last executing test programs:

10.125903693s ago: executing program 4 (id=2837):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f00000001c0)={[{@dioread_lock}]}, 0x1, 0x54e, &(0x7f00000010c0)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000000c0)="2c385a4706", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000019c0)={0x0, 0x0, &(0x7f00000018c0)=[{&(0x7f0000000340)="269afae1e3b0b9152d54659b3673", 0xe}], 0x1}, 0x0)
recvmmsg$unix(r1, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000a40)=""/143, 0x8f}], 0x1}}], 0x1, 0x0, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'vlan1\x00', @ifru_map={0x4}})
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xce)
getsockname$ax25(r3, &(0x7f0000000200)={{0x3, @null}, [@default, @rose, @rose, @remote, @rose, @rose, @remote, @bcast]}, &(0x7f0000000280)=0x48)
ioctl$sock_netdev_private(r2, 0x89f1, &(0x7f0000000000))
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ax25_SIOCDELRT(r3, 0x890c, &(0x7f0000000680)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_buf(r5, 0x29, 0x2c, 0x0, 0x108)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, 0x0, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}, {&(0x7f0000000100)="614ccc3050795e2c61aa3d0f785d637589c37fa9606b0a5d89e856b944b89b99a1d6934ade6b4f97324ef9058599739a5a973bcab4e4d84aea873a204fdc9e6a93c501518498d91ce5be24df6ec660082f007028e23e7315a5fd95eaa57a935eef3ed03aaba55929ae236bc9530c", 0x6e}], 0x2}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES32=r4, @ANYRESHEX=r1, @ANYRES16=r2], 0x22)

8.288418285s ago: executing program 4 (id=2842):
r0 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r0, 0x1, 0x0, 0x0, {0x8}, [@L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_SESSION_ID={0x8}]}, 0x24}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a00)={0x3c, r3, 0x431, 0x0, 0x0, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_RX={0x5, 0x2, 0xff}]}, 0x3c}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(0xffffffffffffffff, 0x4008ae73, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000001b00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
pipe(&(0x7f0000000100)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
splice(r8, 0x0, r11, 0x0, 0x8ec0, 0x0)
dup3(r9, r10, 0x0)
fcntl$setpipe(r11, 0x407, 0x100000)
r12 = dup2(r10, r11)
write$FUSE_CREATE_OPEN(r12, &(0x7f0000002600)={0xa0}, 0xa0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)

7.277123544s ago: executing program 0 (id=2847):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="020023031000070060000000020000"])
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x41045508, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0x8008551d, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x9, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000030000000000000000000000b7080000000000007b8af8ff00000000b70800005f0100007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="00000000000000009505000008113d5a35897eef7138fed67d54000000000085802200a50000552e101327f39e1e00945a3b25f2036fedc1912bfefd9c93532b35"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x55, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)

7.012487377s ago: executing program 1 (id=2848):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xa02, 0x0)
r0 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

7.008867905s ago: executing program 4 (id=2849):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@desc={0x1, 0x0, @desc3}, 0x21, 0x0, '\x00', @c})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cpuacct.usage_all\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000001c0)=ANY=[], 0x118)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000100)=@v1={0x0, @aes256, 0x0, @desc3})

6.721243218s ago: executing program 2 (id=2850):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c40)={{0x1, <r0=>0xffffffffffffffff}, &(0x7f0000000bc0), &(0x7f0000000c00)='%ps    \x00'}, 0x20)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x2}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e00)=@bpf_lsm={0x1d, 0x12, &(0x7f0000000400)=@raw=[@btf_id={0x18, 0x0, 0x3, 0x0, 0x4}, @alu={0x7, 0x1, 0xa, 0x9, 0x5, 0xffffffffffffffc0, 0xfffffffffffffff0}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @map_val={0x18, 0x3, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, @ldst={0x0, 0x1, 0x7, 0x6, 0xb, 0xffffffffffffffc0}], &(0x7f00000004c0)='syzkaller\x00', 0x16, 0xe1, &(0x7f0000000500)=""/225, 0x41100, 0x26, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x9, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000d00)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1], &(0x7f0000000d40)=[{0x2, 0x5, 0xc, 0xa}, {0x2, 0x2, 0x5, 0x7}, {0x3, 0x4, 0x5}, {0x5, 0x4, 0x8}, {0x1, 0x4, 0x5, 0x5}, {0x0, 0x4, 0x7, 0x4}, {0x0, 0x2, 0x0, 0xa}, {0x2, 0x3, 0x3, 0x5}, {0x4, 0x1, 0x3, 0x1}, {0x1, 0x0, 0x7, 0xc}], 0x10, 0x100}, 0x90)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000040400000000000000000000010500000008000000000000000000000300000000020000000200000000000000000000000000000d"], 0x0, 0x5a}, 0x20)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r4 = openat$cgroup_devices(r3, 0x0, 0x2, 0x0)
write$cgroup_devices(r4, &(0x7f00000000c0)={'b', ' *:* ', 'rwm\x00'}, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000680)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000200)={r6})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000180)={<r7=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000240)={r7, 0x0, r5})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000280)={r7})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

6.675087044s ago: executing program 0 (id=2851):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000100)='./file2\x00', 0x5e, &(0x7f00000001c0)={[{@jqfmt_vfsold}, {@nodiscard}, {@barrier_val}]}, 0x1, 0x48b, &(0x7f0000000b80)="$eJzs3M9vFFUcAPDvbLcgv+yK+IMfShWNRGNLCyoHD2I08aCJiR7wWNtCkIUaWhMhRIsHPBoS78ajiX+BJ70Y9WTiVe+GhBguoKcxszvTbre7m3ZZupT9fJKh782PvPfdmTf75j1mAxhYo9k/ScTOiPgzIkbq2ZU7jNb/3L55efrfm5enk0jT9/5Javvdunl5uti1OG5HkVms5/e3KHf+4qWzU9Xq7IU8P75w7uPx+YuXXjxzbur07OnZ85PHjx87OvHKy5Mvta98svY4szrd2vfZ3IG9b31w7Z3pk9c+/PX7pIi/KY4eGW2xbqhIPNvjwvptV0M6KeeJoT5VhjXLTlF2uoZr7X8khqK8tG0k3vyir5UD7qo0TdOt7TYmsZgC97Ek+l0DoD+Kr/rs+bdYNqzzcQ+4caL+AJTFfTtf6lvKUcr3GW56vu2l7Gnr5OJ/32RL3J1xCACAFX48Uf+7uv9Xikcb9nstnxuqRMRDEbE7Ih6OiD0R8UhEbd/HIuLx5UPStUzPNE+SrO7/lK53GdqaZP2/V/O5rZX9v6L3F5WhPLerFv9wcupMdfZIRDwYEYdjeGuWn+hQxk9v/PFVu22jEWnR/8uWrPyiL5jXo9R8zMzUwlT3Ea9040rEvnKr+JOlmYDsPO6NiH0HuyvjzPPfHWi3bbSh/9s6/g7K3dWnUfptxHP1878YTfEXks7zk+MPRHX2yHhxVaz22+9X321X/h3F3wPZ+d/e8vpfir+SNM7XztfWrbomO7n615ctn2mGO8S/XEDperlpgDq7/rck79fSW5L6NPOnUwsLFyay/Nv19bU7Vr5+cvnYIl/sn8V/+FDr9r87lj+J/RGRXcRPRMSTEXEwr/tTEfF0RBzqEP8vrz/zUbtt98L5n1nX+V9/Yujszz+sKLTSIf4kmu9/18tbj9VSh/M1a7n/ta/O8phHFla3nxsAAABsJqWI2BlJaWwpXSqNjdX/v/ye2F6qzs0vvHBq7pPzM/V3BCoxXCpGukYaxkMn8hGDIj+ZP+YX+aP5uPHXQ9tq+bHpuepMv4OHAbejTfvP/O39Dbj/9WAeDdikum3/aZp+3uOqABvM9z8MLu0fBleL9r+tKd/2NwKAza3V978HexgM+v8wuLR/GFzaPwyu9bX/xp8NAzaxO3mvP09c6fCy/doS2f3njqvRbSIpR6zzqDTtT1WrW/pRaJtElDaqrKhEbHiAUbkXPudK/0rv950JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgN/4PAAD//9Zd5NM=")
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

6.624376185s ago: executing program 1 (id=2852):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f00000001c0)={[{@dioread_lock}]}, 0x1, 0x54e, &(0x7f00000010c0)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000000c0)="2c385a4706", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000019c0)={0x0, 0x0, &(0x7f00000018c0)=[{&(0x7f0000000340)="269afae1e3b0b9152d54659b3673", 0xe}], 0x1}, 0x0)
recvmmsg$unix(r1, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000a40)=""/143, 0x8f}], 0x1}}], 0x1, 0x0, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'vlan1\x00', @ifru_map={0x4}})
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xce)
getsockname$ax25(r3, &(0x7f0000000200)={{0x3, @null}, [@default, @rose, @rose, @remote, @rose, @rose, @remote, @bcast]}, &(0x7f0000000280)=0x48)
ioctl$sock_netdev_private(r2, 0x89f1, &(0x7f0000000000))
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ax25_SIOCDELRT(r3, 0x890c, &(0x7f0000000680)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_buf(r5, 0x29, 0x2c, 0x0, 0x108)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, 0x0, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}, {&(0x7f0000000100)="614ccc3050795e2c61aa3d0f785d637589c37fa9606b0a5d89e856b944b89b99a1d6934ade6b4f97324ef9058599739a5a973bcab4e4d84aea873a204fdc9e6a93c501518498d91ce5be24df6ec660082f007028e23e7315a5fd95eaa57a935eef3ed03aaba55929ae236bc9530c", 0x6e}], 0x2}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES32=r4, @ANYRESHEX=r1, @ANYRES16=r2], 0x22)

6.020711223s ago: executing program 4 (id=2855):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x9, &(0x7f0000000500)={&(0x7f0000000580)=@updpolicy={0xc4, 0x19, 0x501, 0x0, 0x0, {{@in6=@private0, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@offload={0xc, 0x1c, {0x0, 0x4}}]}, 0xc4}}, 0x0) (fail_nth: 6)

5.601039759s ago: executing program 3 (id=2856):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="98000000180001"], 0x98}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r3, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc00080005000a000000140004"], 0x58}}, 0x0)

5.098685489s ago: executing program 0 (id=2857):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c40)={{0x1, <r0=>0xffffffffffffffff}, &(0x7f0000000bc0), &(0x7f0000000c00)='%ps    \x00'}, 0x20)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x2}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e00)=@bpf_lsm={0x1d, 0x12, &(0x7f0000000400)=@raw=[@btf_id={0x18, 0x0, 0x3, 0x0, 0x4}, @alu={0x7, 0x1, 0xa, 0x9, 0x5, 0xffffffffffffffc0, 0xfffffffffffffff0}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @map_val={0x18, 0x3, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, @ldst={0x0, 0x1, 0x7, 0x6, 0xb, 0xffffffffffffffc0}], &(0x7f00000004c0)='syzkaller\x00', 0x16, 0xe1, &(0x7f0000000500)=""/225, 0x41100, 0x26, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x9, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000d00)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1], &(0x7f0000000d40)=[{0x2, 0x5, 0xc, 0xa}, {0x2, 0x2, 0x5, 0x7}, {0x3, 0x4, 0x5}, {0x5, 0x4, 0x8}, {0x1, 0x4, 0x5, 0x5}, {0x0, 0x4, 0x7, 0x4}, {0x0, 0x2, 0x0, 0xa}, {0x2, 0x3, 0x3, 0x5}, {0x4, 0x1, 0x3, 0x1}, {0x1, 0x2, 0x7, 0xc}], 0x10, 0x100}, 0x90)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000040400000000000000000000010500000008000000000000000000000300000000020000000200000000000000000000000000000d"], 0x0, 0x5a}, 0x20)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r4 = openat$cgroup_devices(r3, 0x0, 0x2, 0x0)
write$cgroup_devices(r4, &(0x7f00000000c0)={'b', ' *:* ', 'rwm\x00'}, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000680)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000200)={r6})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000180)={<r7=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000240)={r7, 0x0, r5})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000280)={r7})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

4.998780633s ago: executing program 2 (id=2858):
socket$netlink(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18}, '\x00'})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)

4.981071784s ago: executing program 3 (id=2859):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001fc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
userfaultfd(0x1)

4.37376881s ago: executing program 1 (id=2860):
unshare(0x2040400)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
setsockopt$packet_int(r0, 0x107, 0x7, &(0x7f00000000c0)=0x1, 0x4)

3.855881196s ago: executing program 3 (id=2861):
socket(0x0, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891"], &(0x7f0000000380)='GPL\x00'}, 0x90)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, r0, 0x1}, 0x14}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000001640)=""/139, &(0x7f0000000100)=0x8)

3.855589271s ago: executing program 4 (id=2862):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
sendmmsg(r1, &(0x7f00000057c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000004c0)='k', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000140), 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="14000000"], 0x14}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$SIOCPNADDRESOURCE(r2, 0x89e0, &(0x7f0000000040))
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
socket(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000006, &(0x7f0000000680)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@lazytime}, {@noinit_itable}, {@orlov}, {@noload}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@user_xattr}, {@quota}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00')
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1080c, &(0x7f0000000180)=ANY=[], 0x3, 0xa53, &(0x7f0000000bc0)="$eJzs3U2MW0cdAPBn73rzWeKUhIa0tAmFtgK62+yG8BFBUzUXoqbiVqniEqVpiUgDIpWgVQ5JTtxoFYUb4kOceqkAIdELinriUolG4tJT4cCBKEiROEBLYhTvjNf+x+6zk9196/XvJ43H783YM8/7/PZ53puZAphY9fZjo/146e2Lh//5yD823Xr+ZCdHs/043bV0K3ctLU+H9/tgajG+cf3s8X5xrZhvP+bl4tlrndduKYriXLGnuFw0i92Xrrzx7vwzR88fubD3vTcPXl2JbQcAgEnz7csH9+/821/u3/7hWw8eKjZ01ufz82Za3prO+w+lE/98/l8vepdrXaHbTMg3nUI95Jvqk6+7nEbOt7H3dbH8mfC+jQH5NpSUP9W1rt92wzjL+3GzqNVne5br9dnZxd/kRft3/Uxt9vTJUy+eqaiiwLL790NFUewRhEkLrW2dL0HldakudH0KAJWK1wtvcy62LNydzrtND1f+tafq/V8Py2C193/lx/fvrcdql1+2/b8574jD8hl+b9q4ovVYbnm78vdoa1qO1xHi/UujHn/y+02F92sMWc9B1xHG5frCoHpOrXI97tSg+sf9Yr36Rorz5/DNkN79/Yl/03H5GwP9/WfNtf9vWqpc5XUZKWwc03oLExxa1Rx2gDEQ75trJTk93tcX0zeUpG8sSd9Ukr65JH1LSTpMst+/8tPi9drS7/z4m/7G9bPtL8uw7WG5ne2eFH9ixPrE9shR2+Pifb+jutvy4/3EsJb98dhzJ776wvNXFu//r3X2/5tpf9+Tlpvpu3U5ZcjthbFdvXPvf7O3nPqAfPeG+tzTJ3/7+Y7efLUdS+9TdB1nbqvHrt7XbRuU74HefM2Qb1MK8SpIPD/ZHF6Xzz/ycTV/XtNhexthO2ZCPfJxZXuKx+tqDGtV3h8H3f+f989dRaP24slTJ55Iy3k//fNUY8Ot9ftWud7A3Ru2/8+uorf/z9bO+ka9+7iwbWl9rfu40Azr5wesX0jL+f/cd6c2tdfPHv/+qReWe+Nhwp159bXvHTt16sQPPfHEE086T6o+MgErbe6Vl38wd+bV1x4/+fKxl068dOL0woEDC/PzB762sH+ufV4/1312D6wnS//0q64JAAAAAAAAAAAAMKwfHTl85a/vfOX9xf7/S/3/cv//fOdv7v//k9D/P/aTz/3gcz/A7X3S23nCAKszIV8jhU+G+u4I5ewMr/tUijvz+KX+/7m4OK5rrs99YX0cvzfnC8MJ3DZeykwYgyTOF/jZFF9I8a8LqFDt5/1Xp7hsfOu8r+fxKYxLMZ7y3y2PZ5LHMcn9vweN65SP/9tXoY4sv9XoTlj1NgL9/WvNjf+93kPXL4bK6yKstXCj1WqtZnmtllk8gLWh6vk/c7tnjk//6Vsbb4Wc7dpTvcfLOH4p3I2q57+srPzcsDip2z9k+cs9/2dn/ruhj39hxrzmnZX7319cfb+r2GL3sOXH7c/jQO8YrfwPU/l5ax4thiu/9atQfrwgNKSPQvmbhyw/bv/FUQtOBf4vlZ8/tsceHrb8xTeo1XvrEduN8/W/2G6c3Qjbn8f2HPnvf4cTNd5M5cMkG5d5Zkc1LvP/DhLvw/hyWs4HwnyfQ5zvZNT65/sr8v+BneH9ayX/38z/O96+nuKy70Oe/zfvj80+y/Wu5Uafz3a9HmtgXH3g+p8w5qF9RrMG6jGOodVqrWyDVolKC6fyz7/q3wlVl1/1518mzv8bz+Hj/L8xPc7/G9Pj/L8xvd2u+NHSpL0xPc7/Gz/POP9vTL8vlBvnB95Vkv7pkvTdJen3l6Q/UJL+mZL0vSXpD5akP1SSfm9J+sMl6Z8rSf98SfojJemPfXz6wo9LXr/e5f4ok7r9MMli/zzff5gc+frPoO//jpJ0YHz97K19Tz//u+80F/v/z3TaQ/J1vENpuZF+O8ffS7H9ZCqlvZOW/x7S13p7B0ySOH5G/P/+aEk6ML7yfV6+3zCBav1H7Bl23KpB5/mMly+k+Isp/lKKH0/xbIrnUrwvxfOrVD9WxtO//cPB12tLv/e3hfRh7yeP/YHiOFELQ9Yntg+Mej97HMdvVHdb/h12BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKhMvf24f/+uWlFcevvi4eeOnpy7tebJTo5m+3G6a6nReV1RPJHiqRT/Mj25cf3s8e74ZoprxXxRK2qd9cWz1zolbSmK4lyxp7hcNIvdl6688e78M0fPH7mw9703D15duU8AAAAA1r//BwAA///3txjh")
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r3, 0x40086e81, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2401})
open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000116608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x1217880, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
accept$unix(r3, &(0x7f0000000240)=@abs, &(0x7f00000001c0)=0x6e)

3.793109405s ago: executing program 2 (id=2863):
socket$netlink(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18}, '\x00'})
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={0x40, 0x0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x14, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x2}, @ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}]}]}, 0x40}}, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)

2.922786779s ago: executing program 0 (id=2864):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f})

2.915661956s ago: executing program 3 (id=2865):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@desc={0x1, 0x0, @desc3}, 0x21, 0x0, '\x00', @c})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cpuacct.usage_all\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000001c0)=ANY=[], 0x118)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000100)=@v1={0x0, @aes256, 0x0, @desc3})

2.812403289s ago: executing program 1 (id=2866):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xa4) (async)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010100000000000000000000000038000380060007004e200000080003000000000014000200766564000000080001000000000008000500"/70], 0x4c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006ec0)={0x0, 0x0, &(0x7f0000006e80)={&(0x7f00000010c0)=@newtaction={0x88c, 0x30, 0x1, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0xfffffffc, 0x0, 0x0, 0x0, 0x0, {0x8, 0x0, 0x0, 0x0, 0x0, 0x7}}}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88c}}, 0x0)

2.74239861s ago: executing program 2 (id=2867):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0xb00, &(0x7f0000000080)={&(0x7f0000002240)=@ipv6_newroute={0x30, 0x18, 0x1, 0x0, 0x0, {}, [@RTA_GATEWAY={0x14, 0x5, @loopback={0xff00000000000000}}]}, 0x30}}, 0x0)

2.582705326s ago: executing program 0 (id=2868):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c40)={{0x1, <r0=>0xffffffffffffffff}, &(0x7f0000000bc0), &(0x7f0000000c00)='%ps    \x00'}, 0x20)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x2}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e00)=@bpf_lsm={0x1d, 0x12, &(0x7f0000000400)=@raw=[@btf_id={0x18, 0x0, 0x3, 0x0, 0x4}, @alu={0x7, 0x1, 0xa, 0x9, 0x5, 0xffffffffffffffc0, 0xfffffffffffffff0}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @map_val={0x18, 0x3, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, @ldst={0x0, 0x1, 0x7, 0x6, 0xb, 0xffffffffffffffc0}], &(0x7f00000004c0)='syzkaller\x00', 0x16, 0xe1, &(0x7f0000000500)=""/225, 0x41100, 0x26, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x9, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000d00)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1], &(0x7f0000000d40)=[{0x2, 0x5, 0xc, 0xa}, {0x2, 0x2, 0x5, 0x7}, {0x3, 0x4, 0x5}, {0x5, 0x4, 0x8}, {0x1, 0x4, 0x5, 0x5}, {0x0, 0x4, 0x7, 0x4}, {0x0, 0x2, 0x0, 0xa}, {0x2, 0x3, 0x3, 0x5}, {0x4, 0x1, 0x3, 0x1}, {0x1, 0x0, 0x7, 0xc}], 0x10, 0x100}, 0x90)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000040400000000000000000000010500000008000000000000000000000300000000020000000200000000000000000000000000000d"], 0x0, 0x5a}, 0x20)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r4 = openat$cgroup_devices(r3, 0x0, 0x2, 0x0)
write$cgroup_devices(r4, &(0x7f00000000c0)={'b', ' *:* ', 'rwm\x00'}, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000680)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000200)={r6})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000180)={<r7=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000240)={r7, 0x0, r5})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000280)={r7})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

2.336063195s ago: executing program 1 (id=2869):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
r2 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="98000000180001"], 0x98}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090d0000000000f0ff000700000008000300", @ANYRES32=r3, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc00080005000a000000140004"], 0x58}}, 0x0)

2.192723123s ago: executing program 2 (id=2870):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f00000001c0)={[{@dioread_lock}]}, 0x1, 0x54e, &(0x7f00000010c0)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000000c0)="2c385a4706", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000019c0)={0x0, 0x0, &(0x7f00000018c0)=[{&(0x7f0000000340)="269afae1e3b0b9152d54659b3673", 0xe}], 0x1}, 0x0)
recvmmsg$unix(r1, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000a40)=""/143, 0x8f}], 0x1}}], 0x1, 0x0, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'vlan1\x00', @ifru_map={0x4}})
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xce)
getsockname$ax25(r3, &(0x7f0000000200)={{0x3, @null}, [@default, @rose, @rose, @remote, @rose, @rose, @remote, @bcast]}, &(0x7f0000000280)=0x48)
ioctl$sock_netdev_private(r2, 0x89f1, &(0x7f0000000000))
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ax25_SIOCDELRT(r3, 0x890c, &(0x7f0000000680)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_buf(r5, 0x29, 0x2c, 0x0, 0x108)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, 0x0, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}, {&(0x7f0000000100)="614ccc3050795e2c61aa3d0f785d637589c37fa9606b0a5d89e856b944b89b99a1d6934ade6b4f97324ef9058599739a5a973bcab4e4d84aea873a204fdc9e6a93c501518498d91ce5be24df6ec660082f007028e23e7315a5fd95eaa57a935eef3ed03aaba55929ae236bc9530c", 0x6e}], 0x2}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYRES32=r4, @ANYRESHEX=r1, @ANYRES16=r2], 0x22)

2.100861171s ago: executing program 3 (id=2871):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x400)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000002, 0x8012, r0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000240)='./file2\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='force,nls=macgreek,barrier,part=0x0000000000000004,umask=00000000000000000000006,umask=00000000000000000000011,uid=', @ANYRESHEX=0x0, @ANYRES16=0x0, @ANYRESHEX=0x0, @ANYBLOB="2c4c222716f9e8836aca8645205e92"], 0x2, 0x6da, &(0x7f0000000580)="$eJzs3UtoHOcdAPD/rFarXRUcOfEjLYEsMaSlorZkobTqpW4pRYdQQnroebHlWHgtB0kpsimN0se9h5x6Sg+6hR5Keje054ZAyVXHQCGXnHRTmdmZ1Ur7lKzHJv39xMx8M99z/rMzsw/EBPB/a3k2ys8iieXZN7fS9d2dhebEzsJUnt2MiEpElCLKrUUka5Hl3smn+Ha6MS+f9Ovnw9Wltz//aveL1lo5n7LypUH1eqh0b9rOp6hHxES+7DbZp8VPjnZ/qL27fdsbVdLewzRgN4rAxV+eq1V4bvtdttt5H/8nmw+qfpzzFhhTSeu+2WUmYjoiqhGtu35+dSid7+hO3/ZFDwAAAACOq3b8Ki/sxV5sxaWzGA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8U+XP/0/yqVSk65EUz/+v5NsiT4+h4Q9C/GyqtXx29oMBAAAAAAAAgDP36l7sxVZcKtb3k+w3/9c6fuP/VrwXG7ES63EztqIRm7EZ6zEfETMdDVW2Gpub6/NZzYgrA2rejk971Lzdf4x3TnmfAQAAAAAAAGDMVYfkP5zs3vb7WD74/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZBEjHRWmTTlSI9E6VyRFQjopKW2474tEh/TSS9Nj47/3EAAADAc6keXk2qI9R54f3Yi624VKzvJ9ln/mvZ5+VqvBdrsRmrsRnNWIl7+Wfo9FN/aXdnobm7s/Aonbrb/emXxxp61mK0vnvo3fPLWYla3I/VbMvNuBtJ7GdKeSsv7+4spMtHvcf1QTqm5Ce5AaOZ6EjfS2fXP8nSfz78LUL5WLt4QqW+OTNZ7mQ7InP52NIal4sI9I7E0KNTHtjTfJTa3/xcGdxT75h/MLj36SOlen5zcyGORuJ2lNpH6NrgSER89x8f//pBc+3hg/sbs+OzSz29P7TE0UgsdETi+jcoEsPNZZG42l5fjl/Er2I2vpx6K9ZjNX4TjdiMlXqR38hfz+l8ZnCkPpvuXHtr2EjSc7Levn71GlM9Do0p6vHzLNWI17JjeilWI4nHEbESb2R/t2O+fTU4OMJXRzjrSyNcaTvc+F62aIcpav3L/m20Jk9LGtfLHXHtvObOZHmdWw6i9GLPKBX3utHvRx3K38kTaQt/GHh/OG9HIzHfEYmX+r1eWiH9634632iuPVx/0Hh3xP5ez5fpefSnsbpLpEf4xajmO3c5myfZOTWX5b3UvsMejlcl/8WlpdSVd7Vdr3Wm/jIex71DZ+oPYzEWYykrfS0rPdl1x0rzrrdbOnwNT/PSd1rl9g87ne+3Hkez9X4IgPE2/f3pSu2/tX/XPqr9sfag9mb1Z1M/mnqlEpP/mvxxeW7i9dIryd/jo/jdwed/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5DaePH3YaDZX1nsnSr2zksG1Gs394kFiA8ocSiT5o3JGKJxsPHm6P7TBwYmpfHgnrH6aieJpjcML189wGMn20eNVHX4siqc8jdBF0hXwtPKJx1z0fLBlcgwO5dFE/fQaLF6wHVnHf/XWeh2viYjoVXjIhWPiNK4+wEW6tfno3VsbT57+YPVR452Vd1bWJhcXl+aWFt9YuHV/tbky15p3VDiXh98C56Hz7URbJSJeHV53wINaAQAAAAAAAAAAgDN0Hv8LcdH7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHy9Lc9G+VkkMT93cy5d391ZaKZTkT4oWY6IUkQkv41I/hlxJ1pTzHQ0l/Tr58PVpbc//2r3i4O2ykX5UsR233qj2c6nqEfERL48rfbuDm+vcpCc6pGdtCOTBuxGETi4aP8LAAD//7co7JU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f00000001c0)=""/202, 0xff4)
sched_setscheduler(0x0, 0x0, 0x0)
syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.554360352s ago: executing program 1 (id=2872):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000140)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000640)=ANY=[@ANYRESOCT=r1], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5a}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10)
close(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@bloom_filter={0x1e, 0x2, 0xb6d, 0x9, 0x42, r2, 0xa99a, '\x00', 0x0, r3, 0x1, 0x5, 0x3, 0xf}, 0x48)
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000340)={{0xfffffffa, 0x3}, 0x100, './file0\x00'})
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r7, &(0x7f0000000100)={0x18, 0x0, {0x11ff, @dev, 'bond_slave_1\x00'}}, 0x1e)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff050005001200", 0x20}], 0x1}, 0x8002)
connect$pppoe(r7, &(0x7f0000000180)={0x18, 0x0, {0x0, @dev, 'macvlan1\x00'}}, 0x1e)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newqdisc={0x2c, 0x24, 0x4, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {0x2}, {0xd, 0x17}, {0xffed, 0xfff2}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0xa}]}, 0x2c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'pimreg\x00'})
socket(0x11, 0x800000003, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x0, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r4, &(0x7f00000001c0)={0x0, 0x700, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0xc, 0x4, 0x2, 0x0, 0x1}, 0x48)

781.419536ms ago: executing program 0 (id=2873):
socket$netlink(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18}, '\x00'})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)

748.10887ms ago: executing program 4 (id=2874):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c40)={{0x1, <r0=>0xffffffffffffffff}, &(0x7f0000000bc0), &(0x7f0000000c00)='%ps    \x00'}, 0x20)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x2}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e00)=@bpf_lsm={0x1d, 0x12, &(0x7f0000000400)=@raw=[@btf_id={0x18, 0x0, 0x3, 0x0, 0x4}, @alu={0x7, 0x1, 0xa, 0x9, 0x5, 0xffffffffffffffc0, 0xfffffffffffffff0}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @map_val={0x18, 0x3, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}, @ldst={0x0, 0x1, 0x7, 0x6, 0xb, 0xffffffffffffffc0}], &(0x7f00000004c0)='syzkaller\x00', 0x16, 0xe1, &(0x7f0000000500)=""/225, 0x41100, 0x26, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x9, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000d00)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1], &(0x7f0000000d40)=[{0x2, 0x5, 0xc, 0xa}, {0x2, 0x2, 0x5, 0x7}, {0x3, 0x4, 0x5}, {0x5, 0x4, 0x8}, {0x1, 0x4, 0x5, 0x5}, {0x0, 0x4, 0x7, 0x4}, {0x0, 0x2, 0x0, 0xa}, {0x2, 0x3, 0x3, 0x5}, {0x4, 0x1, 0x3, 0x1}, {0x1, 0x2, 0x7, 0xc}], 0x10, 0x100}, 0x90)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000040400000000000000000000010500000008000000000000000000000300000000020000000200000000000000000000000000000d"], 0x0, 0x5a}, 0x20)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r4 = openat$cgroup_devices(r3, 0x0, 0x2, 0x0)
write$cgroup_devices(r4, &(0x7f00000000c0)={'b', ' *:* ', 'rwm\x00'}, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000680)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000200)={r6})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000180)={<r7=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000240)={r7, 0x0, r5})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000280)={r7})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

410.033883ms ago: executing program 2 (id=2875):
syz_mount_image$minix(&(0x7f0000000040), &(0x7f0000000140)='./file1\x00', 0x42, &(0x7f0000000540)=ANY=[], 0xd, 0x1a4, &(0x7f0000000640)="$eJzs271u2lAUwPFj7GKgX7S0HapKRerQLsVAW6Ru7aNQcBGqaaKQBcRA8gJ5hrxfGKIsmULk648oBoNCAIP8/w3Y3HM/zgWudIRkAZBav6QsmmiScd98yBXPSlrSKQHYkql/vZkCSB/92ruWk04EwJZNfouq/S8uRy3Rs2FdENy58XEQz5gz9cPkROS94ce1nOSj9cW5yOdgvFaIDr9yWwph/GkknFXzf/kUrP9MnssLeSlFeSWvpeSv3w7Hv3to+TO7IQAAUkCTyrJ4TIcn6jUvf7uOXVU9I/58V73ceC12/qyK1xfG9Y/x+ZlqfKV14LQX7gPArMzK59+jh+d/PmPJ+QeQnP5g+K/pOPbRDtzk7uczNUU2uKi5C1ve3xtToi3GWmbOx4ZOZV7I/dGsc18j/2Bs9jMcR1vcajrJ79TwVtf9NPhfDEgB67h3aPUHw6/dXrNjd+z/9Wr1Z+PHt1qjbqnK3lpc3wPYX3dlQNKZAAAAAAAAAAAAAACAVb2Rt0mnAAAAAGBLlj4YJIbX8REPGCW9RwAAds5tAAAA//8YBw3V")
bind$packet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000080), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
ppoll(&(0x7f0000000040)=[{}], 0x1, &(0x7f00000000c0), &(0x7f0000000100), 0x8)

0s ago: executing program 3 (id=2876):
unshare(0x2040400)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
setsockopt$packet_int(r0, 0x107, 0x7, &(0x7f00000000c0)=0x1, 0x4)

kernel console output (not intermixed with test programs):

0 port 6081 - 0
[ 1564.750038][T15491] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2531'.
[ 1564.848134][T15413] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1564.855592][T15413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1564.885803][T15413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1564.933136][T15494] loop1: detected capacity change from 0 to 1024
[ 1564.964975][   T72] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1565.511142][T15413] hsr_slave_0: entered promiscuous mode
[ 1565.523550][T15413] hsr_slave_1: entered promiscuous mode
[ 1565.538187][T15413] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1565.548662][T15413] Cannot create hsr debugfs directory
[ 1565.724939][   T72] bridge_slave_1: left allmulticast mode
[ 1565.731214][   T72] bridge_slave_1: left promiscuous mode
[ 1565.737799][   T72] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1565.809873][   T72] bridge_slave_0: left allmulticast mode
[ 1565.816123][   T72] bridge_slave_0: left promiscuous mode
[ 1565.823047][   T72] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1566.582568][   T72] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1566.656491][   T72] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1566.686842][   T72] bond0 (unregistering): Released all slaves
[ 1566.716009][T15214] veth0_macvtap: entered promiscuous mode
[ 1566.855616][T15511] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2535'.
[ 1566.866508][T15514] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2536'.
[ 1566.895343][T15514] FAULT_INJECTION: forcing a failure.
[ 1566.895343][T15514] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1566.909104][T15514] CPU: 0 UID: 0 PID: 15514 Comm: syz.2.2536 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0
[ 1566.919885][T15514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1566.930209][T15514] Call Trace:
[ 1566.933698][T15514]  <TASK>
[ 1566.936850][T15514]  dump_stack_lvl+0x216/0x2d0
[ 1566.941908][T15514]  dump_stack+0x1e/0x30
[ 1566.946388][T15514]  should_fail_ex+0x74e/0x800
[ 1566.951426][T15514]  should_fail+0x2a/0x40
[ 1566.955976][T15514]  should_fail_usercopy+0x2e/0x40
[ 1566.961346][T15514]  _copy_to_user+0x33/0x110
[ 1566.966156][T15514]  simple_read_from_buffer+0x199/0x340
[ 1566.971969][T15514]  proc_fail_nth_read+0x1e8/0x2c0
[ 1566.977307][T15514]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1566.983156][T15514]  vfs_read+0x2a1/0xf60
[ 1566.987600][T15514]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1566.993224][T15514]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1566.999933][T15514]  ksys_read+0x20f/0x4c0
[ 1567.004503][T15514]  __x64_sys_read+0x93/0xe0
[ 1567.009362][T15514]  x64_sys_call+0x347b/0x3c10
[ 1567.014418][T15514]  do_syscall_64+0xcd/0x1e0
[ 1567.019269][T15514]  ? clear_bhb_loop+0x25/0x80
[ 1567.024274][T15514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1567.030525][T15514] RIP: 0033:0x7fb27b5749fc
[ 1567.035177][T15514] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[ 1567.055216][T15514] RSP: 002b:00007fb27c2b8040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1567.063941][T15514] RAX: ffffffffffffffda RBX: 00007fb27b705f60 RCX: 00007fb27b5749fc
[ 1567.072144][T15514] RDX: 000000000000000f RSI: 00007fb27c2b80b0 RDI: 0000000000000006
[ 1567.080349][T15514] RBP: 00007fb27c2b80a0 R08: 0000000000000000 R09: 0000000000000000
[ 1567.088567][T15514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1567.096869][T15514] R13: 000000000000000b R14: 00007fb27b705f60 R15: 00007fff6ced1638
[ 1567.105118][T15514]  </TASK>
[ 1567.424050][T15214] veth1_macvtap: entered promiscuous mode
[ 1567.585326][T15520] loop1: detected capacity change from 0 to 47
[ 1568.180469][   T72] hsr_slave_0: left promiscuous mode
[ 1568.208531][   T72] hsr_slave_1: left promiscuous mode
[ 1568.223136][   T72] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1568.231099][   T72] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1568.242088][   T72] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1568.249927][   T72] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1568.269576][   T72] veth1_macvtap: left promiscuous mode
[ 1568.275972][   T72] veth0_macvtap: left promiscuous mode
[ 1568.282029][   T72] veth1_vlan: left promiscuous mode
[ 1568.287624][   T72] veth0_vlan: left promiscuous mode
[ 1568.308193][T15523] No control pipe specified
[ 1568.561387][   T29] audit: type=1326 audit(1721950474.727:2430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15517 comm="syz.2.2538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1568.631604][   T29] audit: type=1326 audit(1721950474.777:2431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15517 comm="syz.2.2538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1568.901328][   T29] audit: type=1326 audit(1721950475.057:2432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15517 comm="syz.2.2538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1569.294277][   T72] team0 (unregistering): Port device team_slave_1 removed
[ 1569.349549][   T72] team0 (unregistering): Port device team_slave_0 removed
[ 1569.379575][    C0] eth0: bad gso: type: 1, size: 1408
[ 1570.317124][T15405] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1570.373069][T15214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1570.385264][T15214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1570.402864][T15214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1570.416264][T15214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1570.438610][T15214] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1570.476434][T15405] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1570.520500][T15535] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2544'.
[ 1570.558983][T15214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1570.570183][T15214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1570.580417][T15214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1570.591260][T15214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1570.609843][T15214] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1570.678291][T15405] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1570.805854][T15405] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1570.861966][T15214] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1570.871306][T15214] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1570.880348][T15214] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1570.889585][T15214] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1571.197882][T15413] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1571.280257][T15413] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1571.374640][T15413] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1571.429345][T15413] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1571.491142][   T29] audit: type=1326 audit(1721950477.637:2433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15542 comm="syz.2.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1571.514543][   T29] audit: type=1326 audit(1721950477.637:2434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15542 comm="syz.2.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1571.539912][   T29] audit: type=1326 audit(1721950477.637:2435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15542 comm="syz.2.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1571.563680][   T29] audit: type=1326 audit(1721950477.637:2436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15542 comm="syz.2.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1571.586996][   T29] audit: type=1326 audit(1721950477.637:2437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15542 comm="syz.2.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1571.610068][   T29] audit: type=1326 audit(1721950477.637:2438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15542 comm="syz.2.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1571.635576][   T29] audit: type=1326 audit(1721950477.637:2439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15542 comm="syz.2.2546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1572.604305][T15405] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1572.667757][T15550] loop1: detected capacity change from 0 to 47
[ 1572.729532][T15413] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1572.873277][T15405] 8021q: adding VLAN 0 to HW filter on device team0
[ 1572.939411][T15413] 8021q: adding VLAN 0 to HW filter on device team0
[ 1572.986901][ T5238] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1572.994805][ T5238] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1573.116419][ T5238] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1573.124322][ T5238] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1573.141104][ T5238] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1573.148884][ T5238] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1573.167743][ T5238] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1573.175581][ T5238] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1573.682656][T15405] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1573.693778][T15405] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1574.530183][   T29] kauditd_printk_skb: 4 callbacks suppressed
[ 1574.530270][   T29] audit: type=1326 audit(1721950480.647:2444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15558 comm="syz.2.2549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1574.561090][   T29] audit: type=1326 audit(1721950480.657:2445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15558 comm="syz.2.2549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1574.671616][   T29] audit: type=1326 audit(1721950480.817:2446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15558 comm="syz.2.2549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1575.059815][    C0] eth0: bad gso: type: 1, size: 1408
[ 1575.840889][T15580] loop1: detected capacity change from 0 to 47
[ 1576.200140][T15405] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1576.224806][T15413] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1576.757430][T15405] veth0_vlan: entered promiscuous mode
[ 1576.770049][T15585] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2553'.
[ 1576.825092][T15413] veth0_vlan: entered promiscuous mode
[ 1576.892067][T15405] veth1_vlan: entered promiscuous mode
[ 1576.955699][T15413] veth1_vlan: entered promiscuous mode
[ 1577.296744][T15405] veth0_macvtap: entered promiscuous mode
[ 1577.368824][T15405] veth1_macvtap: entered promiscuous mode
[ 1577.397050][T15413] veth0_macvtap: entered promiscuous mode
[ 1577.432000][T15413] veth1_macvtap: entered promiscuous mode
[ 1577.538845][T15405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1577.550083][T15405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.560334][T15405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1577.571314][T15405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.584317][T15405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1577.595142][T15405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.610504][T15405] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1577.684119][T15413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1577.695108][T15413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.709040][T15413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1577.721142][T15413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.731399][T15413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1577.742309][T15413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.752544][T15413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1577.763303][T15413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.778939][T15413] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1577.879791][T15405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1577.890815][T15405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.901040][T15405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1577.911810][T15405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.922076][T15405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1577.932808][T15405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1577.951575][T15405] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1577.982382][T15413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1577.993520][T15413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1578.003766][T15413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1578.014702][T15413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1578.027412][T15413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1578.038784][T15413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1578.049025][T15413] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1578.059873][T15413] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1578.075439][T15413] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1578.083339][   T29] audit: type=1326 audit(1721950484.127:2447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.2.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb27b56cf67 code=0x7fc00000
[ 1578.110393][   T29] audit: type=1326 audit(1721950484.127:2448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.2.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb27b511909 code=0x7fc00000
[ 1578.134311][   T29] audit: type=1326 audit(1721950484.127:2449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.2.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fb27b5119cf code=0x7fc00000
[ 1578.157436][   T29] audit: type=1326 audit(1721950484.127:2450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.2.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1578.182541][   T29] audit: type=1326 audit(1721950484.127:2451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.2.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1578.186923][T15405] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1578.207577][   T29] audit: type=1326 audit(1721950484.127:2452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.2.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1578.214343][T15405] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1578.214541][T15405] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1578.214752][T15405] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1578.264821][   T29] audit: type=1326 audit(1721950484.127:2453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.2.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1578.424852][T15413] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1578.435286][T15413] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1578.444532][T15413] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1578.454024][T15413] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1579.553157][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1579.563141][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1579.739192][T15611] loop1: detected capacity change from 0 to 47
[ 1580.021619][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1580.030036][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1580.306988][   T29] kauditd_printk_skb: 56 callbacks suppressed
[ 1580.307081][   T29] audit: type=1326 audit(1721950486.497:2510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15606 comm="syz.2.2558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1580.400081][   T29] audit: type=1326 audit(1721950486.537:2511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15606 comm="syz.2.2558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1580.423262][   T29] audit: type=1326 audit(1721950486.537:2512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15606 comm="syz.2.2558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1580.804929][    C0] eth0: bad gso: type: 1, size: 1408
[ 1580.949602][ T1244] ieee802154 phy0 wpan0: encryption failed: -22
[ 1580.956489][ T1244] ieee802154 phy1 wpan1: encryption failed: -22
[ 1581.403319][T15626] loop4: detected capacity change from 0 to 47
[ 1581.609927][T15628] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2562'.
[ 1582.019930][T15632] loop1: detected capacity change from 0 to 1024
[ 1582.794806][T15640] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2563'.
[ 1584.926008][T15646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2564'.
[ 1585.839169][T15650] loop4: detected capacity change from 0 to 2048
[ 1585.912578][T15650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1586.171907][   T29] audit: type=1800 audit(1721950492.307:2513): pid=15646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2564" name="bus" dev="loop4" ino=18 res=0 errno=0
[ 1586.195109][T15646] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1586.265980][T15646] EXT4-fs (loop4): Remounting filesystem read-only
[ 1586.730418][T15214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1587.608060][   T29] audit: type=1326 audit(1721950493.757:2514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15665 comm="syz.2.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1587.631876][   T29] audit: type=1326 audit(1721950493.767:2515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15665 comm="syz.2.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1587.882010][   T29] audit: type=1326 audit(1721950493.947:2516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15665 comm="syz.2.2567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1588.215438][T11450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1588.224713][T11450] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1588.235816][    C0] eth0: bad gso: type: 1, size: 1408
[ 1588.313422][T11450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1588.322185][T11450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1588.327409][T15679] loop4: detected capacity change from 0 to 47
[ 1588.587820][T15681] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2571'.
[ 1588.736937][   T72] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1588.746000][   T72] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1588.905620][ T3600] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1588.914199][ T3600] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1590.045859][T15693] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2573'.
[ 1591.655903][T15690] loop4: detected capacity change from 0 to 2048
[ 1591.824661][T15690] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1593.470484][T15706] loop0: detected capacity change from 0 to 128
[ 1593.524728][T15706] msdos: Unknown parameter '@'
[ 1594.110331][   T29] audit: type=1326 audit(1721950500.297:2517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15709 comm="syz.2.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1594.170239][   T29] audit: type=1326 audit(1721950500.327:2518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15709 comm="syz.2.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1594.451333][   T29] audit: type=1326 audit(1721950500.517:2519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15709 comm="syz.2.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1594.475577][   T29] audit: type=1326 audit(1721950500.517:2520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15709 comm="syz.2.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1594.498936][   T29] audit: type=1326 audit(1721950500.517:2521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15709 comm="syz.2.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1594.521960][   T29] audit: type=1326 audit(1721950500.517:2522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15709 comm="syz.2.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1594.545105][   T29] audit: type=1326 audit(1721950500.517:2523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15709 comm="syz.2.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1594.568909][   T29] audit: type=1326 audit(1721950500.517:2524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15709 comm="syz.2.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1594.592185][   T29] audit: type=1326 audit(1721950500.517:2525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15709 comm="syz.2.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1594.615279][   T29] audit: type=1326 audit(1721950500.517:2526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15709 comm="syz.2.2579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1595.263124][T15707] loop1: detected capacity change from 0 to 2048
[ 1595.338190][T15718] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2582'.
[ 1595.390589][T15721] loop0: detected capacity change from 0 to 47
[ 1595.766652][T15726] loop4: detected capacity change from 0 to 1024
[ 1595.839299][T15726] EXT4-fs (loop4): blocks per group (131072) and clusters per group (8192) inconsistent
[ 1596.152716][T15730] bond0: entered promiscuous mode
[ 1596.158059][T15730] bond_slave_0: entered promiscuous mode
[ 1596.165314][T15730] bond_slave_1: entered promiscuous mode
[ 1596.212660][T15732] loop4: detected capacity change from 0 to 128
[ 1596.316571][T15732] msdos: Bad value for 'gid'
[ 1596.321775][T15732] msdos: Bad value for 'gid'
[ 1596.442474][T15730] bad cache= option: none³kgû~AÉ“<ù´ORžO!Ýzºþººê[«v F^Å	eGdV\Ù“‰—¹vœK¶ËÝ‚„rcîÍöÇÅgÏK¥ù²êBqéVAU§¯|}ûþÓÕoÁO>O›¦lξØúYø¾ùÿ業_K¯\_]_ë�@m]n4{¹æèŠëW-ÕÇ5Çöuë¾ãȯÖkk-µë+S“kžãûj×[jHKƒ†æãªêjY–NMîÆy!¹?QÙ(—í⹃ÃóŠvVD&Ý•�ÁT
[ 1596.442474][T15730] 
[ 1596.468483][T15730] CIFS: VFS: bad cache= option: none³kgû~AÉ“<ù´ORžO!Ýzºþººê[«v F^Å	eGdV\Ù“‰—¹vœK¶ËÝ‚„rcîÍöÇÅgÏK¥ù²êBqéVAU§¯|}ûþÓÕoÁO>O›¦lξØúYø¾ùÿ業_K¯\_]_ë�@m]n4{¹æèŠëW-ÕÇ5Çöuë¾ãȯÖkk-µë+S“kžãûj×[jHKƒ†æãªêjY–NMîÆy!¹?QÙ(—í⹃ÃóŠvVD&Ý•�ÁT
[ 1596.835663][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1597.072688][T15741] loop0: detected capacity change from 0 to 1024
[ 1597.193276][T15741] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1597.209078][T15741] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1597.413838][T15752] netlink: 'syz.0.2589': attribute type 10 has an invalid length.
[ 1597.437470][ T8302] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[ 1597.557202][T15752] team0: Port device netdevsim3 added
[ 1597.645992][T15753] netlink: 'syz.0.2589': attribute type 10 has an invalid length.
[ 1597.671309][ T8302] usb 4-1: Using ep0 maxpacket: 16
[ 1597.702941][ T8302] usb 4-1: config 0 has an invalid interface number: 48 but max is 2
[ 1597.711807][ T8302] usb 4-1: config 0 has an invalid interface number: 129 but max is 2
[ 1597.720270][ T8302] usb 4-1: config 0 has no interface number 0
[ 1597.727005][ T8302] usb 4-1: config 0 has no interface number 2
[ 1597.740166][ T8302] usb 4-1: config 0 interface 129 altsetting 153 has an invalid descriptor for endpoint zero, skipping
[ 1597.753640][ T8302] usb 4-1: config 0 interface 129 altsetting 153 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1597.764072][ T8302] usb 4-1: config 0 interface 129 altsetting 153 has an invalid descriptor for endpoint zero, skipping
[ 1597.775557][ T8302] usb 4-1: config 0 interface 129 has no altsetting 0
[ 1597.791239][T14584] Bluetooth: hci6: ISO packet for unknown connection handle 0
[ 1597.903622][T15753] team0: Port device netdevsim3 removed
[ 1597.929006][T15753] bond0: (slave netdevsim3): Enslaving as an active interface with an up link
[ 1598.032936][ T8302] usb 4-1: New USB device found, idVendor=15ba, idProduct=0003, bcdDevice=b3.94
[ 1598.050491][ T8302] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1598.061809][ T8302] usb 4-1: Product: syz
[ 1598.066487][ T8302] usb 4-1: Manufacturer: syz
[ 1598.071678][ T8302] usb 4-1: SerialNumber: syz
[ 1598.128170][ T8302] usb 4-1: config 0 descriptor??
[ 1598.145973][ T8302] ftdi_sio 4-1:0.1: FTDI USB Serial Device converter detected
[ 1598.170096][ T8302] ftdi_sio ttyUSB0: unknown device type: 0xb394
[ 1598.311478][T15763] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2595'.
[ 1598.493088][T15405] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1598.578848][ T8302] usb 4-1: USB disconnect, device number 28
[ 1598.587115][ T8302] ftdi_sio 4-1:0.1: device disconnected
[ 1598.921053][T15772] loop0: detected capacity change from 0 to 47
[ 1598.984838][T15768] fuse: Unknown parameter 'f'
[ 1599.009512][T15773] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2599'.
[ 1600.143303][T15784] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2601'.
[ 1604.245195][T14584] Bluetooth: hci7: unexpected event 0x32 length: 17 > 9
[ 1604.657356][T15789] loop3: detected capacity change from 0 to 512
[ 1604.735570][T15796] loop0: detected capacity change from 0 to 1024
[ 1604.885774][T15789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1604.899145][T15789] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1604.975007][T15796] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1604.988727][T15796] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1605.102750][T15805] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2609'.
[ 1605.419555][T15810] netlink: 'syz.0.2606': attribute type 10 has an invalid length.
[ 1605.562909][T14584] Bluetooth: hci6: ISO packet for unknown connection handle 0
[ 1605.574614][T15413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1605.621484][T15810] bond0: (slave netdevsim3): Releasing backup interface
[ 1605.697699][T15810] team0: Port device netdevsim3 added
[ 1605.801564][T15812] netlink: 'syz.0.2606': attribute type 10 has an invalid length.
[ 1605.937023][T15812] team0: Port device netdevsim3 removed
[ 1605.957374][T15812] bond0: (slave netdevsim3): Enslaving as an active interface with an up link
[ 1606.421037][T15405] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1607.570144][T15833] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2615'.
[ 1608.016346][   T44] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1611.387390][T15839] FAULT_INJECTION: forcing a failure.
[ 1611.387390][T15839] name failslab, interval 1, probability 0, space 0, times 0
[ 1611.400616][T15839] CPU: 0 UID: 0 PID: 15839 Comm: syz.1.2616 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0
[ 1611.411421][T15839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1611.421727][T15839] Call Trace:
[ 1611.425201][T15839]  <TASK>
[ 1611.428320][T15839]  dump_stack_lvl+0x216/0x2d0
[ 1611.433349][T15839]  dump_stack+0x1e/0x30
[ 1611.437787][T15839]  should_fail_ex+0x74e/0x800
[ 1611.442769][T15839]  should_failslab+0x17f/0x210
[ 1611.447843][T15839]  __kmalloc_noprof+0x175/0xf30
[ 1611.453016][T15839]  ? tomoyo_encode+0x5f8/0xa40
[ 1611.458111][T15839]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1611.463664][T15839]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1611.469791][T15839]  tomoyo_encode+0x5f8/0xa40
[ 1611.474826][T15839]  tomoyo_realpath_from_path+0x9dd/0xaa0
[ 1611.480780][T15839]  tomoyo_path_number_perm+0x1d9/0x8f0
[ 1611.486553][T15839]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1611.492079][T15839]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1611.497591][T15839]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1611.503761][T15839]  tomoyo_file_ioctl+0x42/0x50
[ 1611.508792][T15839]  ? __pfx_tomoyo_file_ioctl+0x10/0x10
[ 1611.514530][T15839]  security_file_ioctl+0xa8/0x160
[ 1611.519870][T15839]  __se_sys_ioctl+0xd3/0x450
[ 1611.524733][T15839]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1611.530869][T15839]  __x64_sys_ioctl+0x96/0xe0
[ 1611.535733][T15839]  x64_sys_call+0x1a06/0x3c10
[ 1611.540740][T15839]  do_syscall_64+0xcd/0x1e0
[ 1611.545543][T15839]  ? clear_bhb_loop+0x25/0x80
[ 1611.550479][T15839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1611.556685][T15839] RIP: 0033:0x7ff19df75f19
[ 1611.561339][T15839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1611.581238][T15839] RSP: 002b:00007ff19ec5e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1611.589954][T15839] RAX: ffffffffffffffda RBX: 00007ff19e105f60 RCX: 00007ff19df75f19
[ 1611.598187][T15839] RDX: 0000000020001900 RSI: 000000000000541c RDI: 0000000000000009
[ 1611.606416][T15839] RBP: 00007ff19ec5e0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1611.614606][T15839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1611.622796][T15839] R13: 000000000000000b R14: 00007ff19e105f60 R15: 00007ffff3d93248
[ 1611.631026][T15839]  </TASK>
[ 1611.645605][T15839] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1612.466647][    C0] eth0: bad gso: type: 1, size: 1408
[ 1612.512002][T15856] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2622'.
[ 1612.543581][T15858] loop3: detected capacity change from 0 to 47
[ 1612.793871][T15865] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2626'.
[ 1613.044827][T15863] loop1: detected capacity change from 0 to 1024
[ 1613.211302][T15862] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2625'.
[ 1613.418506][T15863] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1613.432920][T15863] ext4 filesystem being mounted at /206/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1613.489873][   T29] kauditd_printk_skb: 58 callbacks suppressed
[ 1613.489952][   T29] audit: type=1326 audit(1721950519.667:2585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15868 comm="syz.3.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1613.521313][   T29] audit: type=1326 audit(1721950519.667:2586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15868 comm="syz.3.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1613.548567][   T29] audit: type=1326 audit(1721950519.667:2587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15868 comm="syz.3.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1613.572391][   T29] audit: type=1326 audit(1721950519.667:2588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15868 comm="syz.3.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1613.595373][   T29] audit: type=1326 audit(1721950519.667:2589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15868 comm="syz.3.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1613.619443][   T29] audit: type=1326 audit(1721950519.667:2590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15868 comm="syz.3.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1613.642895][   T29] audit: type=1326 audit(1721950519.667:2591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15868 comm="syz.3.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1613.665908][   T29] audit: type=1326 audit(1721950519.667:2592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15868 comm="syz.3.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1613.689495][   T29] audit: type=1326 audit(1721950519.667:2593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15868 comm="syz.3.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1613.713701][   T29] audit: type=1326 audit(1721950519.667:2594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15868 comm="syz.3.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1613.741610][T15878] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2631'.
[ 1614.404540][T15882] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2629'.
[ 1614.812331][ T5245] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[ 1615.532932][T15883] netlink: 'syz.1.2624': attribute type 10 has an invalid length.
[ 1616.982215][T15883] team0: Port device netdevsim3 added
[ 1617.730634][T15898] FAULT_INJECTION: forcing a failure.
[ 1617.730634][T15898] name failslab, interval 1, probability 0, space 0, times 0
[ 1617.746721][T15898] CPU: 0 UID: 0 PID: 15898 Comm: syz.2.2634 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0
[ 1617.757458][T15898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1617.767787][T15898] Call Trace:
[ 1617.771262][T15898]  <TASK>
[ 1617.774383][T15898]  dump_stack_lvl+0x216/0x2d0
[ 1617.779421][T15898]  dump_stack+0x1e/0x30
[ 1617.783932][T15898]  should_fail_ex+0x74e/0x800
[ 1617.788982][T15898]  should_failslab+0x17f/0x210
[ 1617.794110][T15898]  kmem_cache_alloc_node_noprof+0xeb/0xb80
[ 1617.800243][T15898]  ? __alloc_skb+0x1e9/0x7b0
[ 1617.805195][T15898]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1617.811338][T15898]  __alloc_skb+0x1e9/0x7b0
[ 1617.816066][T15898]  netlink_ack+0x281/0xe80
[ 1617.820744][T15898]  ? rtnetlink_rcv_msg+0x13f9/0x1410
[ 1617.826392][T15898]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1617.831900][T15898]  netlink_rcv_skb+0x510/0x650
[ 1617.836947][T15898]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1617.842686][T15898]  ? __pfx_rtnetlink_rcv+0x10/0x10
[ 1617.848094][T15898]  rtnetlink_rcv+0x34/0x40
[ 1617.852827][T15898]  netlink_unicast+0xf52/0x1260
[ 1617.858027][T15898]  netlink_sendmsg+0x10da/0x11e0
[ 1617.863260][T15898]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1617.868825][T15898]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1617.874383][T15898]  __sock_sendmsg+0x30f/0x380
[ 1617.879336][T15898]  ____sys_sendmsg+0x877/0xb60
[ 1617.884412][T15898]  ___sys_sendmsg+0x28d/0x3c0
[ 1617.889369][T15898]  ? __rcu_read_unlock+0x7b/0xe0
[ 1617.894672][T15898]  ? __fget_files+0x4fe/0x5d0
[ 1617.899648][T15898]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1617.905192][T15898]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1617.911330][T15898]  __x64_sys_sendmsg+0x307/0x4a0
[ 1617.916573][T15898]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1617.922720][T15898]  x64_sys_call+0x2dd6/0x3c10
[ 1617.927710][T15898]  do_syscall_64+0xcd/0x1e0
[ 1617.932545][T15898]  ? clear_bhb_loop+0x25/0x80
[ 1617.937472][T15898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1617.943692][T15898] RIP: 0033:0x7fb27b575f19
[ 1617.948361][T15898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1617.968363][T15898] RSP: 002b:00007fb27c2b8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1617.977077][T15898] RAX: ffffffffffffffda RBX: 00007fb27b705f60 RCX: 00007fb27b575f19
[ 1617.985301][T15898] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[ 1617.993525][T15898] RBP: 00007fb27c2b80a0 R08: 0000000000000000 R09: 0000000000000000
[ 1618.001757][T15898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1618.009998][T15898] R13: 000000000000000b R14: 00007fb27b705f60 R15: 00007fff6ced1638
[ 1618.018229][T15898]  </TASK>
[ 1618.083722][T15896] netlink: 830 bytes leftover after parsing attributes in process `syz.4.2633'.
[ 1618.083834][ T5245] usb 1-1: device not accepting address 27, error -71
[ 1618.352814][T12499] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1619.067240][   T29] kauditd_printk_skb: 53 callbacks suppressed
[ 1619.067321][   T29] audit: type=1326 audit(1721950525.247:2648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.0.2635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b3175f19 code=0x7fc00000
[ 1619.191898][   T29] audit: type=1326 audit(1721950525.287:2649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.0.2635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f96b3175f19 code=0x7fc00000
[ 1619.389988][   T29] audit: type=1326 audit(1721950525.447:2650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.0.2635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b3175f19 code=0x7fc00000
[ 1619.413352][   T29] audit: type=1326 audit(1721950525.447:2651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.0.2635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f96b3175f19 code=0x7fc00000
[ 1619.436418][   T29] audit: type=1326 audit(1721950525.447:2652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.0.2635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b3175f19 code=0x7fc00000
[ 1619.465702][   T29] audit: type=1326 audit(1721950525.447:2653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.0.2635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b3175f19 code=0x7fc00000
[ 1619.490951][   T29] audit: type=1326 audit(1721950525.447:2654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.0.2635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b3175f19 code=0x7fc00000
[ 1619.514033][   T29] audit: type=1326 audit(1721950525.457:2655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.0.2635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b3175f19 code=0x7fc00000
[ 1619.552166][   T29] audit: type=1326 audit(1721950525.457:2656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.0.2635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b3175f19 code=0x7fc00000
[ 1619.577290][   T29] audit: type=1326 audit(1721950525.457:2657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.0.2635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96b3175f19 code=0x7fc00000
[ 1620.067691][T15911] loop4: detected capacity change from 0 to 1024
[ 1620.141416][T15911] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1620.243392][T15911] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1620.250447][T15911] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1620.284551][T15911] EXT4-fs (loop4): changing journal_checksum during remount not supported; ignoring
[ 1620.295334][T15911] EXT4-fs (loop4): can't enable nombcache during remount
[ 1621.950306][T15921] loop0: detected capacity change from 0 to 40427
[ 1622.017812][T15921] F2FS-fs (loop0): invalid crc value
[ 1622.035652][T15922] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2640'.
[ 1622.125718][T15913] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2637'.
[ 1622.136648][T15921] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1622.465365][T15921] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[ 1622.796558][T15214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1622.893242][T15405] syz-executor: attempt to access beyond end of device
[ 1622.893242][T15405] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1622.907758][T15405] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 1623.878827][T15939] loop3: detected capacity change from 0 to 1024
[ 1624.008861][T15939] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1624.022126][T15939] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1624.492481][T15944] netlink: 'syz.3.2647': attribute type 10 has an invalid length.
[ 1624.626268][T14584] Bluetooth: hci7: ISO packet for unknown connection handle 0
[ 1624.780121][T15944] team0: Port device netdevsim3 added
[ 1625.034079][T15954] loop4: detected capacity change from 0 to 47
[ 1625.178810][T15949] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2649'.
[ 1625.202681][T15413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1626.728072][T15966] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2645'.
[ 1626.768038][   T29] kauditd_printk_skb: 69 callbacks suppressed
[ 1626.768122][   T29] audit: type=1326 audit(1721950532.957:2727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15959 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1627.604868][   T29] audit: type=1326 audit(1721950533.117:2728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15959 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f276ab75f19 code=0x7fc00000
[ 1627.787806][T15968] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2652'.
[ 1629.965809][ T5238] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[ 1632.112372][T15981] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2656'.
[ 1632.772838][T15989] loop3: detected capacity change from 0 to 1024
[ 1632.896478][T15989] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1633.020448][   T29] audit: type=1326 audit(1721950539.107:2729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15985 comm="syz.2.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1633.044011][   T29] audit: type=1326 audit(1721950539.107:2730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15985 comm="syz.2.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1633.067825][   T29] audit: type=1326 audit(1721950539.107:2731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15985 comm="syz.2.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1633.091843][   T29] audit: type=1326 audit(1721950539.127:2732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15985 comm="syz.2.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1633.115295][   T29] audit: type=1326 audit(1721950539.127:2733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15985 comm="syz.2.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1633.138629][   T29] audit: type=1326 audit(1721950539.127:2734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15985 comm="syz.2.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1633.162324][   T29] audit: type=1326 audit(1721950539.127:2735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15985 comm="syz.2.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1633.185324][   T29] audit: type=1326 audit(1721950539.127:2736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15985 comm="syz.2.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1633.208429][   T29] audit: type=1326 audit(1721950539.127:2737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15985 comm="syz.2.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1633.231429][   T29] audit: type=1326 audit(1721950539.127:2738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15985 comm="syz.2.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb27b56cf67 code=0x7fc00000
[ 1633.549576][T15999] loop1: detected capacity change from 0 to 512
[ 1633.554069][T16002] loop4: detected capacity change from 0 to 47
[ 1633.716483][T15999] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1633.730233][T15999] ext4 filesystem being mounted at /210/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1633.788022][T16003] loop0: detected capacity change from 0 to 1024
[ 1633.894130][T16003] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1633.907350][T16003] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1634.955961][T16016] netlink: 'syz.0.2661': attribute type 10 has an invalid length.
[ 1635.070850][T14584] Bluetooth: hci6: ISO packet for unknown connection handle 0
[ 1635.087112][T15413] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1635.109448][T16016] bond0: (slave netdevsim3): Releasing backup interface
[ 1635.236236][T16016] team0: Port device netdevsim3 added
[ 1635.365309][T12499] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1636.003522][T16024] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2665'.
[ 1641.573750][T15405] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1641.937651][T16031] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2670'.
[ 1642.373965][ T1244] ieee802154 phy0 wpan0: encryption failed: -22
[ 1642.381646][ T1244] ieee802154 phy1 wpan1: encryption failed: -22
[ 1642.386042][   T10] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1642.551901][T16038] FAULT_INJECTION: forcing a failure.
[ 1642.551901][T16038] name failslab, interval 1, probability 0, space 0, times 0
[ 1642.565090][T16038] CPU: 0 UID: 0 PID: 16038 Comm: syz.4.2673 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0
[ 1642.575840][T16038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1642.586153][T16038] Call Trace:
[ 1642.589648][T16038]  <TASK>
[ 1642.592781][T16038]  dump_stack_lvl+0x216/0x2d0
[ 1642.597857][T16038]  dump_stack+0x1e/0x30
[ 1642.602368][T16038]  should_fail_ex+0x74e/0x800
[ 1642.607379][T16038]  should_failslab+0x17f/0x210
[ 1642.612486][T16038]  kmem_cache_alloc_node_noprof+0xeb/0xb80
[ 1642.618650][T16038]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1642.625339][T16038]  ? __alloc_skb+0x1e9/0x7b0
[ 1642.630269][T16038]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1642.636431][T16038]  __alloc_skb+0x1e9/0x7b0
[ 1642.641230][T16038]  netlink_ack+0x281/0xe80
[ 1642.645971][T16038]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1642.652148][T16038]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1642.657704][T16038]  nfnetlink_rcv+0x4ac5/0x50f0
[ 1642.662867][T16038]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1642.668463][T16038]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1642.674642][T16038]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1642.680174][T16038]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1642.686318][T16038]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1642.691723][T16038]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1642.697131][T16038]  netlink_unicast+0xf52/0x1260
[ 1642.702360][T16038]  netlink_sendmsg+0x10da/0x11e0
[ 1642.707608][T16038]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1642.713196][T16038]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1642.718813][T16038]  __sock_sendmsg+0x30f/0x380
[ 1642.723850][T16038]  ____sys_sendmsg+0x877/0xb60
[ 1642.728975][T16038]  ___sys_sendmsg+0x28d/0x3c0
[ 1642.733995][T16038]  ? __rcu_read_unlock+0x7b/0xe0
[ 1642.739290][T16038]  ? __fget_files+0x4fe/0x5d0
[ 1642.744310][T16038]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1642.749843][T16038]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1642.756033][T16038]  __x64_sys_sendmsg+0x307/0x4a0
[ 1642.761302][T16038]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1642.767462][T16038]  x64_sys_call+0x2dd6/0x3c10
[ 1642.772462][T16038]  do_syscall_64+0xcd/0x1e0
[ 1642.777326][T16038]  ? clear_bhb_loop+0x25/0x80
[ 1642.782318][T16038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1642.788575][T16038] RIP: 0033:0x7f3e70175f19
[ 1642.793270][T16038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1642.813226][T16038] RSP: 002b:00007f3e7101c048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1642.822002][T16038] RAX: ffffffffffffffda RBX: 00007f3e70305f60 RCX: 00007f3e70175f19
[ 1642.830280][T16038] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[ 1642.838526][T16038] RBP: 00007f3e7101c0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1642.846781][T16038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1642.855015][T16038] R13: 000000000000000b R14: 00007f3e70305f60 R15: 00007ffd7ccf05f8
[ 1642.863284][T16038]  </TASK>
[ 1642.940933][   T10] usb 4-1: Using ep0 maxpacket: 8
[ 1642.961142][   T10] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 1642.972565][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1642.987580][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1643.004770][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[ 1643.020241][   T10] usb 4-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[ 1643.029739][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1643.124343][   T10] usb 4-1: config 0 descriptor??
[ 1643.176805][T16043] loop1: detected capacity change from 0 to 47
[ 1643.370847][   T10] kye 0003:0458:5010.000A: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[ 1643.422436][   T10] kye 0003:0458:5010.000A: item fetching failed at offset 5/7
[ 1643.436832][   T10] kye 0003:0458:5010.000A: parse failed
[ 1643.443213][   T10] kye 0003:0458:5010.000A: probe with driver kye failed with error -22
[ 1643.684487][T16048] loop0: detected capacity change from 0 to 1024
[ 1643.695497][   T29] kauditd_printk_skb: 6 callbacks suppressed
[ 1643.695582][   T29] audit: type=1326 audit(1721950549.877:2745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16045 comm="syz.4.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e70175f19 code=0x7fc00000
[ 1643.727858][   T29] audit: type=1326 audit(1721950549.887:2746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16045 comm="syz.4.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f3e70175f19 code=0x7fc00000
[ 1643.751140][   T29] audit: type=1326 audit(1721950549.887:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16045 comm="syz.4.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3e7016cf67 code=0x7fc00000
[ 1643.774186][   T29] audit: type=1326 audit(1721950549.887:2748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16045 comm="syz.4.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3e70111909 code=0x7fc00000
[ 1643.797169][   T29] audit: type=1326 audit(1721950549.887:2749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16045 comm="syz.4.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f3e701119cf code=0x7fc00000
[ 1643.881086][   T10] usb 4-1: USB disconnect, device number 30
[ 1643.891029][   T29] audit: type=1326 audit(1721950550.017:2750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16045 comm="syz.4.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e70175f19 code=0x7fc00000
[ 1643.915143][   T29] audit: type=1326 audit(1721950550.017:2751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16045 comm="syz.4.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e70175f19 code=0x7fc00000
[ 1643.938156][   T29] audit: type=1326 audit(1721950550.017:2752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16045 comm="syz.4.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e70175f19 code=0x7fc00000
[ 1643.961273][   T29] audit: type=1326 audit(1721950550.017:2753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16045 comm="syz.4.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e70175f19 code=0x7fc00000
[ 1643.985062][   T29] audit: type=1326 audit(1721950550.017:2754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16045 comm="syz.4.2674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e70175f19 code=0x7fc00000
[ 1644.011747][T16048] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1644.454512][T16060] loop1: detected capacity change from 0 to 47
[ 1645.321336][T16065] loop4: detected capacity change from 0 to 1024
[ 1645.346822][T16067] FAULT_INJECTION: forcing a failure.
[ 1645.346822][T16067] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1645.367731][T16067] CPU: 0 UID: 0 PID: 16067 Comm: syz.2.2680 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0
[ 1645.378599][T16067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1645.388949][T16067] Call Trace:
[ 1645.392414][T16067]  <TASK>
[ 1645.395459][T16067]  dump_stack_lvl+0x216/0x2d0
[ 1645.400361][T16067]  dump_stack+0x1e/0x30
[ 1645.404713][T16067]  should_fail_ex+0x74e/0x800
[ 1645.409603][T16067]  should_fail+0x2a/0x40
[ 1645.414039][T16067]  should_fail_usercopy+0x2e/0x40
[ 1645.419275][T16067]  _copy_to_iter+0x632/0x24b0
[ 1645.424139][T16067]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1645.430692][T16067]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1645.436165][T16067]  __skb_datagram_iter+0x17e/0x1070
[ 1645.441583][T16067]  ? __skb_try_recv_datagram+0x5f4/0x6f0
[ 1645.447436][T16067]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 1645.453354][T16067]  skb_copy_datagram_iter+0x5c/0x200
[ 1645.458999][T16067]  netlink_recvmsg+0x432/0x1610
[ 1645.464188][T16067]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1645.469751][T16067]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1645.475354][T16067]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1645.480961][T16067]  sock_recvmsg+0x2c4/0x340
[ 1645.485788][T16067]  ____sys_recvmsg+0x18a/0x620
[ 1645.490886][T16067]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1645.496461][T16067]  ___sys_recvmsg+0x223/0x840
[ 1645.501467][T16067]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1645.507623][T16067]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1645.513130][T16067]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1645.519275][T16067]  do_recvmmsg+0x4fc/0xfd0
[ 1645.524037][T16067]  __x64_sys_recvmmsg+0x21a/0x490
[ 1645.529371][T16067]  x64_sys_call+0x1ff0/0x3c10
[ 1645.534512][T16067]  do_syscall_64+0xcd/0x1e0
[ 1645.539343][T16067]  ? clear_bhb_loop+0x25/0x80
[ 1645.544357][T16067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1645.550619][T16067] RIP: 0033:0x7fb27b575f19
[ 1645.555281][T16067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1645.575176][T16067] RSP: 002b:00007fb27c2b8048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1645.583866][T16067] RAX: ffffffffffffffda RBX: 00007fb27b705f60 RCX: 00007fb27b575f19
[ 1645.592069][T16067] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003
[ 1645.600279][T16067] RBP: 00007fb27c2b80a0 R08: 0000000020003700 R09: 0000000000000000
[ 1645.608501][T16067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1645.616703][T16067] R13: 000000000000000b R14: 00007fb27b705f60 R15: 00007fff6ced1638
[ 1645.624943][T16067]  </TASK>
[ 1645.733176][T16065] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1645.746023][T16065] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1645.853036][T15405] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1645.992074][T16071] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2681'.
[ 1646.042279][T16074] netlink: 'syz.4.2679': attribute type 10 has an invalid length.
[ 1646.663071][T14584] Bluetooth: hci5: ISO packet for unknown connection handle 0
[ 1646.703347][T16074] netdevsim netdevsim4 netdevsim3: entered promiscuous mode
[ 1646.790545][T16074] bond0: (slave netdevsim3): Enslaving as an active interface with an up link
[ 1646.846716][T16080] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2682'.
[ 1646.995090][T16084] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2683'.
[ 1647.221216][T15214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1647.299004][ T5245] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1647.542949][ T5245] usb 4-1: config 0 interface 0 altsetting 151 has an invalid descriptor for endpoint zero, skipping
[ 1647.544092][T16091] FAULT_INJECTION: forcing a failure.
[ 1647.544092][T16091] name failslab, interval 1, probability 0, space 0, times 0
[ 1647.554340][ T5245] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1647.574897][T16091] CPU: 0 UID: 0 PID: 16091 Comm: syz.2.2687 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0
[ 1647.585647][T16091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1647.595933][T16091] Call Trace:
[ 1647.599397][T16091]  <TASK>
[ 1647.602540][T16091]  dump_stack_lvl+0x216/0x2d0
[ 1647.607538][T16091]  dump_stack+0x1e/0x30
[ 1647.611995][T16091]  should_fail_ex+0x74e/0x800
[ 1647.616968][T16091]  should_failslab+0x17f/0x210
[ 1647.622038][T16091]  __kmalloc_cache_noprof+0xbf/0xb00
[ 1647.627605][T16091]  ? nfnetlink_rcv+0x1b99/0x50f0
[ 1647.632814][T16091]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1647.638947][T16091]  nfnetlink_rcv+0x1b99/0x50f0
[ 1647.644082][T16091]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1647.649603][T16091]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1647.655720][T16091]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1647.661229][T16091]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1647.667341][T16091]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1647.672706][T16091]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1647.678154][T16091]  netlink_unicast+0xf52/0x1260
[ 1647.683359][T16091]  netlink_sendmsg+0x10da/0x11e0
[ 1647.688588][T16091]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1647.694164][T16091]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1647.699707][T16091]  __sock_sendmsg+0x30f/0x380
[ 1647.704693][T16091]  ____sys_sendmsg+0x877/0xb60
[ 1647.709756][T16091]  ___sys_sendmsg+0x28d/0x3c0
[ 1647.714722][T16091]  ? __rcu_read_unlock+0x7b/0xe0
[ 1647.719986][T16091]  ? __fget_files+0x4fe/0x5d0
[ 1647.724948][T16091]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1647.730430][T16091]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1647.736563][T16091]  __x64_sys_sendmsg+0x307/0x4a0
[ 1647.741829][T16091]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1647.747960][T16091]  x64_sys_call+0x2dd6/0x3c10
[ 1647.752939][T16091]  do_syscall_64+0xcd/0x1e0
[ 1647.757763][T16091]  ? clear_bhb_loop+0x25/0x80
[ 1647.762711][T16091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1647.768910][T16091] RIP: 0033:0x7fb27b575f19
[ 1647.773563][T16091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1647.793506][T16091] RSP: 002b:00007fb27c2b8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1647.802200][T16091] RAX: ffffffffffffffda RBX: 00007fb27b705f60 RCX: 00007fb27b575f19
[ 1647.810426][T16091] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000003
[ 1647.818636][T16091] RBP: 00007fb27c2b80a0 R08: 0000000000000000 R09: 0000000000000000
[ 1647.826854][T16091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1647.835077][T16091] R13: 000000000000000b R14: 00007fb27b705f60 R15: 00007fff6ced1638
[ 1647.843336][T16091]  </TASK>
[ 1647.884036][ T5245] usb 4-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41
[ 1647.893929][ T5245] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1647.902246][ T5245] usb 4-1: Product: syz
[ 1647.906566][ T5245] usb 4-1: Manufacturer: syz
[ 1647.911996][ T5245] usb 4-1: SerialNumber: syz
[ 1647.953236][ T5245] usb 4-1: config 0 descriptor??
[ 1648.000144][ T5245] usb 4-1: ucan: probing device on interface #0
[ 1648.006918][ T5245] usb 4-1: ucan: invalid EP count (0)
[ 1648.013592][ T5245] usb 4-1: ucan: probe failed; try to update the device firmware
[ 1648.037477][T16094] loop0: detected capacity change from 0 to 47
[ 1648.810450][T16104] loop4: detected capacity change from 0 to 2048
[ 1648.977241][   T29] kauditd_printk_skb: 6 callbacks suppressed
[ 1648.977322][   T29] audit: type=1326 audit(1721950555.087:2761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16100 comm="syz.1.2689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff19df75f19 code=0x7fc00000
[ 1649.006966][   T29] audit: type=1326 audit(1721950555.097:2762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16100 comm="syz.1.2689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff19df6cf67 code=0x7fc00000
[ 1649.029687][   T29] audit: type=1326 audit(1721950555.097:2763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16100 comm="syz.1.2689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff19df11909 code=0x7fc00000
[ 1649.056400][   T29] audit: type=1326 audit(1721950555.147:2764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16100 comm="syz.1.2689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff19df119cf code=0x7fc00000
[ 1649.081296][   T29] audit: type=1326 audit(1721950555.167:2765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16100 comm="syz.1.2689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7ff19df75f19 code=0x7fc00000
[ 1649.124731][T16104] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1649.138344][T16104] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1649.268143][T16104] fs-verity: sha256 using implementation "sha256-generic"
[ 1649.680612][T15214] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1649.896287][T16118] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2695'.
[ 1650.563821][T16125] netlink: 'syz.2.2697': attribute type 10 has an invalid length.
[ 1650.722922][T14584] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1650.844383][T16125] bond0: (slave netdevsim3): Enslaving as an active interface with an up link
[ 1650.902121][T16126] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2698'.
[ 1652.783257][T16148] loop1: detected capacity change from 0 to 128
[ 1653.680940][   T29] audit: type=1326 audit(1721950559.807:2766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16151 comm="syz.2.2706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb27b56cf67 code=0x7fc00000
[ 1653.704117][   T29] audit: type=1326 audit(1721950559.807:2767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16151 comm="syz.2.2706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb27b511909 code=0x7fc00000
[ 1653.727032][   T29] audit: type=1326 audit(1721950559.807:2768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16151 comm="syz.2.2706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fb27b5119cf code=0x7fc00000
[ 1653.755297][   T29] audit: type=1326 audit(1721950559.807:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16151 comm="syz.2.2706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1653.780321][   T29] audit: type=1326 audit(1721950559.827:2770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16151 comm="syz.2.2706" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1654.453523][T16161] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2710'.
[ 1654.475194][T16160] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2708'.
[ 1654.961803][ T5198] Bluetooth: hci5: command 0x0406 tx timeout
[ 1656.072415][T16181] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x2
[ 1658.216991][T16191] loop0: detected capacity change from 0 to 32768
[ 1658.276141][T16191] bcachefs (/dev/loop0): error validating superblock: Invalid superblock: optional field with size 0 (type 9)
[ 1658.288964][T16191] bcachefs: bch2_fs_get_tree() error: invalid_sb_field_size
[ 1658.732584][ T5198] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1658.754526][ T5198] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1658.901042][ T5198] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1658.935142][ T5198] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1658.947653][ T5198] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1658.958162][ T5198] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1659.363204][T16202] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2723'.
[ 1659.384518][T16200] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2722'.
[ 1660.495991][T16196] chnl_net:caif_netlink_parms(): no params data found
[ 1660.940554][T16227] loop0: detected capacity change from 0 to 8
[ 1661.071171][ T5198] Bluetooth: hci0: command tx timeout
[ 1661.175208][T16229] loop1: detected capacity change from 0 to 512
[ 1661.241921][T16229] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1661.401018][T16229] EXT4-fs (loop1): 1 truncate cleaned up
[ 1661.408846][T16229] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1661.703288][T16236] netlink: 'syz.2.2730': attribute type 10 has an invalid length.
[ 1661.755378][ T5198] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1662.677804][T12499] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1662.716328][T16196] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1662.724125][T16196] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1662.731895][T16196] bridge_slave_0: entered allmulticast mode
[ 1662.740306][T16196] bridge_slave_0: entered promiscuous mode
[ 1662.842820][T16252] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2735'.
[ 1662.878518][T16196] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1662.886258][T16196] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1662.894059][T16196] bridge_slave_1: entered allmulticast mode
[ 1662.902653][T16196] bridge_slave_1: entered promiscuous mode
[ 1663.100326][T16254] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2736'.
[ 1663.142006][ T5198] Bluetooth: hci0: command tx timeout
[ 1663.225140][T16196] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1663.250381][T16196] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1663.520371][T16196] team0: Port device team_slave_0 added
[ 1663.688971][T16196] team0: Port device team_slave_1 added
[ 1663.845234][ T5246] usb 4-1: USB disconnect, device number 31
[ 1664.006619][T16196] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1664.013920][T16196] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1664.042304][T16196] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1664.153244][   T72] team0: Port device netdevsim3 removed
[ 1664.172619][   T72] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1664.211082][    C0] eth0: bad gso: type: 1, size: 1408
[ 1664.254400][T16196] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1664.261724][T16196] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1664.287904][T16196] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1664.375121][   T72] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1664.559146][   T72] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1664.835883][   T72] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1664.953553][T16272] loop1: detected capacity change from 0 to 8
[ 1665.055206][T16196] hsr_slave_0: entered promiscuous mode
[ 1665.155939][T16196] hsr_slave_1: entered promiscuous mode
[ 1665.223869][ T5198] Bluetooth: hci0: command tx timeout
[ 1665.583773][   T72] bridge_slave_1: left allmulticast mode
[ 1665.589686][   T72] bridge_slave_1: left promiscuous mode
[ 1665.596732][   T72] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1665.672472][   T72] bridge_slave_0: left allmulticast mode
[ 1665.678628][   T72] bridge_slave_0: left promiscuous mode
[ 1665.685611][   T72] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1666.309500][   T72] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1666.388128][   T72] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1666.414569][   T72] bond0 (unregistering): Released all slaves
[ 1667.094189][T16282] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2749'.
[ 1667.284701][   T29] kauditd_printk_skb: 53 callbacks suppressed
[ 1667.284782][   T29] audit: type=1326 audit(1721950573.447:2824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16286 comm="syz.2.2751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1667.314535][   T29] audit: type=1326 audit(1721950573.477:2825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16286 comm="syz.2.2751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1667.337549][   T29] audit: type=1326 audit(1721950573.477:2826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16286 comm="syz.2.2751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1667.411353][ T5198] Bluetooth: hci0: command tx timeout
[ 1667.499669][   T72] hsr_slave_0: left promiscuous mode
[ 1667.525508][   T72] hsr_slave_1: left promiscuous mode
[ 1667.556559][   T72] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1667.565500][   T72] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1667.609534][   T72] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1667.617628][   T72] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1667.712128][   T72] veth1_macvtap: left promiscuous mode
[ 1667.717925][   T72] veth0_macvtap: left promiscuous mode
[ 1667.724323][   T72] veth1_vlan: left promiscuous mode
[ 1667.729942][   T72] veth0_vlan: left promiscuous mode
[ 1668.692949][   T72] team0 (unregistering): Port device team_slave_1 removed
[ 1668.725891][   T72] team0 (unregistering): Port device team_slave_0 removed
[ 1668.890446][T16301] loop4: detected capacity change from 0 to 8
[ 1669.901846][T16196] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1669.953373][T16196] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1669.990746][T16196] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1670.045199][T16196] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1671.018479][T16196] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1671.137326][T16196] 8021q: adding VLAN 0 to HW filter on device team0
[ 1671.212446][   T44] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1671.220348][   T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1671.333057][   T44] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1671.340947][   T44] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1672.853567][T16312] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2759'.
[ 1672.977226][T14584] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1673.006713][T14584] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1673.019762][T14584] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1673.048184][T14584] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1673.066410][T14584] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1673.093020][T14584] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1673.669742][T16196] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1674.350124][T16196] veth0_vlan: entered promiscuous mode
[ 1674.383726][T16313] chnl_net:caif_netlink_parms(): no params data found
[ 1674.476767][T16196] veth1_vlan: entered promiscuous mode
[ 1674.564309][ T8169] team0: Port device netdevsim3 removed
[ 1674.579348][ T8169] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1674.723129][ T8169] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1674.826268][ T8169] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1674.948169][ T8169] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1674.988275][T16196] veth0_macvtap: entered promiscuous mode
[ 1675.068555][T16196] veth1_macvtap: entered promiscuous mode
[ 1675.198580][T16196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1675.210508][T16196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1675.220897][T16196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1675.231788][T16196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1675.241930][T16196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1675.252718][T16196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1675.262934][T16196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1675.273827][T16196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1675.287840][T14584] Bluetooth: hci2: command tx timeout
[ 1675.289122][T16196] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1675.467284][T16313] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1675.476291][T16313] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1675.484266][T16313] bridge_slave_0: entered allmulticast mode
[ 1675.493704][T16313] bridge_slave_0: entered promiscuous mode
[ 1675.527235][T16313] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1675.535210][T16313] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1675.543384][T16313] bridge_slave_1: entered allmulticast mode
[ 1675.552882][T16313] bridge_slave_1: entered promiscuous mode
[ 1675.589505][T16196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1675.600467][T16196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1675.610996][T16196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1675.621881][T16196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1675.632255][T16196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1675.643482][T16196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1675.653689][T16196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1675.672144][T16196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1675.694573][T16196] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1675.714881][ T8169] bridge_slave_1: left allmulticast mode
[ 1675.723062][ T8169] bridge_slave_1: left promiscuous mode
[ 1675.730456][ T8169] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1675.847820][ T8169] bridge_slave_0: left allmulticast mode
[ 1675.854071][ T8169] bridge_slave_0: left promiscuous mode
[ 1675.860815][ T8169] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1676.472427][ T5198] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1676.489408][ T5198] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1676.504540][ T5198] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1676.529846][ T5198] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1676.554241][ T5198] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1676.580496][ T5198] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1676.722668][ T8169] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1676.814199][ T8169] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1676.850471][ T8169] bond0 (unregistering): Released all slaves
[ 1677.112135][T16313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1677.155365][T16196] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1677.165835][T16196] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1677.175050][T16196] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1677.184219][T16196] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1677.219690][T16313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1677.302995][ T5198] Bluetooth: hci2: command tx timeout
[ 1677.661833][T16313] team0: Port device team_slave_0 added
[ 1677.763686][T16344] FAULT_INJECTION: forcing a failure.
[ 1677.763686][T16344] name failslab, interval 1, probability 0, space 0, times 0
[ 1677.777146][T16344] CPU: 1 UID: 0 PID: 16344 Comm: syz.2.2767 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0
[ 1677.787903][T16344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1677.798317][T16344] Call Trace:
[ 1677.801817][T16344]  <TASK>
[ 1677.804956][T16344]  dump_stack_lvl+0x216/0x2d0
[ 1677.810008][T16344]  dump_stack+0x1e/0x30
[ 1677.814509][T16344]  should_fail_ex+0x74e/0x800
[ 1677.819657][T16344]  should_failslab+0x17f/0x210
[ 1677.824786][T16344]  __kmalloc_noprof+0x175/0xf30
[ 1677.829947][T16344]  ? tomoyo_realpath_from_path+0x104/0xaa0
[ 1677.836048][T16344]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1677.841591][T16344]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1677.847741][T16344]  tomoyo_realpath_from_path+0x104/0xaa0
[ 1677.853710][T16344]  ? __srcu_read_lock+0x76/0xd0
[ 1677.858912][T16344]  tomoyo_path_number_perm+0x1d9/0x8f0
[ 1677.864739][T16344]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1677.870298][T16344]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1677.875845][T16344]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1677.882065][T16344]  tomoyo_file_ioctl+0x42/0x50
[ 1677.887153][T16344]  ? __pfx_tomoyo_file_ioctl+0x10/0x10
[ 1677.892941][T16344]  security_file_ioctl+0xa8/0x160
[ 1677.898388][T16344]  __se_sys_ioctl+0xd3/0x450
[ 1677.903405][T16344]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1677.909565][T16344]  __x64_sys_ioctl+0x96/0xe0
[ 1677.914374][T16344]  x64_sys_call+0x1a06/0x3c10
[ 1677.919387][T16344]  do_syscall_64+0xcd/0x1e0
[ 1677.924271][T16344]  ? clear_bhb_loop+0x25/0x80
[ 1677.929225][T16344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1677.935379][T16344] RIP: 0033:0x7fb27b575f19
[ 1677.939955][T16344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1677.959783][T16344] RSP: 002b:00007fb27c2b8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1677.968427][T16344] RAX: ffffffffffffffda RBX: 00007fb27b705f60 RCX: 00007fb27b575f19
[ 1677.976582][T16344] RDX: 0000000020000000 RSI: 00000000000089e9 RDI: 0000000000000004
[ 1677.984753][T16344] RBP: 00007fb27c2b80a0 R08: 0000000000000000 R09: 0000000000000000
[ 1677.992988][T16344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1678.001214][T16344] R13: 000000000000000b R14: 00007fb27b705f60 R15: 00007fff6ced1638
[ 1678.009499][T16344]  </TASK>
[ 1678.016173][T16344] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1678.156162][T16313] team0: Port device team_slave_1 added
[ 1678.240334][ T8169] hsr_slave_0: left promiscuous mode
[ 1678.269589][ T8169] hsr_slave_1: left promiscuous mode
[ 1678.288989][ T8169] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1678.297148][ T8169] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1678.317152][ T8169] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1678.331005][ T8169] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1678.375586][ T8169] veth1_macvtap: left promiscuous mode
[ 1678.381665][ T8169] veth0_macvtap: left promiscuous mode
[ 1678.387615][ T8169] veth1_vlan: left promiscuous mode
[ 1678.393829][ T8169] veth0_vlan: left promiscuous mode
[ 1678.667982][ T5198] Bluetooth: hci6: command tx timeout
[ 1679.091010][ T8169] team0 (unregistering): Port device team_slave_1 removed
[ 1679.131233][ T8169] team0 (unregistering): Port device team_slave_0 removed
[ 1679.381390][ T5198] Bluetooth: hci2: command tx timeout
[ 1679.534021][T16348] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2768'.
[ 1679.740120][T16313] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1679.747991][T16313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1679.774574][T16313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1679.955734][T16313] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1679.969407][T16313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1679.997782][T16313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1680.420187][T16313] hsr_slave_0: entered promiscuous mode
[ 1680.453853][T16313] hsr_slave_1: entered promiscuous mode
[ 1680.481360][T16313] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1680.489174][T16313] Cannot create hsr debugfs directory
[ 1680.539075][T14584] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1680.572236][T14584] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1680.603193][T14584] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1680.694800][T14584] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1680.718209][T14584] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1680.742638][T14584] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1680.750376][ T8413] Bluetooth: hci6: command tx timeout
[ 1680.980504][ T8169] team0: Port device netdevsim3 removed
[ 1681.000500][ T8169] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1681.117610][T16363] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2771'.
[ 1681.276676][ T8169] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1681.391377][T16334] chnl_net:caif_netlink_parms(): no params data found
[ 1681.463460][T14584] Bluetooth: hci2: command tx timeout
[ 1681.509745][ T8169] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1681.545543][T16367] fuse: Bad value for 'fd'
[ 1681.566344][T16367] xt_recent: Unsupported userspace flags (000000fc)
[ 1681.669889][ T8169] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1682.268140][ T8169] bridge_slave_1: left allmulticast mode
[ 1682.274247][ T8169] bridge_slave_1: left promiscuous mode
[ 1682.280980][ T8169] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1682.329079][ T8169] bridge_slave_0: left allmulticast mode
[ 1682.335108][ T8169] bridge_slave_0: left promiscuous mode
[ 1682.341907][ T8169] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1682.720188][ T8169] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[ 1682.734455][ T8169] ip6gretap1 (unregistering): left promiscuous mode
[ 1682.741481][ T8169] ip6gretap1 (unregistering): left allmulticast mode
[ 1682.827820][T14584] Bluetooth: hci1: command tx timeout
[ 1682.833984][T14584] Bluetooth: hci6: command tx timeout
[ 1683.057875][ T8169] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1683.076667][ T8169] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1683.098926][ T8169] bond0 (unregistering): Released all slaves
[ 1683.118914][ T8169] bond1 (unregistering): Released all slaves
[ 1684.268729][ T8169] hsr_slave_0: left promiscuous mode
[ 1684.284755][ T8169] hsr_slave_1: left promiscuous mode
[ 1684.303362][ T8169] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1684.311580][ T8169] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1684.325209][ T8169] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1684.333586][ T8169] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1684.384831][ T8169] veth1_macvtap: left promiscuous mode
[ 1684.390772][ T8169] veth0_macvtap: left promiscuous mode
[ 1684.396646][ T8169] veth1_vlan: left promiscuous mode
[ 1684.402777][ T8169] veth0_vlan: left promiscuous mode
[ 1684.902308][ T5198] Bluetooth: hci6: command tx timeout
[ 1684.908437][ T5198] Bluetooth: hci1: command tx timeout
[ 1684.973329][ T8169] team0 (unregistering): Port device team_slave_1 removed
[ 1685.024323][ T8169] team0 (unregistering): Port device team_slave_0 removed
[ 1685.403632][T16334] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1685.415982][T16334] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1685.426676][T16334] bridge_slave_0: entered allmulticast mode
[ 1685.440149][T16334] bridge_slave_0: entered promiscuous mode
[ 1685.467201][T16390] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2776'.
[ 1685.624125][T16313] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1685.707450][T16334] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1685.719263][T16334] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1685.727304][T16334] bridge_slave_1: entered allmulticast mode
[ 1685.736626][T16334] bridge_slave_1: entered promiscuous mode
[ 1685.745913][T16313] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1685.889916][T16313] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1686.083558][T16334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1686.093669][T16313] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1686.153117][T16357] chnl_net:caif_netlink_parms(): no params data found
[ 1686.195963][T16334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1686.458695][T16334] team0: Port device team_slave_0 added
[ 1686.552401][T16334] team0: Port device team_slave_1 added
[ 1686.732284][T16334] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1686.740440][T16334] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1686.767103][T16334] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1686.790399][T16405] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2778'.
[ 1686.875144][T16334] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1686.882593][T16334] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1686.911156][T16334] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1686.959751][ T8169] bond0: (slave netdevsim3): Releasing backup interface
[ 1686.972648][ T8169] netdevsim netdevsim4 netdevsim3 (unregistering): left promiscuous mode
[ 1686.985626][T14584] Bluetooth: hci1: command tx timeout
[ 1686.987510][ T8169] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1687.182497][ T8169] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1687.336106][   T72] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1687.345469][   T72] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1687.454398][ T8169] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1687.490099][T16334] hsr_slave_0: entered promiscuous mode
[ 1687.505350][T16334] hsr_slave_1: entered promiscuous mode
[ 1687.524499][T16334] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1687.532817][T16334] Cannot create hsr debugfs directory
[ 1687.647475][ T8169] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1687.681045][ T3276] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1687.689333][ T3276] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1687.698386][T16357] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1687.707289][T16357] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1687.717067][T16357] bridge_slave_0: entered allmulticast mode
[ 1687.726505][T16357] bridge_slave_0: entered promiscuous mode
[ 1687.839995][T16357] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1687.855472][T16357] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1687.863681][T16357] bridge_slave_1: entered allmulticast mode
[ 1687.872956][T16357] bridge_slave_1: entered promiscuous mode
[ 1688.098210][T16357] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1688.270389][T16357] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1688.557805][T16357] team0: Port device team_slave_0 added
[ 1688.678627][T16357] team0: Port device team_slave_1 added
[ 1688.706607][ T8169] bridge_slave_1: left allmulticast mode
[ 1688.713006][ T8169] bridge_slave_1: left promiscuous mode
[ 1688.719675][ T8169] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1688.758960][ T8169] bridge_slave_0: left allmulticast mode
[ 1688.770362][ T8169] bridge_slave_0: left promiscuous mode
[ 1688.777315][ T8169] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1689.086930][T14584] Bluetooth: hci1: command tx timeout
[ 1689.312541][ T8169] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1689.324447][ T8169] bond_slave_0: left promiscuous mode
[ 1689.360191][ T8169] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1689.403198][ T8169] bond_slave_1: left promiscuous mode
[ 1689.446535][ T8169] bond0 (unregistering): Released all slaves
[ 1689.692363][T16428] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2783'.
[ 1689.925787][T16357] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1689.933261][T16357] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1689.961067][T16357] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1690.077046][T16433] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2785'.
[ 1690.157112][T16313] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1690.197426][T16357] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1690.207557][T16357] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1690.235713][T16357] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1690.385165][ T8169] hsr_slave_0: left promiscuous mode
[ 1690.421095][ T8169] hsr_slave_1: left promiscuous mode
[ 1690.442354][ T8169] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1690.450301][ T8169] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1690.473057][ T8169] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1690.481053][ T8169] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1690.526322][ T8169] veth1_macvtap: left promiscuous mode
[ 1690.532884][ T8169] veth0_macvtap: left promiscuous mode
[ 1690.538962][ T8169] veth1_vlan: left promiscuous mode
[ 1690.544687][ T8169] veth0_vlan: left promiscuous mode
[ 1691.227411][ T8169] team0 (unregistering): Port device team_slave_1 removed
[ 1691.281055][ T8169] team0 (unregistering): Port device team_slave_0 removed
[ 1692.236620][T16357] hsr_slave_0: entered promiscuous mode
[ 1692.252603][T16357] hsr_slave_1: entered promiscuous mode
[ 1692.271185][T16357] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1692.279014][T16357] Cannot create hsr debugfs directory
[ 1692.420213][T16313] 8021q: adding VLAN 0 to HW filter on device team0
[ 1692.597384][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1692.605364][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1692.786278][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1692.794213][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1693.065470][T16334] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1693.096961][T16334] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1693.124812][T16334] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1693.227848][T16334] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1693.564400][T16461] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2792'.
[ 1694.008891][T16357] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1694.079598][T16357] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1694.171453][T16357] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1694.262892][T16357] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1694.686189][T16470] fuse: Bad value for 'fd'
[ 1694.775952][T16334] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1694.809729][T16470] tipc: Invalid UDP bearer configuration
[ 1694.809943][T16470] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[ 1695.054562][T16334] 8021q: adding VLAN 0 to HW filter on device team0
[ 1695.180782][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1695.188581][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1695.340842][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1695.348609][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1695.389405][T16477] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2796'.
[ 1695.564028][T16313] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1695.762913][T16357] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1695.808689][T16334] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1696.015454][T16357] 8021q: adding VLAN 0 to HW filter on device team0
[ 1696.142906][ T5246] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1696.150893][ T5246] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1696.287671][ T5246] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1696.295631][ T5246] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1696.341372][T16313] veth0_vlan: entered promiscuous mode
[ 1696.638190][T16313] veth1_vlan: entered promiscuous mode
[ 1697.018763][T16313] veth0_macvtap: entered promiscuous mode
[ 1697.098418][T16313] veth1_macvtap: entered promiscuous mode
[ 1697.379934][T16313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1697.391269][T16313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1697.401465][T16313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1697.412741][T16313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1697.428655][T16313] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1697.684936][T16313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1697.695789][T16313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1697.706114][T16313] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1697.716903][T16313] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1697.732859][T16313] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1697.944967][T16313] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1697.954323][T16313] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1697.963540][T16313] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1697.972706][T16313] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1698.078070][T16334] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1698.346760][T16504] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2801'.
[ 1698.654489][T16357] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1698.720507][T16334] veth0_vlan: entered promiscuous mode
[ 1698.828324][T16334] veth1_vlan: entered promiscuous mode
[ 1699.145392][T16334] veth0_macvtap: entered promiscuous mode
[ 1699.264763][T16334] veth1_macvtap: entered promiscuous mode
[ 1699.392798][T16516] loop3: detected capacity change from 0 to 128
[ 1699.452481][T16334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1699.463399][T16334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1699.473626][T16334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1699.484520][T16334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1699.494715][T16334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1699.505609][T16334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1699.525586][T16334] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1699.533831][T16517] netlink: 'syz.2.2803': attribute type 10 has an invalid length.
[ 1699.570005][T16517] bond0: (slave netdevsim3): Releasing backup interface
[ 1699.582020][T14584] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1699.593715][T16516] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1699.610313][T16517] team0: Port device netdevsim3 added
[ 1699.628521][T16516] ext4 filesystem being mounted at /11/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1699.686947][T16334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1699.698357][T16334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1699.709860][T16334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1699.720814][T16334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1699.732868][T16334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1699.744039][T16334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1699.759682][T16334] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1699.834581][T16334] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1699.846329][T16334] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1699.855563][T16334] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1699.864920][T16334] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1699.923980][T16516] fscrypt (loop3, inode 12): Unsupported encryption modes (contents 0, filenames 0)
[ 1700.418466][T16196] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1701.662386][T16357] veth0_vlan: entered promiscuous mode
[ 1701.812787][T16357] veth1_vlan: entered promiscuous mode
[ 1702.157068][T16357] veth0_macvtap: entered promiscuous mode
[ 1702.246390][T16357] veth1_macvtap: entered promiscuous mode
[ 1702.472063][T16357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1702.483031][T16357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1702.494372][T16357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1702.522656][T16357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1702.535874][T16357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1702.546608][T16357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1702.557413][T16357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1702.568198][T16357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1702.584356][T16357] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1702.882696][T16357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1702.893911][T16357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1702.905236][T16357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1702.916440][T16357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1702.926665][T16357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1702.937475][T16357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1702.947628][T16357] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1702.958390][T16357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1702.974318][T16357] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1703.086903][T16357] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1703.097106][T16357] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1703.107804][T16357] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1703.117306][T16357] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1703.172450][T16564] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2810'.
[ 1703.812753][ T1244] ieee802154 phy0 wpan0: encryption failed: -22
[ 1703.820363][ T1244] ieee802154 phy1 wpan1: encryption failed: -22
[ 1704.170093][T16580] loop3: detected capacity change from 0 to 128
[ 1704.273342][T16580] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1704.287211][T16581] netlink: 'syz.2.2812': attribute type 10 has an invalid length.
[ 1704.341381][T14584] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1704.381549][T16580] ext4 filesystem being mounted at /16/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1704.507679][T16580] fscrypt (loop3, inode 12): Unsupported encryption modes (contents 0, filenames 0)
[ 1704.854280][T16196] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1705.227872][T16599] FAULT_INJECTION: forcing a failure.
[ 1705.227872][T16599] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1705.242820][T16599] CPU: 0 UID: 0 PID: 16599 Comm: syz.3.2814 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0
[ 1705.253548][T16599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1705.263860][T16599] Call Trace:
[ 1705.267324][T16599]  <TASK>
[ 1705.270450][T16599]  dump_stack_lvl+0x216/0x2d0
[ 1705.275491][T16599]  dump_stack+0x1e/0x30
[ 1705.279977][T16599]  should_fail_ex+0x74e/0x800
[ 1705.284999][T16599]  should_fail+0x2a/0x40
[ 1705.289596][T16599]  should_fail_usercopy+0x2e/0x40
[ 1705.294958][T16599]  strncpy_from_user+0x39/0x5f0
[ 1705.300145][T16599]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1705.305696][T16599]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1705.311868][T16599]  getname_flags+0x187/0xa30
[ 1705.316844][T16599]  getname+0x30/0x40
[ 1705.321075][T16599]  do_sys_openat2+0xc3/0x2f0
[ 1705.326008][T16599]  __x64_sys_openat+0x2a1/0x310
[ 1705.331235][T16599]  x64_sys_call+0x1fe/0x3c10
[ 1705.336193][T16599]  do_syscall_64+0xcd/0x1e0
[ 1705.341046][T16599]  ? clear_bhb_loop+0x25/0x80
[ 1705.346044][T16599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1705.352197][T16599] RIP: 0033:0x7f2a28975f19
[ 1705.352317][T16599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1705.352458][T16599] RSP: 002b:00007f2a29661048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1705.352613][T16599] RAX: ffffffffffffffda RBX: 00007f2a28b06038 RCX: 00007f2a28975f19
[ 1705.352739][T16599] RDX: 0000000000000002 RSI: 00000000200001c0 RDI: ffffffffffffff9c
[ 1705.401895][T16599] RBP: 00007f2a296610a0 R08: 0000000000000000 R09: 0000000000000000
[ 1705.410160][T16599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1705.418426][T16599] R13: 000000000000006e R14: 00007f2a28b06038 R15: 00007ffea25b4798
[ 1705.426704][T16599]  </TASK>
[ 1705.514128][ T8219] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1705.522865][ T8219] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1705.784275][T11450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1705.793918][T11450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1706.825679][T16622] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2819'.
[ 1706.852634][ T3064] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1706.860806][ T3064] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1707.083557][ T8219] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1707.092844][ T8219] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1707.438272][T16629] loop3: detected capacity change from 0 to 128
[ 1707.525699][T16629] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1707.586699][T16629] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1707.751444][T16629] fscrypt (loop3, inode 12): Unsupported encryption modes (contents 0, filenames 0)
[ 1707.832997][T16636] loop0: detected capacity change from 0 to 1024
[ 1708.012077][T16636] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1708.028784][T16636] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1708.077662][T16196] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1708.252928][    C0] eth0: bad gso: type: 1, size: 1408
[ 1708.347053][T16648] netlink: 'syz.0.2822': attribute type 10 has an invalid length.
[ 1708.469179][T14584] Bluetooth: hci2: ISO packet for unknown connection handle 0
[ 1708.516204][T16648] team0: Port device netdevsim3 added
[ 1708.883013][T16313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1708.921881][T16661] loop3: detected capacity change from 0 to 128
[ 1708.959758][T11450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1708.968104][T11450] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1709.043818][T16661] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[ 1709.091077][T16661] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[ 1709.205086][T11450] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1709.213422][T11450] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1709.458432][T16196] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1709.871988][T16676] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2831'.
[ 1710.496151][T16687] loop0: detected capacity change from 0 to 128
[ 1710.660473][T16687] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1710.771432][T16687] ext4 filesystem being mounted at /4/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1711.285332][T16693] loop4: detected capacity change from 0 to 1024
[ 1711.341558][T16696] loop1: detected capacity change from 0 to 512
[ 1711.407034][T16693] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1711.421256][T16693] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1711.449534][T16696] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[ 1711.489256][T16313] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1711.506540][   T29] audit: type=1326 audit(1721950617.597:2827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16685 comm="syz.2.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1711.529610][   T29] audit: type=1326 audit(1721950617.627:2828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16685 comm="syz.2.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1711.557398][T16696] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.2838: invalid indirect mapped block 4278190080 (level 0)
[ 1711.636495][T16696] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.2838: invalid indirect mapped block 1 (level 1)
[ 1711.683442][   T29] audit: type=1326 audit(1721950617.787:2829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16685 comm="syz.2.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1711.712208][   T29] audit: type=1326 audit(1721950617.787:2830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16685 comm="syz.2.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1711.735611][   T29] audit: type=1326 audit(1721950617.787:2831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16685 comm="syz.2.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1711.758631][   T29] audit: type=1326 audit(1721950617.787:2832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16685 comm="syz.2.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1711.783423][   T29] audit: type=1326 audit(1721950617.787:2833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16685 comm="syz.2.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1711.811071][   T29] audit: type=1326 audit(1721950617.787:2834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16685 comm="syz.2.2836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1711.878682][T16696] EXT4-fs (loop1): 1 truncate cleaned up
[ 1711.886500][T16696] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1711.943213][T16701] netlink: 'syz.4.2837': attribute type 10 has an invalid length.
[ 1712.035995][T16701] team0: Port device netdevsim3 added
[ 1712.203131][T14584] Bluetooth: hci1: ISO packet for unknown connection handle 0
[ 1712.444383][T16334] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1712.633162][T16357] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1714.145052][T16731] loop4: detected capacity change from 0 to 128
[ 1714.230840][T16731] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1714.302856][T16731] ext4 filesystem being mounted at /4/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1714.591981][T16742] loop0: detected capacity change from 0 to 512
[ 1714.725883][T16742] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[ 1714.765771][T16741] loop1: detected capacity change from 0 to 1024
[ 1714.812241][T16357] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1714.841520][T16742] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2851: invalid indirect mapped block 4278190080 (level 0)
[ 1714.926042][T16741] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1714.939295][T16741] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1714.958023][T16742] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2851: invalid indirect mapped block 1 (level 1)
[ 1715.029667][T16742] EXT4-fs (loop0): 1 truncate cleaned up
[ 1715.037935][T16742] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1715.361494][   T29] audit: type=1326 audit(1721950621.507:2835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16737 comm="syz.2.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1715.385175][   T29] audit: type=1326 audit(1721950621.517:2836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16737 comm="syz.2.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb27b575f19 code=0x7fc00000
[ 1715.532665][T16750] netlink: 'syz.1.2852': attribute type 10 has an invalid length.
[ 1715.672824][T16750] team0: Port device netdevsim3 added
[ 1715.692165][T14584] Bluetooth: hci6: ISO packet for unknown connection handle 0
[ 1715.798347][T16313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1716.049181][T16756] FAULT_INJECTION: forcing a failure.
[ 1716.049181][T16756] name failslab, interval 1, probability 0, space 0, times 0
[ 1716.062484][T16756] CPU: 0 UID: 0 PID: 16756 Comm: syz.4.2855 Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0
[ 1716.073248][T16756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1716.083584][T16756] Call Trace:
[ 1716.087051][T16756]  <TASK>
[ 1716.090166][T16756]  dump_stack_lvl+0x216/0x2d0
[ 1716.095204][T16756]  dump_stack+0x1e/0x30
[ 1716.099669][T16756]  should_fail_ex+0x74e/0x800
[ 1716.104661][T16756]  should_failslab+0x17f/0x210
[ 1716.109808][T16756]  __kmalloc_cache_noprof+0xbf/0xb00
[ 1716.115429][T16756]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1716.120955][T16756]  ? xfrm_policy_alloc+0xb5/0x470
[ 1716.126296][T16756]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1716.132449][T16756]  xfrm_policy_alloc+0xb5/0x470
[ 1716.137619][T16756]  xfrm_policy_construct+0x54/0x11f0
[ 1716.143235][T16756]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1716.149350][T16756]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1716.154878][T16756]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1716.161029][T16756]  xfrm_add_policy+0x2ed/0xc90
[ 1716.166101][T16756]  ? __pfx_xfrm_add_policy+0x10/0x10
[ 1716.171675][T16756]  ? __pfx_xfrm_add_policy+0x10/0x10
[ 1716.177232][T16756]  xfrm_user_rcv_msg+0xf2c/0x1110
[ 1716.182576][T16756]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1716.188753][T16756]  netlink_rcv_skb+0x375/0x650
[ 1716.193815][T16756]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1716.199606][T16756]  xfrm_netlink_rcv+0x76/0xb0
[ 1716.204583][T16756]  ? __pfx_xfrm_netlink_rcv+0x10/0x10
[ 1716.210285][T16756]  netlink_unicast+0xf52/0x1260
[ 1716.215531][T16756]  netlink_sendmsg+0x10da/0x11e0
[ 1716.220774][T16756]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1716.226338][T16756]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1716.231887][T16756]  __sock_sendmsg+0x30f/0x380
[ 1716.236831][T16756]  ____sys_sendmsg+0x877/0xb60
[ 1716.241867][T16756]  ___sys_sendmsg+0x28d/0x3c0
[ 1716.246805][T16756]  ? __rcu_read_unlock+0x7b/0xe0
[ 1716.252041][T16756]  ? __fget_files+0x4fe/0x5d0
[ 1716.256999][T16756]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1716.262490][T16756]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1716.268605][T16756]  __x64_sys_sendmsg+0x307/0x4a0
[ 1716.273830][T16756]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1716.279950][T16756]  x64_sys_call+0x2dd6/0x3c10
[ 1716.284933][T16756]  do_syscall_64+0xcd/0x1e0
[ 1716.289721][T16756]  ? clear_bhb_loop+0x25/0x80
[ 1716.294656][T16756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1716.300873][T16756] RIP: 0033:0x7fa16a575f19
[ 1716.305534][T16756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1716.325415][T16756] RSP: 002b:00007fa16b2d8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1716.334107][T16756] RAX: ffffffffffffffda RBX: 00007fa16a705f60 RCX: 00007fa16a575f19
[ 1716.342316][T16756] RDX: 0000000000000000 RSI: 0000000020000540 RDI: 0000000000000003
[ 1716.350507][T16756] RBP: 00007fa16b2d80a0 R08: 0000000000000000 R09: 0000000000000000
[ 1716.358724][T16756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1716.366923][T16756] R13: 000000000000000b R14: 00007fa16a705f60 R15: 00007ffcc60cdf08
[ 1716.375132][T16756]  </TASK>
[ 1716.677834][T16334] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1717.370276][T16771] IPVS: length: 8 != 992756864
[ 1717.582178][   T29] kauditd_printk_skb: 1 callbacks suppressed
[ 1717.582265][   T29] audit: type=1326 audit(1721950623.697:2838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16759 comm="syz.0.2857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66f8775f19 code=0x7fc00000
[ 1717.773027][T16777] loop4: detected capacity change from 0 to 1024
[ 1717.782695][T16777] EXT4-fs: Ignoring removed orlov option
[ 1718.010337][T16777] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1718.284219][T16786] loop3: detected capacity change from 0 to 128
[ 1718.353763][T16786] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1718.391111][T16786] ext4 filesystem being mounted at /28/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1718.827638][T16196] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1719.411549][T16798] netlink: 'syz.2.2870': attribute type 10 has an invalid length.
[ 1719.444751][   T29] audit: type=1326 audit(1721950625.557:2839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16790 comm="syz.0.2868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66f8775f19 code=0x7fc00000
[ 1719.467956][   T29] audit: type=1326 audit(1721950625.567:2840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16790 comm="syz.0.2868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f66f8775f19 code=0x7fc00000
[ 1719.482510][T14584] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1719.678430][T16800] loop3: detected capacity change from 0 to 1024
[ 1719.729617][   T29] audit: type=1326 audit(1721950625.807:2841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16790 comm="syz.0.2868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66f8775f19 code=0x7fc00000
[ 1719.865593][T16800] hfsplus: bad catalog entry type
[ 1719.992256][T16804] netlink: 'syz.1.2872': attribute type 10 has an invalid length.
[ 1720.142445][T16804] 8021q: adding VLAN 0 to HW filter on device team0
[ 1720.158981][T16804] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1720.429675][T16804] netlink: 'syz.1.2872': attribute type 10 has an invalid length.
[ 1720.447084][T16804] bond0: (slave team0): Releasing backup interface
[ 1720.601546][T16804] bridge0: port 3(team0) entered blocking state
[ 1720.608689][T16804] bridge0: port 3(team0) entered disabled state
[ 1720.620757][T16804] team0: entered allmulticast mode
[ 1720.626133][T16804] team_slave_0: entered allmulticast mode
[ 1720.632273][T16804] team_slave_1: entered allmulticast mode
[ 1720.638277][T16804] netdevsim netdevsim1 netdevsim3: entered allmulticast mode
[ 1720.652208][T16804] team0: entered promiscuous mode
[ 1720.657505][T16804] team_slave_0: entered promiscuous mode
[ 1720.664714][T16804] team_slave_1: entered promiscuous mode
[ 1720.671903][T16804] netdevsim netdevsim1 netdevsim3: entered promiscuous mode
[ 1720.868033][T16196] hfsplus: bad catalog entry type
[ 1720.987971][T16196] =====================================================
[ 1720.995498][T16196] BUG: KMSAN: uninit-value in hfsplus_strcasecmp+0x1ca/0x770
[ 1721.003489][T16196]  hfsplus_strcasecmp+0x1ca/0x770
[ 1721.008725][T16196]  hfsplus_cat_case_cmp_key+0xde/0x190
[ 1721.014578][T16196]  hfs_find_rec_by_key+0xb1/0x240
[ 1721.019810][T16196]  __hfsplus_brec_find+0x26f/0x7b0
[ 1721.031401][T16196]  hfsplus_brec_find+0x445/0x970
[ 1721.036556][T16196]  hfsplus_brec_read+0x46/0x1a0
[ 1721.043470][T16196]  hfsplus_find_cat+0xdb/0x460
[ 1721.048490][T16196]  hfsplus_iget+0x740/0xaf0
[ 1721.053309][T16196]  hfsplus_lookup+0xcde/0xef0
[ 1721.058238][T16196]  __lookup_slow+0x506/0x6e0
[ 1721.066672][T16196]  lookup_slow+0x6a/0xd0
[ 1721.072803][T16196]  walk_component+0x467/0x650
[ 1721.077720][T16196]  path_lookupat+0x27d/0x6f0
[ 1721.082671][T16196]  filename_lookup+0x22f/0x750
[ 1721.087681][T16196]  user_path_at+0x85/0x390
[ 1721.092369][T16196]  __x64_sys_umount+0x146/0x240
[ 1721.097424][T16196]  x64_sys_call+0x3109/0x3c10
[ 1721.102754][T16196]  do_syscall_64+0xcd/0x1e0
[ 1721.107532][T16196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1721.113837][T16196] 
[ 1721.116304][T16196] Uninit was created at:
[ 1721.120935][T16196]  __kmalloc_noprof+0x661/0xf30
[ 1721.132240][T16196]  hfsplus_find_init+0x95/0x1d0
[ 1721.137399][T16196]  hfsplus_iget+0x3e1/0xaf0
[ 1721.143972][T16196]  hfsplus_lookup+0xcde/0xef0
[ 1721.148940][T16196]  __lookup_slow+0x506/0x6e0
[ 1721.153893][T16196]  lookup_slow+0x6a/0xd0
[ 1721.158347][T16196]  walk_component+0x467/0x650
[ 1721.163532][T16196]  path_lookupat+0x27d/0x6f0
[ 1721.168378][T16196]  filename_lookup+0x22f/0x750
[ 1721.173536][T16196]  user_path_at+0x85/0x390
[ 1721.178141][T16196]  __x64_sys_umount+0x146/0x240
[ 1721.183319][T16196]  x64_sys_call+0x3109/0x3c10
[ 1721.188224][T16196]  do_syscall_64+0xcd/0x1e0
[ 1721.193102][T16196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1721.199389][T16196] 
[ 1721.202094][T16196] CPU: 1 UID: 0 PID: 16196 Comm: syz-executor Not tainted 6.10.0-syzkaller-12381-gc33ffdb70cc6 #0
[ 1721.213074][T16196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1721.225904][T16196] =====================================================
[ 1721.239487][T16196] Disabling lock debugging due to kernel taint
[ 1721.247393][T16196] Kernel panic - not syncing: kmsan.panic set ...
[ 1721.253965][T16196] CPU: 1 UID: 0 PID: 16196 Comm: syz-executor Tainted: G    B              6.10.0-syzkaller-12381-gc33ffdb70cc6 #0
[ 1721.266255][T16196] Tainted: [B]=BAD_PAGE
[ 1721.270521][T16196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1721.280722][T16196] Call Trace:
[ 1721.284111][T16196]  <TASK>
[ 1721.287154][T16196]  dump_stack_lvl+0x216/0x2d0
[ 1721.292077][T16196]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1721.298220][T16196]  dump_stack+0x1e/0x30
[ 1721.302599][T16196]  panic+0x4e2/0xcd0
[ 1721.306702][T16196]  ? kmsan_get_metadata+0xd1/0x1c0
[ 1721.312030][T16196]  kmsan_report+0x2c7/0x2d0
[ 1721.316740][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.322145][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.327561][T16196]  ? __msan_warning+0x95/0x120
[ 1721.332519][T16196]  ? hfsplus_strcasecmp+0x1ca/0x770
[ 1721.337902][T16196]  ? hfsplus_cat_case_cmp_key+0xde/0x190
[ 1721.343773][T16196]  ? hfs_find_rec_by_key+0xb1/0x240
[ 1721.349166][T16196]  ? __hfsplus_brec_find+0x26f/0x7b0
[ 1721.354644][T16196]  ? hfsplus_brec_find+0x445/0x970
[ 1721.359926][T16196]  ? hfsplus_brec_read+0x46/0x1a0
[ 1721.365142][T16196]  ? hfsplus_find_cat+0xdb/0x460
[ 1721.370279][T16196]  ? hfsplus_iget+0x740/0xaf0
[ 1721.375131][T16196]  ? hfsplus_lookup+0xcde/0xef0
[ 1721.380177][T16196]  ? __lookup_slow+0x506/0x6e0
[ 1721.385101][T16196]  ? lookup_slow+0x6a/0xd0
[ 1721.389670][T16196]  ? walk_component+0x467/0x650
[ 1721.394726][T16196]  ? path_lookupat+0x27d/0x6f0
[ 1721.399695][T16196]  ? filename_lookup+0x22f/0x750
[ 1721.404859][T16196]  ? user_path_at+0x85/0x390
[ 1721.409615][T16196]  ? __x64_sys_umount+0x146/0x240
[ 1721.414819][T16196]  ? x64_sys_call+0x3109/0x3c10
[ 1721.419865][T16196]  ? do_syscall_64+0xcd/0x1e0
[ 1721.424762][T16196]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1721.431067][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.436512][T16196]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1721.442545][T16196]  ? __module_address+0xef/0x7e0
[ 1721.447669][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.453085][T16196]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1721.459129][T16196]  ? hfsplus_bnode_read_u16+0x3e/0x2b0
[ 1721.464842][T16196]  ? filter_irq_stacks+0x60/0x1a0
[ 1721.470054][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.475478][T16196]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1721.481514][T16196]  __msan_warning+0x95/0x120
[ 1721.486311][T16196]  hfsplus_strcasecmp+0x1ca/0x770
[ 1721.491527][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.496939][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.502438][T16196]  hfsplus_cat_case_cmp_key+0xde/0x190
[ 1721.508130][T16196]  hfs_find_rec_by_key+0xb1/0x240
[ 1721.513387][T16196]  ? __pfx_hfsplus_cat_case_cmp_key+0x10/0x10
[ 1721.519684][T16196]  __hfsplus_brec_find+0x26f/0x7b0
[ 1721.524995][T16196]  ? __pfx_hfs_find_rec_by_key+0x10/0x10
[ 1721.530853][T16196]  hfsplus_brec_find+0x445/0x970
[ 1721.535976][T16196]  ? __pfx_hfs_find_rec_by_key+0x10/0x10
[ 1721.541848][T16196]  hfsplus_brec_read+0x46/0x1a0
[ 1721.546878][T16196]  hfsplus_find_cat+0xdb/0x460
[ 1721.551877][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.557291][T16196]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1721.563314][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.568724][T16196]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1721.574769][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.580184][T16196]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1721.586215][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.591631][T16196]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1721.598182][T16196]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1721.604476][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.609907][T16196]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1721.615973][T16196]  hfsplus_iget+0x740/0xaf0
[ 1721.620682][T16196]  hfsplus_lookup+0xcde/0xef0
[ 1721.625587][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.631075][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.636507][T16196]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1721.642575][T16196]  ? __pfx_hfsplus_lookup+0x10/0x10
[ 1721.647984][T16196]  ? __pfx_hfsplus_lookup+0x10/0x10
[ 1721.653400][T16196]  __lookup_slow+0x506/0x6e0
[ 1721.658165][T16196]  lookup_slow+0x6a/0xd0
[ 1721.662596][T16196]  walk_component+0x467/0x650
[ 1721.667507][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.672942][T16196]  path_lookupat+0x27d/0x6f0
[ 1721.677767][T16196]  filename_lookup+0x22f/0x750
[ 1721.682779][T16196]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1721.688202][T16196]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1721.694279][T16196]  user_path_at+0x85/0x390
[ 1721.698876][T16196]  ? __x64_sys_umount+0x6d/0x240
[ 1721.704004][T16196]  __x64_sys_umount+0x146/0x240
[ 1721.709049][T16196]  x64_sys_call+0x3109/0x3c10
[ 1721.713957][T16196]  do_syscall_64+0xcd/0x1e0
[ 1721.718695][T16196]  ? clear_bhb_loop+0x25/0x80
[ 1721.723554][T16196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1721.729689][T16196] RIP: 0033:0x7f2a28977247
[ 1721.734263][T16196] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1721.754083][T16196] RSP: 002b:00007ffea25b17c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1721.762696][T16196] RAX: ffffffffffffffda RBX: 00007f2a289e344c RCX: 00007f2a28977247
[ 1721.770817][T16196] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffea25b1880
[ 1721.778934][T16196] RBP: 00007ffea25b1880 R08: 0000000000000000 R09: 0000000000000000
[ 1721.787055][T16196] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffea25b2970
[ 1721.795217][T16196] R13: 00007f2a289e344c R14: 00000000001a4001 R15: 00000000001a3c1a
[ 1721.803369][T16196]  </TASK>
[ 1721.806861][T16196] Kernel Offset: disabled
[ 1721.811273][T16196] Rebooting in 86400 seconds..