last executing test programs:

6.558896102s ago: executing program 1 (id=1636):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r2, 0x0)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="0100000000000000000010"], 0x34}}, 0x0)

6.536669884s ago: executing program 1 (id=1637):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$char_usb(r0, &(0x7f00000001c0), 0x0)
perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x3a)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xfec0ffffffffffff}}, 0x1c)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000140), 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_128={{0x304, 0x38}, "837ad552eed22b08", "e20000000000000010000000002000", "e0f10400", "8c478bf902150108"}, 0x28)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x2e, 0x0, 0x2000000)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010003b15000000000000000000004888", @ANYRES32=0x0, @ANYBLOB="d530d995212cf95a2000128008000100687372001400028008000200", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES64=r4], 0x40}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r9, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}}, 0x0)
sendmsg$FOU_CMD_DEL(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000100)={0x14, r9, 0x1}, 0x14}}, 0x0)
prctl$PR_MCE_KILL(0x21, 0x1, 0x0)

6.374519597s ago: executing program 1 (id=1644):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x4008031, 0xffffffffffffffff, 0x0)
futex(&(0x7f0000000040), 0x88, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)

6.005444048s ago: executing program 1 (id=1646):
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x501000, 0x0)
r1 = socket$kcm(0x11, 0x0, 0x300)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000000), 0x4)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
socket$unix(0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = socket$isdn(0x22, 0x2, 0x25)
r3 = socket$isdn(0x22, 0x2, 0x26)
dup2(r2, r3)
socket$kcm(0xa, 0x922000000003, 0x11)
r4 = socket(0x40000000015, 0x6, 0x0)
connect$inet(r4, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x10001}, 0x1c)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x30004001)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x10502, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000000980)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
request_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000380)='\x00', 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x1451c2, 0x10)
r5 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r0, r0, 0x30, 0x0, @val=@tracing={0xffffffffffffffff, 0x1}}, 0x40)
ftruncate(r5, 0x3)
open(&(0x7f0000000180)='./bus\x00', 0xb79dd068886f0126, 0x0)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000140)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
truncate(&(0x7f0000000080)='./file2\x00', 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f00000001c0)={@loopback, 0x9, 0x0, 0x0, 0x8, 0x9, 0x5}, 0x20)
mount$9p_fd(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="74bd6796edd03ebfb15efa1d77882472616e733d66642c7266646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c70726976706f72742c66736e616d653d295c2c736d61636b66737472616e736d7574653d6d73646f73002c61707072616973655f747970653d696d617369672c646f6e745f61707072616973652c6673636f6e746578743d73797374656d5f752c736d61636b66736465663d7b408f3a25212c636f6e746578743d73797361646d5f752c6d6561737572652c00"])
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000001c80)={0x0, 0x5}, &(0x7f0000001cc0)=0x8)
sendmsg(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000780)}], 0x1}, 0x0)

5.8563232s ago: executing program 1 (id=1649):
sched_setscheduler(0x0, 0x5, &(0x7f0000000080))
ioprio_set$pid(0x1, 0x0, 0x0)
r0 = syz_io_uring_setup(0x2bfc, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000001240)=<r1=>0x0, &(0x7f0000001340)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)

5.825345672s ago: executing program 1 (id=1652):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000001bc0)={'batadv_slave_1\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000003c0)={@remote, 0x0, r2})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000b80)={'batadv_slave_1\x00', <r5=>0x0})
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000300)={@remote, r5}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
chdir(0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
ptrace(0x10, 0x1)
r9 = inotify_init1(0x0)
fcntl$setown(r9, 0x8, 0xffffffffffffffff)
fcntl$getownex(r9, 0x10, &(0x7f0000000380)={0x0, <r10=>0x0})
ptrace$PTRACE_SETSIGMASK(0x420b, r10, 0x8, &(0x7f0000000340))
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r11, 0x29, 0xb, &(0x7f0000000100)=0x9, 0x4)
sendmmsg$inet6(r11, &(0x7f0000006b80)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x0, @local}, 0x1c, 0x0}}, {{&(0x7f0000000340)={0xa, 0x4e24, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="e8020000000000002900000004000000005a"], 0x2e8}}], 0x2, 0x20008080)
recvfrom$inet6(r11, 0x0, 0x0, 0x12020, 0x0, 0x0)
sendmsg$IPVS_CMD_GET_SERVICE(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="18000000", @ANYRES16=r8, @ANYBLOB="01e7000000000000000004"], 0x18}}, 0x0)

1.407663634s ago: executing program 4 (id=1727):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
rt_sigaction(0x1a, &(0x7f00000003c0)={&(0x7f0000000280)="f32ec0b80e00000000c4e339405795f0440f6fcb42d8f166410f5ed3420ffc98dc000000c4e371780d7c0000000ac4a1301455dfc46171633ec48305389021e2000001", 0xd0000006, &(0x7f0000000300)="c40171de01c4e3b56aee0041d9fc3645d822660fefb50c00000065dee7460f8e13cf0000c4627d783b263e65363e440f4e8500000000dec9"}, &(0x7f0000000480)={&(0x7f0000000400)="c403f95ecdf3410f491c4f8410c44280f34b00f046834afe0a412232640f1855f5c4230d5e170dc4229d3891b736fc438f0978d7590d", 0x0, 0x0}, 0x8, &(0x7f00000004c0))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
creat(&(0x7f0000000000)='./file0\x00', 0x150)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10}}}, 0xb8}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, @timestamp_reply={0x11}}}}}, 0x0)

1.363231588s ago: executing program 4 (id=1731):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r0, 0x560a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x2}, 0x90)
clock_gettime(0x0, &(0x7f0000000000))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xc}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0xfffffffffffffffc}, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x4, r3, 0x1)
socket$can_bcm(0x1d, 0x2, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec06000000000000002176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f3cc2b0da31fa21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bca84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e03564f7f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf05003f6cded6a2f8550b973b818184ebad0485fbaa816e3b26199d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c10a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d02000000a3ff4f8a4cf796b07a6ff61c5d52417fd703f7f14d8b78ac02ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c9ad943e392955f4f979ea13201bafe4f0f6ea5080000000cdcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12289ee34463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b0030000000000ea8809820000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f55e550fafa4cedd763ada3104f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2a81425ef1b71c1d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efc794874eac73381e6f523d9c8c21578fe3245097c280abe51427b9f6cd72b51b7689969c72fb632d1c072492d9da6d0252803c66730cd5eac907f09b9695906313f88735fce513974a24eee239baa91322608c6fc01e1b9e16587bb5f721303e6b89000000fa08ad0731c4b839688b22c4da2a74c4cf45dbeea042f9b33393f85a0417854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296ac2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692baffffffff5c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b042d84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf53928867d596987024952b698d4a01c08aca45ea8727be6c8bc8fdcdff1917db98f152625b8465bc46dbe9762d1183ec79f4ab393541a6d9cabc4de71c5a65d228e4cb483cca06858dc6727c7a2322c9580d9afc33f6fcf87518ecca6dd027cb995f1eb4e98e4b500b5843d4ee19210490639d0f4893d7d2c79c2d5cec4ebf2e04aeb1e36e370645e52e1328e70f011a950f8ae1dfa42b14ea99ffe35186534534630ad8a4881ff625e1b389cedc085acdba51308f2c4ab4b781e3756adbe6d012874666b157d1f077614a1e7c90180694efeb4094dc87f969af3e0a4ecdae32a091fd3ca0b86d732d130b983602ff21887eb1692e622d880a8378b129731c379bdcc7db13d2ab8b189ff83ca71d967fd7e1c46def217e7a9d0ac26bb6f65bbe904e3"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfdcd}, 0x48)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff})
splice(r5, 0x0, r4, 0x0, 0x1, 0x1)
ioctl$sock_SIOCINQ(r4, 0x541b, &(0x7f0000000000))
close_range(r4, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000140)={<r6=>0xffffffffffffffff})
cachestat(r6, &(0x7f0000000180)={0xffffffffffffffff, 0x2cc8}, &(0x7f0000000380), 0x0)
finit_module(r2, &(0x7f00000001c0)='@!\\(\\(\x00', 0x2)
mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
r7 = getpid()
process_vm_readv(r7, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000b6f000/0x2000)=nil, 0x2000, 0x2000004, 0x10010, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)

1.256837307s ago: executing program 3 (id=1732):
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000003b00), 0x0, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
geteuid()
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r1, 0x40047457, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
pwritev(r2, &(0x7f00000002c0)=[{&(0x7f00000010c0)="aabf", 0x2}, {0x0}], 0x2, 0x0, 0x0)

1.242003808s ago: executing program 3 (id=1733):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
write$binfmt_script(r1, 0x0, 0xfffffe5d)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010008506000000ff010000000000", @ANYBLOB="01ff00e1c2ed00001c0012000c000100626f6e640000"], 0x3c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000004c0)=0x14)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="4800000010000104000000000003000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800e0001006970366772657461700000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=@newqdisc={0x24, 0x10, 0x1, 0x0, 0x0, {0x10, 0x0, 0x4c, 0x0, {0xd}}}, 0x24}}, 0x0)

1.196998001s ago: executing program 4 (id=1734):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000800)="240000001e005f031420000000000000000000000100000000000800080008c01300", 0x22)

1.185311823s ago: executing program 4 (id=1735):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000000)=0x359a, 0x4)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r2, 0x0, 0x1a, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file2\x00', 0xa00a14, &(0x7f0000000080)=ANY=[], 0x1, 0x322, &(0x7f00000008c0)="$eJzs3M9LI2cYwPEnP4xJxEwOpaWF4kt7aXsYNO25EIpCaaCiplQLhVEnbcg0kUywpJRqT72W/ge97EE8ehN29x/wsrfdy1725mVhDyuL7CyZH5roJO6OZqPr9wMy78zzPOP7khieCc4c/vjvb7WKrVeMlsTTSmIiIkcieYlLIOZv4+44Jd225fOJZw8/Xlxe+a5YKs0uKDVXXPqyoJTKTd39/c+Mn7Y/Lgf5nw+fFp4cvH/w4eHLpV+rtqraqt5oKUOtNh63jFXLVOtVu6YrNW+Zhm2qat02m1684cUrVmNjo62M+vpkdqNp2rYy6m1VM9uq1VCtZlsZvxjVutJ1XU1mJUwq9OhtVd5ZWDCKEYvXrngyiOqF4zgDwk6saCREJHMuUt4Z6rwAAMC1dKb/T7gtfaT+X3Ju/99JPu3/dz+535r4YS/n9//7qbD+/6tH3rl6+v+0iFxp/58OWf35jujG23qT5Ev1/7geps5f08Z69prNopH1/35df/+0O+0O6P8BAAAAAAAAAAAAAAAAAAAAALgJjhxHcxxHC7b+zxenGd6xUc4Rw9Pn9dfG/Tumgv1RzxPDsbi8Imn3xr1kTsT6Z7O8Wfa2fjxInBZNjt33g68zDu48Uh15uWdt+fVbm+WEGylWpCqWmDIjmuTP1jvO3Lel2Rnl6a0fk2x3fUE0eS+8vhBan5LPPu2q10WTB2vSEEvWO+/rY+ek/q8Zpb75vnSmPuPmAQAAAADwLtDVidDrd13vF/fqT66ve78fEOm6Pp8OvT5Pah8lR7t2AAAAAABuC7v9R82wLLM5YJCRi3OiD5LRyscG5SS6VtgTku2+S075Twge3koHDIJ/pKilukJp+d8/HOXMwfqHM+e4RKmaEmfcm9VlfnvwtVG/HJkf9uuV7BP64L87z6OdOeY/tbc79PVe+oKVDm0w9lofHk7ikp8+AAAAAN6moOnP2O5ubNTzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNhrwGLDkVT1ObNRrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK6LVwEAAP//mxn/6g==")
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000640)=[{&(0x7f0000000300)="e3b1ed39ac10d6da4ca5a755ba202149cfb4a5b960acabc0be0c70ff72bfb0e96439578147e0817949ba825461316a0e39c40cc4d3ac1c2eff7d5430c5426730fe5d12f970e22a61019b5097986ee426b7d56215e8f8123be26be053d654c3c5de4e7a870886e1de74b71eb5eb8500325841c9ecec1f1144e6d3693fc5ef2e3e0e", 0x81}], 0x1, 0x0, 0x0)
write$binfmt_aout(r7, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r7, 0x0)
r8 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r8, 0x10d, 0xe2, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r10 = dup(r9)
ioctl$TIOCGSOFTCAR(r10, 0x4b4b, &(0x7f0000001080))
sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r6, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1ff}, @SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x34}}, 0x0)

1.112885528s ago: executing program 3 (id=1736):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)={&(0x7f0000000300)={0x50, 0x0, 0x400, 0x70bd2a, 0xfffffff9, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @rand_addr=0x64010101}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20880}, 0x4)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
pwrite64(r0, &(0x7f00000000c0)="97", 0x1, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @none}, 0xe)
setsockopt$bt_BT_RCVMTU(r1, 0x112, 0x7, 0x0, 0x0)
socketpair(0x22, 0x2, 0x2, &(0x7f0000000000))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000000)={0x1, 'macvlan0\x00', 0x1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_SREG={0x8}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x13f}}, 0x2f)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @empty}, r4}}, 0x48)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000080)={0x13, 0x10, 0xfa00, {&(0x7f00000004c0), r4, 0x2}}, 0x18)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
sync()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

1.112063348s ago: executing program 4 (id=1737):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000a00))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r4, 0x9}, 0x48)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f00000003c0)={r5, &(0x7f0000000300), 0x20000000}, 0x20)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
recvmmsg(0xffffffffffffffff, &(0x7f0000006a00)=[{{0x0, 0x0, &(0x7f0000006980)=[{&(0x7f0000004e80)=""/160, 0xa0}], 0x1}}], 0x1, 0x0, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000006c0)='./bus\x00', &(0x7f00000000c0)='ecryptfs\x00', 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, &(0x7f0000000300)=0x20, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5b, 0x0, 0x0, 0x1e, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xf, &(0x7f0000000600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffea8)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETA(r6, 0x5406, &(0x7f0000000100)={0xff02, 0x6, 0x0, 0x800b, 0xf, "1f7300"})
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, 0x0)

605.57389ms ago: executing program 2 (id=1750):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x48, 0x10, 0x0, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x4}, @IFLA_MACSEC_CIPHER_SUITE={0xc}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x0)

604.77801ms ago: executing program 2 (id=1751):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
memfd_create(0x0, 0x6)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'tunl0\x00', &(0x7f0000000140)={'sit0\x00', r1, 0x700, 0x80, 0x3, 0x4, {{0x56, 0x4, 0x3, 0x6, 0x158, 0x66, 0x0, 0x9, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x13}, @local, {[@timestamp_prespec={0x44, 0x2c, 0x6e, 0x3, 0x6, [{@private=0xa010100, 0x36c}, {@private=0xa010100, 0x66}, {@local, 0x1}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x6}, {@multicast2, 0xb}]}, @end, @timestamp_prespec={0x44, 0x3c, 0x44, 0x3, 0x2, [{@remote, 0xb6d}, {@local, 0x7f}, {@private=0xa010102, 0x40}, {@multicast2, 0x4af}, {@multicast1}, {@private=0xa010100, 0x4}, {@private=0xa010100, 0xb}]}, @rr={0x7, 0x7, 0x6e, [@dev={0xac, 0x14, 0x14, 0x13}]}, @ssrr={0x89, 0x1f, 0x71, [@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @multicast2, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @local]}, @timestamp_prespec={0x44, 0x14, 0xb4, 0x3, 0x5, [{@loopback, 0x1000}, {@rand_addr=0x64010101, 0x400}]}, @noop, @timestamp_prespec={0x44, 0x54, 0xd2, 0x3, 0x4, [{@multicast1, 0xc27}, {@remote, 0x6}, {@multicast2, 0xd9}, {@empty}, {@multicast2, 0x401}, {@private=0xa010101, 0x8001}, {@multicast1, 0x2}, {@remote, 0x8}, {@loopback, 0x2d}, {@private=0xa010100, 0x7ff}]}, @timestamp_addr={0x44, 0x4c, 0x50, 0x1, 0x3, [{@loopback, 0xf42}, {@local, 0x1ff}, {@local, 0x5}, {@remote, 0xb7}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x7}, {@broadcast, 0x5}, {@multicast1, 0x8}, {@empty}, {@broadcast, 0x9}]}]}}}}})
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x7fff, 0x4, 0x8, 0x80, 0x1, 0x7, '\x00', r1, r2, 0x4, 0x4, 0x1, 0x7}, 0x48)

357.65731ms ago: executing program 2 (id=1752):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_newrule={0x1c, 0x18, 0x409}, 0x1c}}, 0x0) (fail_nth: 5)

341.256862ms ago: executing program 2 (id=1753):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0xfff, 0x9}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

331.431532ms ago: executing program 2 (id=1754):
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000003b00), 0x0, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
geteuid()
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r1, 0x40047457, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
pwritev(r2, &(0x7f00000002c0)=[{&(0x7f00000010c0)="aabf", 0x2}, {0x0}], 0x2, 0x0, 0x0)

270.124737ms ago: executing program 2 (id=1755):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
dup(r0)
perf_event_open(&(0x7f0000000240)={0x2, 0xfffffffffffffe49, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)="d64018d045425ac05ef8825ab12f4cdfaf249ed25b2237ec697b1a2672f0eebf752b42a90d7ce1bb6cecde79137894996f34a9ddd06068a9360753eac71eb73e721b50443ae5e8577a1d34201aee2aa328c12d859757fb0edfbdea0f3628fe3f4a7644a465df876afdcdcd2e30859763deda795aefd8d36d1fba16e6c96c78a38742063c8de5acbfc6308a7fd282d958725da202db52c2d49bed515de5035d8fb6b24ae8d37accc6181d74535e8f01aaabd131cd5f44030f5d26eda9c4f7f0168557ca9e3a9f0ee8", 0xc8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180400000100f1ff0000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000640)='svcrdma_encode_wseg\x00', r3}, 0xffffffffffffff4c)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="8f4fe6953d2a8bed5cb1017ea9f3012dd012dcbb709d3b475f038b0938b034f3de34152538641d7709b6f67fa07037795619e4b7c1ad3ad2fab43c5809114cb9e4666c8219cd4c0befa2d739c18644265eae4b26d0ccfcd499039e9ff7fcf4e797848cc3cb0c2a3010037789c08caadc4b23", @ANYRES16=r2, @ANYBLOB="8f9f0000000000000000040000001800018014000200766574683000"/38], 0x2c}}, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000000100))
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x3000, 0x0, 0x1ff}})
ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x1b, 0x0, "05be04f85f24b3154478c908c2f6ecd93900e179a582b52ce9cfeb10f466693ce04d4c38eef0cdc8075077a1f8d2e67f41bbcb62a57680a053b58536349d9c41", "e3c055e4c17b5fec8c1737c24bc5bbb0751fe63b9e0c55b1e82eac590b9d7f057b8d7c7af91d8d9d0b4f7525250c81dd277b5b6cbc5b00", "7a91b590b9c06821ef5c606d5f4ba751aae2edcc2717a215ed6e2285e774391e", [0x7, 0x2]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x3, &(0x7f0000000000)=[{0x15}, {0x5}, {0x6, 0x8d, 0x0, 0x1}]})
r6 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x80100, 0x0, 0x20}, 0x18)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000005c0)={&(0x7f0000000680)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082cbd7000fddbdf250a0000000a000900ffffffffffff000032e7fc3d03bd4e6e9a70f9fb17c648a60ed97817cfb161716adac555cf538214a749c6b605400c363e1d631416ff926aba00f5c4c33d65aa521140a8af5d70a4d6a0cc3980eaf9eb61447e43e25f32a05669bfdd004fca1b67988aea7f7db436e598eb090ccdb3192a9c848211842969f0f6c84fe3a6a82fc0248572df2c61e96cac0d657dee3eaf4025ea8f49d69207f99d0d2b86442e257cc626a2a3ef2ba3eceb4646cbd72e38037a7cc2ff1fa6adb91179dd571ec7d50bb7"], 0x20}, 0x1, 0x0, 0x0, 0x4008004}, 0x40004)
fcntl$setownex(r6, 0xf, &(0x7f00000000c0)={0x41c21c49b1a76e92})
open_tree(r6, &(0x7f0000000100)='./file0\x00', 0x9000)
socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x400280, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000001780)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
pipe(&(0x7f0000000140)={<r7=>0xffffffffffffffff})
connect$inet(r7, &(0x7f00000000c0)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000480)=[@in6={0xa, 0x4e23, 0x5, @local, 0x1}, @in6={0xa, 0x4e24, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x2}, @in6={0xa, 0x4e24, 0x2, @private2, 0xfffff563}], 0x54)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e20, 0x6, @mcast2, 0x43684e3f}}, 0xfffd}, 0x90)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x3c, &(0x7f0000000400)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e22, @multicast2}, @in6={0xa, 0x4e23, 0xff, @empty, 0x7}]}, &(0x7f0000000240)=0x10)
r8 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000180)={0x1100005, 0x0, 0x0, 0x3}, 0x10)

196.374443ms ago: executing program 3 (id=1756):
socket$inet6(0xa, 0x2, 0x3a)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000100))
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="380000001800090300000000000000000a000000000000000000000008000400", @ANYRES32=r1, @ANYBLOB="060015000a0000000c001680080001"], 0x38}}, 0x0)
r3 = syz_open_pts(0xffffffffffffffff, 0x60c40)
dup3(r3, 0xffffffffffffffff, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0)
sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB], 0x14}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=@gettaction={0x28, 0x32, 0x0, 0x3, 0x0, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8}]}, 0x28}}, 0x44001)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r4, 0x84, 0x15, &(0x7f0000000040)={0xb}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(r4, &(0x7f0000000500)="a4", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

184.205105ms ago: executing program 0 (id=1757):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
writev(r0, &(0x7f0000000300)=[{&(0x7f00000000c0)="c0", 0x1}], 0x1)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78ac02ca3cdf6a662db1c9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafedcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd89346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12282ce24463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f09000000000000004fc4bda3453602004535a976eacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a191852c9ae031db044b2353199546609f9f69a6cfefdf879d447df53f3b9b70d10355b00300000000000000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2a81425ff000000d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f88735fce5115dc83ed73d8ee4a91322608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf5000000000000fa08ad0731c4b839688b22c4da2a6bc4cf45854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296bb2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692ba74b531b65c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b03ed84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf5392882df78b0983e662dc0cb64b77f3f006b6b25443197ae93f0be6de5a703d003f00720943c0e4b33af0000000000000000"], &(0x7f0000000000)='GPL\x00', 0x5, 0xbc, &(0x7f000000cf3d)=""/188, 0x0, 0x2, '\x00', 0x0, 0x5}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x4, 0x4, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r5}, 0x4)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r4}, 0x20)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x31, 0x0, &(0x7f0000000040))
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2204c3b, &(0x7f0000000380)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0, @ANYBLOB=',gid=', @ANYRESHEX=0x0])
pipe2$9p(&(0x7f00000001c0)={<r7=>0xffffffffffffffff}, 0x0)
r8 = socket(0x28, 0x1, 0x0)
setsockopt$sock_int(r8, 0x1, 0x2e, &(0x7f0000000040)=0x3, 0x4)
r9 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r8, &(0x7f0000000080)={0x17be1b})
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d77ab8855d7f2c31b440f3b6e9e68c337a1c8cc6d721fae0be99b893d160ecb4adc626f7aeeb76fb4fe56af964266e8f0d5e9b415f7cb441e20f456cbf04306a27ec7e4c2c21ddc338cf686714dac73dec659cad6d96eb2acb91a685a68f5caa3c2d213b53632e800a11d83f9e6b16470c627601b470a50591dc4eff00c497457db60536c2f35940fc9658ee968ee70f32a2b264d01ce", @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r9, @ANYBLOB=',\x00'])
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000380)={'wlan1\x00'})
r10 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000100)={0x0, 0xa, &(0x7f0000000040)={&(0x7f0000000280)={0x40, r10, 0x1, 0x0, 0x0, {0x2, 0x2, 0x2}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'ip6_vti0\x00'}]}, 0x40}, 0x1, 0x40030000000000}, 0x0)
chown(&(0x7f0000000140)='./file0\x00', 0xee00, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

170.571466ms ago: executing program 4 (id=1758):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00'})
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100))
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = getpid()
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newlink={0x58, 0x10, 0x400, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_FLAGS={0xc}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x58}, 0x1, 0xba01}, 0x0)
bind$can_raw(0xffffffffffffffff, &(0x7f0000000280), 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
listen(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
shutdown(0xffffffffffffffff, 0x0)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000140)=[{0x16}]})

98.170561ms ago: executing program 3 (id=1759):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1004400, &(0x7f0000001940), 0x6, 0x588, &(0x7f0000000300)="$eJzs3U1sHFcdAPD/TOzsOnGaFHooCGgohYCirmOnjapeWi5IUFUgFU49pNZ6Y0VeZyPvutTGB+fEgSsSlTjBhQsnDpU4IPWEuHKDG5dyQCooAtVICE014914d7ObbOOPiePfTxrte/P1f2/kfeN5szMvgBPrYkRsR8TpiHgnIs5HUsxPulO8vjvl631yd6u+c3ernkSWvfWvqe4etuq99XvORsRPR8Sq9KXbG5sri81mY62bn+us3p5rb2y+eHN1cbmx3Li1sHBt/tqVV66+vHBgdX1u9Xcff+fmGz/6w++//NGft7/1k7zMr3WX5XXrWzXJsmz/AV/rHZfpmO3OSiMiP3Jv7H/vj4VT3fqcLrsgPJL87/FzEfF8N31PtbwyAQCHK8vOR3a+P78nHchlWTJiHQDg+Mmv+WcjSWvd6//ZSNNarejDqz4TZ9Jmq925fKO1fivpdfFNpzduNhtXir7CiEpMJ3l+PiIuFNNufmEofzUino6In1dminyt3moulfIfDwBwduj8/59Kfv6vTLKpOwQAcJw5kwPAyXP/+X+6lHIAAEfH9T8AnDx95/+J7vwDAMdfdejZ/5Gy5EjKAgAcjZH9/2+f20s/mwy94gsAOO7c/weAE+UHb76ZT9lOlhTvv156d2N9pfXui0uN9kptdb1eq7fWbteWW63l4p09qyN2cac/02y1bs+/FOvvzXUa7c5ce2Pz+mpr/VbnevFe7+sNDxYAQPmefu7DvyYRsf3qTDFFbyyHh/8gADjm0oiZsssAlONU2QUASjNVdgGA0uiPBx72496RPxGaiYj3x2+jYwEeb5e+MKb/f/h/g8H7Af8/gNGxgZJ1v9a6AeAE2l//v94DOM4efOL3YBA8ybIsMZ4/AJwwE1zB+4kgPOEe6f4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnHCzxZSkte5Y4LORprVaxLmIuBDTyY2bzcaViHgqIv5Sma7k+fmyCw0A7FP6j6Q7/tel8y/MDi89nfy3UnxGxI9/+dYv3lvs9IYOvDe/834xv7O2MDJA5fDrAAD0mRqe0TtPF599F/Kf3N2q96ajLODH396Lv3N3q743HvFUt/DVyOed+XcyUJnkgAYm3r4TEc8O1z+9t/xCd+TT4fh57HOHFj+KGs4OxB/8Nyotlu1+5sfi8zMTxjuAMsOT4sO8/Xl91PcvjYvFZ/f7NzXYmFbjZ/c3ro+gaP+qETvZbvu30xc/3//3z1WLtmZU+3dx0hgv/fG7Y5fdOZV9cSqiF3unr/3ZVS1So+K/MGH8v33pK8+PO1jZryIuxYPi76bmOqu359obm7/93gd/Wm4sN24tLFybv3bllasvL8wVfdRzvZ7q+/3z1ctPja9/xJkx8asPqf/XJ6z/r//3zttffUD8b35tVPw0nnlA/Pyc+I1Ymyj+4pkPxg7fncdfGlP/qYH4pwe2y+ddHt7ZmD/Ij/6+uTRRQQGAI9He2FxZbDYba5Mk0thcWexdaE681UBi5pG2mjARh7bn0YnpgYNQPaxYZ8cs+s1n3uF0HOnxObDEnc+wcqWcop6KZq8/6qErd9fb3k/QLNtHmS9OsE5JDRJwZPa+9GWXBAAAAAAAAAAAAAAAGKf9w+4r/w74oaj+h+HKriMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPrk8DAAD//xa4xxY=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
semtimedop(0x0, &(0x7f00000000c0)=[{}], 0x1, &(0x7f0000000100)={0x77359400})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1}], {0x95, 0x0, 0x700}}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x90)

97.144241ms ago: executing program 3 (id=1760):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = gettid()
r2 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r2, 0x114, 0x6, &(0x7f0000000600), 0x4)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r3, &(0x7f0000000440)=""/247, 0x26)
prlimit64(0x0, 0x0, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r5, &(0x7f0000002e80)={0x0, 0x0, &(0x7f0000002e40)={&(0x7f0000002e00)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_TOKEN={0x8}]}, 0x1c}}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000080)={0x1, @time})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x44a, &(0x7f0000001380)="$eJzs271vG2UYAPDn7CSlXyRU5aMfQKAgylfSpKV0YAGBxFAkJBjKGJK0CnUb1ASJVhEEhMqIKjGxIEYk/gImWBAwIbHCjipVKEsLk9HZd43t2E6dOnGpfz/p3Pe9O/d9nrt77ffujQPoW6PpSxKxKyL+iIjharV+h9HqPzdWlqb/WVmaTqJcfuvvpLLf9ZWl6XzX/H0788pAROGzJA40aXfh4qWzU6XS7IWsPr547v3xhYuXnp87N3Vm9szs+ckTJ44dnXjx+OQLXckzzev6/o/mD+57/Z0rb0yfuvLuL98lef4NeXTJaLuNT5bLXW6ut3bXlJOBHgZCR4rVbhqDlf4/HMVYPXnD8dqnPQ0O2FTlcrn8QOvNy2XgLpZEryMAeiP/ok/vf/Nli4Yed4RrL1dvgNK8b2RLdctAFLJ9Bhvub7tpNCJOLf/7dbrE5jyHAACo80M6/nmu2fivELXPhe7N5lBGIuK+iNgTEccjYm9E3B9R2ffBiHiow/YbJ0nWjn8KV2tr5aTDBtaRjv9eyua26sd/+egvRopZbXcl/8Hk9Fxp9kh2TA7H4La0PtGmjR9f/f2LVttqx3/pkrafjwWzOK4ObKt/z8zU4tTt5Fzr2icR+wca8j8ZlQm8fCYgPeT7ImL/BtuYe+bbg622rZ9/G12YZyp/E/FU9fwvR935X73Qkvbzk+P3RGn2yHh+Vaz162+X32zV/m3l3wXp+d/R9Pq/mf9IUjtfu9DJ//7V0+nr5T8/b3lPs9Hrfyh5u1IeytZ9OLW4eGEiYig5WQ26dv3k6nvzer5/mv/hQ837/55YPRIHIiK9iB+OiEci4tEs9sci4vGIONTmKPz8yhPvbTz/zZXmP9PR+V8tDEXjmuaF4tmfvq9rdKST/NPzf6xSOpytuZXPv1uJq9OrGQAAAP6vChGxK5LC2M1yoTA2Vv0b/r2xo1CaX1h89vT8B+dnqr8RGInBQv6ka7jmeehEdluf1ycb6kez58ZfFrdX6mPT86WZXicPfW5ni/6f+qvY6+iATef3WtC/9H/oX/o/9C/9H/pXk/6/vRdxAFuv2ff/xz2IA9h6Df3ftB/0Eff/0L820v99ZsDdoW1fHtq6OIAttbA91v+RvILCmkIU7ogwFDap0OtPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO74LwAA///lI+j0")
openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x52000, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000006c0)={0x0, 0x15c}, 0x1, 0x0, 0x0, 0x40040080}, 0x1)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r3, 0xc0605345, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r3, 0x40045304, &(0x7f0000000780))
tkill(r1, 0x7)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000240)='bbr\x00', 0x4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
syz_clone(0x1000, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800006, 0x0, 0x0, 0x0, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_open_dev$sg(&(0x7f0000000cc0), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r7, 0x2282, &(0x7f0000000d00))

95.061542ms ago: executing program 0 (id=1761):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
munlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000)
munlock(&(0x7f0000d8d000/0x4000)=nil, 0x4000)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x2000000)
write$cgroup_int(r0, &(0x7f0000000380), 0x12)
ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90)
ioctl$EVIOCGID(r0, 0x80084502, &(0x7f0000000000)=""/122)

40.739446ms ago: executing program 0 (id=1762):
socket$inet6(0xa, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000dc0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000e00)={0x3c, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_LEVEL={0x1c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}]}]}, 0x3c}}, 0x0)
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
r3 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000005000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000a80)='ext4_writepages\x00', r7}, 0x10)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r9=>0x0}, &(0x7f0000cab000)=0xc)
setreuid(0x0, r9)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000003c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@quota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x69}}, {@nojournal_checksum}, {@nombcache}, {@noload}]}, 0x3, 0x450, &(0x7f0000000a80)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH5RAQZRX0qSl9MClCCQOICHBoRxDklalboOaINGqogWhckSVOHFBHJH4CzjBBQEnJK5wR5UqlEsL4mC09m5iu7YbGydu689HWmdmd+yZr3fHntmJAxhY4+lDErEtIn6LiNFqtr7AePXPzeWLs38tX5xNolx+88+kUu7G8sXZvGj+vK15Ziii8EkSe5rUu3j+wumZUmn+XJafXDrz3uTi+QvPnTozc3L+5PzZ6aNHDx+aeuHI9PPdB7fv0j/HsmQa143dHy7s3fXq21dfnz1+9Z2fvkny+Bvi6JHxdgefKJd7XF1/ba9JJ0N9bAgdKVa7aQxX+v9oFGP15I3GKx/3tXHAuiqXy+UHWh++XAbuYUn0uwVAf+Rf9On8N982aOhxR7h+rDoBSuO+mW3VI0NRyMoMN8xve2k8Io5f/vvLdIv1uQ8BAFDnu3T882yz8V8hau8L/T9bQxmLiPsiYkdEHImInRFxf0Sl7IMR8VCH9Tcuktw6/ilc6yqwNUrHfy9ma1v147989BdjxSy3vRL/cHLiVGn+YPaeHIjhTWl+qk0d37/862etjtWO/9ItrT8fC2btuDa0qf45czNLM/8l5lrXP4rYPdQs/mRlJSCJiF0RsbvLOk49/fXeVsduH38bPVhnKn8V8WT1/F+OhvhzSfv1ycn/RWn+4GR+Vdzq51+uvNGq/mbxF2ON8fdAev63NL3+V+IfS2rXaxc7efUvnkofr/z+acs5TbfX/0jyVt2+D2aWls5NRYwkr1UbXbt/uqHc9Gr5NP4D+5v3/x2x+k7siYj0In44IvZFxCNZ2x+NiMciYn+bd+HHlx5/t/v411ca/1xH5381MRKNe5oniqd/+Lau0rFO4k/P/+FK6kC2Zy2ff2tpV6dXMwAAANytChGxLZLCxEq6UJiYqP4P/87YUigtLC49c2Lh/bNz1d8IjMVwIb/TNVpzP3Qqm9bn+emG/KHsvvHnxc2V/MTsQmmu38HDgNvaov+n/ij2u3XAuvN7LRhc+j8MLv0fBpf+D4OrSf/f3I92ABuv2ff/pT60A9h4Df3fsh8MEPN/GFzd9H+fGXBvaNuXRzauHcCGWtwct/+R/NoSIz16HYm7IhGFO6IZEuuU6PcnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG/8GwAA//9KduhB")
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r5)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="3000000035000100d1d0718a41469b09040000000400000018000180140010000c"], 0x30}}, 0x0)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r12, 0x8933, 0x0)
bind$netlink(r10, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r10, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}, @IFLA_IPTUN_PROTO={0x5}]}}}]}, 0x40}}, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x18, 0x4000040)

29.751597ms ago: executing program 0 (id=1763):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002304e800000000000000ea850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000005f00250e00000000d94aa19a000000000c"], 0x1c}], 0x1}, 0x200000000000000)

20.239378ms ago: executing program 0 (id=1764):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0xfff, 0x9}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

0s ago: executing program 0 (id=1765):
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed}, 0xe)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @none}, 0xe)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x0)
r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r3, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00')
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020800000100000000000001000000000100140003"], 0x18}}, 0x0)
io_setup(0x8, &(0x7f0000000600)=<r4=>0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
io_submit(r4, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x4, 0x0, 0x1, 0x0, r5, &(0x7f00000000c0)="01", 0x24}])
r6 = open(&(0x7f0000000300)='.\x00', 0x8c000, 0x48)
flock(r6, 0x2)
flock(0xffffffffffffffff, 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = syz_open_dev$loop(&(0x7f00000000c0), 0x4, 0x0)
pread64(r7, &(0x7f00000019c0)=""/4090, 0xffffffffffffff72, 0x1fe000000010000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3000000035000100000000000000000004000000040008001800018014001a"], 0x30}}, 0x0)
ioctl$int_out(r8, 0x5460, &(0x7f0000000340))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="854000000000000051f80d00000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x8000000, 0x10, 0x0, 0xfffffffffffffed8}, 0x3f)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):


[  119.879079][   T28] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.927971][   T28] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.976332][ T7944] chnl_net:caif_netlink_parms(): no params data found
[  120.032096][ T7944] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.039724][ T7944] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.049428][ T7944] bridge_slave_0: entered allmulticast mode
[  120.056215][ T7944] bridge_slave_0: entered promiscuous mode
[  120.068053][ T7944] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.075151][ T7944] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.082684][ T7944] bridge_slave_1: entered allmulticast mode
[  120.089390][ T7944] bridge_slave_1: entered promiscuous mode
[  120.114790][ T7944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  120.125655][ T7944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  120.149204][   T28] bridge_slave_1: left allmulticast mode
[  120.154897][   T28] bridge_slave_1: left promiscuous mode
[  120.160506][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.169731][   T28] bridge_slave_0: left allmulticast mode
[  120.175498][   T28] bridge_slave_0: left promiscuous mode
[  120.181171][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.276154][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  120.286820][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  120.297541][   T28] bond0 (unregistering): Released all slaves
[  120.313172][ T7944] team0: Port device team_slave_0 added
[  120.320032][ T7944] team0: Port device team_slave_1 added
[  120.335631][ T7944] batman_adv: batadv0: Adding interface: batadv_slave_0
[  120.342748][ T7944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.370071][ T7944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  120.381510][ T7944] batman_adv: batadv0: Adding interface: batadv_slave_1
[  120.389151][ T7944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.415276][ T7944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  120.439400][ T7944] hsr_slave_0: entered promiscuous mode
[  120.446742][ T7944] hsr_slave_1: entered promiscuous mode
[  120.452983][ T7944] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  120.459772][ T7960] loop1: detected capacity change from 0 to 1024
[  120.460592][ T7944] Cannot create hsr debugfs directory
[  120.477553][   T28] hsr_slave_0: left promiscuous mode
[  120.485312][   T28] hsr_slave_1: left promiscuous mode
[  120.492879][ T7960] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  120.501788][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  120.509130][ T7963] loop4: detected capacity change from 0 to 512
[  120.509412][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.520158][ T7963] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1362: corrupted in-inode xattr: e_name out of bounds
[  120.537625][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  120.538137][ T7963] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1362: couldn't read orphan inode 15 (err -117)
[  120.545226][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.566719][   T28] veth1_macvtap: left promiscuous mode
[  120.567371][ T7963] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.1362: Directory hole found for htree leaf block 0
[  120.572551][   T28] veth0_macvtap: left promiscuous mode
[  120.591314][   T28] veth1_vlan: left promiscuous mode
[  120.596758][   T28] veth0_vlan: left promiscuous mode
[  120.642936][ T7965] EXT4-fs error (device loop4): ext4_add_entry:2435: inode #2: comm syz.4.1362: Directory hole found for htree leaf block 0
[  120.684978][   T28] team0 (unregistering): Port device team_slave_1 removed
[  120.694905][   T28] team0 (unregistering): Port device team_slave_0 removed
[  120.733205][ T7963] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1362'.
[  120.772518][ T7968] loop4: detected capacity change from 0 to 2048
[  120.800653][ T7970] 9pnet_fd: Insufficient options for proto=fd
[  121.026691][   T28] IPVS: stop unused estimator thread 0...
[  121.059931][ T7944] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  121.070191][ T7944] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  121.079871][ T7944] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  121.090518][ T7944] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  121.131576][ T7944] 8021q: adding VLAN 0 to HW filter on device bond0
[  121.146527][ T7944] 8021q: adding VLAN 0 to HW filter on device team0
[  121.156153][ T3340] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.163223][ T3340] bridge0: port 1(bridge_slave_0) entered forwarding state
[  121.184445][ T7944] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  121.194911][ T7944] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  121.208767][ T3340] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.216187][ T3340] bridge0: port 2(bridge_slave_1) entered forwarding state
[  121.266018][ T7944] 8021q: adding VLAN 0 to HW filter on device batadv0
[  121.327130][ T7944] veth0_vlan: entered promiscuous mode
[  121.337284][ T7944] veth1_vlan: entered promiscuous mode
[  121.354698][ T7944] veth0_macvtap: entered promiscuous mode
[  121.362411][ T7944] veth1_macvtap: entered promiscuous mode
[  121.374171][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.376241][ T7991] loop1: detected capacity change from 0 to 256
[  121.384874][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.384888][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.384912][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.384927][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.394935][ T7991] msdos: Unknown parameter '0xffffffffffffffff'
[  121.401446][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.448598][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.459246][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.469118][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.479655][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.489509][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.500043][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.511169][ T7944] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.522505][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.533073][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.543104][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.553626][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.563456][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.573973][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.583796][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.594217][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.604068][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.614660][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.624599][ T7944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.635149][ T7944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.646630][ T7944] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.659118][ T7944] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.667984][ T7944] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.677080][ T7944] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.685871][ T7944] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.750651][ T7998] loop1: detected capacity change from 0 to 2048
[  121.763442][ T8000] loop4: detected capacity change from 0 to 4096
[  121.781803][ T8005] loop3: detected capacity change from 0 to 256
[  121.795701][ T8005] FAT-fs (loop3): Directory bread(block 64) failed
[  121.802474][ T8005] FAT-fs (loop3): Directory bread(block 65) failed
[  121.814144][ T8005] FAT-fs (loop3): Directory bread(block 66) failed
[  121.834344][ T8005] FAT-fs (loop3): Directory bread(block 67) failed
[  121.835176][ T3363] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.841368][ T8005] FAT-fs (loop3): Directory bread(block 68) failed
[  121.859580][ T8005] FAT-fs (loop3): Directory bread(block 69) failed
[  121.864565][ T8007] loop4: detected capacity change from 0 to 2048
[  121.883039][ T8005] FAT-fs (loop3): Directory bread(block 70) failed
[  121.889840][ T8005] FAT-fs (loop3): Directory bread(block 71) failed
[  121.899841][ T8005] FAT-fs (loop3): Directory bread(block 72) failed
[  121.900244][ T3363] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.906699][ T8005] FAT-fs (loop3): Directory bread(block 73) failed
[  121.936069][ T8011] FAULT_INJECTION: forcing a failure.
[  121.936069][ T8011] name failslab, interval 1, probability 0, space 0, times 0
[  121.948861][ T8011] CPU: 1 UID: 0 PID: 8011 Comm: syz.4.1376 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  121.959719][ T8011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  121.963526][ T8005] FAULT_INJECTION: forcing a failure.
[  121.963526][ T8005] name failslab, interval 1, probability 0, space 0, times 0
[  121.969796][ T8011] Call Trace:
[  121.969806][ T8011]  <TASK>
[  121.988756][ T8011]  dump_stack_lvl+0xf2/0x150
[  121.993504][ T8011]  dump_stack+0x15/0x20
[  121.997688][ T8011]  should_fail_ex+0x229/0x230
[  122.002362][ T8011]  ? posix_lock_inode+0x156/0x2470
[  122.007474][ T8011]  should_failslab+0x8f/0xb0
[  122.012170][ T8011]  kmem_cache_alloc_noprof+0x4c/0x290
[  122.017660][ T8011]  posix_lock_inode+0x156/0x2470
[  122.022592][ T8011]  ? file_has_perm+0x347/0x390
[  122.027355][ T8011]  fcntl_setlk+0x68f/0x990
[  122.031809][ T8011]  do_fcntl+0x630/0xe20
[  122.036018][ T8011]  ? selinux_file_fcntl+0x1ca/0x1e0
[  122.041425][ T8011]  __se_sys_fcntl+0xc4/0x190
[  122.046130][ T8011]  __x64_sys_fcntl+0x43/0x50
[  122.050829][ T8011]  x64_sys_call+0x1ec7/0x2e00
[  122.055602][ T8011]  do_syscall_64+0xc9/0x1c0
[  122.060112][ T8011]  ? clear_bhb_loop+0x55/0xb0
[  122.065063][ T8011]  ? clear_bhb_loop+0x55/0xb0
[  122.069732][ T8011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.075664][ T8011] RIP: 0033:0x7efe7eb573b9
[  122.080786][ T8011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.100595][ T8011] RSP: 002b:00007efe7d7d7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  122.109072][ T8011] RAX: ffffffffffffffda RBX: 00007efe7ece5f80 RCX: 00007efe7eb573b9
[  122.117041][ T8011] RDX: 0000000020000380 RSI: 0000000000000026 RDI: 0000000000000006
[  122.125186][ T8011] RBP: 00007efe7d7d70a0 R08: 0000000000000000 R09: 0000000000000000
[  122.133357][ T8011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  122.141407][ T8011] R13: 000000000000000b R14: 00007efe7ece5f80 R15: 00007ffc2e7265d8
[  122.149450][ T8011]  </TASK>
[  122.152468][ T8005] CPU: 0 UID: 0 PID: 8005 Comm: syz.3.1360 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  122.163184][ T8005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  122.173419][ T8005] Call Trace:
[  122.176702][ T8005]  <TASK>
[  122.179635][ T8005]  dump_stack_lvl+0xf2/0x150
[  122.184547][ T8005]  dump_stack+0x15/0x20
[  122.184849][ T8020] 9pnet_fd: Insufficient options for proto=fd
[  122.188783][ T8005]  should_fail_ex+0x229/0x230
[  122.188813][ T8005]  ? mas_alloc_nodes+0x1d3/0x4a0
[  122.188831][ T8005]  should_failslab+0x8f/0xb0
[  122.188869][ T8005]  kmem_cache_alloc_noprof+0x4c/0x290
[  122.188894][ T8005]  mas_alloc_nodes+0x1d3/0x4a0
[  122.188915][ T8005]  mas_preallocate+0x773/0xc30
[  122.188944][ T8005]  __split_vma+0x244/0x690
[  122.206021][    C1] eth0: bad gso: type: 1, size: 1408
[  122.209328][ T8005]  vma_modify+0x108/0x1f0
[  122.238870][ T8005]  mbind_range+0x2ab/0x460
[  122.243369][ T8005]  __se_sys_set_mempolicy_home_node+0x351/0x530
[  122.249760][ T8005]  __x64_sys_set_mempolicy_home_node+0x55/0x70
[  122.256138][ T8005]  x64_sys_call+0x108f/0x2e00
[  122.260923][ T8005]  do_syscall_64+0xc9/0x1c0
[  122.265453][ T8005]  ? clear_bhb_loop+0x55/0xb0
[  122.270324][ T8005]  ? clear_bhb_loop+0x55/0xb0
[  122.275008][ T8005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.281042][ T8005] RIP: 0033:0x7f03563e73b9
[  122.285708][ T8005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.304056][ T8012] chnl_net:caif_netlink_parms(): no params data found
[  122.305313][ T8005] RSP: 002b:00007f0355067048 EFLAGS: 00000246 ORIG_RAX: 00000000000001c2
[  122.320520][ T8005] RAX: ffffffffffffffda RBX: 00007f0356575f80 RCX: 00007f03563e73b9
[  122.328536][ T8005] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000020ff8000
[  122.336516][ T8005] RBP: 00007f03550670a0 R08: 0000000000000000 R09: 0000000000000000
[  122.344471][ T8005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.352462][ T8005] R13: 000000000000000b R14: 00007f0356575f80 R15: 00007fff3f248b58
[  122.360420][ T8005]  </TASK>
[  122.370968][ T3363] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.421352][ T3363] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.441744][ T8012] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.448975][ T8012] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.456288][ T8012] bridge_slave_0: entered allmulticast mode
[  122.463455][ T8012] bridge_slave_0: entered promiscuous mode
[  122.470656][ T8012] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.477753][ T8012] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.485487][ T8012] bridge_slave_1: entered allmulticast mode
[  122.491989][ T8012] bridge_slave_1: entered promiscuous mode
[  122.510395][ T8012] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  122.524188][ T8012] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  122.550546][ T8012] team0: Port device team_slave_0 added
[  122.556680][ T3363] bridge_slave_1: left allmulticast mode
[  122.562423][ T3363] bridge_slave_1: left promiscuous mode
[  122.568211][ T3363] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.576038][ T3363] bridge_slave_0: left allmulticast mode
[  122.581870][ T3363] bridge_slave_0: left promiscuous mode
[  122.587742][ T3363] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.711229][ T3363] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  122.722387][ T3363] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  122.733124][ T3363] bond0 (unregistering): Released all slaves
[  122.739938][ T8012] team0: Port device team_slave_1 added
[  122.786594][ T8042] loop3: detected capacity change from 0 to 1024
[  122.789089][ T8039] loop1: detected capacity change from 0 to 1024
[  122.801985][ T8042] EXT4-fs: Ignoring removed mblk_io_submit option
[  122.804973][ T8039] EXT4-fs: Ignoring removed mblk_io_submit option
[  122.808671][ T8042] journal_path: Lookup failure for './file0/../file0'
[  122.815736][ T8039] journal_path: Lookup failure for './file0/../file0'
[  122.821714][ T8042] EXT4-fs: error: could not find journal device path
[  122.828568][ T8039] EXT4-fs: error: could not find journal device path
[  122.843331][ T8012] batman_adv: batadv0: Adding interface: batadv_slave_0
[  122.850352][ T8012] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  122.876554][ T8012] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  122.891630][ T8012] batman_adv: batadv0: Adding interface: batadv_slave_1
[  122.898712][ T8012] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  122.924869][ T8012] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  122.971041][ T8012] hsr_slave_0: entered promiscuous mode
[  122.981981][ T8054] 9pnet_fd: Insufficient options for proto=fd
[  122.982841][ T8012] hsr_slave_1: entered promiscuous mode
[  122.994587][ T8052] loop3: detected capacity change from 0 to 4096
[  123.003786][ T8012] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  123.011392][ T8012] Cannot create hsr debugfs directory
[  123.024588][ T3363] hsr_slave_0: left promiscuous mode
[  123.030887][ T3363] hsr_slave_1: left promiscuous mode
[  123.037324][ T3363] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  123.044990][ T3363] batman_adv: batadv0: Removing interface: batadv_slave_0
[  123.054996][ T3363] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  123.062461][ T3363] batman_adv: batadv0: Removing interface: batadv_slave_1
[  123.073707][ T3363] veth1_macvtap: left promiscuous mode
[  123.079442][ T3363] veth0_macvtap: left promiscuous mode
[  123.085087][ T3363] veth1_vlan: left promiscuous mode
[  123.090396][ T3363] veth0_vlan: left promiscuous mode
[  123.165428][ T3363] team0 (unregistering): Port device team_slave_1 removed
[  123.175819][ T3363] team0 (unregistering): Port device team_slave_0 removed
[  123.335325][ T8036] chnl_net:caif_netlink_parms(): no params data found
[  123.375700][ T8036] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.382836][ T8036] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.390612][ T8036] bridge_slave_0: entered allmulticast mode
[  123.397567][ T8036] bridge_slave_0: entered promiscuous mode
[  123.405145][ T8036] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.406511][ T8069] loop1: detected capacity change from 0 to 256
[  123.412278][ T8036] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.425718][ T8036] bridge_slave_1: entered allmulticast mode
[  123.432194][ T8036] bridge_slave_1: entered promiscuous mode
[  123.561490][ T8036] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  123.573308][ T8036] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  123.606667][ T3363] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.671691][ T8091] kernel profiling enabled (shift: 9)
[  123.686563][ T8036] team0: Port device team_slave_0 added
[  123.706839][ T3363] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.725255][ T8036] team0: Port device team_slave_1 added
[  123.770575][ T8036] batman_adv: batadv0: Adding interface: batadv_slave_0
[  123.777675][ T8036] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  123.804036][ T8036] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  123.825228][ T8012] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  123.838957][ T3363] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.860818][ T8012] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  123.870427][ T8012] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  123.880729][ T8036] batman_adv: batadv0: Adding interface: batadv_slave_1
[  123.887793][ T8036] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  123.887862][ T8036] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  123.916617][ T8012] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  123.936544][ T8036] hsr_slave_0: entered promiscuous mode
[  123.942761][ T8036] hsr_slave_1: entered promiscuous mode
[  123.948358][ T8036] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  123.948371][ T8036] Cannot create hsr debugfs directory
[  123.965658][ T3363] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.997928][ T8096] loop3: detected capacity change from 0 to 1024
[  124.004643][ T8096] EXT4-fs: Ignoring removed mblk_io_submit option
[  124.011115][ T8096] journal_path: Lookup failure for './file0/../file0'
[  124.018198][ T8096] EXT4-fs: error: could not find journal device path
[  124.053771][ T8012] 8021q: adding VLAN 0 to HW filter on device bond0
[  124.070778][ T3363] bridge_slave_1: left allmulticast mode
[  124.076580][ T3363] bridge_slave_1: left promiscuous mode
[  124.082774][ T3363] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.099139][ T3363] bridge_slave_0: left allmulticast mode
[  124.104961][ T3363] bridge_slave_0: left promiscuous mode
[  124.110915][ T3363] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.143504][ T8100] 9pnet_fd: Insufficient options for proto=fd
[  124.180241][ T8103] loop3: detected capacity change from 0 to 2048
[  124.244733][ T3363] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  124.255040][ T3363] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  124.266324][ T3363] bond0 (unregistering): Released all slaves
[  124.278358][ T8103] rtc_cmos 00:00: Alarms can be up to one day in the future
[  124.286214][ T3335] rtc_cmos 00:00: Alarms can be up to one day in the future
[  124.293720][ T3335] rtc_cmos 00:00: Alarms can be up to one day in the future
[  124.301153][ T3335] rtc_cmos 00:00: Alarms can be up to one day in the future
[  124.308656][ T3335] rtc_cmos 00:00: Alarms can be up to one day in the future
[  124.315973][ T3335] rtc rtc0: __rtc_set_alarm: err=-22
[  124.332996][ T8012] 8021q: adding VLAN 0 to HW filter on device team0
[  124.344142][ T3335] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.351301][ T3335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  124.362784][  T984] bridge0: port 2(bridge_slave_1) entered blocking state
[  124.369880][  T984] bridge0: port 2(bridge_slave_1) entered forwarding state
[  124.378535][   T29] audit: type=1400 audit(1722481825.162:1077): avc:  denied  { write } for  pid=8107 comm="syz.3.1398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  124.409914][ T8112] loop1: detected capacity change from 0 to 2048
[  124.419677][   T29] audit: type=1400 audit(1722481825.162:1078): avc:  denied  { ioctl } for  pid=8107 comm="syz.3.1398" path="socket:[26122]" dev="sockfs" ino=26122 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  124.428043][ T8012] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  124.454748][ T8012] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  124.484550][ T8115] loop1: detected capacity change from 0 to 256
[  124.492817][ T3363] hsr_slave_0: left promiscuous mode
[  124.497863][ T8115] FAT-fs (loop1): Directory bread(block 64) failed
[  124.506368][ T3363] hsr_slave_1: left promiscuous mode
[  124.506370][ T8115] FAT-fs (loop1): Directory bread(block 65) failed
[  124.506400][ T8115] FAT-fs (loop1): Directory bread(block 66) failed
[  124.528069][ T8115] FAT-fs (loop1): Directory bread(block 67) failed
[  124.528100][ T3363] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.534625][ T8115] FAT-fs (loop1): Directory bread(block 68) failed
[  124.542054][ T3363] batman_adv: batadv0: Removing interface: batadv_slave_0
[  124.548463][ T8115] FAT-fs (loop1): Directory bread(block 69) failed
[  124.564082][ T8115] FAT-fs (loop1): Directory bread(block 70) failed
[  124.570661][ T8115] FAT-fs (loop1): Directory bread(block 71) failed
[  124.577424][ T8115] FAT-fs (loop1): Directory bread(block 72) failed
[  124.585629][ T8115] FAT-fs (loop1): Directory bread(block 73) failed
[  124.593182][ T3363] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.600651][ T3363] batman_adv: batadv0: Removing interface: batadv_slave_1
[  124.607353][ T8115] syz.1.1400: attempt to access beyond end of device
[  124.607353][ T8115] loop1: rw=2049, sector=1224, nr_sectors = 32 limit=256
[  124.623201][ T8115] syz.1.1400: attempt to access beyond end of device
[  124.623201][ T8115] loop1: rw=2049, sector=1288, nr_sectors = 32 limit=256
[  124.638055][ T3363] veth1_macvtap: left promiscuous mode
[  124.643601][ T3363] veth0_macvtap: left promiscuous mode
[  124.649771][ T3363] veth1_vlan: left allmulticast mode
[  124.655163][ T3363] veth1_vlan: left promiscuous mode
[  124.660483][ T3363] veth0_vlan: left promiscuous mode
[  124.717592][ T3363] pim6reg (unregistering): left allmulticast mode
[  124.745383][ T3363] macvlan0 (unregistering): left allmulticast mode
[  124.777090][ T3363] team0 (unregistering): Port device team_slave_1 removed
[  124.788461][ T3363] team0 (unregistering): Port device team_slave_0 removed
[  124.882621][ T8012] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.936614][ T8036] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  124.964969][ T8036] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  124.983469][ T8036] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  125.001861][ T8036] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  125.019913][ T8012] veth0_vlan: entered promiscuous mode
[  125.035400][ T8127] loop1: detected capacity change from 0 to 1024
[  125.036267][ T8129] loop3: detected capacity change from 0 to 512
[  125.042179][ T8127] EXT4-fs: Ignoring removed mblk_io_submit option
[  125.054037][ T8012] veth1_vlan: entered promiscuous mode
[  125.067314][ T8127] journal_path: Lookup failure for './file0/../file0'
[  125.068580][ T8129] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  125.074244][ T8127] EXT4-fs: error: could not find journal device path
[  125.080650][ T8012] veth0_macvtap: entered promiscuous mode
[  125.093318][ T8129] EXT4-fs (loop3): orphan cleanup on readonly fs
[  125.101617][ T8129] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  125.112496][ T8036] 8021q: adding VLAN 0 to HW filter on device bond0
[  125.124142][ T8129] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  125.126983][ T8012] veth1_macvtap: entered promiscuous mode
[  125.137565][ T8129] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz.3.1401: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  125.156437][ T8129] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1401: couldn't read orphan inode 13 (err -117)
[  125.180796][ T8036] 8021q: adding VLAN 0 to HW filter on device team0
[  125.188698][ T8129] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  125.195162][ T8012] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.202591][ T8129] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  125.208824][ T8012] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.226768][ T8012] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.226782][ T8012] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.226797][ T8012] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.226809][ T8012] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.226824][ T8012] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.267842][ T8133] loop1: detected capacity change from 0 to 1024
[  125.277862][ T8012] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.277884][ T8012] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  125.277899][ T8012] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.286192][ T8129] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  125.295817][ T8012] batman_adv: batadv0: Interface activated: batadv_slave_0
[  125.322492][ T8133] EXT4-fs: Ignoring removed mblk_io_submit option
[  125.347706][ T8136] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  125.352283][ T8133] journal_path: Lookup failure for './file0/../file0'
[  125.361415][ T8136] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  125.363782][ T8133] EXT4-fs: error: could not find journal device path
[  125.380136][ T3335] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.387267][ T3335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.396175][ T3335] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.401788][ T8136] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  125.403301][ T3335] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.433254][ T8012] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.443871][ T8012] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.453707][ T8012] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.464493][ T8012] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.474314][ T8012] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.484848][ T8012] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.494691][ T8012] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.505135][ T8012] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.515002][ T8012] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  125.525535][ T8012] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  125.537395][ T8012] batman_adv: batadv0: Interface activated: batadv_slave_1
[  125.552159][ T8036] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  125.562993][ T8036] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  125.587862][ T8012] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.596722][ T8012] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.605556][ T8012] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.606471][ T8144] loop1: detected capacity change from 0 to 2048
[  125.614326][ T8012] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.643600][   T56] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.667717][ T8144] rtc_cmos 00:00: Alarms can be up to one day in the future
[  125.676119][  T984] rtc_cmos 00:00: Alarms can be up to one day in the future
[  125.683641][  T984] rtc_cmos 00:00: Alarms can be up to one day in the future
[  125.691259][  T984] rtc_cmos 00:00: Alarms can be up to one day in the future
[  125.698691][  T984] rtc_cmos 00:00: Alarms can be up to one day in the future
[  125.706108][  T984] rtc rtc0: __rtc_set_alarm: err=-22
[  125.746218][   T56] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.787573][   T56] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.796843][ T8164] loop0: detected capacity change from 0 to 2048
[  125.798656][ T8162] loop1: detected capacity change from 0 to 2048
[  125.819917][ T8036] 8021q: adding VLAN 0 to HW filter on device batadv0
[  125.844057][   T56] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.886024][    C1] eth0: bad gso: type: 1, size: 1408
[  125.893859][  T749] kernel read not supported for file /vcs (pid: 749 comm: kworker/1:2)
[  125.934428][ T8177] loop0: detected capacity change from 0 to 1024
[  125.941715][ T8177] EXT4-fs: Ignoring removed mblk_io_submit option
[  125.948536][ T8177] journal_path: Lookup failure for './file0/../file0'
[  125.955730][ T8177] EXT4-fs: error: could not find journal device path
[  125.973648][   T56] bridge_slave_1: left allmulticast mode
[  125.979325][   T56] bridge_slave_1: left promiscuous mode
[  125.985132][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.001158][   T56] bridge_slave_0: left allmulticast mode
[  126.006960][   T56] bridge_slave_0: left promiscuous mode
[  126.012811][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.031310][ T8187] loop1: detected capacity change from 0 to 512
[  126.052848][ T8187] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  126.060468][ T8192] loop0: detected capacity change from 0 to 2048
[  126.061567][ T8187] EXT4-fs (loop1): orphan cleanup on readonly fs
[  126.080551][ T8187] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  126.096883][ T8187] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  126.104153][ T8187] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #13: comm syz.1.1415: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  126.122637][ T8187] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1415: couldn't read orphan inode 13 (err -117)
[  126.132233][ T8193] rtc_cmos 00:00: Alarms can be up to one day in the future
[  126.144156][  T749] rtc_cmos 00:00: Alarms can be up to one day in the future
[  126.151779][  T749] rtc_cmos 00:00: Alarms can be up to one day in the future
[  126.159206][  T749] rtc_cmos 00:00: Alarms can be up to one day in the future
[  126.166696][  T749] rtc_cmos 00:00: Alarms can be up to one day in the future
[  126.173980][  T749] rtc rtc0: __rtc_set_alarm: err=-22
[  126.181133][ T8187] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  126.190688][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  126.191723][ T8187] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  126.211601][ T8187] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  126.212768][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  126.236584][ T8194] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  126.237803][   T56] bond0 (unregistering): Released all slaves
[  126.246724][ T8194] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  126.269832][ T8036] veth0_vlan: entered promiscuous mode
[  126.278047][ T8194] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  126.306684][ T8138] chnl_net:caif_netlink_parms(): no params data found
[  126.319981][ T8200] loop0: detected capacity change from 0 to 2048
[  126.338897][ T8036] veth1_vlan: entered promiscuous mode
[  126.366263][   T56] hsr_slave_0: left promiscuous mode
[  126.372502][ T8205] loop1: detected capacity change from 0 to 2048
[  126.379060][   T56] hsr_slave_1: left promiscuous mode
[  126.389544][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  126.397480][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[  126.407398][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.414904][   T56] batman_adv: batadv0: Removing interface: batadv_slave_1
[  126.428285][   T56] veth1_macvtap: left promiscuous mode
[  126.434029][   T56] veth0_macvtap: left promiscuous mode
[  126.439562][   T56] veth1_vlan: left promiscuous mode
[  126.444860][   T56] veth0_vlan: left promiscuous mode
[  126.528593][   T56] team0 (unregistering): Port device team_slave_1 removed
[  126.539066][   T56] team0 (unregistering): Port device team_slave_0 removed
[  126.587020][ T8209] netlink: 'syz.1.1421': attribute type 10 has an invalid length.
[  126.602376][ T8209] netdevsim netdevsim1 netdevsim1: entered promiscuous mode
[  126.618699][ T8209] team0: Port device netdevsim1 added
[  126.626918][ T8215] FAULT_INJECTION: forcing a failure.
[  126.626918][ T8215] name failslab, interval 1, probability 0, space 0, times 0
[  126.639800][ T8215] CPU: 0 UID: 0 PID: 8215 Comm: syz.0.1424 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  126.650559][ T8215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  126.660887][ T8215] Call Trace:
[  126.664161][ T8215]  <TASK>
[  126.667080][ T8215]  dump_stack_lvl+0xf2/0x150
[  126.671727][ T8215]  dump_stack+0x15/0x20
[  126.675886][ T8215]  should_fail_ex+0x229/0x230
[  126.680717][ T8215]  ? __kvmalloc_node_noprof+0x72/0x170
[  126.686234][ T8215]  should_failslab+0x8f/0xb0
[  126.690818][ T8215]  __kmalloc_node_noprof+0xa8/0x380
[  126.696026][ T8215]  __kvmalloc_node_noprof+0x72/0x170
[  126.701331][ T8215]  alloc_netdev_mqs+0x6b6/0x8d0
[  126.706260][ T8215]  rtnl_create_link+0x233/0x680
[  126.711133][ T8215]  rtnl_newlink+0xe12/0x1690
[  126.715829][ T8215]  ? __list_del_entry_valid_or_report+0x5f/0xf0
[  126.722171][ T8215]  ? _raw_spin_unlock+0x26/0x50
[  126.727032][ T8215]  ? __mutex_lock+0x221/0x8e0
[  126.731716][ T8215]  ? __pfx_rtnl_newlink+0x10/0x10
[  126.736742][ T8215]  rtnetlink_rcv_msg+0x6aa/0x710
[  126.741740][ T8215]  ? ref_tracker_free+0x3a5/0x410
[  126.746776][ T8215]  ? __dev_queue_xmit+0x161/0x1fe0
[  126.751894][ T8215]  netlink_rcv_skb+0x12c/0x230
[  126.756794][ T8215]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  126.762239][ T8215]  rtnetlink_rcv+0x1c/0x30
[  126.766720][ T8215]  netlink_unicast+0x593/0x670
[  126.771472][ T8215]  netlink_sendmsg+0x5cc/0x6e0
[  126.776243][ T8215]  ? __pfx_netlink_sendmsg+0x10/0x10
[  126.782610][ T8215]  __sock_sendmsg+0x140/0x180
[  126.787280][ T8215]  ____sys_sendmsg+0x312/0x410
[  126.792175][ T8215]  __sys_sendmsg+0x1e9/0x280
[  126.796816][ T8215]  __x64_sys_sendmsg+0x46/0x50
[  126.801767][ T8215]  x64_sys_call+0x26f8/0x2e00
[  126.806426][ T8215]  do_syscall_64+0xc9/0x1c0
[  126.811082][ T8215]  ? clear_bhb_loop+0x55/0xb0
[  126.815825][ T8215]  ? clear_bhb_loop+0x55/0xb0
[  126.820514][ T8215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.826389][ T8215] RIP: 0033:0x7fa721f073b9
[  126.830782][ T8215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.850433][ T8215] RSP: 002b:00007fa720b87048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  126.858859][ T8215] RAX: ffffffffffffffda RBX: 00007fa722095f80 RCX: 00007fa721f073b9
[  126.866898][ T8215] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000009
[  126.874856][ T8215] RBP: 00007fa720b870a0 R08: 0000000000000000 R09: 0000000000000000
[  126.883060][ T8215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  126.891032][ T8215] R13: 000000000000000b R14: 00007fa722095f80 R15: 00007ffd5a25ad98
[  126.899049][ T8215]  </TASK>
[  126.902685][ T8216] netlink: 'syz.1.1421': attribute type 10 has an invalid length.
[  126.918482][ T8216] netdevsim netdevsim1 netdevsim1: left promiscuous mode
[  126.926918][ T8216] team0: Port device netdevsim1 removed
[  126.934166][ T8216] netdevsim netdevsim1 netdevsim1: entered promiscuous mode
[  126.943323][ T8216] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  126.950816][ T8221] loop0: detected capacity change from 0 to 2048
[  126.960983][ T8138] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.968048][ T8138] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.975407][ T8138] bridge_slave_0: entered allmulticast mode
[  126.982813][ T8138] bridge_slave_0: entered promiscuous mode
[  126.989721][ T8138] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.997179][ T8138] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.005715][ T8138] bridge_slave_1: entered allmulticast mode
[  127.012445][ T8138] bridge_slave_1: entered promiscuous mode
[  127.016960][ T8225] loop1: detected capacity change from 0 to 2048
[  127.027438][ T8226] rtc_cmos 00:00: Alarms can be up to one day in the future
[  127.043076][ T3340] rtc_cmos 00:00: Alarms can be up to one day in the future
[  127.050591][ T3340] rtc_cmos 00:00: Alarms can be up to one day in the future
[  127.058055][ T3340] rtc_cmos 00:00: Alarms can be up to one day in the future
[  127.065546][ T3340] rtc_cmos 00:00: Alarms can be up to one day in the future
[  127.073144][ T3340] rtc rtc0: __rtc_set_alarm: err=-22
[  127.096570][ T8138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  127.106865][ T8036] veth0_macvtap: entered promiscuous mode
[  127.109665][ T8230] loop1: detected capacity change from 0 to 512
[  127.118946][ T8036] veth1_macvtap: entered promiscuous mode
[  127.132612][ T8138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.148358][ T8036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.155203][ T8234] loop0: detected capacity change from 0 to 2048
[  127.158999][ T8036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.175247][ T8036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.185920][ T8036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.195583][ T8236] loop0: detected capacity change from 0 to 128
[  127.195900][ T8036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.212672][ T8036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.222755][ T8036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.233332][ T8036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.243243][ T8036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.253720][ T8036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.265478][ T8036] batman_adv: batadv0: Interface activated: batadv_slave_0
[  127.277488][ T8238] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  127.286025][   T29] audit: type=1400 audit(1722481828.053:1079): avc:  denied  { ioctl } for  pid=8237 comm="syz.0.1432" path="/dev/raw-gadget" dev="devtmpfs" ino=118 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  127.314171][ T8238] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  127.333562][ T8138] team0: Port device team_slave_0 added
[  127.340183][ T8138] team0: Port device team_slave_1 added
[  127.346618][ T8036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.357182][ T8036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.367128][ T8036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.377628][ T8036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.387558][ T8036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.398054][ T8036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.407969][ T8036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.418371][ T8036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.428280][ T8036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.438880][ T8036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.449561][ T8036] batman_adv: batadv0: Interface activated: batadv_slave_1
[  127.458795][ T8036] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.467701][ T8036] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.476501][ T8036] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.485433][ T8036] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.508889][ T8138] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.515899][ T8138] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.542004][ T8138] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  127.554762][ T8138] batman_adv: batadv0: Adding interface: batadv_slave_1
[  127.561788][ T8138] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.587980][ T8138] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  127.637678][ T8138] hsr_slave_0: entered promiscuous mode
[  127.646218][ T8138] hsr_slave_1: entered promiscuous mode
[  127.654248][ T8138] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  127.662629][ T8138] Cannot create hsr debugfs directory
[  127.684097][ T8253] loop3: detected capacity change from 0 to 512
[  127.690733][ T8255] loop2: detected capacity change from 0 to 512
[  127.691059][ T8253] EXT4-fs: Ignoring removed oldalloc option
[  127.697407][ T8255] ext4: Unknown parameter 'subj_type'
[  127.732603][ T8255] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  127.734771][ T8253] EXT4-fs mount: 30 callbacks suppressed
[  127.734793][ T8253] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.770971][ T8253] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  128.009521][ T8138] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  128.019662][ T8138] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  128.036715][ T8138] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  128.047003][ T8138] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  128.097549][ T8138] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.113834][ T8138] 8021q: adding VLAN 0 to HW filter on device team0
[  128.124940][ T3335] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.128138][ T8277] loop0: detected capacity change from 0 to 2048
[  128.132717][ T3335] bridge0: port 1(bridge_slave_0) entered forwarding state
[  128.165518][ T8138] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  128.176646][ T8138] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  128.194811][  T984] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.195884][ T8279] loop0: detected capacity change from 0 to 512
[  128.202054][  T984] bridge0: port 2(bridge_slave_1) entered forwarding state
[  128.227709][ T8279] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.250592][ T8279] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.279256][ T8138] 8021q: adding VLAN 0 to HW filter on device batadv0
[  128.289257][ T8012] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.320229][ T8296] loop1: detected capacity change from 0 to 512
[  128.330584][ T8296] EXT4-fs: Ignoring removed nomblk_io_submit option
[  128.345435][ T8300] loop0: detected capacity change from 0 to 256
[  128.352790][ T8300] msdos: Unknown parameter '0xffffffffffffffff'
[  128.355752][ T8296] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  128.367417][ T8296] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  128.377503][ T8296] EXT4-fs (loop1): 1 truncate cleaned up
[  128.384230][ T8296] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.399438][ T8296] EXT4-fs error (device loop1): ext4_map_blocks:609: inode #2: block 4: comm syz.1.1448: lblock 0 mapped to illegal pblock 4 (length 1)
[  128.415940][ T8296] EXT4-fs (loop1): Remounting filesystem read-only
[  128.434118][   T29] audit: type=1400 audit(1722481829.214:1080): avc:  denied  { listen } for  pid=8280 comm="syz.1.1448" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  128.446206][ T8138] veth0_vlan: entered promiscuous mode
[  128.464440][ T8138] veth1_vlan: entered promiscuous mode
[  128.482261][ T8138] veth0_macvtap: entered promiscuous mode
[  128.490136][ T8138] veth1_macvtap: entered promiscuous mode
[  128.501739][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.502549][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.512365][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.512377][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.541926][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.552577][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.563408][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.573456][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.584197][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.594164][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.604704][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.614939][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.626658][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.639472][ T8138] batman_adv: batadv0: Interface activated: batadv_slave_0
[  128.649237][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.661425][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.673206][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.683967][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.694100][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.694823][    C1] eth0: bad gso: type: 1, size: 1408
[  128.705326][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.720574][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.731213][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.741046][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.751701][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.761622][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.772273][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.785565][ T8138] batman_adv: batadv0: Interface activated: batadv_slave_1
[  128.799896][ T8138] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.808623][ T8138] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.817341][ T8138] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.826076][ T8138] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.863620][ T8310] loop0: detected capacity change from 0 to 512
[  128.892327][ T8310] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  128.905181][ T8310] EXT4-fs (loop0): orphan cleanup on readonly fs
[  128.914152][ T8310] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  128.917956][ T8323] 9pnet_fd: Insufficient options for proto=fd
[  128.943947][ T8310] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  128.952183][ T8310] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz.0.1451: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  128.980473][ T8310] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1451: couldn't read orphan inode 13 (err -117)
[  128.995715][ T8310] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  129.013099][   T29] audit: type=1400 audit(1722481829.774:1081): avc:  denied  { read } for  pid=8312 comm="syz.2.1453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  129.058511][ T8310] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  129.091271][ T8310] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  129.131588][ T8310] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  129.271272][ T8345] loop2: detected capacity change from 0 to 256
[  129.278078][ T8345] msdos: Unknown parameter '0xffffffffffffffff'
[  129.321768][    C1] eth0: bad gso: type: 1, size: 1408
[  129.386093][ T8355] loop2: detected capacity change from 0 to 512
[  129.397757][ T8355] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  129.411023][ T8355] EXT4-fs (loop2): orphan cleanup on readonly fs
[  129.420538][ T8355] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  129.446640][ T8355] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  129.460186][ T8355] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.1465: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  129.485045][ T8355] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1465: couldn't read orphan inode 13 (err -117)
[  129.499201][ T8355] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  129.517079][ T8012] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.527670][ T8355] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  129.540129][ T8362] 9pnet_fd: Insufficient options for proto=fd
[  129.546990][ T8355] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  129.563075][ T8355] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  129.580024][ T8368] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  129.589417][ T8368] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  129.608672][   T29] audit: type=1326 audit(1722481830.384:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8364 comm="syz.4.1469" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0991c373b9 code=0x0
[  129.609394][ T8368] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  129.661997][ T8374] IPv6: Can't replace route, no match found
[  129.674456][ T8036] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.715907][ T8376] FAULT_INJECTION: forcing a failure.
[  129.715907][ T8376] name failslab, interval 1, probability 0, space 0, times 0
[  129.728918][ T8376] CPU: 0 UID: 0 PID: 8376 Comm: syz.2.1472 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  129.739685][ T8376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  129.749909][ T8376] Call Trace:
[  129.753170][ T8376]  <TASK>
[  129.756171][ T8376]  dump_stack_lvl+0xf2/0x150
[  129.760868][ T8376]  dump_stack+0x15/0x20
[  129.765006][ T8376]  should_fail_ex+0x229/0x230
[  129.769824][ T8376]  ? __se_sys_mount+0xf7/0x2d0
[  129.774643][ T8376]  should_failslab+0x8f/0xb0
[  129.779285][ T8376]  __kmalloc_cache_noprof+0x4b/0x2a0
[  129.784640][ T8376]  __se_sys_mount+0xf7/0x2d0
[  129.789313][ T8376]  ? fput+0x13b/0x180
[  129.793359][ T8376]  ? ksys_write+0x178/0x1b0
[  129.797877][ T8376]  __x64_sys_mount+0x67/0x80
[  129.802572][ T8376]  x64_sys_call+0xd11/0x2e00
[  129.807156][ T8376]  do_syscall_64+0xc9/0x1c0
[  129.811655][ T8376]  ? clear_bhb_loop+0x55/0xb0
[  129.816360][ T8376]  ? clear_bhb_loop+0x55/0xb0
[  129.821041][ T8376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.827032][ T8376] RIP: 0033:0x7fc7fdc873b9
[  129.831493][ T8376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.851367][ T8376] RSP: 002b:00007fc7fc907048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  129.859865][ T8376] RAX: ffffffffffffffda RBX: 00007fc7fde15f80 RCX: 00007fc7fdc873b9
[  129.867906][ T8376] RDX: 00000000200002c0 RSI: 0000000020000280 RDI: 0000000020000100
[  129.875890][ T8376] RBP: 00007fc7fc9070a0 R08: 0000000020000300 R09: 0000000000000000
[  129.883852][ T8376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.891981][ T8376] R13: 000000000000000b R14: 00007fc7fde15f80 R15: 00007ffff7f9cff8
[  129.899951][ T8376]  </TASK>
[  129.917875][ T8379] loop2: detected capacity change from 0 to 256
[  129.925190][ T8379] msdos: Unknown parameter '0xffffffffffffffff'
[  129.973913][ T8386] loop2: detected capacity change from 0 to 512
[  129.981933][ T8386] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  129.991948][ T8386] EXT4-fs (loop2): orphan cleanup on readonly fs
[  129.998959][ T8386] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  130.014462][ T8386] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  130.022407][ T8386] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.1476: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  130.048699][ T8386] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1476: couldn't read orphan inode 13 (err -117)
[  130.063169][ T8386] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  130.077396][ T8386] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  130.088860][ T8386] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  130.112595][ T8386] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  130.131360][ T8391] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  130.142220][ T8391] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  130.169956][ T8391] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  130.172101][ T8393] loop3: detected capacity change from 0 to 512
[  130.205473][ T8393] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.220012][ T8393] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.246995][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.287832][ T8406] 9pnet_fd: Insufficient options for proto=fd
[  130.348609][ T8410] loop3: detected capacity change from 0 to 512
[  130.442885][ T8418] loop3: detected capacity change from 0 to 512
[  130.453665][ T8418] EXT4-fs: Ignoring removed nobh option
[  130.467563][ T8036] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.480718][ T8418] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.501286][ T8418] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.502425][   T29] audit: type=1326 audit(1722481831.285:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8422 comm="syz.2.1484" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc7fdc873b9 code=0x0
[  130.538538][ T8418] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1483: bg 0: block 224: padding at end of block bitmap is not set
[  130.539823][   T29] audit: type=1400 audit(1722481831.325:1084): avc:  denied  { create } for  pid=8417 comm="syz.3.1483" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  130.558757][ T8418] EXT4-fs (loop3): Remounting filesystem read-only
[  130.634922][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  130.648805][    C1] eth0: bad gso: type: 1, size: 1408
[  130.762046][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.771632][ T3363] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  130.785717][ T3363] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  130.811810][ T8433] loop3: detected capacity change from 0 to 256
[  130.818452][ T8433] msdos: Unknown parameter '0xffffffffffffffff'
[  130.905152][ T8439] loop3: detected capacity change from 0 to 1024
[  130.913018][ T8439] EXT4-fs: Ignoring removed mblk_io_submit option
[  130.922257][ T8439] journal_path: Lookup failure for './file0/../file0'
[  130.929130][ T8439] EXT4-fs: error: could not find journal device path
[  131.009631][ T8442] loop3: detected capacity change from 0 to 512
[  131.020554][ T8442] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.034645][ T8442] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.048974][ T8446] 9pnet_fd: Insufficient options for proto=fd
[  131.069384][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.107695][ T8454] loop3: detected capacity change from 0 to 512
[  131.115966][ T8454] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  131.124052][ T8454] EXT4-fs (loop3): orphan cleanup on readonly fs
[  131.130918][ T8454] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  131.146673][ T8454] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  131.153693][   T29] audit: type=1326 audit(1722481831.935:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8451 comm="syz.4.1493" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0991c373b9 code=0x0
[  131.177269][ T8454] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz.3.1494: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  131.195778][ T8454] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1494: couldn't read orphan inode 13 (err -117)
[  131.209681][ T4848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.209954][ T8454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  131.234619][ T8454] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  131.245996][ T8458] IPv6: Can't replace route, no match found
[  131.246578][ T8454] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  131.269331][ T8454] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  131.286885][ T8454] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  131.296570][ T8454] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  131.309091][ T8454] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  131.355053][   T29] audit: type=1400 audit(1722481832.135:1086): avc:  denied  { read } for  pid=8462 comm="syz.2.1496" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.379733][   T29] audit: type=1400 audit(1722481832.135:1087): avc:  denied  { open } for  pid=8462 comm="syz.2.1496" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.419370][   T29] audit: type=1400 audit(1722481832.185:1088): avc:  denied  { ioctl } for  pid=8462 comm="syz.2.1496" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  131.499889][ T8470] loop2: detected capacity change from 0 to 256
[  131.506483][ T8470] msdos: Unknown parameter '0xffffffffffffffff'
[  131.516427][    C1] eth0: bad gso: type: 1, size: 1408
[  131.541959][ T8474] loop1: detected capacity change from 0 to 1024
[  131.551314][ T8474] EXT4-fs: Ignoring removed mblk_io_submit option
[  131.558363][ T8474] journal_path: Lookup failure for './file0/../file0'
[  131.565273][ T8474] EXT4-fs: error: could not find journal device path
[  131.664857][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.678445][ T8476] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1502'.
[  131.693932][ T8476] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=8476 comm=syz.2.1502
[  131.714187][ T8479] 9pnet_fd: Insufficient options for proto=fd
[  131.784140][ T8487] loop1: detected capacity change from 0 to 128
[  131.786503][ T8488] loop2: detected capacity change from 0 to 2048
[  131.800944][ T8490] FAULT_INJECTION: forcing a failure.
[  131.800944][ T8490] name failslab, interval 1, probability 0, space 0, times 0
[  131.813645][ T8490] CPU: 1 UID: 0 PID: 8490 Comm: syz.0.1507 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  131.824495][ T8490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  131.834549][ T8490] Call Trace:
[  131.837846][ T8490]  <TASK>
[  131.840791][ T8490]  dump_stack_lvl+0xf2/0x150
[  131.845434][ T8490]  dump_stack+0x15/0x20
[  131.849584][ T8490]  should_fail_ex+0x229/0x230
[  131.854328][ T8490]  ? radix_tree_node_alloc+0x8b/0x1e0
[  131.859698][ T8490]  should_failslab+0x8f/0xb0
[  131.864399][ T8490]  kmem_cache_alloc_noprof+0x4c/0x290
[  131.869803][ T8490]  radix_tree_node_alloc+0x8b/0x1e0
[  131.875013][ T8490]  radix_tree_extend+0xd4/0x350
[  131.879882][ T8490]  idr_get_free+0x132/0x550
[  131.884469][ T8490]  idr_alloc_u32+0xcb/0x180
[  131.889038][ T8490]  idr_alloc+0x6a/0xd0
[  131.893147][ T8490]  loop_add+0x143/0x590
[  131.897319][ T8490]  ? ioctl_has_perm+0x28b/0x2e0
[  131.902206][ T8490]  loop_control_ioctl+0xc8/0x440
[  131.907144][ T8490]  ? __pfx_loop_control_ioctl+0x10/0x10
[  131.912775][ T8490]  __se_sys_ioctl+0xd3/0x150
[  131.917375][ T8490]  __x64_sys_ioctl+0x43/0x50
[  131.922048][ T8490]  x64_sys_call+0x1688/0x2e00
[  131.926736][ T8490]  do_syscall_64+0xc9/0x1c0
[  131.931234][ T8490]  ? clear_bhb_loop+0x55/0xb0
[  131.936045][ T8490]  ? clear_bhb_loop+0x55/0xb0
[  131.941388][ T8490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.947316][ T8490] RIP: 0033:0x7fa721f073b9
[  131.951765][ T8490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.971498][ T8490] RSP: 002b:00007fa720b87048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.979929][ T8490] RAX: ffffffffffffffda RBX: 00007fa722095f80 RCX: 00007fa721f073b9
[  131.987951][ T8490] RDX: 0000000020005780 RSI: 0000000000004c80 RDI: 0000000000000004
[  131.995928][ T8490] RBP: 00007fa720b870a0 R08: 0000000000000000 R09: 0000000000000000
[  132.003958][ T8490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.011988][ T8490] R13: 000000000000000b R14: 00007fa722095f80 R15: 00007ffd5a25ad98
[  132.020032][ T8490]  </TASK>
[  132.042718][ T8487] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  132.050641][ T8487] FAT-fs (loop1): Filesystem has been set read-only
[  132.072924][ T8487] syz.1.1506: attempt to access beyond end of device
[  132.072924][ T8487] loop1: rw=0, sector=97, nr_sectors = 128 limit=128
[  132.073584][ T8495] IPv6: Can't replace route, no match found
[  132.087335][ T8487] syz.1.1506: attempt to access beyond end of device
[  132.087335][ T8487] loop1: rw=1, sector=225, nr_sectors = 816 limit=128
[  132.105798][ T8498] netlink: 8192 bytes leftover after parsing attributes in process `syz.2.1511'.
[  132.127045][   T29] audit: type=1400 audit(1722481832.906:1089): avc:  denied  { read } for  pid=8496 comm="syz.2.1511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  132.153205][ T8506] loop2: detected capacity change from 0 to 512
[  132.161557][ T8506] EXT4-fs: Ignoring removed orlov option
[  132.167414][ T8506] ext4: Bad value for 'sb'
[  132.175979][ T8508] loop3: detected capacity change from 0 to 1024
[  132.183705][ T8508] EXT4-fs: Ignoring removed mblk_io_submit option
[  132.192459][ T8508] journal_path: Lookup failure for './file0/../file0'
[  132.199421][ T8508] EXT4-fs: error: could not find journal device path
[  132.208663][ T8510] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1516'.
[  132.224273][ T8511] 9pnet_fd: Insufficient options for proto=fd
[  132.310045][ T8519] loop1: detected capacity change from 0 to 2048
[  132.363123][ T8524] loop1: detected capacity change from 0 to 4096
[  132.376564][ T8524] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.401520][ T4848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.420233][ T8529] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1522'.
[  132.429626][ T8529] FAULT_INJECTION: forcing a failure.
[  132.429626][ T8529] name failslab, interval 1, probability 0, space 0, times 0
[  132.442252][ T8529] CPU: 1 UID: 0 PID: 8529 Comm: syz.1.1522 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  132.453125][ T8529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  132.463204][ T8529] Call Trace:
[  132.466565][ T8529]  <TASK>
[  132.469579][ T8529]  dump_stack_lvl+0xf2/0x150
[  132.474193][ T8529]  dump_stack+0x15/0x20
[  132.478491][ T8529]  should_fail_ex+0x229/0x230
[  132.483234][ T8529]  ? __alloc_skb+0x10b/0x310
[  132.487826][ T8529]  should_failslab+0x8f/0xb0
[  132.492470][ T8529]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  132.498291][ T8529]  __alloc_skb+0x10b/0x310
[  132.502706][ T8529]  xfrm_alloc_compat+0x13d/0xe00
[  132.507658][ T8529]  ? try_module_get+0xae/0x1a0
[  132.512427][ T8529]  ? __pfx_xfrm_alloc_compat+0x10/0x10
[  132.518009][ T8529]  xfrm_send_policy_notify+0x1181/0x1240
[  132.523689][ T8529]  ? __pfx_xfrm_send_policy_notify+0x10/0x10
[  132.529700][ T8529]  km_policy_notify+0x66/0xb0
[  132.534380][ T8529]  xfrm_get_policy+0x541/0x690
[  132.539174][ T8529]  ? __nla_parse+0x40/0x60
[  132.543626][ T8529]  xfrm_user_rcv_msg+0x4a3/0x5c0
[  132.548619][ T8529]  ? __kfree_skb+0x102/0x150
[  132.553211][ T8529]  ? consume_skb+0x57/0x180
[  132.557721][ T8529]  netlink_rcv_skb+0x12c/0x230
[  132.562684][ T8529]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  132.568145][ T8529]  xfrm_netlink_rcv+0x47/0x60
[  132.572900][ T8529]  netlink_unicast+0x593/0x670
[  132.577706][ T8529]  netlink_sendmsg+0x5cc/0x6e0
[  132.582490][ T8529]  ? __pfx_netlink_sendmsg+0x10/0x10
[  132.587815][ T8529]  __sock_sendmsg+0x140/0x180
[  132.592504][ T8529]  ____sys_sendmsg+0x312/0x410
[  132.597346][ T8529]  __sys_sendmsg+0x1e9/0x280
[  132.601960][ T8529]  __x64_sys_sendmsg+0x46/0x50
[  132.606793][ T8529]  x64_sys_call+0x26f8/0x2e00
[  132.611617][ T8529]  do_syscall_64+0xc9/0x1c0
[  132.616577][ T8529]  ? clear_bhb_loop+0x55/0xb0
[  132.621341][ T8529]  ? clear_bhb_loop+0x55/0xb0
[  132.626017][ T8529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.631943][ T8529] RIP: 0033:0x7fc6b4fa73b9
[  132.636489][ T8529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.656326][ T8529] RSP: 002b:00007fc6b3c27048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  132.664740][ T8529] RAX: ffffffffffffffda RBX: 00007fc6b5135f80 RCX: 00007fc6b4fa73b9
[  132.672825][ T8529] RDX: 0000000000000000 RSI: 000000002014f000 RDI: 0000000000000003
[  132.680855][ T8529] RBP: 00007fc6b3c270a0 R08: 0000000000000000 R09: 0000000000000000
[  132.688933][ T8529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.695298][ T8538] IPv6: Can't replace route, no match found
[  132.696974][ T8529] R13: 000000000000000b R14: 00007fc6b5135f80 R15: 00007fffbcf843b8
[  132.710950][ T8529]  </TASK>
[  132.751621][ T8544] loop1: detected capacity change from 0 to 4096
[  132.758385][ T8544] EXT4-fs: Ignoring removed nobh option
[  132.766030][ T8544] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.834749][ T8546] serio: Serial port pts1
[  132.927837][ T8548] loop4: detected capacity change from 0 to 4096
[  132.936219][ T8548] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.962015][    C1] eth0: bad gso: type: 1, size: 1408
[  133.000699][ T8554] netlink: 'syz.2.1531': attribute type 1 has an invalid length.
[  133.024788][ T8138] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.102844][ T8570] FAULT_INJECTION: forcing a failure.
[  133.102844][ T8570] name failslab, interval 1, probability 0, space 0, times 0
[  133.115534][ T8570] CPU: 0 UID: 0 PID: 8570 Comm: syz.0.1538 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  133.127088][ T8570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  133.137240][ T8570] Call Trace:
[  133.140544][ T8570]  <TASK>
[  133.143477][ T8570]  dump_stack_lvl+0xf2/0x150
[  133.148075][ T8570]  dump_stack+0x15/0x20
[  133.152378][ T8570]  should_fail_ex+0x229/0x230
[  133.157071][ T8570]  ? nf_ct_ext_add+0xe6/0x1a0
[  133.162036][ T8570]  should_failslab+0x8f/0xb0
[  133.166657][ T8570]  __kmalloc_node_track_caller_noprof+0xa6/0x380
[  133.173008][ T8570]  krealloc_noprof+0x48/0xa0
[  133.177704][ T8570]  nf_ct_ext_add+0xe6/0x1a0
[  133.182307][ T8570]  init_conntrack+0x539/0x970
[  133.186997][ T8570]  nf_conntrack_in+0x899/0xf20
[  133.191903][ T8570]  ? __pfx_ipv6_conntrack_local+0x10/0x10
[  133.197736][ T8570]  ipv6_conntrack_local+0x1d/0x30
[  133.202783][ T8570]  nf_hook_slow+0x86/0x1b0
[  133.206881][ T8574] loop3: detected capacity change from 0 to 512
[  133.207340][ T8570]  __ip6_local_out+0x241/0x260
[  133.207375][ T8570]  ? __pfx_dst_output+0x10/0x10
[  133.224168][ T8570]  ip6_local_out+0x26/0xd0
[  133.228713][ T8570]  ip6_send_skb+0x47/0x100
[  133.233423][ T8570]  udp_v6_send_skb+0x760/0xbf0
[  133.238274][ T8570]  udpv6_sendmsg+0x14db/0x1590
[  133.243125][ T8570]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  133.248886][ T8570]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  133.254107][ T8570]  inet6_sendmsg+0xaf/0xd0
[  133.258606][ T8570]  __sock_sendmsg+0x8b/0x180
[  133.263304][ T8570]  ____sys_sendmsg+0x312/0x410
[  133.268070][ T8570]  __sys_sendmmsg+0x269/0x500
[  133.272756][ T8570]  __x64_sys_sendmmsg+0x57/0x70
[  133.277601][ T8570]  x64_sys_call+0x2b4e/0x2e00
[  133.282852][ T8570]  do_syscall_64+0xc9/0x1c0
[  133.287574][ T8570]  ? clear_bhb_loop+0x55/0xb0
[  133.292267][ T8570]  ? clear_bhb_loop+0x55/0xb0
[  133.296975][ T8570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.302869][ T8570] RIP: 0033:0x7fa721f073b9
[  133.307271][ T8570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.326879][ T8570] RSP: 002b:00007fa720b87048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  133.335377][ T8570] RAX: ffffffffffffffda RBX: 00007fa722095f80 RCX: 00007fa721f073b9
[  133.343405][ T8570] RDX: 0000000000000002 RSI: 0000000020000fc0 RDI: 0000000000000003
[  133.351493][ T8570] RBP: 00007fa720b870a0 R08: 0000000000000000 R09: 0000000000000000
[  133.359453][ T8570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.367412][ T8570] R13: 000000000000000b R14: 00007fa722095f80 R15: 00007ffd5a25ad98
[  133.375491][ T8570]  </TASK>
[  133.384731][ T8574] EXT4-fs (loop3): blocks per group (16384) and clusters per group (3) inconsistent
[  133.385147][ T8575] FAULT_INJECTION: forcing a failure.
[  133.385147][ T8575] name failslab, interval 1, probability 0, space 0, times 0
[  133.407386][ T8575] CPU: 1 UID: 0 PID: 8575 Comm: syz.4.1533 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  133.418109][ T8575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  133.428152][ T8575] Call Trace:
[  133.431436][ T8575]  <TASK>
[  133.434352][ T8575]  dump_stack_lvl+0xf2/0x150
[  133.439018][ T8575]  dump_stack+0x15/0x20
[  133.443157][ T8575]  should_fail_ex+0x229/0x230
[  133.447825][ T8575]  ? security_file_alloc+0x32/0xe0
[  133.453106][ T8575]  should_failslab+0x8f/0xb0
[  133.457685][ T8575]  kmem_cache_alloc_noprof+0x4c/0x290
[  133.463639][ T8575]  security_file_alloc+0x32/0xe0
[  133.468664][ T8575]  alloc_empty_file+0x121/0x310
[  133.473609][ T8575]  path_openat+0x6a/0x1f10
[  133.478579][ T8575]  ? _parse_integer_limit+0x167/0x180
[  133.483976][ T8575]  ? _parse_integer+0x27/0x30
[  133.488726][ T8575]  ? kstrtoull+0x110/0x140
[  133.493244][ T8575]  ? kstrtouint+0x77/0xc0
[  133.497572][ T8575]  do_filp_open+0xf7/0x200
[  133.502090][ T8575]  do_sys_openat2+0xab/0x120
[  133.506822][ T8575]  __x64_sys_openat+0xf3/0x120
[  133.511579][ T8575]  x64_sys_call+0x1ac/0x2e00
[  133.516160][ T8575]  do_syscall_64+0xc9/0x1c0
[  133.520773][ T8575]  ? clear_bhb_loop+0x55/0xb0
[  133.525562][ T8575]  ? clear_bhb_loop+0x55/0xb0
[  133.530293][ T8575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.536205][ T8575] RIP: 0033:0x7f0991c35d50
[  133.540608][ T8575] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8e 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8e 02 00 8b 44
[  133.560565][ T8575] RSP: 002b:00007f0990895f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  133.569119][ T8575] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f0991c35d50
[  133.577139][ T8575] RDX: 0000000000000002 RSI: 00007f0990895fb0 RDI: 00000000ffffff9c
[  133.585191][ T8575] RBP: 00007f0990895fb0 R08: 0000000000000000 R09: 0000000000000000
[  133.593356][ T8575] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  133.601409][ T8575] R13: 000000000000006e R14: 00007f0991dc6058 R15: 00007ffdfdc2c338
[  133.609373][ T8575]  </TASK>
[  133.664028][ T4848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.682296][ T8586] loop0: detected capacity change from 0 to 4096
[  133.703217][ T8589] loop1: detected capacity change from 0 to 512
[  133.712982][ T8586] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.717191][ T8589] EXT4-fs (loop1): 1 truncate cleaned up
[  133.731939][ T8589] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.749649][ T8589] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.1545: Directory hole found for htree leaf block 0
[  133.784926][ T8598] netlink: 'syz.3.1547': attribute type 11 has an invalid length.
[  133.799220][ T8012] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.808993][ T4848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.833845][ T8603] loop3: detected capacity change from 0 to 512
[  133.842135][ T8603] EXT4-fs: Ignoring removed bh option
[  133.857598][ T8603] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  133.874839][ T8603] EXT4-fs (loop3): 1 truncate cleaned up
[  133.881037][ T8603] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.907052][    C1] eth0: bad gso: type: 1, size: 1408
[  133.955585][    C1] eth0: bad gso: type: 1, size: 1408
[  133.967061][ T8603] loop3: detected capacity change from 512 to 64
[  133.989394][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.141392][ T8637] loop3: detected capacity change from 0 to 4096
[  134.151296][ T8637] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.169638][ T8639] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1560'.
[  134.202369][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.244656][ T8646] loop3: detected capacity change from 0 to 512
[  134.253176][ T8646] EXT4-fs: Ignoring removed i_version option
[  134.270455][ T8646] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.283234][ T8646] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.305781][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.543058][ T8666] loop4: detected capacity change from 0 to 128
[  134.553637][ T8666] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  134.566227][ T8666] ext4 filesystem being mounted at /30/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  134.632472][ T8138] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  134.661038][ T8669] loop4: detected capacity change from 0 to 128
[  134.772956][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  134.772969][   T29] audit: type=1400 audit(1722481835.519:1094): avc:  denied  { create } for  pid=8668 comm="syz.4.1571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  134.877274][ T8680] FAULT_INJECTION: forcing a failure.
[  134.877274][ T8680] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  134.890877][ T8680] CPU: 1 UID: 0 PID: 8680 Comm: syz.2.1575 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  134.901652][ T8680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  134.911978][ T8680] Call Trace:
[  134.915261][ T8680]  <TASK>
[  134.918217][ T8680]  dump_stack_lvl+0xf2/0x150
[  134.922893][ T8680]  dump_stack+0x15/0x20
[  134.927070][ T8680]  should_fail_ex+0x229/0x230
[  134.931760][ T8680]  should_fail_alloc_page+0xfd/0x110
[  134.937132][ T8680]  __alloc_pages_noprof+0x109/0x360
[  134.942379][ T8680]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  134.947752][ T8680]  folio_alloc_mpol_noprof+0x36/0x70
[  134.953176][ T8680]  shmem_get_folio_gfp+0x3eb/0xd80
[  134.958398][ T8680]  shmem_write_begin+0xa0/0x1c0
[  134.963269][ T8680]  generic_perform_write+0x1b4/0x580
[  134.968642][ T8680]  shmem_file_write_iter+0xc8/0xf0
[  134.973763][ T8680]  vfs_write+0x78f/0x900
[  134.978146][ T8680]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  134.984045][ T8680]  ksys_write+0xeb/0x1b0
[  134.988294][ T8680]  __x64_sys_write+0x42/0x50
[  134.992965][ T8680]  x64_sys_call+0x2a40/0x2e00
[  134.997703][ T8680]  do_syscall_64+0xc9/0x1c0
[  135.002218][ T8680]  ? clear_bhb_loop+0x55/0xb0
[  135.006983][ T8680]  ? clear_bhb_loop+0x55/0xb0
[  135.011689][ T8680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.017591][ T8680] RIP: 0033:0x7fc7fdc873b9
[  135.022103][ T8680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.042757][ T8680] RSP: 002b:00007fc7fc907048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  135.051255][ T8680] RAX: ffffffffffffffda RBX: 00007fc7fde15f80 RCX: 00007fc7fdc873b9
[  135.059426][ T8680] RDX: 000000000208e24b RSI: 0000000020000040 RDI: 0000000000000003
[  135.067484][ T8680] RBP: 00007fc7fc9070a0 R08: 0000000000000000 R09: 0000000000000000
[  135.076047][ T8680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  135.084022][ T8680] R13: 000000000000000b R14: 00007fc7fde15f80 R15: 00007ffff7f9cff8
[  135.092072][ T8680]  </TASK>
[  135.134487][ T8692] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  135.171782][   T29] audit: type=1400 audit(1722481835.897:1095): avc:  denied  { append } for  pid=8691 comm="syz.2.1580" name="pfkey" dev="proc" ino=4026533982 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  135.283223][ T8695] loop2: detected capacity change from 0 to 128
[  135.418677][ T8706] netlink: 'syz.2.1583': attribute type 18 has an invalid length.
[  135.426708][ T8706] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1583'.
[  135.486761][   T29] audit: type=1326 audit(1722481836.184:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8715 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa721f073b9 code=0x7ffc0000
[  135.520723][   T29] audit: type=1326 audit(1722481836.211:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8715 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fa721f073b9 code=0x7ffc0000
[  135.544557][   T29] audit: type=1326 audit(1722481836.211:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8715 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa721f073b9 code=0x7ffc0000
[  135.568268][   T29] audit: type=1326 audit(1722481836.211:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8715 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fa721f073b9 code=0x7ffc0000
[  135.591972][   T29] audit: type=1326 audit(1722481836.211:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8715 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa721f073b9 code=0x7ffc0000
[  135.615600][   T29] audit: type=1326 audit(1722481836.211:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8715 comm="syz.0.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa721f073b9 code=0x7ffc0000
[  135.658846][   T29] audit: type=1400 audit(1722481836.350:1102): avc:  denied  { ioctl } for  pid=8726 comm="syz.1.1591" path="socket:[29757]" dev="sockfs" ino=29757 ioctlcmd=0x941f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  135.686658][ T8729] loop0: detected capacity change from 0 to 256
[  135.697569][ T8729] msdos: Unknown parameter '0xffffffffffffffff'
[  135.746700][ T8733] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1594'.
[  135.762707][ T8739] loop0: detected capacity change from 0 to 2048
[  135.785004][ T8739] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.801526][   T29] audit: type=1326 audit(1722481836.479:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8746 comm="syz.4.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0991c373b9 code=0x7ffc0000
[  135.827913][ T8748] netlink: 'syz.1.1598': attribute type 21 has an invalid length.
[  135.835929][ T8748] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1598'.
[  135.853894][ T8012] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.855638][ T8741] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1598'.
[  135.900101][ T8751] loop0: detected capacity change from 0 to 4096
[  135.911007][ T8751] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.911675][ T8753] loop2: detected capacity change from 0 to 2048
[  135.937280][ T8753] ext4: Unknown parameter 'smackfsdef'
[  135.964818][ T8761] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1600'.
[  136.038959][ T8772] loop2: detected capacity change from 0 to 256
[  136.047139][ T8772] msdos: Unknown parameter '0xffffffffffffffff'
[  136.177087][    C1] eth0: bad gso: type: 1, size: 1408
[  136.193611][ T8782] loop2: detected capacity change from 0 to 2048
[  136.236974][ T8782]  loop2: p1 < > p4
[  136.241276][ T8782] loop2: p4 size 8388608 extends beyond EOD, truncated
[  136.274726][ T8784] FAULT_INJECTION: forcing a failure.
[  136.274726][ T8784] name fail_futex, interval 1, probability 0, space 0, times 1
[  136.287564][ T8784] CPU: 1 UID: 0 PID: 8784 Comm: syz.3.1612 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  136.298329][ T8784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  136.308498][ T8784] Call Trace:
[  136.311832][ T8784]  <TASK>
[  136.314755][ T8784]  dump_stack_lvl+0xf2/0x150
[  136.319417][ T8784]  dump_stack+0x15/0x20
[  136.323769][ T8784]  should_fail_ex+0x229/0x230
[  136.328443][ T8784]  should_fail+0xb/0x10
[  136.332612][ T8784]  get_futex_key+0xf4/0x710
[  136.337108][ T8784]  ? __kmalloc_cache_noprof+0x10b/0x2a0
[  136.342710][ T8784]  futex_requeue+0x19f/0xea0
[  136.347281][ T8784]  ? kstrtouint_from_user+0xb0/0xe0
[  136.352476][ T8784]  ? get_pid_task+0x8e/0xc0
[  136.357059][ T8784]  do_futex+0x304/0x370
[  136.361294][ T8784]  __se_sys_futex+0x25d/0x3a0
[  136.366060][ T8784]  ? fput+0x13b/0x180
[  136.370118][ T8784]  __x64_sys_futex+0x78/0x90
[  136.374714][ T8784]  x64_sys_call+0x126a/0x2e00
[  136.379427][ T8784]  do_syscall_64+0xc9/0x1c0
[  136.384184][ T8784]  ? clear_bhb_loop+0x55/0xb0
[  136.388861][ T8784]  ? clear_bhb_loop+0x55/0xb0
[  136.393602][ T8784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.399546][ T8784] RIP: 0033:0x7f03563e73b9
[  136.404029][ T8784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.423805][ T8784] RSP: 002b:00007f0355067048 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  136.432427][ T8784] RAX: ffffffffffffffda RBX: 00007f0356575f80 RCX: 00007f03563e73b9
[  136.440522][ T8784] RDX: 0000000000000001 RSI: 000000000000008c RDI: 0000000020000000
[  136.448646][ T8784] RBP: 00007f03550670a0 R08: 0000000000000000 R09: 0000000000000000
[  136.456755][ T8784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.464743][ T8784] R13: 000000000000000b R14: 00007f0356575f80 R15: 00007fff3f248b58
[  136.472788][ T8784]  </TASK>
[  136.502190][ T8787] loop3: detected capacity change from 0 to 4096
[  136.510710][ T8787] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.537388][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.603494][ T8788] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  136.648388][ T8796] loop2: detected capacity change from 0 to 1024
[  136.655439][ T8796] EXT4-fs: Ignoring removed mblk_io_submit option
[  136.662075][ T8796] journal_path: Lookup failure for './file0/../file0'
[  136.668930][ T8796] EXT4-fs: error: could not find journal device path
[  136.711413][ T8012] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.733625][ T8799] loop4: detected capacity change from 0 to 256
[  136.753403][ T8799] msdos: Unknown parameter '0xffffffffffffffff'
[  136.807833][ T8812] lo speed is unknown, defaulting to 1000
[  136.816159][ T8812] lo speed is unknown, defaulting to 1000
[  136.822229][ T8812] lo speed is unknown, defaulting to 1000
[  136.856808][ T8812] infiniband syz1: set active
[  136.861804][ T8812] infiniband syz1: added lo
[  136.866671][ T5723] lo speed is unknown, defaulting to 1000
[  136.877179][ T8812] RDS/IB: syz1: added
[  136.881272][ T8812] smc: adding ib device syz1 with port count 1
[  136.887780][ T8812] smc:    ib device syz1 port 1 has pnetid 
[  136.893901][ T5723] lo speed is unknown, defaulting to 1000
[  136.899682][ T8812] lo speed is unknown, defaulting to 1000
[  136.927195][ T8812] lo speed is unknown, defaulting to 1000
[  136.954497][ T8812] lo speed is unknown, defaulting to 1000
[  136.981095][ T8812] lo speed is unknown, defaulting to 1000
[  137.008001][ T8812] lo speed is unknown, defaulting to 1000
[  137.036593][ T8812] lo speed is unknown, defaulting to 1000
[  137.064899][ T8812] lo speed is unknown, defaulting to 1000
[  137.096969][ T8828] FAULT_INJECTION: forcing a failure.
[  137.096969][ T8828] name failslab, interval 1, probability 0, space 0, times 0
[  137.109893][ T8828] CPU: 0 UID: 0 PID: 8828 Comm: syz.1.1627 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  137.121098][ T8828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  137.131641][ T8828] Call Trace:
[  137.134927][ T8828]  <TASK>
[  137.137941][ T8828]  dump_stack_lvl+0xf2/0x150
[  137.142749][ T8828]  dump_stack+0x15/0x20
[  137.146944][ T8828]  should_fail_ex+0x229/0x230
[  137.151731][ T8828]  ? build_skb+0x33/0x210
[  137.156319][ T8828]  should_failslab+0x8f/0xb0
[  137.161014][ T8828]  kmem_cache_alloc_noprof+0x4c/0x290
[  137.166486][ T8828]  ? alloc_pages_mpol_noprof+0x194/0x1e0
[  137.172121][ T8828]  build_skb+0x33/0x210
[  137.176395][ T8828]  __tun_build_skb+0x2b/0x1b0
[  137.181166][ T8828]  ? tun_get_user+0x1474/0x24b0
[  137.186044][ T8828]  tun_get_user+0x1494/0x24b0
[  137.190714][ T8828]  ? kstrtoull+0x110/0x140
[  137.195119][ T8828]  ? ref_tracker_alloc+0x1f5/0x2f0
[  137.200402][ T8828]  tun_chr_write_iter+0x18e/0x240
[  137.205426][ T8828]  vfs_write+0x78f/0x900
[  137.209773][ T8828]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  137.215330][ T8828]  ksys_write+0xeb/0x1b0
[  137.219741][ T8828]  __x64_sys_write+0x42/0x50
[  137.224624][ T8828]  x64_sys_call+0x2a40/0x2e00
[  137.230438][ T8828]  do_syscall_64+0xc9/0x1c0
[  137.235251][ T8828]  ? clear_bhb_loop+0x55/0xb0
[  137.240472][ T8828]  ? clear_bhb_loop+0x55/0xb0
[  137.245444][ T8828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.252175][ T8828] RIP: 0033:0x7fc6b4fa5e9f
[  137.256973][ T8828] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48
[  137.279046][ T8828] RSP: 002b:00007fc6b3c27010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  137.288117][ T8828] RAX: ffffffffffffffda RBX: 00007fc6b5135f80 RCX: 00007fc6b4fa5e9f
[  137.296885][ T8828] RDX: 00000000000000f1 RSI: 0000000020000640 RDI: 00000000000000c8
[  137.304875][ T8828] RBP: 00007fc6b3c270a0 R08: 0000000000000000 R09: 0000000000000000
[  137.313716][ T8828] R10: 00000000000000f1 R11: 0000000000000293 R12: 0000000000000001
[  137.322477][ T8828] R13: 000000000000000b R14: 00007fc6b5135f80 R15: 00007fffbcf843b8
[  137.330722][ T8828]  </TASK>
[  137.389900][ T8840] loop0: detected capacity change from 0 to 512
[  137.391378][ T8838] loop1: detected capacity change from 0 to 1024
[  137.403806][ T8838] EXT4-fs: Ignoring removed mblk_io_submit option
[  137.404789][ T8840] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  137.410907][ T8838] journal_path: Lookup failure for './file0/../file0'
[  137.421270][ T8840] EXT4-fs (loop0): orphan cleanup on readonly fs
[  137.425663][ T8838] EXT4-fs: error: could not find journal device path
[  137.441091][ T8840] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  137.456961][ T8840] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  137.466163][ T8840] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz.0.1631: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  137.488132][ T8840] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1631: couldn't read orphan inode 13 (err -117)
[  137.501409][ T8840] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  137.519111][ T8840] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  137.531570][ T8840] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  137.542219][ T8844] __nla_validate_parse: 2 callbacks suppressed
[  137.542234][ T8844] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1632'.
[  137.561761][ T8840] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  137.598038][ T8012] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.605721][ T8850] loop3: detected capacity change from 0 to 2048
[  137.614534][ T8850] EXT4-fs (loop3): unsupported inode size: 32768
[  137.621785][ T8850] EXT4-fs (loop3): blocksize: 2048
[  137.632353][ T8850] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1634'.
[  137.642153][    C1] eth0: bad gso: type: 1, size: 1408
[  137.665988][ T8854] loop0: detected capacity change from 0 to 256
[  137.672791][    C1] eth0: bad gso: type: 1, size: 1408
[  137.686612][    C1] eth0: bad gso: type: 1, size: 1408
[  137.694251][ T8854] FAT-fs (loop0): Directory bread(block 64) failed
[  137.703054][ T8854] FAT-fs (loop0): Directory bread(block 65) failed
[  137.710029][ T8854] FAT-fs (loop0): Directory bread(block 66) failed
[  137.717783][ T8854] FAT-fs (loop0): Directory bread(block 67) failed
[  137.726461][ T8854] FAT-fs (loop0): Directory bread(block 68) failed
[  137.734612][ T8854] FAT-fs (loop0): Directory bread(block 69) failed
[  137.742009][ T8854] FAT-fs (loop0): Directory bread(block 70) failed
[  137.749005][ T8854] FAT-fs (loop0): Directory bread(block 71) failed
[  137.755889][ T8854] FAT-fs (loop0): Directory bread(block 72) failed
[  137.764317][ T8854] FAT-fs (loop0): Directory bread(block 73) failed
[  137.853602][ T8854] syz.0.1635: attempt to access beyond end of device
[  137.853602][ T8854] loop0: rw=2049, sector=1224, nr_sectors = 544 limit=256
[  137.868602][ T8854] syz.0.1635: attempt to access beyond end of device
[  137.868602][ T8854] loop0: rw=2049, sector=1800, nr_sectors = 128 limit=256
[  137.891729][ T8879] FAULT_INJECTION: forcing a failure.
[  137.891729][ T8879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.909381][ T8879] CPU: 1 UID: 0 PID: 8879 Comm: syz.1.1644 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  137.921300][ T8879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  137.932282][ T8879] Call Trace:
[  137.935667][ T8879]  <TASK>
[  137.938869][ T8879]  dump_stack_lvl+0xf2/0x150
[  137.943626][ T8879]  dump_stack+0x15/0x20
[  137.947833][ T8879]  should_fail_ex+0x229/0x230
[  137.952824][ T8879]  should_fail+0xb/0x10
[  137.957628][ T8879]  should_fail_usercopy+0x1a/0x20
[  137.962936][ T8879]  _copy_to_user+0x1e/0xa0
[  137.967838][ T8879]  simple_read_from_buffer+0xa0/0x110
[  137.973332][ T8879]  proc_fail_nth_read+0xfc/0x140
[  137.973443][ T8854] syz.0.1635: attempt to access beyond end of device
[  137.973443][ T8854] loop0: rw=2049, sector=1960, nr_sectors = 2048 limit=256
[  137.978429][ T8879]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  137.978460][ T8879]  vfs_read+0x1a2/0x6e0
[  138.003318][ T8879]  ? __rcu_read_unlock+0x4e/0x70
[  138.008349][ T8879]  ? __fget_files+0x1da/0x210
[  138.013396][ T8879]  ksys_read+0xeb/0x1b0
[  138.013995][ T8854] syz.0.1635: attempt to access beyond end of device
[  138.013995][ T8854] loop0: rw=2049, sector=4008, nr_sectors = 1956 limit=256
[  138.017647][ T8879]  __x64_sys_read+0x42/0x50
[  138.037469][ T8879]  x64_sys_call+0x2a36/0x2e00
[  138.038130][ T8874] loop3: detected capacity change from 0 to 2048
[  138.042458][ T8879]  do_syscall_64+0xc9/0x1c0
[  138.054567][ T8879]  ? clear_bhb_loop+0x55/0xb0
[  138.060065][ T8879]  ? clear_bhb_loop+0x55/0xb0
[  138.065404][ T8879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.072221][ T8879] RIP: 0033:0x7fc6b4fa5dfc
[  138.077332][ T8879] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  138.099634][ T8879] RSP: 002b:00007fc6b3c27040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  138.108750][ T8879] RAX: ffffffffffffffda RBX: 00007fc6b5135f80 RCX: 00007fc6b4fa5dfc
[  138.117123][ T8879] RDX: 000000000000000f RSI: 00007fc6b3c270b0 RDI: 0000000000000004
[  138.126035][ T8879] RBP: 00007fc6b3c270a0 R08: 0000000000000000 R09: 0000000000000000
[  138.136410][ T8879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.144877][ T8879] R13: 000000000000000b R14: 00007fc6b5135f80 R15: 00007fffbcf843b8
[  138.153044][ T8879]  </TASK>
[  138.167999][ T8874] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.229217][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.232439][ T8891] delete_channel: no stack
[  138.283781][ T8883] IPv6: Can't replace route, no match found
[  138.286956][ T8891] loop1: detected capacity change from 0 to 8192
[  138.297505][ T8891] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  138.309936][ T8891] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF
[  138.318844][ T8891] FAT-fs (loop1): Filesystem has been set read-only
[  138.326030][ T8890] delete_channel: no stack
[  138.633380][ T8914] loop2: detected capacity change from 0 to 512
[  138.706195][ T8924] loop0: detected capacity change from 0 to 164
[  138.714905][ T8924] iso9660: Unknown parameter ''
[  138.739209][ T8926] loop2: detected capacity change from 0 to 1764
[  138.746309][ T8926] iso9660: Unknown parameter 'ÿÿÿÿÿÿÿÿ'
[  138.767702][ T8926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1660'.
[  138.816321][ T8930] lo speed is unknown, defaulting to 1000
[  138.938112][ T8946] loop4: detected capacity change from 0 to 128
[  139.067378][ T8948] loop3: detected capacity change from 0 to 128
[  139.130990][ T8948] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1664'.
[  139.435845][ T8972] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1673'.
[  139.950430][ T8980] loop2: detected capacity change from 0 to 2048
[  139.963887][ T8980] rtc_cmos 00:00: Alarms can be up to one day in the future
[  139.971611][    T8] rtc_cmos 00:00: Alarms can be up to one day in the future
[  139.979183][    T8] rtc_cmos 00:00: Alarms can be up to one day in the future
[  139.986706][    T8] rtc_cmos 00:00: Alarms can be up to one day in the future
[  139.994228][    T8] rtc_cmos 00:00: Alarms can be up to one day in the future
[  140.001548][    T8] rtc rtc0: __rtc_set_alarm: err=-22
[  140.146563][ T8989] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1679'.
[  140.202276][ T8993] loop4: detected capacity change from 0 to 512
[  140.210268][ T8993] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  140.218528][ T8993] EXT4-fs (loop4): orphan cleanup on readonly fs
[  140.227196][ T8993] EXT4-fs warning (device loop4): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  140.242777][ T8993] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  140.251406][ T8993] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.1681: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  140.272001][ T8993] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1681: couldn't read orphan inode 13 (err -117)
[  140.285160][ T8993] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  140.302336][ T8993] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  140.312221][ T8993] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  140.332383][ T8993] EXT4-fs warning (device loop4): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  140.366109][ T8138] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.407474][   T29] kauditd_printk_skb: 95 callbacks suppressed
[  140.407531][   T29] audit: type=1400 audit(1722481840.727:1199): avc:  denied  { search } for  pid=9002 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  140.452739][   T29] audit: type=1400 audit(1722481840.764:1200): avc:  denied  { read } for  pid=9007 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=343 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  140.475992][   T29] audit: type=1400 audit(1722481840.764:1201): avc:  denied  { open } for  pid=9007 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=343 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  140.501370][   T29] audit: type=1400 audit(1722481840.764:1202): avc:  denied  { getattr } for  pid=9007 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=343 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  140.527499][   T29] audit: type=1400 audit(1722481840.774:1203): avc:  denied  { getattr } for  pid=9007 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=369 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  140.567671][ T9011] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  140.583170][   T29] audit: type=1400 audit(1722481840.894:1204): avc:  denied  { read } for  pid=9009 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=369 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  140.588960][ T9011] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[  140.605051][   T29] audit: type=1400 audit(1722481840.894:1205): avc:  denied  { open } for  pid=9009 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=369 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  140.646261][ T8976] loop3: detected capacity change from 0 to 164
[  140.653116][ T8976] iso9660: Bad value for 'gid'
[  140.658094][ T8976] iso9660: Bad value for 'gid'
[  140.664948][   T29] audit: type=1400 audit(1722481840.967:1206): avc:  denied  { write } for  pid=9002 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=342 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  140.675415][ T9011] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1687'.
[  140.688026][   T29] audit: type=1400 audit(1722481840.967:1207): avc:  denied  { add_name } for  pid=9002 comm="dhcpcd-run-hook" name="resolv.conf.dummy0.ipv4ll" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  140.719918][   T29] audit: type=1400 audit(1722481840.967:1208): avc:  denied  { create } for  pid=9002 comm="dhcpcd-run-hook" name="resolv.conf.dummy0.ipv4ll" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  140.932922][ T9056] lo speed is unknown, defaulting to 1000
[  141.002871][ T9056] loop3: detected capacity change from 0 to 2048
[  141.058025][ T9061] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  141.069343][ T9061] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[  141.082082][ T9061] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1702'.
[  141.783855][ T9093] loop2: detected capacity change from 0 to 512
[  141.791990][ T9093] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  141.800175][ T9093] EXT4-fs (loop2): orphan cleanup on readonly fs
[  141.808220][ T9093] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  141.826634][ T9093] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  141.833411][ T9093] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.1713: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  141.853892][ T9093] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1713: couldn't read orphan inode 13 (err -117)
[  141.868290][ T9093] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  142.093667][ T8036] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.106149][ T9097] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  142.119108][ T9097] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[  142.126387][ T9103] loop0: detected capacity change from 0 to 1024
[  142.130091][ T9097] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1714'.
[  142.146023][ T9101] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1715'.
[  142.156897][ T9101] FAULT_INJECTION: forcing a failure.
[  142.156897][ T9101] name failslab, interval 1, probability 0, space 0, times 0
[  142.169564][ T9101] CPU: 1 UID: 0 PID: 9101 Comm: syz.2.1715 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  142.172448][ T9103] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.181172][ T9101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  142.181186][ T9101] Call Trace:
[  142.181195][ T9101]  <TASK>
[  142.181202][ T9101]  dump_stack_lvl+0xf2/0x150
[  142.207893][ T9103] EXT4-fs (loop0): shut down requested (0)
[  142.210612][ T9101]  dump_stack+0x15/0x20
[  142.226261][ T9101]  should_fail_ex+0x229/0x230
[  142.231305][ T9101]  ? __alloc_skb+0x10b/0x310
[  142.236033][ T9101]  should_failslab+0x8f/0xb0
[  142.238882][ T9108] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=33 sclass=netlink_tcpdiag_socket pid=9108 comm=syz.4.1718
[  142.240781][ T9101]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  142.259368][ T9101]  __alloc_skb+0x10b/0x310
[  142.263832][ T9101]  __neigh_notify+0x57/0x100
[  142.268469][ T9101]  __neigh_update+0x8d3/0x14f0
[  142.271392][ T9111] FAULT_INJECTION: forcing a failure.
[  142.271392][ T9111] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.273285][ T9101]  neigh_add+0x7b9/0x8e0
[  142.290515][ T9101]  ? __pfx_neigh_add+0x10/0x10
[  142.295401][ T9101]  rtnetlink_rcv_msg+0x6aa/0x710
[  142.300505][ T9101]  ? ref_tracker_free+0x3a5/0x410
[  142.305623][ T9101]  ? __dev_queue_xmit+0x161/0x1fe0
[  142.310726][ T9101]  netlink_rcv_skb+0x12c/0x230
[  142.315488][ T9101]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  142.320943][ T9101]  rtnetlink_rcv+0x1c/0x30
[  142.325787][ T9101]  netlink_unicast+0x593/0x670
[  142.330590][ T9101]  netlink_sendmsg+0x5cc/0x6e0
[  142.335437][ T9101]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.340775][ T9101]  __sock_sendmsg+0x140/0x180
[  142.345460][ T9101]  __sys_sendto+0x1e5/0x260
[  142.349988][ T9101]  __x64_sys_sendto+0x78/0x90
[  142.354691][ T9101]  x64_sys_call+0x2bc6/0x2e00
[  142.359419][ T9101]  do_syscall_64+0xc9/0x1c0
[  142.364102][ T9101]  ? clear_bhb_loop+0x55/0xb0
[  142.368834][ T9101]  ? clear_bhb_loop+0x55/0xb0
[  142.373618][ T9101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.379583][ T9101] RIP: 0033:0x7fc7fdc873b9
[  142.383999][ T9101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.404056][ T9101] RSP: 002b:00007fc7fc907048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  142.412576][ T9101] RAX: ffffffffffffffda RBX: 00007fc7fde15f80 RCX: 00007fc7fdc873b9
[  142.420583][ T9101] RDX: 0000000000000090 RSI: 0000000020000180 RDI: 0000000000000005
[  142.428562][ T9101] RBP: 00007fc7fc9070a0 R08: 0000000000000000 R09: 0000000000000000
[  142.436583][ T9101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.444713][ T9101] R13: 000000000000000b R14: 00007fc7fde15f80 R15: 00007ffff7f9cff8
[  142.453195][ T9101]  </TASK>
[  142.456219][ T9111] CPU: 0 UID: 0 PID: 9111 Comm: syz.0.1717 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  142.468120][ T9111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  142.478178][ T9111] Call Trace:
[  142.481531][ T9111]  <TASK>
[  142.485166][ T9111]  dump_stack_lvl+0xf2/0x150
[  142.489988][ T9111]  dump_stack+0x15/0x20
[  142.494349][ T9111]  should_fail_ex+0x229/0x230
[  142.499194][ T9111]  should_fail+0xb/0x10
[  142.503433][ T9111]  should_fail_usercopy+0x1a/0x20
[  142.508541][ T9111]  _copy_to_user+0x1e/0xa0
[  142.513003][ T9111]  simple_read_from_buffer+0xa0/0x110
[  142.518447][ T9111]  proc_fail_nth_read+0xfc/0x140
[  142.523558][ T9111]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  142.529097][ T9111]  vfs_read+0x1a2/0x6e0
[  142.533273][ T9111]  ? __rcu_read_unlock+0x4e/0x70
[  142.538209][ T9111]  ? __fget_files+0x1da/0x210
[  142.542957][ T9111]  ksys_read+0xeb/0x1b0
[  142.547116][ T9111]  __x64_sys_read+0x42/0x50
[  142.551616][ T9111]  x64_sys_call+0x2a36/0x2e00
[  142.556306][ T9111]  do_syscall_64+0xc9/0x1c0
[  142.560906][ T9111]  ? clear_bhb_loop+0x55/0xb0
[  142.565639][ T9111]  ? clear_bhb_loop+0x55/0xb0
[  142.570317][ T9111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.577059][ T9111] RIP: 0033:0x7fa721f05dfc
[  142.581753][ T9111] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48
[  142.601474][ T9111] RSP: 002b:00007fa720b66040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  142.610687][ T9111] RAX: ffffffffffffffda RBX: 00007fa722096058 RCX: 00007fa721f05dfc
[  142.619020][ T9111] RDX: 000000000000000f RSI: 00007fa720b660b0 RDI: 0000000000000006
[  142.627713][ T9111] RBP: 00007fa720b660a0 R08: 0000000000000000 R09: 0000000000000000
[  142.635813][ T9111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.644252][ T9111] R13: 000000000000006e R14: 00007fa722096058 R15: 00007ffd5a25ad98
[  142.652582][ T9111]  </TASK>
[  142.699147][ T8012] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.720648][ T9121] loop3: detected capacity change from 0 to 1024
[  142.723958][ T9123] loop4: detected capacity change from 0 to 2048
[  142.740022][ T9123] rtc_cmos 00:00: Alarms can be up to one day in the future
[  142.749264][ T5284] rtc_cmos 00:00: Alarms can be up to one day in the future
[  142.756873][ T5284] rtc_cmos 00:00: Alarms can be up to one day in the future
[  142.764678][ T5284] rtc_cmos 00:00: Alarms can be up to one day in the future
[  142.772879][ T5284] rtc_cmos 00:00: Alarms can be up to one day in the future
[  142.777386][ T9121] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.781182][ T5284] rtc rtc0: __rtc_set_alarm: err=-22
[  142.848414][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.869418][ T9139] loop3: detected capacity change from 0 to 512
[  142.887467][ T9139] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.900260][ T9139] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.909180][ T9137] loop0: detected capacity change from 0 to 512
[  142.919190][ T9137] EXT4-fs (loop0): orphan cleanup on readonly fs
[  142.926858][ T9137] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1730: bg 0: block 248: padding at end of block bitmap is not set
[  142.926875][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.952716][ T9137] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.1730: Failed to acquire dquot type 1
[  142.965048][ T9137] EXT4-fs (loop0): 1 truncate cleaned up
[  142.973267][ T9137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  142.984093][ T9148] __nla_validate_parse: 1 callbacks suppressed
[  142.984107][ T9148] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1733'.
[  143.005532][ T9148] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  143.046343][ T9153] loop4: detected capacity change from 0 to 128
[  143.054260][ T9153] vfat: Unknown parameter 'SEG6'
[  143.081801][ T9156] loop3: detected capacity change from 0 to 1024
[  143.088673][ T9156] EXT4-fs: Ignoring removed orlov option
[  143.094737][ T9156] EXT4-fs: Ignoring removed nomblk_io_submit option
[  143.109771][ T8012] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.125584][ T9156] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.228961][ T9168] loop0: detected capacity change from 0 to 1024
[  143.251923][ T9168] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[  143.274689][ T9168] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1740'.
[  143.313193][ T9175] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1742'.
[  143.322513][ T9175] tipc: Started in network mode
[  143.327392][ T9175] tipc: Node identity 6, cluster identity 4711
[  143.334192][ T9175] tipc: Node number set to 6
[  143.348374][ T9175] lo speed is unknown, defaulting to 1000
[  143.473466][ T9183] 9pnet_fd: Insufficient options for proto=fd
[  143.488024][ T9186] 9pnet_fd: Insufficient options for proto=fd
[  143.558521][ T9191] loop2: detected capacity change from 0 to 8192
[  143.568865][ T9191] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  143.636804][ T9205] FAULT_INJECTION: forcing a failure.
[  143.636804][ T9205] name failslab, interval 1, probability 0, space 0, times 0
[  143.645799][ T9199] loop0: detected capacity change from 0 to 512
[  143.650406][ T9205] CPU: 1 UID: 0 PID: 9205 Comm: syz.2.1752 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  143.669447][ T9205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  143.679608][ T9205] Call Trace:
[  143.682953][ T9205]  <TASK>
[  143.685888][ T9205]  dump_stack_lvl+0xf2/0x150
[  143.691533][ T9205]  dump_stack+0x15/0x20
[  143.696147][ T9205]  should_fail_ex+0x229/0x230
[  143.701578][ T9205]  ? skb_clone+0x154/0x1f0
[  143.706264][ T9205]  should_failslab+0x8f/0xb0
[  143.711085][ T9205]  kmem_cache_alloc_noprof+0x4c/0x290
[  143.717024][ T9205]  skb_clone+0x154/0x1f0
[  143.721387][ T9205]  __netlink_deliver_tap+0x2bd/0x4c0
[  143.726678][ T9205]  netlink_unicast+0x641/0x670
[  143.731554][ T9205]  netlink_sendmsg+0x5cc/0x6e0
[  143.736315][ T9205]  ? __pfx_netlink_sendmsg+0x10/0x10
[  143.741681][ T9205]  __sock_sendmsg+0x140/0x180
[  143.746382][ T9205]  ____sys_sendmsg+0x312/0x410
[  143.751140][ T9205]  __sys_sendmsg+0x1e9/0x280
[  143.756104][ T9205]  __x64_sys_sendmsg+0x46/0x50
[  143.760896][ T9205]  x64_sys_call+0x26f8/0x2e00
[  143.765753][ T9205]  do_syscall_64+0xc9/0x1c0
[  143.770269][ T9205]  ? clear_bhb_loop+0x55/0xb0
[  143.774958][ T9205]  ? clear_bhb_loop+0x55/0xb0
[  143.779767][ T9205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.786323][ T9205] RIP: 0033:0x7fc7fdc873b9
[  143.791131][ T9205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.810888][ T9205] RSP: 002b:00007fc7fc907048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  143.819486][ T9205] RAX: ffffffffffffffda RBX: 00007fc7fde15f80 RCX: 00007fc7fdc873b9
[  143.827544][ T9205] RDX: 0000000000000000 RSI: 0000000020004380 RDI: 0000000000000003
[  143.835741][ T9205] RBP: 00007fc7fc9070a0 R08: 0000000000000000 R09: 0000000000000000
[  143.843706][ T9205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.852288][ T9205] R13: 000000000000000b R14: 00007fc7fde15f80 R15: 00007ffff7f9cff8
[  143.860283][ T9205]  </TASK>
[  143.867654][ T9199] EXT4-fs (loop0): orphan cleanup on readonly fs
[  143.874742][ T9199] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1749: bg 0: block 248: padding at end of block bitmap is not set
[  143.890678][ T9199] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.1749: Failed to acquire dquot type 1
[  143.904301][ T9199] EXT4-fs (loop0): 1 truncate cleaned up
[  143.910771][ T9199] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  144.037012][ T8012] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.052162][ T7944] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.071286][ T9217] 9pnet_fd: Insufficient options for proto=fd
[  144.092807][ T9223] loop3: detected capacity change from 0 to 512
[  144.100387][ T9223] EXT4-fs (loop3): corrupt root inode, run e2fsck
[  144.106914][ T9223] EXT4-fs (loop3): mount failed
[  144.229028][ T9240] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  144.246215][ T9241] loop3: detected capacity change from 0 to 512
[  144.253331][ T9241] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  144.264626][ T9241] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1760: corrupted in-inode xattr: e_name out of bounds
[  144.279349][ T9241] EXT4-fs (loop3): 1 truncate cleaned up
[  144.302834][ T9244] ==================================================================
[  144.311027][ T9244] BUG: KCSAN: data-race in mas_walk / mas_wmb_replace
[  144.317793][ T9244] 
[  144.320286][ T9244] write to 0xffff888103d7af00 of 8 bytes by task 9243 on cpu 0:
[  144.328013][ T9244]  mas_wmb_replace+0x20f/0x14f0
[  144.332959][ T9244]  mas_wr_modify+0x183d/0x3c90
[  144.337830][ T9244]  mas_wr_store_entry+0x250/0x390
[  144.342988][ T9244]  mas_store_prealloc+0x151/0x2b0
[  144.348280][ T9244]  vma_complete+0x3a7/0x760
[  144.352780][ T9244]  __split_vma+0x623/0x690
[  144.357186][ T9244]  vma_modify+0x198/0x1f0
[  144.361499][ T9244]  mprotect_fixup+0x335/0x610
[  144.366167][ T9244]  do_mprotect_pkey+0x673/0x9a0
[  144.370994][ T9244]  __x64_sys_mprotect+0x48/0x60
[  144.375944][ T9244]  x64_sys_call+0x2734/0x2e00
[  144.380648][ T9244]  do_syscall_64+0xc9/0x1c0
[  144.385213][ T9244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.391102][ T9244] 
[  144.393509][ T9244] read to 0xffff888103d7af00 of 8 bytes by task 9244 on cpu 1:
[  144.401144][ T9244]  mas_walk+0x123/0x320
[  144.405292][ T9244]  lock_vma_under_rcu+0x84/0x260
[  144.410303][ T9244]  exc_page_fault+0x150/0x650
[  144.415091][ T9244]  asm_exc_page_fault+0x26/0x30
[  144.420109][ T9244] 
[  144.422425][ T9244] value changed: 0xffff88813f792a41 -> 0xffff888103d7af00
[  144.429595][ T9244] 
[  144.432105][ T9244] Reported by Kernel Concurrency Sanitizer on:
[  144.438446][ T9244] CPU: 1 UID: 0 PID: 9244 Comm: syz.0.1766 Not tainted 6.11.0-rc1-syzkaller-00063-g21b136cc63d2 #0
[  144.449953][ T9244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  144.460833][ T9244] ==================================================================
[  144.481029][ T7944] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /86/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  144.504317][ T7944] EXT4-fs error (device loop3): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  144.525302][ T7944] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /86/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  144.547535][ T7944] EXT4-fs error (device loop3): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  144.568550][ T7944] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /86/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  144.590339][ T7944] EXT4-fs error (device loop3): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  144.610910][ T7944] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /86/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  144.633385][ T7944] EXT4-fs error (device loop3): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  144.654787][ T7944] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /86/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  144.676597][ T7944] EXT4-fs error (device loop3): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  144.990519][   T28] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.032037][   T28] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.096930][   T28] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.140668][   T28] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.235534][   T28] bridge_slave_1: left allmulticast mode
[  145.241311][   T28] bridge_slave_1: left promiscuous mode
[  145.247027][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.254840][   T28] bridge_slave_0: left allmulticast mode
[  145.260613][   T28] bridge_slave_0: left promiscuous mode
[  145.266207][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.356111][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  145.367612][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  145.378665][   T28] bond0 (unregistering): Released all slaves
[  145.486325][   T28] hsr_slave_0: left promiscuous mode
[  145.492353][   T28] hsr_slave_1: left promiscuous mode
[  145.498345][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  145.506176][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  145.513713][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  145.521333][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  145.530713][   T28] veth1_macvtap: left promiscuous mode
[  145.536297][   T28] veth0_macvtap: left promiscuous mode
[  145.542762][   T28] veth1_vlan: left promiscuous mode
[  145.548134][   T28] veth0_vlan: left promiscuous mode
[  145.628623][   T28] team0 (unregistering): Port device team_slave_1 removed
[  145.638987][   T28] team0 (unregistering): Port device team_slave_0 removed