErrm43orKwsr61vbnWrhe219c2JiMhrXvr6wy/OxG2fpZ4xnccX6sUQzYhyiFZ/2K1uJ2WDzimLGA3P8sEHNe9/UmZc7dMsj2JsGs3xTXuRF/5394/vDJvuygZ7/nPYOYvxB5hV0njowKCr/y9SOsb5GS2cr9Y0R0e/mlKq1LxeDb/yzOgOoxZRj5tOY6s7EYf36U2Ar669cMfg7Hc+LyZGuve+6Seuvv3eL93OSj5y9J7Bxtr6jdTt1Aadb+605Kd6UFOLolCrzoT6UeG7+2s62Xe/PnnnW98cb/RUrXkln88H+mTF4Xx0MLxRFPI080JjOFvODMMn+wexsjw5ZvKXhdr4GX4Lz+nt7376QUo//HzcqP7AefYTIy8btb/n1QcAAAAAAAAAAAAAAAAAAKiqfFe8r/9l38mjoh549OQzAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/zvD//1cKuztxoOY4hT+2x0Q1l9fWIxr/9mECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAf91cAAAD//92GVcs=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f00000007c0), &(0x7f0000000800)=0x4)

1.482385719s ago: executing program 1 (id=2210):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x4b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, 0x0, 0x0, 0x18, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0xd2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x82, &(0x7f0000000040), 0x7, 0x4d6, &(0x7f0000000740)="$eJzs3EFsVEUfAPD/27a0QPnoh4iCqEU0NhpbKCgcTAxGEw+aGPGgx6YtBFmooTURQmRJDB4NiXfj0asHr+rNcDLxikcTQ0IMF8DTM2/3bXe73V3a7bYr9PdLlp2Znbczs/Pm7bwZtgFsWqPZP0nEcETcjIidEVFozDBaebp35/L0/TuXp6OUpif/TrLD4m4WzyX58/Y8MlaIKHyZ1F6oM3/x0tmpYnH2Qh6fWDj36cT8xUuvnDk3dXr29Oz5yePHjx45fOy1yVdX36gm5WXturvvi7n9e9/5+Pp70/3V9KH8ub4d3TIao82qUvZCtwvrsR114aS/Xc431r8yrFh2/mfdNVAe/zujL9p2HvAISdM0HWz9ciltdHVZCvDQSqLXNQB6o/pFn93/Vh/NJgJb1mf60XO3T1RugLJ238sfEc+WE6vrIAMN97fdNBoRH5X++TZ7xDqtQwAA1Pv5RHUm2DD/G4nYU5fvf/keykhE/D8idkXEYxGxOyIej0reJyLiyYb374uItE35ow3x5fOfwq21tbC9bP73er63VZv/Rf0u2EhfHtsRUZ0wzx7KP5OxGBg8daY4e7hNGb+89fvXrV6rn/9lj6z86lwwr8et/oYFupmphamOG9zg9tWIff2N7U/6I5LFnYAkIvZGxL5VvO9IXfjMS9/vX4wMLM334PaXpU330bqwVZF+F/Fipf9LsaT/ayUm7fcnJ4aiOHtoIjsLDjUt48Zv195vVf4D2//jn42HvH3sp5P5yFq7rP+31Z3/Ud2/rbV/JIlIFvdr51dfxrU/vmp5T9Pp+b8l+bAcrt6Xfj61sHDhcMSW5N3l6ZO1Y6vx7DlKlfaPHWw+/nflx2SfxFMRkZ3ET0fEM1G5QxyN9MqBiHguIg62af+vbz7/SeftX19Z+2eaXv+W9H9tvz4LZKkXlqRMFZNSJXctZTHQd/bAzfstLh4r6/+j5dBYntL8+pcsuUQsr0XzwBo/PgAAAHgoFCJiuG4taTgKhfHxyhrQ7thWKM7NL7x8au6z8zOV3wiMxEChutJVWQ8eSKrrnyN18cmG+JF83fibvq3l+Pj0XHGmpy0HtpfHfFIYX7wWVMZ/5q/uLDED/2V+8gOb14PG/57rG1QRYMP5/ofNq278l1pkKfmfMvBoWsn3v7VAeDQ1G/9XOjgGeLikxjJsaqsZ/0vz3tjZ9coAG6o/PlgMF3paE2Cjmf/DprSiH8l3HEgHm780FMszx1D7N+yLzqqxtUlZPQlkM6uelL61k6Oqf02hZZ4orO4NB5f9yYjO+vTU2j+W03u6fvKn+f5Yt3vwhw0Zp80C7a8bk8Prd00CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopn8DAAD//7x926o=")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10010, 0xffffffffffffffff, 0x8000000)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
fsopen(&(0x7f0000000040)='securityfs\x00', 0x0)
bpf$MAP_GET_NEXT_KEY(0x15, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_pressure(r1, &(0x7f0000000380)='memory.pressure\x00', 0x2, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
write(0xffffffffffffffff, &(0x7f0000000140)="92d98149311df0f7b451cebed6047a7c", 0x10)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080d004f1a8600", "cf0d00", "8657e2b7e43934e4"}, 0x28)
sendmsg$inet6(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[], 0x30}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c00000010000304000000000000000000000300", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008004040c0b0ee"], 0x3c}}, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

764.833797ms ago: executing program 0 (id=2212):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
creat(&(0x7f0000000300)='./bus\x00', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r1, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
splice(r0, 0x0, r4, 0x0, 0x80, 0x0)
write(r4, &(0x7f0000003300)="ac", 0x1)
write(r2, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r6=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18eeffffffffffffff0000000000000095000010000000006c6fa8953e2d8905f14fa9099961252a8a01b51df0991e0eb0a5eb76f9c7e7a3128062c156c976dd8fce33a55670329a63845c683a2e4b77c0d28a95e547"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6}, 0x90)
socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001000090468fe0700000000000000ff3f02000000480100100000000019002b000a0001000500000000000072000000000000", 0x36}], 0x1)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)

579.890233ms ago: executing program 2 (id=2214):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB="200000006a0001"], 0x20}}, 0x0) (fail_nth: 2)

353.921391ms ago: executing program 2 (id=2215):
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x100000000000000, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000040))
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0x20, &(0x7f0000000580)={&(0x7f0000000400), 0x0, <r2=>0x0, &(0x7f0000000540)}}, 0x10)
r3 = creat(&(0x7f0000000400)='\x00', 0x6c)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES16=r0], 0x0, 0x1, 0x0, 0x0, 0x0, 0x5a, '\x00', 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)
set_robust_list(&(0x7f0000000500), 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x4080, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b70500000000000061004a000000000007000000000000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x23)
connect$tipc(r5, &(0x7f0000000000)=@name, 0x10)

339.518122ms ago: executing program 4 (id=2216):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="00000f0002000000b702000014000000b7030000174d8e4190b2e360000000008500000083000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000380)=ANY=[], 0xb0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
semctl$GETZCNT(0x0, 0x0, 0xf, 0x0)
semtimedop(0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000440)={'#! ', './cgroup.cpu/cgroup.procs', [{0x20, '\xff\xff\xff\xff\xff\xff'}]}, 0x24)
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_netdev_private(r1, 0x89f2, &(0x7f0000000000)="3478385b79a6b5f6ca8b4a7187632f65d2bf22934d3110d2ab66668be1d26650019726e7f458a45082b61a900d3b87251c0cc055")
open$dir(0x0, 0x40, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000840)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000390000000c00990000000000000000df1b000d"], 0x3c}}, 0x0)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
semop(0x0, &(0x7f0000000100)=[{0x0, 0x3}, {0x0, 0xfffe, 0x1000}], 0x2)

277.398087ms ago: executing program 2 (id=2217):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x12, r4, 0x0)
sendto$inet(r3, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x4d, 0x0, 0x0, 0x0)

276.731507ms ago: executing program 2 (id=2218):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup(r4)
getsockname$packet(r5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

250.188ms ago: executing program 4 (id=2219):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000240)={'#! ', './file1'}, 0xb)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f00000007c0), &(0x7f0000000800)=0x4)

249.76975ms ago: executing program 4 (id=2220):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000040))
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x24, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8}]]}, 0x24}}, 0x0)
syz_io_uring_setup(0x174a, &(0x7f0000000100), 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_setup(0x24f8, &(0x7f0000000240), 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt(r0, 0xfffffff9, 0x80, &(0x7f00000002c0)=""/78, &(0x7f00000001c0)=0x4e)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[@ANYRES8=r4], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'team_slave_0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0xa9, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@IFLA_MTU={0x8, 0x4, 0x7f}]}, 0x28}}, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

249.05007ms ago: executing program 2 (id=2221):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000006800)={&(0x7f0000000740)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES8=r1, @ANYBLOB="15060000000000000000070000003000018014000400ff020000000000000000000000000001060005004e220000060001000a"], 0x44}, 0x5}, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f00000002c0)={0x9, {"a2e3ad214fc752f91b2547f70e06d038e7ff7fc6e5539b325d078b089b3b083872090890e0878f0e1ac6e7049b3367959b669a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31340d095d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x1008002, &(0x7f0000000480)={[{@mblk_io_submit}, {@delalloc}, {@resuid}, {@errors_remount}, {@jqfmt_vfsv0}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@journal_path={'journal_path', 0x3d, './file0/../file0'}}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
ppoll(&(0x7f0000001240)=[{r5}], 0x1, 0x0, 0x0, 0x0)
umount2(&(0x7f00000006c0)='./file0\x00', 0x0)

245.10797ms ago: executing program 3 (id=2222):
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001880), 0x0, 0x0)
stat(&(0x7f0000000040)='./file2\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000280)={[{@init_itable_val={'init_itable', 0x3d, 0x7}}, {@nombcache}], [{@dont_hash}, {@uid_eq={'uid', 0x3d, r1}}, {@euid_eq={'euid', 0x3d, r1}}]}, 0x1, 0x59a, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/TLLN2zbvmxZeQaVIUaFC6Sbph1ZP6VUsFHoQvMSw2YaQTTZmN7UJPaT3IhYUlV7qTUGPihQP4sWjVy+KZ0G0qDQ9SGSyu2nzsXGTNtmS/f1gNs/H7PyfJ7PPszPDDBtAxzqavaQRT0XEhSSi74G67qhXHq2tt3jnauFedxSSWFq6+FsSSUTcvXO10Fg/qf89GBELEfFkRHybiziero9bmZufGCmVijP1fH91crq/Mjd/YnxyZKw4Vpw69dLLZ86ePjN4cvCR9fX6Tzfeuf79q7dufPr5kYXC+yNJDEVvve7BfmyqZ2sxa/+TXAytKT+9tc089pJ2N4Bt6aqP81xEPBF90VUf9cDet9QTsQR0qGTL439/mDNgL2gcB2Tnv41l1QHCws4ef/x6rnYCksVdrC+1mu7atYn4z/K5yYE/klVnJtn55qGdbRodYOFaRAx0d6///Cf1z9/2DTyKBrKjvjlX21Hr93+a7f+3Pquvt3b+6W1cO31Ijflvcd38l67Mf11N5r8LLcb4+42fP2oa/1rE0xvGT1biJxvETyPizRbj33z9q7PN6pY+jjgWG8dvSDa/Ptx/abxUHKi9bhjj62NHXtms/weaxB/apP9Z2XSL/f/yuy+ebfY1msV/4bnN9/9G8bNj8HdbjH/47ievNavL4o826f9m8bOyWy3Gf3Ho6I8trgoAAAAAAAAAAGxBunwvW5LmV9Jpms/XnuH9fxxIS+VK9fil8uzUaO2et0ORSxt3WvXV8kmWH6zfj9vIn1yTPxURhyPiva79y/l8oVwabXfnAQAAAAAAAAAAAAAAAAAA4DFxcM3z/3921Z7/BzqEn/yGzmX8Q+daPf6TtrUD2H2+/6FzGf/QuZqN/3u3d7khwK5r+v2f2912ALvP8T90LuMfOpfxD53L+AcAAAAAAAAAAAAAAAAAAAAAAAAAgB1x4fz5bFm6d+dqIcuPXp6bnShfPjFarEzkJ2cL+UJ5Zjo/Vi6PlYr5Qnny37ZXKpenB2Jq9kp/tVip9lfm5ocny7NT1eHxyZGx4nDRL4oAAAAAAAAAAAAAAAAAAADAer3LS5LmIyJdTqdpPh/x34g4FLnk0nipOBAR/4uIH7pyPVl+sN2NBgAAAAAAAAAAAAAAAAAAgD2mMjc/MVIqFWc2T6QtrLP3EvsiFlaXxNa2M/zX7rU5Iha29fZk4aGiJ9Hu3bSXEs/seyyakX3UAQAAAAAAAAAAAAAAAACAXXb/od8tvvHaDjUIAAAAAAAAAAAAAAAAAAAAOlL6S/aaRMSxvud7I+J27oHafcli1/LfiHj75sUProxUqzODWfnvK+XVD+vlJ9vVB6AVjXHaGMcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAfZW5+YmRUqk4s+VEupzoaWE7be4iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLb8EwAA///xe9Ex")
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1e)
setfsuid(0xee01)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2dc5c07001a000100000000897b2a1d84f5c7ffff00000000000067e77dc70b90bbb45efd97899a16f2df4fa2a8f069d9b047389f672eb3080000000000000065890d2d0d1b8d3d62f6d77b0283e166e2ca4c35483d3f00d6bf7da9299e6e81c96daf520300a16cab12d75a852b3e4470420877efbe1f000000000000007e15f9b683e63cfff7c638bca835b33bc18c4ed0351cd285197b0241569048b5b416ba1c57217be5a338392f831637ee8c25bb2183634a33b18c4b459f9aea5ab222d7060000000000665106000000a803d1b56126efec0225a5433883b0d17cb21dbfd886caf2624e7f00da0ef9893ef57c79a182dceca9c46a9f8b001e53b29c0c698ed30d8942e94ac057bde74e42021d895c22b6400000002b2c604ed73249e80f08bfdcebee7a07856a3a23e0907f3dc0eb52c40f6b21c14832dd9845ee8d8733b52c8422295fde5626cd43fb43fb3acf9b2e840713cba86d43a570ee3589b7e9000000000000000000000000000000dc85131317c56465978d957d000000000000000000000000000000000000000000000000000000000000000000301171e8e3a2d0c842c20fd293c073b93f7662fad1f4ae3e1fe359aa29a4b8965229fa06b0fb2e23d2644cfbdbd6929aa42151ea48334743ad0c378641e74d55d6cd7b098599190100000055ec9c0c26b71588d6fc97e3098fb0e778be446659cf665e7f848d85de70c3c426a539a9a0e92e7bbf77528053dcb3b791b8e3faae507a3b721b670b06b78bb09e82ecc85a4bbc596d8ce02a2cbede5573f8bdc84d61c5634fffa50e74ec0f2da4f3d82c2d2b5a20ec152df14481c3bb59a23e014d07fc070d87f58118f468bf80283e0ce7efda7906f9c53319aef22e01a9ba5649fc10fb5b8132dcf42c47a4b79efb9f720ebd2dcc1634f870cee6201bc0ad9e17c4633a17de505bed8fded3053cb455636132bdae3239b9c8b437256ac21a49c4f03b268c47e9becbaff440728429f9e0b0222485188b745b3c871d01d27eb4e5e00bcd79b95601098e044345a8aaa12fda56277aef89192b9af038ab8808a2adf0c3a15ec863e5f352c7967607cede40848eae2704701b7af0a0b30e9e5b76f45500000000000000", @ANYRESDEC=r0], 0xfb, 0x11e0, &(0x7f00000036c0)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eK4gjJmq7JR6KsFPK53PJD977wu9lYOAN8+bwja8+Hg2qbJDPY+PEidiYRqQ7KVJsxD8+j1df//GnF67duHml2+vtXk3pcvd657WU0taL37/36Tcv/TA/++63W9+djoPt9w9/3fnl4PzBhcM/rn80rNKwSuPJPOXp1mQyz2+VRdobVqMspXfKIq+KNBxXxezI+KCcTKeLlI/3NlvTWVFVKR8v0qhYpPkkzWeLlH+YD8cpy7K02Qr+j/7Xd+q6jqjrx+NU1HVdPxGtOBtPxmZsRTu246l4Op6Jc/FsnI/n4vm4sJzVdN8AAAAAAAAAAAAAAAAAAADwaHH+HwAAAAAAAAAAAAAAAAAAAJp37cbNK91eb/dqSmciyi/3+/v91e9qvDuIYZRRxKVox++xPP2/sqovv9XbvZSWtuOL8vbf+dv7/ceO5jvLzwmszXdW+XQ0fzpa9+Z3oh3n1ud31ubPxCsv35PPoh0/fxCTKGMv/srezX/WSenNt3v35S8u5wEAAMCjIEv/Wrt/z7L/Gl/lH+D5wH3765Nx8WSzayeiWnwyysuymCke+uJUs238Vtd183+C4piKpu9MHIe7F73pTgAAAAAAAAAAAHgQx/E6YdNrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4kx04FgAAAAAQ5m+dRscGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAVwEAAP//zI7XaA==")
r2 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
write$P9_RREADDIR(r2, &(0x7f0000000500), 0xbf)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40001)
socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000002c0)="1a00000019000000", 0x8)
sendfile(r2, r2, &(0x7f0000000240), 0x7f06)

166.653377ms ago: executing program 4 (id=2223):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
set_mempolicy(0x4005, &(0x7f0000000040)=0x10000000005, 0x4)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mmap(&(0x7f0000301000/0x4000)=nil, 0x4000, 0x0, 0x2010, r1, 0xa56e5000)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r2, &(0x7f0000000000)={0x1f, @none}, 0x8)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0xfffffffffffffffe, 0x17)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000080)={'team0\x00', &(0x7f0000000180)=@ethtool_drvinfo={0x3, "dd86469eee2860f5cd607f23a5916366bba550456241e9b449e7eeeb7fdfe9af", "04e48d75b16f8274fe2f1cf95ca48d25571e167096db595f50847f91aab24d42", "a8492f15b2fd51774c773d227fd4ddf0ba7fc9fa0181365a307615fa7928c484", "10e24a83fa641ff0cf0129b263c1f8e94af2bc2c20a2f0ccbfc5db6b902a8f8d", "03255ab3d45ac9ae9f64b1669397f8376e4567037df57a44a01421a7f92d0c9f", "831e4df271d165859854d1c5", 0x104a2, 0x0, 0x9, 0x1000000, 0x1}})
io_setup(0x8, &(0x7f00000002c0))
socket$inet6(0xa, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000f00)=ANY=[@ANYBLOB="00020201"], 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
syz_emit_ethernet(0x46, &(0x7f0000000100)={@local, @random="7f0a08034011", @void, {@ipv4={0x800, @icmp={{0x7, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@cipso={0x86, 0x8, 0x3, [{0x0, 0x2}]}]}}, @time_exceeded={0x3, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @private}}}}}}, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0xfffffffffffffffc, &(0x7f0000000080))

47.404436ms ago: executing program 4 (id=2224):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x80003, 0x0) (async)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200002, &(0x7f0000000600), 0x0, 0x566, &(0x7f0000000a00)="$eJzs3U1rG0cfAPD/ynbenycOhND2UAI5NCWNHNt9SaGH9Fja0EB7T4W9McFSFCw5xG4gyaG59FJCoZQGSj9A7z2GfoF+ikAbCCWY9tCLysorR44l21EUW6l+P9hkZnek/45mZzyrkVAAQ+t49k8h4tWI+CaJONx2bDTyg8dXy608vjGTbUk0Gp/9mUSS72uVT/L/D+aZVyLi168iThU2xq0tLc+XyuV0Ic9P1CtXJ2pLy6cvV7KnSa9MTU+ffWd66v333u1bTd+88Pf3n97/6OzXJ1a++/nhkbtJnItD+dH2ejyHW+sjHs9fk7E491TByT4EGyTJbp8APRnJ+/lYZGPA4RjJez3w33czIhrAkEr0fxhSrXlA696+T/fBL41HH67eAG2s/+jqeyOxr3lvdGAlWXdnlN3vjvchfhbjlz/u3c226N/7EABbunU7Is6Mjm4c/5J8/OvdmW2UeTqG8Q92zv1s/vNWp/lPYW3+Ex3mPwc79N1ebN3/Cw/7EKarbP73Qcf579qi1fhInvtfc843lly6XE6zse3/EXEyxvZm+c3Wc86uPGh0O9Y+/8u2LH5rLpifx8PRvesfM1uql56nzu0e3Y54reP8N1lr/6RD+2evx4VtxjiW3nu927Gt6/9iNX6KeKNj+z9Z0UrWr0+W5tK59vXJieb1MNG6Kjb6686x37rF3+36Z+1/YPP6jyft67W1Z4/x475/0m7Her3+9ySfN9N78n3XS/X6wmTEnuSTjfunnjy2lW+Vz+p/8sTm41+n639/RHyxWaXbCt85eqdr0UFo/9lnav9nTzz4+MsfusVfq38rXMf2f7uZOpnv2c74t90T7PV1AwAAAAAAgEFUiIhDkRSKa+lCoVhc/XzH0ThQKFdr9VOXqotXZqP5XdnxGCu0VroPt30eYjL/PGwrP/VUfjoijkTEtyP7m/niTLU8u9uVBwAAAAAAAAAAAAAAAAAAgAFxsMv3/zO/j+z22QEvnJ/8huG1Zf/vxy89AQPJ338YXvo/DC/9H4aX/g/DS/+H4aX/w/DS/2F46f8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxfOn8+2xsrjGzNZfvba0uJ89drp2bQ2X6wszhRnqgtXi3PV6lw5Lc5UK1s9X7lavTo5FYvXJ+pprT5RW1q+WKkuXqlfvFwpzaUX07EdqRUAAAAAAAAAAAAAAAAAAAC8XGpLy/OlcjldkJDoKTG6s0EbjcbN7MIdiLoPSmJfRPT7mXd7ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ/4NAAD//5PbL9A=") (async)
setxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0xff68, 0x0) (async)
socket$packet(0x11, 0x0, 0x300) (async)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x15, 0x1) (async)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1cdf}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x766c, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x0)
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x0, 0x1) (async)
mount$cgroup(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)={[{@release_agent={'release_agent', 0x3d, './file0'}}, {@release_agent={'release_agent', 0x3d, './file0'}}]}) (async)
socket$inet(0x2, 0x1, 0xa93) (async)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="7f454c4600000000ffffffffffffffff0000000000000000000000003800000000000000000000000000200000000000000000000020000000000000000000000000000000006470582571a8d2fc868c3300"/99], 0x58) (async)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000040)=0x2) (async)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff) (async)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r4=>0x0}) (async)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x28, r5, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x28}}, 0x0) (async)
finit_module(0xffffffffffffffff, 0x0, 0x0)

6.273839ms ago: executing program 4 (id=2225):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000840)={'wpan3\x00'})
sendmsg$NL802154_CMD_SET_LBT_MODE(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000008c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0xc004}, 0x40001)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
llistxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r3 = socket$inet(0x2, 0x3, 0x8)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000001a40)=@raw={'raw\x00', 0x8, 0x3, 0x310, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x278, 0x358, 0x358, 0x278, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'netdevsim0\x00', 'veth0_to_bond\x00'}, 0x0, 0x130, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0004000000050000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0x4}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x370)
r4 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x58}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, <r5=>0x0}, 0x0)
sendmsg$netlink(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="380000002e000100000000000000000008000000", @ANYRES32=r5, @ANYBLOB="0b000080976b64086860300014000180991a54fc28d627d80100000000000000"], 0x38}], 0x1}, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r6, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x3, 0x0}, &(0x7f0000000040)="ba8d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0})
mount$9p_fd(0x0, &(0x7f0000000080)='./file2\x00', &(0x7f00000000c0), 0x1020, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@nodevmap}, {@version_9p2000}, {@aname={'aname', 0x3d, 'cpuacct.usage_sys\x00'}}, {@posixacl}, {@fscache}, {@version_u}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}, {@smackfsroot={'smackfsroot', 0x3d, '/*'}}, {@dont_hash}, {@fowner_eq={'fowner', 0x3d, r5}}]}})
write$binfmt_script(r2, &(0x7f0000020240), 0x10010)
unlink(&(0x7f0000000280)='./file1\x00')
creat(&(0x7f0000000780)='./file2\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

0s ago: executing program 2 (id=2226):
r0 = socket(0x10, 0x3, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000037c0), 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001500)=ANY=[@ANYBLOB="bf16000000000000b7070000060000005070000000000000480000000000e1ff95000000000000002ba7e1d30cb599e83f24b8a4efc02d459d9e32a3aa81d36bb3019c13bd23212fb56f040026fb41f2db3b1639b7bbc9af171b856de734cfe3cafafefc40056bdc17487960007102fa9ea41da123741c66be166992b2dcd72fa0fca047d41886d1d4d94f2f4e345c652fbc1626cca2a2ad35806150ae0209e62f51ee988e6e06c8cedf3ceb9fc404000000c588b277beee1cbf9b0a4def42d410f6accd3637110bec4e90a6341965c39e9ebab0e39622200e011ea661c45a3449abe802f5ab3e3101c0932ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8000018ef4aafad197acc7dc1e955c685ceff7f000000000000491b8bc4748eda186872000007ce468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f00000000000000000100fb0000000000000000ff03000000000000b56780260ed652290f58fa64533500ebffffff00ca1276445432997f0000000000000008e75a89faff01210cce39bf405f1e846c12423a163b33e680846f26dc7add65873d9f87463ad6f7c2f3ee1a39244960b318778f2a047f6d0800000000000000e7a6520602a80d608df4d433623c850af895abba72bf14f6fbd7fbad2a436804eeae1de6d2c740cf0c0b74edbcb2d4b7746fa4bc5e32bd378af7c9136adf32ec7bf48cabecead649f96ea24c32872c490637c34360cb5d46ce680eeb80127eb23f9902519a693b85c6552051385e7e87a2db762cbb253fbd76b9117c1a11d18aa21a0c5f0c28999a639c0376678be35ffe99ff799a11d9b219c00c369a12bf8685b862d2000000bda1bae489bcef5ae59136aaacc59608f4d4e6067338b521eaf2e2465da053cfd5e95394e5520545364361d2c1465c5461a7c4174e5cd9c7976c9aa6342c5621dbc2dccedb5ab74e0b119252a23352fca272212d0c0104000014593d65d3f5e1e9b294669bcd2df061a4d6a835e40e7302f53f90da24cb256b34e95bca9c512f737486ecd037ce40d0a706a5b05e72f8c218366e321f9109ae4cf44b3b0104154a93394f42b4ab6125e0ba8b1a1d8c473852910b3cb7e8dc795ac01bad9a6b438b9db5f5c926940a3ac36daf2a9dc9d868ec11f51e08bc67a3d598039d328b4677229e8b587e8a00f1733adabd5d2837c084c164cf30010969c79a09ac7a9bffff5bc7e420baa9000cd49f77782205d3f6f4b6aa751f49a6b76e3d23635f1d33b906707563b8ec92dec767cc09fe9936acb43382bfc81c823ba32f25738d863cf20181208e23ce19966e729a7b4eefa68554fa4ccadac05c8eac1b52dd528b124285a16da468e3fcb3d9a24e9d670500956702fe9be5d8207d426450ca622e8e0197270cbb947231baf36e0567c0f5de639c99bb71ca0e60d2decb185cddd74d4f00000000000000000000006ed429a657a8203f6542e9dd19d7a70431aefcb9f1b673512e25503c603f19fa4c39ee9b08aadd2c7555543837770a812207bc2be9c86f94282b325e30971f0000000099106f0defa59616d3d18a4c8c04a45c204edfc4cefbd94c4c034dcbc90975b097ece2484b5287105335791eb3061ac500a6728677c72b5b76c18186d6f1a5c74aaddd22dc002fd4bd1bc3409e8d7144689c89f7a5e95fce153d4e9bf0fe0aaa3dfaa443c5081606fda5059146ef94586f5d1658ef0389734108a3af432c730175a7c6e3bb997ed39a0da78527b212001e573492190000d3acf262e0baae546c6bc16183f530a951ba461690245945ae55529e1aa0d80e36d945260e977f4dfe8105961ad69511a348fce1d1be1db324fb4e2f463ad9f17b4093e7f2ff1165a277e08bcc5f2411a05abff3b8f2dc2d896e9039181495414718ea32a3a6f786503f9485b3fc89409913883cec74b29aa74cc05a86323a972dc4d5e91460e9771a64bb899d8fb5c0031ae6997a3f512bd47b1748b2569ed5a1d7fd264d431d8aa1651ff99790567622f29c4fd60744b2b8c089869b888ed52ecaaeb123a3b5e699d84ef4341451e217"], &(0x7f0000000140)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000047c0)=r1, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000180)=0x80000000, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000001300)={'batadv0\x00', <r4=>0x0})
sendto$packet(r2, &(0x7f0000000200)="0b030e00ebff63020002004788ba", 0xe, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
write(r0, &(0x7f00000000c0)="240000005a001f021007f4f9002304000a04f51108000500020100020800038005000000", 0x24)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_SET(r5, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r6, 0x5412, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, &(0x7f0000000000)={0x0, {{0x29, 0x0, 0x37000000, @empty, 0x9}}}, 0x88)
socket$nl_route(0x10, 0x3, 0x0)
r7 = memfd_create(&(0x7f0000000280)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
ftruncate(r7, 0xffff)
fcntl$addseals(r7, 0x409, 0x7)
writev(r7, &(0x7f0000000400)=[{&(0x7f0000000140)="61397cf6a66ed1dffeac6357582f187cea372ed56271a7fdc11b7621da90a4e1732b95b6d6b7571b9d14a231b1aad7730dc92cc5a4a0f3a42afdccd7fa04b96b2dcceb92fa1793efb1813f4645f585e347686e8f0b524034372b94ac63cbac64c1c714b2fdc793bef11bd60dc9261cb5175f1968036ae96ecc59119cb763e11a86ad8ae8ae3b74a94d4426b795efaeb9200718f7bb74ab0f2141495f9bd1db6faa591d7cbf4ef179e82f6ed97fe9fb269576f34bc628a738938dfd8d5e01affdd7b192d1c93f2b968dfb217d5e688e8d0f31", 0xd2}, {&(0x7f0000000440)="5c72f97c1faf6208878e7b87bd8360c37e7422d7ccc96ef29f1c874dd26e842b9d90597d231dad119eb10925e896c6d15db93d70a3a358464023be7d223c8f7af4f384768a8dc9287073e2732c7e9f83", 0x18}, {&(0x7f00000000c0)="0ffbff40d74f", 0xffffffbd}, {&(0x7f0000000240)="821ccd9c96402b9baabb0938bdceec855480e3ce024f125cbf1644d8257477ee384dcd27d9af75a46d4e", 0x2a}], 0x4)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

ve_0: left promiscuous mode
[  146.513304][ T3272] hsr_slave_1: left promiscuous mode
[  146.526557][ T3272] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  146.534140][ T3272] batman_adv: batadv0: Removing interface: batadv_slave_0
[  146.544188][ T3272] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  146.551683][ T3272] batman_adv: batadv0: Removing interface: batadv_slave_1
[  146.565064][ T3272] veth1_vlan: left promiscuous mode
[  146.570325][ T3272] veth0_vlan: left promiscuous mode
[  146.679455][ T3272] team0 (unregistering): Port device team_slave_1 removed
[  146.691482][ T3272] team0 (unregistering): Port device team_slave_0 removed
[  146.752151][ T9563] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.777275][ T9544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  146.791317][ T9544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  146.844608][ T9563] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.865663][ T9591] loop3: detected capacity change from 0 to 1024
[  146.875639][ T9544] team0: Port device team_slave_0 added
[  146.882533][ T9591] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  146.888010][ T9544] team0: Port device team_slave_1 added
[  146.900681][ T9591] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  146.910335][ T9591] EXT4-fs (loop3): orphan cleanup on readonly fs
[  146.917475][ T9591] EXT4-fs error (device loop3): __ext4_get_inode_loc:4436: comm syz.3.1868: Invalid inode table block 0 in block_group 0
[  146.930260][ T9591] EXT4-fs (loop3): Remounting filesystem read-only
[  146.936881][ T9591] EXT4-fs (loop3): 1 truncate cleaned up
[  146.943235][ T9544] batman_adv: batadv0: Adding interface: batadv_slave_0
[  146.951564][ T9544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  146.978890][ T9544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  146.998703][ T9591] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  147.007264][ T9544] batman_adv: batadv0: Adding interface: batadv_slave_1
[  147.012489][ T9591] SELinux: (dev loop3, type ext4) getxattr errno 5
[  147.018089][ T9544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.024955][ T9591] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.050440][ T9544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  147.087863][ T9563] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.102087][ T9563] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.119658][ T9544] hsr_slave_0: entered promiscuous mode
[  147.126566][ T9544] hsr_slave_1: entered promiscuous mode
[  147.139462][ T9563] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.156311][ T9563] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.167281][ T9601] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1871'.
[  147.186042][ T9601] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1871'.
[  147.197065][ T8975] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.203299][ T9604] loop3: detected capacity change from 0 to 1024
[  147.218375][ T9604] ext4: Unknown parameter 'dont_hash'
[  147.260955][ T9608] loop1: detected capacity change from 0 to 128
[  147.275688][ T9608] 9pnet: p9_errstr2errno: server reported unknown error œæçæŒÎsŧ‘̼§6
[  147.276033][ T9604] loop3: detected capacity change from 0 to 8192
[  147.313088][ T9610] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1876'.
[  147.498683][ T9626] loop3: detected capacity change from 0 to 1024
[  147.505699][ T9626] ext4: Unknown parameter 'dont_hash'
[  147.538678][ T9544] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  147.556796][ T9544] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  147.575907][ T9544] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  147.587818][ T9626] loop3: detected capacity change from 0 to 8192
[  147.596539][ T9544] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  147.645178][ T9544] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.668390][ T9544] 8021q: adding VLAN 0 to HW filter on device team0
[  147.695690][ T3416] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.702769][ T3416] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.718930][ T9214] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.726075][ T9214] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.772123][ T9544] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  147.782514][ T9544] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  147.891124][ T9544] 8021q: adding VLAN 0 to HW filter on device batadv0
[  147.939056][ T9643] loop3: detected capacity change from 0 to 1024
[  147.946112][ T9643] EXT4-fs: Ignoring removed nomblk_io_submit option
[  147.966872][ T9643] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.047026][ T9544] veth0_vlan: entered promiscuous mode
[  148.048112][ T4584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.055497][ T9544] veth1_vlan: entered promiscuous mode
[  148.077309][ T9544] veth0_macvtap: entered promiscuous mode
[  148.096959][ T9544] veth1_macvtap: entered promiscuous mode
[  148.112366][   T29] kauditd_printk_skb: 238 callbacks suppressed
[  148.112380][   T29] audit: type=1400 audit(2000000331.091:5120): avc:  denied  { setopt } for  pid=9655 comm="syz.2.1884" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  148.117321][ T9544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.150612][ T9544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.160562][ T9544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.172242][ T9544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.182156][ T9544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.192672][ T9544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.205766][ T9544] batman_adv: batadv0: Interface activated: batadv_slave_0
[  148.218806][ T9544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  148.229966][ T9544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.240381][ T9544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  148.250894][ T9544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.261339][ T9544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  148.272466][ T9544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.282311][ T9544] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  148.293456][ T9544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.304918][ T9544] batman_adv: batadv0: Interface activated: batadv_slave_1
[  148.316113][ T9544] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.325125][ T9544] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.334595][ T9544] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.343292][ T9544] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.415881][ T9667] loop3: detected capacity change from 0 to 128
[  148.430761][   T29] audit: type=1326 audit(2000000331.411:5121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9665 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  148.433008][ T9667] 9pnet: p9_errstr2errno: server reported unknown error œæçæŒÎsŧ‘̼§6
[  148.480384][   T29] audit: type=1326 audit(2000000331.411:5122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9665 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  148.503866][   T29] audit: type=1326 audit(2000000331.411:5123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9665 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  148.527291][   T29] audit: type=1326 audit(2000000331.411:5124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9665 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  148.550937][   T29] audit: type=1326 audit(2000000331.411:5125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9665 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  148.574389][   T29] audit: type=1326 audit(2000000331.411:5126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9665 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  148.598060][   T29] audit: type=1326 audit(2000000331.411:5127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9665 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  148.621373][   T29] audit: type=1326 audit(2000000331.411:5128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9665 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  148.645010][   T29] audit: type=1326 audit(2000000331.411:5129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9665 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  148.690127][ T9681] loop3: detected capacity change from 0 to 1024
[  148.698058][ T9681] ext4: Unknown parameter 'dont_hash'
[  148.722089][ T9676] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1857'.
[  148.768849][ T9681] loop3: detected capacity change from 0 to 8192
[  148.811005][ T9687] bridge_slave_0: default FDB implementation only supports local addresses
[  148.912658][ T9695] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1895'.
[  148.935560][ T9698] ipt_ECN: cannot use operation on non-tcp rule
[  148.942086][ T9698] FAULT_INJECTION: forcing a failure.
[  148.942086][ T9698] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.955289][ T9698] CPU: 0 UID: 0 PID: 9698 Comm: syz.0.1896 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  148.965970][ T9698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  148.976033][ T9698] Call Trace:
[  148.979306][ T9698]  <TASK>
[  148.982228][ T9698]  dump_stack_lvl+0xf2/0x150
[  148.986815][ T9698]  dump_stack+0x15/0x20
[  148.991010][ T9698]  should_fail_ex+0x229/0x230
[  148.995699][ T9698]  should_fail+0xb/0x10
[  148.999841][ T9698]  should_fail_usercopy+0x1a/0x20
[  149.004927][ T9698]  _copy_to_user+0x1e/0xa0
[  149.009416][ T9698]  simple_read_from_buffer+0xa0/0x110
[  149.014818][ T9698]  proc_fail_nth_read+0xfc/0x140
[  149.019755][ T9698]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  149.025365][ T9698]  vfs_read+0x1a2/0x6e0
[  149.029621][ T9698]  ? __rcu_read_unlock+0x4e/0x70
[  149.034563][ T9698]  ? __fget_files+0x1da/0x210
[  149.039284][ T9698]  ksys_read+0xeb/0x1b0
[  149.043453][ T9698]  __x64_sys_read+0x42/0x50
[  149.048022][ T9698]  x64_sys_call+0x2a36/0x2e00
[  149.052794][ T9698]  do_syscall_64+0xc9/0x1c0
[  149.057355][ T9698]  ? clear_bhb_loop+0x55/0xb0
[  149.062101][ T9698]  ? clear_bhb_loop+0x55/0xb0
[  149.066806][ T9698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.072753][ T9698] RIP: 0033:0x7f9c2dc95d7c
[  149.077167][ T9698] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  149.096821][ T9698] RSP: 002b:00007f9c2c917040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  149.105263][ T9698] RAX: ffffffffffffffda RBX: 00007f9c2de25f80 RCX: 00007f9c2dc95d7c
[  149.113318][ T9698] RDX: 000000000000000f RSI: 00007f9c2c9170b0 RDI: 0000000000000004
[  149.121288][ T9698] RBP: 00007f9c2c9170a0 R08: 0000000000000000 R09: 0000000000000000
[  149.129279][ T9698] R10: 0000000020000e80 R11: 0000000000000246 R12: 0000000000000001
[  149.137261][ T9698] R13: 000000000000000b R14: 00007f9c2de25f80 R15: 00007fffa460b458
[  149.145304][ T9698]  </TASK>
[  149.178964][ T9706] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  149.185502][ T9706] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  149.192996][ T9706] vhci_hcd vhci_hcd.0: Device attached
[  149.200053][ T9706] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  149.209441][ T9706] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  149.218430][ T9706] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(13)
[  149.225023][ T9706] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  149.232440][ T9706] vhci_hcd vhci_hcd.0: Device attached
[  149.239278][ T9706] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  149.247805][ T9706] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  149.258128][ T9706] vhci_hcd vhci_hcd.0: pdev(3) rhport(6) sockfd(19)
[  149.264731][ T9706] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  149.272983][ T9706] vhci_hcd vhci_hcd.0: Device attached
[  149.278848][ T9715] vhci_hcd: connection closed
[  149.279009][ T9712] vhci_hcd: connection closed
[  149.279311][ T9708] vhci_hcd: connection closed
[  149.283748][ T3272] vhci_hcd: stop threads
[  149.298306][ T3272] vhci_hcd: release socket
[  149.298316][ T3272] vhci_hcd: disconnect device
[  149.298474][ T3272] vhci_hcd: stop threads
[  149.311705][ T3272] vhci_hcd: release socket
[  149.316142][ T3272] vhci_hcd: disconnect device
[  149.321165][ T3272] vhci_hcd: stop threads
[  149.325546][ T3272] vhci_hcd: release socket
[  149.329978][ T3272] vhci_hcd: disconnect device
[  149.398338][   T24] vhci_hcd: vhci_device speed not set
[  149.705647][ T9726] loop1: detected capacity change from 0 to 256
[  149.732642][ T9726] FAT-fs (loop1): Directory bread(block 64) failed
[  149.749408][ T9726] FAT-fs (loop1): Directory bread(block 65) failed
[  149.765078][ T9726] FAT-fs (loop1): Directory bread(block 66) failed
[  149.781810][ T9726] FAT-fs (loop1): Directory bread(block 67) failed
[  149.798538][ T9726] FAT-fs (loop1): Directory bread(block 68) failed
[  149.813861][ T9726] FAT-fs (loop1): Directory bread(block 69) failed
[  149.836741][ T9726] FAT-fs (loop1): Directory bread(block 70) failed
[  149.853391][ T9726] FAT-fs (loop1): Directory bread(block 71) failed
[  149.860207][ T9726] FAT-fs (loop1): Directory bread(block 72) failed
[  149.873765][ T9726] FAT-fs (loop1): Directory bread(block 73) failed
[  149.918693][ T9726] syz.1.1901: attempt to access beyond end of device
[  149.918693][ T9726] loop1: rw=2049, sector=1224, nr_sectors = 4 limit=256
[  150.001268][ T9738] loop1: detected capacity change from 0 to 512
[  150.012088][ T9739] loop3: detected capacity change from 0 to 1024
[  150.030198][ T9739] ext4: Unknown parameter 'dont_hash'
[  150.057768][ T9738] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.086482][ T9739] loop3: detected capacity change from 0 to 8192
[  150.128933][ T9738] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  150.142212][ T9738] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  150.154158][ T9738] bridge_slave_0: default FDB implementation only supports local addresses
[  150.338402][ T9749] loop1: detected capacity change from 0 to 256
[  150.359410][ T9749] FAT-fs (loop1): Directory bread(block 64) failed
[  150.366625][ T9749] FAT-fs (loop1): Directory bread(block 65) failed
[  150.383444][ T9749] FAT-fs (loop1): Directory bread(block 66) failed
[  150.405662][ T9749] FAT-fs (loop1): Directory bread(block 67) failed
[  150.412210][ T9749] FAT-fs (loop1): Directory bread(block 68) failed
[  150.426080][ T9749] FAT-fs (loop1): Directory bread(block 69) failed
[  150.432706][ T9749] FAT-fs (loop1): Directory bread(block 70) failed
[  150.440130][ T9749] FAT-fs (loop1): Directory bread(block 71) failed
[  150.440220][ T9749] FAT-fs (loop1): Directory bread(block 72) failed
[  150.440237][ T9749] FAT-fs (loop1): Directory bread(block 73) failed
[  150.446890][ T9749] syz.1.1907: attempt to access beyond end of device
[  150.446890][ T9749] loop1: rw=0, sector=1768, nr_sectors = 4 limit=256
[  150.510886][ T9766] loop3: detected capacity change from 0 to 256
[  150.523397][ T9766] FAT-fs (loop3): Directory bread(block 64) failed
[  150.526616][ T9768] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  150.533152][ T9766] FAT-fs (loop3): Directory bread(block 65) failed
[  150.537154][ T9768] IPv6: NLM_F_CREATE should be set when creating new route
[  150.537229][ T9768] IPv6: NLM_F_CREATE should be set when creating new route
[  150.559563][ T9766] FAT-fs (loop3): Directory bread(block 66) failed
[  150.567450][ T9766] FAT-fs (loop3): Directory bread(block 67) failed
[  150.574380][ T9766] FAT-fs (loop3): Directory bread(block 68) failed
[  150.580983][ T9766] FAT-fs (loop3): Directory bread(block 69) failed
[  150.587609][ T9766] FAT-fs (loop3): Directory bread(block 70) failed
[  150.595623][ T9766] FAT-fs (loop3): Directory bread(block 71) failed
[  150.602240][ T9766] FAT-fs (loop3): Directory bread(block 72) failed
[  150.609018][ T9766] FAT-fs (loop3): Directory bread(block 73) failed
[  150.629052][ T9766] syz.3.1915: attempt to access beyond end of device
[  150.629052][ T9766] loop3: rw=2049, sector=1224, nr_sectors = 4 limit=256
[  150.671262][ T9770] loop3: detected capacity change from 0 to 1024
[  150.678207][ T9770] EXT4-fs: Ignoring removed mblk_io_submit option
[  150.686585][ T9770] journal_path: Lookup failure for './file0/../file0'
[  150.693588][ T9770] EXT4-fs: error: could not find journal device path
[  150.818905][ T9781] loop2: detected capacity change from 0 to 512
[  150.826916][ T9781] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1912: bg 0: block 5: invalid block bitmap
[  150.840454][ T9781] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  150.849455][ T9781] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.1912: invalid indirect mapped block 3 (level 2)
[  150.862869][ T9781] EXT4-fs (loop2): 1 orphan inode deleted
[  150.869397][ T9781] EXT4-fs (loop2): 1 truncate cleaned up
[  151.117541][ T9790] loop1: detected capacity change from 0 to 512
[  151.125700][ T9790] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.1920: casefold flag without casefold feature
[  151.141198][ T9790] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1920: couldn't read orphan inode 15 (err -117)
[  151.645515][ T9805] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1925'.
[  151.890882][ T9824] loop2: detected capacity change from 0 to 256
[  151.908700][ T9824] FAT-fs (loop2): Directory bread(block 64) failed
[  151.916646][ T9824] FAT-fs (loop2): Directory bread(block 65) failed
[  151.923312][ T9824] FAT-fs (loop2): Directory bread(block 66) failed
[  151.932855][ T9824] FAT-fs (loop2): Directory bread(block 67) failed
[  151.940553][ T9824] FAT-fs (loop2): Directory bread(block 68) failed
[  151.947440][ T9824] FAT-fs (loop2): Directory bread(block 69) failed
[  151.955564][ T9824] FAT-fs (loop2): Directory bread(block 70) failed
[  151.962423][ T9824] FAT-fs (loop2): Directory bread(block 71) failed
[  151.969563][ T9824] FAT-fs (loop2): Directory bread(block 72) failed
[  151.977624][ T9824] FAT-fs (loop2): Directory bread(block 73) failed
[  152.112094][ T9826] loop2: detected capacity change from 0 to 1024
[  152.118656][ T9826] EXT4-fs: Ignoring removed mblk_io_submit option
[  152.126701][ T9826] journal_path: Lookup failure for './file0/../file0'
[  152.133490][ T9826] EXT4-fs: error: could not find journal device path
[  152.429418][ T9855] bridge_slave_0: default FDB implementation only supports local addresses
[  152.501685][ T9862] loop2: detected capacity change from 0 to 512
[  152.547968][ T9865] loop1: detected capacity change from 0 to 512
[  152.578389][ T9865] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1935: bg 0: block 5: invalid block bitmap
[  152.603161][ T9865] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  152.619611][ T9865] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1935: invalid indirect mapped block 3 (level 2)
[  152.640256][ T9865] EXT4-fs (loop1): 1 orphan inode deleted
[  152.646103][ T9865] EXT4-fs (loop1): 1 truncate cleaned up
[  152.681327][ T9875] loop3: detected capacity change from 0 to 512
[  152.739337][ T9875] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.1947: casefold flag without casefold feature
[  152.762158][ T9875] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1947: couldn't read orphan inode 15 (err -117)
[  152.874676][ T9894] FAULT_INJECTION: forcing a failure.
[  152.874676][ T9894] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  152.887782][ T9894] CPU: 0 UID: 0 PID: 9894 Comm: syz.3.1949 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  152.898529][ T9894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  152.908598][ T9894] Call Trace:
[  152.911885][ T9894]  <TASK>
[  152.914811][ T9894]  dump_stack_lvl+0xf2/0x150
[  152.919457][ T9894]  dump_stack+0x15/0x20
[  152.923617][ T9894]  should_fail_ex+0x229/0x230
[  152.928376][ T9894]  should_fail+0xb/0x10
[  152.932548][ T9894]  should_fail_usercopy+0x1a/0x20
[  152.937601][ T9894]  _copy_from_user+0x1e/0xd0
[  152.942232][ T9894]  io_register_napi+0xd0/0x230
[  152.947049][ T9894]  __se_sys_io_uring_register+0x78b/0x1070
[  152.952861][ T9894]  __x64_sys_io_uring_register+0x55/0x70
[  152.958512][ T9894]  x64_sys_call+0xb9d/0x2e00
[  152.963134][ T9894]  do_syscall_64+0xc9/0x1c0
[  152.967662][ T9894]  ? clear_bhb_loop+0x55/0xb0
[  152.972387][ T9894]  ? clear_bhb_loop+0x55/0xb0
[  152.977065][ T9894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.983105][ T9894] RIP: 0033:0x7f7913b17299
[  152.987515][ T9894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.007184][ T9894] RSP: 002b:00007f7912797048 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  153.015659][ T9894] RAX: ffffffffffffffda RBX: 00007f7913ca5f80 RCX: 00007f7913b17299
[  153.023621][ T9894] RDX: 0000000020000038 RSI: 000000000000001b RDI: 0000000000000003
[  153.031685][ T9894] RBP: 00007f79127970a0 R08: 0000000000000000 R09: 0000000000000000
[  153.039643][ T9894] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  153.047644][ T9894] R13: 000000000000000b R14: 00007f7913ca5f80 R15: 00007ffc8ab3ff18
[  153.055606][ T9894]  </TASK>
[  153.106831][ T9877] chnl_net:caif_netlink_parms(): no params data found
[  153.167746][ T9877] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.176145][ T9877] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.185172][ T9877] bridge_slave_0: entered allmulticast mode
[  153.191872][ T9877] bridge_slave_0: entered promiscuous mode
[  153.199565][ T9877] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.207987][ T9877] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.212510][ T9908] loop3: detected capacity change from 0 to 1024
[  153.215581][ T9877] bridge_slave_1: entered allmulticast mode
[  153.226506][ T9908] ext4: Unknown parameter 'dont_hash'
[  153.233220][ T9877] bridge_slave_1: entered promiscuous mode
[  153.262036][ T9877] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  153.277683][ T9908] loop3: detected capacity change from 0 to 8192
[  153.277913][ T9877] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  153.295165][ T9910] loop4: detected capacity change from 0 to 1024
[  153.301933][ T9910] ext4: Unknown parameter 'dont_hash'
[  153.310060][ T9877] team0: Port device team_slave_0 added
[  153.318172][ T9877] team0: Port device team_slave_1 added
[  153.341544][ T9877] batman_adv: batadv0: Adding interface: batadv_slave_0
[  153.348558][ T9877] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.375737][ T9877] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  153.380643][ T9910] loop4: detected capacity change from 0 to 8192
[  153.390060][ T9877] batman_adv: batadv0: Adding interface: batadv_slave_1
[  153.399666][ T9877] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.427028][ T9877] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  153.458227][ T9877] hsr_slave_0: entered promiscuous mode
[  153.462669][ T9913] loop3: detected capacity change from 0 to 256
[  153.470530][ T9877] hsr_slave_1: entered promiscuous mode
[  153.476481][ T9877] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  153.481828][ T9913] FAT-fs (loop3): Directory bread(block 64) failed
[  153.485372][ T9877] Cannot create hsr debugfs directory
[  153.492509][ T9913] FAT-fs (loop3): Directory bread(block 65) failed
[  153.503416][ T9913] FAT-fs (loop3): Directory bread(block 66) failed
[  153.510025][ T9913] FAT-fs (loop3): Directory bread(block 67) failed
[  153.517756][ T9913] FAT-fs (loop3): Directory bread(block 68) failed
[  153.524468][ T9913] FAT-fs (loop3): Directory bread(block 69) failed
[  153.531123][ T9913] FAT-fs (loop3): Directory bread(block 70) failed
[  153.538414][ T9913] FAT-fs (loop3): Directory bread(block 71) failed
[  153.552682][ T9913] FAT-fs (loop3): Directory bread(block 72) failed
[  153.565872][ T9913] FAT-fs (loop3): Directory bread(block 73) failed
[  153.577691][   T29] kauditd_printk_skb: 153 callbacks suppressed
[  153.577705][   T29] audit: type=1400 audit(2000000336.561:5283): avc:  denied  { ioctl } for  pid=9916 comm="syz.0.1956" path="socket:[33121]" dev="sockfs" ino=33121 ioctlcmd=0x8941 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  153.666753][ T9877] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.690881][ T9920] program syz.1.1957 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  153.745995][ T9926] FAULT_INJECTION: forcing a failure.
[  153.745995][ T9926] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.759641][ T9926] CPU: 0 UID: 0 PID: 9926 Comm: syz.1.1959 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  153.770328][ T9926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  153.782979][ T9926] Call Trace:
[  153.786248][ T9926]  <TASK>
[  153.789177][ T9926]  dump_stack_lvl+0xf2/0x150
[  153.793775][ T9926]  dump_stack+0x15/0x20
[  153.797935][ T9926]  should_fail_ex+0x229/0x230
[  153.802633][ T9926]  should_fail+0xb/0x10
[  153.806794][ T9926]  should_fail_usercopy+0x1a/0x20
[  153.811842][ T9926]  _copy_to_user+0x1e/0xa0
[  153.816263][ T9926]  simple_read_from_buffer+0xa0/0x110
[  153.821718][ T9926]  proc_fail_nth_read+0xfc/0x140
[  153.826749][ T9926]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  153.832287][ T9926]  vfs_read+0x1a2/0x6e0
[  153.836469][ T9926]  ? __rcu_read_unlock+0x4e/0x70
[  153.841424][ T9926]  ? __fget_files+0x1da/0x210
[  153.846126][ T9926]  ksys_read+0xeb/0x1b0
[  153.850352][ T9926]  __x64_sys_read+0x42/0x50
[  153.854856][ T9926]  x64_sys_call+0x2a36/0x2e00
[  153.859532][ T9926]  do_syscall_64+0xc9/0x1c0
[  153.864033][ T9926]  ? clear_bhb_loop+0x55/0xb0
[  153.868710][ T9926]  ? clear_bhb_loop+0x55/0xb0
[  153.873440][ T9926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.879437][ T9926] RIP: 0033:0x7f19b8835d7c
[  153.883840][ T9926] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  153.903464][ T9926] RSP: 002b:00007f19b74b7040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  153.911865][ T9926] RAX: ffffffffffffffda RBX: 00007f19b89c5f80 RCX: 00007f19b8835d7c
[  153.919840][ T9926] RDX: 000000000000000f RSI: 00007f19b74b70b0 RDI: 0000000000000004
[  153.927799][ T9926] RBP: 00007f19b74b70a0 R08: 0000000000000000 R09: 0000000000000000
[  153.935808][ T9926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.943805][ T9926] R13: 000000000000000b R14: 00007f19b89c5f80 R15: 00007ffda0944af8
[  153.951767][ T9926]  </TASK>
[  153.957523][ T9877] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.014402][ T9934] loop3: detected capacity change from 0 to 512
[  154.027130][ T9877] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.057721][ T9934] ext4 filesystem being mounted at /362/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.075567][ T9934] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  154.088804][ T9934] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  154.100764][ T9934] bridge_slave_0: default FDB implementation only supports local addresses
[  154.119908][ T9877] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.162761][ T9944] loop3: detected capacity change from 0 to 1024
[  154.182529][ T9944] EXT4-fs: Ignoring removed mblk_io_submit option
[  154.191965][ T9877] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  154.198786][ T9944] journal_path: Lookup failure for './file0/../file0'
[  154.205606][ T9944] EXT4-fs: error: could not find journal device path
[  154.215924][ T9877] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  154.227882][ T9877] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  154.237024][ T9877] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  154.248530][ T3373] bridge_slave_1: left allmulticast mode
[  154.254276][ T3373] bridge_slave_1: left promiscuous mode
[  154.260009][ T3373] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.278948][ T3373] bridge_slave_0: left allmulticast mode
[  154.284878][ T3373] bridge_slave_0: left promiscuous mode
[  154.290533][ T3373] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.405026][ T3373] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  154.473860][ T3373] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  154.495156][ T3373] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  154.506789][ T3373] bond0 (unregistering): Released all slaves
[  154.519005][ T9950] netlink: 'syz.3.1966': attribute type 10 has an invalid length.
[  154.545716][ T9950] batman_adv: batadv0: Adding interface: team0
[  154.551903][ T9950] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.577069][ T9950] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  154.630963][ T9953] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1967'.
[  154.642249][ T3373] hsr_slave_0: left promiscuous mode
[  154.655305][ T3373] hsr_slave_1: left promiscuous mode
[  154.662094][ T3373] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  154.669771][ T3373] batman_adv: batadv0: Removing interface: batadv_slave_0
[  154.678127][ T3373] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  154.686896][ T3373] batman_adv: batadv0: Removing interface: batadv_slave_1
[  154.699419][ T3373] veth1_macvtap: left promiscuous mode
[  154.704976][ T3373] veth0_macvtap: left promiscuous mode
[  154.710393][ T9959] loop3: detected capacity change from 0 to 1024
[  154.710553][ T3373] veth1_vlan: left promiscuous mode
[  154.723392][ T3373] veth0_vlan: left promiscuous mode
[  154.723705][ T9959] ext4: Unknown parameter 'dont_hash'
[  154.779290][ T9959] loop3: detected capacity change from 0 to 8192
[  154.960364][ T3373] team0 (unregistering): Port device team_slave_1 removed
[  154.992234][ T3373] team0 (unregistering): Port device team_slave_0 removed
[  155.050641][ T9955] bridge_slave_0: left allmulticast mode
[  155.056438][ T9955] bridge_slave_0: left promiscuous mode
[  155.062125][ T9955] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.070514][ T9955] bridge_slave_1: left allmulticast mode
[  155.076199][ T9955] bridge_slave_1: left promiscuous mode
[  155.082054][ T9955] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.091319][ T9955] bond0: (slave bond_slave_0): Releasing backup interface
[  155.100062][ T9955] bond0: (slave bond_slave_1): Releasing backup interface
[  155.113325][ T9955] team0: Port device team_slave_0 removed
[  155.120252][ T9955] team0: Port device team_slave_1 removed
[  155.127794][ T9955] batman_adv: batadv0: Removing interface: batadv_slave_0
[  155.135511][ T9955] batman_adv: batadv0: Removing interface: batadv_slave_1
[  155.146576][ T9960] 8021q: adding VLAN 0 to HW filter on device bond0
[  155.150061][ T9973] loop3: detected capacity change from 0 to 512
[  155.154486][ T9960] team0: Port device bond0 added
[  155.168359][ T9974] program syz.4.1970 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  155.179457][ T9973] ext4 filesystem being mounted at /369/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.182821][ T9877] 8021q: adding VLAN 0 to HW filter on device bond0
[  155.205297][ T9966] syzkaller0: entered promiscuous mode
[  155.212416][ T9966] syzkaller0: entered allmulticast mode
[  155.221527][ T9973] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  155.221549][ T9973] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  155.221566][ T9973] bridge_slave_0: default FDB implementation only supports local addresses
[  155.230703][ T9877] 8021q: adding VLAN 0 to HW filter on device team0
[  155.267361][ T9215] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.274456][ T9215] bridge0: port 1(bridge_slave_0) entered forwarding state
[  155.286140][ T3334] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.293265][ T3334] bridge0: port 2(bridge_slave_1) entered forwarding state
[  155.464725][ T9980] loop3: detected capacity change from 0 to 1024
[  155.471529][ T9980] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.479452][ T9980] journal_path: Lookup failure for './file0/../file0'
[  155.486307][ T9980] EXT4-fs: error: could not find journal device path
[  155.511378][ T9877] 8021q: adding VLAN 0 to HW filter on device batadv0
[  155.694018][ T9877] veth0_vlan: entered promiscuous mode
[  155.702608][ T9877] veth1_vlan: entered promiscuous mode
[  155.720256][ T9877] veth0_macvtap: entered promiscuous mode
[  155.730543][ T9877] veth1_macvtap: entered promiscuous mode
[  155.741868][ T9877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  155.752414][ T9877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.762311][ T9877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  155.773549][ T9877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.783404][ T9877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  155.794559][ T9877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.805777][ T9877] batman_adv: batadv0: Interface activated: batadv_slave_0
[  155.816550][ T9877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.827104][ T9877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.836968][ T9877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.843449][   T29] audit: type=1326 audit(2000000338.821:5284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0dfb67299 code=0x7fc00000
[  155.847401][ T9877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.847418][ T9877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.847431][ T9877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.847446][ T9877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  155.847459][ T9877] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  155.922672][ T9877] batman_adv: batadv0: Interface activated: batadv_slave_1
[  155.932248][T10018] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1977'.
[  155.943721][ T9877] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.952483][ T9877] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.962477][ T9877] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.971316][ T9877] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  156.031154][T10023] loop2: detected capacity change from 0 to 1024
[  156.039076][T10023] EXT4-fs: Ignoring removed mblk_io_submit option
[  156.047151][T10023] journal_path: Lookup failure for './file0/../file0'
[  156.053987][T10023] EXT4-fs: error: could not find journal device path
[  156.172129][T10030] FAULT_INJECTION: forcing a failure.
[  156.172129][T10030] name failslab, interval 1, probability 0, space 0, times 0
[  156.184938][T10030] CPU: 1 UID: 0 PID: 10030 Comm: syz.0.1981 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  156.195770][T10030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  156.205833][T10030] Call Trace:
[  156.209123][T10030]  <TASK>
[  156.212054][T10030]  dump_stack_lvl+0xf2/0x150
[  156.216673][T10030]  dump_stack+0x15/0x20
[  156.220888][T10030]  should_fail_ex+0x229/0x230
[  156.225595][T10030]  ? alloc_vmap_area+0x1e1/0x1830
[  156.230635][T10030]  should_failslab+0x8f/0xb0
[  156.235237][T10030]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  156.241089][T10030]  alloc_vmap_area+0x1e1/0x1830
[  156.245943][T10030]  ? ___slab_alloc+0x2b7/0x980
[  156.250823][T10030]  ? __rcu_read_unlock+0x4e/0x70
[  156.255805][T10030]  ? should_fail_ex+0xd7/0x230
[  156.260626][T10030]  __get_vm_area_node+0x15e/0x1b0
[  156.265660][T10030]  __vmalloc_node_range_noprof+0x2eb/0xef0
[  156.271475][T10030]  ? bpf_prog_alloc_no_stats+0x49/0x290
[  156.277065][T10030]  ? __rcu_read_unlock+0x4e/0x70
[  156.282009][T10030]  ? bpf_prog_alloc_no_stats+0x49/0x290
[  156.287579][T10030]  __vmalloc_noprof+0x5e/0x70
[  156.292272][T10030]  ? bpf_prog_alloc_no_stats+0x49/0x290
[  156.297909][T10030]  bpf_prog_alloc_no_stats+0x49/0x290
[  156.303296][T10030]  ? bpf_prog_alloc+0x28/0x150
[  156.308141][T10030]  bpf_prog_alloc+0x3a/0x150
[  156.312840][T10030]  bpf_prog_load+0x4d1/0x1060
[  156.317542][T10030]  __sys_bpf+0x463/0x7a0
[  156.321842][T10030]  __x64_sys_bpf+0x43/0x50
[  156.326340][T10030]  x64_sys_call+0x23d5/0x2e00
[  156.331080][T10030]  do_syscall_64+0xc9/0x1c0
[  156.335623][T10030]  ? clear_bhb_loop+0x55/0xb0
[  156.340429][T10030]  ? clear_bhb_loop+0x55/0xb0
[  156.345190][T10030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.351091][T10030] RIP: 0033:0x7f9c2dc97299
[  156.355583][T10030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.375366][T10030] RSP: 002b:00007f9c2c917048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  156.383883][T10030] RAX: ffffffffffffffda RBX: 00007f9c2de25f80 RCX: 00007f9c2dc97299
[  156.391941][T10030] RDX: 0000000000000090 RSI: 0000000020003480 RDI: 0000000000000005
[  156.399922][T10030] RBP: 00007f9c2c9170a0 R08: 0000000000000000 R09: 0000000000000000
[  156.407902][T10030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.415877][T10030] R13: 000000000000000b R14: 00007f9c2de25f80 R15: 00007fffa460b458
[  156.423861][T10030]  </TASK>
[  156.428379][T10030] syz.0.1981: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz0,mems_allowed=0
[  156.444752][T10030] CPU: 1 UID: 0 PID: 10030 Comm: syz.0.1981 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  156.455567][T10030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  156.465655][T10030] Call Trace:
[  156.468933][T10030]  <TASK>
[  156.471857][T10030]  dump_stack_lvl+0xf2/0x150
[  156.476454][T10030]  dump_stack+0x15/0x20
[  156.480683][T10030]  warn_alloc+0x145/0x1b0
[  156.485022][T10030]  ? kfree+0xd5/0x290
[  156.489028][T10030]  __vmalloc_node_range_noprof+0x310/0xef0
[  156.494849][T10030]  ? __rcu_read_unlock+0x4e/0x70
[  156.499830][T10030]  ? bpf_prog_alloc_no_stats+0x49/0x290
[  156.503679][   T29] audit: type=1326 audit(2000000339.441:5285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fe0dfb67299 code=0x7fc00000
[  156.505375][T10030]  __vmalloc_noprof+0x5e/0x70
[  156.505400][T10030]  ? bpf_prog_alloc_no_stats+0x49/0x290
[  156.528886][   T29] audit: type=1326 audit(2000000339.441:5286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0dfb67299 code=0x7fc00000
[  156.533489][T10030]  bpf_prog_alloc_no_stats+0x49/0x290
[  156.539032][   T29] audit: type=1326 audit(2000000339.441:5287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0dfb67299 code=0x7fc00000
[  156.562411][T10030]  ? bpf_prog_alloc+0x28/0x150
[  156.567785][   T29] audit: type=1326 audit(2000000339.441:5288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0dfb67299 code=0x7fc00000
[  156.591173][T10030]  bpf_prog_alloc+0x3a/0x150
[  156.591204][T10030]  bpf_prog_load+0x4d1/0x1060
[  156.591280][T10030]  __sys_bpf+0x463/0x7a0
[  156.596030][   T29] audit: type=1326 audit(2000000339.441:5289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0dfb67299 code=0x7fc00000
[  156.619413][T10030]  __x64_sys_bpf+0x43/0x50
[  156.623993][   T29] audit: type=1326 audit(2000000339.441:5290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0dfb67299 code=0x7fc00000
[  156.628625][T10030]  x64_sys_call+0x23d5/0x2e00
[  156.628648][T10030]  do_syscall_64+0xc9/0x1c0
[  156.632953][   T29] audit: type=1326 audit(2000000339.441:5291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0dfb67299 code=0x7fc00000
[  156.656385][T10030]  ? clear_bhb_loop+0x55/0xb0
[  156.660785][   T29] audit: type=1326 audit(2000000339.441:5292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10001 comm="syz.4.1977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0dfb67299 code=0x7fc00000
[  156.684220][T10030]  ? clear_bhb_loop+0x55/0xb0
[  156.684247][T10030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.755765][T10030] RIP: 0033:0x7f9c2dc97299
[  156.760171][T10030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.779768][T10030] RSP: 002b:00007f9c2c917048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  156.788167][T10030] RAX: ffffffffffffffda RBX: 00007f9c2de25f80 RCX: 00007f9c2dc97299
[  156.796128][T10030] RDX: 0000000000000090 RSI: 0000000020003480 RDI: 0000000000000005
[  156.804087][T10030] RBP: 00007f9c2c9170a0 R08: 0000000000000000 R09: 0000000000000000
[  156.812110][T10030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.820110][T10030] R13: 000000000000000b R14: 00007f9c2de25f80 R15: 00007fffa460b458
[  156.828132][T10030]  </TASK>
[  156.831255][T10030] Mem-Info:
[  156.835883][T10030] active_anon:13854 inactive_anon:2 isolated_anon:0
[  156.835883][T10030]  active_file:9345 inactive_file:12688 isolated_file:0
[  156.835883][T10030]  unevictable:0 dirty:295 writeback:0
[  156.835883][T10030]  slab_reclaimable:2725 slab_unreclaimable:15198
[  156.835883][T10030]  mapped:23834 shmem:2177 pagetables:682
[  156.835883][T10030]  sec_pagetables:0 bounce:0
[  156.835883][T10030]  kernel_misc_reclaimable:0
[  156.835883][T10030]  free:1888003 free_pcp:10776 free_cma:0
[  156.880878][T10030] Node 0 active_anon:55416kB inactive_anon:8kB active_file:37380kB inactive_file:50752kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:95336kB dirty:1180kB writeback:0kB shmem:8708kB writeback_tmp:0kB kernel_stack:3232kB pagetables:2728kB sec_pagetables:0kB all_unreclaimable? no
[  156.910005][T10030] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  156.910133][T10030] lowmem_reserve[]: 0 2866 7844 0
[  156.910158][T10030] Node 0 DMA32 free:2950416kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953948kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[  156.910244][T10030] lowmem_reserve[]: 0 0 4978 0
[  156.910267][T10030] Node 0 Normal free:4586236kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:55416kB inactive_anon:8kB active_file:37380kB inactive_file:50752kB unevictable:0kB writepending:1180kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:39588kB local_pcp:13040kB free_cma:0kB
[  156.910344][T10030] lowmem_reserve[]: 0 0 0 0
[  156.910367][T10030] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  156.910490][T10030] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 3*16kB (M) 4*32kB (M) 3*64kB (M) 3*128kB (M) 4*256kB (M) 3*512kB (M) 2*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950416kB
[  156.910734][T10030] Node 0 Normal: 729*4kB (UME) 811*8kB (UME) 494*16kB (UME) 211*32kB (UME) 96*64kB (UM) 100*128kB (UME) 35*256kB (UME) 6*512kB (UM) 3*1024kB (UM) 3*2048kB (UE) 1104*4096kB (UM) = 4586236kB
[  156.910913][T10030] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  156.910930][T10030] 24212 total pagecache pages
[  156.910937][T10030] 3 pages in swap cache
[  156.910943][T10030] Free swap  = 124632kB
[  156.910949][T10030] Total swap = 124996kB
[  156.910955][T10030] 2097051 pages RAM
[  156.910972][T10030] 0 pages HighMem/MovableOnly
[  156.910978][T10030] 80172 pages reserved
[  157.009181][T10032] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1982'.
[  157.143184][T10039] loop2: detected capacity change from 0 to 512
[  157.169911][T10039] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.198683][T10039] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  157.210670][T10039] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  157.223924][T10039] bridge_slave_0: default FDB implementation only supports local addresses
[  157.293861][T10056] loop4: detected capacity change from 0 to 1024
[  157.300809][T10056] ext4: Unknown parameter 'dont_hash'
[  157.352369][T10056] loop4: detected capacity change from 0 to 8192
[  157.375396][T10058] team0: Port device bond0 removed
[  157.396812][T10058] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.409753][T10058] team0: Port device bond0 added
[  157.469685][T10067] loop3: detected capacity change from 0 to 512
[  157.492519][T10067] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1987: bg 0: block 5: invalid block bitmap
[  157.515064][T10067] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  157.526149][T10067] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1987: invalid indirect mapped block 3 (level 2)
[  157.540702][T10067] EXT4-fs (loop3): 1 orphan inode deleted
[  157.546569][T10067] EXT4-fs (loop3): 1 truncate cleaned up
[  157.662056][T10075] loop4: detected capacity change from 0 to 256
[  157.689593][T10075] FAT-fs (loop4): Directory bread(block 64) failed
[  157.705993][T10075] FAT-fs (loop4): Directory bread(block 65) failed
[  157.719759][T10075] FAT-fs (loop4): Directory bread(block 66) failed
[  157.733721][T10075] FAT-fs (loop4): Directory bread(block 67) failed
[  157.749163][T10075] FAT-fs (loop4): Directory bread(block 68) failed
[  157.764422][T10075] FAT-fs (loop4): Directory bread(block 69) failed
[  157.778767][T10075] FAT-fs (loop4): Directory bread(block 70) failed
[  157.792937][T10075] FAT-fs (loop4): Directory bread(block 71) failed
[  157.806897][T10075] FAT-fs (loop4): Directory bread(block 72) failed
[  157.814252][T10075] FAT-fs (loop4): Directory bread(block 73) failed
[  157.898672][T10081] loop4: detected capacity change from 0 to 512
[  157.916764][T10081] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.934388][T10081] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  157.946412][T10081] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  157.958439][T10081] bridge_slave_0: default FDB implementation only supports local addresses
[  157.988169][T10087] loop4: detected capacity change from 0 to 1024
[  157.995413][T10087] ext4: Unknown parameter 'dont_hash'
[  158.038286][T10087] loop4: detected capacity change from 0 to 8192
[  158.126416][T10093] loop4: detected capacity change from 0 to 512
[  158.137025][T10093] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.2002: casefold flag without casefold feature
[  158.162127][T10093] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.2002: couldn't read orphan inode 15 (err -117)
[  158.246345][T10100] loop4: detected capacity change from 0 to 128
[  158.280081][T10103] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2005'.
[  158.323794][T10103] block device autoloading is deprecated and will be removed.
[  158.331457][T10103] syz.4.2005: attempt to access beyond end of device
[  158.331457][T10103] md102: rw=2048, sector=0, nr_sectors = 8 limit=0
[  158.367068][T10108] loop4: detected capacity change from 0 to 1024
[  158.374214][T10108] ext4: Unknown parameter 'dont_hash'
[  158.415666][T10108] loop4: detected capacity change from 0 to 8192
[  158.807033][T10127] loop4: detected capacity change from 0 to 256
[  158.851198][T10127] FAT-fs (loop4): Directory bread(block 64) failed
[  158.879501][T10127] FAT-fs (loop4): Directory bread(block 65) failed
[  158.903996][T10127] FAT-fs (loop4): Directory bread(block 66) failed
[  158.926050][T10127] FAT-fs (loop4): Directory bread(block 67) failed
[  158.954660][T10127] FAT-fs (loop4): Directory bread(block 68) failed
[  158.978513][T10127] FAT-fs (loop4): Directory bread(block 69) failed
[  158.996559][T10127] FAT-fs (loop4): Directory bread(block 70) failed
[  159.003139][T10127] FAT-fs (loop4): Directory bread(block 71) failed
[  159.010325][T10127] FAT-fs (loop4): Directory bread(block 72) failed
[  159.018206][T10127] FAT-fs (loop4): Directory bread(block 73) failed
[  159.053831][T10129] loop2: detected capacity change from 0 to 128
[  159.060529][T10129] vfat: Unknown parameter 'GPL'
[  159.106575][T10135] FAULT_INJECTION: forcing a failure.
[  159.106575][T10135] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.120049][T10135] CPU: 0 UID: 0 PID: 10135 Comm: syz.2.2013 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  159.130815][T10135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  159.140965][T10135] Call Trace:
[  159.144255][T10135]  <TASK>
[  159.147189][T10135]  dump_stack_lvl+0xf2/0x150
[  159.151798][T10135]  dump_stack+0x15/0x20
[  159.156156][T10135]  should_fail_ex+0x229/0x230
[  159.160847][T10135]  should_fail+0xb/0x10
[  159.162453][T10136] netlink: 'syz.0.2011': attribute type 1 has an invalid length.
[  159.165044][T10135]  should_fail_usercopy+0x1a/0x20
[  159.165077][T10135]  strncpy_from_user+0x25/0x270
[  159.165122][T10135]  __se_sys_add_key+0x81/0x320
[  159.165156][T10135]  __x64_sys_add_key+0x67/0x80
[  159.165186][T10135]  x64_sys_call+0x1f0b/0x2e00
[  159.165284][T10135]  do_syscall_64+0xc9/0x1c0
[  159.165313][T10135]  ? clear_bhb_loop+0x55/0xb0
[  159.165391][T10135]  ? clear_bhb_loop+0x55/0xb0
[  159.165475][T10135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.165501][T10135] RIP: 0033:0x7f0a377c7299
[  159.165517][T10135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.165538][T10135] RSP: 002b:00007f0a36447048 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  159.165559][T10135] RAX: ffffffffffffffda RBX: 00007f0a37955f80 RCX: 00007f0a377c7299
[  159.165578][T10135] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000020000000
[  159.165592][T10135] RBP: 00007f0a364470a0 R08: ffffffffffffffff R09: 0000000000000000
[  159.165604][T10135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.165615][T10135] R13: 000000000000000b R14: 00007f0a37955f80 R15: 00007ffc97dfb728
[  159.165653][T10135]  </TASK>
[  159.215656][T10142] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2014'.
[  159.324305][T10145] loop2: detected capacity change from 0 to 512
[  159.341024][T10145] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.2015: casefold flag without casefold feature
[  159.355344][T10145] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2015: couldn't read orphan inode 15 (err -117)
[  159.370084][T10145] EXT4-fs mount: 22 callbacks suppressed
[  159.370101][T10145] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.404317][T10160] FAULT_INJECTION: forcing a failure.
[  159.404317][T10160] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.417733][T10160] CPU: 0 UID: 0 PID: 10160 Comm: syz.4.2019 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  159.428498][T10160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  159.438664][T10160] Call Trace:
[  159.442000][T10160]  <TASK>
[  159.444931][T10160]  dump_stack_lvl+0xf2/0x150
[  159.449625][T10160]  dump_stack+0x15/0x20
[  159.453943][T10160]  should_fail_ex+0x229/0x230
[  159.458632][T10160]  should_fail+0xb/0x10
[  159.462791][T10160]  should_fail_usercopy+0x1a/0x20
[  159.467823][T10160]  _copy_to_user+0x1e/0xa0
[  159.472275][T10160]  simple_read_from_buffer+0xa0/0x110
[  159.477666][T10160]  proc_fail_nth_read+0xfc/0x140
[  159.482599][T10160]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  159.488140][T10160]  vfs_read+0x1a2/0x6e0
[  159.492337][T10160]  ? __rcu_read_unlock+0x4e/0x70
[  159.497269][T10160]  ? __fget_files+0x1da/0x210
[  159.501936][T10160]  ksys_read+0xeb/0x1b0
[  159.506166][T10160]  __x64_sys_read+0x42/0x50
[  159.510666][T10160]  x64_sys_call+0x2a36/0x2e00
[  159.515396][T10160]  do_syscall_64+0xc9/0x1c0
[  159.520044][T10160]  ? clear_bhb_loop+0x55/0xb0
[  159.524723][T10160]  ? clear_bhb_loop+0x55/0xb0
[  159.529395][T10160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.535393][T10160] RIP: 0033:0x7fe0dfb65d7c
[  159.539871][T10160] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  159.559472][T10160] RSP: 002b:00007fe0de7e7040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  159.567923][T10160] RAX: ffffffffffffffda RBX: 00007fe0dfcf5f80 RCX: 00007fe0dfb65d7c
[  159.575925][T10160] RDX: 000000000000000f RSI: 00007fe0de7e70b0 RDI: 0000000000000004
[  159.583930][T10160] RBP: 00007fe0de7e70a0 R08: 0000000000000000 R09: 0000000000000000
[  159.591892][T10160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.599852][T10160] R13: 000000000000000b R14: 00007fe0dfcf5f80 R15: 00007fffd8d6e468
[  159.607846][T10160]  </TASK>
[  159.640166][ T9877] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.952544][   T29] kauditd_printk_skb: 499 callbacks suppressed
[  159.952560][   T29] audit: type=1326 audit(2000000342.931:5792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.0.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2dc97299 code=0x7ffc0000
[  159.986166][   T29] audit: type=1326 audit(2000000342.931:5793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.0.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2dc97299 code=0x7ffc0000
[  160.009828][   T29] audit: type=1326 audit(2000000342.961:5794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.0.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9c2dc95cd0 code=0x7ffc0000
[  160.033354][   T29] audit: type=1326 audit(2000000342.961:5795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.0.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9c2dc95cd0 code=0x7ffc0000
[  160.057017][   T29] audit: type=1326 audit(2000000342.961:5796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.0.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2dc97299 code=0x7ffc0000
[  160.080562][   T29] audit: type=1326 audit(2000000342.961:5797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.0.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2dc97299 code=0x7ffc0000
[  160.105387][   T29] audit: type=1326 audit(2000000342.961:5798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.0.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f9c2dc97299 code=0x7ffc0000
[  160.128977][   T29] audit: type=1326 audit(2000000342.961:5799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.0.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2dc97299 code=0x7ffc0000
[  160.435692][T10183] FAULT_INJECTION: forcing a failure.
[  160.435692][T10183] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  160.449030][T10183] CPU: 1 UID: 0 PID: 10183 Comm: syz.0.2026 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  160.459791][T10183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  160.469870][T10183] Call Trace:
[  160.473245][T10183]  <TASK>
[  160.476161][T10183]  dump_stack_lvl+0xf2/0x150
[  160.480743][T10183]  dump_stack+0x15/0x20
[  160.484882][T10183]  should_fail_ex+0x229/0x230
[  160.489673][T10183]  should_fail_alloc_page+0xfd/0x110
[  160.494998][T10183]  __alloc_pages_noprof+0x109/0x360
[  160.500243][T10183]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  160.505657][T10183]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  160.511145][T10183]  do_wp_page+0x62b/0x22c0
[  160.515573][T10183]  ? __rcu_read_lock+0x36/0x50
[  160.520360][T10183]  handle_mm_fault+0xbf0/0x2940
[  160.525219][T10183]  exc_page_fault+0x296/0x650
[  160.529893][T10183]  asm_exc_page_fault+0x26/0x30
[  160.534758][T10183] RIP: 0010:rep_movs_alternative+0x4a/0x70
[  160.540594][T10183] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[  160.560295][T10183] RSP: 0018:ffffc90001597a28 EFLAGS: 00050206
[  160.566356][T10183] RAX: ffff8881154d1b00 RBX: 00000000200105d0 RCX: 000000000000b7a0
[  160.574369][T10183] RDX: 0000000000000000 RSI: ffff888111ae4af8 RDI: 0000000020015000
[  160.582326][T10183] RBP: ffffc90001597dd0 R08: 0000000080000000 R09: 0000000000000000
[  160.590372][T10183] R10: 0001888111ae00c8 R11: 0001888111af0297 R12: 00000000000101d0
[  160.598333][T10183] R13: 00000000200207a0 R14: ffffc90001597de0 R15: ffff888111ae00c8
[  160.606307][T10183]  _copy_to_iter+0x137/0xaf0
[  160.610901][T10183]  ? tipc_sk_backlog_rcv+0x95/0xc0
[  160.616101][T10183]  ? __pfx_tipc_sk_backlog_rcv+0x10/0x10
[  160.621777][T10183]  ? __virt_addr_valid+0x1ed/0x250
[  160.626947][T10183]  ? __check_object_size+0x35b/0x510
[  160.632247][T10183]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  160.637945][T10183]  __skb_datagram_iter+0xce/0x5c0
[  160.643028][T10183]  ? tipc_wait_for_rcvmsg+0x2ee/0x350
[  160.648487][T10183]  skb_copy_datagram_iter+0x41/0x130
[  160.653781][T10183]  tipc_recvstream+0x2df/0x7e0
[  160.658574][T10183]  ? __pfx_tipc_recvstream+0x10/0x10
[  160.663899][T10183]  sock_recvmsg+0x13f/0x170
[  160.668453][T10183]  ____sys_recvmsg+0xf9/0x280
[  160.673238][T10183]  __sys_recvmsg+0x1ea/0x280
[  160.677824][T10183]  __x64_sys_recvmsg+0x46/0x50
[  160.682660][T10183]  x64_sys_call+0xc6d/0x2e00
[  160.687299][T10183]  do_syscall_64+0xc9/0x1c0
[  160.691800][T10183]  ? clear_bhb_loop+0x55/0xb0
[  160.696503][T10183]  ? clear_bhb_loop+0x55/0xb0
[  160.701179][T10183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.707085][T10183] RIP: 0033:0x7f9c2dc97299
[  160.711518][T10183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.731137][T10183] RSP: 002b:00007f9c2c917048 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  160.739544][T10183] RAX: ffffffffffffffda RBX: 00007f9c2de25f80 RCX: 00007f9c2dc97299
[  160.747534][T10183] RDX: 0000000000001f00 RSI: 0000000020000500 RDI: 0000000000000003
[  160.755501][T10183] RBP: 00007f9c2c9170a0 R08: 0000000000000000 R09: 0000000000000000
[  160.763502][T10183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.771459][T10183] R13: 000000000000000b R14: 00007f9c2de25f80 R15: 00007fffa460b458
[  160.779488][T10183]  </TASK>
[  161.010197][T10198] loop2: detected capacity change from 0 to 512
[  161.068019][T10198] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.2031: casefold flag without casefold feature
[  161.082217][T10198] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2031: couldn't read orphan inode 15 (err -117)
[  161.096701][T10198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.184994][ T9877] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.214097][T10205] loop2: detected capacity change from 0 to 512
[  161.237253][T10205] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  161.250352][T10205] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.268519][T10205] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  161.280577][T10205] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  161.292532][T10205] bridge_slave_0: default FDB implementation only supports local addresses
[  161.307766][ T9877] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  161.327251][T10213] loop2: detected capacity change from 0 to 128
[  161.338032][   T29] audit: type=1326 audit(2000000344.321:5800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10212 comm="syz.2.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a377c7299 code=0x7ffc0000
[  161.366865][   T29] audit: type=1326 audit(2000000344.341:5801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10212 comm="syz.2.2034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a377c7299 code=0x7ffc0000
[  161.686267][T10232] loop3: detected capacity change from 0 to 1024
[  161.701649][T10232] ext4: Unknown parameter 'dont_hash'
[  161.741806][T10232] loop3: detected capacity change from 0 to 8192
[  162.019160][T10238] loop3: detected capacity change from 0 to 512
[  162.027460][T10238] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2042: casefold flag without casefold feature
[  162.041465][T10238] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2042: couldn't read orphan inode 15 (err -117)
[  162.056581][T10238] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.125999][ T4584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.163011][T10243] loop3: detected capacity change from 0 to 1024
[  162.170850][T10243] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.178402][T10243] journal_path: Lookup failure for './file0/../file0'
[  162.185270][T10243] EXT4-fs: error: could not find journal device path
[  162.270271][T10249] loop3: detected capacity change from 0 to 512
[  162.299856][T10249] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  162.312511][T10249] ext4 filesystem being mounted at /383/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.331299][T10258] loop2: detected capacity change from 0 to 128
[  162.339887][T10249] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  162.351873][T10249] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  162.365159][T10249] bridge_slave_0: default FDB implementation only supports local addresses
[  162.374323][T10252] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2047'.
[  162.391107][ T4584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  162.432189][T10264] loop2: detected capacity change from 0 to 1024
[  162.438917][T10264] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.445996][T10264] journal_path: Lookup failure for './file0/../file0'
[  162.448651][    C0] eth0: bad gso: type: 1, size: 1408
[  162.452754][T10264] EXT4-fs: error: could not find journal device path
[  162.487952][T10272] loop3: detected capacity change from 0 to 1024
[  162.494591][T10272] ext4: Unknown parameter 'dont_hash'
[  162.527729][T10272] loop3: detected capacity change from 0 to 8192
[  162.758075][T10282] loop3: detected capacity change from 0 to 1024
[  162.764895][T10282] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.771393][T10282] journal_path: Lookup failure for './file0/../file0'
[  162.778217][T10282] EXT4-fs: error: could not find journal device path
[  163.410831][T10295] loop2: detected capacity change from 0 to 1024
[  163.418978][T10295] ext4: Unknown parameter 'dont_hash'
[  163.459374][T10295] loop2: detected capacity change from 0 to 8192
[  163.697644][T10299] loop2: detected capacity change from 0 to 128
[  163.740185][T10303] loop2: detected capacity change from 0 to 128
[  163.750180][T10303] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2062'.
[  163.848430][T10308] loop2: detected capacity change from 0 to 1024
[  163.857865][T10310] loop3: detected capacity change from 0 to 1024
[  163.866861][T10312] bridge_slave_0: default FDB implementation only supports local addresses
[  163.873410][T10308] EXT4-fs: Ignoring removed mblk_io_submit option
[  163.875810][T10310] ext4: Unknown parameter 'dont_hash'
[  163.883645][T10308] journal_path: Lookup failure for './file0/../file0'
[  163.894366][T10308] EXT4-fs: error: could not find journal device path
[  163.949718][T10310] loop3: detected capacity change from 0 to 8192
[  164.011350][T10330] loop2: detected capacity change from 0 to 512
[  164.016013][T10313] chnl_net:caif_netlink_parms(): no params data found
[  164.033232][T10330] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.2069: casefold flag without casefold feature
[  164.047438][T10330] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2069: couldn't read orphan inode 15 (err -117)
[  164.060329][T10330] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.074529][   T57] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.117563][T10313] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.125063][T10313] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.133022][T10313] bridge_slave_0: entered allmulticast mode
[  164.142386][T10313] bridge_slave_0: entered promiscuous mode
[  164.152112][   T57] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.165028][T10313] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.166094][ T9877] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.172120][T10313] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.189697][T10313] bridge_slave_1: entered allmulticast mode
[  164.197104][T10313] bridge_slave_1: entered promiscuous mode
[  164.217012][T10313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  164.227598][T10313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.241079][   T57] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.266891][T10313] team0: Port device team_slave_0 added
[  164.280569][T10313] team0: Port device team_slave_1 added
[  164.301369][T10313] batman_adv: batadv0: Adding interface: batadv_slave_0
[  164.308439][T10313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.334477][T10313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  164.349191][T10344] netlink: 'syz.2.2073': attribute type 10 has an invalid length.
[  164.349641][   T57] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.368999][T10313] batman_adv: batadv0: Adding interface: batadv_slave_1
[  164.373153][T10344] loop2: detected capacity change from 0 to 1024
[  164.376003][T10313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.376032][T10313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  164.426490][T10344] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  164.436036][T10348] Invalid ELF header type: 0 != 1
[  164.439028][T10344] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  164.452256][T10313] hsr_slave_0: entered promiscuous mode
[  164.452690][T10344] EXT4-fs (loop2): orphan cleanup on readonly fs
[  164.465378][T10313] hsr_slave_1: entered promiscuous mode
[  164.465450][T10344] EXT4-fs error (device loop2): __ext4_get_inode_loc:4436: comm syz.2.2073: Invalid inode table block 0 in block_group 0
[  164.483867][T10344] EXT4-fs (loop2): Remounting filesystem read-only
[  164.490468][T10344] EXT4-fs (loop2): 1 truncate cleaned up
[  164.490596][T10313] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  164.503979][T10313] Cannot create hsr debugfs directory
[  164.504526][T10344] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  164.523213][T10344] SELinux: (dev loop2, type ext4) getxattr errno 5
[  164.532652][T10344] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.585143][T10356] loop2: detected capacity change from 0 to 1024
[  164.586090][   T57] bridge_slave_1: left allmulticast mode
[  164.597232][   T57] bridge_slave_1: left promiscuous mode
[  164.602833][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.604102][T10356] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  164.619224][   T57] bridge_slave_0: left allmulticast mode
[  164.624934][   T57] bridge_slave_0: left promiscuous mode
[  164.630642][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.736666][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  164.747630][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  164.758314][   T57] bond0 (unregistering): Released all slaves
[  164.774440][T10356] veth0_macvtap: left promiscuous mode
[  164.916021][   T57] hsr_slave_0: left promiscuous mode
[  164.921654][   T57] hsr_slave_1: left promiscuous mode
[  164.927440][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.934884][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.942525][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.950068][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[  164.971987][   T57] veth1_vlan: left promiscuous mode
[  164.977394][   T57] veth0_vlan: left promiscuous mode
[  165.070116][   T57] team0 (unregistering): Port device team_slave_1 removed
[  165.082302][   T57] team0 (unregistering): Port device team_slave_0 removed
[  165.264914][T10371] loop2: detected capacity change from 0 to 1024
[  165.271612][T10371] EXT4-fs: Ignoring removed mblk_io_submit option
[  165.278217][T10371] journal_path: Lookup failure for './file0/../file0'
[  165.285214][T10371] EXT4-fs: error: could not find journal device path
[  165.308966][T10313] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  165.317481][T10313] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  165.326813][T10313] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  165.336127][T10313] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  165.374970][T10313] 8021q: adding VLAN 0 to HW filter on device bond0
[  165.389041][T10313] 8021q: adding VLAN 0 to HW filter on device team0
[  165.401437][ T9215] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.408591][ T9215] bridge0: port 1(bridge_slave_0) entered forwarding state
[  165.765533][T10379] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2083'.
[  165.776123][ T3416] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.783260][ T3416] bridge0: port 2(bridge_slave_1) entered forwarding state
[  165.826587][T10388] loop3: detected capacity change from 0 to 512
[  165.835674][T10388] EXT4-fs (loop3): Can't support bigalloc feature without extents feature
[  165.835674][T10388] 
[  165.846659][T10388] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  165.858198][T10388] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  165.870975][T10313] 8021q: adding VLAN 0 to HW filter on device batadv0
[  165.887916][ T4584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.934708][T10408] loop3: detected capacity change from 0 to 128
[  165.947060][   T29] kauditd_printk_skb: 24 callbacks suppressed
[  165.947074][   T29] audit: type=1326 audit(2000000348.931:5824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10407 comm="syz.3.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  165.948980][T10313] veth0_vlan: entered promiscuous mode
[  165.953271][   T29] audit: type=1326 audit(2000000348.931:5825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10407 comm="syz.3.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7913b15cd0 code=0x7ffc0000
[  165.988855][T10313] veth1_vlan: entered promiscuous mode
[  166.005600][   T29] audit: type=1326 audit(2000000348.931:5826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10407 comm="syz.3.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7913b15cd0 code=0x7ffc0000
[  166.025131][T10313] veth0_macvtap: entered promiscuous mode
[  166.034539][   T29] audit: type=1326 audit(2000000348.931:5827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10407 comm="syz.3.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  166.065426][   T29] audit: type=1326 audit(2000000349.031:5828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10407 comm="syz.3.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  166.068688][T10313] veth1_macvtap: entered promiscuous mode
[  166.088937][   T29] audit: type=1326 audit(2000000349.031:5829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10407 comm="syz.3.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  166.101062][T10313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  166.118767][   T29] audit: type=1326 audit(2000000349.031:5830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10407 comm="syz.3.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  166.118866][   T29] audit: type=1326 audit(2000000349.031:5831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10407 comm="syz.3.2087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7913b17299 code=0x7ffc0000
[  166.129287][T10313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.129306][T10313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  166.129322][T10313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.129338][T10313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  166.129352][T10313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.131556][T10313] batman_adv: batadv0: Interface activated: batadv_slave_0
[  166.242234][T10313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  166.253273][T10313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.263138][T10313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  166.274213][T10313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.284098][T10313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  166.294538][T10313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.305008][T10313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  166.315518][T10313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.327886][T10313] batman_adv: batadv0: Interface activated: batadv_slave_1
[  166.337237][T10313] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  166.345999][T10313] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  166.354778][T10313] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  166.363530][T10313] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  166.399496][T10414] loop2: detected capacity change from 0 to 1024
[  166.406367][T10414] ext4: Unknown parameter 'dont_hash'
[  166.446213][T10419] loop1: detected capacity change from 0 to 1024
[  166.450644][T10414] loop2: detected capacity change from 0 to 8192
[  166.452827][T10419] EXT4-fs: Ignoring removed mblk_io_submit option
[  166.466898][T10419] journal_path: Lookup failure for './file0/../file0'
[  166.473731][T10419] EXT4-fs: error: could not find journal device path
[  166.712899][T10434] loop2: detected capacity change from 0 to 2048
[  166.754307][T10434]  loop2: p1 p4
[  166.758236][T10434] loop2: p4 size 8388608 extends beyond EOD, truncated
[  166.770426][   T29] audit: type=1400 audit(2000000349.761:5832): avc:  denied  { read } for  pid=10433 comm="syz.2.2094" name="loop2p4" dev="devtmpfs" ino=856 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  166.793918][   T29] audit: type=1400 audit(2000000349.761:5833): avc:  denied  { open } for  pid=10433 comm="syz.2.2094" path="/dev/loop2p4" dev="devtmpfs" ino=856 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  166.831333][T10438] loop2: detected capacity change from 0 to 512
[  166.840008][T10438] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.2095: casefold flag without casefold feature
[  166.853382][T10438] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2095: couldn't read orphan inode 15 (err -117)
[  166.866465][T10438] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.882286][T10438] FAULT_INJECTION: forcing a failure.
[  166.882286][T10438] name failslab, interval 1, probability 0, space 0, times 0
[  166.895598][T10438] CPU: 1 UID: 0 PID: 10438 Comm: syz.2.2095 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  166.906372][T10438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  166.916474][T10438] Call Trace:
[  166.919853][T10438]  <TASK>
[  166.922796][T10438]  dump_stack_lvl+0xf2/0x150
[  166.927468][T10438]  dump_stack+0x15/0x20
[  166.931703][T10438]  should_fail_ex+0x229/0x230
[  166.936383][T10438]  ? getname_flags+0x81/0x3b0
[  166.941126][T10438]  should_failslab+0x8f/0xb0
[  166.945770][T10438]  kmem_cache_alloc_noprof+0x4c/0x290
[  166.951208][T10438]  getname_flags+0x81/0x3b0
[  166.955717][T10438]  user_path_at+0x26/0x110
[  166.960144][T10438]  __x64_sys_llistxattr+0x73/0x130
[  166.965271][T10438]  x64_sys_call+0x2874/0x2e00
[  166.969982][T10438]  do_syscall_64+0xc9/0x1c0
[  166.974491][T10438]  ? clear_bhb_loop+0x55/0xb0
[  166.979172][T10438]  ? clear_bhb_loop+0x55/0xb0
[  166.983854][T10438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.989749][T10438] RIP: 0033:0x7f0a377c7299
[  166.994229][T10438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.013899][T10438] RSP: 002b:00007f0a36447048 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[  167.022312][T10438] RAX: ffffffffffffffda RBX: 00007f0a37955f80 RCX: 00007f0a377c7299
[  167.030341][T10438] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200000c0
[  167.038316][T10438] RBP: 00007f0a364470a0 R08: 0000000000000000 R09: 0000000000000000
[  167.046289][T10438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.054261][T10438] R13: 000000000000000b R14: 00007f0a37955f80 R15: 00007ffc97dfb728
[  167.062265][T10438]  </TASK>
[  167.102881][ T9877] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.258679][    C0] eth0: bad gso: type: 1, size: 1408
[  167.480215][T10460] loop2: detected capacity change from 0 to 512
[  167.511592][T10460] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.2098: bg 0: block 5: invalid block bitmap
[  167.574447][T10460] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  167.585878][T10460] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.2098: invalid indirect mapped block 3 (level 2)
[  167.637867][T10460] EXT4-fs (loop2): 1 orphan inode deleted
[  167.643665][T10460] EXT4-fs (loop2): 1 truncate cleaned up
[  167.658139][T10460] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.691429][T10465] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2101'.
[  167.706383][T10465] loop1: detected capacity change from 0 to 512
[  167.713085][T10465] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  167.723968][T10465] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  167.731948][T10465] System zones: 1-12
[  167.737013][T10465] EXT4-fs (loop1): 1 truncate cleaned up
[  167.743255][T10465] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.759514][T10465] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #14: comm syz.1.2101: attempt to clear invalid blocks 1886221359 len 1
[  167.811025][T10313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.840192][T10470] loop1: detected capacity change from 0 to 512
[  167.847538][T10470] EXT4-fs: Ignoring removed bh option
[  167.853025][T10470] ext4: Bad value for 'sb'
[  167.950795][T10474] loop1: detected capacity change from 0 to 1024
[  167.957541][T10474] EXT4-fs: Ignoring removed mblk_io_submit option
[  167.966111][T10474] journal_path: Lookup failure for './file0/../file0'
[  167.972935][T10474] EXT4-fs: error: could not find journal device path
[  168.085353][T10485] loop1: detected capacity change from 0 to 1024
[  168.091894][T10485] EXT4-fs: Ignoring removed mblk_io_submit option
[  168.099560][T10485] journal_path: Lookup failure for './file0/../file0'
[  168.106394][T10485] EXT4-fs: error: could not find journal device path
[  168.117624][T10491] xt_TCPMSS: Only works on TCP SYN packets
[  168.251505][    C0] eth0: bad gso: type: 1, size: 1408
[  168.323750][T10504] loop1: detected capacity change from 0 to 512
[  168.330471][T10504] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  168.341820][T10504] EXT4-fs (loop1): 1 truncate cleaned up
[  168.348827][T10504] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.496316][ T9877] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.581666][T10511] loop2: detected capacity change from 0 to 1024
[  168.588302][T10511] EXT4-fs: Ignoring removed mblk_io_submit option
[  168.595361][T10511] journal_path: Lookup failure for './file0/../file0'
[  168.602138][T10511] EXT4-fs: error: could not find journal device path
[  168.687203][T10516] loop2: detected capacity change from 0 to 128
[  168.726559][T10518] loop2: detected capacity change from 0 to 1024
[  168.733110][T10518] EXT4-fs: Ignoring removed mblk_io_submit option
[  168.740139][T10518] journal_path: Lookup failure for './file0/../file0'
[  168.746968][T10518] EXT4-fs: error: could not find journal device path
[  168.853251][T10527] loop2: detected capacity change from 0 to 256
[  168.866844][T10527] FAT-fs (loop2): Directory bread(block 64) failed
[  168.873396][T10527] FAT-fs (loop2): Directory bread(block 65) failed
[  168.879981][T10527] FAT-fs (loop2): Directory bread(block 66) failed
[  168.886506][T10527] FAT-fs (loop2): Directory bread(block 67) failed
[  168.893031][T10527] FAT-fs (loop2): Directory bread(block 68) failed
[  168.899677][T10527] FAT-fs (loop2): Directory bread(block 69) failed
[  168.906191][T10527] FAT-fs (loop2): Directory bread(block 70) failed
[  168.912676][T10527] FAT-fs (loop2): Directory bread(block 71) failed
[  168.919389][T10527] FAT-fs (loop2): Directory bread(block 72) failed
[  168.925910][T10527] FAT-fs (loop2): Directory bread(block 73) failed
[  168.989887][T10533] FAULT_INJECTION: forcing a failure.
[  168.989887][T10533] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.003031][T10533] CPU: 1 UID: 0 PID: 10533 Comm: syz.3.2126 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  169.013798][T10533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  169.023834][T10533] Call Trace:
[  169.027150][T10533]  <TASK>
[  169.030063][T10533]  dump_stack_lvl+0xf2/0x150
[  169.034641][T10533]  dump_stack+0x15/0x20
[  169.038780][T10533]  should_fail_ex+0x229/0x230
[  169.043453][T10533]  should_fail+0xb/0x10
[  169.047596][T10533]  should_fail_usercopy+0x1a/0x20
[  169.052703][T10533]  _copy_from_iter+0xd3/0xb00
[  169.057421][T10533]  ? alloc_pages_mpol_noprof+0xd5/0x1e0
[  169.062950][T10533]  copy_page_from_iter+0x14f/0x280
[  169.068119][T10533]  tun_get_user+0x689/0x24b0
[  169.072694][T10533]  ? kstrtoull+0x110/0x140
[  169.077126][T10533]  ? ref_tracker_alloc+0x1f5/0x2f0
[  169.082229][T10533]  tun_chr_write_iter+0x18e/0x240
[  169.087268][T10533]  vfs_write+0x78f/0x900
[  169.091554][T10533]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  169.097142][T10533]  ksys_write+0xeb/0x1b0
[  169.101439][T10533]  __x64_sys_write+0x42/0x50
[  169.106019][T10533]  x64_sys_call+0x2a40/0x2e00
[  169.110763][T10533]  do_syscall_64+0xc9/0x1c0
[  169.115269][T10533]  ? clear_bhb_loop+0x55/0xb0
[  169.119961][T10533]  ? clear_bhb_loop+0x55/0xb0
[  169.124637][T10533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.130606][T10533] RIP: 0033:0x7f7913b15e1f
[  169.135008][T10533] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  169.154682][T10533] RSP: 002b:00007f7912797010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  169.163149][T10533] RAX: ffffffffffffffda RBX: 00007f7913ca5f80 RCX: 00007f7913b15e1f
[  169.171107][T10533] RDX: 0000000000000083 RSI: 0000000020000240 RDI: 00000000000000c8
[  169.179071][T10533] RBP: 00007f79127970a0 R08: 0000000000000000 R09: 0000000000000000
[  169.187023][T10533] R10: 0000000000000083 R11: 0000000000000293 R12: 0000000000000001
[  169.195007][T10533] R13: 000000000000000b R14: 00007f7913ca5f80 R15: 00007ffc8ab3ff18
[  169.202967][T10533]  </TASK>
[  169.574421][T10313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.603042][T10545] loop3: detected capacity change from 0 to 512
[  169.625610][T10545] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2127: bg 0: block 5: invalid block bitmap
[  169.641836][T10545] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  169.656837][T10545] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.2127: invalid indirect mapped block 3 (level 2)
[  169.671268][T10545] EXT4-fs (loop3): 1 orphan inode deleted
[  169.671288][T10545] EXT4-fs (loop3): 1 truncate cleaned up
[  169.671527][T10545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.716718][T10557] loop1: detected capacity change from 0 to 1024
[  169.723365][T10557] EXT4-fs: Ignoring removed mblk_io_submit option
[  169.730768][T10557] journal_path: Lookup failure for './file0/../file0'
[  169.737614][T10557] EXT4-fs: error: could not find journal device path
[  169.760178][T10546] chnl_net:caif_netlink_parms(): no params data found
[  169.792602][T10546] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.799755][T10546] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.807228][T10546] bridge_slave_0: entered allmulticast mode
[  169.836754][T10546] bridge_slave_0: entered promiscuous mode
[  169.849850][   T50] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.852109][T10570] loop2: detected capacity change from 0 to 128
[  169.870538][T10546] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.877879][T10546] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.885618][T10546] bridge_slave_1: entered allmulticast mode
[  169.892521][T10546] bridge_slave_1: entered promiscuous mode
[  169.916323][T10546] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  169.933121][T10546] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  169.945693][T10580] loop2: detected capacity change from 0 to 256
[  169.955698][   T50] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.971371][T10580] FAT-fs (loop2): Directory bread(block 64) failed
[  169.979451][T10580] FAT-fs (loop2): Directory bread(block 65) failed
[  169.986993][T10580] FAT-fs (loop2): Directory bread(block 66) failed
[  169.995911][T10580] FAT-fs (loop2): Directory bread(block 67) failed
[  170.002477][T10580] FAT-fs (loop2): Directory bread(block 68) failed
[  170.009094][T10580] FAT-fs (loop2): Directory bread(block 69) failed
[  170.016875][T10580] FAT-fs (loop2): Directory bread(block 70) failed
[  170.023410][T10580] FAT-fs (loop2): Directory bread(block 71) failed
[  170.030768][T10580] FAT-fs (loop2): Directory bread(block 72) failed
[  170.037683][T10580] FAT-fs (loop2): Directory bread(block 73) failed
[  170.047343][   T50] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.068829][T10546] team0: Port device team_slave_0 added
[  170.078472][T10546] team0: Port device team_slave_1 added
[  170.097553][T10546] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.104674][T10546] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.131275][T10546] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.145790][   T50] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.163404][T10546] batman_adv: batadv0: Adding interface: batadv_slave_1
[  170.170473][T10546] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.197051][T10546] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  170.224403][T10546] hsr_slave_0: entered promiscuous mode
[  170.230455][T10546] hsr_slave_1: entered promiscuous mode
[  170.236458][T10546] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  170.244531][T10546] Cannot create hsr debugfs directory
[  170.277055][   T50] bridge_slave_1: left allmulticast mode
[  170.282746][   T50] bridge_slave_1: left promiscuous mode
[  170.288907][   T50] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.296737][   T50] bridge_slave_0: left allmulticast mode
[  170.302381][   T50] bridge_slave_0: left promiscuous mode
[  170.308078][   T50] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.379208][   T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  170.391829][   T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  170.402069][   T50] bond0 (unregistering): Released all slaves
[  170.475071][   T50] hsr_slave_0: left promiscuous mode
[  170.480755][   T50] hsr_slave_1: left promiscuous mode
[  170.486708][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  170.494166][   T50] batman_adv: batadv0: Removing interface: batadv_slave_0
[  170.502199][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  170.509648][   T50] batman_adv: batadv0: Removing interface: batadv_slave_1
[  170.518414][   T50] veth1_vlan: left promiscuous mode
[  170.523964][   T50] veth0_vlan: left promiscuous mode
[  170.588167][   T50] team0 (unregistering): Port device team_slave_1 removed
[  170.598270][   T50] team0 (unregistering): Port device team_slave_0 removed
[  170.671487][ T4584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.008241][T10546] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  171.052503][T10546] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  171.120402][T10546] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  171.132324][T10546] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  171.177541][T10616] loop2: detected capacity change from 0 to 128
[  171.193283][   T29] kauditd_printk_skb: 29 callbacks suppressed
[  171.193298][   T29] audit: type=1326 audit(2000000354.171:5863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10615 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a377c7299 code=0x7ffc0000
[  171.209728][T10546] 8021q: adding VLAN 0 to HW filter on device bond0
[  171.223249][   T29] audit: type=1326 audit(2000000354.171:5864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10615 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0a377c5cd0 code=0x7ffc0000
[  171.223351][   T29] audit: type=1326 audit(2000000354.171:5865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10615 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0a377c5cd0 code=0x7ffc0000
[  171.223381][   T29] audit: type=1326 audit(2000000354.171:5866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10615 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a377c7299 code=0x7ffc0000
[  171.223473][   T29] audit: type=1326 audit(2000000354.171:5867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10615 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f0a377c7299 code=0x7ffc0000
[  171.223496][   T29] audit: type=1326 audit(2000000354.171:5868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10615 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a377c7299 code=0x7ffc0000
[  171.223586][   T29] audit: type=1326 audit(2000000354.171:5869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10615 comm="syz.2.2146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a377c7299 code=0x7ffc0000
[  171.261330][T10621] loop2: detected capacity change from 0 to 256
[  171.284390][T10546] 8021q: adding VLAN 0 to HW filter on device team0
[  171.390983][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.395552][T10621] FAT-fs (loop2): Directory bread(block 64) failed
[  171.398119][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[  171.407185][T10621] FAT-fs (loop2): Directory bread(block 65) failed
[  171.417761][ T9215] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.419015][T10621] FAT-fs (loop2): Directory bread(block 66) failed
[  171.425280][ T9215] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.431895][T10621] FAT-fs (loop2): Directory bread(block 67) failed
[  171.445749][T10621] FAT-fs (loop2): Directory bread(block 68) failed
[  171.452441][T10621] FAT-fs (loop2): Directory bread(block 69) failed
[  171.460110][T10621] FAT-fs (loop2): Directory bread(block 70) failed
[  171.466949][T10621] FAT-fs (loop2): Directory bread(block 71) failed
[  171.473714][T10621] FAT-fs (loop2): Directory bread(block 72) failed
[  171.480274][T10621] FAT-fs (loop2): Directory bread(block 73) failed
[  171.509902][T10546] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.603151][T10635] loop2: detected capacity change from 0 to 1024
[  171.610863][T10635] EXT4-fs: Ignoring removed mblk_io_submit option
[  171.617548][T10635] journal_path: Lookup failure for './file0/../file0'
[  171.624382][T10635] EXT4-fs: error: could not find journal device path
[  171.697476][T10546] veth0_vlan: entered promiscuous mode
[  171.709200][T10546] veth1_vlan: entered promiscuous mode
[  171.728537][T10546] veth0_macvtap: entered promiscuous mode
[  171.737128][T10546] veth1_macvtap: entered promiscuous mode
[  171.748259][T10546] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.759087][T10546] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.759104][T10546] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.780062][T10546] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.780080][T10546] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.780092][T10546] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.781106][T10546] batman_adv: batadv0: Interface activated: batadv_slave_0
[  171.819235][T10546] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.830468][T10546] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.840418][T10546] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.850865][T10546] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.861320][T10546] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.871859][T10546] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.881684][T10546] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.892818][T10546] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.905584][T10546] batman_adv: batadv0: Interface activated: batadv_slave_1
[  171.917050][   T29] audit: type=1326 audit(2000000354.901:5870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10665 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2dc97299 code=0x7ffc0000
[  171.918614][T10546] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.949943][T10546] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.958794][T10546] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.967688][T10546] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  171.979161][   T29] audit: type=1326 audit(2000000354.931:5871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10665 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9c2dc95cd0 code=0x7ffc0000
[  172.002711][   T29] audit: type=1326 audit(2000000354.931:5872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10665 comm="syz.0.2157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9c2dc95cd0 code=0x7ffc0000
[  172.005644][T10670] loop1: detected capacity change from 0 to 256
[  172.045873][T10670] FAT-fs (loop1): Directory bread(block 64) failed
[  172.045930][T10670] FAT-fs (loop1): Directory bread(block 65) failed
[  172.045955][T10670] FAT-fs (loop1): Directory bread(block 66) failed
[  172.045973][T10670] FAT-fs (loop1): Directory bread(block 67) failed
[  172.045996][T10670] FAT-fs (loop1): Directory bread(block 68) failed
[  172.046011][T10670] FAT-fs (loop1): Directory bread(block 69) failed
[  172.046114][T10670] FAT-fs (loop1): Directory bread(block 70) failed
[  172.046193][T10670] FAT-fs (loop1): Directory bread(block 71) failed
[  172.046212][T10670] FAT-fs (loop1): Directory bread(block 72) failed
[  172.046227][T10670] FAT-fs (loop1): Directory bread(block 73) failed
[  172.122151][T10676] loop1: detected capacity change from 0 to 1024
[  172.126597][T10676] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  172.137991][T10676] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  172.188328][T10676] EXT4-fs (loop1): orphan cleanup on readonly fs
[  172.188575][T10676] EXT4-fs error (device loop1): ext4_free_blocks:6590: comm syz.1.2160: Freeing blocks not in datazone - block = 0, count = 4096
[  172.208639][T10676] EXT4-fs (loop1): 1 orphan inode deleted
[  172.209039][T10676] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  172.232100][T10676] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 16: comm syz.1.2160: path /20/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  172.253142][T10676] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 17: comm syz.1.2160: path /20/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  172.277011][T10676] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 18: comm syz.1.2160: path /20/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  172.301220][T10676] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 19: comm syz.1.2160: path /20/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  172.327882][T10676] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 20: comm syz.1.2160: path /20/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  172.351036][T10676] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 21: comm syz.1.2160: path /20/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  172.374246][T10676] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 22: comm syz.1.2160: path /20/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  172.400061][T10689] team0: entered promiscuous mode
[  172.405181][T10689] team_slave_0: entered promiscuous mode
[  172.410990][T10689] team_slave_1: entered promiscuous mode
[  172.419253][T10689] syz_tun: entered promiscuous mode
[  172.426211][T10676] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 23: comm syz.1.2160: path /20/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  172.525421][T10673] syz_tun: left promiscuous mode
[  172.530516][T10673] team0: left promiscuous mode
[  172.535338][T10673] team_slave_0: left promiscuous mode
[  172.540927][T10673] team_slave_1: left promiscuous mode
[  172.567172][T10313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.596551][T10697] loop1: detected capacity change from 0 to 1024
[  172.603071][T10693] loop2: detected capacity change from 0 to 1024
[  172.603304][T10697] ext4: Unknown parameter 'dont_hash'
[  172.611696][T10693] EXT4-fs: Ignoring removed mblk_io_submit option
[  172.624233][T10693] journal_path: Lookup failure for './file0/../file0'
[  172.631054][T10693] EXT4-fs: error: could not find journal device path
[  172.676901][T10697] loop1: detected capacity change from 0 to 8192
[  172.736590][T10706] loop2: detected capacity change from 0 to 128
[  172.769821][T10709] loop2: detected capacity change from 0 to 256
[  172.786689][T10709] FAT-fs (loop2): Directory bread(block 64) failed
[  172.793368][T10709] FAT-fs (loop2): Directory bread(block 65) failed
[  172.800330][T10709] FAT-fs (loop2): Directory bread(block 66) failed
[  172.807108][T10709] FAT-fs (loop2): Directory bread(block 67) failed
[  172.814878][T10709] FAT-fs (loop2): Directory bread(block 68) failed
[  172.821448][T10709] FAT-fs (loop2): Directory bread(block 69) failed
[  172.828400][T10709] FAT-fs (loop2): Directory bread(block 70) failed
[  172.843092][T10709] FAT-fs (loop2): Directory bread(block 71) failed
[  172.858989][T10709] FAT-fs (loop2): Directory bread(block 72) failed
[  172.874576][T10709] FAT-fs (loop2): Directory bread(block 73) failed
[  172.892295][T10714] gretap0: entered allmulticast mode
[  172.898161][T10714] syzkaller0: entered allmulticast mode
[  172.906054][T10714] syzkaller0 (unregistering): left allmulticast mode
[  172.978608][T10723] loop2: detected capacity change from 0 to 256
[  172.991698][T10723] FAT-fs (loop2): Directory bread(block 64) failed
[  172.998890][T10723] FAT-fs (loop2): Directory bread(block 65) failed
[  173.005968][T10723] FAT-fs (loop2): Directory bread(block 66) failed
[  173.012509][T10723] FAT-fs (loop2): Directory bread(block 67) failed
[  173.019123][T10723] FAT-fs (loop2): Directory bread(block 68) failed
[  173.019153][T10713] gretap0: left allmulticast mode
[  173.026362][T10723] FAT-fs (loop2): Directory bread(block 69) failed
[  173.037337][T10723] FAT-fs (loop2): Directory bread(block 70) failed
[  173.040298][T10729] loop3: detected capacity change from 0 to 512
[  173.044060][T10723] FAT-fs (loop2): Directory bread(block 71) failed
[  173.070303][T10723] FAT-fs (loop2): Directory bread(block 72) failed
[  173.077596][T10729] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2168: bg 0: block 5: invalid block bitmap
[  173.085020][T10723] FAT-fs (loop2): Directory bread(block 73) failed
[  173.100633][T10729] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  173.115209][T10729] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.2168: invalid indirect mapped block 3 (level 2)
[  173.115444][T10729] EXT4-fs (loop3): 1 orphan inode deleted
[  173.115459][T10729] EXT4-fs (loop3): 1 truncate cleaned up
[  173.115915][T10729] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.141762][T10723] tap0: tun_chr_ioctl cmd 2147767519
[  173.189962][T10746] loop4: detected capacity change from 0 to 1024
[  173.190285][T10746] EXT4-fs: Ignoring removed mblk_io_submit option
[  173.203299][T10746] journal_path: Lookup failure for './file0/../file0'
[  173.203317][T10746] EXT4-fs: error: could not find journal device path
[  173.304165][T10756] vcan0: tx drop: invalid da for name 0x00000000000000c7
[  173.326600][T10758] loop4: detected capacity change from 0 to 512
[  173.345234][T10758] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  173.358001][T10758] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.369720][T10756] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2185'.
[  173.375605][T10758] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  173.391489][T10758] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  173.403415][T10758] bridge_slave_0: default FDB implementation only supports local addresses
[  173.422074][T10546] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  173.460370][T10767] loop2: detected capacity change from 0 to 4096
[  173.468705][T10767] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.513156][ T9877] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.872483][T10782] loop2: detected capacity change from 0 to 128
[  173.927986][T10791] loop2: detected capacity change from 0 to 512
[  173.936060][T10791] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.2197: casefold flag without casefold feature
[  173.948956][T10791] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2197: couldn't read orphan inode 15 (err -117)
[  173.961976][T10791] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.116245][T10803] FAULT_INJECTION: forcing a failure.
[  174.116245][T10803] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  174.129611][T10803] CPU: 0 UID: 0 PID: 10803 Comm: syz.0.2198 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  174.140463][T10803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  174.150518][T10803] Call Trace:
[  174.153829][T10803]  <TASK>
[  174.156829][T10803]  dump_stack_lvl+0xf2/0x150
[  174.161431][T10803]  dump_stack+0x15/0x20
[  174.165674][T10803]  should_fail_ex+0x229/0x230
[  174.170354][T10803]  should_fail_alloc_page+0xfd/0x110
[  174.175646][T10803]  __alloc_pages_noprof+0x109/0x360
[  174.180877][T10803]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  174.186295][T10803]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  174.191671][T10803]  handle_mm_fault+0xb31/0x2940
[  174.196598][T10803]  ? follow_page_pte+0x35f/0xc40
[  174.201552][T10803]  __get_user_pages+0x499/0x10d0
[  174.206504][T10803]  __mm_populate+0x25b/0x3b0
[  174.211181][T10803]  vm_mmap_pgoff+0x1d6/0x290
[  174.215771][T10803]  ksys_mmap_pgoff+0x292/0x340
[  174.220540][T10803]  x64_sys_call+0x1940/0x2e00
[  174.225221][T10803]  do_syscall_64+0xc9/0x1c0
[  174.229732][T10803]  ? clear_bhb_loop+0x55/0xb0
[  174.234481][T10803]  ? clear_bhb_loop+0x55/0xb0
[  174.239206][T10803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.245112][T10803] RIP: 0033:0x7f9c2dc97299
[  174.249537][T10803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.269215][T10803] RSP: 002b:00007f9c2c8f6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  174.277622][T10803] RAX: ffffffffffffffda RBX: 00007f9c2de26058 RCX: 00007f9c2dc97299
[  174.285583][T10803] RDX: 0000000000000002 RSI: 0000000000b36000 RDI: 0000000020000000
[  174.293544][T10803] RBP: 00007f9c2c8f60a0 R08: 0000000000000003 R09: 0000000000000000
[  174.301518][T10803] R10: 0000000000028012 R11: 0000000000000246 R12: 0000000000000002
[  174.309529][T10803] R13: 000000000000006e R14: 00007f9c2de26058 R15: 00007fffa460b458
[  174.317545][T10803]  </TASK>
[  174.352981][ T4584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.353509][ T9877] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.372935][T10805] vcan0: tx drop: invalid da for name 0x00000000000000c7
[  174.390952][T10809] FAULT_INJECTION: forcing a failure.
[  174.390952][T10809] name failslab, interval 1, probability 0, space 0, times 0
[  174.403669][T10809] CPU: 0 UID: 0 PID: 10809 Comm: syz.2.2201 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  174.407772][T10811] x_tables: unsorted entry at hook 2
[  174.414422][T10809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  174.414437][T10809] Call Trace:
[  174.414445][T10809]  <TASK>
[  174.414452][T10809]  dump_stack_lvl+0xf2/0x150
[  174.414482][T10809]  dump_stack+0x15/0x20
[  174.444870][T10809]  should_fail_ex+0x229/0x230
[  174.449573][T10809]  ? skb_clone+0x154/0x1f0
[  174.453996][T10809]  should_failslab+0x8f/0xb0
[  174.458591][T10809]  kmem_cache_alloc_noprof+0x4c/0x290
[  174.464052][T10809]  skb_clone+0x154/0x1f0
[  174.468379][T10809]  __neigh_event_send+0x80c/0xa80
[  174.473430][T10809]  ? netlbl_enabled+0x25/0x40
[  174.478106][T10809]  neigh_resolve_output+0x10e/0x450
[  174.483289][T10809]  ? __neigh_create+0x54/0x70
[  174.487951][T10809]  ? ip_neigh_gw4+0x135/0x170
[  174.492669][T10809]  ip_finish_output2+0x784/0x8b0
[  174.497588][T10809]  ? nf_confirm+0x657/0x900
[  174.502121][T10809]  ? nf_nat_ipv4_out+0x28a/0x2f0
[  174.507205][T10809]  ip_finish_output+0x11a/0x2a0
[  174.512104][T10809]  ip_output+0xab/0x170
[  174.516299][T10809]  ? __pfx_ip_finish_output+0x10/0x10
[  174.521721][T10809]  ? __pfx_ip_output+0x10/0x10
[  174.526480][T10809]  __ip_queue_xmit+0xbcc/0xbf0
[  174.531379][T10809]  ? tcp_options_write+0xd1/0x580
[  174.536470][T10809]  ip_queue_xmit+0x38/0x50
[  174.541037][T10809]  ? __pfx_ip_queue_xmit+0x10/0x10
[  174.546182][T10809]  __tcp_transmit_skb+0x15b0/0x1970
[  174.551367][T10809]  tcp_connect+0x1df8/0x21f0
[  174.556027][T10809]  tcp_v4_connect+0xa09/0xad0
[  174.560704][T10809]  __inet_stream_connect+0x162/0x790
[  174.566053][T10809]  ? should_fail_ex+0xd7/0x230
[  174.570842][T10809]  ? tcp_sendmsg_fastopen+0x163/0x4f0
[  174.576203][T10809]  ? should_failslab+0x8f/0xb0
[  174.580986][T10809]  ? __kmalloc_cache_noprof+0x10b/0x2a0
[  174.586544][T10809]  tcp_sendmsg_fastopen+0x40e/0x4f0
[  174.592236][T10809]  ? __pfx_tcp_sendmsg+0x10/0x10
[  174.597153][T10809]  tcp_sendmsg_locked+0x2445/0x2640
[  174.602396][T10809]  ? mntput+0x49/0x70
[  174.606362][T10809]  ? __rcu_read_unlock+0x4e/0x70
[  174.611475][T10809]  ? avc_has_perm_noaudit+0x1cc/0x210
[  174.616869][T10809]  ? avc_has_perm+0xd4/0x160
[  174.621455][T10809]  ? _raw_spin_unlock_bh+0x36/0x40
[  174.626595][T10809]  ? __pfx_tcp_sendmsg+0x10/0x10
[  174.631604][T10809]  tcp_sendmsg+0x30/0x50
[  174.635893][T10809]  inet_sendmsg+0x77/0xd0
[  174.640230][T10809]  __sock_sendmsg+0x102/0x180
[  174.644916][T10809]  __sys_sendto+0x1e5/0x260
[  174.649429][T10809]  __x64_sys_sendto+0x78/0x90
[  174.654126][T10809]  x64_sys_call+0x2bc6/0x2e00
[  174.658811][T10809]  do_syscall_64+0xc9/0x1c0
[  174.663461][T10809]  ? clear_bhb_loop+0x55/0xb0
[  174.668134][T10809]  ? clear_bhb_loop+0x55/0xb0
[  174.672818][T10809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.678714][T10809] RIP: 0033:0x7f0a377c7299
[  174.683210][T10809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.702889][T10809] RSP: 002b:00007f0a36447048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  174.711380][T10809] RAX: ffffffffffffffda RBX: 00007f0a37955f80 RCX: 00007f0a377c7299
[  174.719425][T10809] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  174.727383][T10809] RBP: 00007f0a364470a0 R08: 0000000020000080 R09: 0000000000000010
[  174.735410][T10809] R10: 0000000020000800 R11: 0000000000000246 R12: 0000000000000002
[  174.743367][T10809] R13: 000000000000000b R14: 00007f0a37955f80 R15: 00007ffc97dfb728
[  174.751374][T10809]  </TASK>
[  174.778441][T10805] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2200'.
[  174.791323][T10824] loop1: detected capacity change from 0 to 256
[  174.804386][T10824] FAT-fs (loop1): Directory bread(block 64) failed
[  174.811079][T10824] FAT-fs (loop1): Directory bread(block 65) failed
[  174.817843][T10824] FAT-fs (loop1): Directory bread(block 66) failed
[  174.818790][T10826] loop4: detected capacity change from 0 to 128
[  174.836853][T10824] FAT-fs (loop1): Directory bread(block 67) failed
[  174.843496][T10824] FAT-fs (loop1): Directory bread(block 68) failed
[  174.850982][T10824] FAT-fs (loop1): Directory bread(block 69) failed
[  174.859371][T10824] FAT-fs (loop1): Directory bread(block 70) failed
[  174.866415][T10824] FAT-fs (loop1): Directory bread(block 71) failed
[  174.873159][T10824] FAT-fs (loop1): Directory bread(block 72) failed
[  174.880125][T10824] FAT-fs (loop1): Directory bread(block 73) failed
[  174.919493][T10837] loop3: detected capacity change from 0 to 512
[  174.922068][T10832] loop4: detected capacity change from 0 to 1024
[  174.929235][T10837] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2199: bg 0: block 5: invalid block bitmap
[  174.932651][T10832] EXT4-fs: Ignoring removed mblk_io_submit option
[  174.947678][T10837] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  174.951935][T10832] journal_path: Lookup failure for './file0/../file0'
[  174.960581][T10837] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.2199: invalid indirect mapped block 3 (level 2)
[  174.967178][T10832] EXT4-fs: error: could not find journal device path
[  174.982760][T10837] EXT4-fs (loop3): 1 orphan inode deleted
[  174.993544][T10837] EXT4-fs (loop3): 1 truncate cleaned up
[  175.001246][T10837] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.546482][T10856] loop1: detected capacity change from 0 to 512
[  175.555897][T10856] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2210: bg 0: block 5: invalid block bitmap
[  175.569696][T10856] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  175.579097][T10856] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.2210: invalid indirect mapped block 3 (level 2)
[  175.594056][T10856] EXT4-fs (loop1): 1 orphan inode deleted
[  175.599792][T10856] EXT4-fs (loop1): 1 truncate cleaned up
[  175.606916][T10856] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.796219][T10862] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2213'.
[  175.806107][T10862] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2213'.
[  175.818304][T10862] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2213'.
[  175.852870][T10866] FAULT_INJECTION: forcing a failure.
[  175.852870][T10866] name failslab, interval 1, probability 0, space 0, times 0
[  175.865556][T10866] CPU: 0 UID: 0 PID: 10866 Comm: syz.2.2214 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  175.876342][T10866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  175.886379][T10866] Call Trace:
[  175.889639][T10866]  <TASK>
[  175.892562][T10866]  dump_stack_lvl+0xf2/0x150
[  175.897221][T10866]  dump_stack+0x15/0x20
[  175.901384][T10866]  should_fail_ex+0x229/0x230
[  175.906076][T10866]  ? __alloc_skb+0x10b/0x310
[  175.910698][T10866]  should_failslab+0x8f/0xb0
[  175.915307][T10866]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  175.921201][T10866]  __alloc_skb+0x10b/0x310
[  175.925629][T10866]  netlink_alloc_large_skb+0xad/0xe0
[  175.930946][T10866]  netlink_sendmsg+0x3b4/0x6e0
[  175.935774][T10866]  ? __pfx_netlink_sendmsg+0x10/0x10
[  175.941066][T10866]  __sock_sendmsg+0x140/0x180
[  175.945755][T10866]  ____sys_sendmsg+0x312/0x410
[  175.950532][T10866]  __sys_sendmsg+0x1e9/0x280
[  175.955148][T10866]  __x64_sys_sendmsg+0x46/0x50
[  175.960033][T10866]  x64_sys_call+0x26f8/0x2e00
[  175.964717][T10866]  do_syscall_64+0xc9/0x1c0
[  175.969266][T10866]  ? clear_bhb_loop+0x55/0xb0
[  175.973980][T10866]  ? clear_bhb_loop+0x55/0xb0
[  175.978721][T10866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.984650][T10866] RIP: 0033:0x7f0a377c7299
[  175.989076][T10866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.008682][T10866] RSP: 002b:00007f0a36447048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  176.017094][T10866] RAX: ffffffffffffffda RBX: 00007f0a37955f80 RCX: 00007f0a377c7299
[  176.025201][T10866] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000003
[  176.033173][T10866] RBP: 00007f0a364470a0 R08: 0000000000000000 R09: 0000000000000000
[  176.041223][T10866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.049267][T10866] R13: 000000000000000b R14: 00007f0a37955f80 R15: 00007ffc97dfb728
[  176.057246][T10866]  </TASK>
[  176.134898][T10871] netlink: 'syz.4.2216': attribute type 13 has an invalid length.
[  176.185135][ T4584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.210749][   T29] kauditd_printk_skb: 39 callbacks suppressed
[  176.210762][   T29] audit: type=1400 audit(2000000359.191:5912): avc:  denied  { getopt } for  pid=10880 comm="syz.4.2220" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  176.248223][T10885] loop3: detected capacity change from 0 to 1024
[  176.248441][T10885] ext4: Unknown parameter 'dont_hash'
[  176.287604][T10888] loop2: detected capacity change from 0 to 1024
[  176.287785][T10888] EXT4-fs: Ignoring removed mblk_io_submit option
[  176.287884][T10888] journal_path: Lookup failure for './file0/../file0'
[  176.287899][T10888] EXT4-fs: error: could not find journal device path
[  176.317480][T10885] loop3: detected capacity change from 0 to 8192
[  176.431986][T10885] ==================================================================
[  176.440102][T10885] BUG: KCSAN: data-race in mark_buffer_dirty_inode / sync_mapping_buffers
[  176.448624][T10885] 
[  176.450951][T10885] write to 0xffff888114121a18 of 8 bytes by task 10894 on cpu 0:
[  176.458670][T10885]  sync_mapping_buffers+0x162/0x7e0
[  176.463969][T10885]  fat_file_fsync+0xad/0x100
[  176.468590][T10885]  vfs_fsync_range+0x122/0x140
[  176.473373][T10885]  generic_file_write_iter+0x191/0x1d0
[  176.478837][T10885]  iter_file_splice_write+0x5e6/0x970
[  176.484225][T10885]  direct_splice_actor+0x16c/0x2c0
[  176.489347][T10885]  splice_direct_to_actor+0x305/0x670
[  176.494713][T10885]  do_splice_direct+0xd7/0x150
[  176.499485][T10885]  do_sendfile+0x3ab/0x950
[  176.503902][T10885]  __x64_sys_sendfile64+0xbd/0x150
[  176.509015][T10885]  x64_sys_call+0xfc3/0x2e00
[  176.513608][T10885]  do_syscall_64+0xc9/0x1c0
[  176.518115][T10885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.524019][T10885] 
[  176.526327][T10885] read to 0xffff888114121a18 of 8 bytes by task 10885 on cpu 1:
[  176.533940][T10885]  mark_buffer_dirty_inode+0x96/0x1c0
[  176.539308][T10885]  fat_mirror_bhs+0x241/0x330
[  176.543973][T10885]  fat_alloc_clusters+0x994/0xa80
[  176.549006][T10885]  fat_get_block+0x25c/0x5e0
[  176.553586][T10885]  __block_write_begin_int+0x417/0xfa0
[  176.559038][T10885]  block_write_begin+0x7b/0x170
[  176.563888][T10885]  cont_write_begin+0x486/0x6b0
[  176.568732][T10885]  fat_write_begin+0x61/0xf0
[  176.573333][T10885]  generic_perform_write+0x1b4/0x580
[  176.578609][T10885]  __generic_file_write_iter+0xa1/0x120
[  176.584145][T10885]  generic_file_write_iter+0x7d/0x1d0
[  176.589504][T10885]  vfs_write+0x78f/0x900
[  176.593743][T10885]  ksys_write+0xeb/0x1b0
[  176.597982][T10885]  __x64_sys_write+0x42/0x50
[  176.602570][T10885]  x64_sys_call+0x2a40/0x2e00
[  176.607239][T10885]  do_syscall_64+0xc9/0x1c0
[  176.611736][T10885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.617622][T10885] 
[  176.619936][T10885] value changed: 0xffff888114184208 -> 0x0000000000000000
[  176.627027][T10885] 
[  176.629333][T10885] Reported by Kernel Concurrency Sanitizer on:
[  176.635464][T10885] CPU: 1 UID: 0 PID: 10885 Comm: syz.3.2222 Not tainted 6.11.0-rc1-syzkaller-00004-gdc1c8034e31b #0
[  176.646224][T10885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  176.656278][T10885] ==================================================================
[  176.676260][T10901] loop4: detected capacity change from 0 to 512
[  176.696015][T10901] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.2225: casefold flag without casefold feature
[  176.711722][T10313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.722497][T10901] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.2225: couldn't read orphan inode 15 (err -117)
[  176.766888][T10901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.847058][T10546] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.