last executing test programs:

12.81885584s ago: executing program 4 (id=1171):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2004}}, 0x10, 0x0}, 0x0) (fail_nth: 6)

12.701501228s ago: executing program 4 (id=1172):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0), 0x13f}}, 0x20)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0xe)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
r4 = gettid()
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r3, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r4}}]}, 0x3c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/14, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat(0xffffffffffffff9c, 0x0, 0x442, 0x0)
r8 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r9=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000500)='rfdno'}, 0x30)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9}, 0x90)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a30"], 0x104}}, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r12=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000001400b5e500000000000000000a000000", @ANYRES32=r12, @ANYBLOB="14000200ff"], 0x40}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r2)
socket$inet6(0xa, 0x3, 0xff)
syz_open_dev$tty1(0xc, 0x4, 0x1)

6.411033005s ago: executing program 4 (id=1237):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYRES8=r3, @ANYRESDEC=r0, @ANYRES32=r0, @ANYBLOB="ac1414bb0000000000000000000000000000000032000000ac1414aa00000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000a"], 0x1d4}, 0x1, 0x0, 0x0, 0x24040000}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0x80000000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}]}, &(0x7f0000000100)=0x10)
r4 = dup2(r2, r1)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r5=>0x0]}, &(0x7f0000000140)=0x8)
getsockopt$inet_sctp6_SCTP_STATUS(r4, 0x84, 0xe, &(0x7f0000001680)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {<r6=>0x0, @in6={{0xa, 0x0, 0x0, @loopback}}}}, &(0x7f0000001740)=0xb0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000000200)={r6}, &(0x7f0000000240)=0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
syz_read_part_table(0x105d, &(0x7f0000001080)="$eJzsz7FNA0EQBdC/wN3tBUQkZLRCSAOUAxItUAQStIbkAi4Za+3AkguwHbwX/d2ZH0y4rrts1ata/p+Tn/HzlmQ9zGpXlamN2J8ev9bM7bxey+9yTB/1Oacn41mV9Ne8JA/Jd7LVqTGNpeQ+aXn/u9CVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDT9gEAAP//1jwUcA==")

6.097825718s ago: executing program 4 (id=1240):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

6.0733256s ago: executing program 4 (id=1243):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r0 = socket(0x0, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90324fc60100c028010000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
r2 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600))
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x6}, 0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000000)={0x2, {{0x2, 0x0, @multicast1}}}, 0x88)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000000)=0x3, 0x12)
r5 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000600)={'team0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r6, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4], [0x0, 0x8]}}]}}]}, 0x8c}}, 0x0)

5.905225562s ago: executing program 4 (id=1247):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0), 0x13f}}, 0x20)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0xe)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
r4 = gettid()
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r3, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r4}}]}, 0x3c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/14, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat(0xffffffffffffff9c, 0x0, 0x442, 0x0)
r8 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r9=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000500)='rfdno'}, 0x30)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9}, 0x90)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a30"], 0x104}}, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r12=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000001400b5e500000000000000000a000000", @ANYRES32=r12, @ANYBLOB="14000200ff"], 0x40}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r2)
socket$inet6(0xa, 0x3, 0xff)
syz_open_dev$tty1(0xc, 0x4, 0x1)

1.34142842s ago: executing program 1 (id=1350):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000000)=0x80000001, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006, 0x0, 0x6, 0x3ff}]}, 0x10)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "6d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8dde", "c71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
connect$inet6(r1, &(0x7f0000000380)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000005600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

1.313574562s ago: executing program 0 (id=1351):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[], 0x78}}, 0x0)

1.096291698s ago: executing program 1 (id=1352):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
fdatasync(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
fdatasync(r5)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)

1.092308319s ago: executing program 0 (id=1354):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r0 = socket(0x0, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90324fc60100c028010000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
r2 = socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x6}, 0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000000)={0x2, {{0x2, 0x0, @multicast1}}}, 0x88)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000000)=0x3, 0x12)
r5 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000600)={'team0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r6, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4], [0x0, 0x8]}}]}}]}, 0x8c}}, 0x0)

998.398675ms ago: executing program 1 (id=1357):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$inet(r0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f00000003c0)={0x2, 0xd5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x58000, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x3, 0x0, 0x0, 0x0, 0xffe}, 0x0, 0x1000000, r1, 0x10)
readv(r2, &(0x7f0000000140)=[{&(0x7f00000002c0)=""/134, 0x86}], 0x1)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0)
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000f80)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c0001"], 0x12c}}, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r6, &(0x7f0000000000)="e7", 0x1, 0x0, 0x0, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_buf(r7, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x91)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000300)={0x44, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}]}]}, 0x44}}, 0x0)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r11, 0x8933, &(0x7f0000000580)={'wpan1\x00', <r13=>0x0})
sendmsg$NL802154_CMD_SET_CHANNEL(r11, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="a700000000000000000008fffffc08000300", @ANYRES32=r13, @ANYBLOB], 0x2c}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, 0x0, 0x20048884)

913.702832ms ago: executing program 0 (id=1358):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
alarm(0x8000000000000001)

902.909942ms ago: executing program 1 (id=1359):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioperm(0x0, 0x8, 0x400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
dup(r2)
r3 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo")
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="020000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=r3, @ANYRES32=r3, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040))
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r5 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r5, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

659.03878ms ago: executing program 0 (id=1360):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000300)='./file0\x00', 0x0) (fail_nth: 3)

636.441962ms ago: executing program 0 (id=1361):
r0 = eventfd2(0x0, 0x0)
io_setup(0x6, &(0x7f0000000040)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f0000002900)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x3, 0x3511, r0, 0x0, 0x0, 0x0, 0x0, 0x3, r0}])
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f00000003c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xbc}}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x1, 0x437, &(0x7f0000000440)="$eJzs28tvG0UYAPBv7SQlfZBQlUfTAoGCiHgkTVpKD1xAIHEACQkO5RiStAp1G9SkEq0iCAiVI6rEHXFE4i/gBBcEnCpxhTuqVKFcWjgZrb2b2I6dV5244N9P2nZmd6z5Pu+OPbsTB9C1htN/koj9EfF7RAxUq/UNhqv/3VlenPp7eXEqiXL5nb+SSrvby4tTedP8dfvySk9E4fMkjjTpd/7K1fOTpdLMpaw+tnDhw7H5K1dfmL0weW7m3MzFidOnT54Yf+nUxIttyTPN6/bQx3NHD7/x3vW3ps5cf/+X75I8/4Y82mR4vYNPl8tt7q6zDtSUk54OBsKWFKvDNHor438girF68gbi9c86Ghywo8rlcvmh1oeXysD/WBKdjgDojPyLPr3/zbddmnrcE269Ur0BSvO+k23VIz1RyNr0NtzfttNwRJxZ+ufrdIudeQ4BAFDnh3T+83yz+V8hap8L3Z+toQxGxAMRcTAiTkXEoYh4MKLS9uGIeGSL/Tcukqyd/xRubiuxTUrnfy9na1v187989heDxax2oJJ/b3J2tjRzPHtPRqJ3T1ofX6ePH1/77ctWx2rnf+mW9p/PBbM4bvbsqX/N9OTC5N3kXOvWpxFDPc3yT1ZWApKIOBwRQ9vsY/bZb4+2OrZx/utowzpT+ZuIZ6rnfyka8s8l669Pjt0XpZnjY/lVsdavN6693ar/u8q/DdLzv7fp9b+S/2BSu147v/U+rv3xRct7mu1e/33Ju3X7PppcWLg0HtGXvFkNunb/REO7idX2af4jx5qP/4Ox+k4ciYj0In40Ih6LiMez2J+IiCcj4tg6+f/86lMfbD//nZXmP72l879a6IvGPc0LxfM/fV/X6WCr/KPF+T9ZKY1kezbz+beZuLZ3NQMAAMB/TyEi9kdSGF0pFwqjo9W/4T8UewulufmF587OXb44Xf2NwGD0FvInXQM1z0PHs9v6vD7RUD+RPTf+qthfqY9OzZWmO508dLl9LcZ/6s9ip6MDdpzfa0H3Mv6hexn/0L2Mf+heTcZ/fyfiAHZfs+//TzoQB7D7Gsa/ZT/oIhvd/9+4vEuBALvO8z/oXsY/dKX5/tj4R/IKCmsKUbgnwlDYoUKnP5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa498AAAD//wRE5yE=")
r2 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = socket$kcm(0x29, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000080)={r2})
open(&(0x7f0000000180)='./file0\x00', 0x0, 0xb0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7f, 0x9, 0x0, 0x6, 0x7, 0x0, "ef359f413bb93852f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a4b78c660e677df701908b9aaa3f6a004000000000000000000000000000300", "036c4700000000d19511000000000000000400", "b7326736181c208220000000b9000000000000000000f0ffffffff3fe100", [0xfffffffffffffffd]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8bf51b4fa0c816b7, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = inotify_init1(0x0)
inotify_add_watch(r6, &(0x7f0000000280)='./file0\x00', 0x2000044c)
syz_genetlink_get_family_id$SEG6(0x0, r2)

635.701252ms ago: executing program 1 (id=1362):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=ANY=[@ANYBLOB="5000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b000100697036746e6c00001800028014000300fe80000000000000000000000000000008000a00", @ANYRES32=r3], 0x50}}, 0x0)

527.5951ms ago: executing program 3 (id=1364):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r1], 0x78}}, 0x0)

514.160162ms ago: executing program 3 (id=1365):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1)

509.119982ms ago: executing program 1 (id=1366):
close(0xffffffffffffffff)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYRESHEX=r0], &(0x7f00002bf000)='GPL\x00', 0x4, 0xb8, &(0x7f0000000300)=""/184, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
r2 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1})
sendmmsg$inet(r2, &(0x7f0000001500)=[{{0x0, 0xffffffcf, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x34000}, {0x0}], 0x2, &(0x7f0000000e40)=ANY=[], 0xd0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, 0x0)

458.298995ms ago: executing program 0 (id=1367):
socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc901, &(0x7f0000000080)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@init_itable}]}, 0x1, 0x4dc, &(0x7f0000000540)="$eJzs3cFvG1kZAPBvJnFp2pSkwAEqUSpalFZQO2loG3EoRUL0VAko9xISJ4rixFHstE1UQSr+ACSEAIkTJy5I/AFIqGdOCKnS7n21u9rVarfdPexht17ZHqdN1k5S1Ynb5PeTXubNjGe+78XyeN7MkyeAQ+tMRFyPiKe1Wu1CRAxly9OsxHqz1F/35PH9qXpJola79WESSbasta8kmx7PNjsaEb+8EfGb5MtxK6tr85OlUnE5my9UF5YKldW1i3MLk7PF2eLi+PjYlYmrE5cnRrvSznpO13767p//8I+fXfvPD+6+dfv987+tpzWYrX++Hd3UbHqu8b9o6Y+I5b0I1gN9WXtyvU4EAIBdqZ/jfy0ivhsRF2Io+hpncwAAAMBBUvvxYHyWRNQAAACAAyttjIFN0nw2FmAw0jSfb46X/UYcS0vlSvX7M+WVxenmWNnhyKUzc6XiaDZWeDhySX1+rFF/Nn9py/x4RJyMiD8NDTTm81Pl0nSvL34AAADAIXF8S///k6Fm/x8AAAA4YIZ7nQAAAACw5/T/AQAA4ODT/wcAAIAD7ec3b9ZLrfX86+k7qyvz5TsXp4uV+fzCylR+qry8lJ8tl2cbv9m3sNP+SuXy0g9jceVeoVqsVAuV1bXbC+WVxertuU2PwAYAAAD20cnvPHwziYj1Hw00St2RXicF7IsbL/Lid/YuD2D/9fU6AaBn+nudANAzuV4nAPRc8qyatlvfcfDO//YmHwAAoPtGvtX5/n/bawMbvYP1tv0E4PXhQwyHl/v/cHi96P3//+5RHsD+yzkDgEMv2WH9y9//r9VeKCEAAKDrBhslSfPZvcDBSNN8PuJE47EAuWRmrlQcjYivRsQbQ7mv1OfHGlsmO/YZAAAAAAAAAAAAAAAAAAAAAAAAAICmWi2JGgAAAHCgRaTvJdnzv0aGzg1uvT5wJPl0qDGNiLt/u/WXe5PV6vJYfflHG8urf82WX+rFFQwAAABgq1Y/vdWPBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBuevL4/lSr7GfcD34SEcPt4vfH0cb0aOQi4tjHSfQ/t10SEX1diL/+YNNuI6IVP6mnFcNZFu3iD3QlfroRd3P7t4s/EPWtjnchPhxmD+vHn+vtjj9pnGlM23/++7Pysjof/9KN419fh+PPiV3GOPXoX4WO8R9EnOpvFz/ZiJ90iH92l/F//au1tU7ran+PGGn7/ZNsilWoLiwVKqtrF+cWJmeLs8XF8fGxKxNXJy5PjBZm5krF7G/bGH/89r+fbtf+Yx3iD+/Q/nO7bP/nj+49/nqzmmsX//zZ9u//NzvET7Pvvu9l9fr6kVZ9vVl/3ul//v/0du2f7tD+nd7/87ts/4Vf/P7tXb4UANgHldW1+clSqbj82lb645VIQ+U1rPzu1Ujjlaz0+sgEAAB027OT/l5nAgAAAAAAAAAAAAAAAAAAAIfXfvyc2NaY671pKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAtr4IAAD//+3V0HI=")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@abort}, {@noload}, {@noload}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000140)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffff7)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r7, r3, 0x25, 0x2, @val=@tcx}, 0x40)
syz_emit_ethernet(0x5e, &(0x7f0000000340)={@local, @dev, @val={@val={0x8100}}, {@canfd={0xd, {{}, 0x0, 0x0, 0x0, 0x0, "ec7ab49f42266b558197758939c3a67064eb2413deb6d588b153902f5348321b2aa24fcea6549a091e651e6c1d3053eef4b8f189054244df8c1353433e834d4c"}}}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x21081a, &(0x7f0000000040)={[{@grpjquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@jqfmt_vfsold}]}, 0x1, 0x501, &(0x7f0000000ac0)="$eJzs3c9vY0cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOWEEKqE6BGkbUi8URQ7jmKnNGEP6ZkrEitxgiN/AOc9ceeC4MZlOSDxIwJtkPZg9J5fst7E3lhNYkfx5yM9vZk3Xn9n1vtm4m/WngBG1s2I2I+IiYj4OCJms+u57IgP2kfyuCcHD1YODx6s5KLV+uhfubQ9uRYdfyZxI3vOYkT86HsRP82djtvY3dtYrlYr21l9vlnbmm/s7t1Zry2vVdYqm+Xy0uLSwnt33y1f2FjfqE1kpa8+/uP+t36edGsmu9I5jovUHnrhOE5iPCJ+cBnBhmAsG8/EqZYuLzpXTj4iXo2IN9P7fzbG0lcTALjOWq3ZaM121gGA6y6f5sBy+VKWC5iJfL5UaufwXovpfLXeaN6+X9/ZXG3nyuaikL+/Xq0sZLnCuSjkkvpiWn5WL5+o342IVyLil5NTab20Uq+uDvMHHwAYYTdOrP//nWyv/wDANVccdgcAgIGz/gPA6LH+A8Dosf4DwOhpr/9Tw+4GADBA3v8DwOix/gPASPnhhx8mR+sw+/7r1U92dzbqn9xZrTQ2SrWdldJKfXurtFavr6Xf2VM76/mq9frW4jux8+nct7cazfnG7t69Wn1ns3kv/V7ve5VC+qj9AYwMAOjllTce/SWXrMjvT6VHdOzlUBhqz4DLlh92B4ChGRt2B4ChsdsXjK5zvMeXHoBr4qzdWovdPiDUarVal9cl4JLd+pL8P4yqjvy//wUMI6bP/P9TP+nD9SP/D6Or1cr1u+d/9PtAAOBqk+MHevz+/9Xs/LvslwM/WT35iIeX2SsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42o72/y1le4HPRD5fKkW8FBFzUcjdX69WFiLi5Yj482RhMqkvDrnPAMB55f+ey/b/ujX79sxzTa/fOC5ORMTPfv3Rrz5dbja3/xQxkfv35NH15sPsennwvQcAzna0TqfnjjfyTw4erBwdg+zPP74bEcV2/MODiTg8jj8e4+m5GIWImP5PLqu35TpyF+ex/1lEfLHb+HMxk+ZA2jufnoyfxH5poPHzz8XPp23tc/J38YUL6AuMmkfJ/PNBt/svHzfTc/f7v5jOUOeXzX/JU60cpnPgs/hH899Yj/nvZr8x3vnD99ulqdNtn0V8eTziKPZhx/xzFD/XI/7bfcb/61def7NXW+s3Ebeie/zOWPPN2tZ8Y3fvznptea2yVtksl5cWlxbeu/tueT7NUc/3Xg3++f7tl3u1JeOf7hG/eMb4v97n+H/79OMff+0F8b/5Vrf4+XjtBfGTNfEbfcZfnv59sVdbEn+1x/jPev1v9xn/8d/2Tm0bDgAMT2N3b2O5Wq1sKyhc/ULyT/YKdKNr4TuDijUR3Zt+8Vb7nj7R1Gp9rli9ZoyLyLoBV8HxTR8R/xt2ZwAAAAAAAAAAAAAAgK4G8YmlYY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+v/AQAA///HDdMc")
lchown(&(0x7f00000002c0)='./file0\x00', 0xee00, 0xee01)

437.413877ms ago: executing program 3 (id=1368):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r0 = socket(0x0, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90324fc60100c028010000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
r2 = socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x6}, 0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000000)={0x2, {{0x2, 0x0, @multicast1}}}, 0x88)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000000)=0x3, 0x12)
r5 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000600)={'team0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r6, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4], [0x0, 0x8]}}]}}]}, 0x8c}}, 0x0)

375.567681ms ago: executing program 2 (id=1369):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x301)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue1\x00'})
close_range(r0, 0xffffffffffffffff, 0xbf00)

313.719476ms ago: executing program 2 (id=1370):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
dup(r2)
r3 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo")
lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYBLOB="02000000", @ANYRES32=r3, @ANYBLOB="040000000000800008000000", @ANYRES32=r3, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0)
r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000040))
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x20, &(0x7f0000000280)={&(0x7f0000000080)=""/17, 0x11, 0x0, &(0x7f0000001c00)=""/4080, 0xff0}}, 0x10)
r5 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r5, &(0x7f00000006c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

285.337839ms ago: executing program 3 (id=1371):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000000)=0x80000001, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006, 0x0, 0x6, 0x3ff}]}, 0x10)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "6d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8dde", "c71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200"/15], 0x0}, 0x90)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
connect$inet6(r1, &(0x7f0000000380)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000005600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

215.627733ms ago: executing program 3 (id=1372):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = inotify_init1(0x0)
fcntl$setown(r3, 0x8, 0xffffffffffffffff)
fcntl$getownex(r3, 0x10, &(0x7f0000000140)={0x0, <r4=>0x0})
r5 = syz_open_procfs(r4, &(0x7f0000000600)='fd/4\x00')
ioctl$EXT4_IOC_GROUP_EXTEND(r5, 0x40305829, &(0x7f0000000240)=0x20)

186.791995ms ago: executing program 3 (id=1373):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x103, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000700)={{}, 0x0, 0x1e, @inherit={0x68, &(0x7f0000000140)={0x1, 0x4, 0x2, 0x2, {0x2a, 0xfffffffffffffff7, 0x3, 0x7f, 0xc9}, [0xa32, 0x8861, 0x2, 0x3]}}, @devid})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)

141.950519ms ago: executing program 2 (id=1374):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) (fail_nth: 3)

70.906214ms ago: executing program 2 (id=1375):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0)
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r1], 0x78}}, 0x0)

70.393304ms ago: executing program 2 (id=1376):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=ANY=[@ANYBLOB="5000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b000100697036746e6c00001800028014000300fe80000000000000000000000000000008000a00", @ANYRES32=r3], 0x50}}, 0x0)

0s ago: executing program 2 (id=1377):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x90)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0])
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x3c, r3, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}]}, 0x3c}}, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000040)=0x1c)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000080), 0x4)
clock_gettime(0x0, &(0x7f00000001c0))
utimensat(r2, &(0x7f0000000100)='./file0\x00', 0x0, 0x100)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f0000000240)='./bus\x00', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
sendfile(r5, r4, 0x0, 0x7ffff000)

kernel console output (not intermixed with test programs):

=1400 audit(1725229122.041:3470): avc:  denied  { read } for  pid=6862 comm="syz.2.965" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  102.423674][   T29] audit: type=1400 audit(1725229122.101:3471): avc:  denied  { name_bind } for  pid=6852 comm="syz.1.962" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  102.445451][   T29] audit: type=1400 audit(1725229122.101:3472): avc:  denied  { node_bind } for  pid=6852 comm="syz.1.962" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  102.466426][   T29] audit: type=1400 audit(1725229122.111:3473): avc:  denied  { create } for  pid=6862 comm="syz.2.965" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  102.477939][ T6873] loop3: detected capacity change from 0 to 2048
[  102.496392][ T6864] vhci_hcd: connection closed
[  102.496798][   T36] vhci_hcd: stop threads
[  102.503709][ T5426] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.506091][   T36] vhci_hcd: release socket
[  102.519594][   T36] vhci_hcd: disconnect device
[  102.523867][ T6873] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.524660][ T4116] vhci_hcd: vhci_device speed not set
[  102.554201][ T2360] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.606176][ T2360] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.610847][ T6880] hub 2-0:1.0: USB hub found
[  102.633956][ T6880] hub 2-0:1.0: 8 ports detected
[  102.656129][ T6885] loop1: detected capacity change from 0 to 512
[  102.671246][ T2360] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.687827][ T6885] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.709738][ T6890] loop4: detected capacity change from 0 to 1024
[  102.717466][ T6885] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.732353][ T6873] netlink: 24 bytes leftover after parsing attributes in process `syz.3.968'.
[  102.751306][ T6885] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #2: comm syz.1.970: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  102.772721][ T6890] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.826325][ T6868] chnl_net:caif_netlink_parms(): no params data found
[  102.833698][ T6885] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.970: Directory hole found for htree leaf block 0
[  102.847623][   T36] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  102.848498][ T2360] bridge_slave_1: left allmulticast mode
[  102.868339][ T2360] bridge_slave_1: left promiscuous mode
[  102.874197][   T36] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  102.874234][ T2360] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.886541][   T36] EXT4-fs (loop3): This should not happen!! Data will be lost
[  102.886541][   T36] 
[  102.903504][   T36] EXT4-fs (loop3): Total free blocks count 0
[  102.909671][   T36] EXT4-fs (loop3): Free/Dirty block details
[  102.915624][   T36] EXT4-fs (loop3): free_blocks=2415919104
[  102.921591][   T36] EXT4-fs (loop3): dirty_blocks=16
[  102.926829][   T36] EXT4-fs (loop3): Block reservation details
[  102.932862][   T36] EXT4-fs (loop3): i_reserved_data_blocks=1
[  102.943173][ T2360] bridge_slave_0: left allmulticast mode
[  102.943645][   T36] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  102.948921][ T2360] bridge_slave_0: left promiscuous mode
[  102.967006][ T2360] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.988216][ T5426] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.998310][ T3258] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.015665][ T2360] team0: left allmulticast mode
[  103.020679][ T2360] team_slave_0: left allmulticast mode
[  103.026531][ T2360] team_slave_1: left allmulticast mode
[  103.032727][ T2360] team0: left promiscuous mode
[  103.037646][ T2360] team_slave_0: left promiscuous mode
[  103.043108][ T2360] team_slave_1: left promiscuous mode
[  103.048944][ T2360] GPL: port 1(team0) entered disabled state
[  103.055329][ T6899] loop4: detected capacity change from 0 to 512
[  103.103277][ T6899] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.126520][ T6899] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.140781][ T6912] loop2: detected capacity change from 0 to 512
[  103.149205][ T6899] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #15: comm syz.4.973: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  103.166767][ T6899] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  103.190112][ T6899] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #15: comm syz.4.973: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  103.195242][ T6912] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.220163][ T6899] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  103.229609][ T6912] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.241316][ T6899] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.973: bg 0: block 18: invalid block bitmap
[  103.254216][ T6899] EXT4-fs error (device loop4): ext4_acquire_dquot:6848: comm syz.4.973: Failed to acquire dquot type 1
[  103.274174][ T6436] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.285007][ T6899] syz.4.973 (6899) used greatest stack depth: 9496 bytes left
[  103.301764][ T5426] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.315797][ T2360] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  103.332638][ T2360] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  103.345166][ T2360] bond0 (unregistering): Released all slaves
[  103.356040][ T2360] bond1 (unregistering): Released all slaves
[  103.365178][ T2360] bond2 (unregistering): Released all slaves
[  103.375440][ T2360] bond3 (unregistering): Released all slaves
[  103.384965][ T2360] bond4 (unregistering): Released all slaves
[  103.394010][ T2360] bond5 (unregistering): Released all slaves
[  103.403023][ T2360] bond6 (unregistering): Released all slaves
[  103.422839][ T6921] hsr_slave_0: left promiscuous mode
[  103.450985][ T6921] hsr_slave_1: left promiscuous mode
[  103.467729][ T6929] loop4: detected capacity change from 0 to 2048
[  103.493154][ T6929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.510498][ T2360] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.518168][ T2360] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.528148][ T2360] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.535995][ T2360] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.569277][ T2360] veth1_macvtap: left promiscuous mode
[  103.574954][ T2360] veth0_macvtap: left promiscuous mode
[  103.580606][ T2360] veth1_vlan: left promiscuous mode
[  103.585959][ T2360] veth0_vlan: left promiscuous mode
[  103.609365][ T6938] loop2: detected capacity change from 0 to 1024
[  103.618282][ T6929] __nla_validate_parse: 2 callbacks suppressed
[  103.618297][ T6929] netlink: 24 bytes leftover after parsing attributes in process `syz.4.981'.
[  103.648716][ T6938] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.681514][ T6940] netlink: 'syz.1.984': attribute type 2 has an invalid length.
[  103.689440][ T6940] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.984'.
[  103.703133][ T3271] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  103.720282][ T3271] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  103.732871][ T3271] EXT4-fs (loop4): This should not happen!! Data will be lost
[  103.732871][ T3271] 
[  103.742599][ T3271] EXT4-fs (loop4): Total free blocks count 0
[  103.748746][ T3271] EXT4-fs (loop4): Free/Dirty block details
[  103.754684][ T3271] EXT4-fs (loop4): free_blocks=2415919104
[  103.760442][ T3271] EXT4-fs (loop4): dirty_blocks=16
[  103.765582][ T3271] EXT4-fs (loop4): Block reservation details
[  103.771837][ T3271] EXT4-fs (loop4): i_reserved_data_blocks=1
[  103.778758][ T3271] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  103.779278][ T6436] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.840660][ T6948] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  103.847252][ T6948] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  103.850001][ T6952] No control pipe specified
[  103.854883][ T6948] vhci_hcd vhci_hcd.0: Device attached
[  103.872294][ T6949] usbip_core: unknown command
[  103.873914][ T6952] loop3: detected capacity change from 0 to 1024
[  103.877220][ T6949] vhci_hcd: unknown pdu 0
[  103.888119][ T6955] loop2: detected capacity change from 0 to 128
[  103.894588][ T6949] usbip_core: unknown command
[  103.915226][ T6952] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  103.924593][   T28] vhci_hcd: stop threads
[  103.926438][ T6955] syz.2.987: attempt to access beyond end of device
[  103.926438][ T6955] loop2: rw=0, sector=121, nr_sectors = 112 limit=128
[  103.928905][   T28] vhci_hcd: release socket
[  103.928917][   T28] vhci_hcd: disconnect device
[  103.951194][ T6952] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.985539][ T2360] team0 (unregistering): Port device team_slave_1 removed
[  103.996477][ T2360] team0 (unregistering): Port device team_slave_0 removed
[  104.052072][ T6868] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.059324][ T6868] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.101574][ T6868] bridge_slave_0: entered allmulticast mode
[  104.120582][ T6868] bridge_slave_0: entered promiscuous mode
[  104.150729][ T6868] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.157990][ T6868] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.172899][ T6868] bridge_slave_1: entered allmulticast mode
[  104.180035][ T6868] bridge_slave_1: entered promiscuous mode
[  104.214521][ T6868] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.228315][ T6868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.260429][ T6868] team0: Port device team_slave_0 added
[  104.269558][ T6868] team0: Port device team_slave_1 added
[  104.302637][ T6868] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.309703][ T6868] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.335775][ T6868] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.339978][ T6983] loop1: detected capacity change from 0 to 1024
[  104.349257][ T6868] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.359842][ T6868] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.385928][ T6868] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.392525][ T6983] EXT4-fs: Ignoring removed nobh option
[  104.402194][ T6983] EXT4-fs: Ignoring removed orlov option
[  104.436410][ T6983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.461493][ T6983] EXT4-fs error (device loop1): __ext4_remount:6491: comm syz.1.992: Abort forced by user
[  104.474187][ T6983] EXT4-fs (loop1): Remounting filesystem read-only
[  104.485662][ T6983] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  104.516786][ T6983] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  104.519536][ T6868] hsr_slave_0: entered promiscuous mode
[  104.533416][ T6868] hsr_slave_1: entered promiscuous mode
[  104.540258][ T6983] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  104.592184][ T7000] loop4: detected capacity change from 0 to 2048
[  104.619727][ T3258] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.620802][ T7000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.729840][ T7014] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  104.730079][ T7012] netlink: 'syz.2.998': attribute type 2 has an invalid length.
[  104.736428][ T7014] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  104.736666][ T7014] vhci_hcd vhci_hcd.0: Device attached
[  104.744457][ T7012] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.998'.
[  104.772052][ T3267] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.808832][ T7016] usbip_core: unknown command
[  104.813586][ T7016] vhci_hcd: unknown pdu 0
[  104.818018][ T7016] usbip_core: unknown command
[  104.828231][ T7014] syz.1.996[7014] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.828325][ T7014] syz.1.996[7014] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.841496][ T7021] syz.3.999[7021] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.856315][ T3271] vhci_hcd: stop threads
[  104.871933][ T3271] vhci_hcd: release socket
[  104.876456][ T3271] vhci_hcd: disconnect device
[  104.885089][ T7021] syz.3.999[7021] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.900400][ T7026] FAULT_INJECTION: forcing a failure.
[  104.900400][ T7026] name failslab, interval 1, probability 0, space 0, times 0
[  104.909550][ T7000] netlink: 24 bytes leftover after parsing attributes in process `syz.4.995'.
[  104.911783][ T7026] CPU: 1 UID: 0 PID: 7026 Comm: syz.2.1000 Not tainted 6.11.0-rc6-syzkaller #0
[  104.942311][ T7026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  104.952462][ T7026] Call Trace:
[  104.955835][ T7026]  <TASK>
[  104.958786][ T7026]  dump_stack_lvl+0xf2/0x150
[  104.963486][ T7026]  dump_stack+0x15/0x20
[  104.967794][ T7026]  should_fail_ex+0x229/0x230
[  104.972510][ T7026]  ? skb_clone+0x154/0x1f0
[  104.976970][ T7026]  should_failslab+0x8f/0xb0
[  104.981646][ T7026]  kmem_cache_alloc_noprof+0x4c/0x290
[  104.987067][ T7026]  skb_clone+0x154/0x1f0
[  104.991362][ T7026]  __netlink_deliver_tap+0x2bd/0x4c0
[  104.996873][ T7026]  netlink_unicast+0x64a/0x670
[  105.001682][ T7026]  netlink_sendmsg+0x5cc/0x6e0
[  105.006516][ T7026]  ? __pfx_netlink_sendmsg+0x10/0x10
[  105.011929][ T7026]  __sock_sendmsg+0x140/0x180
[  105.016655][ T7026]  ____sys_sendmsg+0x312/0x410
[  105.021548][ T7026]  __sys_sendmsg+0x1e9/0x280
[  105.026203][ T7026]  __x64_sys_sendmsg+0x46/0x50
[  105.031094][ T7026]  x64_sys_call+0x2689/0x2d60
[  105.035828][ T7026]  do_syscall_64+0xc9/0x1c0
[  105.040554][ T7026]  ? clear_bhb_loop+0x55/0xb0
[  105.045384][ T7026]  ? clear_bhb_loop+0x55/0xb0
[  105.050159][ T7026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.056315][ T7026] RIP: 0033:0x7fb3cb1c9eb9
[  105.060919][ T7026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.080649][ T7026] RSP: 002b:00007fb3c9e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  105.089160][ T7026] RAX: ffffffffffffffda RBX: 00007fb3cb365f80 RCX: 00007fb3cb1c9eb9
[  105.097151][ T7026] RDX: 0000000000000000 RSI: 00000000200012c0 RDI: 0000000000000003
[  105.105258][ T7026] RBP: 00007fb3c9e47090 R08: 0000000000000000 R09: 0000000000000000
[  105.113254][ T7026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.121248][ T7026] R13: 0000000000000000 R14: 00007fb3cb365f80 R15: 00007ffc73033a78
[  105.129241][ T7026]  </TASK>
[  105.252838][ T2360] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  105.283317][ T2360] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  105.296052][ T2360] EXT4-fs (loop4): This should not happen!! Data will be lost
[  105.296052][ T2360] 
[  105.306052][ T2360] EXT4-fs (loop4): Total free blocks count 0
[  105.312165][ T2360] EXT4-fs (loop4): Free/Dirty block details
[  105.318129][ T2360] EXT4-fs (loop4): free_blocks=2415919104
[  105.323899][ T2360] EXT4-fs (loop4): dirty_blocks=16
[  105.329024][ T2360] EXT4-fs (loop4): Block reservation details
[  105.335046][ T2360] EXT4-fs (loop4): i_reserved_data_blocks=1
[  105.335638][ T7054] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  105.347591][ T7054] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  105.355295][ T7054] vhci_hcd vhci_hcd.0: Device attached
[  105.361695][ T3271] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  105.378341][ T7057] vhci_hcd: connection closed
[  105.378710][ T2360] vhci_hcd: stop threads
[  105.387693][ T2360] vhci_hcd: release socket
[  105.392136][ T2360] vhci_hcd: disconnect device
[  105.430707][ T6868] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  105.440800][ T7072] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1006'.
[  105.455741][ T6868] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  105.464868][ T6868] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  105.480782][ T6868] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  105.579891][ T6868] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.595779][ T6868] 8021q: adding VLAN 0 to HW filter on device team0
[  105.620207][ T3271] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.627714][ T3271] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.647090][ T3271] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.654289][ T3271] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.700906][ T7091] loop1: detected capacity change from 0 to 512
[  105.774709][ T7091] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.812725][ T7091] ext4 filesystem being mounted at /182/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  105.857331][ T6868] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.931183][ T3258] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.957106][ T7110] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1014'.
[  106.022043][ T7114] syz.1.1013[7114] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.022116][ T7114] syz.1.1013[7114] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.156933][ T6868] veth0_vlan: entered promiscuous mode
[  106.188434][ T6868] veth1_vlan: entered promiscuous mode
[  106.207862][ T6868] veth0_macvtap: entered promiscuous mode
[  106.245319][ T6868] veth1_macvtap: entered promiscuous mode
[  106.265200][ T7142] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1019'.
[  106.287612][ T6868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.298219][ T6868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.299027][ T7144] loop4: detected capacity change from 0 to 128
[  106.308395][ T6868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.325279][ T6868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.335321][ T6868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.345849][ T6868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.355718][ T6868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.355852][ T7146] loop3: detected capacity change from 0 to 128
[  106.366252][ T6868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.428817][ T6868] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.429705][ T7150] loop4: detected capacity change from 0 to 1024
[  106.443934][ T6868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.454434][ T6868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.464474][ T6868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.475251][ T6868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.485243][ T6868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.495727][ T6868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.505715][ T6868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.516246][ T6868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.529531][ T7150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.544308][ T6868] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.553866][ T7149] IPVS: Error connecting to the multicast addr
[  106.585185][ T6868] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.594050][ T6868] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.602907][ T6868] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.611778][ T6868] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.750875][ T7163] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1024'.
[  106.785074][ T5426] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.823461][ T7179] No control pipe specified
[  106.870801][ T7179] loop0: detected capacity change from 0 to 1024
[  106.925491][ T7179] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  106.958729][ T7192] syz.4.1028[7192] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.958860][ T7192] syz.4.1028[7192] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.985485][ T7179] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.185400][ T7208] syz.3.1030[7208] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.185483][ T7208] syz.3.1030[7208] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.290880][ T7216] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1032'.
[  107.416350][ T7229] 8021q: adding VLAN 0 to HW filter on device bond3
[  107.435015][ T7228] loop1: detected capacity change from 0 to 1024
[  107.447821][ T7228] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.488769][ T7229] 8021q: adding VLAN 0 to HW filter on device bond3
[  107.544631][ T7229] bond3: (slave ip6tnl1): The slave device specified does not support setting the MAC address
[  107.593292][ T7229] bond3: (slave ip6tnl1): Error -95 calling set_mac_address
[  107.788019][ T6868] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.870030][ T7244] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1036'.
[  107.900680][   T29] kauditd_printk_skb: 360 callbacks suppressed
[  107.900697][   T29] audit: type=1400 audit(1725229127.661:3832): avc:  denied  { create } for  pid=7258 comm="syz.0.1038" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  107.937787][ T7266] loop4: detected capacity change from 0 to 128
[  107.961684][ T7269] netlink: 'syz.3.1041': attribute type 1 has an invalid length.
[  107.963732][   T29] audit: type=1400 audit(1725229127.661:3833): avc:  denied  { write } for  pid=7258 comm="syz.0.1038" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  107.989980][   T29] audit: type=1400 audit(1725229127.661:3834): avc:  denied  { nlmsg_read } for  pid=7258 comm="syz.0.1038" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  108.011400][   T29] audit: type=1326 audit(1725229127.671:3835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7265 comm="syz.4.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4ddd39eb9 code=0x7ffc0000
[  108.035136][   T29] audit: type=1326 audit(1725229127.671:3836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7265 comm="syz.4.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4ddd39eb9 code=0x7ffc0000
[  108.058993][   T29] audit: type=1326 audit(1725229127.671:3837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7265 comm="syz.4.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4ddd39eb9 code=0x7ffc0000
[  108.083181][   T29] audit: type=1326 audit(1725229127.671:3838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7265 comm="syz.4.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4ddd39eb9 code=0x7ffc0000
[  108.106843][   T29] audit: type=1326 audit(1725229127.671:3839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7265 comm="syz.4.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4ddd39eb9 code=0x7ffc0000
[  108.131265][   T29] audit: type=1326 audit(1725229127.671:3840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7265 comm="syz.4.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4ddd39eb9 code=0x7ffc0000
[  108.155251][   T29] audit: type=1326 audit(1725229127.671:3841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7265 comm="syz.4.1040" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4ddd39eb9 code=0x7ffc0000
[  108.189930][ T7269] 8021q: adding VLAN 0 to HW filter on device bond4
[  108.246258][ T3258] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.287070][ T7277] loop4: detected capacity change from 0 to 512
[  108.321056][ T7273] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.404416][ T7277] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.439241][ T7294] loop3: detected capacity change from 0 to 128
[  108.453306][ T7277] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.500808][ T7294] syz.3.1046: attempt to access beyond end of device
[  108.500808][ T7294] loop3: rw=0, sector=121, nr_sectors = 112 limit=128
[  108.540900][ T7277] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #2: comm syz.4.1043: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  108.581675][ T7277] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.1043: Directory hole found for htree leaf block 0
[  108.613251][ T5426] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.647901][ T7308] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  108.654522][ T7308] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  108.662331][ T7308] vhci_hcd vhci_hcd.0: Device attached
[  108.679053][ T7309] usbip_core: unknown command
[  108.683807][ T7309] vhci_hcd: unknown pdu 0
[  108.688295][ T7309] usbip_core: unknown command
[  108.711380][   T36] vhci_hcd: stop threads
[  108.716235][   T36] vhci_hcd: release socket
[  108.720967][   T36] vhci_hcd: disconnect device
[  108.774878][ T7314] __nla_validate_parse: 3 callbacks suppressed
[  108.774891][ T7314] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1051'.
[  108.808651][ T7316] Driver unsupported XDP return value 0 on prog  (id 695) dev N/A, expect packet loss!
[  109.030656][ T7328] loop1: detected capacity change from 0 to 1024
[  109.044843][ T7328] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.095620][ T7332] netlink: 'syz.3.1055': attribute type 1 has an invalid length.
[  109.109257][ T7332] 8021q: adding VLAN 0 to HW filter on device bond5
[  109.132910][ T7335] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1056'.
[  109.227702][ T7341] loop4: detected capacity change from 0 to 512
[  109.247701][ T7341] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.260942][ T7341] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.264999][ T7346] loop3: detected capacity change from 0 to 512
[  109.278339][ T7341] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #2: comm syz.4.1059: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  109.299997][ T7341] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.1059: Directory hole found for htree leaf block 0
[  109.315553][ T7346] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.328639][ T7346] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.329590][ T5426] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.344264][ T7346] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.1060: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  109.364792][ T7346] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  109.375776][ T7346] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.1060: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  109.391592][ T7350] loop4: detected capacity change from 0 to 512
[  109.393127][ T7346] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  109.408486][ T7346] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1060: bg 0: block 18: invalid block bitmap
[  109.421516][ T7346] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.1060: Failed to acquire dquot type 1
[  109.434923][ T7350] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.447944][ T7350] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.460041][ T3267] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.480368][ T5426] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.487418][ T7355] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1062'.
[  109.521748][ T7359] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  109.528393][ T7359] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  109.536087][ T7359] vhci_hcd vhci_hcd.0: Device attached
[  109.542950][ T7360] usbip_core: unknown command
[  109.548426][ T7360] vhci_hcd: unknown pdu 0
[  109.552835][ T7360] usbip_core: unknown command
[  109.567498][ T2360] vhci_hcd: stop threads
[  109.571867][ T2360] vhci_hcd: release socket
[  109.576362][ T2360] vhci_hcd: disconnect device
[  109.595991][ T7371] netlink: 'syz.3.1066': attribute type 1 has an invalid length.
[  109.611906][ T7371] 8021q: adding VLAN 0 to HW filter on device bond6
[  109.631019][ T7374] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1068'.
[  109.643494][ T7376] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.654391][ T7376] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.668809][ T7378] loop2: detected capacity change from 0 to 128
[  109.700669][ T7383] loop3: detected capacity change from 0 to 512
[  109.727708][ T7383] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.740921][ T7383] ext4 filesystem being mounted at /239/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.755065][ T7383] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #2: comm syz.3.1071: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  109.762065][ T7391] loop2: detected capacity change from 0 to 512
[  109.783236][ T7383] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.1071: Directory hole found for htree leaf block 0
[  109.805779][ T3267] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.806178][ T7391] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.828005][ T7391] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.851514][ T7395] loop3: detected capacity change from 0 to 512
[  109.853886][ T7391] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.1073: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  109.886629][ T7391] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  109.887042][ T3258] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.904917][ T7391] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.1073: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  109.927170][ T7391] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  109.940367][ T7395] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.945586][ T7391] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1073: bg 0: block 18: invalid block bitmap
[  109.955824][ T7395] ext4 filesystem being mounted at /240/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  109.968044][ T7391] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.1073: Failed to acquire dquot type 1
[  109.989285][ T7399] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.000022][ T3267] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.056068][ T7399] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.069482][ T7401] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1075'.
[  110.080640][ T7408] SELinux:  Context system_u:object_r:ptchown_exec_t:s0 is not valid (left unmapped).
[  110.088839][ T7410] netlink: 'syz.3.1078': attribute type 1 has an invalid length.
[  110.110772][ T7399] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.121929][ T7412] netlink: 'syz.4.1079': attribute type 1 has an invalid length.
[  110.135882][ T7412] 8021q: adding VLAN 0 to HW filter on device bond1
[  110.144314][ T7410] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1078'.
[  110.153445][ T7410] bond7: entered allmulticast mode
[  110.162086][ T7410] bond7: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  110.162598][ T7418] bpf_get_probe_write_proto: 4 callbacks suppressed
[  110.162627][ T7418] syz.2.1080[7418] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  110.172557][ T7410] bond7: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  110.175197][ T7410] bond7: (slave ip6gre1): making interface the new active one
[  110.207177][ T7410] ip6gre1: entered allmulticast mode
[  110.212276][ T7418] syz.2.1080[7418] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  110.213756][ T7410] bond7: (slave ip6gre1): Enslaving as an active interface with an up link
[  110.235788][ T7399] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.282606][ T7423] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1081'.
[  110.334499][ T7433] loop3: detected capacity change from 0 to 1024
[  110.343341][ T7399] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.358814][ T7399] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.384747][ T7440] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1086'.
[  110.396412][ T7440] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1086'.
[  110.397568][ T7399] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.418761][ T7399] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.426911][ T7440] loop4: detected capacity change from 0 to 1024
[  110.427201][ T7428] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1084'.
[  110.443691][ T7440] EXT4-fs: Ignoring removed nomblk_io_submit option
[  110.504521][ T7452] syz.2.1090[7452] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  110.504584][ T7452] syz.2.1090[7452] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  110.517600][ T7453] loop4: detected capacity change from 0 to 512
[  110.567559][ T7453] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.579602][ T7457] netlink: 'syz.2.1092': attribute type 1 has an invalid length.
[  110.584824][ T7453] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #15: comm syz.4.1089: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  110.595937][ T7457] 8021q: adding VLAN 0 to HW filter on device bond1
[  110.604521][ T7453] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  110.613931][ T7461] netlink: 'syz.1.1093': attribute type 29 has an invalid length.
[  110.630101][ T7453] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #15: comm syz.4.1089: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  110.654912][ T7453] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  110.670338][ T7453] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1089: bg 0: block 18: invalid block bitmap
[  110.683674][ T7453] EXT4-fs error (device loop4): ext4_acquire_dquot:6848: comm syz.4.1089: Failed to acquire dquot type 1
[  110.689203][ T7467] syz.1.1095[7467] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  110.695602][ T7467] syz.1.1095[7467] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  110.755515][ T7471] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.780108][ T7473] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.837197][ T7471] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.877241][ T7473] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.906978][ T7471] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.936638][ T7473] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.957237][ T7471] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.986355][ T7473] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.071193][ T7473] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.082485][ T7473] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.094539][ T7473] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.106144][ T7473] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.376774][ T7493] loop3: detected capacity change from 0 to 2048
[  111.406683][ T7493] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  111.422548][ T7493] EXT4-fs (loop3): Delayed block allocation failed for inode 13 at logical offset 16 with max blocks 18 with error 28
[  111.435464][ T7493] EXT4-fs (loop3): This should not happen!! Data will be lost
[  111.435464][ T7493] 
[  111.436080][ T7499] netlink: 'syz.4.1104': attribute type 1 has an invalid length.
[  111.445414][ T7493] EXT4-fs (loop3): Total free blocks count 0
[  111.459508][ T7493] EXT4-fs (loop3): Free/Dirty block details
[  111.462955][ T7499] 8021q: adding VLAN 0 to HW filter on device bond2
[  111.465640][ T7493] EXT4-fs (loop3): free_blocks=2415919104
[  111.478207][ T7493] EXT4-fs (loop3): dirty_blocks=32
[  111.483459][ T7493] EXT4-fs (loop3): Block reservation details
[  111.489922][ T7493] EXT4-fs (loop3): i_reserved_data_blocks=2
[  111.585230][ T7273] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.845438][ T7273] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.948614][ T7273] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.043435][ T7273] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.077182][ T7273] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.114908][ T7273] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.147858][ T7273] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.335033][ T7506] syz.0.1106[7506] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  113.335143][ T7506] syz.0.1106[7506] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  113.347075][   T29] kauditd_printk_skb: 268 callbacks suppressed
[  113.347139][   T29] audit: type=1326 audit(1725229133.101:4104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7505 comm="syz.0.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  113.376126][ T7508] loop2: detected capacity change from 0 to 512
[  113.388446][   T29] audit: type=1326 audit(1725229133.101:4105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7505 comm="syz.0.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  113.418449][   T29] audit: type=1326 audit(1725229133.101:4106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7505 comm="syz.0.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  113.442137][   T29] audit: type=1326 audit(1725229133.101:4107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7505 comm="syz.0.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  113.466177][   T29] audit: type=1326 audit(1725229133.101:4108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7505 comm="syz.0.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  113.489993][   T29] audit: type=1326 audit(1725229133.111:4109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7505 comm="syz.0.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  113.500892][ T7508] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.513424][   T29] audit: type=1326 audit(1725229133.111:4110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7505 comm="syz.0.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  113.513460][   T29] audit: type=1326 audit(1725229133.161:4111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7505 comm="syz.0.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  113.535356][ T7508] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.1107: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  113.547832][   T29] audit: type=1326 audit(1725229133.181:4112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7505 comm="syz.0.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  113.583774][ T7508] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  113.587878][   T29] audit: type=1326 audit(1725229133.181:4113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7505 comm="syz.0.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  113.646725][ T7508] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.1107: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  113.671488][ T7516] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.671736][ T7508] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  113.701247][ T7508] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1107: bg 0: block 18: invalid block bitmap
[  113.712710][ T7521] loop3: detected capacity change from 0 to 1024
[  113.722861][ T7508] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.1107: Failed to acquire dquot type 1
[  113.751439][ T7516] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.797883][ T7516] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.815049][ T7529] __nla_validate_parse: 9 callbacks suppressed
[  113.815068][ T7529] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1111'.
[  113.824835][ T7534] loop2: detected capacity change from 0 to 512
[  113.846061][ T7534] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.889069][ T7516] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.902061][ T7540] FAULT_INJECTION: forcing a failure.
[  113.902061][ T7540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.915197][ T7540] CPU: 1 UID: 0 PID: 7540 Comm: syz.2.1115 Not tainted 6.11.0-rc6-syzkaller #0
[  113.924209][ T7540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  113.934304][ T7540] Call Trace:
[  113.937672][ T7540]  <TASK>
[  113.940624][ T7540]  dump_stack_lvl+0xf2/0x150
[  113.945287][ T7540]  dump_stack+0x15/0x20
[  113.949521][ T7540]  should_fail_ex+0x229/0x230
[  113.954217][ T7540]  should_fail+0xb/0x10
[  113.958410][ T7540]  should_fail_usercopy+0x1a/0x20
[  113.963468][ T7540]  _copy_from_user+0x1e/0xd0
[  113.968093][ T7540]  kstrtouint_from_user+0x76/0xe0
[  113.973153][ T7540]  proc_fail_nth_write+0x4f/0x160
[  113.978374][ T7540]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  113.984021][ T7540]  vfs_write+0x28b/0x900
[  113.988283][ T7540]  ? __fget_files+0x1da/0x210
[  113.993029][ T7540]  ksys_write+0xeb/0x1b0
[  113.997290][ T7540]  __x64_sys_write+0x42/0x50
[  114.001890][ T7540]  x64_sys_call+0x27dd/0x2d60
[  114.006622][ T7540]  do_syscall_64+0xc9/0x1c0
[  114.011151][ T7540]  ? clear_bhb_loop+0x55/0xb0
[  114.015852][ T7540]  ? clear_bhb_loop+0x55/0xb0
[  114.020548][ T7540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.026491][ T7540] RIP: 0033:0x7fb3cb1c899f
[  114.030917][ T7540] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  114.050604][ T7540] RSP: 002b:00007fb3c9e47030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  114.059083][ T7540] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb3cb1c899f
[  114.067623][ T7540] RDX: 0000000000000001 RSI: 00007fb3c9e470a0 RDI: 0000000000000007
[  114.075871][ T7540] RBP: 00007fb3c9e47090 R08: 0000000000000000 R09: 0000000000000000
[  114.083861][ T7540] R10: 0000000000000024 R11: 0000000000000293 R12: 0000000000000001
[  114.091837][ T7540] R13: 0000000000000000 R14: 00007fb3cb365f80 R15: 00007ffc73033a78
[  114.099882][ T7540]  </TASK>
[  114.230615][ T7554] netlink: 'syz.2.1118': attribute type 2 has an invalid length.
[  114.238461][ T7554] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1118'.
[  114.674240][ T7563] netlink: 'syz.3.1121': attribute type 1 has an invalid length.
[  114.713688][ T7566] syz.0.1122[7566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.713754][ T7566] syz.0.1122[7566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.714061][ T7563] 8021q: adding VLAN 0 to HW filter on device bond8
[  114.862103][ T7575] loop0: detected capacity change from 0 to 512
[  114.887289][ T7575] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.953066][ T7579] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1124'.
[  115.326184][ T7595] loop2: detected capacity change from 0 to 512
[  115.346075][ T7595] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.357331][ T7595] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.1131: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  115.374595][ T7595] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  115.383956][ T7595] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #15: comm syz.2.1131: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  115.400670][ T7595] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  115.410430][ T7595] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1131: bg 0: block 18: invalid block bitmap
[  115.424256][ T7595] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.1131: Failed to acquire dquot type 1
[  115.482700][ T7601] loop2: detected capacity change from 0 to 2048
[  115.525780][ T7605] bpf_get_probe_write_proto: 2 callbacks suppressed
[  115.525799][ T7605] syz.0.1133[7605] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.532608][ T7605] syz.0.1133[7605] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.569813][ T7601] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1132'.
[  115.571467][ T7608] loop0: detected capacity change from 0 to 512
[  115.597324][ T7608] ext4: Unknown parameter 'permit_directio'
[  115.608033][ T7608] syz.0.1134[7608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.608147][ T7608] syz.0.1134[7608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.658945][   T36] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  115.685487][   T36] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  115.685518][   T36] EXT4-fs (loop2): This should not happen!! Data will be lost
[  115.685518][   T36] 
[  115.685610][   T36] EXT4-fs (loop2): Total free blocks count 0
[  115.685626][   T36] EXT4-fs (loop2): Free/Dirty block details
[  115.685639][   T36] EXT4-fs (loop2): free_blocks=2415919104
[  115.685662][   T36] EXT4-fs (loop2): dirty_blocks=16
[  115.685676][   T36] EXT4-fs (loop2): Block reservation details
[  115.685688][   T36] EXT4-fs (loop2): i_reserved_data_blocks=1
[  115.686083][   T36] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28
[  115.686112][   T36] EXT4-fs (loop2): This should not happen!! Data will be lost
[  115.686112][   T36] 
[  115.758870][ T7616] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1137'.
[  115.767338][ T7614] netlink: 'syz.2.1135': attribute type 1 has an invalid length.
[  115.820131][ T7614] 8021q: adding VLAN 0 to HW filter on device bond2
[  115.831659][ T7620] serio: Serial port ptm1
[  115.859755][ T7622] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  115.866297][ T7622] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  115.873984][ T7622] vhci_hcd vhci_hcd.0: Device attached
[  115.880330][ T7623] usbip_core: unknown command
[  115.885365][ T7623] vhci_hcd: unknown pdu 0
[  115.889894][ T7623] usbip_core: unknown command
[  115.892754][ T7620] loop3: detected capacity change from 0 to 512
[  115.897276][   T11] vhci_hcd: stop threads
[  115.905423][   T11] vhci_hcd: release socket
[  115.909943][   T11] vhci_hcd: disconnect device
[  115.916350][ T7620] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  115.929286][ T7620] EXT4-fs (loop3): 1 orphan inode deleted
[  115.935153][ T7620] EXT4-fs (loop3): 1 truncate cleaned up
[  115.985405][ T7630] loop3: detected capacity change from 0 to 1024
[  116.391507][ T7471] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.403963][ T7471] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.415900][ T7471] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.433091][ T7634] loop0: detected capacity change from 0 to 1024
[  116.441194][ T7471] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.487289][ T7639] syz.1.1144[7639] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  116.487457][ T7639] syz.1.1144[7639] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  116.495681][ T7636] loop2: detected capacity change from 0 to 8192
[  116.559457][ T6436] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF
[  116.568054][ T6436] FAT-fs (loop2): Filesystem has been set read-only
[  116.576188][ T7644] FAULT_INJECTION: forcing a failure.
[  116.576188][ T7644] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.577530][ T6436] VFS: Lookup of 'file0' in vfat loop2 would have caused loop
[  116.589399][ T7644] CPU: 1 UID: 0 PID: 7644 Comm: syz.1.1146 Not tainted 6.11.0-rc6-syzkaller #0
[  116.597138][ T6436] VFS: Lookup of 'file0' in vfat loop2 would have caused loop
[  116.605864][ T7644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  116.605884][ T7644] Call Trace:
[  116.605893][ T7644]  <TASK>
[  116.605903][ T7644]  dump_stack_lvl+0xf2/0x150
[  116.634947][ T7644]  dump_stack+0x15/0x20
[  116.639136][ T7644]  should_fail_ex+0x229/0x230
[  116.644249][ T7644]  should_fail+0xb/0x10
[  116.648469][ T7644]  should_fail_usercopy+0x1a/0x20
[  116.653512][ T7644]  _copy_to_user+0x1e/0xa0
[  116.658114][ T7644]  simple_read_from_buffer+0xa0/0x110
[  116.663529][ T7644]  proc_fail_nth_read+0xff/0x140
[  116.668571][ T7644]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  116.674218][ T7644]  vfs_read+0x1a2/0x6e0
[  116.678386][ T7644]  ? __rcu_read_unlock+0x4e/0x70
[  116.683369][ T7644]  ? __fget_files+0x1da/0x210
[  116.688081][ T7644]  ksys_read+0xeb/0x1b0
[  116.692565][ T7644]  __x64_sys_read+0x42/0x50
[  116.697077][ T7644]  x64_sys_call+0x27d3/0x2d60
[  116.701985][ T7644]  do_syscall_64+0xc9/0x1c0
[  116.706551][ T7644]  ? clear_bhb_loop+0x55/0xb0
[  116.711314][ T7644]  ? clear_bhb_loop+0x55/0xb0
[  116.716159][ T7644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.722128][ T7644] RIP: 0033:0x7f49988d88fc
[  116.726584][ T7644] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  116.746299][ T7644] RSP: 002b:00007f4997557030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  116.754724][ T7644] RAX: ffffffffffffffda RBX: 00007f4998a75f80 RCX: 00007f49988d88fc
[  116.762828][ T7644] RDX: 000000000000000f RSI: 00007f49975570a0 RDI: 0000000000000007
[  116.770807][ T7644] RBP: 00007f4997557090 R08: 0000000000000000 R09: 0000000000000000
[  116.779301][ T7644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  116.787699][ T7644] R13: 0000000000000000 R14: 00007f4998a75f80 R15: 00007fff1bbe17e8
[  116.795679][ T7644]  </TASK>
[  117.127002][ T7669] loop1: detected capacity change from 0 to 1024
[  117.133778][ T7669] EXT4-fs: Ignoring removed oldalloc option
[  117.179780][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.218464][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.230767][ T7683] FAULT_INJECTION: forcing a failure.
[  117.230767][ T7683] name failslab, interval 1, probability 0, space 0, times 0
[  117.243463][ T7683] CPU: 1 UID: 0 PID: 7683 Comm: syz.1.1158 Not tainted 6.11.0-rc6-syzkaller #0
[  117.252415][ T7683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  117.262675][ T7683] Call Trace:
[  117.266171][ T7683]  <TASK>
[  117.269166][ T7683]  dump_stack_lvl+0xf2/0x150
[  117.273770][ T7683]  dump_stack+0x15/0x20
[  117.277941][ T7683]  should_fail_ex+0x229/0x230
[  117.282642][ T7683]  ? audit_log_d_path+0x96/0x250
[  117.287616][ T7683]  should_failslab+0x8f/0xb0
[  117.292225][ T7683]  __kmalloc_cache_noprof+0x4b/0x2a0
[  117.297632][ T7683]  audit_log_d_path+0x96/0x250
[  117.302572][ T7683]  ? get_file_rcu+0xf4/0x110
[  117.307317][ T7683]  ? __rcu_read_unlock+0x4e/0x70
[  117.312335][ T7683]  audit_log_d_path_exe+0x45/0x80
[  117.317416][ T7683]  audit_log_task+0x155/0x180
[  117.322107][ T7683]  audit_seccomp+0x68/0x130
[  117.326618][ T7683]  __seccomp_filter+0x6fa/0x1180
[  117.331572][ T7683]  ? __fdget+0x105/0x110
[  117.335838][ T7683]  ? do_mq_timedsend+0x950/0xa10
[  117.340802][ T7683]  __secure_computing+0x9f/0x1c0
[  117.345816][ T7683]  syscall_trace_enter+0xd1/0x1f0
[  117.350980][ T7683]  ? fpregs_assert_state_consistent+0x83/0xa0
[  117.357140][ T7683]  do_syscall_64+0xaa/0x1c0
[  117.361652][ T7683]  ? clear_bhb_loop+0x55/0xb0
[  117.366546][ T7683]  ? clear_bhb_loop+0x55/0xb0
[  117.371446][ T7683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.377409][ T7683] RIP: 0033:0x7f49988d88fc
[  117.381861][ T7683] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  117.401646][ T7683] RSP: 002b:00007f4997557030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  117.410075][ T7683] RAX: ffffffffffffffda RBX: 00007f4998a75f80 RCX: 00007f49988d88fc
[  117.418184][ T7683] RDX: 000000000000000f RSI: 00007f49975570a0 RDI: 0000000000000007
[  117.426247][ T7683] RBP: 00007f4997557090 R08: 0000000000000000 R09: 0000000000000000
[  117.434305][ T7683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  117.442369][ T7683] R13: 0000000000000000 R14: 00007f4998a75f80 R15: 00007fff1bbe17e8
[  117.450520][ T7683]  </TASK>
[  117.499555][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.512841][ T7687] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7687 comm=syz.0.1159
[  117.539294][ T7516] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.558910][ T7516] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.582596][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.608136][ T7692] loop0: detected capacity change from 0 to 512
[  117.617468][ T7516] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.638992][ T7692] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.640581][ T7516] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.692544][ T7692] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #2: comm syz.0.1162: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  117.720753][ T7692] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.1162: Directory hole found for htree leaf block 0
[  117.741625][ T7698] block device autoloading is deprecated and will be removed.
[  117.750667][ T7698] syz.4.1163: attempt to access beyond end of device
[  117.750667][ T7698] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  117.774713][   T36] bridge_slave_1: left allmulticast mode
[  117.780634][   T36] bridge_slave_1: left promiscuous mode
[  117.786677][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.822836][   T36] bridge_slave_0: left allmulticast mode
[  117.828648][   T36] bridge_slave_0: left promiscuous mode
[  117.834332][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.882433][ T7706] syz.1.1165[7706] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  117.882542][ T7706] syz.1.1165[7706] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  117.904533][ T7710] No control pipe specified
[  117.921765][ T7704] loop3: detected capacity change from 0 to 2048
[  117.956620][ T7710] loop0: detected capacity change from 0 to 1024
[  117.965241][ T7710] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  117.987960][ T7714] loop1: detected capacity change from 0 to 512
[  118.007898][ T7714] ext4 filesystem being mounted at /215/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.026236][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.058631][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.092528][   T36] bond0 (unregistering): Released all slaves
[  118.125428][   T36] bond1 (unregistering): Released all slaves
[  118.150846][   T36] bond2 (unregistering): Released all slaves
[  118.162517][ T7670] chnl_net:caif_netlink_parms(): no params data found
[  118.176207][ T7712] netlink: 'syz.4.1168': attribute type 1 has an invalid length.
[  118.226331][ T7712] 8021q: adding VLAN 0 to HW filter on device bond3
[  118.236069][ T7727] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1169'.
[  118.275940][ T7720] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1168'.
[  118.313617][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.321129][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.333578][ T7727] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.1169: Directory hole found for htree leaf block 0
[  118.370291][   T29] kauditd_printk_skb: 281 callbacks suppressed
[  118.370309][   T29] audit: type=1400 audit(1725229138.131:4389): avc:  denied  { bind } for  pid=7740 comm="syz.4.1171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  118.377984][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.403457][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.457747][   T36] veth1_macvtap: left promiscuous mode
[  118.463264][   T36] veth0_macvtap: left promiscuous mode
[  118.469053][   T36] veth1_vlan: left promiscuous mode
[  118.474649][   T36] veth0_vlan: left promiscuous mode
[  118.795506][   T36] team0 (unregistering): Port device team_slave_1 removed
[  118.821211][   T36] team0 (unregistering): Port device team_slave_0 removed
[  118.914111][ T7746] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.934161][ T7752] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1172'.
[  118.961669][ T7754] loop0: detected capacity change from 0 to 512
[  118.987691][ T7746] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.009404][ T7754] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.039660][ T7754] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #15: comm syz.0.1173: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  119.105314][ T7754] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[  119.115749][ T7746] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.139988][ T7754] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #15: comm syz.0.1173: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  119.173282][ T7670] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.180720][ T7670] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.188310][ T7773] netlink: 'syz.3.1175': attribute type 2 has an invalid length.
[  119.192597][ T7670] bridge_slave_0: entered allmulticast mode
[  119.196277][ T7773] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1175'.
[  119.210125][ T7754] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[  119.214606][ T7670] bridge_slave_0: entered promiscuous mode
[  119.230805][ T7746] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.243353][ T7670] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.250616][ T7670] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.273348][ T7754] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1173: bg 0: block 18: invalid block bitmap
[  119.288744][ T7670] bridge_slave_1: entered allmulticast mode
[  119.296048][ T7754] Quota error (device loop0): write_blk: dquota write failed
[  119.302915][ T7784] loop1: detected capacity change from 0 to 1024
[  119.303518][ T7754] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  119.312348][ T7670] bridge_slave_1: entered promiscuous mode
[  119.320439][ T7754] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.1173: Failed to acquire dquot type 1
[  119.342793][   T29] audit: type=1326 audit(1725229139.101:4390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7783 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49988d9eb9 code=0x7ffc0000
[  119.367158][   T29] audit: type=1326 audit(1725229139.111:4391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7783 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f49988d9eb9 code=0x7ffc0000
[  119.391436][   T29] audit: type=1326 audit(1725229139.111:4392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7783 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49988d9eb9 code=0x7ffc0000
[  119.415271][   T29] audit: type=1326 audit(1725229139.121:4393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7783 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49988d9eb9 code=0x7ffc0000
[  119.438988][   T29] audit: type=1326 audit(1725229139.121:4394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7783 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49988d9eb9 code=0x7ffc0000
[  119.463421][   T29] audit: type=1326 audit(1725229139.121:4395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7783 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49988d9eb9 code=0x7ffc0000
[  119.487177][   T29] audit: type=1326 audit(1725229139.121:4396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7783 comm="syz.1.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f49988d9eb9 code=0x7ffc0000
[  119.521958][ T7670] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  119.537305][ T7670] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  119.569807][ T7790] loop0: detected capacity change from 0 to 1024
[  119.572849][ T7670] team0: Port device team_slave_0 added
[  119.611344][ T7670] team0: Port device team_slave_1 added
[  119.636179][ T7670] batman_adv: batadv0: Adding interface: batadv_slave_0
[  119.643267][ T7670] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.669341][ T7670] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  119.676321][ T7796] loop3: detected capacity change from 0 to 1024
[  119.681125][ T7670] batman_adv: batadv0: Adding interface: batadv_slave_1
[  119.693323][ T7670] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.718524][ T7803] FAULT_INJECTION: forcing a failure.
[  119.718524][ T7803] name failslab, interval 1, probability 0, space 0, times 0
[  119.719777][ T7670] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  119.732623][ T7803] CPU: 0 UID: 0 PID: 7803 Comm: syz.0.1178 Not tainted 6.11.0-rc6-syzkaller #0
[  119.752535][ T7803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  119.763506][ T7803] Call Trace:
[  119.766860][ T7803]  <TASK>
[  119.769893][ T7803]  dump_stack_lvl+0xf2/0x150
[  119.774636][ T7803]  dump_stack+0x15/0x20
[  119.779050][ T7803]  should_fail_ex+0x229/0x230
[  119.783778][ T7803]  ? ext4_read_inline_dir+0x114/0x750
[  119.789173][ T7803]  should_failslab+0x8f/0xb0
[  119.793810][ T7803]  __kmalloc_noprof+0xa5/0x370
[  119.798601][ T7803]  ext4_read_inline_dir+0x114/0x750
[  119.803842][ T7803]  ? _parse_integer+0x27/0x30
[  119.808598][ T7803]  ext4_readdir+0x21a/0x1ac0
[  119.813507][ T7803]  ? kstrtouint_from_user+0xb0/0xe0
[  119.818831][ T7803]  ? __rcu_read_unlock+0x4e/0x70
[  119.823827][ T7803]  ? get_pid_task+0x8e/0xc0
[  119.828346][ T7803]  ? proc_fail_nth_write+0x130/0x160
[  119.833635][ T7803]  ? down_read_killable+0x172/0x6b0
[  119.838870][ T7803]  ? selinux_file_permission+0x22c/0x360
[  119.844583][ T7803]  iterate_dir+0x12c/0x330
[  119.849019][ T7803]  __se_sys_getdents+0x88/0x1a0
[  119.853933][ T7803]  ? __pfx_filldir+0x10/0x10
[  119.858561][ T7803]  __x64_sys_getdents+0x43/0x50
[  119.863443][ T7803]  x64_sys_call+0x2bbb/0x2d60
[  119.868140][ T7803]  do_syscall_64+0xc9/0x1c0
[  119.872943][ T7803]  ? clear_bhb_loop+0x55/0xb0
[  119.877628][ T7803]  ? clear_bhb_loop+0x55/0xb0
[  119.882377][ T7803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.888460][ T7803] RIP: 0033:0x7f751c509eb9
[  119.892968][ T7803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.913145][ T7803] RSP: 002b:00007f751b166038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  119.921852][ T7803] RAX: ffffffffffffffda RBX: 00007f751c6a6058 RCX: 00007f751c509eb9
[  119.929883][ T7803] RDX: 000000000000002d RSI: 0000000020000580 RDI: 0000000000000004
[  119.938173][ T7803] RBP: 00007f751b166090 R08: 0000000000000000 R09: 0000000000000000
[  119.946248][ T7803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.954388][ T7803] R13: 0000000000000000 R14: 00007f751c6a6058 R15: 00007ffc7b6d9678
[  119.962388][ T7803]  </TASK>
[  119.997695][ T7670] hsr_slave_0: entered promiscuous mode
[  120.004913][ T7670] hsr_slave_1: entered promiscuous mode
[  120.011054][ T7670] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  120.019559][ T7670] Cannot create hsr debugfs directory
[  120.164407][ T7827] netlink: 'syz.1.1180': attribute type 1 has an invalid length.
[  120.179073][ T7827] 8021q: adding VLAN 0 to HW filter on device bond1
[  120.190164][ T7827] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1180'.
[  120.222023][ T7830] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  120.228657][ T7830] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  120.236311][ T7830] vhci_hcd vhci_hcd.0: Device attached
[  120.242787][ T7831] usbip_core: unknown command
[  120.247551][ T7831] vhci_hcd: unknown pdu 0
[  120.251972][ T7831] usbip_core: unknown command
[  120.260479][ T3271] vhci_hcd: stop threads
[  120.264972][ T3271] vhci_hcd: release socket
[  120.269497][ T3271] vhci_hcd: disconnect device
[  120.364201][ T7670] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  120.373212][ T7670] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  120.382190][ T7670] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  120.391287][ T7670] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  120.472254][ T7670] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.501628][ T7670] 8021q: adding VLAN 0 to HW filter on device team0
[  120.517261][ T3358] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.524562][ T3358] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.551803][ T3358] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.559224][ T3358] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.583108][ T7670] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  120.593563][ T7670] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  120.654911][ T7876] hsr_slave_0: left promiscuous mode
[  120.660907][ T7876] hsr_slave_1: left promiscuous mode
[  120.733980][ T7670] 8021q: adding VLAN 0 to HW filter on device batadv0
[  120.823460][ T7894] loop0: detected capacity change from 0 to 2048
[  120.906520][ T7670] veth0_vlan: entered promiscuous mode
[  120.928918][ T7670] veth1_vlan: entered promiscuous mode
[  120.982168][ T7670] veth0_macvtap: entered promiscuous mode
[  120.988636][ T7894] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1189'.
[  120.991324][ T7670] veth1_macvtap: entered promiscuous mode
[  121.011004][ T7670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.021672][ T7670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.031821][ T7670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.042388][ T7670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.052458][ T7670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.062960][ T7670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.072818][ T7670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.083569][ T7670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.126885][ T7670] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.136560][ T7670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.148570][ T7670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.158447][ T7670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.168929][ T7670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.178951][ T7670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.189620][ T7670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.200099][ T7670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.210941][ T7670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.222734][ T7670] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.255255][ T7670] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.264553][ T7670] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.274121][ T7670] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.282157][ T7951] loop0: detected capacity change from 0 to 1024
[  121.282860][ T7670] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.299880][ T7953] FAULT_INJECTION: forcing a failure.
[  121.299880][ T7953] name failslab, interval 1, probability 0, space 0, times 0
[  121.313043][ T7953] CPU: 1 UID: 0 PID: 7953 Comm: syz.1.1197 Not tainted 6.11.0-rc6-syzkaller #0
[  121.322013][ T7953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  121.332368][ T7953] Call Trace:
[  121.335730][ T7953]  <TASK>
[  121.338688][ T7953]  dump_stack_lvl+0xf2/0x150
[  121.343481][ T7953]  dump_stack+0x15/0x20
[  121.347669][ T7953]  should_fail_ex+0x229/0x230
[  121.352391][ T7953]  ? getname_flags+0x81/0x3b0
[  121.357146][ T7953]  should_failslab+0x8f/0xb0
[  121.361844][ T7953]  kmem_cache_alloc_noprof+0x4c/0x290
[  121.367312][ T7953]  getname_flags+0x81/0x3b0
[  121.371866][ T7953]  __se_sys_statx+0x111/0x1e0
[  121.376578][ T7953]  ? __rcu_read_unlock+0x4e/0x70
[  121.381556][ T7953]  ? bpf_trace_run2+0x123/0x1d0
[  121.386444][ T7953]  ? __bpf_trace_sys_enter+0x9/0x10
[  121.391751][ T7953]  __x64_sys_statx+0x67/0x80
[  121.396393][ T7953]  x64_sys_call+0x298b/0x2d60
[  121.401183][ T7953]  do_syscall_64+0xc9/0x1c0
[  121.405765][ T7953]  ? clear_bhb_loop+0x55/0xb0
[  121.410508][ T7953]  ? clear_bhb_loop+0x55/0xb0
[  121.415283][ T7953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.421309][ T7953] RIP: 0033:0x7f49988d9eb9
[  121.425744][ T7953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.445423][ T7953] RSP: 002b:00007f4997557038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c
[  121.454165][ T7953] RAX: ffffffffffffffda RBX: 00007f4998a75f80 RCX: 00007f49988d9eb9
[  121.462182][ T7953] RDX: 0000000000001000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  121.470257][ T7953] RBP: 00007f4997557090 R08: 0000000000000000 R09: 0000000000000000
[  121.478284][ T7953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.486318][ T7953] R13: 0000000000000000 R14: 00007f4998a75f80 R15: 00007fff1bbe17e8
[  121.494328][ T7953]  </TASK>
[  121.541045][ T7967] loop1: detected capacity change from 0 to 512
[  121.551557][ T7968] loop3: detected capacity change from 0 to 512
[  121.580498][ T7967] ext4 filesystem being mounted at /227/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.601852][ T7968] ext4 filesystem being mounted at /267/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.622122][ T7967] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #2: comm syz.1.1198: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  121.652044][ T7975] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1154'.
[  121.661246][ T7975] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1154'.
[  121.671046][ T7967] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.1198: Directory hole found for htree leaf block 0
[  121.674408][ T7975] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  121.698083][ T7977] netlink: 'syz.0.1200': attribute type 2 has an invalid length.
[  121.706182][ T7977] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1200'.
[  121.712911][ T7975] bond1: entered allmulticast mode
[  121.721434][ T7975] 8021q: adding VLAN 0 to HW filter on device bond1
[  121.731328][ T7980] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1154'.
[  121.750738][ T7984] FAULT_INJECTION: forcing a failure.
[  121.750738][ T7984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.764568][ T7984] CPU: 0 UID: 0 PID: 7984 Comm: syz.3.1201 Not tainted 6.11.0-rc6-syzkaller #0
[  121.773776][ T7984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  121.783950][ T7984] Call Trace:
[  121.787265][ T7984]  <TASK>
[  121.790294][ T7984]  dump_stack_lvl+0xf2/0x150
[  121.795253][ T7984]  dump_stack+0x15/0x20
[  121.799515][ T7984]  should_fail_ex+0x229/0x230
[  121.804237][ T7984]  should_fail+0xb/0x10
[  121.809034][ T7984]  should_fail_usercopy+0x1a/0x20
[  121.814624][ T7984]  _copy_from_user+0x1e/0xd0
[  121.819592][ T7984]  copy_msghdr_from_user+0x54/0x2a0
[  121.825552][ T7984]  __sys_sendmsg+0x17d/0x280
[  121.830450][ T7984]  __x64_sys_sendmsg+0x46/0x50
[  121.835478][ T7984]  x64_sys_call+0x2689/0x2d60
[  121.840354][ T7984]  do_syscall_64+0xc9/0x1c0
[  121.844929][ T7984]  ? clear_bhb_loop+0x55/0xb0
[  121.850122][ T7984]  ? clear_bhb_loop+0x55/0xb0
[  121.855351][ T7984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.861445][ T7984] RIP: 0033:0x7f8491fc9eb9
[  121.865879][ T7984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.885959][ T7984] RSP: 002b:00007f8490c47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  121.894420][ T7984] RAX: ffffffffffffffda RBX: 00007f8492165f80 RCX: 00007f8491fc9eb9
[  121.902864][ T7984] RDX: 000000000000ff4c RSI: 0000000020000000 RDI: 0000000000000005
[  121.911089][ T7984] RBP: 00007f8490c47090 R08: 0000000000000000 R09: 0000000000000000
[  121.919159][ T7984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.927139][ T7984] R13: 0000000000000000 R14: 00007f8492165f80 R15: 00007ffe22f2be68
[  121.935323][ T7984]  </TASK>
[  122.013633][ T7994] loop3: detected capacity change from 0 to 2048
[  122.198317][ T7994] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1206'.
[  122.246486][ T8008] loop2: detected capacity change from 0 to 1024
[  122.290773][ T7998] loop1: detected capacity change from 0 to 512
[  122.378653][ T7998] ext4 filesystem being mounted at /230/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.527558][ T7998] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz.1.1208: path /230/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  122.561623][ T7998] EXT4-fs (loop1): Remounting filesystem read-only
[  122.637364][ T8017] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1211'.
[  122.861503][ T8025] loop2: detected capacity change from 0 to 1024
[  122.887568][ T8025] EXT4-fs: Ignoring removed nomblk_io_submit option
[  122.894353][ T8025] EXT4-fs: Ignoring removed i_version option
[  122.900630][ T8025] EXT4-fs: Ignoring removed nobh option
[  122.924845][ T8025] ext4: Unknown parameter 'appraise_type'
[  123.054510][ T8036] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  123.061097][ T8036] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  123.068880][ T8036] vhci_hcd vhci_hcd.0: Device attached
[  123.076003][ T8037] usbip_core: unknown command
[  123.080917][ T8037] vhci_hcd: unknown pdu 0
[  123.085527][ T8037] usbip_core: unknown command
[  123.088191][ T8036] syz.0.1217[8036] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.090393][ T8036] syz.0.1217[8036] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.093456][ T3271] vhci_hcd: stop threads
[  123.118167][ T3271] vhci_hcd: release socket
[  123.122702][ T3271] vhci_hcd: disconnect device
[  123.385978][   T29] kauditd_printk_skb: 151 callbacks suppressed
[  123.385996][   T29] audit: type=1400 audit(1725229201.150:4548): avc:  denied  { mount } for  pid=8053 comm="syz.1.1223" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  123.423780][   T29] audit: type=1400 audit(1725229201.180:4549): avc:  denied  { mounton } for  pid=8053 comm="syz.1.1223" path="/234/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  123.517455][   T29] audit: type=1326 audit(1725229201.280:4550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8059 comm="syz.3.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8491fc9eb9 code=0x7ffc0000
[  123.541628][   T29] audit: type=1326 audit(1725229201.280:4551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8059 comm="syz.3.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8491fc9eb9 code=0x7ffc0000
[  123.565629][   T29] audit: type=1326 audit(1725229201.280:4552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8059 comm="syz.3.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f8491fc9eb9 code=0x7ffc0000
[  123.589239][   T29] audit: type=1326 audit(1725229201.280:4553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8059 comm="syz.3.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8491fc9eb9 code=0x7ffc0000
[  123.612792][   T29] audit: type=1326 audit(1725229201.280:4554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8059 comm="syz.3.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8491fc9eb9 code=0x7ffc0000
[  123.636615][   T29] audit: type=1326 audit(1725229201.280:4555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8059 comm="syz.3.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8491fc9eb9 code=0x7ffc0000
[  123.660477][   T29] audit: type=1326 audit(1725229201.280:4556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8059 comm="syz.3.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8491fc9eb9 code=0x7ffc0000
[  123.669102][ T8064] FAULT_INJECTION: forcing a failure.
[  123.669102][ T8064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.683981][   T29] audit: type=1326 audit(1725229201.280:4557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8059 comm="syz.3.1224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f8491fc9eb9 code=0x7ffc0000
[  123.720866][ T8064] CPU: 1 UID: 0 PID: 8064 Comm: syz.2.1226 Not tainted 6.11.0-rc6-syzkaller #0
[  123.726870][ T8062] loop3: detected capacity change from 0 to 512
[  123.730166][ T8064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  123.746579][ T8064] Call Trace:
[  123.750258][ T8064]  <TASK>
[  123.753284][ T8064]  dump_stack_lvl+0xf2/0x150
[  123.757893][ T8064]  dump_stack+0x15/0x20
[  123.762097][ T8064]  should_fail_ex+0x229/0x230
[  123.766875][ T8064]  should_fail+0xb/0x10
[  123.771041][ T8064]  should_fail_usercopy+0x1a/0x20
[  123.776150][ T8064]  _copy_to_user+0x1e/0xa0
[  123.780592][ T8064]  simple_read_from_buffer+0xa0/0x110
[  123.786032][ T8064]  proc_fail_nth_read+0xff/0x140
[  123.791054][ T8064]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.796609][ T8064]  vfs_read+0x1a2/0x6e0
[  123.800833][ T8064]  ? __rcu_read_unlock+0x4e/0x70
[  123.805872][ T8064]  ? __fget_files+0x1da/0x210
[  123.810681][ T8064]  ksys_read+0xeb/0x1b0
[  123.814949][ T8064]  __x64_sys_read+0x42/0x50
[  123.819821][ T8064]  x64_sys_call+0x27d3/0x2d60
[  123.824641][ T8064]  do_syscall_64+0xc9/0x1c0
[  123.829182][ T8064]  ? clear_bhb_loop+0x55/0xb0
[  123.833958][ T8064]  ? clear_bhb_loop+0x55/0xb0
[  123.838737][ T8064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.844915][ T8064] RIP: 0033:0x7fd6145588fc
[  123.849510][ T8064] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  123.869253][ T8064] RSP: 002b:00007fd6131d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  123.877926][ T8064] RAX: ffffffffffffffda RBX: 00007fd6146f5f80 RCX: 00007fd6145588fc
[  123.886595][ T8064] RDX: 000000000000000f RSI: 00007fd6131d70a0 RDI: 0000000000000003
[  123.894585][ T8064] RBP: 00007fd6131d7090 R08: 0000000000000000 R09: 0000000000000000
[  123.902584][ T8064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.910617][ T8064] R13: 0000000000000000 R14: 00007fd6146f5f80 R15: 00007ffda62250e8
[  123.918607][ T8064]  </TASK>
[  123.941682][ T8062] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.957580][ T8062] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #2: comm syz.3.1225: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  123.977929][ T8062] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.1225: Directory hole found for htree leaf block 0
[  123.988235][ T8074] netlink: 'syz.2.1230': attribute type 2 has an invalid length.
[  123.998851][ T8074] __nla_validate_parse: 2 callbacks suppressed
[  123.998865][ T8074] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1230'.
[  124.080617][ T8083] No control pipe specified
[  124.099767][ T8083] loop2: detected capacity change from 0 to 1024
[  124.110075][ T8083] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  124.267068][ T8088] No control pipe specified
[  124.283604][ T8088] loop1: detected capacity change from 0 to 1024
[  124.295959][ T8088] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  124.594447][ T8095] loop0: detected capacity change from 0 to 2048
[  124.611314][ T8095] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  124.680215][ T7746] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.706730][ T7746] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.718705][ T7746] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.730511][ T7746] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.740097][ T8095] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1236'.
[  124.868214][ T8102] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  124.875134][ T8102] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  124.882829][ T8102] vhci_hcd vhci_hcd.0: Device attached
[  124.885456][ T8100] loop4: detected capacity change from 0 to 8192
[  124.902816][ T8103] usbip_core: unknown command
[  124.904060][ T8102] syz.0.1238[8102] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.907756][ T8103] vhci_hcd: unknown pdu 0
[  124.908073][ T8102] syz.0.1238[8102] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.919090][ T8103] usbip_core: unknown command
[  124.959081][ T3292] vhci_hcd: stop threads
[  124.963390][ T3292] vhci_hcd: release socket
[  124.968052][ T3292] vhci_hcd: disconnect device
[  124.973081][ T8100]  loop4: p1 p2 p4 < >
[  124.977444][ T8100] loop4: partition table partially beyond EOD, truncated
[  124.985550][ T8100] loop4: p1 size 108986237 extends beyond EOD, truncated
[  124.994689][ T8100] loop4: p2 start 65535 is beyond EOD, truncated
[  125.001180][ T8100] loop4: p4 start 50331648 is beyond EOD, truncated
[  125.022339][ T8106] syz.2.1239[8106] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.022460][ T8106] syz.2.1239[8106] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.103531][ T8112] loop2: detected capacity change from 0 to 512
[  125.147628][ T8112] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.159337][ T8114] netlink: 'syz.4.1243': attribute type 2 has an invalid length.
[  125.167220][ T8114] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1243'.
[  125.177733][ T8112] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #2: comm syz.2.1242: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  125.198578][ T8112] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.1242: Directory hole found for htree leaf block 0
[  125.240926][ T8122] loop1: detected capacity change from 0 to 512
[  125.248023][ T8122] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  125.258545][ T8122] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #2: comm syz.1.1245: pblk 0 bad header/extent: invalid magic - magic d, entries 0, max 0(0), depth 0(0)
[  125.276619][ T8122] EXT4-fs (loop1): get root inode failed
[  125.282419][ T8122] EXT4-fs (loop1): mount failed
[  125.288785][ T8125] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.335542][ T8129] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.342852][ T8129] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.351406][ T8129] bridge0: entered allmulticast mode
[  125.375493][ T8125] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.386343][ T8130] atomic_op ffff888113cb1928 conn xmit_atomic 0000000000000000
[  125.398770][ T8131] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1247'.
[  125.436630][ T8125] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.477017][ T8125] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.501112][ T8144] syz.0.1252[8144] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.501298][ T8144] syz.0.1252[8144] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.529703][ T8142] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  125.559669][ T8142] SELinux: failed to load policy
[  125.667120][ T8152] loop3: detected capacity change from 0 to 512
[  125.709278][ T8152] ext4 filesystem being mounted at /277/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.727194][ T8158] loop0: detected capacity change from 0 to 512
[  125.757074][ T8161] vhci_hcd: invalid port number 0
[  125.767815][ T8163] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  125.774359][ T8163] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  125.782046][ T8163] vhci_hcd vhci_hcd.0: Device attached
[  125.791098][ T8166] usbip_core: unknown command
[  125.795828][ T8166] vhci_hcd: unknown pdu 0
[  125.800219][ T8166] usbip_core: unknown command
[  125.807582][ T8158] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.807859][ T3292] vhci_hcd: stop threads
[  125.822451][ T3292] vhci_hcd: release socket
[  125.826930][ T3292] vhci_hcd: disconnect device
[  125.832619][ T8158] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #2: comm syz.0.1257: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  125.857106][ T8158] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.1257: Directory hole found for htree leaf block 0
[  125.896101][ T8176] syz.1.1264[8176] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.896207][ T8176] syz.1.1264[8176] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.924922][ T8178] netlink: 'syz.1.1265': attribute type 1 has an invalid length.
[  125.948921][ T8182] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1266'.
[  125.959314][ T8181] loop0: detected capacity change from 0 to 512
[  125.971494][ T8178] 8021q: adding VLAN 0 to HW filter on device bond2
[  125.983596][ T8184] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1265'.
[  126.008604][ T8181] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.051695][ T8181] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #15: comm syz.0.1263: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  126.062363][ T8196] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1271'.
[  126.069699][ T8194] loop3: detected capacity change from 0 to 512
[  126.083489][ T8181] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[  126.093139][ T8181] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #15: comm syz.0.1263: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  126.112442][ T8181] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=15
[  126.124038][ T8181] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1263: bg 0: block 18: invalid block bitmap
[  126.126909][ T8194] ext4 filesystem being mounted at /281/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.137301][ T8181] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.1263: Failed to acquire dquot type 1
[  126.185348][ T8201] loop1: detected capacity change from 0 to 512
[  126.194617][ T8181] syz.0.1263 (8181) used greatest stack depth: 9488 bytes left
[  126.206250][ T8205] loop3: detected capacity change from 0 to 512
[  126.212024][ T8201] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  126.233745][ T8205] ext4 filesystem being mounted at /283/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.242382][ T8201] ext4 filesystem being mounted at /248/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  126.259479][ T8205] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #2: comm syz.3.1274: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  126.264688][ T8201] FAULT_INJECTION: forcing a failure.
[  126.264688][ T8201] name failslab, interval 1, probability 0, space 0, times 0
[  126.279520][ T8205] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.1274: Directory hole found for htree leaf block 0
[  126.290119][ T8201] CPU: 0 UID: 0 PID: 8201 Comm: syz.1.1272 Not tainted 6.11.0-rc6-syzkaller #0
[  126.305084][ T8211] loop0: detected capacity change from 0 to 2048
[  126.312025][ T8201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  126.328666][ T8201] Call Trace:
[  126.331955][ T8201]  <TASK>
[  126.334889][ T8201]  dump_stack_lvl+0xf2/0x150
[  126.339493][ T8201]  dump_stack+0x15/0x20
[  126.343824][ T8201]  should_fail_ex+0x229/0x230
[  126.348581][ T8201]  ? __es_insert_extent+0x575/0xf60
[  126.353844][ T8201]  should_failslab+0x8f/0xb0
[  126.358476][ T8201]  kmem_cache_alloc_noprof+0x4c/0x290
[  126.363866][ T8201]  __es_insert_extent+0x575/0xf60
[  126.368991][ T8201]  ? __radix_tree_replace+0x1c1/0x1f0
[  126.374628][ T8201]  ext4_es_insert_extent+0x3e5/0x1c10
[  126.380028][ T8201]  ext4_map_blocks+0x3ee/0xf50
[  126.384898][ T8201]  ext4_getblk+0x112/0x500
[  126.389349][ T8201]  ext4_bread_batch+0x5b/0x360
[  126.394248][ T8201]  __ext4_find_entry+0x9d3/0x10a0
[  126.399367][ T8201]  ? d_alloc_parallel+0xbfe/0xc80
[  126.404434][ T8201]  ? selinux_inode_permission+0x337/0x400
[  126.410204][ T8201]  ext4_lookup+0xba/0x390
[  126.414684][ T8201]  __lookup_slow+0x184/0x250
[  126.419348][ T8201]  lookup_slow+0x3c/0x60
[  126.423608][ T8201]  walk_component+0x1f5/0x230
[  126.428410][ T8201]  ? path_lookupat+0xfd/0x2b0
[  126.433178][ T8201]  path_lookupat+0x10a/0x2b0
[  126.437795][ T8201]  filename_lookup+0x127/0x300
[  126.442577][ T8201]  user_path_at+0x3c/0x110
[  126.447036][ T8201]  do_fchownat+0x92/0x1a0
[  126.451634][ T8201]  __x64_sys_lchown+0x4a/0x60
[  126.456378][ T8201]  x64_sys_call+0x2a17/0x2d60
[  126.461090][ T8201]  do_syscall_64+0xc9/0x1c0
[  126.465774][ T8201]  ? clear_bhb_loop+0x55/0xb0
[  126.470467][ T8201]  ? clear_bhb_loop+0x55/0xb0
[  126.475152][ T8201]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.481088][ T8201] RIP: 0033:0x7f49988d9eb9
[  126.485519][ T8201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.505172][ T8201] RSP: 002b:00007f4997557038 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
[  126.513696][ T8201] RAX: ffffffffffffffda RBX: 00007f4998a75f80 RCX: 00007f49988d9eb9
[  126.522001][ T8201] RDX: 000000000000ee01 RSI: 000000000000ee00 RDI: 00000000200002c0
[  126.530079][ T8201] RBP: 00007f4997557090 R08: 0000000000000000 R09: 0000000000000000
[  126.538081][ T8201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.546095][ T8201] R13: 0000000000000000 R14: 00007f4998a75f80 R15: 00007fff1bbe17e8
[  126.554168][ T8201]  </TASK>
[  126.588532][ T8211] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  126.628055][ T8217] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1278'.
[  126.648130][ T8221] netlink: 'syz.2.1279': attribute type 1 has an invalid length.
[  126.664207][ T8221] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1279'.
[  126.746595][ T8211] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1275'.
[  126.793747][ T8225] loop2: detected capacity change from 0 to 256
[  126.828639][ T8225] FAT-fs (loop2): Directory bread(block 64) failed
[  126.835324][ T8225] FAT-fs (loop2): Directory bread(block 65) failed
[  126.841878][ T8225] FAT-fs (loop2): Directory bread(block 66) failed
[  126.858253][ T8225] FAT-fs (loop2): Directory bread(block 67) failed
[  126.868215][ T8246] No control pipe specified
[  126.872840][ T8225] FAT-fs (loop2): Directory bread(block 68) failed
[  126.889532][ T8246] loop0: detected capacity change from 0 to 1024
[  126.890422][ T8244] netlink: 'syz.1.1285': attribute type 2 has an invalid length.
[  126.896702][ T8225] FAT-fs (loop2): Directory bread(block 69) failed
[  126.911830][ T8225] FAT-fs (loop2): Directory bread(block 70) failed
[  126.918761][ T8225] FAT-fs (loop2): Directory bread(block 71) failed
[  126.926654][ T8225] FAT-fs (loop2): Directory bread(block 72) failed
[  126.926918][ T8246] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  126.933279][ T8225] FAT-fs (loop2): Directory bread(block 73) failed
[  126.971730][ T8252] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  126.978292][ T8252] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  126.985916][ T8252] vhci_hcd vhci_hcd.0: Device attached
[  127.007026][ T8253] usbip_core: unknown command
[  127.011750][ T8253] vhci_hcd: unknown pdu 0
[  127.016194][ T8253] usbip_core: unknown command
[  127.034103][ T3292] vhci_hcd: stop threads
[  127.038424][ T3292] vhci_hcd: release socket
[  127.042845][ T3292] vhci_hcd: disconnect device
[  127.105560][ T3292] kworker/u8:6: attempt to access beyond end of device
[  127.105560][ T3292] loop2: rw=1, sector=1800, nr_sectors = 4 limit=256
[  127.287416][ T8269] loop2: detected capacity change from 0 to 2048
[  127.320503][ T8269] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  127.714197][ T8297] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  127.720759][ T8297] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  127.728321][ T8297] vhci_hcd vhci_hcd.0: Device attached
[  127.735439][ T8298] usbip_core: unknown command
[  127.740165][ T8298] vhci_hcd: unknown pdu 0
[  127.744603][ T8298] usbip_core: unknown command
[  127.768123][ T3292] vhci_hcd: stop threads
[  127.772490][ T3292] vhci_hcd: release socket
[  127.776975][ T3292] vhci_hcd: disconnect device
[  127.793547][ T6868] EXT4-fs unmount: 86 callbacks suppressed
[  127.793562][ T6868] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.839453][ T8302] loop0: detected capacity change from 0 to 2048
[  127.857656][ T8302] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.872918][ T8302] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  128.013895][ T6868] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.129532][ T8317] loop0: detected capacity change from 0 to 128
[  128.155463][ T8317] syz.0.1310: attempt to access beyond end of device
[  128.155463][ T8317] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  128.175942][ T8316] syz.0.1310: attempt to access beyond end of device
[  128.175942][ T8316] loop0: rw=524288, sector=145, nr_sectors = 184 limit=128
[  128.190028][ T8316] syz.0.1310: attempt to access beyond end of device
[  128.190028][ T8316] loop0: rw=0, sector=209, nr_sectors = 8 limit=128
[  128.203386][ T8316] syz.0.1310: attempt to access beyond end of device
[  128.203386][ T8316] loop0: rw=0, sector=209, nr_sectors = 8 limit=128
[  128.216797][ T8316] syz.0.1310: attempt to access beyond end of device
[  128.216797][ T8316] loop0: rw=0, sector=209, nr_sectors = 8 limit=128
[  128.230041][ T8316] syz.0.1310: attempt to access beyond end of device
[  128.230041][ T8316] loop0: rw=0, sector=209, nr_sectors = 8 limit=128
[  128.243699][ T8316] syz.0.1310: attempt to access beyond end of device
[  128.243699][ T8316] loop0: rw=0, sector=209, nr_sectors = 8 limit=128
[  128.257108][ T8316] syz.0.1310: attempt to access beyond end of device
[  128.257108][ T8316] loop0: rw=0, sector=209, nr_sectors = 8 limit=128
[  128.270779][ T8316] syz.0.1310: attempt to access beyond end of device
[  128.270779][ T8316] loop0: rw=0, sector=209, nr_sectors = 8 limit=128
[  128.338733][ T8326] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.413104][ T8329] netlink: 'syz.2.1315': attribute type 2 has an invalid length.
[  128.423063][ T8326] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.476632][ T8326] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.507718][ T8337] loop2: detected capacity change from 0 to 512
[  128.516279][ T8326] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.536776][ T8337] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.549506][ T8337] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.562256][ T8337] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #2: comm syz.2.1317: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  128.582548][ T8337] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.1317: Directory hole found for htree leaf block 0
[  128.587305][ T8326] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.607131][ T8326] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.617770][ T7670] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.618852][ T8326] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.638991][ T8326] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.661536][ T8341] loop2: detected capacity change from 0 to 2048
[  128.685521][ T8341] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.701022][ T8341] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  128.706475][ T8347] bpf_get_probe_write_proto: 4 callbacks suppressed
[  128.706492][ T8347] syz.0.1320[8347] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.716057][   T29] kauditd_printk_skb: 128 callbacks suppressed
[  128.716074][   T29] audit: type=1326 audit(1725229206.470:4684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  128.723148][ T8347] syz.0.1320[8347] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.733834][   T29] audit: type=1326 audit(1725229206.470:4685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  128.798409][   T29] audit: type=1326 audit(1725229206.470:4686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  128.850657][   T29] audit: type=1326 audit(1725229206.500:4687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  128.851052][ T8349] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  128.874157][   T29] audit: type=1326 audit(1725229206.500:4688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  128.880591][ T8349] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  128.904118][   T29] audit: type=1326 audit(1725229206.580:4689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  128.911813][ T8349] vhci_hcd vhci_hcd.0: Device attached
[  128.934958][   T29] audit: type=1326 audit(1725229206.580:4690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  128.964018][   T29] audit: type=1326 audit(1725229206.590:4691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  128.975515][ T8355] syz.3.1321[8355] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.987548][   T29] audit: type=1326 audit(1725229206.590:4692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  128.989051][ T8355] syz.3.1321[8355] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.998920][   T29] audit: type=1326 audit(1725229206.590:4693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8346 comm="syz.0.1320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751c509eb9 code=0x7ffc0000
[  129.023632][ T8341] __nla_validate_parse: 12 callbacks suppressed
[  129.023649][ T8341] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1318'.
[  129.051626][ T8357] loop0: detected capacity change from 0 to 2048
[  129.105473][ T8357] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.130085][ T8350] vhci_hcd: connection closed
[  129.130458][   T36] vhci_hcd: stop threads
[  129.136219][ T8357] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1322: bg 0: block 136: padding at end of block bitmap is not set
[  129.139551][   T36] vhci_hcd: release socket
[  129.158358][   T36] vhci_hcd: disconnect device
[  129.163858][ T4116] vhci_hcd: vhci_device speed not set
[  129.165227][ T8363] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1325'.
[  129.180088][ T7670] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.211423][    T8] IPVS: starting estimator thread 0...
[  129.222798][ T8367] netlink: 'syz.2.1326': attribute type 2 has an invalid length.
[  129.230675][ T8367] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1326'.
[  129.241001][ T6868] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.274293][ T8372] netlink: 'syz.0.1327': attribute type 1 has an invalid length.
[  129.291960][ T8372] 8021q: adding VLAN 0 to HW filter on device bond1
[  129.304364][ T8369] IPVS: using max 2304 ests per chain, 115200 per kthread
[  129.315815][ T8372] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1327'.
[  129.360493][ T8384] syz.2.1332[8384] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.360864][ T8383] syz.1.1331[8383] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.365499][ T8385] loop0: detected capacity change from 0 to 512
[  129.372402][ T8384] syz.2.1332[8384] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.384783][ T8383] syz.1.1331[8383] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.393654][ T8385] EXT4-fs warning (device loop0): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  129.424357][ T8385] EXT4-fs warning (device loop0): dx_probe:881: Enable large directory feature to access it
[  129.434517][ T8385] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.1333: Corrupt directory, running e2fsck is recommended
[  129.448767][ T8385] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  129.458871][ T8385] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1333: corrupted in-inode xattr: invalid ea_ino
[  129.476034][ T8385] EXT4-fs (loop0): Remounting filesystem read-only
[  129.483076][ T8385] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.497418][ T8385] SELinux: (dev loop0, type ext4) getxattr errno 5
[  129.508312][ T8385] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.567220][ T8397] loop0: detected capacity change from 0 to 128
[  129.619052][ T8401] netlink: 'syz.2.1340': attribute type 2 has an invalid length.
[  129.626962][ T8401] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1340'.
[  129.700961][ T8416] syz.1.1345[8416] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.701022][ T8416] syz.1.1345[8416] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.720379][ T8414] loop2: detected capacity change from 0 to 512
[  129.755308][ T8414] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.768480][ T8414] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.795362][ T7670] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.887645][ T8433] FAULT_INJECTION: forcing a failure.
[  129.887645][ T8433] name failslab, interval 1, probability 0, space 0, times 0
[  129.900358][ T8433] CPU: 1 UID: 0 PID: 8433 Comm: syz.2.1353 Not tainted 6.11.0-rc6-syzkaller #0
[  129.909320][ T8433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  129.919390][ T8433] Call Trace:
[  129.922676][ T8433]  <TASK>
[  129.925610][ T8433]  dump_stack_lvl+0xf2/0x150
[  129.930216][ T8433]  dump_stack+0x15/0x20
[  129.934385][ T8433]  should_fail_ex+0x229/0x230
[  129.939075][ T8433]  ? getname_flags+0x81/0x3b0
[  129.943833][ T8433]  should_failslab+0x8f/0xb0
[  129.948447][ T8433]  kmem_cache_alloc_noprof+0x4c/0x290
[  129.953976][ T8433]  getname_flags+0x81/0x3b0
[  129.958562][ T8433]  getname+0x17/0x20
[  129.962478][ T8433]  __se_sys_quotactl+0x15b/0x660
[  129.967438][ T8433]  __x64_sys_quotactl+0x55/0x70
[  129.972309][ T8433]  x64_sys_call+0x2b7f/0x2d60
[  129.977038][ T8433]  do_syscall_64+0xc9/0x1c0
[  129.981566][ T8433]  ? clear_bhb_loop+0x55/0xb0
[  129.986349][ T8433]  ? clear_bhb_loop+0x55/0xb0
[  129.991095][ T8433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.997023][ T8433] RIP: 0033:0x7fd614559eb9
[  130.001448][ T8433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.021418][ T8433] RSP: 002b:00007fd6131d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  130.030236][ T8433] RAX: ffffffffffffffda RBX: 00007fd6146f5f80 RCX: 00007fd614559eb9
[  130.038276][ T8433] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: ffffffff80000201
[  130.046429][ T8433] RBP: 00007fd6131d7090 R08: 0000000000000000 R09: 0000000000000000
[  130.054424][ T8433] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[  130.062457][ T8433] R13: 0000000000000000 R14: 00007fd6146f5f80 R15: 00007ffda62250e8
[  130.070654][ T8433]  </TASK>
[  130.086741][ T8434] loop1: detected capacity change from 0 to 128
[  130.122358][ T8436] netlink: 'syz.0.1354': attribute type 2 has an invalid length.
[  130.130350][ T8436] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1354'.
[  130.154273][ T8442] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  130.160877][ T8442] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  130.168433][ T8442] vhci_hcd vhci_hcd.0: Device attached
[  130.186123][ T8443] usbip_core: unknown command
[  130.190967][ T8443] vhci_hcd: unknown pdu 0
[  130.195367][ T8443] usbip_core: unknown command
[  130.200385][ T3358] vhci_hcd: stop threads
[  130.205952][ T3358] vhci_hcd: release socket
[  130.210376][ T3358] vhci_hcd: disconnect device
[  130.250003][ T8446] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1357'.
[  130.280154][ T8455] loop1: detected capacity change from 0 to 512
[  130.296013][ T8457] FAULT_INJECTION: forcing a failure.
[  130.296013][ T8457] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.305810][ T8455] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.309408][ T8457] CPU: 1 UID: 0 PID: 8457 Comm: syz.0.1360 Not tainted 6.11.0-rc6-syzkaller #0
[  130.323543][ T8455] ext4 filesystem being mounted at /272/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.331797][ T8457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  130.331816][ T8457] Call Trace:
[  130.355767][ T8457]  <TASK>
[  130.358704][ T8457]  dump_stack_lvl+0xf2/0x150
[  130.363421][ T8457]  dump_stack+0x15/0x20
[  130.367713][ T8457]  should_fail_ex+0x229/0x230
[  130.372492][ T8457]  should_fail+0xb/0x10
[  130.376925][ T8457]  should_fail_usercopy+0x1a/0x20
[  130.381988][ T8457]  _copy_to_user+0x1e/0xa0
[  130.386462][ T8457]  simple_read_from_buffer+0xa0/0x110
[  130.391958][ T8457]  proc_fail_nth_read+0xff/0x140
[  130.396904][ T8457]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  130.402564][ T8457]  vfs_read+0x1a2/0x6e0
[  130.406773][ T8457]  ? __rcu_read_unlock+0x4e/0x70
[  130.411724][ T8457]  ? __fget_files+0x1da/0x210
[  130.416516][ T8457]  ksys_read+0xeb/0x1b0
[  130.420753][ T8457]  __x64_sys_read+0x42/0x50
[  130.425283][ T8457]  x64_sys_call+0x27d3/0x2d60
[  130.429978][ T8457]  do_syscall_64+0xc9/0x1c0
[  130.434590][ T8457]  ? clear_bhb_loop+0x55/0xb0
[  130.439300][ T8457]  ? clear_bhb_loop+0x55/0xb0
[  130.444008][ T8457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.449958][ T8457] RIP: 0033:0x7f751c5088fc
[  130.454394][ T8457] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  130.474299][ T8457] RSP: 002b:00007f751b187030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  130.482716][ T8457] RAX: ffffffffffffffda RBX: 00007f751c6a5f80 RCX: 00007f751c5088fc
[  130.490709][ T8457] RDX: 000000000000000f RSI: 00007f751b1870a0 RDI: 0000000000000003
[  130.498693][ T8457] RBP: 00007f751b187090 R08: 0000000000000000 R09: 0000000000000000
[  130.506662][ T8457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.514924][ T8457] R13: 0000000000000000 R14: 00007f751c6a5f80 R15: 00007ffc7b6d9678
[  130.523003][ T8457]  </TASK>
[  130.540769][ T3258] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.549999][ T8461] loop0: detected capacity change from 0 to 512
[  130.557027][ T8461] EXT4-fs: Ignoring removed nobh option
[  130.563303][ T8461] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  130.586245][ T8466] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1362'.
[  130.595393][ T8461] EXT4-fs (loop0): 1 truncate cleaned up
[  130.601431][ T8461] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.713088][ T6868] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /66/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  130.738619][ T6868] EXT4-fs error (device loop0): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  130.747576][ T8474] netlink: 'syz.3.1368': attribute type 2 has an invalid length.
[  130.766224][ T8474] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1368'.
[  130.766370][ T6868] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /66/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  130.800657][ T6868] EXT4-fs error (device loop0): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  130.820956][ T6868] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /66/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  130.843570][ T6868] EXT4-fs error (device loop0): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  130.865652][ T6868] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /66/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  130.886732][ T8482] loop2: detected capacity change from 0 to 512
[  130.889107][ T6868] EXT4-fs error (device loop0): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  130.915319][ T6868] EXT4-fs error (device loop0): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /66/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  130.937349][ T6868] EXT4-fs error (device loop0): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  130.958829][ T8482] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.973173][ T8482] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.988233][ T8482] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #2: comm syz.2.1370: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  131.007993][ T8482] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.1370: Directory hole found for htree leaf block 0
[  131.032182][ T7670] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.110203][ T8496] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1376'.
[  131.178890][ T8498] No control pipe specified
[  131.188357][ T8498] loop2: detected capacity change from 0 to 1024
[  131.195611][ T8498] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  131.206508][ T8498] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.513965][ T8498] ==================================================================
[  131.522149][ T8498] BUG: KCSAN: data-race in __mark_inode_dirty / __mark_inode_dirty
[  131.530130][ T8498] 
[  131.532469][ T8498] write to 0xffff888107d08640 of 8 bytes by task 8500 on cpu 0:
[  131.540109][ T8498]  __mark_inode_dirty+0x256/0x7e0
[  131.545208][ T8498]  file_modified_flags+0x309/0x340
[  131.550451][ T8498]  file_modified+0x17/0x20
[  131.554904][ T8498]  ext4_buffered_write_iter+0x1d8/0x380
[  131.560467][ T8498]  ext4_file_write_iter+0x29f/0xe30
[  131.565690][ T8498]  iter_file_splice_write+0x5e6/0x970
[  131.571104][ T8498]  direct_splice_actor+0x16c/0x2c0
[  131.576248][ T8498]  splice_direct_to_actor+0x305/0x670
[  131.581711][ T8498]  do_splice_direct+0xd7/0x150
[  131.586509][ T8498]  do_sendfile+0x3ab/0x950
[  131.588430][ T8503] No control pipe specified
[  131.590929][ T8498]  __x64_sys_sendfile64+0x110/0x150
[  131.600656][ T8498]  x64_sys_call+0xed5/0x2d60
[  131.605281][ T8498]  do_syscall_64+0xc9/0x1c0
[  131.609809][ T8498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.615761][ T8498] 
[  131.618100][ T8498] read to 0xffff888107d08640 of 8 bytes by task 8498 on cpu 1:
[  131.625838][ T8498]  __mark_inode_dirty+0x19f/0x7e0
[  131.630987][ T8498]  touch_atime+0x230/0x350
[  131.635452][ T8498]  filemap_splice_read+0x8b0/0x920
[  131.640615][ T8498]  ext4_file_splice_read+0x95/0xc0
[  131.645780][ T8498]  splice_direct_to_actor+0x26c/0x670
[  131.651204][ T8498]  do_splice_direct+0xd7/0x150
[  131.656022][ T8498]  do_sendfile+0x3ab/0x950
[  131.660466][ T8498]  __x64_sys_sendfile64+0x110/0x150
[  131.665717][ T8498]  x64_sys_call+0xed5/0x2d60
[  131.670344][ T8498]  do_syscall_64+0xc9/0x1c0
[  131.674970][ T8498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.680920][ T8498] 
[  131.683256][ T8498] value changed: 0x0000000000000000 -> 0x0000000000000001
[  131.690387][ T8498] 
[  131.692724][ T8498] Reported by Kernel Concurrency Sanitizer on:
[  131.698908][ T8498] CPU: 1 UID: 0 PID: 8498 Comm: syz.2.1377 Not tainted 6.11.0-rc6-syzkaller #0
[  131.707875][ T8498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  131.718257][ T8498] ==================================================================
[  131.768450][ T8125] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  131.799631][ T8125] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  131.812077][ T8125] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  131.824359][ T8125] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.044991][ T7670] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.076668][ T6868] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.091874][ T3271] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.136882][ T3271] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.196235][ T3271] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.256127][ T3271] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.351941][ T3271] bridge_slave_1: left allmulticast mode
[  135.357704][ T3271] bridge_slave_1: left promiscuous mode
[  135.363533][ T3271] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.373472][ T3271] bridge_slave_0: left allmulticast mode
[  135.380307][ T3271] bridge_slave_0: left promiscuous mode
[  135.386292][ T3271] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.507166][ T3271] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  135.517890][ T3271] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  135.528604][ T3271] bond0 (unregistering): Released all slaves
[  135.538096][ T3271] bond1 (unregistering): Released all slaves
[  135.616639][ T3271] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.624525][ T3271] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.653824][ T3271] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.661588][ T3271] batman_adv: batadv0: Removing interface: batadv_slave_1
[  135.672861][ T3271] veth1_macvtap: left promiscuous mode
[  135.678443][ T3271] veth0_macvtap: left promiscuous mode
[  135.684201][ T3271] veth1_vlan: left promiscuous mode
[  135.689578][ T3271] veth0_vlan: left promiscuous mode
[  135.790037][ T3271] team0 (unregistering): Port device team_slave_1 removed
[  135.801513][ T3271] team0 (unregistering): Port device team_slave_0 removed
[  136.077609][ T3271] IPVS: stop unused estimator thread 0...
[  136.855990][   T29] kauditd_printk_skb: 148 callbacks suppressed
[  136.856069][   T29] audit: type=1400 audit(1725229214.620:4842): avc:  denied  { sys_chroot } for  pid=8624 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  136.909757][   T29] audit: type=1400 audit(1725229214.620:4843): avc:  denied  { setgid } for  pid=8624 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  136.931005][   T29] audit: type=1400 audit(1725229214.620:4844): avc:  denied  { setuid } for  pid=8624 comm="dhcpcd" capability=7  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  136.952237][   T29] audit: type=1400 audit(1725229214.620:4845): avc:  denied  { setrlimit } for  pid=8624 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1