last executing test programs:

4.173505738s ago: executing program 0 (id=1259):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r4, 0x0, r6, 0x0, 0xf3a, 0x0)
write(r2, 0x0, 0x0)
tee(r1, r6, 0x81, 0x0)
vmsplice(r5, &(0x7f0000000580)=[{&(0x7f00000000c0)="d7", 0x1}], 0x1, 0x0)
write$binfmt_misc(r3, &(0x7f0000000140)=ANY=[], 0x4)

4.089354505s ago: executing program 1 (id=1264):
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000080)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x200000, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000001100)=0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180))
socket(0x0, 0x0, 0x0)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x20600000)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x5, 0x0, 0x0)
getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f00000002c0)='./file1\x00')
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
io_uring_setup(0x0, 0x0)
close(0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
modify_ldt$write2(0x11, 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
socket$packet(0x11, 0x2, 0x300)

4.013465161s ago: executing program 1 (id=1267):
r0 = semget$private(0x0, 0x4000000009, 0x0) (async)
close(0xffffffffffffffff) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
r1 = socket$netlink(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000140)=0x12, 0x4) (async)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f0200c00e7f4e32f61bcdf1e422000000000100800000000000001000aadc28da3457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = signalfd(r4, &(0x7f00000001c0)={[0x10000000]}, 0x8)
close(r5) (async)
fcntl$setstatus(r5, 0x4, 0x2c00) (async)
r6 = syz_io_uring_setup(0x4072, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
ioctl$sock_SIOCGIFCONF(r5, 0x8912, &(0x7f0000000340)=@req={0x28, &(0x7f0000000300)={'vlan0\x00', @ifru_addrs=@rc={0x1f, @none, 0x6}}})
io_uring_enter(r6, 0x567, 0x0, 0x0, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) (async)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'lo\x00'}) (async)
sendmsg$nl_route_sched(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000009c0)=@newqdisc={0x48, 0x24, 0x0, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x3, {0x0, "000000000010000000030200"}}}]}, 0x48}}, 0x0) (async)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r10}, 0x10)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
syz_clone3(0x0, 0x0) (rerun: 32)
semop(r0, &(0x7f00000000c0)=[{0x0, 0xffff}], 0x1)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000140)=[0x9])
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

4.013288691s ago: executing program 1 (id=1268):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x6, 0x3)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000840), 0x4)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r2)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x95, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffffffbffffffff, 0xffffffffffffffff, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
setsockopt$sock_int(r7, 0x1, 0x2a, &(0x7f0000000280)=0x5, 0x4)
ioctl$SIOCSIFHWADDR(r5, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xf101})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x8943, &(0x7f0000000080))
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f00000005c0)={'lo\x00', 0x400})
sendmmsg$inet6(r1, &(0x7f0000000080)=[{{&(0x7f0000000200)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4001b80f)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r0, &(0x7f0000000240)={0x0, 0xf00, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9, @ANYBLOB="7ffbe1ffffff0000000005"], 0x14}, 0x1, 0xf00000000000000}, 0x0)

3.363290814s ago: executing program 0 (id=1288):
socket$pppl2tp(0x18, 0x1, 0x1)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r3, 0x0, 0xf3a, 0x0)
write(r1, &(0x7f0000001100)="94", 0x1)
tee(r0, r3, 0x81, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x4)

2.20563136s ago: executing program 2 (id=1300):
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
mount$9p_fd(0x6700, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESOCT=r1])

2.19766637s ago: executing program 2 (id=1301):
sendmsg$key(0xffffffffffffffff, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={0x0, 0x20}}, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="9feb01001800000002000000000000c8799e5a"], &(0x7f0000001f80)=""/237, 0x18, 0xed, 0x2}, 0x20)
bind$inet(0xffffffffffffffff, &(0x7f0000000400)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x26}}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000040)=0x1b3a, 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000080)='m', 0x1, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000780)=ANY=[@ANYBLOB="bf16000000000000b70200000100f0ff5070000000000000480000000820000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1886d0d4d94f2f4eb45c652fbc1626cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd3641130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce7400dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f000006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08e774c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d32872c494160cb7f46ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe94ff799a11d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcffff3ffd86fe9ce05268bf8a3958f2206cdc7095682c14f10be1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d263e8778e6e8ffe4ea50b076446f35efffc806b340658342d2d9e1ef68c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e92a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd311a40030f9ffce75ffff996a80153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf2af469bdfb361b9c014ce021bb687b52086f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c44a1b9091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00f80b58fd76e4bc46c84799aa792cdaeb6cfb858e577dacff607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee2c7ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be1557951854c01dbc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e9994ca9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c425190a6e3f1a8a3abfe6059da9c952cf35c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676590bd2047229e0237c1e34641848531712ff09e89fb062a3e66f4fced0ae679733830039cb61ea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfd0e5e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35e4196c3faeb7a60a0290bf897846f6f0f1c163d6075119169d55d10da9ad0e4b2c636d200000009baaf94e2b2c48e70d8453f832eecfb1de2a3f38a5c986de9e37737dac74db251d5e9ea2b8ed39e91a7a17d01b49f7aaff7c4c73c3484bdcab362838ed940035b239a3646ef55b9f070ae14466b3acef9f8b28fb938a237e2e068ae4a6bce4407b54cc14614c2cdf877f000000000000000000000000bdcf23144e6c16b9235552aed83b6428f34d88c258a9ad16386bba51b60838fb11bc193a206b5a25b7233b222e4e68e0d1e88f26b9a45b6c29469530a37ea92aaf421cdcc1f594ecfaff9a79b56f8b38038002d29b3193cea9cd0a0ef4f58fa48f61071f548d411353965615c24c1860790dfae0f4cdf8c8f8645a289a79f9b919b674f0325d81eacaa8399324a304885da01733bb7917ec5e52718eb05f9c1ffd69f834150e9100c215968e8fb31c83526e6f66897569e28d01ca6135a2acca398c1415e0f9b58b63ee9dc33608ba7e5c4bdf3f37d8e4f4f424be263d9c2a5204f41e9b0ee01ad4cc0519395b69c310c98d3c8edc7d07b30617f3535634257f5452d9f3263a6f04778a920c12000721bb82f9884780ac294b8bb07ebf6e3f16584e95607e319b2ea9778289c19fb775514246159bbfa9dc0fdf711d3efa316a3323c915a40e6d7c8f8d7daf98824fd0bc955dc9731cc8c7a600d94b8049af764688c7ffdd26a741b03b065ba9c586914d8beb94c8a265ace34172ed003357ddd400557230b2caba908c42f2e5051d806db876f47c7aa475bf47404f9f0e841bcfb429fac1a527ac50e649fc04139a290b532839e44a43b25fe8c2aebbe97f46eb2d"], &(0x7f0000000140)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x57, 0x10, &(0x7f0000000000), 0xffffffffffffffc9}, 0x24)
recvmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f00000019c0)=""/213, 0xd5}, 0x10100)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x120084, &(0x7f0000001840)=ANY=[@ANYRES16=0x0, @ANYRES16=r1, @ANYBLOB="2c8ef6ff096071854bb02441c2edff2c66736dbd9a23113d3078303030303030303030303001003066581c000000000000bd2551db78fc65706d62c543fd92499a55c4676e4ab57351fab1f213c1c9b96d7f9297aea36961e03f1f9b339e1208fe76adf8245531e4f11e82cd11bccd3e4d4cd5b4502ba9708a2827923cada4cc8ec20e806b1b5ece7f4afbdb8475f9b71f1eafd72d05729591892caacc55317bb19441bd11c979ca9786b51118d9b1c2246f0b407eaa2083113d1bab6700000000000000"], 0x4, 0x632, &(0x7f0000000100)="$eJzs3ctu2+gZxvGHsmwrLhAUbTEIgkzyTdIBHDRVJHniQEgXZSlK5lQSBZIubKDAIJ3YgyBypk1SoPFm4E0PwPQGuptNF72IAl33LrosMGh3BbpRQVK0ZOtkx7Kdaf4/wxFFvuT3fqTCF7R4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkOXUSqWypabX3twykzm1wG9NmZ4ubVF304G7M9uVrPhXhYKupaOufW8w+b34n9u6kb67oUL8UtD+t9779qPv5nPZ/FMSehM67QJfvt5/9rjb3Xkx50TeAsqdIKjhtr3Q91p2wzVe6Jvq+nrp/kY9NHWv6YbbYeS2jBO4ucgPzKpz15Sr1TXjFrf9zXajZjfdbOTDH1ZKpXXz8XJ/89//uBg6G16z6bUbSUw8OY55aL78eRri2i1jdp92d9ZmJRkHlU8SVJkVVClVKuVypVJef1B98LBUyo+MKB2jkYi5f2jxDTO/nTdwRrm4/v/DkpoqqK1NbcmM/XFUUyBfrQnT+7L6/+F9d2q7w/U/q/LXBpOvK6n/N9N3NyfV/wm5GJlkhnFTrAnj3+znpV5rX8/0WF11taMX81nurflleL4/DSkveQrly1NLthpyZfpjjKpa17pK+kQbqiuUUV2emnIValuhIrlqJdskkCtbkXwFMlqVo7syKquqqtZk5KqobfnaVFsN1WTrP71eb1dPk/W+NiVHZUHlkwRVpgRNqv+/+CL9nFL/32Uaqu1T44C3Ra9//H9Kt84nGwAAAAAAcB6s5K/vVvLd/fuSeqp7Tbd02WkBAAAAAIA5Sr75vxG/LMZD78uacPzfu/jcAAAAAADAfFjJNXaWpJXkpH5rcCXUSU4CWLiAFAEAAAAAwBkl3//fXJJ6yb3Xbsk61fE/AAAAAAD4Bvj90D3289k9dnvZ1/o5SWFn2frrv5YVLFoHna3vW3t2PMXe68eMnAEQ1a9bV/s36k1eliQl7xz3hjV4MICV/BbSN1/vzrrXvxUcS2BpIfvzxawE1vP9d/pSH6QxH/TbfbKfUzIlbWWl7jXdouM3H5Vl21dzkbsV/fr5099IwWE/d592d4qfft59kuRyEI862Ivz+OJIOrlZubxK7reQXHMxrsdXVM+a/EO7tWIl7Zay/i/I3ssNN3Sy/v9Wt9OY2yvp68p+tgWS/hfi/peLySYb9D65O4Q1yKJ8vOfjNsSELApJFnfSmDurd9KXLL9+Fj9YkCrF0W0QDGdRGc5i9rqw/j2yLmZkEa+LtTiLv8ULmpDF2umyGNkiAHBZdgdVKLmJ+eg99o/X3TfZy82u7j8+bCX5HuLVn3rpBYcLUr7/3cTUVgqK9+iracySkh1r/vqYPXqpX1cKmrBHL52husVt/WXwDKR+2iNZ/LfX6z0qJ+3+8VhV/Sqe4auJ7YbNykK8Cu+/2vtlcgP82Gc7n+08r1TW1ksflUoPKlpMutF/ofYAAMaY/YydmRHWR4dH1U/++WE6dKTifefwlIKiPtXn6uqJ7mWPELg1fqkrQ6ch3Bs9ao1jr0jHY8u6N/GoLqmlQ7GVw9hFZbMcrdSD2LVz3goAAFys2zPq8Enq/73suHv1+tjj7qO1/PgTgifFli94TQAA8O5wg6+tleh3VhB4nU/K1WrZjjZcE/jOT03g1Rqu8dqRGzgbdrvhmk7gR77jN00n0LJXc0MTbnY6fhCZuh+Yjh96W8mT303/0e+h27LbkeeEnaZrh65x/HZkO5GpeaFjOps/aXrhhhskM4cd1/HqnmNHnt82ob8ZOG7RmNB1hwK9mtuOvLoXD7ZNJ/BadrBtfuY3N1uuqbmhE3idyE8XmLXltet+0EoWW1Tv1A86BADg/9HL1/vPHne7Oy+mDBxoaEx2buD44KVxC7zsPgIAgKOo0gAAAAAAAAAAAAAAAAAAAAAAvP1Ocv3fqQYWNWaSdDjmV1dPtBxL807sNAO5N5/971NirhyOyVb/cMzBJfRU6UB+/ku+Io37JJzbwI920zU6MUaTLlpdPtwW+fn/d4gHnv95wqRer9ebPvvy0XW4NK2DRwfykl4snWETXM7+CMDF+V8AAAD//0gyQSk=")
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder1\x00', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000001980)='status\x00')
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0xfb1, 0x0)
read$usbfs(r3, &(0x7f0000002240)=""/133, 0x85)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x20000000000002ef, &(0x7f0000000740)=ANY=[], 0x0, 0x8000000, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x2}, 0x10}, 0x1c, 0x0}}], 0x1, 0x0)
r5 = dup(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000740)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb1}, 0x90)
r6 = fsopen(&(0x7f0000000080)='ext4\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r6, 0x4, &(0x7f0000000000)='R=<.]*]\x05\xe7\',I}/\'[)\x15{\xafR-+\x00', &(0x7f0000000040)='./file0\x00', r5)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f00000001c0)=ANY=[], 0x12, 0x9ef, &(0x7f0000000e40)="$eJzs3ctvXNd9B/Dv5UOiaUOSbdV1BdsayZVM2yxFUrVUwYtWIkcSXT4KkgIsdGG5FlUIYuvWbgHbKFAZKLqKkQAJskh2RlZZGfAm3gTeJbtklUWAwP+CkZWyYnDvDKkhOeSQMh+y/PkQM3Mfv3vO7859HM7MnTlhf914YrO5d9dNWTq8amxpqbo94Pi1n3+T1Pn2uzT+1aeffVLePr6bA+nOa8Uvkr4ktaQnybNJ79j47MxUh4LuJDeSfJkUSQ6m8bglN1J8Py2HwZcpflrWu6EDWy2ZTpb4Ttvv/Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5Gxdj48PBIcSAT09ferDUktXXGxmdniiwtrZ+zvEzDF1Wv38UXHetNivKWvr7lrr6fPXp/9jNJaifzXGPsuapD8vTlo8efOfL60z1dy8tvlM03cnDrxb7/4Ud33l5cXHhvVxJ5+F2pT0/MzUxMXbxSr03MzdQunDs3fObq5bna5YnJ+tz1ufn6VG1stn5xfma2NjD2cm3kwoWztfrQ9Zlr01fGhybryxPP/83o8PC52htD/1S/ODs3M33mjaG5sasTk5MT01eqmHJ2GXO+3BH/cWK+Nl+/OFWr3bq9uHB2TU7dWbP/lkEjndakDBrtFDQ6PDo6MjI6OvJxs/fslQnnXrvw2vnh4Z7hNbIuYpd2Wh4uj228mXf+JA4PqKvR/ieTmch0ruXN1Nr+jWU8s5nJ1Abzm5bb/1Nn6pvW29r+N1v5npbZx8q7k3mhOdq3Qfu/QS579/d+PsxHuZO3s5jFLOS9fc9ob/+upJ7pTGQuM5nIVC5WU2rNKbVcyLmcy3DeytUcz1xquZyJTKaeuVzPXOZTr/aoscymnouZz0xmU8tAxvJyahnJhVzI2dRSz1CuZybXMp0rGc/FqpRbuV0972c3yXElaGQrQaObBK1rzLfd/tfX/nPCd87On8ThAS012/8DnUMHxvYiIQAAAGDH/dWvc+joU7/6Q1Lk+ep9+csTk/Xh/U4LAAAA2EHV5XrPlQ+95dDzKbz+BwAAgEdNUX3HrkjSn+ONoeVvQnkTAAAAAB4R1ef/L6Q4fn+C1/8AAADwiOn8G/sdI4rB5Z//rd1sPN5sRjTGiv7LE5P1obGZyddHcrr6lYHqmwbrSutOit7q6wev5EQj6kR/47H/follnX1l1MjQ6yN5JSebKzLwYvnw4kCbyNFG5EuNyJdaI7uzKvJsGQkAj7qTm7THW23/X8lgI2LwWNXk9xxr0wYPa1kB4GGx0sfOn5pdmrVp/5sRL2zU/v/tJq//y4incut445KCobyTd7OYmxlM84qD4+1KXe6NoHEZwmCHdwP6m5cs/PZ8VwbXvR/Qt7KurbELGc1g23cEWsotlnM424jr3p1tAAB77eSm7fDW2v/BDq//+11SCAAPlZUe7HdxYL/XEQBYTSsNAAAAAAAAAAAAAAAAAAAAAAAAAAAAO29LP+D/m9PJ4uJCsgedBawM9G0nw80HurJHOe/7QHeS/ar977Ptpcpt/LA8dQZWD+zziQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA9USTd7aZ3JQeTDCc5s/dZ7Z67+53ATqk92GLFvdzLBzm00+kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzXNX//vyuNx8cbk9LTlZxKciPJP+93jjvp3n4nsG/+rbpv+f3/rqQ3S0V6Gps9Re/Y+OzMVLn5i4Pl/K8+/eyT8ta57PW9KpQFlDWs6lyiWUPLlN7VSz1ZLdU/vvD+nf969z9q45eqHfPS/OXJ8akrs/9wP/CZ4vNGFwit3SAs5/s/p375g5bJB5qVf16uaXtr671c1Tu+vt6/bLf0BvVuwe3FhdGypvn6m/P//e+3P2iZ9VROJC8OJAOra/rX8rZBTSfWPp+rFV8X/18cyo9zo9r+5bNRLBXlJjpcrf9jt24vLgy98+7izZWc/ndVTkdyPMnNpG/rOR2vzidtVXtdV29Z63AVVN4d7VDeplpKHNngeX2y2mX6t7UOtY3XodLheW9mdLZtRj/8z6dzettb+nSHGtsqvi5+X1zN7/J/Lf1/dJXb/1TaHp1tiqgiW/aU1nmrDq+uRmS15qOtM95aW+aGRyW74Hv5l/zdyvbvajn/N7fV3pyPWmpsf1wk2z8ufnZ4XYtyX9UiHV3TIjXPPhst08zzaCNqgzz/Iq8mPce2dUZ5tcMZZbeO/58UA/lj7ur/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAePgVSXe76V3JqSRHkhwux2vJ0tqYuw9QX1d/8SBp7pgHyfnbp9hwRYt7uZcPcmivMwIAAAAAAABgd1wa/+rTzz4pb9Xn8d35667mnFrSk+RI8aPesfHZmakOBfUmN5Y/0u/bXg43yrsn7o9/WY4922Gh/b18AAC+1f4cAAD//7IYb70=")
syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0x0)

2.133392735s ago: executing program 2 (id=1302):
r0 = syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[@ANYBLOB="00694ba7e2ae8959c3a1a1006a809454d1b9e49ca9bcfc4fc4988c654d24bf47f27cf5182a66907790f63da0382e7e8b6fa7bc01215b438ad0a0c54300383d371f98a51969e94000800000d1a09c066c83c90eb1659f642d9740b323fc7da8f03a2e547ee2dd62af8c0b51da0e3b75a1ccf23bb04d83fa977502819dcc5fbe622c4c35880cfe115f8743ddf5255ed6532d8ce9391e704bb6c64bf7bd3c353b218ccf99b00749bc4d22cdc096d92b7eaf583df7f136a59dade8dafa14bcefad343a259d07d5b6e7152b1031acbba628c1f5310e53cd87b92cdfd51281dba68af9b738f0a097f69b277ef9a9bd361570f431b43d9a107367e5ed6f27bd9ef071148bc60b4845accf826763066baf9b092754602e7fe53fbd347a39262850be890a0300863518f5cd8e1d6d388c66123eac43a65f0b3a585c80576666c4ee5d579c349d415741bd3de7fd5af2fa9b50f63bbd192fa1ee4eb9d2eb2b4afffa5dd5a32f292bffcecbcc18071375b13a01e4643601001601b7a1eca9816df0137b589441fca8b569993caed53c6d9deae2183ebdb1d37c31837dd8"], 0x1, 0x249, &(0x7f00000001c0)="$eJzs3c9LFGEYB/BH3fzRZSWCIIIWIui0qNDdiAJJKpIljJDWXENcERKEPKidgk5dOnb0ZgR16Fb/Q9ClS3SJjnnrEE7oxLrmWhq5E+7nc9mHmee7884s+87uYd+9c2pmemJ2bnJt7XN0d7dFbvDeepK0RW+0R0eklgMAOEy+JUl8TVJZjwUAaA73fwBoPXu8/19v4pAAgAP299//n46++ViuDJ7fQ2vSVSs/jO1/jADAvzUyeuvK+tuzPUPx6knEzKP50nwpfUz3X5iMqahGJfoiH98jkpq0vjw0fKmvsKEnojSz9DO/NF/q2J7vj3z0Rty8ujPfX0htzx+Jo/X5gcjH8cbHH2iY74xzZ+ryxcjHu7sxG9WY2PhIUpdf7C8ULl4b/iXftdkXKx2Zvj4AAAAAAAAAAAAAAAAAAAAAABxOxUJNb6P1e4rF3fan+b2vD7S1Ps/jzXwuTubiYbZnDwAAAAAAAAAAAAAAAAAAAP+HuQcL0+VqtXK/VozfmDq2fcufirb9NCsWpjcu/AEe4nREHPRZvFytvF8Zuz2S/cVsYtH4qr7IfGDjv+lpj4jN4sSzwfLrxU9fdvbEct17OZfOC+Vqg8mi0OTJCQAAAAAAAAAAAAAAAAAAWszWz4B360iaOyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyMDW///vu+isbVntSZ9sl+Z05/NMzxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNb2IwAA///U1qw1") (async)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (async)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000580)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[@ANYBLOB='-4'], 0xc) (async)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000000c0)=<r5=>0x0, &(0x7f00000001c0)=0x4) (async, rerun: 64)
write$UHID_CREATE2(r2, &(0x7f00000001c0)=ANY=[], 0x118) (async, rerun: 64)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r3, 0xd000943e, &(0x7f0000000d80)={0x0, <r6=>0x0, "9d72cfe0c2a2c2bf4e3b8ef20ba438df3186f20ebdd542f20b9a674d3b51b93339fadf32371e0f104b10265caeeb2db4a4e3f8fa1b4fb19340b3b52a6e2ba14df1026b027ac5b8346b26f7ec0e19822f75a26f558955f09894380f9bf55e23d0418e0b0593d99bb815501179d4141474a5dc1712760717c148473231ca3963bcf7d6b2f03932e9accafb1179d28ae6e3de55af3c19106b3816c6da8aed381f50dce6ace847a12b079ba6ec1546e3c1da78e7c0e3c5307ead4eba6506eec1acf8bca35a735d4622414d65dfdc7c149c5b3438dfd693e1b549ea3d3ea588d8b7dbb34fd5c185fa9a2e42e27950a296113f42d2adc76a87d401423ac0b4863011b9", "f3d45f438779c9859fbe9db24eade55e2fc8d78fb91c99bd0751e506a572da623289c4734403c65c01f99b3253749f6affef4b92b0d4cf8693f85b94c6823fc98843e6665482a01ee77465fd5791abcbd85afcdde2ad5c020758f8a74ef8e1e9d6e3095e7e9a490dd1c3301c9993ed27dea450594aac572087f4f0927be5e5f1c0b90457fc6530e06999f8cf30895fc2000a4426e03aac51399f80e19fa0145137be428a85754a41a37f4a3d37d10a45ac857cc2dbfc3fbbe4af82e72800ba7b7b0bb4ed3f234320f06e5d56c63030e3e88b9da9fabc83e7cd49a2a19771f323c4d58958b32f5a447ab3784eac402615a5b474a203d0968604f8a6d10c102fd5955e483a91c7109e06b7151b49cc0589b290e5606fa3892474a36619776f7a9da97a7df44864d6b61316580f68544f9745eadb6fb8e526fb94168b3331b0b5e0ff6598b566fb2622f05e7812e782c674dde679aa8fe547ab211e91369aca618c8e7a1cbb2c1e3b4e0dab90d7d9d4eaefa6ac25fb6918029648227c645594721f5efcb360a45bd2b3cf7222a5365fdee00c0f6a9797af1b5a4f953b45c032f5613cc6c278910732985f5322b056421069db8daedb1fbe84e53702a21b7ec5dc0fd8862134d72b0db890f9c4f78d0517ccf282227536875575eb29d21a4e9ce3211d1a754973f5cdfdba5730867fed202f3dd540c16f7a0ae531b3d3c92b92ed0f5c46df7b3da9bdabcce8b98049f3d0139ac6ddf5884b2d178cc8640dd8ed2679e6f8b227aed58266a0893fc14daf4f51308b30c7df86a37c3feccd34c3b72a111d3f850ab29a5e769e2b27ca75035d7c4a873999f7a0bbdaa9206f31a2726bb9483d290023586be669bed0e0e480299054650ad6d8c6db43a0f2b1364ab3371d796a1f69fe2f750490e355cfd8f5fe720fa98f643573e165ab2a07e92776286623f375be1a38cd02ceb49293d76cfecdbc39a4a525ee0939f157fa71a8372be64de4ec2c7668cb56a9671e3caf6cedbab428df6ce12e4c94ad808b40dc73f6d885f6da1fdb6667bf0fe3f902a3ae5ee42b614056831f46079c3a39cf26943f58ee7f5fc637b9bbad647cf00b9a36d89995d808bb787d65a15b4fd0e280046f4b1e4fb41c19cc6c1d85ea1f2a3e09d10e0483a1ade332bc50af432ad73241d31326b9e4e4f639cb1d30b73b7a74eacccfc591e288da4921636e44fc34daa5d9f3db93c1ca60083fc292be3cb9fea7fb1e4a2e9e99a3ad7ddf8ad0d8474f5f1dd20ad15a533aaf7def59f801198a9a4a7d0855dad74f242b091a1b1687808ed5fed7a75ff55f5b96d1c3233def6cedea064c9d9d04a461e4ee215fea2d5e38f88c48d8f4d1c3603d17e5822fd3459327d19373df554578fe147825cc74d0228c4bb7678984c7b3e21b07cf25c29fbb5402e8f08d72cef6c0b6554b29b934990f9babeed9d25db5b8a65abfea8f1237fd1ae69d5b7e84bc9ff3b007986fd07745b120b60de0e68536f59b1f465de798d061ce40c5eaa36f41574757046dc7212aee297acd15a2b13077a8dfc9aac4537110e9677b535e001ffdd00380660d61f92915a50d203297f5ed4b28c54628abb874b9b9894a168d1fcc8af7cc14a72420e216fd554d6e26131d69c99125f69fb04d5d3a9839d9de2bbddb272cc5d1b5ab67bd8d5f8d72ad9bc93442e58c8bde0b2086104057961b363ff23354df61d8a73343769ec15d10484eadf140cfad87c84df152aecd979fa4dd0a97b879877db1a13cb2ddde85ba7c8ff8cef5a56acf949bf546ccbef8a8198d460fb84d38c72177f65eafa8aa9cf98e6ae8de00253266ccd44f93ffc167efaafd553093c73d1e4bfed2cad1e65012485ace4347dbbd32f9d9ff22ef0f331ae376266023d0de715658a85fa0510b2f513b4059a71b2506565069d05035e9b8ccb1e1aff03e03ac5f90482db20d1aad8479c10e1b9ce5fb8e021e60859d9839503d1b0a454a97f7d6c36dd5a21682aaa4b7a9220a1d79332566b8aa39802b77c36193a0c466c9b3d707411e8e73a4fb5b7417a1a1af9d8470f99f1539d69310090e3176c03164d1e6b348dba15fd6dec9fe2eed53865cf6f162e20f416edaf0d21e85398f2eca5ad21e4ca5e97c148efdd60cb14214d1fab9f6168a2c03b0c497aa0f5576333fce6c43553b2c1a8e79ddb183fe253a23ce6e15936354098f8b1aee55153d381ebfaea4c821575ffe7ed42c2c297526ef0fb1bede280f4ae5648b6e274314696809e9616384eaa2f14f22b39ce8ffde24e15947e51a2e9611c1849c65fa8e412bc0b1452a3c2e06ee8f138b9c71c1273c1d93fcebc7b16fac0d5d8b1230df92e2961b450ffe470bd38dd4708379f2de1bf9c6178858791258daf2fcbb17e92c48685c9f33ce4debb0a21fa32a3d6418d8da9c3e83957d8f92a1cc5ff57eae03a8c79a1606bf48d0cb815c31d3779e6cead88b9f3c92f22e7ea369c1cb429578a73f0cefb72f7e6882f8599cb0ab2f2fdf18b70db7857fc7a7d26a2503d182f8bf39b74655a4fcd99f7af9d9909ce1543e60547d84acd24751ce6c1005635ffde25611e4b354c06452dd380b2e24c2c4016bb0015396b8f604dc886be4a6b0f3d8904b649bbdadcac7745d5a64ccade3fe03ff302d227c92bc7e96316ce920c7ff9cd7b7f78ec5ca90a02c6d7b6520c1a7f79401d829fd95f5988d69bc2f38ff45871c66c6bdae0281f5682ccf590c9dc5dc701b68fe0d7a26b704fad0a749d15071516e7728a98441a916325663330f339fb8c670830337a37d5401521a7c68c5376ae56c36a2983c161b8e6d101b94ff37c9b8768c5de00a1cbe783c19c13663c09cf975dfa975d9235a12e3d6600eabcda5c59af1b0aae04659ed3c7412f9e2b720f92c46f824c3034682c6a480207c3033575c8e7a8feaa8882a4f51ce452525139d59250ba8251bcd9afd59eabcf3d4b8f4f4f5c39b5425fbbe45be538d1ed48afca73d12cd8502b3941c27ba82ee918662eec8c05e8e5e1e6cb0da00edb16a47546c5a3c0b0c992f1a30912444956db16a1a4b975455aa8f8282b89e3e80569c5d223089fc13cac4b9933256270ef746fa8ed60793660d649070e3c374a7af3dd3a052a1ffca486ba1e3d0856eb2a9b83789a5bfbb45c6467b2de4a45fd0e4e4e2029e8af2c7b709f0721442b886583455ac1ea54fa59aa22dbe4da3fd2a1b7cd8b7bd97316ede8c41f12ef8dc3029d72452eef10150cc1f152acd02a876086cd893e7dc614cffe9832aa18dead47ef6a38fa9d58bc690623b0075a828e716463917a55f461146da5ba2eebdb81eb1c5502f4b538a4c8edc98dd93d191fb00c37024725e4594aec1ab6974ed33a5d6e142822604ba9ff027b6669f1f7abca6d8db06eaa160d88837af09912f3e4d06e8cb013ea18dda78a9357d8f8e069aa75265bfdbb0ea318eb6bea6457d9faa3157f0f3da278dd89c36a86044252eb75a5be2b73ba1ce08c467c85c1ec7c178a6df6bf51de55d7d607ad78a0497850b8961b0c54f704f5c7233c1e14da54c5764e6bd0cff337f8a5421c520aa138740a2befa125a2027450ec77187caea69d99b37e4d7c538bee872d95de93b00484e82984e4dfc7233ab66fe75785edc36482ecfdc5c961f80dea0003b9ea70a53213e6362d9324112a2e11ed04c1b0aa75fb0cfbdc574856962cfbf167564252178baaa3a30d9c02dada6a1c06e3ea17c5ea1c55d61d41c3e8bed9bfe207b6ed0eac6d00d887a4bc7bee672ee5be6bf9cabeffd356a817a8b0860b28700d7d7556461a341f00ce7c7a8a713a78e674b82da539b465a8277050f2d4cfb7cfad29b74342eff2d06a8ad908b3153d01bc614c03ebc49aa789a2f2c273117a35d0b792cbffb4cc53228f1f7ad7aaa69af482cf3bdf47cfb5da4c6faecf4b57a808b26a2f4c208ed95fb474a4f0eb4f776d2227f869d4dd11aee8734a99e38554b3f9118176fd73779c402065313bd2d6eaab2f207b922f30cb7b8f9f1e22c5a1cbdac1a2c11d17ae789e637e8917250e06090ab559410817e82e7ad440fdd1df01834c2dc89877a5da6f348ef11b0456d40554b4fdffc2921da10f9cdbbcc8d71e61785cb7a58453e35693e7571c6a0ad65424fe0695fb75e06115820227263030fa7b3f22915dac9c78bd2e3bc5576bd8ff50629b2d38c449733568540f13a5ff947829ec3bfb9b8c80bb3d1d8b5706a2d78725576b02531c1489db74297f2ef9582ba9819c3344bd872b864d63aa9d29b597f148afc8b67c0026aa0e3f739f7b6e3d44522b358ac48d654b1aa9bfbf7203557fae4b5e31523d4e380f86ef81da58a7cda68548972e8f64b9c72fb561c0cb738f88364f41cd64262812b9ec1c5f4b53c53b77f72645c142a2cb2c4790068151100e91dd1ae67133a59aeb11d6368a0336a50a76ba1a5c7f574b696a80859f2d0fac1614cb31b8f66224cfaec45b58fd7e39e2cf89b548577f843342a6aa72e4654a8d7ef64be140a3eb1106dab008781b3434292f870a8f276f16e8d6eab6e5882afef8a6033295a91fa31b99bde08b0b164e2ac4c7145daf845ae2fdcdc58e847fc2594d5f754f84ed0f931df3a183e4263ff2b71f97f2e10a59d7db28b4172b8ce8344aed7e1d26aecd611802700ba22557b09722f69aa7e48715f857a91366f8b7d36cfb15803a1ac2796ce93946a85f911bc8bc2b36015d3c889be3165c8392413cd23a2151d7cb4155862953976334449971d0ecdefdd2b944e0af2e77330d0b3dd162a57001fe22d4505260b09d309d7b3ccf5b163490da528f086e727d0b821c15929da7194ad0be1e79a71093fd1f8da10b522e37adf7a6896f8a79691069139b0534e775a249e51e816c25b582623be784bf6fc9bb101f0cd3bacdc15c3c4c114df1eed02540f5fa6a26e4be109294c30537c196b423f9efaf129578fae8d04875c6a1295c4d22016f36224639f4163ca3f35c96a1470a796218af9a8a21a5d318252a0508209a18c593e339bcda84d0b3aaac48fc06294a1762d2a6cf6e2bfa0a685eeea6f83d159cdfc2ffa2f4436feda6429dc561d91c34605eae1361f437dd45f6aa2acc5b71f41ebfee2fd585ea6955a7af3b75de8f4bb154e012fd0b05720796ed2d5658c04edc62d95e4285f25ec7f08abbadd24653b7e05ee89ececd6a1d9315bb705c3cd7a03c290254194a94f7577e3900328ee9ed26a8da4c515b15218a30e18a1405c4c34fb4e1078f696c57e7a2a1e9e9eb9fd28c34476f7d1258c864fab4dcf64596e6e172dbc2e6667dbd592a399fc18b89873680c4356dc68bfba9f66652e855389c80df6bca729590dd46256caef3cc7453ab6cc3a8ea622df49747a7a811ba71da33d3cea3412cdda75c891bf10774cfbb1c1e28a"})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000000100)={{r6, 0x451, 0xe4, 0xffffffff, 0x2, 0x1, 0xdd, 0x5, 0x4, 0x8, 0x5, 0xa28a, 0x1, 0x6, 0x100000001}, 0x10, [0x0, 0x0]}) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
r7 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x401, <r9=>0x0}, 0x8)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r8, @ANYRES8=r5], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r10)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x0)
r11 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r11, 0x0, 0x0, 0x20010004, 0x0, 0x0) (async)
connect$inet6(r11, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
getsockopt$llc_int(r1, 0x10c, 0x2, 0x0, &(0x7f0000000000))

2.133151055s ago: executing program 2 (id=1303):
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x248, &(0x7f0000000080)={[{@nomblk_io_submit}, {}]}, 0xfd, 0x48f, &(0x7f0000000940)="$eJzs3M1rHOUfAPDvzG6SX1+TX60vrdVGq1h8SZq0akHBFxA8KAh6qCeJSVpq00aaCLYEG6XUi6AF7yJ4EfwLPHkS9SR41bsUivTS6mllMrPrJtnNSzfJptnPB6aZJ/vMPt/vzDwzz8xkGkDH6s/+SSJ2RsTvEdEbEWl9hW35lNW7dWNm9O8bM6NJVCpv/pVki8XNGzOj1apJ8XNHXihnX5ReTuLFBu1OXbh4ZmRiYvx8UR6cPvv+4NSFi0+dPjtyavzU+Lnh48ePHR169pnhp9ckzyymm/s/mjyw79W3r74+euLquz9/l9QFXZ9Hi57rrc3O1NbJQo+uUWObxa66+aTcxkBYlZ6IyDZX11z/743S5d21z3rjlU/aGhywriqVSmW4+cezFWALS6LdEQDtUT3RZ9e/1WmDhh6bwvWX8gugLO9bxZR/Us7vg/Tk10a71qn9/og4MfvPV9kUq74P0bVOUQEAW9kP2fjnyQbjv3LEPXX1dhfPhvoi4v8RsSci7oqIvRFxd+R1742I+xo30/9Ok/b7F5QXj3/Say2kt6xs/Pd88Wxr/viv9hSsr1SUds3l35WcPD0xfqRYJ4ejqycrDzX89iRiNvv52+fN2q8f/2VT1n51LFjEca3cM3+ZsZHpkZYTL1z/OGJ/uVH+SZT/yyL2RcT+22zj9OPfHpj/m1Jtbvn8l7AGz5kqX0c8lm//2ViQf1Wy9PPJwf/FxPiRwepesdgvv155o1n7ef5pLJ3/ttYTbSLb/tsb7f8v1PLvS+qf104t+oru5dq48senTa9pbnf/707emtf4hyPT0+eHIrqT1xb/vu4Gd7VcrZ/lf/hQ4/6/p1gmy//+iMh24gci4sGIOFjE/lBEPBwRh5bI/6eXH3mvaf4HW9j/10CW/1jD41+z7b/6mdKZH79v1v7Ktv+xamEuqJUc/1YaYCvrDgAAAO4UaUTsjCQdqM2n6cBA/vfye2N7OjE5Nf3EyckPzo3l7wj0RVdavdPVW3c/dKi4N1wtDxflS0X5aHHf+MvStrnywOjkxFi7k4cOt6NJ/8/8WWp3dMC6874WdC79HzrX7fd/Rw640y3Ti9ONigPYeM7i0Lka9f9L9YUk8r+SB7Yc53/oXLX+/8UKKte97rXw5U3gzrPU+b/Su4GBABvO+B86Uivv9W+KmfgmYuk6yWYJdVUzn7WyeHkDIoy0jeunuy0bZbgU0cZdorzS/9UiLlQutdxou49MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa+PfAAAA///67uRi")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18120000002000000000000000000000850000003d00000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r2, r1, 0x7}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000000300)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf06}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000200)="b0", 0x20000201}], 0x1}}], 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x200000000000011, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r1, @ANYRES16=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="580000001000010400"/20, @ANYRES32=r6, @ANYBLOB="0000000000800200380012800b0001006272696467650000280002800c002300fbffffffffffffff05002400000000010500240001000000060027"], 0x58}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x2, 0x7, 0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}, 0xd8)
bind$inet(r7, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r7, 0x0, 0x9c8ffe590468874e, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
close(r7)

2.053852482s ago: executing program 2 (id=1305):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@ipv6_getaddrlabel={0x1c, 0x2e, 0x1}, 0x1c}}, 0x0)

2.005260136s ago: executing program 2 (id=1307):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = getpid()
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x10001, &(0x7f00000000c0)={[{@errors_remount}, {@noload}, {@norecovery}, {@noquota}, {@noblock_validity}, {@data_err_ignore}, {@nojournal_checksum}, {@acl}, {@usrquota}], [], 0x3d}, 0x64, 0x51c, &(0x7f0000000200)="$eJzs3UFoJFkZAOC/Ot3ZyUx2k1UPuuC6uiuZQac72bi7wcO6guhpQV3vY0w6IaSTDunO7iQsmsGDR0FEBU968SJ48iTIghePIizoWVFRRGf0IKhTS3dXZ2aS6k5mpiedSX8fVOrV66r3v9ehqutVPaoCGFnPRcRrEXE7TdMrETGV5ReyKfY7U2u9WzffXmpNSaTpG/9IIsnyumWlbU/EpWyzCxHx5S9EfC05Grexu7e+WKtVt7PlSnNjq9LY3bu6trG4Wl2tbs7Pz7288MrCSwuzA2nnZES8+rm/fO/bP/n8q7/85Ft/vPa3y19Psvw41I77VOz3YafppfZ3cfcG2w8Y7CwqtluYmchbY+xIzo1HXCcAAHp7X0R8LCKuxFSM9T+dBQAAAB5D6Wcm439J997dEeM98gEAAIDHSKE9BjYplLPxvpNRKJTL0R7D+4G4WKjVG81PrNR3Npc7Y2Wno1RYWatVZ7OxwtNRSlrLc+30neUXDy3PR8TTEfHdqYn2cnmpXlse9sUPAAAAGBGXDvX//z3V6f8DAAAA58z0sCsAAAAAPHL6/wAAAHD+6f8DAADAufbF119vTWn3/dfLb+7urNffvLpcbayXN3aWykv17a3yar2+2n5m38Zx5dXq9a1PxebO9Uqz2mhWGrt71zbqO5vNa2v3vAIbAAAAOEVPf+Sd3ycRsf/pifbUMn6yTU+4GnBWFQ9SSTbP2a3/8FRn/udTqhRwKsaGXQFgaIrDrgAwNKVhVwAYuuSYz3sO3vlNNv/oYOsDAAAM3syHet//L/Tdcr//x8CZZyeG0eX+P4yu9v3/k47kdbIA50rJGQCMvIe+/3+sNL2vCgEAAAM32Z6SQjm7vDcZhUK5HPFk+7UApWRlrVadjYinIuJ3U6UnWstz7S2TY/sMAAAAAAAAAAAAAAAAAAAAAAAAAEBHmiaRAgAAAOdaROGvya86z/KfmXph8vD1gfHkP1ORvSL0rR++8f3ri83m9lwr/58H+c0fZPkvDuMKBgAAAIyE4v2s3O2nd/vxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBIt26+vdSdTjPu3z8bEdN58YtxoT2/EKWIuPivJIp3bZdExNgA4k+0/nwwL37SqtZByLz4EwOIv3+jb/yYzr6FvPiXBhAfRtk7rePPa3n7XyGea8/z979ixD3LD6r38S8Ojn9jPfb/J08Y45l3f1bpGf9GxDPF/ONPN37SI/7zeQX+/FtHsr76lb29XvHTH0XM5P7+JPfEqjQ3tiqN3b2raxuLq9XV6ub8/NzLC68svLQwW1lZq1Wzv7kxvvPhX9zu1/6LPeJPH9P+F3LKG8/J+/+712++v5Ms5cW//HxO/F//OFvjaPxC9tv38Szd+nymm97vpO/27E9/+2y/9i/3aP9x///LvQo95MqXvvmnE64KAJyCxu7e+mKtVt0+t4lWL/0MVONxS/w3PRPVeLSJbwy0wDRN09Y+9RDlJHF6X0LSv6rDPjIBAACDduekf9g1AQAAAAAAAAAAAAAAAAAAgNF1Gk8aOxxz/yCVDOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/FeAAAA//+kyeAN")
write$tun(r7, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd01000a0000000000000060000000010021"], 0xfdef)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f0000002b80)=[{0x0}], 0x1, &(0x7f0000000dc0)=ANY=[@ANYRESDEC, @ANYRESDEC, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="000000001c0000000000000001000000020000", @ANYRES32, @ANYBLOB="c702ba19a2fe26d597579b57149caee6746000cd13d85358811532f1e24c3b43e3f622de3a668c2a52dc7fbda8c3ae6b33531c51f95186469d6c93d19fa56171fc640a5489faa02cb9957b0d168d14ae7d46f0b1f217d738d68df478b128a6e09c022cb4224d2d7aa5e0f53c475cc8181293f914aa910f44c6af99691afead8c3a340e35f74e5b99ce38ebab1cb78267df028cbdeaf0c5300b53d869f931c636268136d0cba0e8de8668ab12bc5c89331e509d648dd01915cc029c9e2f5293347a25d8682b96782995fb673e304af423e28b4fe88dd31be9a4", @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYBLOB="ea9346", @ANYBLOB="d87076926acce57aae455cff69c0d6c1d87e902f496c16c7c21e9864469749bccdb51453792ea5bd8ccc5b0d81aace0ac54a3f9e59cb4022804fb8b0fc3cd361828ea759f4852e41a4", @ANYRES16=r5, @ANYRES64, @ANYRES32, @ANYRES32=r4, @ANYRES32, @ANYRES32, @ANYRES16, @ANYBLOB="0000090000000001000000020000000000000000380e4677b2356a403c8c9ca7832c5a901ad2155612a8a564dfbf8bfcbb990272117c24b9c9e0e80306c33627e8814ea6289a6bd57e74b452d43481cd2b9585816cdf", @ANYRES32, @ANYRESDEC=r6, @ANYBLOB], 0xd8}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="1400000000000000010000000100", @ANYRES32, @ANYBLOB="000000001e000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES16, @ANYBLOB="00000000006bf68e31ab373e", @ANYRES32=r1, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRESDEC=r6, @ANYRES64, @ANYRES32=0x0, @ANYBLOB="000000002c00000000000000010000000100", @ANYRES16=r3, @ANYRES32=r5, @ANYRES32, @ANYRESHEX=r2, @ANYRES32=r4, @ANYRES8=r5, @ANYRESHEX, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r1, @ANYRES32=0x0, @ANYRES64=r5, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRESDEC=r3, @ANYBLOB="18000000000000000100000001000000", @ANYRES32=r6, @ANYRES32], 0x100, 0x24000081}}], 0x2, 0x90)
accept(r2, &(0x7f0000000500)=@ethernet={0x0, @local}, &(0x7f0000000700)=0x80)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000007000000030000000000000800200000000000002e5f00"], 0x0, 0x2b}, 0x20)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f0, 0x0, 0xc8, 0x8, 0x6, 0x5803, 0x320, 0x2e8, 0x2e8, 0x320, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [], 'vlan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5df11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f35a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}, @common=@inet=@socket1={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xf8, 0x160, 0x0, {}, [@common=@ipv6header={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x450)

1.503930227s ago: executing program 1 (id=1308):
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2a]}, 0x8, 0x80800)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x800)
r2 = creat(&(0x7f0000000180)='./file0\x00', 0x80)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000000200)={'filter\x00', 0x7, 0x4, 0x418, 0x0, 0x110, 0x110, 0x330, 0x330, 0x330, 0x4, &(0x7f00000001c0), {[{{@arp={@dev={0xac, 0x14, 0x14, 0x1d}, @multicast1, 0xffffffff, 0xffffff00, 0x6, 0xf, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x2b}, {[0x0, 0x101, 0xff, 0xff, 0x0, 0xff]}}, {@empty, {[0x0, 0xff, 0x0, 0xff, 0xff, 0xff]}}, 0xd, 0x85d, 0x2, 0x2, 0x3, 0xc, 'team_slave_0\x00', 'wlan1\x00', {0xff}, {}, 0x0, 0x2a0}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @rand_addr=0x64010102, @local, 0x8}}}, {{@arp={@private=0xa010102, @empty, 0xffffffff, 0x0, 0x8, 0xf, {@empty, {[0xff, 0x0, 0xff]}}, {@empty, {[0x0, 0x0, 0x3660156d9bdc47b5]}}, 0x9, 0x1, 0x101, 0x4, 0x4, 0x88c, 'hsr0\x00', 'veth0_to_batadv\x00', {0xff}, {}, 0x0, 0x41}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @empty, @remote, 0x2, 0xffffffff}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x1, 0xe, {@empty, {[0xff, 0x0, 0xff, 0x0, 0xff]}}, {@mac=@random="788180e7b446", {[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}}, 0x2, 0xff, 0x8, 0x5, 0x9, 0x0, 'nr0\x00', 'bridge_slave_0\x00', {0xff}, {0xff}, 0x0, 0x17}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="4a5f2c90b0db", @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast1, @local, 0x8, 0xffffffff}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000680)={0x0, r0, 0xff, 0x1, 0x1c14, 0xf})
syz_usbip_server_init(0x5)
r4 = openat$selinux_create(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$selinux_create(r4, &(0x7f0000000700)=@access={'system_u:object_r:dlm_control_device_t:s0', 0x20, '/usr/sbin/ntpd', 0x20, 0x7}, 0x4e)
getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000880)={@initdev, <r5=>0x0}, &(0x7f00000008c0)=0x14)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000980)={0xfff, <r6=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x1a, 0x13, &(0x7f0000000780)=@raw=[@cb_func={0x18, 0xc, 0x4, 0x0, 0x8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @map_fd={0x18, 0x7, 0x1, 0x0, r0}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffff8}], &(0x7f0000000840)='syzkaller\x00', 0x1000, 0x0, 0x0, 0x41000, 0x2b, '\x00', r5, 0x24, r2, 0x8, &(0x7f0000000900)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000940)={0x2, 0x3, 0x0, 0x5}, 0x10, r6, r0, 0x8, &(0x7f00000009c0)=[r0, r2, r0, r2, r2], &(0x7f0000000a00)=[{0x5, 0x3, 0xc, 0x6}, {0x5, 0x5, 0x10, 0xa}, {0x0, 0x2, 0x10, 0x5}, {0x5, 0x5, 0x3, 0x7}, {0x1, 0x4, 0xd, 0x8}, {0x1, 0x2, 0xa, 0x5}, {0x0, 0x1, 0xc, 0x9}, {0x0, 0x4, 0xe, 0x7}], 0x10, 0x155}, 0x90)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000b40)={'pim6reg\x00', <r7=>0x0})
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000b80))
syz_open_dev$sg(&(0x7f0000000bc0), 0xffff, 0x501982)
write$selinux_create(r2, &(0x7f0000000c00)=@objname={'system_u:object_r:selinux_config_t:s0', 0x20, '/usr/sbin/cups-browsed', 0x20, 0x6, 0x20, './file0\x00'}, 0x5a)
r8 = accept4$unix(r0, &(0x7f0000000c80)=@abs, &(0x7f0000000d00)=0x6e, 0x80800)
connect$unix(r8, &(0x7f0000000d40)=@file={0x1, './file0\x00'}, 0x6e)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000e80)={'ip_vti0\x00', &(0x7f0000000dc0)={'gre0\x00', <r9=>r5, 0x8000, 0x8000, 0x7, 0x10001, {{0x21, 0x4, 0x1, 0x5, 0x84, 0x68, 0x0, 0x7a, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, {[@lsrr={0x83, 0x7, 0x9f, [@dev={0xac, 0x14, 0x14, 0x23}]}, @rr={0x7, 0xb, 0x16, [@local, @empty]}, @ssrr={0x89, 0x7, 0x5, [@empty]}, @lsrr={0x83, 0x13, 0x20, [@private=0xa010102, @local, @rand_addr=0x64010102, @remote]}, @timestamp_prespec={0x44, 0x1c, 0xe0, 0x3, 0x3, [{@private=0xa010101, 0x5}, {@rand_addr=0x64010100, 0xfffffeff}, {@rand_addr=0x64010101, 0x8}]}, @timestamp_prespec={0x44, 0x14, 0x47, 0x3, 0x9, [{@multicast1, 0x9}, {@dev={0xac, 0x14, 0x14, 0x3a}, 0x2}]}, @generic={0x86, 0x11, "fefb2fecf83270cb0ab90ebf9c4941"}]}}}}})
bpf$MAP_CREATE(0x0, &(0x7f0000000ec0)=@base={0x9, 0x200, 0x3, 0x1, 0x10, r0, 0x0, '\x00', r9, r2, 0x0, 0x5, 0x3}, 0x48)
getsockopt$bt_hci(r2, 0x0, 0x3, &(0x7f0000000f40)=""/4096, &(0x7f0000001f40)=0x1000)
r10 = openat$cgroup_ro(r2, &(0x7f0000001f80)='memory.numa_stat\x00', 0x0, 0x0)
r11 = socket$inet(0x2, 0x6, 0x7)
close(r11)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002280)={0x6, 0xb, &(0x7f0000001fc0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffff1}, [@jmp={0x5, 0x0, 0x8, 0x7, 0x6, 0xc, 0x4}, @generic={0x8, 0x2, 0x2, 0x5, 0x8}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0xa6}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}]}, &(0x7f0000002040)='GPL\x00', 0xf392, 0xdf, &(0x7f0000002080)=""/223, 0x41000, 0x10, '\x00', r9, 0x25, r2, 0x8, &(0x7f0000002180)={0xa, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000021c0)=[r2], &(0x7f0000002200)=[{0x0, 0x3, 0x7, 0x5}, {0x4, 0x4, 0x7, 0xe}, {0x3, 0x5, 0x9, 0x9}, {0x0, 0x3, 0x5, 0x1}, {0x1, 0x5, 0x5, 0x3}, {0x4, 0x2, 0x1, 0x1}], 0x10, 0xb}, 0x90)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched_retired(r12, &(0x7f0000002480)={&(0x7f0000002340)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000002440)={&(0x7f0000002380)=@newqdisc={0x98, 0x24, 0x4, 0x70bd26, 0x3, {0x0, 0x0, 0x0, r5, {0x2, 0xc}, {0x0, 0xffe0}, {0x10, 0xfff3}}, [@q_dsmark={{0xb}, {0x18, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x4}]}}, @q_dsmark={{0xb}, {0xc, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xc6e0}]}}, @q_dsmark={{0xb}, {0x2c, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x1}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xb4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}]}, 0x98}, 0x1, 0x0, 0x0, 0x4001}, 0xc0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r10, 0x84, 0x7c, &(0x7f00000024c0)={0x0, 0x7, 0x7}, &(0x7f0000002500)=0x8)
sendmsg$nl_route(r12, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)=@ipv4_newaddr={0x40, 0x14, 0x1, 0x70bd28, 0x25dfdbfe, {0x2, 0x20, 0x9, 0xff, r7}, [@IFA_LABEL={0x14, 0x3, 'wg0\x00'}, @IFA_LABEL={0x14, 0x3, 'netdevsim0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x1)

1.281702865s ago: executing program 4 (id=1312):
syz_mount_image$ext4(&(0x7f00000012c0)='ext4\x00', &(0x7f0000001280)='./file2\x00', 0x1008002, &(0x7f0000000080), 0x1, 0x5f0, &(0x7f0000002440)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDRcTE9fMdqb0x+yWlm6nYT6fZOmb9/bx3nT77bx9fW82gMoaTP+pReyNiOkkoj+ZXyzrjKxwcOF59/7+5HT6SKJef+PPJJIsL39+kn3tyyr3RMTPPyWxp2N1uzNzV86PT01NXs6Oh2cvTA/PzF05eO7C+NnJs5MXR18aPXb0yNFjI4c2dF5XC/JOXn//w/7Pxt7+7pt/k5HvfxtL4ni8mj1x6XlslsEYbHxPktVFfcc2u7GSdGQ/J0tf4qSzxA6xLvnr1xURT0V/dMT9F68/Pn2t1M4BbVVPIupARSXiHyoqHwfk7+1Xvg+utRg7/FNv69AEaLO7JxYmAFbHf+fC3GD0NOYGdt5LYum0ThIRG5uZW25XRNy+NXb9zK2x69GmeTig2Py1iHi6KP6TRvwPRE8MNOK/tiz+03HBqexrmv/6BttfOVUs/mHrLMR/T8v4jybx/86S+H93g+0P3k++17ss/ns3ekoAAAAAAABQWTdPRMSLRX//ry2u/4mF9T9dS+v1RcTxTWh/cMXx6r//1+5sQjNAgbsnIl4pXP9by1f/DnRkqcca6wG6kjPnpiYPRcTjEXEgunakxyMt2jj4+Z6vm5UNZuv/8kfa/u1sLWDWjzudO5bXmRifHX/Y8wYi7l6LeKZw/W+yeP1PCtb/pr8Pph+wjT3P3zjVrGzt+Afapf5txP7C6//9u1Ykre/PMdwYDwzno4LVnv34ix+atb/R+HeLCXh46fV/Z+v4H0iW3q9nZv1tHJ7rbLpTcKPj/+7kzcYtZ7qzvI/GZ2cvj0R0Jyc70txl+aPr7zM8ivJ4yOMljf8Dz7We/ysa//dGxPyK/zv5a/me4tyT//X93qw/xv9QnjT+J9Z1/V9/YvTGwI/N2n+w6/+RxrX+QJZj/g8WfJWHaffy/IJw7Cwq2ur+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCjoBYRuyKpDS2ma7WhoYi+iHgidtamLs3MvnDm0gcXJ9Kyxuf/1/JP+u1fOE7yz/8fWHI8uuL4cETsjogvO3obx0OnL01NlH3yAAAAAAAAAAAAAAAAAAAAsE30Ndn/n/qjo+zeAW3XWXYHgNIUxP8vZfQD2Hqu/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/gHAAAAAIBHyu59N39NImL+5d7GI9WdlXWV2jOg3WpldwAojVv8QHVZ+gPV5T0+kKxR3tO00lo1W5k+/RCVAQAAAAAAAAAAAKBy9u+1/x+qyv5/qC77/6G68v3/+0ruB7D1vMcHYo2d/IX7/9esBQAAAAAAAAAAAABsppm5K+fHp6YmL2/DRD3r4xY1+tY2OOUtTtTr9avpd3i79GdbJ7qj3h/R6jn5UvjSu1qcyPf6PVitcn4fAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAq/0fAAD//yO4ItI=")
r0 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
io_setup(0x206, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x4000000}])

1.117598659s ago: executing program 4 (id=1313):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2400000013002900000000000000000002000000ff0000010000000008000500ac1414ff"], 0x24}}, 0x0)

1.117301918s ago: executing program 4 (id=1314):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
creat(0x0, 0x0)
r0 = creat(0x0, 0x0)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x5437, 0x0)
unshare(0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000340)='yeah\x00', 0x5)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000080)=[@window, @mss, @window, @window, @window={0x3, 0x3}, @timestamp, @mss, @sack_perm], 0x8)
write$binfmt_elf64(r1, &(0x7f00000006c0)=ANY=[], 0x440)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r1, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
bind$vsock_stream(r0, &(0x7f00000002c0)={0x28, 0x0, 0x2710, @host}, 0x10)
ioctl$TIOCSWINSZ(r2, 0x5414, &(0x7f0000000200))

1.045678865s ago: executing program 3 (id=1316):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)
sendmsg$NFC_CMD_START_POLL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_TM_PROTOCOLS={0x8}]}, 0x24}, 0x1, 0x100000000000000}, 0x0)

1.035231046s ago: executing program 3 (id=1317):
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000300)={{0x1, 0x1, 0x18}, './bus\x00'})
writev(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mount$bind(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b00), 0x200030, 0x0)
mount$cgroup(0x0, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740), 0x0, &(0x7f0000000180)={[{@subsystem='net_cls'}, {@none}], [{@euid_gt}, {@obj_type={'obj_type', 0x3d, 'GPL\x00'}}, {@subj_role={'subj_role', 0x3d, '/proc/bus/input/devices\x00'}}]})
sched_setscheduler(0x0, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x0, 0x0)
open(&(0x7f00000000c0)='./bus\x00', 0x14da42, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80001d00c0d0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
mount$9p_rdma(0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="7472616e733d72646d130d000072743d3078303030303030303030303030346532342c74696d656f75743d3078303030303030303030303030303030332c6d73697a66c73078666666666666666666666666666666642c73713d3078303030303030303030303030303030342c74696d656f75743d3078303030303030303030303030303030312c7569643c", @ANYRESDEC, @ANYBLOB=',obj_role=,obj_user=/,pcr=00000000000000000000,\x00'])
lsetxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000a00), &(0x7f0000000a40)='system_u:object_r:systemd_passwd_agent_exec_t:s0\x00', 0x31, 0x1)

995.022779ms ago: executing program 3 (id=1318):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x6, 0x3)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000840), 0x4)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r2)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x95, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfffffffbffffffff, 0xffffffffffffffff, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
setsockopt$sock_int(r7, 0x1, 0x2a, &(0x7f0000000280)=0x5, 0x4)
ioctl$SIOCSIFHWADDR(r5, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xf101})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x8943, &(0x7f0000000080))
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f00000005c0)={'lo\x00', 0x400})
sendmmsg$inet6(r1, &(0x7f0000000080)=[{{&(0x7f0000000200)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4001b80f)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r0, &(0x7f0000000240)={0x0, 0xf00, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9, @ANYBLOB="7ffbe1ffffff0000000005"], 0x14}, 0x1, 0xf00000000000000}, 0x0)

994.722499ms ago: executing program 4 (id=1319):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r4, 0x0, r6, 0x0, 0xf3a, 0x0)
write(r2, &(0x7f0000001100), 0x0)
tee(r1, r6, 0x81, 0x0)
vmsplice(r5, &(0x7f0000000580)=[{&(0x7f00000000c0)="d7", 0x1}], 0x1, 0x0)
write$binfmt_misc(r3, &(0x7f0000000140)=ANY=[], 0x4)

837.496222ms ago: executing program 1 (id=1320):
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180), 0xc, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="e8010000", @ANYRES16, @ANYBLOB="000029bd7000fedbdf25110000000c00038008000200050000000c0009800800010000008000cc0004801300010062726f6164636173742d6c696e6b00000900010073797a30000000000c0007800800020003000000540007809bbc0400910000000800020007000000080001002000000008000200080000000800010008000000080003002000000008000300e4"], 0x1e8}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e8000000000000000b210000ff3f7c081e0f315b91fcaec7bf495d5c618332756cbb1bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957eff13d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c025553298812978ea53a8c60f254f23344a80a0aac7b141787bad6b0ba090000005f2f3158f0d200000000000070000000000000000701000040000000afbb30c2946e41ef3167d1f6ed47aa1f52bad114a89dbed741f74a23cd8d915e2dcc74a4932646b90f90a9d3956d5cadb642ac79fcb0aae3654482188263abd27e9d57cc28032453dc75f333e1f367ab38b7e7719805a454e79802d07ec60c00b0000000000000000100000001"], 0x208}, 0x0)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003200)=[{{0x0, 0x0, &(0x7f0000001e00)=[{0x0}, {0x0}, {&(0x7f0000003480)=""/172, 0xac}], 0x3}}], 0x1, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002e80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/108, 0x6c}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=""/99, 0x63}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001b00)=""/148, 0x94}}, {{0x0, 0x0, &(0x7f0000001e40)=[{0x0}, {0x0}, {&(0x7f0000001d00)=""/172, 0xac}], 0x3, &(0x7f0000001e80)=""/4096, 0x1000}}], 0x4, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/188, 0xbc, 0xdf0e}}], 0x1800, 0x2002, 0x0)
close(r0)
fcntl$dupfd(r1, 0x0, r1)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x700, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="5c00000010000100"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000300016802c00018028000100d4328ab5"], 0x5c}}, 0x0)

812.013954ms ago: executing program 3 (id=1321):
syz_open_dev$usbmon(&(0x7f0000000000), 0x7fffffff, 0x0)
r0 = syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r1=>0x0, &(0x7f00000001c0))
syz_io_uring_setup(0x3d2d, &(0x7f0000000080)={0x0, 0x851c, 0x4}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000140)={0x77359400}})
syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r4 = syz_io_uring_setup(0x5169, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=<r5=>0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r7 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r7, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r7, 0x3)
r8 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r8, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
accept4(r7, 0x0, 0x0, 0x0)
recvmmsg(r8, &(0x7f0000007940), 0x55, 0x0, 0x0)
sendmmsg(r8, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x5e2, &(0x7f0000000280), &(0x7f0000000040)=<r9=>0x0, &(0x7f0000000140))
syz_io_uring_submit(r9, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r4, 0xb15, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r10 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./bus\x00', 0x280000a, &(0x7f00000007c0)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2b2, &(0x7f00000003c0)="$eJzs3b9re1UUAPDz0uQl6JAKTiL4QAenL992dUmRFordJIM6qNgWpAlCCwV/YOzk6uLo6iIIbv4TLv4HgqvgZsHCk5f3XpPUNCbVtOr381l6e+85956bvlI65OSd54cnh1kcX3zyU3Q6STR60YvLJDajEbXPYkbviwAA/ssu8zx+zUur5CUR0VlfWQDAGq389/+7tZcEAKzZ62+8+dpOGhFZ1om94efn/eI/++Jrub5zHO/HII7icXTjKiK/Vo738jwfNbPCZrw0HJ33i8zh2z9U++/8EhHF/ltJfWSZ3q7y9w92t7LSVP6oqOOp6vxecf52dOPZOefvH+xuz8mPfhovvzhV/6Poxo/vxQcxiMNxEWV+NCI+3cqyV/Mvf/v4raK8Ij8Znffb47iJfOM+fy4AAAAAAAAAAAAAAAAAAAAAAPy/Pap657Rj3L+nmKr672xcFd+0IqttzvbnKfOvu/rc6A80yuOruj/P4yzL8ipwkt+M55rRfJhbAwAAAAAAAAAAAAAAAAAAwL/L2Ycfnbw7GByd/iODuhtA/bb+u+7Tm5p5IRYHtydnNarhgp1jo45JIhaWUVxi6Zp/r9oe3O2le+a2mr/5dul9vv7ru1eD1hIxf3NQ1ZLd+oy1o57p1A/J99MxaSx5Vjp/qXWar/T4pXOXuivfPX16PBgtiIlkUWGv/Fy+ZtVMcvMWaUTcsnOrGkylz8Z0ln+ei9+UP0l06wAAAAAAAAAAAAAAAAAAgLWavOl3zuLFwtRG3l5bWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwryaf/z8edKrpycy8waiKml1qTmbybr2UxunZA14PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ8QfAQAA//+C9FlJ")
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
getpeername$l2tp6(r10, &(0x7f0000000380)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000680)=0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001800)=ANY=[@ANYBLOB="611550000000000061134c0000000000bfa000000000000007000000188615002d0301000000000095001700000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf500000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad371d5ab2af27546e7c955ccefa1f6ab689b555162da2e0ec287db4a7e65836429a527dcd7ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04a046002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb75a629361997a75fd5523dc206438b8ef4901fd03cc86d8a297dff0445a15f21dce431e56723888fb126a163f16f9208e2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63cecac4d03723f1c932b3a6aa57f1ad2eff2ae67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb40000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d16134762cd31cc43010000007b4037d83f84e98a523d5ec380bd970d703fffca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6af489af8dc2f17923f3c40446d7074be86a912a5ac00000000000000000000030000000000000091fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0001000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b541bcb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d3261917a2d363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05f12f6106f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27af32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e02b0a49137bc5a46cd8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad0fceee5f339550130a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3116dbc7e2bf2402a75f17a55733360040855ed5d1c0d634fc5ff38f86779ff7da171814d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453b65586f65c7943d54b52f06c870edf0c5d644b5270b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff528f84af54ff387bf657a67463d7db08eb09466e2e085bd925e9321f730017dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c98e7b073ce91798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94e7cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea93f3b563ab900000000000000000077a99fb5b0a4373922477c9c7ca20bd428d8f77bb920ad0db4c1da671bfad7f1094aeed4f1298df1730e9009b4f856f8d1b4ab25aa175cacb82c54ee17e3487f725f500000000000000000000000000000000000000000000000954da223585afcc8aaeed8bbcc1a86b083f21162d0e81c7dcb0639582b9242b9afe9bf08f941dbad6911114d1d5cbb7a7e93bbcba8d1f324a720538006b1eaaf1152546eecef8fcd01b44fcdf2ef336e343ea748355f6b8c7a8067f841e9a8fb3ce292c49b6002a61fca9fc85eb64db2d55bcfff9eef84f1bcc87798ede41e4c9e76c5f30c9e8b43b223cad02d83f920d456cb9a5c913c8484e7b30d15ea17ece8c74d286e2f94abc3bc3f7ff3db422cbe434a75d285566a80413d34c7263d995672da44673baa696132dee987e6fa0b6e3402cdde0b250f69bb5931e642b0b3ed81bd1e0cb5654237833c9ac2c6e0a7ace362b79e1c627f32"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
r11 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
getdents(r11, &(0x7f00000000c0)=""/37, 0x25)

715.298492ms ago: executing program 3 (id=1322):
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f0000000980)=[{}, {}, {}, {}, {}], 0x5, 0x1f, &(0x7f0000000cc0)={[0x84b]}, 0x8)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = perf_event_open$cgroup(&(0x7f0000000d40)={0x4, 0x80, 0x9, 0x81, 0x0, 0x1, 0x0, 0x10001, 0x80000, 0x9, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x6ca0, 0x1, @perf_config_ext={0x20, 0x3}, 0x400, 0xffff, 0x9, 0x3, 0x3, 0x6, 0x4, 0x0, 0x100, 0x0, 0x2}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x4)
r2 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, r1, 0x0)
pipe2$9p(&(0x7f0000000dc0), 0x80)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./bus\x00', 0x1200840, &(0x7f0000000d80)=ANY=[@ANYBLOB="757466383d312c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c696f636861727365743d73703836322c696f636861727365743d63703433372c73686f72746e616d653d77696e39352c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c756e695f786c6174653d302c003c24d06816418f4be78ed4fbfe47efc82f966a602a8db43ad053c978bbd3501706515140ef63c2a58653ced497550b22917b09702604bc162c57e05beec5bb0c11fc2f9238b25e4527e24bab534e9ba458d92a597c3fee89f57053a4a1535771c9877b3ab101fb26937779cff75a95a296fafddf11280fafeb9bd5f2da4a88b43f3e4d5b1a9aed1f659d88f914548fba990603b0d4f14adda86d459c62701d3d6f007c7e50da9608a03eff58"], 0x3, 0x377, &(0x7f0000000a00)="$eJzs3UFom+UbAPAn/dKm/bP924MgCsKnN0HLNgXRix2jg2EuU8LUgxjcptLUwYrB7tCsXsSj4FFP3jzowcNuXgRFdvPg1QkyFQ+628CxT77kS/KlSWqZdLP4+x3Cs/d9nvd9v+Rl+ZqSt6+uxNrZ2Th/48b1mJ+vRHXlxErcrMRSJNF3OcbNTWgDAA6Gm1kWf2Q9EV/upaSy/6sCAPZT9/3/9cOllne/3i0/8+4PAAde8fP/Qrkt2ZEzP634wr4tCwDYR6Of/0fEI2MppV/1V8fuDQCAg+eFl15+7ng94vk0nY9Yf6/daDfimWH/8fPxZrTiXByJxbgV0btRyB8q3ceTp+qrR9I07cTPS9HIK9qNiPVOu9G7UziedOtrcTQWY6moL+42sixLTn5RXz2adkXE5U53/livtBuzsVDM/8P/4lwcizTuG6uPOFVfPZYWAzTW+/WzEdvDzy3y9S/HYnz3WlyIVpyNvLZ/W1Nf3Tqapiey+qHKsL7TbtS6eT1TPwEBAAAAAAAAAAAAAAAAAAAAAIA7spwOLA3Oz8mG5/csL0/o756P06svzgfa7p0PlNWyyLLf33m88X4SI+cD7Tifp9NuVGPm3l46AAAAAAAAAAAAAAAAAAAA/GtsbM5Fs9U6d3Fj89JaOehc3NiciYi85a1vP/tqIUZzFooBRqtGgmqRUupKh1VZ0k/OkpGcIkjyySvVXsunVwYrLufUBlcxcRm16V2t1uGHf/po2PJQ0h/59jAniYnXdSnZsYxysP7/3pKmPy27BMf+JudalmXTyrdeGa+KSkR16lLvMMjy4JvrbzzwxEZ/E2Q9jz62eObah5/8utZs5TPnWq25ixu3srVm8e/Jm216kJT2T6XYbJXyTqg2n7x9+tCUkbdHW5rJ97+9+OAHV4uWmd1fpuzM1WHL2xNykt6kn+/smusF+TIHXc/mQf4cjY8zO2HzTwqein/0wt3/8UrzytaPv+y1qvSfhIM6AAAAAAAAAAAAAAAAAADgrih9V7xQfNl3dreqp0/v/8oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4O4Z/v3/QRAz2zta9hb82Yl+y5nod9XyAWOuNOPSPbxaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+q/4KAAD//1UBZGs=")
creat(&(0x7f0000000100)='./bus\x00', 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x16d43e, 0x0)
ftruncate(r3, 0x7fff)
read$msr(r3, &(0x7f0000032680)=""/102391, 0x18ff7)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r7, @ANYBLOB="000000000000000014001a80100005800c000380080001"], 0x34}}, 0x0)
sendmsg$SEG6_CMD_GET_TUNSRC(r5, &(0x7f0000000400)={&(0x7f00000003c0), 0xc, &(0x7f0000000440)={0x0, 0x34}}, 0x0)

489.39283ms ago: executing program 3 (id=1323):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r2], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
getpid()
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x10001, &(0x7f00000000c0)={[{@errors_remount}, {@noload}, {@norecovery}, {@noquota}, {@noblock_validity}, {@data_err_ignore}, {@nojournal_checksum}, {@acl}, {@usrquota}], [], 0x3d}, 0x64, 0x51c, &(0x7f0000000200)="$eJzs3UFoJFkZAOC/Ot3ZyUx2k1UPuuC6uiuZQac72bi7wcO6guhpQV3vY0w6IaSTDunO7iQsmsGDR0FEBU968SJ48iTIghePIizoWVFRRGf0IKhTS3dXZ2aS6k5mpiedSX8fVOrV66r3v9ehqutVPaoCGFnPRcRrEXE7TdMrETGV5ReyKfY7U2u9WzffXmpNSaTpG/9IIsnyumWlbU/EpWyzCxHx5S9EfC05Grexu7e+WKtVt7PlSnNjq9LY3bu6trG4Wl2tbs7Pz7288MrCSwuzA2nnZES8+rm/fO/bP/n8q7/85Ft/vPa3y19Psvw41I77VOz3YafppfZ3cfcG2w8Y7CwqtluYmchbY+xIzo1HXCcAAHp7X0R8LCKuxFSM9T+dBQAAAB5D6Wcm439J997dEeM98gEAAIDHSKE9BjYplLPxvpNRKJTL0R7D+4G4WKjVG81PrNR3Npc7Y2Wno1RYWatVZ7OxwtNRSlrLc+30neUXDy3PR8TTEfHdqYn2cnmpXlse9sUPAAAAGBGXDvX//z3V6f8DAAAA58z0sCsAAAAAPHL6/wAAAHD+6f8DAADAufbF119vTWn3/dfLb+7urNffvLpcbayXN3aWykv17a3yar2+2n5m38Zx5dXq9a1PxebO9Uqz2mhWGrt71zbqO5vNa2v3vAIbAAAAOEVPf+Sd3ycRsf/pifbUMn6yTU+4GnBWFQ9SSTbP2a3/8FRn/udTqhRwKsaGXQFgaIrDrgAwNKVhVwAYuuSYz3sO3vlNNv/oYOsDAAAM3syHet//L/Tdcr//x8CZZyeG0eX+P4yu9v3/k47kdbIA50rJGQCMvIe+/3+sNL2vCgEAAAM32Z6SQjm7vDcZhUK5HPFk+7UApWRlrVadjYinIuJ3U6UnWstz7S2TY/sMAAAAAAAAAAAAAAAAAAAAAAAAAEBHmiaRAgAAAOdaROGvya86z/KfmXph8vD1gfHkP1ORvSL0rR++8f3ri83m9lwr/58H+c0fZPkvDuMKBgAAAIyE4v2s3O2nd/vxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBIt26+vdSdTjPu3z8bEdN58YtxoT2/EKWIuPivJIp3bZdExNgA4k+0/nwwL37SqtZByLz4EwOIv3+jb/yYzr6FvPiXBhAfRtk7rePPa3n7XyGea8/z979ixD3LD6r38S8Ojn9jPfb/J08Y45l3f1bpGf9GxDPF/ONPN37SI/7zeQX+/FtHsr76lb29XvHTH0XM5P7+JPfEqjQ3tiqN3b2raxuLq9XV6ub8/NzLC68svLQwW1lZq1Wzv7kxvvPhX9zu1/6LPeJPH9P+F3LKG8/J+/+712++v5Ms5cW//HxO/F//OFvjaPxC9tv38Szd+nymm97vpO/27E9/+2y/9i/3aP9x///LvQo95MqXvvmnE64KAJyCxu7e+mKtVt0+t4lWL/0MVONxS/w3PRPVeLSJbwy0wDRN09Y+9RDlJHF6X0LSv6rDPjIBAACDduekf9g1AQAAAAAAAAAAAAAAAAAAgNF1Gk8aOxxz/yCVDOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/FeAAAA//+kyeAN")
write$tun(r4, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd01000a00000000000000600000000100"], 0xfdef)
accept(r1, &(0x7f0000000500)=@ethernet={0x0, @local}, &(0x7f0000000700)=0x80)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f0, 0x0, 0xc8, 0x8, 0x6, 0x5803, 0x320, 0x2e8, 0x2e8, 0x320, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [], 'vlan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5df11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f35a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}, @common=@inet=@socket1={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xf8, 0x160, 0x0, {}, [@common=@ipv6header={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x450)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, &(0x7f0000000780)=0x3, 0x4)

198.615094ms ago: executing program 0 (id=1324):
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x4030582a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x4, 0x1c, &(0x7f0000000fc0)=ANY=[@ANYBLOB="1808000000000000000000000600000018110000", @ANYRES32=r2, @ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000005000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

139.484659ms ago: executing program 0 (id=1325):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000030000000000000000000000000a60000000060a090400000000000000000200000034000480300001800e000100696d6d6564696174650000001c000280100002800c00028008000180fffffffb08000140000000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x88}}, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = dup2(r2, r1)
close_range(r3, 0xffffffffffffffff, 0x0)

90.613663ms ago: executing program 4 (id=1326):
r0 = socket$packet(0x11, 0x2, 0x300)
socketpair$tipc(0x1e, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, <r2=>0xffffffffffffffff}, 0x0, 0x0}, 0x20)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
ioctl$EVIOCGKEY(r3, 0x40284504, &(0x7f00000003c0)=""/134)
r4 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r5=>0x0})
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r5, 0x1, 0x6, @broadcast}, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000300), r7)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r10, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r11=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="110800000000000020001000000008000300", @ANYRES32=r11], 0x1c}}, 0x0)
r12 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r14, 0x8933, &(0x7f0000000140)={'wpan1\x00', <r15=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r13, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="010000000000000000002600000008000300", @ANYRES32=r15, @ANYBLOB="30002f80"], 0x4c}}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r7, &(0x7f0000000200)={&(0x7f0000000140), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, r8, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_NETNS_FD={0x8, 0x1d, r4}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r15}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES8=r2, @ANYRESOCT=r2], 0x20}}, 0x0)

90.020383ms ago: executing program 0 (id=1327):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mount$9p_fd(0xb00000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [], 0x6b}})

1.63712ms ago: executing program 4 (id=1328):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x30, r1, 0x1, 0x0, 0x0, {0x2}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @local}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @private}]}, 0x30}}, 0x0)
r2 = socket(0x23, 0x5, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000100)='oom_score_adj\x00')
write$cgroup_int(r3, &(0x7f0000000040)=0x100000000000000, 0x12)
connect$bt_l2cap(r2, &(0x7f0000000180), 0xe)
setsockopt$MRT_TABLE(r3, 0x0, 0xcf, &(0x7f0000000000)=0xffffffff, 0x4)

1.52368ms ago: executing program 0 (id=1329):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000140)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x45, 0x0, 0x0, 0x800007}, {0x6}]}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000001800)=ANY=[@ANYBLOB="0180c200002950a245d5cde0080045"], 0x0)

0s ago: executing program 1 (id=1330):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f000000a280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000014c0)=@newtaction={0x14, 0x52, 0x301, 0xffea, 0x0, {0x2}}, 0x14}}, 0x0)

kernel console output (not intermixed with test programs):

 an invalid length.
[   84.674013][ T5776] loop4: detected capacity change from 0 to 1024
[   84.720889][ T5781] loop2: detected capacity change from 0 to 512
[   84.727580][ T5781] EXT4-fs: Ignoring removed bh option
[   84.733345][ T5781] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   84.744502][ T5781] EXT4-fs (loop2): 1 truncate cleaned up
[   84.779984][ T5788] netlink: 8 bytes leftover after parsing attributes in process `syz.0.793'.
[   84.785020][ T5797] loop4: detected capacity change from 0 to 1024
[   84.788835][ T5788] netlink: 24 bytes leftover after parsing attributes in process `syz.0.793'.
[   84.836859][ T5788] gtp0: entered promiscuous mode
[   84.841846][ T5788] gtp0: entered allmulticast mode
[   84.876023][ T5806] loop2: detected capacity change from 0 to 128
[   84.892504][ T5806] FAULT_INJECTION: forcing a failure.
[   84.892504][ T5806] name failslab, interval 1, probability 0, space 0, times 0
[   84.905155][ T5806] CPU: 0 PID: 5806 Comm: syz.2.796 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[   84.914869][ T5806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   84.924938][ T5806] Call Trace:
[   84.928269][ T5806]  <TASK>
[   84.931263][ T5806]  dump_stack_lvl+0xf2/0x150
[   84.935970][ T5806]  dump_stack+0x15/0x20
[   84.940131][ T5806]  should_fail_ex+0x229/0x230
[   84.944893][ T5806]  ? vfat_add_entry+0xd5/0x1b40
[   84.949765][ T5806]  __should_failslab+0x92/0xa0
[   84.954557][ T5806]  should_failslab+0x9/0x20
[   84.959084][ T5806]  __kmalloc_cache_noprof+0x4b/0x2a0
[   84.964391][ T5806]  vfat_add_entry+0xd5/0x1b40
[   84.969070][ T5806]  ? fat_alloc_new_dir+0x505/0x540
[   84.974185][ T5806]  vfat_mkdir+0xcd/0x1e0
[   84.978430][ T5806]  vfs_mkdir+0x1f4/0x320
[   84.982692][ T5806]  do_mkdirat+0x12f/0x2a0
[   84.987097][ T5806]  __x64_sys_mkdirat+0x4e/0x60
[   84.992004][ T5806]  x64_sys_call+0x2cde/0x2e00
[   84.996704][ T5806]  do_syscall_64+0xc9/0x1c0
[   85.001219][ T5806]  ? clear_bhb_loop+0x55/0xb0
[   85.005923][ T5806]  ? clear_bhb_loop+0x55/0xb0
[   85.010856][ T5806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.016807][ T5806] RIP: 0033:0x7ff5d8685b59
[   85.021263][ T5806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.040974][ T5806] RSP: 002b:00007ff5d7907048 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   85.049466][ T5806] RAX: ffffffffffffffda RBX: 00007ff5d8815f60 RCX: 00007ff5d8685b59
[   85.057444][ T5806] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004
[   85.065415][ T5806] RBP: 00007ff5d79070a0 R08: 0000000000000000 R09: 0000000000000000
[   85.073417][ T5806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.081438][ T5806] R13: 000000000000000b R14: 00007ff5d8815f60 R15: 00007ffc8df26468
[   85.089415][ T5806]  </TASK>
[   85.108956][ T5809] mmap: syz.0.799 (5809) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   85.161168][ T5817] loop2: detected capacity change from 0 to 128
[   85.161551][ T5809] loop0: detected capacity change from 0 to 512
[   85.171911][ T5817] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   85.176444][ T5819] loop1: detected capacity change from 0 to 128
[   85.190381][ T5819] msdos: Unknown parameter './file0'
[   85.276213][ T5834] netlink: 8 bytes leftover after parsing attributes in process `syz.4.808'.
[   85.285204][ T5834] netlink: 24 bytes leftover after parsing attributes in process `syz.4.808'.
[   85.326401][ T5832] loop3: detected capacity change from 0 to 512
[   85.329864][ T5834] gtp0: entered promiscuous mode
[   85.337845][ T5832] EXT4-fs: Ignoring removed bh option
[   85.343436][ T5834] gtp0: entered allmulticast mode
[   85.365449][ T5832] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   85.377615][ T5832] EXT4-fs (loop3): 1 truncate cleaned up
[   85.423990][ T5846] netlink: 4 bytes leftover after parsing attributes in process `syz.4.812'.
[   85.474082][ T5854] loop3: detected capacity change from 0 to 512
[   85.481435][ T5854] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   85.494518][ T5854] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   85.505163][ T5854] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[   85.514018][ T5854] System zones: 1-12
[   85.518576][ T5854] EXT4-fs (loop3): 1 truncate cleaned up
[   85.573853][ T5858] loop4: detected capacity change from 0 to 512
[   85.581989][ T5858] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   85.766180][ T5858] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   85.774398][ T5858] EXT4-fs (loop4): orphan cleanup on readonly fs
[   85.783010][ T5858] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.815: Invalid block bitmap block 0 in block_group 0
[   85.797054][ T5858] EXT4-fs (loop4): Remounting filesystem read-only
[   85.803902][ T5858] EXT4-fs (loop4): 1 orphan inode deleted
[   85.814928][ T5858] SELinux: (dev loop4, type ext4) getxattr errno 5
[   85.846674][ T5862] loop0: detected capacity change from 0 to 512
[   85.863136][ T5862] ext4 filesystem being mounted at /161/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.913508][ T5856] xt_CT: You must specify a L4 protocol and not use inversions on it
[   85.924943][ T5867] netlink: 8 bytes leftover after parsing attributes in process `syz.1.820'.
[   85.933813][ T5867] netlink: 24 bytes leftover after parsing attributes in process `syz.1.820'.
[   85.972205][ T5867] gtp0: entered promiscuous mode
[   85.977207][ T5867] gtp0: entered allmulticast mode
[   85.984178][ T5869] netlink: 4 bytes leftover after parsing attributes in process `syz.3.818'.
[   86.016008][ T5875] loop2: detected capacity change from 0 to 512
[   86.024991][ T5875] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   86.034938][ T5875] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[   86.047336][ T5875] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[   86.057484][ T5875] System zones: 0-2, 18-18, 34-34
[   86.065689][ T5875] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.823: bad orphan inode 15
[   86.075916][ T5875] ext4_test_bit(bit=14, block=18) = 1
[   86.081374][ T5875] is_bad_inode(inode)=0
[   86.085584][ T5875] NEXT_ORPHAN(inode)=2264924160
[   86.090524][ T5875] max_ino=32
[   86.093812][ T5875] i_nlink=0
[   86.097007][ T5875] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   86.112048][ T5875] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.823: bg 0: block 80: padding at end of block bitmap is not set
[   86.115838][ T5880] hub 6-0:1.0: USB hub found
[   86.127850][ T5875] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[   86.131013][ T5880] hub 6-0:1.0: 8 ports detected
[   86.298955][ T5880] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5880 comm=syz.1.825
[   86.339167][ T5913] netlink: 8 bytes leftover after parsing attributes in process `syz.4.833'.
[   86.340092][ T5914] loop2: detected capacity change from 0 to 128
[   86.353302][ T5913] gtp1: entered promiscuous mode
[   86.359264][ T5913] gtp1: entered allmulticast mode
[   86.400745][ T5917] loop1: detected capacity change from 0 to 2048
[   86.438946][ T5915] loop3: detected capacity change from 0 to 8192
[   86.445669][ T5915] vfat: Unknown parameter '/dev/ppp'
[   86.451930][ T5917]  loop1: p1 < > p3
[   86.457921][ T5917] loop1: p3 size 134217728 extends beyond EOD, truncated
[   86.469513][ T5922] loop2: detected capacity change from 0 to 512
[   86.484068][ T5922] EXT4-fs: Ignoring removed bh option
[   86.490060][ T5922] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   86.499665][ T5922] EXT4-fs (loop2): 1 truncate cleaned up
[   86.509829][ T5917] hsr_slave_0: left promiscuous mode
[   86.515821][ T5917] hsr_slave_1: left promiscuous mode
[   86.672240][ T5942] loop2: detected capacity change from 0 to 512
[   86.680402][ T5942] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   86.691948][ T5942] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   86.700124][ T5942] EXT4-fs (loop2): orphan cleanup on readonly fs
[   86.707278][ T5942] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.841: Invalid block bitmap block 0 in block_group 0
[   86.721182][ T5942] EXT4-fs (loop2): Remounting filesystem read-only
[   86.727881][ T5942] EXT4-fs (loop2): 1 orphan inode deleted
[   86.735930][ T5942] SELinux: (dev loop2, type ext4) getxattr errno 5
[   86.752190][ T5942] xt_CT: You must specify a L4 protocol and not use inversions on it
[   86.862880][ T5951] loop1: detected capacity change from 0 to 128
[   86.957646][ T5955] gtp2: entered promiscuous mode
[   86.962693][ T5955] gtp2: entered allmulticast mode
[   87.034326][ T5957] hub 6-0:1.0: USB hub found
[   87.059687][ T5957] hub 6-0:1.0: 8 ports detected
[   87.206390][ T5957] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5957 comm=syz.1.846
[   87.256494][ T5965] futex_wake_op: syz.4.848 tries to shift op by 144; fix this program
[   87.322812][ T5967] loop1: detected capacity change from 0 to 512
[   87.345045][ T5967] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[   87.355904][ T5967] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 not in group (block 2)!
[   87.366101][ T5967] EXT4-fs (loop1): group descriptors corrupted!
[   87.374789][ T5971] loop4: detected capacity change from 0 to 512
[   87.381366][ T5971] EXT4-fs: Ignoring removed bh option
[   87.398028][ T5971] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   87.430129][ T5971] EXT4-fs (loop4): 1 truncate cleaned up
[   87.643466][ T5995] loop0: detected capacity change from 0 to 2048
[   87.698971][ T5995]  loop0: p1 < > p4
[   87.703345][ T5995] loop0: p4 size 8388608 extends beyond EOD, truncated
[   87.744108][ T5999] hub 6-0:1.0: USB hub found
[   87.753318][ T5999] hub 6-0:1.0: 8 ports detected
[   87.849025][ T5999] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5999 comm=syz.2.859
[   87.861894][ T6011] random: crng reseeded on system resumption
[   87.926110][ T5993] Unrecognized hibernate image header format!
[   87.932314][ T5993] PM: hibernation: Image mismatch: architecture specific data
[   87.953830][ T6014] loop3: detected capacity change from 0 to 512
[   87.961899][ T6014] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   87.978628][ T6014] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   87.986730][ T6014] EXT4-fs (loop3): orphan cleanup on readonly fs
[   87.994283][ T6014] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.864: Invalid block bitmap block 0 in block_group 0
[   88.017323][ T6014] EXT4-fs (loop3): Remounting filesystem read-only
[   88.024024][ T6014] EXT4-fs (loop3): 1 orphan inode deleted
[   88.031271][ T6014] SELinux: (dev loop3, type ext4) getxattr errno 5
[   88.406572][ T6034] usb usb8: usbfs: process 6034 (syz.4.871) did not claim interface 1 before use
[   88.439489][ T6037] netlink: 'syz.2.872': attribute type 1 has an invalid length.
[   88.447185][ T6037] netlink: 'syz.2.872': attribute type 4 has an invalid length.
[   88.456865][ T6012] xt_CT: You must specify a L4 protocol and not use inversions on it
[   88.537092][ T6050] syz.2.878 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   88.566404][ T6059] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[   88.670584][ T6079] loop2: detected capacity change from 0 to 2048
[   88.678096][ T6079] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   88.701218][ T6081] loop0: detected capacity change from 0 to 512
[   88.709265][ T6081] EXT4-fs: Ignoring removed bh option
[   88.716584][ T6081] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   88.728352][ T6081] EXT4-fs (loop0): 1 truncate cleaned up
[   88.776989][ T6088] syzkaller0: entered promiscuous mode
[   88.782592][ T6088] syzkaller0: entered allmulticast mode
[   88.803274][   T29] kauditd_printk_skb: 329 callbacks suppressed
[   88.803289][   T29] audit: type=1326 audit(1721388895.590:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6102 comm="syz.0.893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46037a5b59 code=0x7ffc0000
[   88.860076][   T29] audit: type=1326 audit(1721388895.590:1921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6102 comm="syz.0.893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46037a5b59 code=0x7ffc0000
[   88.883443][   T29] audit: type=1326 audit(1721388895.590:1922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6102 comm="syz.0.893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f46037a5b59 code=0x7ffc0000
[   88.906821][   T29] audit: type=1326 audit(1721388895.590:1923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6102 comm="syz.0.893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46037a5b59 code=0x7ffc0000
[   88.931022][   T29] audit: type=1326 audit(1721388895.590:1924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6102 comm="syz.0.893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f46037a5b59 code=0x7ffc0000
[   88.954490][   T29] audit: type=1326 audit(1721388895.590:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6102 comm="syz.0.893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46037a5b59 code=0x7ffc0000
[   88.977868][   T29] audit: type=1326 audit(1721388895.590:1926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6102 comm="syz.0.893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46037a5b59 code=0x7ffc0000
[   89.001510][   T29] audit: type=1326 audit(1721388895.590:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6102 comm="syz.0.893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f46037a4590 code=0x7ffc0000
[   89.025086][   T29] audit: type=1326 audit(1721388895.590:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6102 comm="syz.0.893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f46037a72e7 code=0x7ffc0000
[   89.048438][   T29] audit: type=1326 audit(1721388895.590:1929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6102 comm="syz.0.893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f46037a5b59 code=0x7ffc0000
[   89.230966][ T6122] __nla_validate_parse: 7 callbacks suppressed
[   89.230980][ T6122] netlink: 20 bytes leftover after parsing attributes in process `syz.0.898'.
[   89.330422][ T6138] FAULT_INJECTION: forcing a failure.
[   89.330422][ T6138] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   89.343692][ T6138] CPU: 1 PID: 6138 Comm: syz.1.906 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[   89.353367][ T6138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   89.365136][ T6138] Call Trace:
[   89.368506][ T6138]  <TASK>
[   89.371496][ T6138]  dump_stack_lvl+0xf2/0x150
[   89.376119][ T6138]  dump_stack+0x15/0x20
[   89.380324][ T6138]  should_fail_ex+0x229/0x230
[   89.385076][ T6138]  __should_fail_alloc_page+0xfd/0x110
[   89.390635][ T6138]  __alloc_pages_noprof+0x109/0x360
[   89.395943][ T6138]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   89.401345][ T6138]  vma_alloc_folio_noprof+0x176/0x2d0
[   89.406730][ T6138]  handle_mm_fault+0xddb/0x2ac0
[   89.411653][ T6138]  exc_page_fault+0x3b9/0x650
[   89.416353][ T6138]  asm_exc_page_fault+0x26/0x30
[   89.421238][ T6138] RIP: 0033:0x7f487ad52f2b
[   89.425671][ T6138] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[   89.445348][ T6138] RSP: 002b:00007f487a024e20 EFLAGS: 00010246
[   89.451422][ T6138] RAX: 00007f487a026f40 RBX: 00007f487af04620 RCX: 0000000000000000
[   89.459450][ T6138] RDX: 00007f487a026f88 RSI: 00007f487ae04820 RDI: 00007f487a024e40
[   89.467429][ T6138] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[   89.475458][ T6138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.483494][ T6138] R13: 000000000000000b R14: 00007f487af35f60 R15: 00007ffe0cb42728
[   89.491484][ T6138]  </TASK>
[   89.494566][ T6138] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   89.607135][ T6144] loop0: detected capacity change from 0 to 512
[   89.619140][ T6144] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   89.650532][ T6144] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   89.658830][ T6144] EXT4-fs (loop0): orphan cleanup on readonly fs
[   89.665899][ T6144] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.904: Invalid block bitmap block 0 in block_group 0
[   89.680608][ T6144] EXT4-fs (loop0): Remounting filesystem read-only
[   89.687350][ T6144] EXT4-fs (loop0): 1 orphan inode deleted
[   89.693810][ T6144] SELinux: (dev loop0, type ext4) getxattr errno 5
[   89.822347][ T6152] loop4: detected capacity change from 0 to 128
[   89.951974][ T6139] xt_CT: You must specify a L4 protocol and not use inversions on it
[   89.978076][ T6161] netlink: 8 bytes leftover after parsing attributes in process `syz.4.912'.
[   90.005734][ T6161] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   90.013971][ T6161] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   90.022139][ T6170] FAULT_INJECTION: forcing a failure.
[   90.022139][ T6170] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.022161][ T6161] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   90.035269][ T6170] CPU: 1 PID: 6170 Comm: syz.1.913 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[   90.043425][ T6161] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   90.052981][ T6170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   90.052996][ T6170] Call Trace:
[   90.053002][ T6170]  <TASK>
[   90.053008][ T6170]  dump_stack_lvl+0xf2/0x150
[   90.053046][ T6170]  dump_stack+0x15/0x20
[   90.086227][ T6170]  should_fail_ex+0x229/0x230
[   90.090935][ T6170]  should_fail+0xb/0x10
[   90.095151][ T6170]  should_fail_usercopy+0x1a/0x20
[   90.100192][ T6170]  _copy_from_user+0x1e/0xd0
[   90.104804][ T6170]  get_user_ifreq+0x8c/0x160
[   90.109431][ T6170]  sock_do_ioctl+0xc6/0x260
[   90.113934][ T6170]  sock_ioctl+0x470/0x640
[   90.118325][ T6170]  ? __pfx_sock_ioctl+0x10/0x10
[   90.123221][ T6170]  __se_sys_ioctl+0xd3/0x150
[   90.127889][ T6170]  __x64_sys_ioctl+0x43/0x50
[   90.132537][ T6170]  x64_sys_call+0x1688/0x2e00
[   90.137239][ T6170]  do_syscall_64+0xc9/0x1c0
[   90.141764][ T6170]  ? clear_bhb_loop+0x55/0xb0
[   90.146454][ T6170]  ? clear_bhb_loop+0x55/0xb0
[   90.151151][ T6170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.157130][ T6170] RIP: 0033:0x7f487ada5b59
[   90.161616][ T6170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.181238][ T6170] RSP: 002b:00007f487a027048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   90.189730][ T6170] RAX: ffffffffffffffda RBX: 00007f487af35f60 RCX: 00007f487ada5b59
[   90.197775][ T6170] RDX: 00000000200002c0 RSI: 0000000000008946 RDI: 0000000000000004
[   90.205759][ T6170] RBP: 00007f487a0270a0 R08: 0000000000000000 R09: 0000000000000000
[   90.213764][ T6170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.221755][ T6170] R13: 000000000000000b R14: 00007f487af35f60 R15: 00007ffe0cb42728
[   90.229740][ T6170]  </TASK>
[   90.238233][ T6161] vxlan0: entered allmulticast mode
[   90.281967][    T9] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4
[   90.289729][    T9] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2
[   90.303191][    T9] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x3
[   90.321721][    T9] hid-generic 0000:3000000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   90.322542][ T6187] loop1: detected capacity change from 0 to 128
[   90.355254][ T6171] hub 6-0:1.0: USB hub found
[   90.370812][ T6171] hub 6-0:1.0: 8 ports detected
[   90.410752][ T6194] loop0: detected capacity change from 0 to 1024
[   90.427468][ T6194] EXT4-fs: Ignoring removed orlov option
[   90.433175][ T6194] EXT4-fs: Ignoring removed nomblk_io_submit option
[   90.453915][ T6196] syzkaller0: entered promiscuous mode
[   90.459412][ T6196] syzkaller0: entered allmulticast mode
[   90.504348][ T6200] syzkaller0: entered promiscuous mode
[   90.509920][ T6200] syzkaller0: entered allmulticast mode
[   90.535356][ T6185] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6185 comm=syz.3.914
[   90.746131][ T6224] loop0: detected capacity change from 0 to 512
[   90.754401][ T6224] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   90.837660][ T6220] netlink: 'syz.2.927': attribute type 10 has an invalid length.
[   90.871523][ T6224] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   90.879846][ T6224] EXT4-fs (loop0): orphan cleanup on readonly fs
[   90.889461][ T6224] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.926: Invalid block bitmap block 0 in block_group 0
[   90.903127][ T6224] EXT4-fs (loop0): Remounting filesystem read-only
[   90.909745][ T6224] EXT4-fs (loop0): 1 orphan inode deleted
[   90.932779][ T6224] SELinux: (dev loop0, type ext4) getxattr errno 5
[   91.080001][ T6218] xt_CT: You must specify a L4 protocol and not use inversions on it
[   91.139377][ T6244] loop1: detected capacity change from 0 to 512
[   91.146498][ T6244] EXT4-fs: Ignoring removed bh option
[   91.152247][ T6244] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   91.161698][ T6244] EXT4-fs (loop1): 1 truncate cleaned up
[   91.294441][ T6256] hub 6-0:1.0: USB hub found
[   91.304534][ T6256] hub 6-0:1.0: 8 ports detected
[   91.338884][ T6260] netlink: 4 bytes leftover after parsing attributes in process `syz.4.940'.
[   91.407054][ T6256] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6256 comm=syz.1.939
[   91.491202][ T6281] loop4: detected capacity change from 0 to 2048
[   91.501093][ T6281] ext4: Unknown parameter 'dont_measure'
[   91.513178][ T6283] netlink: 'syz.1.948': attribute type 6 has an invalid length.
[   91.638223][ T6299] syzkaller0: entered promiscuous mode
[   91.643733][ T6299] syzkaller0: entered allmulticast mode
[   91.731293][ T6323] netlink: 'syz.1.960': attribute type 6 has an invalid length.
[   91.788746][ T6319] hub 6-0:1.0: USB hub found
[   91.796276][ T6319] hub 6-0:1.0: 8 ports detected
[   91.850507][ T6329] loop0: detected capacity change from 0 to 512
[   91.892869][ T6329] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   91.903940][ T6329] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   91.912134][ T6329] EXT4-fs (loop0): orphan cleanup on readonly fs
[   91.919786][ T6329] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.956: Invalid block bitmap block 0 in block_group 0
[   91.933686][ T6329] EXT4-fs (loop0): Remounting filesystem read-only
[   91.940400][ T6329] EXT4-fs (loop0): 1 orphan inode deleted
[   91.946785][ T6329] SELinux: (dev loop0, type ext4) getxattr errno 5
[   92.163740][ T6325] xt_CT: You must specify a L4 protocol and not use inversions on it
[   92.186855][ T6319] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6319 comm=syz.3.958
[   92.232814][ T6348] netlink: 'syz.3.967': attribute type 10 has an invalid length.
[   92.240821][ T6348] veth0_macvtap: left promiscuous mode
[   92.251256][ T6348] veth0_macvtap: entered promiscuous mode
[   92.258737][ T6348] team0: Device macvtap0 failed to register rx_handler
[   92.265800][ T6348] veth0_macvtap: left promiscuous mode
[   92.329100][ T6351] netlink: 8 bytes leftover after parsing attributes in process `syz.3.967'.
[   92.338283][ T6351] xt_HMARK: proto mask must be zero with L3 mode
[   92.608457][ T6355] syzkaller0: entered promiscuous mode
[   92.614021][ T6355] syzkaller0: entered allmulticast mode
[   92.762458][ T6360] loop0: detected capacity change from 0 to 1024
[   92.985498][ T6365] netlink: 'syz.4.971': attribute type 6 has an invalid length.
[   93.063104][ T6379] loop2: detected capacity change from 0 to 1024
[   93.070180][ T6379] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[   93.071433][ T6347] dccp_close: ABORT with 32 bytes unread
[   93.102190][ T6377] hub 6-0:1.0: USB hub found
[   93.106887][ T6377] hub 6-0:1.0: 8 ports detected
[   93.152505][ T6385] loop1: detected capacity change from 0 to 2048
[   93.186341][ T6377] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6377 comm=syz.0.977
[   93.219375][ T6389] syzkaller0: entered promiscuous mode
[   93.224854][ T6389] syzkaller0: entered allmulticast mode
[   93.325779][ T6397] loop0: detected capacity change from 0 to 512
[   93.334486][ T6397] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   93.345917][ T6397] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   93.353984][ T6397] EXT4-fs (loop0): orphan cleanup on readonly fs
[   93.362451][ T6397] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.981: Invalid block bitmap block 0 in block_group 0
[   93.376373][ T6397] EXT4-fs (loop0): Remounting filesystem read-only
[   93.383050][ T6397] EXT4-fs (loop0): 1 orphan inode deleted
[   93.430990][ T6397] SELinux: (dev loop0, type ext4) getxattr errno 5
[   93.586802][ T6409] loop3: detected capacity change from 0 to 512
[   94.211060][ T6424] hub 6-0:1.0: USB hub found
[   94.225561][ T6424] hub 6-0:1.0: 8 ports detected
[   94.330135][ T6431] loop3: detected capacity change from 0 to 1024
[   94.377982][ T6424] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6424 comm=syz.0.991
[   94.400666][ T6435] loop2: detected capacity change from 0 to 512
[   94.410571][ T6435] EXT4-fs: Ignoring removed bh option
[   94.442220][ T6435] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   94.473367][ T6435] EXT4-fs (loop2): 1 truncate cleaned up
[   94.508666][ T6447] loop3: detected capacity change from 0 to 2048
[   94.532116][ T6449] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[   94.545277][   T29] kauditd_printk_skb: 110 callbacks suppressed
[   94.545290][   T29] audit: type=1400 audit(1721388901.411:2032): avc:  denied  { setopt } for  pid=6448 comm="syz.2.1001" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   94.585961][ T6447]  loop3: p1 < > p4
[   94.599317][ T6447] loop3: p4 size 8388608 extends beyond EOD, truncated
[   94.636613][ T6455] loop0: detected capacity change from 0 to 512
[   94.644453][ T6455] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   94.689420][ T6455] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   94.697703][ T6455] EXT4-fs (loop0): orphan cleanup on readonly fs
[   94.705460][ T6455] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.999: Invalid block bitmap block 0 in block_group 0
[   94.719205][ T6455] EXT4-fs (loop0): Remounting filesystem read-only
[   94.725881][ T6455] Quota error (device loop0): write_blk: dquota write failed
[   94.733342][ T6455] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[   94.743199][ T6455] EXT4-fs (loop0): 1 orphan inode deleted
[   94.751105][ T6455] SELinux: (dev loop0, type ext4) getxattr errno 5
[   94.853387][ T6451] xt_CT: You must specify a L4 protocol and not use inversions on it
[   94.951613][ T6468] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1006'.
[   95.027317][   T29] audit: type=1400 audit(1721388901.894:2033): avc:  denied  { accept } for  pid=6469 comm="syz.3.1007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   95.059334][ T6473] loop2: detected capacity change from 0 to 128
[   95.147204][ T6488] loop3: detected capacity change from 0 to 128
[   95.166719][ T6488] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   95.186162][ T6486] loop2: detected capacity change from 0 to 512
[   95.196089][   T29] audit: type=1400 audit(1721388902.064:2034): avc:  denied  { remount } for  pid=6487 comm="syz.3.1015" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   95.224900][   T29] audit: type=1400 audit(1721388902.095:2035): avc:  denied  { remount } for  pid=6487 comm="syz.3.1015" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[   95.247271][ T5633] FAT-fs (loop3): error, invalid access to FAT (entry 0x0affffff)
[   95.255103][ T5633] FAT-fs (loop3): Filesystem has been set read-only
[   95.259222][   T29] audit: type=1400 audit(1721388902.125:2036): avc:  denied  { ioctl } for  pid=6491 comm="syz.1.1018" path="socket:[16452]" dev="sockfs" ino=16452 ioctlcmd=0x943f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   95.287597][ T5633] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   95.336561][   T29] audit: type=1326 audit(1721388902.215:2037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6500 comm="syz.0.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46037a5b59 code=0x7ffc0000
[   95.360592][   T29] audit: type=1326 audit(1721388902.225:2038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6500 comm="syz.0.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46037a5b59 code=0x7ffc0000
[   95.384013][   T29] audit: type=1326 audit(1721388902.225:2039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6500 comm="syz.0.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f46037a5b59 code=0x7ffc0000
[   95.409143][ T6509] loop1: detected capacity change from 0 to 128
[   95.427609][ T6513] loop0: detected capacity change from 0 to 512
[   95.434967][ T6509] ext4 filesystem being mounted at /182/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   95.494083][ T6513] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   95.502104][ T6513] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[   95.511937][ T6513] System zones: 0-1, 15-15, 18-18, 34-34
[   95.518115][ T6513] EXT4-fs (loop0): orphan cleanup on readonly fs
[   95.524628][ T6513] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   95.539238][ T6513] EXT4-fs (loop0): Cannot turn on quotas: error -22
[   95.546358][ T6513] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1025: bg 0: block 40: padding at end of block bitmap is not set
[   95.625217][ T6513] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[   95.634089][ T6513] EXT4-fs (loop0): 1 truncate cleaned up
[   95.667280][ T6534] loop2: detected capacity change from 0 to 512
[   95.677309][ T6534] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   95.703402][ T6531] loop1: detected capacity change from 0 to 1024
[   95.747151][ T6531] journal_path: Lookup failure for './cgroup/file0'
[   95.753763][ T6531] EXT4-fs: error: could not find journal device path
[   95.776459][ T6529] loop3: detected capacity change from 0 to 1024
[   95.802944][ T6534] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   95.811055][ T6534] EXT4-fs (loop2): orphan cleanup on readonly fs
[   95.818700][ T6534] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.1032: Invalid block bitmap block 0 in block_group 0
[   95.833271][ T6534] EXT4-fs (loop2): Remounting filesystem read-only
[   95.840012][ T6534] EXT4-fs (loop2): 1 orphan inode deleted
[   95.846538][ T6534] SELinux: (dev loop2, type ext4) getxattr errno 5
[   95.887732][ T6531] rtc_cmos 00:00: Alarms can be up to one day in the future
[   95.900068][ T6529] EXT4-fs: Ignoring removed i_version option
[   95.952024][ T6529] EXT4-fs (loop3): stripe (255) is not aligned with cluster size (16), stripe is disabled
[   95.976517][ T6530] xt_CT: You must specify a L4 protocol and not use inversions on it
[   96.099302][ T6539] FAULT_INJECTION: forcing a failure.
[   96.099302][ T6539] name failslab, interval 1, probability 0, space 0, times 0
[   96.111986][ T6539] CPU: 0 PID: 6539 Comm: syz.1.1034 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[   96.121712][ T6539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   96.131776][ T6539] Call Trace:
[   96.135154][ T6539]  <TASK>
[   96.138169][ T6539]  dump_stack_lvl+0xf2/0x150
[   96.142808][ T6539]  dump_stack+0x15/0x20
[   96.147009][ T6539]  should_fail_ex+0x229/0x230
[   96.151788][ T6539]  ? __kernfs_new_node+0x6a/0x380
[   96.156880][ T6539]  __should_failslab+0x92/0xa0
[   96.161684][ T6539]  should_failslab+0x9/0x20
[   96.166200][ T6539]  kmem_cache_alloc_noprof+0x4c/0x290
[   96.171712][ T6539]  __kernfs_new_node+0x6a/0x380
[   96.176581][ T6539]  ? rb_insert_color+0x6a/0x290
[   96.181443][ T6539]  ? up_write+0x30/0xf0
[   96.185612][ T6539]  ? kernfs_activate+0x256/0x270
[   96.190611][ T6539]  kernfs_new_node+0xc8/0x140
[   96.195328][ T6539]  __kernfs_create_file+0x49/0x180
[   96.200559][ T6539]  ? __pfx_dev_attr_store+0x10/0x10
[   96.205867][ T6539]  sysfs_add_file_mode_ns+0x136/0x1c0
[   96.211263][ T6539]  internal_create_group+0x464/0x9b0
[   96.216619][ T6539]  sysfs_create_groups+0x3c/0xe0
[   96.221615][ T6539]  device_add_attrs+0x69/0x400
[   96.226434][ T6539]  ? kobject_put+0x107/0x180
[   96.231063][ T6539]  device_add+0x38d/0x790
[   96.235423][ T6539]  netdev_register_kobject+0x100/0x230
[   96.240918][ T6539]  register_netdevice+0x910/0xe30
[   96.245952][ T6539]  ldisc_open+0x31c/0x510
[   96.250287][ T6539]  ? up_write+0x30/0xf0
[   96.254452][ T6539]  tty_ldisc_open+0x65/0xb0
[   96.258972][ T6539]  tty_set_ldisc+0x205/0x3b0
[   96.263560][ T6539]  tiocsetd+0x52/0x60
[   96.267565][ T6539]  tty_ioctl+0xaa0/0xbe0
[   96.271884][ T6539]  ? __pfx_tty_ioctl+0x10/0x10
[   96.276661][ T6539]  __se_sys_ioctl+0xd3/0x150
[   96.281256][ T6539]  __x64_sys_ioctl+0x43/0x50
[   96.285868][ T6539]  x64_sys_call+0x1688/0x2e00
[   96.290612][ T6539]  do_syscall_64+0xc9/0x1c0
[   96.295120][ T6539]  ? clear_bhb_loop+0x55/0xb0
[   96.299800][ T6539]  ? clear_bhb_loop+0x55/0xb0
[   96.304477][ T6539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.310534][ T6539] RIP: 0033:0x7f487ada5b59
[   96.315038][ T6539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.334701][ T6539] RSP: 002b:00007f487a027048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   96.343235][ T6539] RAX: ffffffffffffffda RBX: 00007f487af35f60 RCX: 00007f487ada5b59
[   96.351209][ T6539] RDX: 0000000020000040 RSI: 0000000000005423 RDI: 0000000000000005
[   96.359184][ T6539] RBP: 00007f487a0270a0 R08: 0000000000000000 R09: 0000000000000000
[   96.367355][ T6539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   96.375338][ T6539] R13: 000000000000000b R14: 00007f487af35f60 R15: 00007ffe0cb42728
[   96.383347][ T6539]  </TASK>
[   96.425398][ T6544] tipc: Started in network mode
[   96.430362][ T6544] tipc: Node identity fe880000000000000000000000000003, cluster identity 4711
[   96.439265][ T6544] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   96.642954][ T6570] loop2: detected capacity change from 0 to 512
[   96.713927][ T6570] EXT4-fs (loop2): orphan cleanup on readonly fs
[   96.720306][ T6570] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[   96.728867][ T6570] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   96.743937][ T6570] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.1042: attempt to clear invalid blocks 2 len 1
[   96.758368][ T6570] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1042: invalid indirect mapped block 1819239214 (level 0)
[   96.773774][ T6570] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1042: invalid indirect mapped block 1819239214 (level 1)
[   96.788035][ T6570] EXT4-fs (loop2): 1 truncate cleaned up
[   96.795553][ T6570] EXT4-fs error (device loop2): ext4_lookup:1808: inode #2: comm syz.2.1042: 'file1' linked to parent dir
[   96.968458][ T6523] syz.3.1030 (6523) used greatest stack depth: 6456 bytes left
[   97.215118][ T6578] loop3: detected capacity change from 0 to 512
[   97.294913][ T6588] FAULT_INJECTION: forcing a failure.
[   97.294913][ T6588] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.308022][ T6588] CPU: 0 PID: 6588 Comm: syz.1.1049 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[   97.317802][ T6588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   97.327885][ T6588] Call Trace:
[   97.331192][ T6588]  <TASK>
[   97.334128][ T6588]  dump_stack_lvl+0xf2/0x150
[   97.338812][ T6588]  dump_stack+0x15/0x20
[   97.343033][ T6588]  should_fail_ex+0x229/0x230
[   97.347743][ T6588]  should_fail+0xb/0x10
[   97.352006][ T6588]  should_fail_usercopy+0x1a/0x20
[   97.357121][ T6588]  _copy_to_user+0x1e/0xa0
[   97.361583][ T6588]  simple_read_from_buffer+0xa0/0x110
[   97.367015][ T6588]  proc_fail_nth_read+0xfc/0x140
[   97.371985][ T6588]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   97.377546][ T6588]  vfs_read+0x1a2/0x6e0
[   97.381764][ T6588]  ? __rcu_read_unlock+0x4e/0x70
[   97.386789][ T6588]  ? __fget_files+0x1da/0x210
[   97.391464][ T6588]  ksys_read+0xeb/0x1b0
[   97.395625][ T6588]  __x64_sys_read+0x42/0x50
[   97.400195][ T6588]  x64_sys_call+0x2a36/0x2e00
[   97.404946][ T6588]  do_syscall_64+0xc9/0x1c0
[   97.409456][ T6588]  ? clear_bhb_loop+0x55/0xb0
[   97.414146][ T6588]  ? clear_bhb_loop+0x55/0xb0
[   97.418847][ T6588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.424756][ T6588] RIP: 0033:0x7f487ada463c
[   97.429168][ T6588] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[   97.448781][ T6588] RSP: 002b:00007f487a027040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   97.457247][ T6588] RAX: ffffffffffffffda RBX: 00007f487af35f60 RCX: 00007f487ada463c
[   97.465274][ T6588] RDX: 000000000000000f RSI: 00007f487a0270b0 RDI: 0000000000000004
[   97.473253][ T6588] RBP: 00007f487a0270a0 R08: 0000000000000000 R09: 0000000000000000
[   97.481267][ T6588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   97.489254][ T6588] R13: 000000000000000b R14: 00007f487af35f60 R15: 00007ffe0cb42728
[   97.497257][ T6588]  </TASK>
[   97.513092][ T6589] loop3: detected capacity change from 0 to 512
[   97.551677][ T6589] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   97.564745][ T6589] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   97.572838][ T6589] EXT4-fs (loop3): orphan cleanup on readonly fs
[   97.581260][ T6589] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1047: Invalid block bitmap block 0 in block_group 0
[   97.596281][ T6589] EXT4-fs (loop3): Remounting filesystem read-only
[   97.603234][ T6589] EXT4-fs (loop3): 1 orphan inode deleted
[   97.610205][ T6589] SELinux: (dev loop3, type ext4) getxattr errno 5
[   97.681219][ T6586] xt_CT: You must specify a L4 protocol and not use inversions on it
[   97.688612][ T6597] loop2: detected capacity change from 0 to 128
[   97.707631][ T6601] loop1: detected capacity change from 0 to 1024
[   97.713057][ T6603] loop2: detected capacity change from 0 to 512
[   97.721737][ T6603] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.1053: casefold flag without casefold feature
[   97.721957][ T6601] EXT4-fs (loop1): shut down requested (0)
[   97.735916][ T6603] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1053: couldn't read orphan inode 15 (err -117)
[   97.754038][ T6603] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.1053: Directory hole found for htree leaf block 0
[   97.755379][ T6601] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[   97.830821][ T6615] loop1: detected capacity change from 0 to 512
[   97.837374][ T6615] EXT4-fs: Ignoring removed nomblk_io_submit option
[   97.845326][ T6615] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2812: inode #11: comm syz.1.1057: corrupted xattr block 95: invalid header
[   97.859472][ T6615] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1057: bg 0: block 7: invalid block bitmap
[   97.872038][ T6615] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[   97.880971][ T6615] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2978: inode #11: comm syz.1.1057: corrupted xattr block 95: invalid header
[   97.894619][ T6615] EXT4-fs warning (device loop1): ext4_evict_inode:271: xattr delete (err -117)
[   97.905098][ T6615] EXT4-fs (loop1): 1 orphan inode deleted
[   97.911656][ T6615] EXT4-fs mount: 66 callbacks suppressed
[   97.911670][ T6615] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.969415][ T6620] loop2: detected capacity change from 0 to 164
[   97.976420][ T6620] Unable to read rock-ridge attributes
[   97.989378][ T6620] Unable to read rock-ridge attributes
[   97.995516][ T3084] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.029793][ T6632] loop1: detected capacity change from 0 to 512
[   98.038544][ T6632] EXT4-fs (loop1): 1 orphan inode deleted
[   98.044898][ T6632] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.058242][ T6632] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.1062: Directory hole found for htree leaf block 0
[   98.086300][ T3084] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.088729][ T6640] loop2: detected capacity change from 0 to 512
[   98.103454][ T6640] EXT4-fs: test_dummy_encryption option not supported
[   98.112719][ T6640] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[   98.122840][ T6643] loop1: detected capacity change from 0 to 1024
[   98.159552][ T6648] loop1: detected capacity change from 0 to 512
[   98.166314][ T6648] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   98.177948][ T6648] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a014c019, mo2=0002]
[   98.185875][ T6648] System zones: 1-12
[   98.191827][ T6648] EXT4-fs (loop1): 1 truncate cleaned up
[   98.197931][ T6648] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.213648][ T6648] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1067: corrupted in-inode xattr: overlapping e_value 
[   98.228904][ T6648] EXT4-fs warning (device loop1): ext4_xattr_set_entry:1772: inode #15: comm syz.1.1067: unable to update i_inline_off
[   98.241727][ T6648] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1067: corrupted in-inode xattr: overlapping e_value 
[   98.256220][ T6648] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1067: corrupted in-inode xattr: overlapping e_value 
[   98.552896][ T6641] rdma_op ffff8881114c5580 conn xmit_rdma 0000000000000000
[   99.004661][ T3084] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.090353][ T6667] loop1: detected capacity change from 0 to 512
[   99.108323][ T6667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   99.122065][ T6667] ext4 filesystem being mounted at /203/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.151133][ T6670] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   99.161819][ T6661] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   99.183755][ T3084] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   99.276982][ T6691] loop3: detected capacity change from 0 to 512
[   99.277056][ T6689] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1080'.
[   99.283569][ T6691] EXT4-fs: dax option not supported
[   99.376266][ T6697] FAULT_INJECTION: forcing a failure.
[   99.376266][ T6697] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   99.389574][ T6697] CPU: 0 PID: 6697 Comm: syz.2.1083 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[   99.399306][ T6697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   99.409364][ T6697] Call Trace:
[   99.412631][ T6697]  <TASK>
[   99.415548][ T6697]  dump_stack_lvl+0xf2/0x150
[   99.420182][ T6697]  dump_stack+0x15/0x20
[   99.424368][ T6697]  should_fail_ex+0x229/0x230
[   99.429158][ T6697]  __should_fail_alloc_page+0xfd/0x110
[   99.434697][ T6697]  __alloc_pages_noprof+0x109/0x360
[   99.439928][ T6697]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   99.445335][ T6697]  vma_alloc_folio_noprof+0x176/0x2d0
[   99.450711][ T6697]  handle_mm_fault+0xddb/0x2ac0
[   99.455656][ T6697]  exc_page_fault+0x3b9/0x650
[   99.460343][ T6697]  asm_exc_page_fault+0x26/0x30
[   99.465201][ T6697] RIP: 0033:0x7ff5d8632f2b
[   99.469709][ T6697] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[   99.489447][ T6697] RSP: 002b:00007ff5d7904e20 EFLAGS: 00010246
[   99.495498][ T6697] RAX: 00007ff5d7906f40 RBX: 00007ff5d87e4620 RCX: 0000000000000000
[   99.503504][ T6697] RDX: 00007ff5d7906f88 RSI: 00007ff5d86e4820 RDI: 00007ff5d7904e40
[   99.511539][ T6697] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[   99.519494][ T6697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.527482][ T6697] R13: 000000000000000b R14: 00007ff5d8815f60 R15: 00007ffc8df26468
[   99.535538][ T6697]  </TASK>
[   99.538613][ T6697] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   99.570690][ T6712] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=6712 comm=syz.2.1087
[   99.651310][ T6715] FAULT_INJECTION: forcing a failure.
[   99.651310][ T6715] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.664484][ T6715] CPU: 0 PID: 6715 Comm: syz.1.1088 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[   99.674256][ T6715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   99.684345][ T6715] Call Trace:
[   99.687624][ T6715]  <TASK>
[   99.690551][ T6715]  dump_stack_lvl+0xf2/0x150
[   99.695168][ T6715]  dump_stack+0x15/0x20
[   99.699332][ T6715]  should_fail_ex+0x229/0x230
[   99.704032][ T6715]  should_fail+0xb/0x10
[   99.708199][ T6715]  should_fail_usercopy+0x1a/0x20
[   99.713217][ T6715]  _copy_to_user+0x1e/0xa0
[   99.717645][ T6715]  simple_read_from_buffer+0xa0/0x110
[   99.723126][ T6715]  proc_fail_nth_read+0xfc/0x140
[   99.728185][ T6715]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   99.733896][ T6715]  vfs_read+0x1a2/0x6e0
[   99.738573][ T6715]  ? __rcu_read_unlock+0x4e/0x70
[   99.743592][ T6715]  ? __fget_files+0x1da/0x210
[   99.748296][ T6715]  ksys_read+0xeb/0x1b0
[   99.752481][ T6715]  __x64_sys_read+0x42/0x50
[   99.757001][ T6715]  x64_sys_call+0x2a36/0x2e00
[   99.761727][ T6715]  do_syscall_64+0xc9/0x1c0
[   99.766259][ T6715]  ? clear_bhb_loop+0x55/0xb0
[   99.770938][ T6715]  ? clear_bhb_loop+0x55/0xb0
[   99.775625][ T6715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.781600][ T6715] RIP: 0033:0x7f487ada463c
[   99.786011][ T6715] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[   99.805743][ T6715] RSP: 002b:00007f487a027040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   99.814181][ T6715] RAX: ffffffffffffffda RBX: 00007f487af35f60 RCX: 00007f487ada463c
[   99.822155][ T6715] RDX: 000000000000000f RSI: 00007f487a0270b0 RDI: 0000000000000007
[   99.830143][ T6715] RBP: 00007f487a0270a0 R08: 0000000000000000 R09: 0000000000000000
[   99.838135][ T6715] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[   99.846105][ T6715] R13: 000000000000000b R14: 00007f487af35f60 R15: 00007ffe0cb42728
[   99.854088][ T6715]  </TASK>
[   99.920760][ T6709] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=6709 comm=syz.0.1086
[   99.950433][ T6709] loop0: detected capacity change from 0 to 512
[   99.967064][ T6709] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[   99.999741][ T6709] EXT4-fs (loop0): Remounting filesystem read-only
[  100.012831][ T6709] EXT4-fs (loop0): 1 truncate cleaned up
[  100.019935][ T6709] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.032470][ T6709] SELinux: (dev loop0, type ext4) getxattr errno 5
[  100.040618][ T6709] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.142645][   T29] kauditd_printk_skb: 199 callbacks suppressed
[  100.142658][   T29] audit: type=1326 audit(1721388907.026:2234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.3.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd2dae5b59 code=0x7ffc0000
[  100.178787][   T29] audit: type=1326 audit(1721388907.056:2235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.3.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdd2dae5b59 code=0x7ffc0000
[  100.202333][   T29] audit: type=1326 audit(1721388907.056:2236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.3.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd2dae5b59 code=0x7ffc0000
[  100.225871][   T29] audit: type=1326 audit(1721388907.056:2237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.3.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fdd2dae5b59 code=0x7ffc0000
[  100.249298][   T29] audit: type=1326 audit(1721388907.056:2238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.3.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd2dae5b59 code=0x7ffc0000
[  100.272718][   T29] audit: type=1326 audit(1721388907.056:2239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.3.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdd2dae4590 code=0x7ffc0000
[  100.296095][   T29] audit: type=1326 audit(1721388907.056:2240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.3.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fdd2dae72e7 code=0x7ffc0000
[  100.319496][   T29] audit: type=1326 audit(1721388907.056:2241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.3.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdd2dae5b59 code=0x7ffc0000
[  100.342784][   T29] audit: type=1326 audit(1721388907.056:2242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.3.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fdd2dae72e7 code=0x7ffc0000
[  100.366503][   T29] audit: type=1326 audit(1721388907.056:2243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6725 comm="syz.3.1091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdd2dae488a code=0x7ffc0000
[  100.393677][ T6735] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1093'.
[  100.424296][ T6735] geneve1: entered promiscuous mode
[  100.430988][ T6732] geneve1: left promiscuous mode
[  100.458691][ T6739] loop1: detected capacity change from 0 to 512
[  100.477479][ T6739] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  100.492842][ T6739] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.512448][ T3084] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  100.816262][ T6758] hub 6-0:1.0: USB hub found
[  100.820969][ T6758] hub 6-0:1.0: 8 ports detected
[  100.853150][ T6758] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6758 comm=syz.0.1102
[  101.085526][ T6769] loop0: detected capacity change from 0 to 512
[  101.093199][ T6769] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  101.134811][ T6769] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  101.142975][ T6769] EXT4-fs (loop0): orphan cleanup on readonly fs
[  101.150300][ T6769] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.1106: Invalid block bitmap block 0 in block_group 0
[  101.164360][ T6769] EXT4-fs (loop0): Remounting filesystem read-only
[  101.171000][ T6769] EXT4-fs (loop0): 1 orphan inode deleted
[  101.177905][ T6769] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.190529][ T6769] SELinux: (dev loop0, type ext4) getxattr errno 5
[  101.197658][ T6769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.366736][ T6772] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1107'.
[  101.398071][ T6774] loop1: detected capacity change from 0 to 164
[  101.418649][ T6772] sch_tbf: burst 88 is lower than device veth3 mtu (1514) !
[  101.462270][ T3879] IPVS: starting estimator thread 0...
[  101.474623][ T6777] loop1: detected capacity change from 0 to 2048
[  101.485338][ T6777] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.564383][ T6779] IPVS: using max 2160 ests per chain, 108000 per kthread
[  101.586656][ T6793] hub 6-0:1.0: USB hub found
[  101.591345][ T6793] hub 6-0:1.0: 8 ports detected
[  101.600797][ T1246] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.630436][ T1246] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.667347][ T1246] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.674542][ T6793] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6793 comm=syz.2.1113
[  101.719530][ T1246] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.773802][ T6795] chnl_net:caif_netlink_parms(): no params data found
[  101.837940][ T6795] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.845065][ T6795] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.852308][ T6795] bridge_slave_0: entered allmulticast mode
[  101.859199][ T6795] bridge_slave_0: entered promiscuous mode
[  101.869704][ T1246] bridge_slave_1: left allmulticast mode
[  101.875407][ T1246] bridge_slave_1: left promiscuous mode
[  101.876781][ T6830] loop0: detected capacity change from 0 to 512
[  101.881132][ T1246] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.895539][ T6830] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #15: comm syz.0.1121: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  101.895727][ T1246] bridge_slave_0: left allmulticast mode
[  101.914248][ T6830] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1121: couldn't read orphan inode 15 (err -117)
[  101.919061][ T1246] bridge_slave_0: left promiscuous mode
[  101.932584][ T6830] EXT4-fs (loop0): mounted filesystem ffffff7f-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.936665][ T1246] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.950016][ T6830] ext4 filesystem being mounted at /208/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.975444][ T6830] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.1121: Directory hole found for htree leaf block 0
[  102.011495][ T3086] EXT4-fs (loop0): unmounting filesystem ffffff7f-0000-0000-0000-000000000000.
[  102.029575][ T6833] loop0: detected capacity change from 0 to 512
[  102.037528][ T6833] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #12: comm syz.0.1122: corrupted in-inode xattr: invalid ea_ino
[  102.051491][ T6833] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1122: couldn't read orphan inode 12 (err -117)
[  102.064248][ T6833] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.078329][ T6833] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.1122: Directory hole found for htree leaf block 0
[  102.105593][ T1246] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.115610][ T1246] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  102.125544][ T1246] bond0 (unregistering): Released all slaves
[  102.133321][ T6795] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.140388][ T6795] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.148160][ T6795] bridge_slave_1: entered allmulticast mode
[  102.157591][ T6795] bridge_slave_1: entered promiscuous mode
[  102.196411][ T6795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.269658][ T6833] bridge_slave_0: left allmulticast mode
[  102.275458][ T6833] bridge_slave_0: left promiscuous mode
[  102.281149][ T6833] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.291228][ T6833] bridge_slave_1: left allmulticast mode
[  102.297042][ T6833] bridge_slave_1: left promiscuous mode
[  102.302699][ T6833] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.311909][ T3084] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.321113][ T6833] bond0: (slave bond_slave_0): Releasing backup interface
[  102.338368][ T6833] bond0: (slave bond_slave_1): Releasing backup interface
[  102.354208][ T6833] team0: Port device team_slave_0 removed
[  102.370732][ T6833] team0: Port device team_slave_1 removed
[  102.383905][ T6833] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.391380][ T6833] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.400001][ T6833] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.407431][ T6833] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.424761][ T6833] batman_adv: batadv0: Interface deactivated: gretap1
[  102.431521][ T6833] batman_adv: batadv0: Removing interface: gretap1
[  102.440158][ T6795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.456440][ T1246] hsr_slave_0: left promiscuous mode
[  102.464018][ T1246] hsr_slave_1: left promiscuous mode
[  102.470271][ T1246] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.470339][ T3086] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  102.477741][ T1246] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.497385][ T1246] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.504846][ T1246] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.516750][ T1246] veth1_macvtap: left promiscuous mode
[  102.522295][ T1246] veth1_vlan: left promiscuous mode
[  102.525241][ T6867] loop2: detected capacity change from 0 to 128
[  102.527655][ T1246] veth0_vlan: left promiscuous mode
[  102.619413][ T6875] loop0: detected capacity change from 0 to 2048
[  102.629823][ T1246] team0 (unregistering): Port device team_slave_1 removed
[  102.638547][ T6875] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.650948][ T1246] team0 (unregistering): Port device team_slave_0 removed
[  102.651126][ T6875] ext4 filesystem being mounted at /213/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.678024][ T3086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.699009][ T6879] FAULT_INJECTION: forcing a failure.
[  102.699009][ T6879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.712120][ T6879] CPU: 0 PID: 6879 Comm: syz.0.1132 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  102.721930][ T6879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  102.731975][ T6879] Call Trace:
[  102.735345][ T6879]  <TASK>
[  102.738269][ T6879]  dump_stack_lvl+0xf2/0x150
[  102.742962][ T6879]  dump_stack+0x15/0x20
[  102.747129][ T6879]  should_fail_ex+0x229/0x230
[  102.751936][ T6879]  should_fail+0xb/0x10
[  102.756096][ T6879]  should_fail_usercopy+0x1a/0x20
[  102.761116][ T6879]  _copy_from_user+0x1e/0xd0
[  102.765794][ T6879]  __sys_bpf+0x14e/0x7a0
[  102.770110][ T6879]  __x64_sys_bpf+0x43/0x50
[  102.774560][ T6879]  x64_sys_call+0x23d5/0x2e00
[  102.779325][ T6879]  do_syscall_64+0xc9/0x1c0
[  102.783826][ T6879]  ? clear_bhb_loop+0x55/0xb0
[  102.788571][ T6879]  ? clear_bhb_loop+0x55/0xb0
[  102.793384][ T6879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.799316][ T6879] RIP: 0033:0x7f46037a5b59
[  102.803741][ T6879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.823410][ T6879] RSP: 002b:00007f4602a27048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  102.831858][ T6879] RAX: ffffffffffffffda RBX: 00007f4603935f60 RCX: 00007f46037a5b59
[  102.839835][ T6879] RDX: 0000000000000010 RSI: 0000000020000080 RDI: 000000000000001c
[  102.847792][ T6879] RBP: 00007f4602a270a0 R08: 0000000000000000 R09: 0000000000000000
[  102.855750][ T6879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.863709][ T6879] R13: 000000000000000b R14: 00007f4603935f60 R15: 00007ffc56bc9888
[  102.871680][ T6879]  </TASK>
[  102.880944][ T6857] netlink: 'syz.1.1125': attribute type 4 has an invalid length.
[  102.889438][ T6881] FAULT_INJECTION: forcing a failure.
[  102.889438][ T6881] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  102.902895][ T6881] CPU: 1 PID: 6881 Comm: syz.0.1133 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  102.912623][ T6881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  102.922727][ T6881] Call Trace:
[  102.926006][ T6881]  <TASK>
[  102.928924][ T6881]  dump_stack_lvl+0xf2/0x150
[  102.933585][ T6881]  dump_stack+0x15/0x20
[  102.937815][ T6881]  should_fail_ex+0x229/0x230
[  102.942531][ T6881]  __should_fail_alloc_page+0xfd/0x110
[  102.948097][ T6881]  __alloc_pages_noprof+0x109/0x360
[  102.953347][ T6881]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  102.958730][ T6881]  shmem_get_folio_gfp+0x3e4/0xb70
[  102.963919][ T6881]  shmem_write_begin+0xa0/0x1c0
[  102.968795][ T6881]  generic_perform_write+0x1b4/0x580
[  102.974146][ T6881]  shmem_file_write_iter+0xc8/0xf0
[  102.979255][ T6881]  vfs_write+0x78f/0x900
[  102.983563][ T6881]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  102.989382][ T6881]  ksys_write+0xeb/0x1b0
[  102.993670][ T6881]  __x64_sys_write+0x42/0x50
[  102.998285][ T6881]  x64_sys_call+0x2a40/0x2e00
[  103.002964][ T6881]  do_syscall_64+0xc9/0x1c0
[  103.007541][ T6881]  ? clear_bhb_loop+0x55/0xb0
[  103.012207][ T6881]  ? clear_bhb_loop+0x55/0xb0
[  103.016891][ T6881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.022795][ T6881] RIP: 0033:0x7f46037a46df
[  103.027258][ T6881] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  103.046957][ T6881] RSP: 002b:00007f4602a26e00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  103.055419][ T6881] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f46037a46df
[  103.063395][ T6881] RDX: 0000000000040000 RSI: 00007f45fa607000 RDI: 0000000000000004
[  103.071363][ T6881] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000052a
[  103.079444][ T6881] R10: 00000000000007c4 R11: 0000000000000293 R12: 0000000000000004
[  103.087405][ T6881] R13: 00007f4602a26f00 R14: 00007f4602a26ec0 R15: 00007f45fa607000
[  103.095372][ T6881]  </TASK>
[  103.110936][ T6867] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1128'.
[  103.120928][ T6795] team0: Port device team_slave_0 added
[  103.140093][ T6795] team0: Port device team_slave_1 added
[  103.150251][ T6885] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1134'.
[  103.159284][ T6885] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1134'.
[  103.171316][ T6885] gtp1: entered promiscuous mode
[  103.176428][ T6885] gtp1: entered allmulticast mode
[  103.204278][ T6795] batman_adv: batadv0: Adding interface: batadv_slave_0
[  103.211227][ T6795] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.237177][ T6795] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  103.248853][ T6884] process 'syz.1.1135' launched './file1' with NULL argv: empty string added
[  103.250498][ T6795] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.264611][ T6795] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.290540][ T6795] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.317500][ T6884] loop1: detected capacity change from 0 to 2048
[  103.333381][ T6795] hsr_slave_0: entered promiscuous mode
[  103.340860][ T6795] hsr_slave_1: entered promiscuous mode
[  103.346931][ T6795] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  103.354791][ T6795] Cannot create hsr debugfs directory
[  103.385766][ T6884] Alternate GPT is invalid, using primary GPT.
[  103.392051][ T6884]  loop1: p2 p3 p7
[  103.508269][ T6927] netlink: 'syz.1.1149': attribute type 6 has an invalid length.
[  103.516160][ T6927] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1149'.
[  103.565189][ T6931] loop2: detected capacity change from 0 to 512
[  103.601784][ T6939] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1153'.
[  103.611058][ T6931] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1151: corrupted in-inode xattr: bad e_name length
[  103.626681][ T6890] chnl_net:caif_netlink_parms(): no params data found
[  103.631564][ T6931] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1151: couldn't read orphan inode 15 (err -117)
[  103.648763][ T6931] EXT4-fs (loop2): mounted filesystem 00000004-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.681049][ T6931] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1151'.
[  103.695603][ T6931] xt_hashlimit: overflow, try lower: 0/0
[  103.701967][ T6931] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  103.708695][ T6931] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  103.716276][ T6931] vhci_hcd vhci_hcd.0: Device attached
[  103.773438][ T6890] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.780524][ T6890] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.791804][ T6890] bridge_slave_0: entered allmulticast mode
[  103.798397][ T6890] bridge_slave_0: entered promiscuous mode
[  103.828979][ T6890] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.836108][ T6890] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.861600][ T6890] bridge_slave_1: entered allmulticast mode
[  103.896007][ T6890] bridge_slave_1: entered promiscuous mode
[  103.922986][ T6945] vhci_hcd: connection closed
[  103.924339][ T3096] vhci_hcd: stop threads
[  103.933398][ T3096] vhci_hcd: release socket
[  103.937815][ T3096] vhci_hcd: disconnect device
[  103.953581][ T6890] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  103.969871][ T6890] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  103.992187][ T2961] usb 5-1: new low-speed USB device number 2 using vhci_hcd
[  103.993961][ T6890] team0: Port device team_slave_0 added
[  103.999619][ T2961] usb 5-1: enqueue for inactive port 0
[  104.006466][ T6890] team0: Port device team_slave_1 added
[  104.010762][ T2961] usb 5-1: enqueue for inactive port 0
[  104.019545][ T6795] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  104.023464][ T2961] usb 5-1: enqueue for inactive port 0
[  104.045468][ T6795] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  104.053895][ T6890] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.060868][ T6890] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.086829][ T6890] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.097546][ T6795] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  104.106536][ T6890] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.113519][ T6890] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  104.139453][ T6890] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.150065][ T2961] vhci_hcd: vhci_device speed not set
[  104.153496][ T6795] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  104.178367][ T6890] hsr_slave_0: entered promiscuous mode
[  104.185074][ T6890] hsr_slave_1: entered promiscuous mode
[  104.191017][ T6890] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  104.198593][ T6890] Cannot create hsr debugfs directory
[  104.261433][ T6890] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  104.271404][ T6890] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.292912][ T6795] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.310807][ T6795] 8021q: adding VLAN 0 to HW filter on device team0
[  104.330046][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.337141][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.346455][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.353598][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.371490][ T6795] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  104.384785][ T6890] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  104.394665][ T6890] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.435733][ T6890] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  104.445569][ T6890] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.471424][ T3085] EXT4-fs (loop2): unmounting filesystem 00000004-0000-0000-0000-000000000000.
[  104.472346][ T6795] 8021q: adding VLAN 0 to HW filter on device batadv0
[  104.499776][ T6974] FAULT_INJECTION: forcing a failure.
[  104.499776][ T6974] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.512963][ T6974] CPU: 1 PID: 6974 Comm: syz.2.1161 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  104.522714][ T6974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  104.532800][ T6974] Call Trace:
[  104.536078][ T6974]  <TASK>
[  104.539029][ T6974]  dump_stack_lvl+0xf2/0x150
[  104.543668][ T6974]  dump_stack+0x15/0x20
[  104.547885][ T6974]  should_fail_ex+0x229/0x230
[  104.552607][ T6974]  should_fail+0xb/0x10
[  104.556821][ T6974]  should_fail_usercopy+0x1a/0x20
[  104.561847][ T6974]  _copy_from_user+0x1e/0xd0
[  104.566444][ T6974]  __sys_bpf+0x14e/0x7a0
[  104.570779][ T6974]  __x64_sys_bpf+0x43/0x50
[  104.575208][ T6974]  x64_sys_call+0x23d5/0x2e00
[  104.579890][ T6974]  do_syscall_64+0xc9/0x1c0
[  104.584388][ T6974]  ? clear_bhb_loop+0x55/0xb0
[  104.589146][ T6974]  ? clear_bhb_loop+0x55/0xb0
[  104.593821][ T6974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.599752][ T6974] RIP: 0033:0x7ff5d8685b59
[  104.604164][ T6974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.623787][ T6974] RSP: 002b:00007ff5d7907048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  104.632323][ T6974] RAX: ffffffffffffffda RBX: 00007ff5d8815f60 RCX: 00007ff5d8685b59
[  104.640358][ T6974] RDX: 0000000000000048 RSI: 0000000020000140 RDI: 0004000000000000
[  104.648333][ T6974] RBP: 00007ff5d79070a0 R08: 0000000000000000 R09: 0000000000000000
[  104.656375][ T6974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.664350][ T6974] R13: 000000000000000b R14: 00007ff5d8815f60 R15: 00007ffc8df26468
[  104.672428][ T6974]  </TASK>
[  104.687557][ T6890] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  104.697491][ T6890] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.754501][ T6795] veth0_vlan: entered promiscuous mode
[  104.763004][ T6795] veth1_vlan: entered promiscuous mode
[  104.784525][ T6795] veth0_macvtap: entered promiscuous mode
[  104.794516][ T6795] veth1_macvtap: entered promiscuous mode
[  104.814246][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.824835][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.834792][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.845306][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.855137][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.865567][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.891073][ T6795] batman_adv: batadv0: Interface activated: batadv_slave_0
[  104.929563][ T6890] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  104.967447][ T6890] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  105.027499][ T6890] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  105.059863][ T6890] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  105.083656][ T6990] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6990 comm=syz.2.1164
[  105.146594][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.157165][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.167128][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.177601][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.187474][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.197924][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.210357][ T6795] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.221994][ T6795] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.230700][ T6795] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.239396][ T6795] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.248131][ T6795] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.327791][ T6890] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.332538][   T29] kauditd_printk_skb: 125 callbacks suppressed
[  105.332551][   T29] audit: type=1400 audit(1721388912.219:2367): avc:  denied  { ioctl } for  pid=6998 comm="syz.2.1167" path="/dev/usbmon0" dev="devtmpfs" ino=117 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  105.339917][ T6890] 8021q: adding VLAN 0 to HW filter on device team0
[  105.374399][ T6999] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1167'.
[  105.383502][ T6999] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1167'.
[  105.405520][ T2961] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.412699][ T2961] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.434240][   T29] audit: type=1400 audit(1721388912.319:2368): avc:  denied  { write } for  pid=7009 comm="syz.2.1171" name="rdma_cm" dev="devtmpfs" ino=225 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  105.459060][ T2961] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.466149][ T2961] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.604162][ T6890] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.636747][ T1246] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  105.647147][ T1246] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.687637][ T7045] loop2: detected capacity change from 0 to 512
[  105.696972][ T7045] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  105.710701][ T1246] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  105.712731][ T7041] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7041 comm=syz.3.1175
[  105.721029][ T1246] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.745684][ T7045] EXT4-fs (loop2): 1 truncate cleaned up
[  105.752096][ T7045] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.767285][   T29] audit: type=1400 audit(1721388912.649:2369): avc:  denied  { mounton } for  pid=7043 comm="syz.2.1178" path="/290/bus/bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  105.767774][ T7048] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1179'.
[  105.798463][ T3085] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /290/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  105.798902][ T7048] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1179'.
[  105.821843][ T3085] EXT4-fs error (device loop2): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  105.833132][ T7048] gtp2: entered promiscuous mode
[  105.851384][   T29] audit: type=1400 audit(1721388912.709:2370): avc:  denied  { rmdir } for  pid=3085 comm="syz-executor" name="lost+found" dev="loop2" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  105.853881][ T7048] gtp2: entered allmulticast mode
[  105.878584][ T3085] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /290/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  105.906302][ T3085] EXT4-fs error (device loop2): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  105.926958][ T3085] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /290/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  105.959448][ T3085] EXT4-fs error (device loop2): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  105.970601][ T7014] chnl_net:caif_netlink_parms(): no params data found
[  105.988345][ T3085] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /290/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  106.010116][ T3085] EXT4-fs error (device loop2): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  106.030504][ T3085] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /290/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  106.033006][ T1246] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  106.062131][ T1246] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.062703][ T3085] EXT4-fs error (device loop2): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  106.095617][   T29] audit: type=1400 audit(1721388912.979:2371): avc:  denied  { write } for  pid=7056 comm="syz.0.1182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  106.127386][ T7059] loop0: detected capacity change from 0 to 512
[  106.142285][ T7059] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  106.154725][ T7059] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  106.181649][ T1246] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  106.192067][ T1246] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.195961][ T7059] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1183: bg 0: block 18: invalid block bitmap
[  106.219409][ T7059] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  106.233001][ T7059] EXT4-fs (loop0): 1 truncate cleaned up
[  106.239184][ T7059] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.260555][ T7059] ext2 filesystem being mounted at /231/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.278093][ T7059] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 3: comm syz.0.1183: lblock 0 mapped to illegal pblock 3 (length 1)
[  106.297960][ T6819] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.301646][ T7059] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 3: comm syz.0.1183: lblock 0 mapped to illegal pblock 3 (length 1)
[  106.313167][ T7073] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1186'.
[  106.341380][ T7014] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.348571][ T7014] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.357103][ T7014] bridge_slave_0: entered allmulticast mode
[  106.363718][ T7014] bridge_slave_0: entered promiscuous mode
[  106.380138][   T29] audit: type=1400 audit(1721388913.259:2372): avc:  denied  { ioctl } for  pid=7058 comm="syz.0.1183" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=225 ioctlcmd=0x942c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  106.386967][ T1246] bridge_slave_1: left allmulticast mode
[  106.409097][ T7059] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 3: comm syz.0.1183: lblock 0 mapped to illegal pblock 3 (length 1)
[  106.411523][ T1246] bridge_slave_1: left promiscuous mode
[  106.411641][ T1246] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.439977][ T3086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.454619][ T1246] bridge_slave_0: left allmulticast mode
[  106.460316][ T1246] bridge_slave_0: left promiscuous mode
[  106.466051][ T1246] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.477352][ T7083] loop0: detected capacity change from 0 to 1764
[  106.486302][   T29] audit: type=1400 audit(1721388913.369:2373): avc:  denied  { mount } for  pid=7082 comm="syz.0.1188" name="/" dev="loop0" ino=1920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  106.593814][ T1246] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  106.604035][ T1246] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  106.613980][ T1246] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  106.622839][ T1246] bond0 (unregistering): Released all slaves
[  106.629871][   T29] audit: type=1400 audit(1721388913.509:2374): avc:  denied  { name_bind } for  pid=7074 comm="syz.3.1187" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  106.651003][ T7088] loop3: detected capacity change from 0 to 128
[  106.657538][ T7088] vfat: Bad value for 'time_offset'
[  106.670145][ T7014] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.677238][ T7014] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.684510][ T7014] bridge_slave_1: entered allmulticast mode
[  106.691251][ T7014] bridge_slave_1: entered promiscuous mode
[  106.706139][ T7088] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  106.708313][   T29] audit: type=1400 audit(1721388913.589:2375): avc:  denied  { unmount } for  pid=3086 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  106.714910][ T7088] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  106.743981][ T7088] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  106.752895][ T7088] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  106.762040][ T7088] vxlan0: entered promiscuous mode
[  106.767239][ T7088] vxlan0: entered allmulticast mode
[  106.774284][ T7088] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  106.783212][ T7088] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  106.792202][ T7088] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  106.801153][ T7088] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  106.825981][ T7090] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1189'.
[  106.838708][ T1246] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  106.846233][ T1246] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.856440][ T1246] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.863988][ T1246] batman_adv: batadv0: Removing interface: batadv_slave_1
[  106.882489][ T1246] veth1_macvtap: left promiscuous mode
[  106.888016][ T1246] veth0_macvtap: left promiscuous mode
[  106.893645][ T1246] veth1_vlan: left promiscuous mode
[  106.898973][ T1246] veth0_vlan: left promiscuous mode
[  106.983769][ T1246] team0 (unregistering): Port device team_slave_1 removed
[  106.994387][ T1246] team0 (unregistering): Port device team_slave_0 removed
[  107.040592][ T7014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.074042][ T7100] syzkaller0: entered promiscuous mode
[  107.074533][   T29] audit: type=1400 audit(1721388913.960:2376): avc:  denied  { create } for  pid=7105 comm="syz.3.1193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  107.079504][ T7100] syzkaller0: entered allmulticast mode
[  107.114506][ T7014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.141797][ T6890] veth0_vlan: entered promiscuous mode
[  107.151682][ T6890] veth1_vlan: entered promiscuous mode
[  107.182568][ T7014] team0: Port device team_slave_0 added
[  107.189411][ T6890] veth0_macvtap: entered promiscuous mode
[  107.212095][ T7014] team0: Port device team_slave_1 added
[  107.253517][ T7014] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.260519][ T7014] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.286487][ T7014] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.303370][ T6890] veth1_macvtap: entered promiscuous mode
[  107.310137][ T7014] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.317181][ T7014] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.343132][ T7014] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.377807][ T7113] syzkaller0: entered promiscuous mode
[  107.383402][ T7113] syzkaller0: entered allmulticast mode
[  107.400751][ T7014] hsr_slave_0: entered promiscuous mode
[  107.407840][ T7014] hsr_slave_1: entered promiscuous mode
[  107.414028][ T7014] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  107.421739][ T7014] Cannot create hsr debugfs directory
[  107.425226][ T7120] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1196'.
[  107.457774][ T6890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.468324][ T6890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.474500][ T7124] loop0: detected capacity change from 0 to 128
[  107.478187][ T6890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.494927][ T6890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.504985][ T6890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.515882][ T6890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.527499][ T6890] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.535834][ T6890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.546484][ T6890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.556332][ T6890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.566855][ T6890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.576705][ T6890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.587212][ T6890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.598193][ T6890] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.637813][ T7126] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1198'.
[  107.648378][ T6890] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.657115][ T6890] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.665922][ T6890] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.674675][ T6890] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.690597][ T1246] IPVS: stop unused estimator thread 0...
[  107.696019][ T7096] chnl_net:caif_netlink_parms(): no params data found
[  107.751381][ T7139] loop0: detected capacity change from 0 to 256
[  107.802783][ T7096] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.810009][ T7096] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.818919][ T7096] bridge_slave_0: entered allmulticast mode
[  107.825431][ T7096] bridge_slave_0: entered promiscuous mode
[  107.834840][ T7096] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.842020][ T7096] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.849184][ T7096] bridge_slave_1: entered allmulticast mode
[  107.855627][ T7096] bridge_slave_1: entered promiscuous mode
[  107.867741][ T1246] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20003 - 0
[  107.877621][ T1246] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  107.901848][ T7096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.926424][ T7151] syzkaller0: entered promiscuous mode
[  107.931910][ T7151] syzkaller0: entered allmulticast mode
[  107.940017][ T7096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.953036][ T1246] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20003 - 0
[  107.963004][ T1246] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  107.971838][ T7156] loop0: detected capacity change from 0 to 2048
[  108.007068][ T7096] team0: Port device team_slave_0 added
[  108.013606][ T7096] team0: Port device team_slave_1 added
[  108.029948][ T7096] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.037023][ T7096] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.062963][ T7096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.076134][ T1246] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20003 - 0
[  108.086292][ T1246] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  108.106692][ T7096] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.113689][ T7096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.139614][ T7096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.154613][ T7160] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1206'.
[  108.178941][ T7096] hsr_slave_0: entered promiscuous mode
[  108.185317][ T7096] hsr_slave_1: entered promiscuous mode
[  108.191418][ T7096] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  108.198959][ T7096] Cannot create hsr debugfs directory
[  108.222652][ T7014] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  108.238021][ T1246] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20003 - 0
[  108.248026][ T1246] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  108.258591][ T7014] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  108.267778][ T7014] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  108.280675][ T7014] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  108.342905][ T1246] bridge_slave_1: left allmulticast mode
[  108.348570][ T1246] bridge_slave_1: left promiscuous mode
[  108.354320][ T1246] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.426032][ T1246] team0: Port device geneve2 removed
[  108.573288][ T1246] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  108.583850][ T1246] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  108.594510][ T1246] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  108.604512][ T1246] bond0 (unregistering): Released all slaves
[  108.624384][ T7014] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.635037][ T7014] 8021q: adding VLAN 0 to HW filter on device team0
[  108.645371][ T3327] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.652497][ T3327] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.664818][ T3165] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.671932][ T3165] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.694927][ T7014] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  108.747850][ T7014] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.815099][ T7014] veth0_vlan: entered promiscuous mode
[  108.823094][ T7014] veth1_vlan: entered promiscuous mode
[  108.835486][ T7014] veth0_macvtap: entered promiscuous mode
[  108.845746][ T7014] veth1_macvtap: entered promiscuous mode
[  108.855628][ T7014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.866199][ T7014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.876147][ T7014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.886708][ T7014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.896703][ T7014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.907204][ T7014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.917048][ T7014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.927589][ T7014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.938468][ T7014] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.949834][ T7014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.960448][ T7014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.970580][ T7014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.981048][ T7014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.991224][ T7014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.001734][ T7014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.011645][ T7014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.022178][ T7014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.032998][ T7014] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.053043][ T7014] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.061970][ T7014] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.070672][ T7014] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.079407][ T7014] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.101909][ T7096] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  109.111639][ T7096] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  109.121067][ T7096] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  109.130012][ T7096] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  109.154151][ T7183] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1210'.
[  109.203394][ T7096] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.217330][ T7096] 8021q: adding VLAN 0 to HW filter on device team0
[  109.228181][ T3879] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.235373][ T3879] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.256083][ T3165] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.263240][ T3165] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.282371][ T7197] loop0: detected capacity change from 0 to 512
[  109.287901][ T7096] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  109.306722][ T7197] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  109.316379][ T7197] EXT4-fs (loop0): orphan cleanup on readonly fs
[  109.323630][ T7197] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.1214: Failed to acquire dquot type 1
[  109.337116][ T7197] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1214: bg 0: block 40: padding at end of block bitmap is not set
[  109.346778][ T7096] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.358882][ T7197] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  109.368509][ T7197] EXT4-fs (loop0): 1 truncate cleaned up
[  109.374870][ T7197] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  109.401744][ T3086] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.428556][ T7210] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1215'.
[  109.445894][ T7096] veth0_vlan: entered promiscuous mode
[  109.455327][ T7096] veth1_vlan: entered promiscuous mode
[  109.475035][ T7096] veth0_macvtap: entered promiscuous mode
[  109.483308][ T7096] veth1_macvtap: entered promiscuous mode
[  109.494707][ T7096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.505309][ T7096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.515347][ T7096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.525813][ T7096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.535746][ T7096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.546293][ T7096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.556279][ T7096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.566826][ T7096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.576679][ T7096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.587111][ T7096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.598366][ T7096] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.609179][ T7096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.619770][ T7096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.629692][ T7096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.640230][ T7096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.650067][ T7096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.660510][ T7096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.670536][ T7096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.680983][ T7096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.690828][ T7096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.701321][ T7096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.715540][ T7096] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.725142][ T7096] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.733932][ T7096] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.742792][ T7096] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.751600][ T7096] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.967170][ T7223] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7223 comm=syz.2.1192
[  110.155278][ T7243] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1223'.
[  110.281510][ T1246] tipc: Left network mode
[  110.373805][ T1246] hsr_slave_0: left promiscuous mode
[  110.379622][ T1246] hsr_slave_1: left promiscuous mode
[  110.386667][ T1246] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  110.394277][ T1246] batman_adv: batadv0: Removing interface: batadv_slave_0
[  110.403913][ T1246] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  110.411461][ T1246] batman_adv: batadv0: Removing interface: batadv_slave_1
[  110.420607][ T1246] veth1_macvtap: left promiscuous mode
[  110.426284][ T1246] veth0_macvtap: left promiscuous mode
[  110.431817][ T1246] veth1_vlan: left promiscuous mode
[  110.437043][ T1246] veth0_vlan: left promiscuous mode
[  110.532984][ T1246] team0 (unregistering): Port device team_slave_1 removed
[  110.543410][ T7258] hub 6-0:1.0: USB hub found
[  110.548140][ T7258] hub 6-0:1.0: 8 ports detected
[  110.548669][ T1246] team0 (unregistering): Port device team_slave_0 removed
[  110.644456][ T7258] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7258 comm=syz.4.1228
[  110.834614][ T7261] loop4: detected capacity change from 0 to 764
[  110.948539][   T29] kauditd_printk_skb: 42 callbacks suppressed
[  110.948554][   T29] audit: type=1326 audit(1721388917.830:2417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.4.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56a0945b59 code=0x7ffc0000
[  110.987409][   T29] audit: type=1326 audit(1721388917.830:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.4.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f56a0945b59 code=0x7ffc0000
[  111.010836][   T29] audit: type=1326 audit(1721388917.830:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.4.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56a0945b59 code=0x7ffc0000
[  111.034253][   T29] audit: type=1326 audit(1721388917.830:2420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.4.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56a0945b59 code=0x7ffc0000
[  111.057961][   T29] audit: type=1326 audit(1721388917.830:2421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.4.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f56a0945b59 code=0x7ffc0000
[  111.081591][   T29] audit: type=1326 audit(1721388917.830:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.4.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56a0945b59 code=0x7ffc0000
[  111.084448][ T7278] syzkaller0: entered promiscuous mode
[  111.105355][   T29] audit: type=1326 audit(1721388917.830:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.4.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56a0945b59 code=0x7ffc0000
[  111.110581][ T7278] syzkaller0: entered allmulticast mode
[  111.134049][   T29] audit: type=1326 audit(1721388917.830:2424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.4.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f56a0944590 code=0x7ffc0000
[  111.163340][   T29] audit: type=1326 audit(1721388917.830:2425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.4.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f56a09472e7 code=0x7ffc0000
[  111.186981][   T29] audit: type=1326 audit(1721388917.830:2426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7268 comm="syz.4.1232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f56a0945b59 code=0x7ffc0000
[  111.505373][ T7287] loop1: detected capacity change from 0 to 512
[  111.531673][ T7287] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.564876][ T7287] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.634798][ T7300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7300 comm=syz.3.1239
[  111.736845][ T7311] __nla_validate_parse: 1 callbacks suppressed
[  111.736861][ T7311] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1243'.
[  111.774645][ T7315] loop3: detected capacity change from 0 to 512
[  111.785990][ T7315] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  111.794117][ T7315] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  111.802152][ T7315] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.1245: bad orphan inode 13
[  111.804048][ T7318] loop4: detected capacity change from 0 to 512
[  111.822574][ T7315] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.836693][ T7318] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  111.848277][ T7318] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[  111.858078][ T7318] System zones: 1-12
[  111.862662][ T7318] EXT4-fs (loop4): orphan cleanup on readonly fs
[  111.869062][ T7318] EXT4-fs error (device loop4): ext4_read_inode_bitmap:168: comm syz.4.1246: Inode bitmap for bg 0 marked uninitialized
[  111.899721][ T7318] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  111.926680][ T6795] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.941875][ T7318] EXT4-fs error (device loop4): ext4_map_blocks:609: inode #2: block 5: comm syz.4.1246: lblock 0 mapped to illegal pblock 5 (length 1)
[  111.958652][ T7318] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.1246: error -117 reading directory block
[  111.974394][ T7318] EXT4-fs error (device loop4): ext4_map_blocks:609: inode #2: block 5: comm syz.4.1246: lblock 0 mapped to illegal pblock 5 (length 1)
[  111.988587][ T7318] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.1246: error -117 reading directory block
[  112.002697][ T7320] EXT4-fs error (device loop4): ext4_map_blocks:609: inode #2: block 5: comm syz.4.1246: lblock 0 mapped to illegal pblock 5 (length 1)
[  112.016870][ T7320] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.1246: error -117 reading directory block
[  112.032418][ T7014] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.042585][ T7318] EXT4-fs error (device loop4): ext4_map_blocks:609: inode #2: block 5: comm syz.4.1246: lblock 0 mapped to illegal pblock 5 (length 1)
[  112.079752][ T7318] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.1246: error -117 reading directory block
[  112.135894][ T6890] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.150220][ T7329] syzkaller0: entered promiscuous mode
[  112.155775][ T7329] syzkaller0: entered allmulticast mode
[  112.280661][ T7353] random: crng reseeded on system resumption
[  112.439951][ T7382] loop4: detected capacity change from 0 to 512
[  112.464999][ T7382] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.478819][ T7382] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.497631][ T7390] can: request_module (can-proto-0) failed.
[  112.523178][ T6890] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.539112][ T7397] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1265'.
[  112.567486][ T7410] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1269'.
[  112.623760][ T7412] syzkaller0: entered promiscuous mode
[  112.629284][ T7412] syzkaller0: entered allmulticast mode
[  112.683671][ T7425] loop4: detected capacity change from 0 to 512
[  112.701957][ T7425] ext4: Unknown parameter 'hash'
[  112.724347][ T7430] loop3: detected capacity change from 0 to 512
[  112.781821][ T7430] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.800088][ T7430] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.816392][ T7430] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1276'.
[  112.834442][ T6795] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.850595][ T7450] FAULT_INJECTION: forcing a failure.
[  112.850595][ T7450] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  112.863856][ T7450] CPU: 0 PID: 7450 Comm: syz.3.1277 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  112.873574][ T7450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  112.883651][ T7450] Call Trace:
[  112.886976][ T7450]  <TASK>
[  112.889906][ T7450]  dump_stack_lvl+0xf2/0x150
[  112.894512][ T7450]  dump_stack+0x15/0x20
[  112.898767][ T7450]  should_fail_ex+0x229/0x230
[  112.903502][ T7450]  should_fail+0xb/0x10
[  112.907671][ T7450]  should_fail_usercopy+0x1a/0x20
[  112.912692][ T7450]  _copy_from_iter+0xd3/0xb00
[  112.917383][ T7450]  ? kmalloc_reserve+0x16e/0x190
[  112.922332][ T7450]  ? __build_skb_around+0x196/0x1f0
[  112.927542][ T7450]  ? __alloc_skb+0x21f/0x310
[  112.932148][ T7450]  ? __virt_addr_valid+0x1ed/0x250
[  112.937300][ T7450]  ? __check_object_size+0x35b/0x510
[  112.942585][ T7450]  netlink_sendmsg+0x460/0x6e0
[  112.947367][ T7450]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.952717][ T7450]  __sock_sendmsg+0x140/0x180
[  112.957471][ T7450]  ____sys_sendmsg+0x312/0x410
[  112.962247][ T7450]  __sys_sendmsg+0x1e9/0x280
[  112.966957][ T7450]  __x64_sys_sendmsg+0x46/0x50
[  112.971727][ T7450]  x64_sys_call+0x26f8/0x2e00
[  112.976526][ T7450]  do_syscall_64+0xc9/0x1c0
[  112.981028][ T7450]  ? clear_bhb_loop+0x55/0xb0
[  112.985776][ T7450]  ? clear_bhb_loop+0x55/0xb0
[  112.990447][ T7450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.996378][ T7450] RIP: 0033:0x7f2ea54e5b59
[  113.000923][ T7450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.020537][ T7450] RSP: 002b:00007f2ea4767048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  113.029067][ T7450] RAX: ffffffffffffffda RBX: 00007f2ea5675f60 RCX: 00007f2ea54e5b59
[  113.037035][ T7450] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000003
[  113.045099][ T7450] RBP: 00007f2ea47670a0 R08: 0000000000000000 R09: 0000000000000000
[  113.053095][ T7450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.061071][ T7450] R13: 000000000000000b R14: 00007f2ea5675f60 R15: 00007ffecea3cac8
[  113.069045][ T7450]  </TASK>
[  113.147431][ T7466] loop3: detected capacity change from 0 to 1024
[  113.156185][ T7466] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.172048][ T7466] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1284'.
[  113.191286][ T6795] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.208548][ T7472] cgroup: Invalid name
[  113.238952][ T7476] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1287'.
[  113.247893][ T7476] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1287'.
[  113.260757][ T7476] ipvlan2: entered allmulticast mode
[  113.266154][ T7476] veth0_vlan: entered allmulticast mode
[  113.301905][ T7482] loop3: detected capacity change from 0 to 512
[  113.309196][ T7482] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  113.318676][ T7482] EXT4-fs (loop3): orphan cleanup on readonly fs
[  113.325461][ T7482] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  113.341799][ T7482] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  113.349420][ T7482] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1290: bg 0: block 40: padding at end of block bitmap is not set
[  113.365237][ T7482] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  113.374346][ T7482] EXT4-fs (loop3): 1 truncate cleaned up
[  113.380468][ T7482] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  113.403418][ T6795] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.437168][ T7489] loop3: detected capacity change from 0 to 512
[  113.443649][ T7489] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  114.135698][ T7498] IPVS: set_ctl: invalid protocol: 108 0.0.0.0:20000
[  114.345602][ T7507] loop2: detected capacity change from 0 to 512
[  114.355014][ T7507] loop2: detected capacity change from 0 to 512
[  114.361432][ T7507] EXT4-fs: Ignoring removed oldalloc option
[  114.367384][ T7507] EXT4-fs: Ignoring removed nomblk_io_submit option
[  114.374561][ T7507] EXT4-fs: Mount option(s) incompatible with ext3
[  114.402681][ T7514] loop2: detected capacity change from 0 to 164
[  114.434585][ T7521] loop2: detected capacity change from 0 to 512
[  114.441278][ T7521] EXT4-fs: Ignoring removed nomblk_io_submit option
[  114.449237][ T7521] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2812: inode #11: comm syz.2.1303: corrupted xattr block 95: invalid header
[  114.463516][ T7521] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1303: bg 0: block 7: invalid block bitmap
[  114.475993][ T7521] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  114.484903][ T7521] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2978: inode #11: comm syz.2.1303: corrupted xattr block 95: invalid header
[  114.498627][ T7521] EXT4-fs warning (device loop2): ext4_evict_inode:271: xattr delete (err -117)
[  114.507808][ T7521] EXT4-fs (loop2): 1 orphan inode deleted
[  114.513966][ T7521] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.542491][ T7096] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.688015][ T7534] loop2: detected capacity change from 0 to 512
[  114.789000][ T7534] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  114.832613][ T7534] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  114.840805][ T7534] EXT4-fs (loop2): orphan cleanup on readonly fs
[  114.848299][ T7534] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.1307: Invalid block bitmap block 0 in block_group 0
[  114.863509][ T7534] EXT4-fs (loop2): Remounting filesystem read-only
[  114.870448][ T7534] EXT4-fs (loop2): 1 orphan inode deleted
[  114.877042][ T7534] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  114.889446][ T7534] SELinux: (dev loop2, type ext4) getxattr errno 5
[  114.896559][ T7534] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.966188][ T7532] loop3: detected capacity change from 0 to 8192
[  115.012010][ T7536]  loop3: p4
[  115.015624][ T7536] loop3: p4 size 16776960 extends beyond EOD, truncated
[  115.050781][ T7532]  loop3: p4
[  115.054333][ T7532] loop3: p4 size 16776960 extends beyond EOD, truncated
[  115.062722][ T7533] xt_CT: You must specify a L4 protocol and not use inversions on it
[  115.102280][ T7538] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  115.108816][ T7538] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  115.116497][ T7538] vhci_hcd vhci_hcd.0: Device attached
[  115.157329][ T7545] loop4: detected capacity change from 0 to 128
[  115.170028][ T7545] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  115.178063][ T7545] FAT-fs (loop4): Filesystem has been set read-only
[  115.185111][ T7545] syz.4.1310: attempt to access beyond end of device
[  115.185111][ T7545] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  115.185731][ T7539] vhci_hcd: connection closed
[  115.200717][   T11] vhci_hcd: stop threads
[  115.209757][   T11] vhci_hcd: release socket
[  115.214231][   T11] vhci_hcd: disconnect device
[  115.321566][ T7550] loop4: detected capacity change from 0 to 1024
[  115.330286][ T7550] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.436857][ T6890] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.454331][ T7554] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1313'.
[  115.562733][ T7563] cgroup: Unknown subsys name 'euid>00000000000000000000'
[  115.571219][ T7563] SELinux:  Context system_u:object_r:systemd_passwd_agent_exec_t:s0 is not valid (left unmapped).
[  115.626924][ T7565] syzkaller0: entered promiscuous mode
[  115.632624][ T7565] syzkaller0: entered allmulticast mode
[  115.772242][ T7576] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1320'.
[  115.781659][ T7576] netdevsim netdevsim1 ä: renamed from netdevsim0 (while UP)
[  115.790796][ T7576] A link change request failed with some changes committed already. Interface ä may have been left with an inconsistent configuration, please check.
[  115.863778][ T7578] loop3: detected capacity change from 0 to 256
[  115.919578][ T7581] loop3: detected capacity change from 0 to 256
[  115.935672][ T7581] FAT-fs (loop3): Directory bread(block 64) failed
[  115.942378][ T7581] FAT-fs (loop3): Directory bread(block 65) failed
[  115.948911][ T7581] FAT-fs (loop3): Directory bread(block 66) failed
[  115.955526][ T7581] FAT-fs (loop3): Directory bread(block 67) failed
[  115.962082][ T7581] FAT-fs (loop3): Directory bread(block 68) failed
[  115.968598][ T7581] FAT-fs (loop3): Directory bread(block 69) failed
[  115.975152][ T7581] FAT-fs (loop3): Directory bread(block 70) failed
[  115.981759][ T7581] FAT-fs (loop3): Directory bread(block 71) failed
[  115.988284][ T7581] FAT-fs (loop3): Directory bread(block 72) failed
[  115.994841][ T7581] FAT-fs (loop3): Directory bread(block 73) failed
[  116.012891][ T7581] syz.3.1322: attempt to access beyond end of device
[  116.012891][ T7581] loop3: rw=2049, sector=1224, nr_sectors = 32 limit=256
[  116.026583][ T7581] syz.3.1322: attempt to access beyond end of device
[  116.026583][ T7581] loop3: rw=2049, sector=1288, nr_sectors = 32 limit=256
[  116.040648][ T7581] syz.3.1322: attempt to access beyond end of device
[  116.040648][ T7581] loop3: rw=0, sector=1316, nr_sectors = 4 limit=256
[  116.182433][ T7585] loop3: detected capacity change from 0 to 512
[  116.190402][ T7585] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  116.281963][ T7585] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  116.290007][ T7585] EXT4-fs (loop3): orphan cleanup on readonly fs
[  116.297161][ T7585] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1323: Invalid block bitmap block 0 in block_group 0
[  116.310760][ T7585] EXT4-fs (loop3): Remounting filesystem read-only
[  116.317567][ T7585] __quota_error: 74 callbacks suppressed
[  116.317601][ T7585] Quota error (device loop3): write_blk: dquota write failed
[  116.330951][ T7585] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  116.340814][ T7585] EXT4-fs (loop3): 1 orphan inode deleted
[  116.348776][ T7585] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  116.361244][ T7585] SELinux: (dev loop3, type ext4) getxattr errno 5
[  116.368481][ T7585] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.486302][ T7592] hsr0: entered promiscuous mode
[  116.521832][ T7591] hsr0: left promiscuous mode
[  116.585732][   T35] ==================================================================
[  116.593837][   T35] BUG: KCSAN: data-race in delete_from_page_cache_batch / nr_blockdev_pages
[  116.602528][   T35] 
[  116.604843][   T35] read-write to 0xffff8881004c1e70 of 8 bytes by task 7585 on cpu 0:
[  116.612900][   T35]  delete_from_page_cache_batch+0x4f3/0x700
[  116.618798][   T35]  truncate_inode_pages_range+0x1c5/0x6b0
[  116.624528][   T35]  truncate_inode_pages+0x24/0x30
[  116.629541][   T35]  blkdev_flush_mapping+0xa5/0x1a0
[  116.634656][   T35]  bdev_release+0x305/0x430
[  116.639178][   T35]  blkdev_release+0x15/0x20
[  116.643672][   T35]  __fput+0x192/0x6f0
[  116.647659][   T35]  ____fput+0x15/0x20
[  116.651645][   T35]  task_work_run+0x13a/0x1a0
[  116.656230][   T35]  syscall_exit_to_user_mode+0xbe/0x130
[  116.661785][   T35]  do_syscall_64+0xd6/0x1c0
[  116.666296][   T35]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.672191][   T35] 
[  116.674521][   T35] read to 0xffff8881004c1e70 of 8 bytes by task 35 on cpu 1:
[  116.681880][   T35]  nr_blockdev_pages+0x7c/0xd0
[  116.686643][   T35]  si_meminfo+0x87/0xd0
[  116.690799][   T35]  update_defense_level+0x49/0x5b0
[  116.695916][   T35]  defense_work_handler+0x1f/0x80
[  116.700944][   T35]  process_scheduled_works+0x483/0x9a0
[  116.706408][   T35]  worker_thread+0x526/0x700
[  116.711006][   T35]  kthread+0x1d1/0x210
[  116.715089][   T35]  ret_from_fork+0x4b/0x60
[  116.719506][   T35]  ret_from_fork_asm+0x1a/0x30
[  116.724269][   T35] 
[  116.726577][   T35] value changed: 0x0000000000000001 -> 0x0000000000000000
[  116.733683][   T35] 
[  116.736007][   T35] Reported by Kernel Concurrency Sanitizer on:
[  116.742219][   T35] CPU: 1 PID: 35 Comm: kworker/1:1 Not tainted 6.10.0-syzkaller-08676-g720261cfc732 #0
[  116.751841][   T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  116.761890][   T35] Workqueue: events_long defense_work_handler
[  116.767953][   T35] ==================================================================
[  116.782883][   T29] audit: type=1400 audit(1721388923.670:2498): avc:  denied  { connect } for  pid=7595 comm="syz.4.1328" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1