last executing test programs:

7.919403644s ago: executing program 3 (id=3949):
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f00000005c0)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x6}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@journal_async_commit}, {@quota}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP")
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
pipe(0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x50)
vmsplice(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f00000000c0)="f6", 0x1}], 0x1, 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x78)
close(0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xfdef, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='net/kcm\x00')
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f00000049c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @remote, 0x9}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000180)="5baf8993c9faf9ecc869bdd07f08d2e1a29261fe9162121ab0e186edae84de1aa2eb9aed8777e0e9b3f2e034f8", 0x2d}], 0x1, &(0x7f0000000e00)=ANY=[@ANYBLOB="3802a10a000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000000000000001000740000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5031b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a5efe6c7115774effe28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c2511eb0f9600a0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6d997eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e641036a8afa2ccdb47d7990d5a007faccb2f86664179f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d841c351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000840)="9541376cad1509f6eb19b56536815434844782b1ddaaabc31fbe0eb28cbebe02c01ba5dc19d3cc716feb03838fdda8e8a9b2e9e632455e34db71c844b91195eca33ba4128d9c9110f7a7e261bd8c2cd1cc8643193c38eb5d6c919073de5d93fae9863bba66f9c9ba522dbce4dd1a0d2335b04533ae14b1a6c3dd1a8cdbd77d87759f857d005d332a6edb2e2afe122896680d0566242ca0206aa5ae226399", 0x9e}, {&(0x7f0000000900)="9aa5aeb27b47bd09ce8951cd269a29bdca7db1bcb04bbfb7e527a086f2fb5df750b6d09d6f9d1680d4850316c021b76f8f07e5b23e5d52ca6d3ee0ec1197bdcc6d5adca6940aa9af01cb663da65869f8592e2e14f1e42ea2bf4a8fdb65707a882d3e431d41e05b1eda102491ef2b69e00b1824ce92f0d2f399592336a129e5994e31f0133e61243acb9adf476df116e4d41d303f2c9a91fe7765d5baa78037274a58ad226bf3a59ba85dd70bcd49784f5264a6161f369733a3c0f344ebe2ec188ecb7c7238bd05bbc22f4d933182d01661fe222d89166de7147d070af375e90efc5bf387c5b5cad5", 0xe8}], 0x2, &(0x7f0000000140)=ANY=[], 0x188}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f00000014c0)="94ca39e5f7a848159fa8e187c040a271a5f33a43b9683a3e83ca14c416475436f700574a96cf030420c68aa706258743e35ecde536e868eab037dc136c5591bc46a9c1941f572a364c5ac8638ca4ad67089d57d586ac342a0a681754742e97c68ed5dce24ee0e4874c19133e0ebfd7fc3b5b5d01e34cead2ab8da5acf208bb0b0d3f989f7eb9b5658b53e6884336a8", 0x8f}, {&(0x7f0000004b00)="29fd6917180aeb7d44908bf9fcbec052b465eb0369f5a605fa2c8b96399874780c8433692a0d78ce6b6c9a9f8c3bc7429f9c2150534c7c0a4a66e3bfa186eb6dda82c06af8e8b8a5e9de3f810d172cbbf51707510d3212542efd3e3599d873b23dc093914b6b540f86a712e8dcfc86a864b09c5805b9d1a430a4f88bf70c31f025e648516542e4a88888f3280dc7f9b613166a9201f5714684da3a454988eaa0dd8957cbf02e5c2b935cd1319b85e75e63ebbc9234cef0439302af4d9480fac40ecc355fe9dd3a7e726389a84b98accc9fbdde859d12991f569a1edd9553f6c85d8b4026f7c3029fbfb05dc9850f32becc0c200ba6b38a9413a256672238d1a21ea780306818a1fa064b7221ce940132d4550d315093e1380d6e6d743f7cb2dff252efa45fe5", 0x126}], 0x2}}, {{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001640)="a25608b8f2cba02008ffdad6db", 0xd}], 0x1, &(0x7f00000016c0)=ANY=[], 0x68}}, {{0x0, 0x0, &(0x7f0000004940)=[{&(0x7f0000004c40)="e563986ca623116fd236a44af0c14b3a298e79d3ed17ae6d57983c6303b78b12f28f8dbcd9b03fde9c751d589ecb7a8335844e29d1b530e0797d32e8dda2ad7a22818d4cbeca9bd3562741b0ce5dbabae5648d8dd79775c6403004858e5a126a8a9cd68b3c829e01fe72a1f3e65822771093f1dd5ac2956eb7298ba4e8c87d131d3fdae49ec7b5f4e66b8085020da248d6ef18b97d128327a68498a051d42dfe0edd7a0f837fd6e410be44b0c6a64c751384612eb6217d9ec27a869175c46247c280e246dfa567fb608a0d90ffd448b038ff00cd86cc111574ed00bc597edb42c65c0173e85e634cbdc44dbf9c76c4e0e08a4a5796d5cadd5978b8ba77e7db2c6c7cec0532d26cf42825deb712b3443e2bde60562cf8d7765ad6a09af0f6bb78c6bfc812474d2433a0c1c349dbd123f8ad911bc9841c50dbffedc96ad5a915e066f425d4153f90b2a0e4751aa0828c8bb9a48fa5797abfb3dba73574c2228bb7f91bfd660189d43659d17c6fd99ee1b97c7278d212e5e64f9e56785bc48b88c76f9b8afe0e4be87cb7088fce8990500607454da1dd54dacb5e786c75f748927c831b38a1a31def0c7e7175c7fd7c6889d0407900f7e2e2c1a1a2f312a00a3a4e25604a5a8a3fe1fee051c2a62e0121617e3579b6c190d36a41a808501e8394f074bc8512f863dbc6ab101e0e5fb087933592fc217ce738392883dbbd2ffe1df3b151f9c213a077ed39b4a122535b1db7614b54f51459ac4acc8e194ae76d7715a732d6568b5e1fe4928fe30561f5ae57a13d6ccb1992279c978eb1ac6810bfa486fa1ab1fbc1f70fdf54d95d5f79d25b240d7e3b170dff9e784d0aab1a4e2271ef511035c88ae992ea7ff225350e5db54672eeeb7daff72ccf95357f2764b1d4490a2e518352c383c5bcaf17263e0ebd4bbec55cb43f2b61faeaf16c71360a738795920b6c792730f39f293bd2b10377e010a90f3819e42f3d83f604220fe6f225a6ccb58295e3e0344296d96ac3824be1163da51d20ae98276bf6aa6eac153fa1581a177d7685b9d5c12e0b5ec1cc6adf8d7502247c8a814a44b06fe28daf9670afa180a152cc49f86c34a2647b733077127fafe4903e3968bf4617e6b5a2df374491339b7c540dd4da1e191e2f1eb014a7ff5c229d7493d2924c3d833c3874b3a3b155297cdee561e54e4d222df19f2fd151b087c69f5088980e50443aa53fd81013b10e840127c356041c5f5f8d4d504fa83d2ea00044688a1ae31cf08624740e853538a1e398ed92df11514a5c5e6665d3b36dd42ec2718f2684c03c1f75b27192db9c44f1cb46700591effdc2c318173b0b862b2c03d82813ec5d5e69fc92de76aa990d503e01b9f3d0a204c963649d79df9a69e58237ac9d5a65f38bf1e76c154cf0059c65a1b6397f3bbfb21d84eefaf86b5742e43142362653f03e4f85182e1920138909f2c00badec4a1680d6e9af986283136eeceb7ed4ac9eca9890c26d0aefc68e1e8b2a66741908172114b0fa52c46ee695b6dd2a3d9db21f926c9ab9f8c0fe631fa3f1a0abee0ad06d06b0c52d3d61b607693da27e4b4020a2f128946551ffb4d8052aba62ac61f2078b2c05280abbcfceb6dda0ec8ad774347f26a6349b4d8592d34c8f7bd8ca482861e1d99ec8603e7a269f3f482110efe3598016cf7565e40d174bec85fe9398438331acaae89be26a19501c20e0116fb215284d039570be1683ca4e49fabb13af6f80c9f45a91391fd436391a3553d8126d93effd315decaa3ee6c3c49874b1d6b0acc9c98b1b67974f9223aab645323ab317fa6671938835845b7d08d757671f602e2867330443c68de9c42ebdd33d3c26a39f322e466448b082c5e9982feaacafce688a2a9d5eb58a81d5d5212f47b87a2fc878c94927bc56e4e889ff691dff1fe29ddd744b7fae63546183389da0401ca830667f0aaaaf739ddf06fabf7098b571d878f58f391c984c41a0184f402a4b1d60a0a45ec8a3a8d5f6bf1ba98789db7f83c9d10fe158251f8913b8103ffbcb1237021ba7469f6074ec617512b01eb4ab319e9514b66ca5269c31c0a3d3705396e2bb2eeac3a5c01e6d7b7f6d5fc002bd667ca496b427a19dad6a3981e088bef4b602963d2927b2b3478a6591b23e7740475dd160205e3a646b8400b7ea63484388650d7de7ad07542412a878084b52ee2280929e96605e9847db674153fafdd7d9c2748343458080b966328636a2daa082399b13c89cf54edc2bdc2320d119c41a588fc702006cc4001094d34ccca6742733d00b2e59fe8d0a3c793eb9a2184dfbbdf1fd55726e6f024dce4f1d772acc4092e99378969af2728ca5c458015b227bc73e83aec447fec15aa9307055db4570240e8af47e81d31293723b3bf423957743c7352f8449c5cb781e897d45ac90407464d2aeafdc02f238a196b4a2474910839d4aedbb9660894892b2aa5e9c59beed76fdb97983610af852f3a1dee7a8f101ca2a2987733019863581a9416997937f63d4b84fc6f1fb699b55750cbf8e0fbcc3b66d38a926ea691798fb6d95f5ed7100f0e700fe23740424182a1d749ff2b8f051b5192bace141977af0c27bc7cc3353aea3177cb99aefba0b99a336ca9eb49788be0682b812759f8dfad17ee28da673f65e52938f6fb656c70d00e3a0db99c75841b2b47c95e293e15d1ad140b42fc235c4e25c339dbf210b8b441bc9fe6fd84edb291860db0abb8f7107cfc3aca5659d3939451dd4e289f0e8ea85a3be396e36474b63695c12fd8f3b5bd6c073eb8e47e492d9aa490416bfc99aeedcf6bf7f0e81214cbc08ecf8122f69131fc20512d6668507d801a297d3dcf67bfcfa624c3fa1614e792126a2da7d7d5d6a71c311ab824ea7fd44d296747d7454a09aaf26a97418c4b353717b4c742ab7f12ca5d17923135e4557ab0dea084f0477b01c5bc395a81f6c9ef47183d82cdbda1b974fa47856b7d9171bc37703afb731c962717dd556cac34400806d4a10e47d286f14b8e6f86bee3d132d8af1421406489b235ba365a7b7a2182f5e1260ee06216e375db89f4afb58fd23e6db5bf1aa0329b2057a4462169ad04657ad66e59e039982a1ead077f58bb72ddc608accea1c3c6d679ea6fd462d68b5d6bc8f5facd78e459c8f45d86ea5d650b73253a9d27e65e9e4ba5301dbf817533437f4662e6fe053f7a51c13be49adb150138a8c8ee70188c19aad84c832aad20829b73beb2109ed40be2235610d9462decea013d5ae39f84030cc147275625b14ba29059415fe81d458511bb6ecf50730eebb73c774caefbe34ba73e88dea5eb849a5a8c364261a153d190a2964f1e81262bfd5ccdce5c1782ceb87d05f4d9c6cb96c464bb02c3729cc9c47c62de056f6790a9ff33aeb2682f0901f565854ab28f786370177488b0b5ca1881cbbc6305a7c87ffe1be11bfed77e44c2b3def7814a95622bedd56d8561df6fefd0555dce0fae43083529b2241a76d898a6a2b4528adde6d5a908f32cbba31356dfd8330c3d69f303b459ee6864e44c26e5139b7aed103945e01419aaec617869f9b1922df7852bd649d472e2e20be7cefc8043d2257e34e38344c9ec2fae0ca58abbc9abbf3ae5bf9258f3f348b218b92730b249d39a56186c13d81ddd309775d768b2225aea806fc54940d03f6a50e24a3e407369a01db35cc87a056433c92748a25be3aaec5a2a326b065bb778b932c5007cc6590c02a478fed9144c7d3e9cba2f5c11ae10d0de1fbd7d6ab42914f9b37a82cca2131fbcb990b6449964fd57701653fb477fcfee81ed30c21b37b0e27102c4a098757611b780eb637432ebd644600677bc46188ec204fd3adace7ba43fd86c226f1df6158f36653093a135bc69d97b5366bc1e5b5f5b4ebd63161e8d8852ce24323c5a551a97dfb9f2599401a6b741f9309c3ae9788b44614f2282d206fe271d0455ef0c1fe20e918ff98b308a6f6e19ead24cd6a75a2b43c68f826f8c16192564a525b32886a2bcf7a64903168c4c256f1e378dfebab213b30d4e56f74cabf591914d775dca78cb31f096457d254341bc12690c23655483b04c805c41f5c2de8f2eab1c3ac13f124deaceda0c0b2e59b06a395d881882ec110dc465e2efd097c44e6a222e07dab2ffd5e483b903ed91a8594f8709589c99903093763625f1e89591fbf630f38e8493abea57319f83facc95c243d013a87e322caff1cb1e36d20e80aad39195778a04af4ade723547c3c3090d29b4319e944995969b31b48bfadbda2c35dfd81bf4778ba7da39eb6875fca23a66463686a738372c57e0ae489c9e92c818cee600a630bf12533754bc26cb476e1435d2062918588221d33ec1f8e7d1a7e5efaa86d6e6d9e65247cf22569f67b8ea1d06ef07a143dd2e16a2072935a85417a208659e752b774818997a938acd77874bd0bd6ac719bf82d5b0f778cfe105fc50fd518431bce20b181b91820964de4d652ec487d456a3f61ace44f1e4167295615026502cb873abdea5023b7244ae3f7b7ed80a1d40b82eb1f9875731c60cac5f836df0dd6957ec188209acc4efcc3e51475f45fd5cdeaf57ae65ecf6cf4a4b42b927e4fb70c96a21173fe4e2ef5eca910ef03bb31998fe490501e9d6d2c5b6ca6a7637f946ed16b195bfd36a9bb8be1300aa273c386e18dd0e8bf0eb72b3e1f721a9faea240d60b7e715f4d2b7219a1dbc20db74bc53523b93872b34b16ced4aab0299ca4e14fbfb5e9238a5062cf7313e57e9fcf5676eb515e35492e9bcd371ecc0e161354573e568ab37b57081dca2e679b4c0f80d7e363fa68ef979c987795a624d54524a49f233cad24b0cc7ad467c312803b42c7e21213106373f1806c417dbbc3e1d59ca8256e3a4102b9461501363e96d7b0f7af87aaaa3cccfbbfc09e43a19fab3862544054b4369aad23011a4171e3d5db5a9d1eb6088db6ffbf6ff90599d20cc26eaba85f81647201cc253d5a538f2bfd6ac4a01bef4235d018cc26bb1e011979d52023696ba332669df1f66f416689cbd133ca37e55756691f9a1a1953dd3168f9fb860f95896bdb693f59fafdc278a25c87efec914758d9ab32f9546358abf9ac58773675a3431eb212ee93f5c2f60e956b087496e02d14bfcdf4d22df7594df915a1d8be006cd50030a089409189d8d26122df549ca8d8940c2a39cba63d35b34d2f26661d6578e0f597f737aa5e6742d78c43cb2a3e2e2b757cd532801ea16643d4377d06de019250da31f8d000b4b606c8970295c74433679b5b1e914d4b31804631e3561345707ccb74f0123ba465be63b8e0b347f97332d732848db2f68cdb5736d79fdb9ad6115b4283de3d4c231a8ff77ec2cb9c58e227a35c1f1665ba5515c3d3138c19c7cfbaa65df30c9c65f5b898dd8804fd2b9527d57d17fc078d5a5364043353194f330f0e7928aa1c5e73e1e4de017d0f9094d2d749b5ce0f446efbed3bbf3d4582bb22fd1095f13ade3da996d4e3d09f8a58ba51128931c779afc605ab409cb8f5f0d79746f07e3bdbc9fe61e6752cabf4734b3f37e2d15fe451d2822d800ec17a6fcf38f0176b73596d86a2dab133344d8aa6c194db8bad26f7c1afcd1c8d0ea23e5bfb7401d6958cb7a20a80aba2ab39b11de9480b2458f30c917b13599de40e62cf36a72e11252e957aaf207af3acbc0522ef4a3537df4489fa11dc907fc2cedbf6e9b3c0cf7ad89fef67994a915b06178f170665b4d9f44889ca39807c12b25a19663933cf0e1441ffc0ffa00f4cd966125b46092c6ef0a6496dcf773528", 0x1000}, {&(0x7f0000002780)="99b952f256a5ab105cf2ba3312894938a8e186ea19c706d3634951034a35cdee266674b239d3e48aea3070905511a97741fe290fc75b01a7143a07496d9180c8fbb79b5503fa43e6ac5c02aabb520f0a2a747759783661d993ea515195eb4e6d4902b0842ee7d33d64ca8659baf373c432909c1018ccd1a3fb451ecfe5473b1d9c848be921192f6c5790fa304cdb971188f2ce4fd0aa2e90600aed81a3dcd93a5d7ad1e3f7b915ece518bb3232f1389b9adde564c5725ebbe1cc86f2d3a253fd599aa89d7ab7d0cdc63c1bbfab374bb02869d26236be", 0xd6}, {&(0x7f0000002880)="6e784c24ace14987e706196be0bce08c5f00c4af7a4eb538f7867e018e5b73e21613e57fc8a4db036e82ad922d545e2a201671a95bd6795b266c487f32fce2e7fbcd550a24e48bbc871ed20e3457fe512514ee5b2d5c704a457dda6d8ee9a75dfdbd895824cc50d4340ac674", 0x6c}, {&(0x7f0000002900)="849c3e047503b8564512b3a3e25d4ea8eadfaf1cf9ee611e83531f94b7ec1846b8946861e129bd25b6fed1bfc99de2c1782407cbdc751670d4c781d7ee55756778de15bd5a3e018c3026b65263d0e03418982db2253db32e577971092a99a98f76d6369876162819723f4c31c7498c981a66277daca2c0708cb14858bd32f800959300ba3f5d491592352556c47278809ae2c92a61ea9246252a3f67eeee60b75718102486d5c9ca92920b5e0c787138f3e5fde5d21249855c6608abad96090b935c0ac0a185eb942538a662f21c28653abb9fd9408451bf2c1bf5e6211f22647c328d285b21b3fb92213bf8c657be2137d1a227a1b547c2aa7d158befaf8da9a7fe0c0963bf372897de6179b61a06816afcd26703bcda521098050a498e6dab9aa513c2a542270aff093d395bbdbf7b8f0997b396af18e48c2bb10b93ad27ccf2e9b55cdd85ec576efed64832f0fc89a17f28824fdb07fc44cc7bb94da6b68c911a42e9053547dda3cfd2e93f8b723c79c827cc83c484711c22c47b189b87f062a0c0e1702066f20028c261248fd6f446b462e6027b7be59a1d1f466ff3ded01094121605f8fb1b39f37910121d7ec1c1449ab3005f1026456476031822655751af182fd60baee46242cace1e0b51ebd71a4fdd62f582452fcdd6211ac2e9eea1567a4b108b357a29ff7e2ca4cef68fd2f47fb1d43d6b3be2983ba7d882374a81379652a1ef6a7fba30fc161a4b2270c0bae38cd2079a3a97198bf3a60a7830a1816e7bc2d93535787ce1853d467055a768fa1de68acee4911edb4c6db2bb10a1a4f8f3e0f32062290a061e997c5585caaf730d80aad6c18c79c44b05468a8126e0839e8608314d0ff8705d169c4fa16b41373cd76654ca30c36389d558d22ad1e22a09f541ea3a6fede18d18fb5d0014696c9c5787913aba82ffb1b799f74ed35b72bc240307ab0c507082174f27f7693d473853b8275395aafda3a9bbacf597f8dd10ca2879826692953e4ca4ba7fbd782cc4d2967b3a96ab9a8800170ce77ed8d58f3bac0a147a54249a93924283d16b80dc35a3d15aa469676d1b05854da7e31806879d08fdceeef7481f4abb2b307e1c6964ea74c7e5c2dca9ac2356b6cdca7a8411bd9cc0733e7c7d0fce70b3eb415aae00149962516e6302a45faaec883490563f9a866005cc17a2a32bd4f2e243cb99a827b6cae03e95f6cd2725fc83d7b8d6cdb7d36d9fedf37a660bc8f57df947875a605a42e51503b9eb8447ea477f03dd7fff7054d46efcbe4794d361346895c1b80d25766620f9743b3fc84fe9c9c54a2244de003991cb32a1b42399cdfbdec1982c004c788709be29cedbb912ac264c6e9a96cb2267933d2f1cf826bebec561d44e9a95a52a0daed9d3951d207d5a9de538897c63580cbf17d60b529be0bed70ab792a432999b938d72635318e38186d531bf0a4e1e797a8a99c647924296196598c44e6144f1106a85a10cda48aef37412ced709af91fbb5fe0e2ed01ca8dd799402cb8e495f9640f8bd1209658c6b39358ec261cf9a07d19bee7de108e66594aad568f94074ef25da75552a79956c8813a770fbdc55b041f098e5b766638bde68f26a872be19985df3b6976ec750a618f95d2bec79a40005cdaef52419dea674de30272b0ba6a7102a574052d5c76b4d8704f816d3f93f190c592fe5dd746f4f9056a79fdddd0782c354a79519964c9ca791044e8e51f5a786f47fa49e8feb3c265c78e85f168950147c908e9c8baa3be88098387b825a937d3aa868d1ab224767344ff6309c3580f24dead0e9de3da12639ef5a21cb3e2b569cc90601cd43efd8454b44bc12235368f5e4070526042df1a2ae0f6823eb525055e85070d808af04d6483a4389112c1e68c07a5abe38983a87c20b2e3f329827c8e7d8a42c20e0b90332bc93cb50d57e99660fa0e6d039da8a357f1899439e005a6d447e2f956fddb8c33d78602d498a665b031ea75487b2865a803a9f068f59226aad09a751efaf2e74022ca3fa0ab496223e298dd84edaee9ce8a525e9645f588b8d1c6059e6ba3518e17630cba178c486ab734a5fec866a5586c7843dc4121b343c1d8f3c4230c5f2547a2d1a4a262b7c6fd2667fe241639368b4438fd68637c319eaa80c8c835ef2a7cfcf3657186bd744cd83df60376acd6ca95ab777ca8f2da8ccf350fdb5edb25fe604581be6e7c78b7ac8a6fd5c8a7bc4888f13f2d5c4e1d05d127aedd74c054eda55c114b4226dcdfa5f2b9136cb1bc8f6350681e14826dc57cb59b1b28da16bc4571658cd59572fe1017f4ce15df51a443c64fd39f7bd8f7147405c7eb0ae84902f319dbece0ee833a560c25d5e53cc4d23b01e2c77682580e63094a47b6af0899e9e925089c8c373bd4abadbd53b6db299bda8e282a6a09482c885a56a82a437977380c9b20014d3d4f1845db9e2de3c7a5fc53fd43aece43120df132edd03906fd2317aa979fb8cc3a835af6cb26c088a22e7e92b5f864e88eb5e22689eaf1f5b63ba3dd69a98e155f593918b75d690fed832a04851a4b93cd36fb6defa9b39b0ed7adc6224374f0980088eba2c30b1ebbbdf00568c561b6604cd49c562dadb11df287f76537e5c074e537e6f8470d134e94e5f5c9b3f791c9682c586b14c653bc5f8dfdc1900ba857c7feb91e7d326f2826cf5966f58ed34f147922ca2b13c779fddf32e0ec2b57575320f1cc016b87b7191e3a72e8fb04c4465a8958897456e5fde76fcf1c2d3c98e7b2c7676893fbc26c66b48527cefa4adf3ce1e81df39036f3c325882578774bc930fdad9ab3d7b3583eb27067e347944cf4d20f76b4e59b3ea3b8ad7599438b8e3556dbf0792a6ef3b53e55683a2eea35754136edf0ff284d77e0b59790416c7c64cbf5133c4f8bfb302b953a6f93b3cafc8aa6cec076ca050f726e3d4ff092959ca1c65c21", 0x82a}], 0x4}}], 0x5, 0x8008801)

7.758358867s ago: executing program 3 (id=3951):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d0000008500000050"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)

7.747586828s ago: executing program 3 (id=3952):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ftruncate(r2, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000180))
pwritev2(r1, &(0x7f0000003100)=[{&(0x7f0000000440)='\x00', 0x1001}], 0x1, 0x6040000, 0x0, 0x0)

7.571627942s ago: executing program 3 (id=3953):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
pipe(&(0x7f0000000100)={<r2=>0xffffffffffffffff})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
vmsplice(r2, &(0x7f0000000180)=[{&(0x7f0000000140)='b', 0x1}], 0x1, 0xf)

7.510397337s ago: executing program 3 (id=3959):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000000c0)="c057", 0x2}], 0x1)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000200)="ca", 0x1}], 0x1)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xffffff7b}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

7.443535413s ago: executing program 3 (id=3961):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000640)={0x0, 0x0, <r1=>0x0}, &(0x7f0000000680)=0xc)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040)={0xfffffffd, 0x0, 0x0, 0xbdd7, 0x2, 0xfffffffc})
ptrace(0x10, 0x1)
setresgid(0x0, r1, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x4)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140))
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="5c00000012006bab9e3fe3d86e6c1d0000147ea64e21160af36504b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000400060100000800030006010000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

1.71610217s ago: executing program 0 (id=4109):
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)) (async)
socket$netlink(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) (async)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) (async, rerun: 32)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) (rerun: 32)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000500)={<r2=>0x0})
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async, rerun: 32)
unshare(0x2c020400) (async, rerun: 32)
msgget$private(0x0, 0x0) (async)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x2000, 0x0) (async)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/19}, 0x2000, 0x0, 0x0) (async)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000180)={r2}) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000480)={<r3=>0x0}) (async)
r4 = socket$packet(0x11, 0x3, 0x300) (async)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, &(0x7f00000000c0)=0x4088, 0xffe1) (async)
bind$bt_hci(r5, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) (async)
recvmmsg(r5, &(0x7f0000001840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) (async, rerun: 32)
setsockopt$packet_int(r4, 0x107, 0x0, &(0x7f00000000c0)=0x8, 0x4) (async, rerun: 32)
setsockopt$packet_tx_ring(r4, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300}, 0x1c) (async)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) (async)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) (async, rerun: 64)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={r3, 0x3, r1, 0x5}) (async, rerun: 64)
bind$inet6(0xffffffffffffffff, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) (async, rerun: 64)
shutdown(0xffffffffffffffff, 0x0) (async, rerun: 64)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)

1.621825957s ago: executing program 0 (id=4111):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d0000008500000050000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)

1.619701648s ago: executing program 0 (id=4113):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940001000000fcffc50000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000040)=@updsa={0x104, 0x1a, 0x1, 0x0, 0x0, {{@in6=@ipv4, @in=@dev, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x4d3, 0x3c}, @in6=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@coaddr={0x14, 0xe, @in=@broadcast}]}, 0x104}}, 0x0)

1.58973111s ago: executing program 0 (id=4115):
r0 = epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40088a01, &(0x7f0000000000)=0x100)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
r2 = syz_io_uring_setup(0x7279, &(0x7f0000000080)={0x0, 0x0, 0x13100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r2, 0x2def, 0x0, 0x0, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e22, @loopback}, 0x10)
sendto$inet(r1, &(0x7f0000000100)='\x00', 0x1, 0x0, 0x0, 0x0)
r5 = socket$inet(0x2, 0x6, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r5, &(0x7f0000000300))

1.58811317s ago: executing program 0 (id=4117):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_mr_cache\x00')
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)}, &(0x7f0000000400)=0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x25, &(0x7f0000000740)={0x0, @in={{0x2, 0x4e22, @rand_addr=0x64010101}}}, 0x90)
fallocate(r1, 0x0, 0x0, 0x1001f0)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0)
fallocate(r3, 0x3, 0x1800, 0x10000)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000583ca91a0012800b00010067726574617000000c00028008000700e00000010a000100aa"], 0x48}}, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f00000000c0)=<r8=>0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
sendmsg$NFC_CMD_DEV_UP(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r8], 0x1c}}, 0x0)
pwritev(r7, &(0x7f0000000340)=[{&(0x7f00000001c0)='}', 0x1}], 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r11=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r4, r11, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x28a, &(0x7f0000000b80)=ANY=[@ANYBLOB="bbbbbbbbbbbbffffffffffff86dd6ebf9b2b025421fffe8000000000000000000000000000aafe880000000000000000000000000101730600000000000007200000000306034000060000000000000002000000000000000500000000000000c910fc010000000000000000000000000001000000006304000000000000000100010a00000000000000000000c910fc01000000001500000000000000000100000000000000293000000000000007200000000306010100030000000000000006000000000000000000000000000000c204000000007fdb18cecb85a73983e5b48b4bf81dd6397cc0346003375897122e628807b991a8c2de03643294523eea303e125e1337029fc6045d4cdd11dfd05cf06b4386b667315a3e57889d2a2523ef207a2313aaa51508c36cd8313ecc0a01cb0a70b90a1e04f754e119feb29f055724830f2502b487c132e3decdc19b1b8c99acf687902e6973383d2aef1bfbf69fbf1f282b6c3b824655c8ed13821c416a7eb548c1b4bbdcf14aa8e25165510b499b8997a14b810edaa85d29bd48341250fd8f35217e94019516ae615e3735b04966a463278e7263146e6929eab22a4621c0e507180000000104010800d8a50000000000000300000000000000ca5e17ede40b58f3eafcf14fc1d55a5188bdac12caa8baec8a65ab9f72d9dc2314d408ab26eaaacba69b2f7196563f54f6d1d112bc2a61c6678570a8824a9bcb3263d7e5a06e138c7e49cc9388c0968d09d864e1f0bb227e17bd8a5ad9d6978dc26808276530ea8cc81b0401fd0000000000002e000d08680000004e224e2304619078ee6c037e7fb4e8de990d2ea0c8046678d355314eb2dc65301233105810e5ed0d303dd3b4a72bc53882fd8a35637387df1fe13261bebc44da58a07cda1576ea0fadbf42b2"], 0x0)
pread64(r0, &(0x7f0000002900)=""/4100, 0x1004, 0x0)
open(0x0, 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x4, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc093fce47d85272036dc78388e3dc177e9b496", "d304e6d6ae9ef30bea2a72f60000000000406728002000000000001300"})

1.046391934s ago: executing program 4 (id=4136):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000140)='./file1\x00', 0x80c406, &(0x7f00000005c0)=ANY=[@ANYBLOB="646f74732c646f747300646d61736b3d30303030303030303003994db69d6fadd9fe8357bb9b326973636172642c0166733d6e6f7774066c655f726f2c6769643d8bde74b54a903862b1d491a0644fd032adf103782b3e6ab9bb8b7d5a0000008000000000831cac568a8781052c1f78a90d525fbffbbe712b3588cd20fd6b4fa30f99796b63d0000200006bf7964f30b515830fe521179cb856fcec51525e76986850e3c2079c07811902047009a8bd311ec4398a92a06f061a5a0ba1eb2b3db991e65cb55232662ecb874cb1ea47734fd6c56b06c03f20235fad7299622ac7c70fbb5466c8f69e506f15f9048273682c4abdddc8cbc849980b03000000000000000000000063e0c97554c132b6effff3b3e0c109c72f794db4da27b9108716f1877464f58d22d0ea6e75321d887a6a375c5cf8cce358a8df2720e76ce466c78c7901cc6071bc2eafaa394d4290e95d4db56b59ed5d9bd10d94b075a7ace6d3f19993baa452c9ecc39f61cc383b51b627ad3b736c045f8c784b64531d7535f784ce34998dee85b80f515bdeba72caeb00c76ae7cb06986d7e9f9fec03b990c1fc56d5161ae3c622a649f9f95781dd32bc8e4090861fcad6bed6a3be33f3602b136695e7543543b93f62312f5387cd4c6d1aa22271ec1be39d675c08f44ed601b6c8fbf92f448158194570618bfd504dfd0ff459eff7bc34e453816efefe372fcecc66f0956afbe155f1f53d0eff4872d6921804209e82af2ed0a588b8ebbef33bbbc3d495d110acf1a7537f33a8f5a82a29e2d6761b50d3db9dae0a9606eb4b0a92cdb504659776a21344b8fdc9ca3851a76938dd00e59cb1d1ad7ec9ac6e19d3244e209fd56e67caf895cf9f8507b063cac9ddc2ae46f7dff3f9b86b5b3838383015a502f3540a8a796580c78737b10f54977af5cee89e91cc54e21101973aed1e03820294e9811ef0c389ec53e04e14f226213fa4fd2f9c32cd317f936edcf16bffd78d69907336f1e4cf69c22d2e8f0a1caa2623483b45be9f59f1b74cd3f19a92db916f959d4bcb800c50bfabd4d63861e036ef6d614d46c31ab711ad2ead248d781e89017fc7c22d22be274e450e5f1837bf10921f4b117439ad4503f11682542bdba745be99", @ANYRES64=0x0, @ANYRES64], 0xff, 0x2a9, &(0x7f0000000a40)="$eJzs3M9rE0EUwPGX3TabVvrjJOjFh170stR4VMEoLYgBJe2KehC2dKshMSm7QRMRzNlT/47i0Zsg/gO9+wd4K4L01JMrTTbrJqYVa0w0+X6g7My8nXZmXwtvCpu9B9vPSpuBvenWxMioGCJNORBZlKJ0pKJrutVOx+NyPStNubT0fP/N6sNHd3L5/HJBdSW3diWrqvPnPrx49fb8x9qp++/mLUt2Fx/vfc1+3j29e2bv29rTYqDFQCvVmrq6Xq3W3PWypxvFoGSr3it7buBpsRJ4fld8s1zd2mqoW9mYm93yvSBQt9JQQxpaq2omWlVFbdvWudnDdkYmSPq3Zzg7hYKb6xuaqCc33nw/55oiMvNTTp2d0awIAACM0tH1vxHf06n/jd76X+QX9f/r6K759wOv/02J6/+S16r/a35D3SduMVn/41jOjSPr/2MYf2cx+BOpZqJzsyvk+7mZ/pOo/wEAAAAAAAAAAAAAAAAAAAAA+B8chOFCGIYLh1dDRMKob4mImej3mcob4mMgmf8w8WVFCT4m/xgDiRf3MiJfmnWn7qRa13Z85XZ+eUlbEi/+7dfrjhnHL7fj2h2fltkonu0bT8vFC+34YezW3Xwyvl13ZmSjZ61mV685yMcAAAAAAMBYszW2GA9mJD7f27Za0htvnd9bjSkR6fx/oOd8PyVnp4a4EQAAAAAAcKSg8bLklsueP5yGOcSfdeKGyMmmXw2tgSzDFJHEiBWlKnlPYVVkcFtOy0m33NOwxOusdriJ+5Qb/a/NcBrXBvYNw5RIe2Q6ylnPXwEAAACA8fLjPDDqlQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMLmG8dFlo94jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8K/4HgAA///iILNY")
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r1=>0x0})
sendmsg$can_bcm(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x1, 0x7ab0715dca68fed7, 0x0, {}, {}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x20000600}, 0x1, 0x0, 0x2000000}, 0x0)

1.011253748s ago: executing program 4 (id=4137):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x0, 0x400}, &(0x7f0000000040), &(0x7f0000000140))
r0 = socket(0x80000000000000a, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x1, r0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="1a"], 0x118)
r2 = socket$inet6(0xa, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
shmget(0x0, 0xa000, 0x2, &(0x7f0000ff3000/0xa000)=nil)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000340)}, 0x20)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="4000000010001fff"], 0x40}}, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r5, 0xc0105502, &(0x7f0000000340)={0x1, 0x1})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000001d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000500000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a5"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x4000)
r9 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
io_getevents(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000ac0))
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x0, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f00000001c0)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x1}, 0x20)
syz_mount_image$ext4(&(0x7f0000000580)='ext3\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f00000001c0)={[{@grpquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@jqfmt_vfsv1}, {@max_batch_time={'max_batch_time', 0x3d, 0xefe}}, {@nombcache}, {@journal_checksum}, {@barrier_val={'barrier', 0x3d, 0x648}}, {@barrier_val={'barrier', 0x3d, 0x7}}]}, 0x1, 0x5de, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSlMSoepIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSR4MTFejDHx5EH8L5TIxQMnPXnw4smQEDXEk4lrZjtTuu1sS0vbqcznkyx9894O70233763r+/NBlBZA+k/tYg9ETGVRPQmcwtl7ZEVDsw/7+5fH51KH0nU66/9kUSS5eXPT7KvPdnJXRHx0w9J9Lctr3d69vK5scnJiUvZ8dDM+amh6dnLB86eHzszcWbiwsgLI0ePHD5ydPjguq7rSkHeiWvvvt/7yeib33z1TzL87a+jSRyLl7MnLr6OjTIQA43vSbK8qOfoRldWkrbs52TxS5y0l9gg1iR//Toi4onojba49+L1xsevlNo4YFPVk4g6UFGJ+IeKyscB+Xv7pe+Da6WMSoCtcOf4/ATA8vhvn58bjK7G3MDOu0ksntZJImJ9M3PNdkXErZuj107fHL0WmzQPBxSbuxoRTxbFf9KI/77oir5G/Nea4j8dF5zMvqb5r66z/qVTxeIfts58/HetGP/RIv7fWhT/b6+z/oF7yXe6m+K/e72XBAAAAAAAAJV143hEPF/09//awvqfKFj/0xMRxzag/oElx8v//l+7vQHVAAXuHI94qXD9by1f/dvXlqUeaawH6EhOn52cOBgRj0b0R3TsSI+HV6jjwKf9X7YqG8jW/+WPtP5b2VrArB2323c0nzM+NjP2oNcNRNy5GvFU4frfZKH/Twr6//T3wdR91tH/7PWTrcpWj39gs9S/jthX2P/fu2tFsvL9OYYa44GhfFSw3NMffvZdq/rXG/9uMQEPLu3/d64c/33J4vv1TK+9jkOz7fVWZesd/3cmrzduOdOZ5X0wNjNzaTiiMznRluY25Y+svc3wMMrjIY+XNP73P7Py/F/R+L87IuaW/N/Jn817inOP/9vzW6v2GP9DedL4H19T/7/2xMj1vu9b1X9//f/hRl+/P8sx/wfzvsjDtLM5vyAc24uKtrq9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAwqEXErkhqgwvpWm1wMKInIh6LnbXJi9Mzz52++N6F8bSs8fn/tfyTfnvnj5P88//7Fh2PLDk+FBG7I+Lztu7G8eCpi5PjZV88AAAAAAAAAAAAAAAAAAAAbBM9Bfv///5xvuz3trJbB2y69rIbAJSmIP5/LqMdwNbT/0N1iX+oLvEP1SX+obrEP1SX+IfqEv9QXeIfAAAAAAAeKrv33vgliYi5F7sbj1RnVtZRasuAzVYruwFAadziB6rL0h+oLu/xgWSV8q6WJ6125kqmTj3AyQAAAAAAAAAAAABQOfv22P8PVWX/P1SX/f9QXfn+/70ltwPYet7jA7HKTv7C/f+rngUAAAAAAAAAAAAAbKTp2cvnxiYnJy5JvLE9mrGViXq9fiX9Kdgu7fmfJ/Kl8NulPUsS+V6/+zurvN9JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs/8CAAD//wZJJhA=")

712.049132ms ago: executing program 0 (id=4140):
syz_open_dev$tty1(0xc, 0x4, 0x1)
unshare(0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x7a05, 0x1700)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x103, 0x83, &(0x7f0000000200)=0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000080019500"/17], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r1}, 0x10)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x30044041)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x34f4, 0x10, 0x0, 0x16a, 0x0, r0}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
epoll_create1(0x0)
syz_io_uring_setup(0x6820, &(0x7f0000000380), 0x0, 0x0)
syz_io_uring_setup(0x5ddc, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x10, 0x0, 0x0, r3}, 0x0, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000002c0)={'syztnl2\x00', &(0x7f0000000180)={'ip6gre0\x00', 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x12}, @empty}})
r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x300000b, 0x10, r6, 0x200000)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r7, 0x570e, 0x56a4, 0x5, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
acct(&(0x7f0000000140)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10)

594.180231ms ago: executing program 2 (id=4142):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001c80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x84, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x18000000, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x8}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "f8"}]}]}]}]}], {0x14, 0x10}}, 0xc0}}, 0x0)

531.521006ms ago: executing program 2 (id=4144):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000120000f1850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c0000003400090000000000000000000300000004000000130003800a41a006"], 0x2c}}, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'rose0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000000000002eeed88696", @ANYRES32=r3], 0x20}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000540)={'ip6tnl0\x00', &(0x7f00000003c0)={'ip6_vti0\x00', <r5=>0x0, 0x29, 0x2, 0xf8, 0x400, 0x32, @dev={0xfe, 0x80, '\x00', 0x43}, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x8000, 0x7, 0x7, 0x9}})
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f00000006c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x68, r1, 0x2, 0x70bd25, 0x25dfdbfc, {}, [@ETHTOOL_A_DEBUG_HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x814}, 0x40890)
r6 = open(&(0x7f0000000380)='./file0\x00', 0xa041, 0x0)
bpf$MAP_LOOKUP_BATCH(0x12, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x10000, r6}, 0x38)
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xb0, 0x0, 0x7, 0x101, 0x0, 0x0, {0x3, 0x0, 0x4}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_FILTER={0x2c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xfffffffb}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x3ff}, @NFACCT_FILTER_MASK={0x0, 0x1, 0x1, 0x0, 0x1e}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x7f}]}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x8001}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_FILTER={0x4c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x40}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x8cb}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xffff}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x1}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0xf336}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x5}, @NFACCT_FILTER_VALUE={0xffaf, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x7}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x4000021}, 0x20000085)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000001040)=0x80000004, 0x4)
listen(r8, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e3000000000000000000000001400010067726530000000000000000000000400080001"], 0x4b0}}, 0x0)

499.815329ms ago: executing program 1 (id=4146):
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000001500)={0x118, 0x0, 0x8, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_TAGLST={0xc, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x28a2f81226833de9}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_MLSLVLLST={0xd4, 0x8, 0x0, 0x1, [{0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7d18da9b}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3ad8f148}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x26faf32}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x39}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x70515454}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7787b9c}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6c6a2107}]}, {0x3c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x286ac6e1}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6ce3ad10}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3a}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3ce59874}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x41}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x69}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7bf0d9a4}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x19}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x29ed89a4}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x5d3bba56}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x29}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x46500dfa}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x46}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x602223b4}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x733f17bb}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x44c4fa07}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}]}]}, 0x118}, 0x1, 0x0, 0x0, 0x20006000}, 0x4001)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$loop(0x0, 0x8, 0x0) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x11, 0xc, &(0x7f0000001880)=ANY=[@ANYRESHEX=r1, @ANYRESOCT=r0, @ANYRES8=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff07, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) (async)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x1}, 0x48) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001840)=ANY=[@ANYBLOB="140000001a000dad"], 0x14}}, 0x0) (async)
recvmmsg(r3, &(0x7f0000004100)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)=""/105, 0x69}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/55, 0x37}, {&(0x7f0000000100)=""/172, 0xac}], 0x4}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0, 0x0) (async)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000001680), 0x2000, &(0x7f0000001780)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@loose}, {@cache_loose}], [{@obj_role={'obj_role', 0x3d, 'GPL\x00'}}, {@euid_eq}, {@flag='async'}, {@fsmagic={'fsmagic', 0x3d, 0x1}}]}}) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x8000, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x1, &(0x7f0000000b40)=ANY=[@ANYBLOB="850000000c0000006aa210433fd5556e566bbc9b52ff0c236495dbc693221dad09b8a99b925ba866a2730b4cd182fcd61c0bc974dc385e9332a6b243cc8be33c583f3721ca3ed48d24d7bde69efffc63b9701d9c34fe93bc7563c70f5534a56aeeef7fa8d265efa12844b52312a8d9b8c8298bb040e92399fdf9399d3027582b1c38f1635dfc35db95119aec934c6f525e1cf4c250a4f20881c352"], &(0x7f00000003c0)='GPL\x00', 0x7, 0xef, &(0x7f0000000400)=""/239}, 0x80) (async)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, &(0x7f00000000c0)=0x13)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_IIF={0x4}]}, 0x24}}, 0x0)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r7, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0xac}, {0x6}]}, 0x10) (async)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYRES8=r5], 0x0) (async)
poll(&(0x7f0000000100)=[{r5, 0xcf9aa395655278ef}], 0x1, 0xe7f1) (async)
syz_usbip_server_init(0x3)
ioctl$TCSETA(r5, 0x5406, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, "3321ef5b1bd01fec"})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYRES8=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r8}, 0x10)
setfsuid(0x0)

483.877491ms ago: executing program 2 (id=4147):
syz_mount_image$ext4(&(0x7f00000010c0)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x200000, &(0x7f00000019c0)={[{@user_xattr}, {@nomblk_io_submit}, {@errors_remount}, {@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@data_err_ignore}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==")
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000001400), &(0x7f0000001440)=ANY=[], 0x386, 0xb00000000000000)

395.697367ms ago: executing program 1 (id=4148):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@ipv4_newroute={0x2c, 0x1a, 0x1, 0x0, 0x10000000, {0xa}, [@RTA_DPORT={0x6}, @RTA_IIF={0x8, 0x3, r2}]}, 0x2c}}, 0x0)

395.392877ms ago: executing program 1 (id=4149):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000007600000000b94800770000000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='rss_stat\x00', r0}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='debugfs\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x25, &(0x7f00000000c0))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000000)={0x0, 0x0, 0x1000000})
fcntl$lock(r2, 0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x9})
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x970026, &(0x7f0000000480)=ANY=[@ANYBLOB='mode=00000000000000000000000,uid=', @ANYRESHEX=0x0])

364.91778ms ago: executing program 1 (id=4150):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r3=>0x0})
connect$can_bcm(r2, &(0x7f0000000480)={0x1d, r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f00000001c0), &(0x7f0000000200)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket(0x10, 0x3, 0x0)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x800, 0x0, 0x1, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x8}, 0x48)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r8=>0x0})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000001b0000000c00018008000100", @ANYRES32=r8], 0x20}}, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000680)={{{@in=@empty, @in=@private}}, {{@in=@multicast1}, 0x0, @in6=@remote}}, &(0x7f0000000880)=0xe8)
socket$netlink(0x10, 0x3, 0x0)

364.6637ms ago: executing program 2 (id=4151):
r0 = socket$inet6(0xa, 0x3, 0x3a)
sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="a00000000a0000002900000037"], 0xa0}}], 0x1, 0x0)

306.127615ms ago: executing program 1 (id=4152):
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x6}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x6}}, './file0\x00'})
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x880)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r4=>r3}, './file0\x00'})
io_uring_register$IORING_UNREGISTER_EVENTFD(r3, 0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x2, &(0x7f00000003c0)=@raw=[@btf_id={0x18, 0xb, 0x3, 0x0, 0x4}], &(0x7f0000000400)='syzkaller\x00', 0xc8d4, 0xd0, &(0x7f0000000440)=""/208, 0x41000, 0x3, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540)={0x1, 0x1, 0x1, 0xb8}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000580)=[r1, r2, r3, r2, r3, r0], &(0x7f00000005c0)=[{0x5, 0x3, 0xf, 0x8}], 0x10, 0x200}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x13, 0x24, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xdbea, 0x0, 0x0, 0x0, 0xf40}, [@jmp={0x5, 0x0, 0x2, 0x0, 0x7, 0x1, 0x1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ldst={0x2, 0x3, 0x1, 0xb, 0x5, 0xfffffffffffffff8, 0x8}, @call={0x85, 0x0, 0x0, 0x6a}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}]}, &(0x7f0000000240)='syzkaller\x00', 0x80, 0x97, &(0x7f0000000280)=""/151, 0x40f00, 0xc, '\x00', 0x0, 0x35, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000000380)={0x5, 0xd, 0x7, 0x40000}, 0x10, 0x0, r5, 0x1, &(0x7f00000006c0)=[r4], &(0x7f0000000700)=[{0x1, 0x4, 0x3, 0x1}], 0x10, 0x9}, 0x90)
setsockopt$MRT_TABLE(0xffffffffffffffff, 0x0, 0xcf, &(0x7f0000000800)=0x1, 0x4)
recvfrom(r1, &(0x7f0000000840)=""/247, 0xf7, 0x20002000, &(0x7f0000000940)=@pppol2tpv3in6={0x18, 0x1, {0x0, r3, 0x4, 0x1, 0x1, 0x2, {0xa, 0x4e22, 0x1, @private1, 0x7}}}, 0x80)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000a00)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_PMK(r2, &(0x7f0000000b00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x78, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "b55729da05a218effe96b066b086e517"}, @NL80211_ATTR_PMK={0x14, 0xfe, "217c3f034c72184818c34d0fb7b25a90"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMK={0x14, 0xfe, "0e8499e236b1197b3b950ba8f4a145e8"}, @NL80211_ATTR_PMK={0x14, 0xfe, "0d4569b67ec779a3870ea789f31716dd"}]}, 0x78}, 0x1, 0x0, 0x0, 0x8014}, 0x4040010)
ioctl$TCSETS(r2, 0x5402, &(0x7f0000000b40)={0x8, 0xfffffffc, 0x3efb, 0xf55, 0x7, "a8842ccc0decae8ad3a17e13c45ebbc557354c"})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000b80)={'batadv0\x00', <r7=>0x0})
pipe(&(0x7f0000000bc0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000dc0)={'syztnl2\x00', &(0x7f0000000d40)={'ip6gre0\x00', <r10=>r7, 0x29, 0x80, 0x4, 0x4, 0x48, @mcast2, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7847, 0x700, 0x80000000, 0x5}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001140)={r9, 0xe0, &(0x7f0000001040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000e80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, &(0x7f0000000ec0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000f00)=[0x0, 0x0, 0x0], <r11=>0x0, 0xec, &(0x7f0000000f40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000f80), &(0x7f0000000fc0), 0x8, 0x6d, 0x8, 0x8, &(0x7f0000001000)}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001200)=@bpf_lsm={0x1d, 0x19, &(0x7f0000000c00)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xdadc}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @cb_func={0x18, 0x1, 0x4, 0x0, 0xfffffffffffffffe}, @jmp={0x5, 0x1, 0x5, 0xb, 0x7}, @exit, @generic={0x6, 0x3, 0x3, 0xc9, 0xff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000d00)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x40, '\x00', r10, 0x1b, r1, 0x8, &(0x7f0000000e00)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000e40)={0x0, 0x5, 0x0, 0xfffffffc}, 0x10, r11, 0x0, 0x0, &(0x7f0000001180)=[r9, r3, r0, 0xffffffffffffffff, r8, r8, r3], &(0x7f00000011c0), 0x10, 0x7}, 0x90)
fchdir(r5)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001300), r4)
sendmsg$IPVS_CMD_ZERO(r12, &(0x7f0000001400)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000013c0)={&(0x7f0000001340)={0x70, r13, 0x102, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x15}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xffffffff}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'rr\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xffff}]}, 0x70}, 0x1, 0x0, 0x0, 0x40859}, 0x80)
umount2(&(0x7f0000001440)='./file0/file0\x00', 0xb)
setuid(0xee01)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000001480)=0x13)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000014c0)={{0x1, 0x1, 0x18, <r14=>r0, {0x1}}, './file0\x00'})
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000001540)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000001500)={<r15=>0xffffffffffffffff}, 0x0, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CONNECT(r14, &(0x7f0000001580)={0x6, 0x118, 0xfa00, {{0x7fffffff, 0x7, "33754c8677f2aec53b10dca7c1d8c5116c361eee7258ba1488a7e75e4cf4db0fecba11ca389b08ab485dd853e20e0198eefcfa8766a41668a83161368d80af8e2671e10bff652cbcd7c3c50d9f04d78660b7595a6d5adf31f92b0c9167b924fe81dbd8f8e73ad09b0bffa79957883485ac836159cce0f5c2793299dcc9ed633b514097e22a01cd482fee784945171671a021af038995b3d0b11a4badee8e2f5dd746a6269e12350947d925f1692a113cc81d78aeb97aeeac43b76184a7b3f98bdefb77c86299ceb6f12ee9073721d9c840ff2f656bb05b99fb0b58a3aa0243b317f9c6a78f3c8f680eab2279efc3217a230fbc8bdfe7549be17efdd4114a7396", 0x3d, 0x0, 0xc, 0xd, 0x1, 0x22, 0x5}, r15}}, 0x120)
fspick(0xffffffffffffff9c, &(0x7f00000016c0)='./file0\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000001700)={{0x1, 0x1, 0x18, <r16=>r8}, './file0/file1\x00'})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x11, r16, 0x0)

212.974693ms ago: executing program 2 (id=4153):
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000000000002000000000ff000000850000000f000000850000000500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_PACKETS_PER_SLAVE={0x8, 0x14, 0xffd9}, @IFLA_BOND_MODE={0x5, 0x1, 0x1}]}}}]}, 0x44}}, 0x0)

212.231473ms ago: executing program 1 (id=4154):
socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'ip6_vti0\x00', 0x0})
socket$inet6_udplite(0xa, 0x2, 0x88)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1e)
setfsuid(0xee01)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2dc5c07001a000100000000897b2a1d84f5c7ffff00000000000067e77dc70b90bbb45efd97899a16f2df4fa2a8f069d9b047389f672eb3080000000000000065890d2d0d1b8d3d62f6d77b0283e166e2ca4c35483d3f00d6bf7da9299e6e81c96daf520300a16cab12d75a852b3e4470420877efbe1f000000000000007e15f9b683e63cfff7c638bca835b33bc18c4ed0351cd285197b0241569048b5b416ba1c57217be5a338392f831637ee8c25bb2183634a33b18c4b459f9aea5ab222d7060000000000665106000000a803d1b56126efec0225a5433883b0d17cb21dbfd886caf2624e7f00da0ef9893ef57c79a182dceca9c46a9f8b001e53b29c0c698ed30d8942e94ac057bde74e42021d895c22b6400000002b2c604ed73249e80f08bfdcebee7a07856a3a23e0907f3dc0eb52c40f6b21c14832dd9845ee8d8733b52c8422295fde5626cd43fb43fb3acf9b2e840713cba86d43a570ee3589b7e9000000000000000000000000000000dc85131317c56465978d957d000000000000000000000000000000000000000000000000000000000000000000301171e8e3a2d0c842c20fd293c073b93f7662fad1f4ae3e1fe359aa29a4b8965229fa06b0fb2e23d2644cfbdbd6929aa42151ea48334743ad0c378641e74d55d6cd7b098599190100000055ec9c0c26b71588d6fc97e3098fb0e778be446659cf665e7f848d85de70c3c426a539a9a0e92e7bbf77528053dcb3b791b8e3faae507a3b721b670b06b78bb09e82ecc85a4bbc596d8ce02a2cbede5573f8bdc84d61c5634fffa50e74ec0f2da4f3d82c2d2b5a20ec152df14481c3bb59a23e014d07fc070d87f58118f468bf80283e0ce7efda7906f9c53319aef22e01a9ba5649fc10fb5b8132dcf42c47a4b79efb9f720ebd2dcc1634f870cee6201bc0ad9e17c4633a17de505bed8fded3053cb455636132bdae3239b9c8b437256ac21a49c4f03b268c47e9becbaff440728429f9e0b0222485188b745b3c871d01d27eb4e5e00bcd79b95601098e044345a8aaa12fda56277aef89192b9af038ab8808a2adf0c3a15ec863e5f352c7967607cede40848eae2704701b7af0a0b30e9e5b76f45500000000000000", @ANYRESDEC=0x0], 0xfb, 0x11e0, &(0x7f00000036c0)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eK4gjJmq7JR6KsFPK53PJD977wu9lYOAN8+bwja8+Hg2qbJDPY+PEidiYRqQ7KVJsxD8+j1df//GnF67duHml2+vtXk3pcvd657WU0taL37/36Tcv/TA/++63W9+djoPt9w9/3fnl4PzBhcM/rn80rNKwSuPJPOXp1mQyz2+VRdobVqMspXfKIq+KNBxXxezI+KCcTKeLlI/3NlvTWVFVKR8v0qhYpPkkzWeLlH+YD8cpy7K02Qr+j/7Xd+q6jqjrx+NU1HVdPxGtOBtPxmZsRTu246l4Op6Jc/FsnI/n4vm4sJzVdN8AAAAAAAAAAAAAAAAAAADwaHH+HwAAAAAAAAAAAAAAAAAAAJp37cbNK91eb/dqSmciyi/3+/v91e9qvDuIYZRRxKVox++xPP2/sqovv9XbvZSWtuOL8vbf+dv7/ceO5jvLzwmszXdW+XQ0fzpa9+Z3oh3n1ud31ubPxCsv35PPoh0/fxCTKGMv/srezX/WSenNt3v35S8u5wEAAMCjIEv/Wrt/z7L/Gl/lH+D5wH3765Nx8WSzayeiWnwyysuymCke+uJUs238Vtd183+C4piKpu9MHIe7F73pTgAAAAAAAAAAAHgQx/E6YdNrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4kx04FgAAAAAQ5m+dRscGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAVwEAAP//zI7XaA==")
r1 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
write$P9_RREADDIR(r1, &(0x7f0000000500), 0xbf)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r2, &(0x7f0000000180), 0x40001)
sendfile(r1, r1, &(0x7f0000000240), 0x7f06)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000200), r3)
sendmsg$NFC_CMD_DISABLE_SE(r3, &(0x7f0000000380)={0x0, 0x500, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010026bd7000fbdbdf251100000008001500c0000000080001"], 0x2c}}, 0x0)
syz_emit_ethernet(0x256, &(0x7f0000000000)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cabf00", 0x220, 0x3a, 0xff, @remote, @mcast2, {[@hopopts={0x33, 0x10, '\x00', [@generic={0xa, 0x73, "eec674b9c4bd8bfa4632c2adb7eeae88b0e9d04eeab4018642ed75c4ed775253a1062bde62e592ce6538805ac751361565a86557aec0046e2faaaec6459c72c5d959f4b9c5a5902e391aed30d51c77751c9266b2d3729642dad77b6aeafc8dcd8920ea01e8f234d1cb4aad8c30de6704b9fa16"}, @enc_lim={0x4, 0x1, 0xec}, @ra={0x5, 0x2, 0x1}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}, @routing={0x32, 0x12, 0x2, 0x6, 0x0, [@local, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, @mcast2, @ipv4={'\x00', '\xff\xff', @multicast2}, @loopback, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x11}}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02']}, @hopopts={0x6c, 0x1, '\x00', [@jumbo, @ra={0x5, 0x2, 0x1000}]}, @routing={0x11, 0x2, 0x0, 0xd3, 0x0, [@private1]}, @srh={0x62, 0x2, 0x4, 0x1, 0x5, 0x40, 0x4, [@private0={0xfc, 0x0, '\x00', 0x1}]}], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x1f, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af2502"}, {0x0, 0x2, "00f56c5d539f646b60a8fbff2508e401fc"}, {0x0, 0x7, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e"}]}}}}}}, 0x0)

165.247296ms ago: executing program 2 (id=4155):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x12000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

110.756591ms ago: executing program 4 (id=4156):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0) (async)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) (async)
r1 = inotify_init1(0x0) (async)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000340)=ANY=[@ANYRES8, @ANYBLOB="2da6404e053f572bbf3bc7f12c2e4e256c32fc7477b4adeb"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r3 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000001300e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310) (async)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) (async)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000240)="2f01ffffa0b6", 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r5 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r5, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x5b, 0x0) (async)
ioctl$X86_IOC_RDMSR_REGS(r2, 0xc02063a1, 0x0) (async)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r6=>0x0})
r7 = syz_open_procfs(r6, &(0x7f0000000600)='fd/4\x00')
ioctl$EXT4_IOC_GROUP_EXTEND(r7, 0x40086607, &(0x7f0000000240)=0x6aa)

39.587277ms ago: executing program 4 (id=4157):
r0 = socket$kcm(0x21, 0x2, 0x2)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000080)=0xfffffffe, 0x4)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800007a0000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00)

28.053467ms ago: executing program 4 (id=4158):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmsg$inet6(r0, &(0x7f0000000040)={&(0x7f0000000000)={0xa, 0x0, 0x100100, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000002200)=[@rthdr_2292={{0x28, 0x29, 0x39, {0x0, 0x2, 0x2, 0x1, 0x0, [@mcast1]}}}], 0x28}, 0x0)

0s ago: executing program 4 (id=4159):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000000)="120000003200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r1 = getpid()
perf_event_open(&(0x7f0000000800)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x1ff}, r1, 0x0, 0xffffffffffffffff, 0x0) (async)
r2 = perf_event_open(&(0x7f0000000800)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x1ff}, r1, 0x0, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, r3, 0x0, r2, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x0)
sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x80ffff) (async)
ioctl$PERF_EVENT_IOC_DISABLE(r4, 0x2401, 0x80ffff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r7, &(0x7f0000000080)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000280)=ANY=[], 0x6a) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000280)=ANY=[], 0x6a)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x1b, 0x4, 0x0, 0x8000, 0x20, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x80001}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="00000000000000000000007b08f8ff00000000bfa2000000000000c9ddf634966c373c5767f5eaa1091c0f020000f8ffffffb703000008000000b704000000000000850000384e00000076"], &(0x7f0000000280)='GPL\x00'}, 0x90) (async)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="00000000000000000000007b08f8ff00000000bfa2000000000000c9ddf634966c373c5767f5eaa1091c0f020000f8ffffffb703000008000000b704000000000000850000384e00000076"], &(0x7f0000000280)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r9}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r9}, 0x10)
getpid() (async)
r10 = getpid()
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000380)='./file1\x00', 0x20000, &(0x7f0000000000)=ANY=[], 0x1, 0x239, &(0x7f0000000880)="$eJzs2k9rXGUUB+Bzm0hjSjoR/9GC+KIb3Vw6s3LhokFaEAcU7QgqSG/NHR1mMhPmDoERabNz60dwLS7dCdIvkI2foAt32WRnF+KVdkpNygimxU5tnmczB975wXk5l8tZ3P23v9vqd6u8W0ziVPZ7vXwxduN2FutxKpZiZjfevP7WrVc++uTT9zba7UsfpnR540qzlVI6++ovn33z42s3J2c+/unsz6djb/3z/YPWb3sv7Z3b//PKV70q9ao0HE1Ska6NRpPi2qBMm72qn6f0waAsqjL1hlU5PnLeHYy2t6epGG6urW6Py6pKxXCa+uU0TUZpMp6m4suiN0x5nqe11eBRdH64XddxUD9zNeq6fvb7OHMz1m5FI7LnUvb8xezFq9nLu9m5g7puLLpV/hPmf7KZ/8lm/ifboaVuJWLr253OTmf2Ozvf6EYvBlHGhWjEH3HnMblnVl9+t33pQrprPdLWjXv5GzudpaP5ZjRifX6+Ocuno/nTsXo434pGvDA/35qbX4k3Xj+Uz6MRv34RoxjEZtzJ/p2/3kzpnffbD+TP3/0fAMDTJk/3zd3f8vyfzmf5Y+yHD+xXy3F+ebF3J6Kaft0vBoNyrPi3RfYQqaV4Qpp/2GIlnog2FMco6uxR4ot+M/E43B96ZItuBQAAAAAAAAAAgGN4HF8jLvqOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/w18BAAD//z1x8a0=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) (async)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r11, &(0x7f0000000180)='./bus\x00', 0x0)
r12 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus/file0\x00', 0x0, 0x0)
mkdirat(r12, &(0x7f0000000280)='./bus/file0\x00', 0x0) (async)
mkdirat(r12, &(0x7f0000000280)='./bus/file0\x00', 0x0)
renameat2(r11, &(0x7f00000004c0)='./bus/file0\x00', r11, &(0x7f00000002c0)='./file0\x00', 0x0)
r13 = syz_pidfd_open(r10, 0x0)
waitid$P_PIDFD(0x3, r13, 0x0, 0x2, 0x0)

kernel console output (not intermixed with test programs):

T13926] ISOFS: unable to read i-node block
[  183.698757][T13874] syz_tun: left promiscuous mode
[  183.741531][T13931] can0: slcan on ttyS3.
[  183.777933][T13930] can0 (unregistered): slcan off ttyS3.
[  183.847147][T13934] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  183.940430][T13946] netlink: 'syz.0.3330': attribute type 12 has an invalid length.
[  184.005113][T13958] loop2: detected capacity change from 0 to 1024
[  184.014401][T13958] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.030093][T13964] syz_tun: entered promiscuous mode
[  184.035528][T13964] macvtap1: entered promiscuous mode
[  184.036012][T13958] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.3335: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  184.041003][T13964] macvtap1: entered allmulticast mode
[  184.060770][T13958] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.3335: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  184.062793][T13964] syz_tun: entered allmulticast mode
[  184.085280][T13958] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.3335: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  184.102502][T13964] syz_tun: left allmulticast mode
[  184.107712][T13964] syz_tun: left promiscuous mode
[  184.113517][T13331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.129175][T13965] netlink: 'syz.0.3337': attribute type 12 has an invalid length.
[  184.137047][T13965] netlink: 'syz.0.3337': attribute type 29 has an invalid length.
[  184.145032][T13965] netlink: 'syz.0.3337': attribute type 2 has an invalid length.
[  184.195583][T13972] loop4: detected capacity change from 0 to 512
[  184.206412][T13972] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz.4.3340: corrupted in-inode xattr: invalid ea_ino
[  184.228000][T13972] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.3340: couldn't read orphan inode 15 (err -117)
[  184.236699][T13977] bond0: option mode: unable to set because the bond device has slaves
[  184.249440][T13972] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.384265][T14000] loop2: detected capacity change from 0 to 2048
[  184.397698][T14000] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  184.561542][T14015] xt_bpf: check failed: parse error
[  184.636685][T14020] netlink: 'syz.3.3356': attribute type 4 has an invalid length.
[  184.675204][T14019] netlink: 'syz.3.3356': attribute type 4 has an invalid length.
[  184.702780][T14019] netlink: 'syz.3.3356': attribute type 4 has an invalid length.
[  184.722517][T14019] netlink: 'syz.3.3356': attribute type 4 has an invalid length.
[  184.733052][T14019] netlink: 'syz.3.3356': attribute type 4 has an invalid length.
[  184.882922][T14027] syz_tun: entered promiscuous mode
[  184.888512][T14027] macvtap1: entered promiscuous mode
[  184.893907][T14027] macvtap1: entered allmulticast mode
[  184.899363][T14027] syz_tun: entered allmulticast mode
[  184.906317][T14027] syz_tun: left allmulticast mode
[  184.911641][T14027] syz_tun: left promiscuous mode
[  185.031991][T10763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.231803][T14069] bridge0: port 3(bond0) entered blocking state
[  185.238276][T14069] bridge0: port 3(bond0) entered disabled state
[  185.244972][T14069] bond0: entered allmulticast mode
[  185.250213][T14069] bond_slave_0: entered allmulticast mode
[  185.255980][T14069] bond_slave_1: entered allmulticast mode
[  185.263694][T14069] bond0: entered promiscuous mode
[  185.268815][T14069] bond_slave_0: entered promiscuous mode
[  185.274558][T14069] bond_slave_1: entered promiscuous mode
[  185.281948][T14069] bridge0: port 3(bond0) entered blocking state
[  185.288315][T14069] bridge0: port 3(bond0) entered forwarding state
[  185.288624][T14071] loop4: detected capacity change from 0 to 8192
[  185.366354][T14077] loop2: detected capacity change from 0 to 2048
[  185.382004][T14077] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.397352][T14077] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3376: bg 0: block 234: padding at end of block bitmap is not set
[  185.413550][T14077] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117
[  185.426168][T14077] EXT4-fs (loop2): This should not happen!! Data will be lost
[  185.426168][T14077] 
[  185.475727][T13331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.676507][T14099] __nla_validate_parse: 15 callbacks suppressed
[  185.676524][T14099] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3383'.
[  185.861876][T14129] netlink: 830 bytes leftover after parsing attributes in process `syz.3.3392'.
[  185.875451][T14129] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3392'.
[  186.203455][T14147] sctp: [Deprecated]: syz.4.3399 (pid 14147) Use of int in max_burst socket option.
[  186.203455][T14147] Use struct sctp_assoc_value instead
[  186.919030][T14170] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3409'.
[  186.942441][T14174] FAULT_INJECTION: forcing a failure.
[  186.942441][T14174] name failslab, interval 1, probability 0, space 0, times 0
[  186.955146][T14174] CPU: 0 PID: 14174 Comm: syz.0.3410 Tainted: G        W          6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[  186.966789][T14174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  186.976920][T14174] Call Trace:
[  186.980249][T14174]  <TASK>
[  186.983194][T14174]  dump_stack_lvl+0xf2/0x150
[  186.987850][T14174]  dump_stack+0x15/0x20
[  186.992024][T14174]  should_fail_ex+0x229/0x230
[  186.996812][T14174]  ? __alloc_skb+0x10b/0x300
[  187.001425][T14174]  __should_failslab+0x92/0xa0
[  187.006331][T14174]  should_failslab+0x9/0x20
[  187.011007][T14174]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  187.016938][T14174]  __alloc_skb+0x10b/0x300
[  187.021381][T14174]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  187.026918][T14174]  netlink_ack+0xef/0x4f0
[  187.031357][T14174]  netlink_rcv_skb+0x19c/0x230
[  187.036148][T14174]  ? __pfx_genl_rcv_msg+0x10/0x10
[  187.041229][T14174]  genl_rcv+0x28/0x40
[  187.045220][T14174]  netlink_unicast+0x58d/0x660
[  187.050010][T14174]  netlink_sendmsg+0x5ca/0x6e0
[  187.054793][T14174]  ? __pfx_netlink_sendmsg+0x10/0x10
[  187.060173][T14174]  __sock_sendmsg+0x140/0x180
[  187.064909][T14174]  ____sys_sendmsg+0x312/0x410
[  187.069773][T14174]  __sys_sendmsg+0x1e9/0x280
[  187.074397][T14174]  __x64_sys_sendmsg+0x46/0x50
[  187.079257][T14174]  x64_sys_call+0xb25/0x2d70
[  187.083909][T14174]  do_syscall_64+0xc9/0x1c0
[  187.088447][T14174]  ? clear_bhb_loop+0x55/0xb0
[  187.093195][T14174]  ? clear_bhb_loop+0x55/0xb0
[  187.098051][T14174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.103966][T14174] RIP: 0033:0x7f19b5036bd9
[  187.108407][T14174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.128089][T14174] RSP: 002b:00007f19b42b8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  187.136651][T14174] RAX: ffffffffffffffda RBX: 00007f19b51c4f60 RCX: 00007f19b5036bd9
[  187.144636][T14174] RDX: 0000000000000000 RSI: 0000000020001b40 RDI: 0000000000000008
[  187.152621][T14174] RBP: 00007f19b42b80a0 R08: 0000000000000000 R09: 0000000000000000
[  187.160609][T14174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.168613][T14174] R13: 000000000000000b R14: 00007f19b51c4f60 R15: 00007ffc0ec68ff8
[  187.176593][T14174]  </TASK>
[  187.330430][T14189] validate_nla: 30 callbacks suppressed
[  187.330447][T14189] netlink: 'syz.0.3416': attribute type 29 has an invalid length.
[  187.357868][T14189] netlink: 'syz.0.3416': attribute type 29 has an invalid length.
[  187.399036][T14193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.410075][T14193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.420034][T14193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.430491][T14193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.440399][T14193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.450897][T14193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.460740][T14193] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.471192][T14193] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.564474][T14196] loop2: detected capacity change from 0 to 1024
[  187.621903][T14196] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  187.632972][T14196] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  187.722166][T14196] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  187.732415][T14196] EXT4-fs (loop2): filesystem has both journal inode and journal device!
[  187.782582][T14196] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3417'.
[  187.822272][T14215] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3426'.
[  187.822294][T14215] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3426'.
[  187.822311][T14215] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3426'.
[  187.914193][T14226] loop2: detected capacity change from 0 to 2048
[  187.992152][T14226] Alternate GPT is invalid, using primary GPT.
[  187.998714][T14226]  loop2: p2 p3 p7
[  188.022024][T14229] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3433'.
[  188.050767][T14231] loop4: detected capacity change from 0 to 512
[  188.070129][T14231] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.084382][T14231] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  188.106168][T10763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.121665][T14232] loop2: detected capacity change from 0 to 512
[  188.181248][T14246] loop4: detected capacity change from 0 to 512
[  188.189726][T14246] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 0)!
[  188.200088][T14246] EXT4-fs (loop4): group descriptors corrupted!
[  188.264341][T14250] loop3: detected capacity change from 0 to 1024
[  188.279071][T14250] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.301183][   T29] kauditd_printk_skb: 28 callbacks suppressed
[  188.301198][   T29] audit: type=1400 audit(1720996701.070:1366): avc:  denied  { watch watch_reads } for  pid=14249 comm="syz.3.3441" path="/proc/1232" dev="proc" ino=49877 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  188.331125][   T29] audit: type=1326 audit(1720996701.070:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14249 comm="syz.3.3441" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd2d369ebd9 code=0x0
[  188.358828][ T9181] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.426344][T14268] netlink: 'syz.3.3447': attribute type 21 has an invalid length.
[  188.434320][T14268] netlink: 176 bytes leftover after parsing attributes in process `syz.3.3447'.
[  188.535416][T14279] dccp_invalid_packet: P.CsCov 3 exceeds packet length 256
[  188.622216][T14282] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  188.629761][T14282] batman_adv: batadv0: Removing interface: batadv_slave_0
[  188.637756][T14282] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  188.645240][T14282] batman_adv: batadv0: Removing interface: batadv_slave_1
[  188.681139][T14283] loop4: detected capacity change from 0 to 256
[  188.746250][T14287] netlink: 'syz.0.3454': attribute type 27 has an invalid length.
[  189.551532][T14287] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  189.560552][T14287] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  189.569494][T14287] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  189.578496][T14287] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  189.724117][T14327] loop2: detected capacity change from 0 to 128
[  189.778052][T14329] vlan2: entered promiscuous mode
[  189.783148][T14329] team0: entered promiscuous mode
[  189.788309][T14329] team_slave_0: entered promiscuous mode
[  189.794035][T14329] team_slave_1: entered promiscuous mode
[  189.805148][T14329] team0: left promiscuous mode
[  189.809992][T14329] team_slave_0: left promiscuous mode
[  189.815667][T14329] team_slave_1: left promiscuous mode
[  189.970751][T14361] netlink: 'syz.0.3481': attribute type 9 has an invalid length.
[  189.973442][T14354] bond0 (unregistering): Released all slaves
[  189.978560][T14361] netlink: 'syz.0.3481': attribute type 6 has an invalid length.
[  190.003099][   T29] audit: type=1326 audit(1720996702.770:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14362 comm="syz.4.3483" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0dbad88bd9 code=0x0
[  190.046964][T14333] loop2: detected capacity change from 0 to 512
[  190.069679][T14333] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.085193][T14333] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.091987][T14384] loop3: detected capacity change from 0 to 1024
[  190.113465][T14384] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  190.124279][T14388] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  190.140981][T14384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.166865][T14384] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2786: inode #2: comm syz.3.3487: corrupted in-inode xattr: bad e_name length
[  190.182290][T14384] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2234: inode #2: comm syz.3.3487: corrupted in-inode xattr: bad e_name length
[  190.196789][T13331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.223162][ T9181] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.285798][T14401] 0�: renamed from hsr0 (while UP)
[  190.294377][T14401] 0�: entered promiscuous mode
[  190.300063][T14401] A link change request failed with some changes committed already. Interface 
70� may have been left with an inconsistent configuration, please check.
[  190.357582][T14407] dccp_invalid_packet: P.Data Offset(100) too large
[  190.372114][T14418] loop3: detected capacity change from 0 to 1024
[  190.381983][T14426] netlink: 'syz.4.3504': attribute type 10 has an invalid length.
[  190.424605][T14435] team0: entered promiscuous mode
[  190.429704][T14435] team_slave_0: entered promiscuous mode
[  190.435400][T14435] team_slave_1: entered promiscuous mode
[  190.443203][T14435] dummy0: entered promiscuous mode
[  190.448930][T14435] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  190.456500][T14435] Cannot create hsr debugfs directory
[  190.466993][T14418] syzkaller0: entered promiscuous mode
[  190.472876][T14418] syzkaller0: entered allmulticast mode
[  190.514129][T14443] loop4: detected capacity change from 0 to 512
[  190.560979][T14443] EXT4-fs warning (device loop4): dx_probe:868: inode #2: comm syz.4.3512: Unimplemented hash flags: 0x0001
[  190.561847][T14450] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  190.572716][T14443] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz.4.3512: Corrupt directory, running e2fsck is recommended
[  190.686231][T14463] serio: Serial port ptm0
[  190.717176][T14467] loop4: detected capacity change from 0 to 1024
[  190.740809][T14463] loop3: detected capacity change from 0 to 512
[  190.750704][T14471] loop2: detected capacity change from 0 to 2048
[  190.757606][T14463] EXT4-fs: Ignoring removed orlov option
[  190.763632][T14463] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  190.778990][T14463] EXT4-fs (loop3): orphan cleanup on readonly fs
[  190.785581][T14463] EXT4-fs error (device loop3): ext4_orphan_get:1420: comm syz.3.3522: bad orphan inode 15
[  190.796170][T14463] ext4_test_bit(bit=14, block=18) = 1
[  190.801657][T14463] is_bad_inode(inode)=0
[  190.805820][T14463] NEXT_ORPHAN(inode)=1023
[  190.810197][T14463] max_ino=32
[  190.813390][T14463] i_nlink=0
[  190.823259][T14463] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2972: inode #15: comm syz.3.3522: corrupted xattr block 19: e_value size too large
[  190.839013][T14463] EXT4-fs warning (device loop3): ext4_evict_inode:271: xattr delete (err -117)
[  190.849733][T14463] EXT4-fs error (device loop3): ext4_lookup:1858: inode #2: comm syz.3.3522: deleted inode referenced: 15
[  190.862801][T14463] EXT4-fs error (device loop3): ext4_lookup:1858: inode #2: comm syz.3.3522: deleted inode referenced: 15
[  191.068493][   T29] audit: type=1400 audit(1720996703.840:1369): avc:  denied  { create } for  pid=14490 comm="syz.2.3531" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  191.098525][   T29] audit: type=1400 audit(1720996703.840:1370): avc:  denied  { write } for  pid=14490 comm="syz.2.3531" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  191.134541][T14499] __nla_validate_parse: 4 callbacks suppressed
[  191.134559][T14499] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3533'.
[  191.735726][T14518] tipc: Started in network mode
[  191.740721][T14518] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[  191.747889][T14518] tipc: Enabled bearer <eth:ipvlan0>, priority 0
[  191.754542][T14518] tipc: Enabled bearer <ib:caif0>, priority 0
[  191.761370][T14518] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3541'.
[  192.041171][   T29] audit: type=1326 audit(1720996704.810:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14521 comm="syz.2.3542" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f93c692abd9 code=0x0
[  192.143118][   T29] audit: type=1400 audit(1720996704.910:1372): avc:  denied  { bind } for  pid=14521 comm="syz.2.3542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  192.449441][   T29] audit: type=1326 audit(1720996705.220:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14534 comm="syz.3.3546" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2d369ebd9 code=0x0
[  192.590763][T14547] netlink: 'syz.3.3549': attribute type 7 has an invalid length.
[  192.649056][T14554] loop3: detected capacity change from 0 to 4096
[  192.658760][T14554] EXT4-fs mount: 8 callbacks suppressed
[  192.658777][T14554] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.672937][T14563] loop4: detected capacity change from 0 to 512
[  192.690225][T14563] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.702790][T14563] ext4 filesystem being mounted at /286/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.715739][ T9181] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.737450][T10763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.758192][   T35] tipc: Node number set to 10136234
[  192.777782][T14569] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3558'.
[  192.885188][T14588] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.892525][T14588] bridge0: port 1(bridge_slave_0) entered forwarding state
[  192.929444][T14604] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  192.968781][T14610] netlink: 'syz.2.3573': attribute type 7 has an invalid length.
[  192.979854][T14612] loop4: detected capacity change from 0 to 164
[  192.999191][T14612] Unable to read rock-ridge attributes
[  193.046497][T14620] loop3: detected capacity change from 0 to 512
[  193.066353][T14622] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3579'.
[  193.091936][T14620] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.107511][T14620] ext4 filesystem being mounted at /539/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  193.136330][T14629] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3580'.
[  193.268764][T14639] loop2: detected capacity change from 0 to 736
[  193.290294][T14639] rock: directory entry would overflow storage
[  193.296596][T14639] rock: sig=0x3b10, size=4, remaining=3
[  193.884156][ T9181] EXT4-fs error (device loop3): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /539/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  193.946991][T14645] FAULT_INJECTION: forcing a failure.
[  193.946991][T14645] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.960100][T14645] CPU: 1 PID: 14645 Comm: syz.4.3583 Tainted: G        W          6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[  193.971778][T14645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  193.981920][T14645] Call Trace:
[  193.985219][T14645]  <TASK>
[  193.988161][T14645]  dump_stack_lvl+0xf2/0x150
[  193.992828][T14645]  dump_stack+0x15/0x20
[  193.997134][T14645]  should_fail_ex+0x229/0x230
[  194.001845][T14645]  should_fail+0xb/0x10
[  194.006006][T14645]  should_fail_usercopy+0x1a/0x20
[  194.011042][T14645]  copy_page_from_iter_atomic+0x22a/0xda0
[  194.016836][T14645]  ? shmem_write_begin+0xa0/0x1c0
[  194.021878][T14645]  ? shmem_write_begin+0x10c/0x1c0
[  194.027128][T14645]  generic_perform_write+0x21a/0x410
[  194.032509][T14645]  ? __pfx_shmem_write_end+0x10/0x10
[  194.037810][T14645]  shmem_file_write_iter+0xc8/0xf0
[  194.043010][T14645]  vfs_write+0x78f/0x900
[  194.047300][T14645]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  194.053226][T14645]  ksys_write+0xeb/0x1b0
[  194.057503][T14645]  __x64_sys_write+0x42/0x50
[  194.062138][T14645]  x64_sys_call+0x27ef/0x2d70
[  194.066832][T14645]  do_syscall_64+0xc9/0x1c0
[  194.071416][T14645]  ? clear_bhb_loop+0x55/0xb0
[  194.076184][T14645]  ? clear_bhb_loop+0x55/0xb0
[  194.080976][T14645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.086904][T14645] RIP: 0033:0x7f0dbad8775f
[  194.091324][T14645] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  194.110942][T14645] RSP: 002b:00007f0db9fe8e00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  194.119367][T14645] RAX: ffffffffffffffda RBX: 0000000000100000 RCX: 00007f0dbad8775f
[  194.127424][T14645] RDX: 0000000000100000 RSI: 00007f0db1bc9000 RDI: 0000000000000008
[  194.135448][T14645] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000000007a3
[  194.143421][T14645] R10: 00000000000003c2 R11: 0000000000000293 R12: 0000000000000008
[  194.151398][T14645] R13: 00007f0db9fe8f00 R14: 00007f0db9fe8ec0 R15: 00007f0db1bc9000
[  194.159385][T14645]  </TASK>
[  194.169229][T14645] loop4: detected capacity change from 0 to 2048
[  194.176063][T14645] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  194.208767][T14650] bridge0: port 3(bond0) entered disabled state
[  194.215225][T14650] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.222409][T14650] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.344606][T14659] netlink: 'syz.2.3590': attribute type 3 has an invalid length.
[  194.378382][T14663] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3592'.
[  194.400552][T14666] loop2: detected capacity change from 0 to 512
[  194.407435][T14666] EXT4-fs warning (device loop2): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  194.523232][T14669] loop2: detected capacity change from 0 to 1024
[  194.537959][T14669] EXT4-fs: Ignoring removed orlov option
[  194.543766][T14669] EXT4-fs: Ignoring removed nomblk_io_submit option
[  194.560376][T14669] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.596889][T13331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.665089][T14682] loop2: detected capacity change from 0 to 128
[  194.717962][T14670] chnl_net:caif_netlink_parms(): no params data found
[  194.779087][T14689] netlink: 200 bytes leftover after parsing attributes in process `syz.2.3598'.
[  194.819894][T14670] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.827021][T14670] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.834131][T14689] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  194.840720][T14689] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  194.848323][T14689] vhci_hcd vhci_hcd.0: Device attached
[  194.866025][T14670] bridge_slave_0: entered allmulticast mode
[  194.866483][T14670] bridge_slave_0: entered promiscuous mode
[  194.869063][T14670] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.869127][T14670] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.869385][T14670] bridge_slave_1: entered allmulticast mode
[  194.870454][T14694] vhci_hcd: connection closed
[  194.876544][ T7320] vhci_hcd: stop threads
[  194.876553][ T7320] vhci_hcd: release socket
[  194.876614][ T7320] vhci_hcd: disconnect device
[  194.882821][T14670] bridge_slave_1: entered promiscuous mode
[  194.911895][T14670] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  194.913789][T14670] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  194.943116][T14670] team0: Port device team_slave_0 added
[  194.944224][T14670] team0: Port device team_slave_1 added
[  194.970682][T14670] batman_adv: batadv0: Adding interface: batadv_slave_0
[  194.970697][T14670] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  194.970774][T14670] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  194.971422][T14670] batman_adv: batadv0: Adding interface: batadv_slave_1
[  194.971497][T14670] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  194.971525][T14670] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  195.017979][T14670] hsr_slave_0: entered promiscuous mode
[  195.025799][T14670] hsr_slave_1: entered promiscuous mode
[  195.052145][T14670] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  195.052162][T14670] Cannot create hsr debugfs directory
[  195.196496][T14670] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.286299][T14670] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.358995][T14670] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.448848][T14670] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.561777][T14670] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  195.578803][T14670] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  195.593754][T14670] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  195.604357][T14670] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  195.686590][T14670] 8021q: adding VLAN 0 to HW filter on device bond0
[  195.702000][T14670] 8021q: adding VLAN 0 to HW filter on device team0
[  195.712472][T14714] netlink: 830 bytes leftover after parsing attributes in process `syz.2.3604'.
[  195.734216][ T8397] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.741315][ T8397] bridge0: port 1(bridge_slave_0) entered forwarding state
[  195.744100][T14716] loop4: detected capacity change from 0 to 512
[  195.770968][T14670] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  195.781491][T14670] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  195.793980][T14716] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.809906][ T8397] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.816977][ T8397] bridge0: port 2(bridge_slave_1) entered forwarding state
[  195.851321][T14716] ext4 filesystem being mounted at /303/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.889461][T14716] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  195.901249][T14670] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.932032][T14716] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 49152 with max blocks 2 with error 28
[  195.944662][T14716] EXT4-fs (loop4): This should not happen!! Data will be lost
[  195.944662][T14716] 
[  195.954322][T14716] EXT4-fs (loop4): Total free blocks count 0
[  195.960332][T14716] EXT4-fs (loop4): Free/Dirty block details
[  195.966226][T14716] EXT4-fs (loop4): free_blocks=65281
[  195.971537][T14716] EXT4-fs (loop4): dirty_blocks=2
[  195.976564][T14716] EXT4-fs (loop4): Block reservation details
[  195.982611][T14716] EXT4-fs (loop4): i_reserved_data_blocks=2
[  196.005136][T10763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.098835][T14670] veth0_vlan: entered promiscuous mode
[  196.107093][T14745] loop2: detected capacity change from 0 to 1024
[  196.118573][T14670] veth1_vlan: entered promiscuous mode
[  196.124402][T14745] EXT4-fs: quotafile must be on filesystem root
[  196.140266][T14747] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3612'.
[  196.144499][T14670] veth0_macvtap: entered promiscuous mode
[  196.156959][T14670] veth1_macvtap: entered promiscuous mode
[  196.172366][T14670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  196.182878][T14670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.192894][T14670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  196.203430][T14670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.213419][T14670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  196.223897][T14670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.241916][T14745] 9pnet_fd: Insufficient options for proto=fd
[  196.255284][T14670] batman_adv: batadv0: Interface activated: batadv_slave_0
[  196.267737][T14670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.278385][T14670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.288221][T14670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.298770][T14670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.308611][T14670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.319262][T14670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.330360][T14670] batman_adv: batadv0: Interface activated: batadv_slave_1
[  196.345936][T14670] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.349551][T14762] loop4: detected capacity change from 0 to 1024
[  196.354774][T14670] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.369887][T14670] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.378687][T14670] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.388215][T14762] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  196.403430][T14759] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3616'.
[  196.412430][T14759] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3616'.
[  196.431008][T14762] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.493039][T14773] loop1: detected capacity change from 0 to 512
[  196.506811][T10763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.525624][T14773] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #15: comm syz.1.3594: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  196.547978][T14773] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.3594: couldn't read orphan inode 15 (err -117)
[  196.588187][T14773] EXT4-fs (loop1): mounted filesystem ffffff7f-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.614811][T14780] gretap0: refused to change device tx_queue_len
[  196.622655][T14773] ext4 filesystem being mounted at /0/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.640811][T14780] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  196.699798][T14670] EXT4-fs (loop1): unmounting filesystem ffffff7f-0000-0000-0000-000000000000.
[  196.776669][T14802] loop1: detected capacity change from 0 to 512
[  196.779089][T14803] loop2: detected capacity change from 0 to 512
[  196.790843][T14803] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  196.803216][T14802] EXT4-fs (loop1): Invalid log block size: 4294967295
[  196.806010][T14803] EXT4-fs (loop2): 1 truncate cleaned up
[  196.816230][T14803] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.819833][T14805] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3628'.
[  196.842382][T14803] xt_TCPMSS: Only works on TCP SYN packets
[  196.862206][T14797] loop4: detected capacity change from 0 to 2048
[  196.876331][T13331] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.911096][T14797] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.930004][T14817] bond0: option mode: unable to set because the bond device has slaves
[  196.965198][T14816] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3635'.
[  196.977307][T10763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.009973][T14824] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  197.016552][T14824] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  197.024320][T14824] vhci_hcd vhci_hcd.0: Device attached
[  197.055206][T14828] usbip_core: unknown command
[  197.059972][T14828] vhci_hcd: unknown pdu 3281309441
[  197.065105][T14828] usbip_core: unknown command
[  197.077268][T14836] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  197.086840][ T7320] vhci_hcd: stop threads
[  197.091142][ T7320] vhci_hcd: release socket
[  197.095639][ T7320] vhci_hcd: disconnect device
[  197.147867][T14847] loop1: detected capacity change from 0 to 128
[  197.164181][T14849] syz_tun: entered promiscuous mode
[  197.169831][T14849] macvtap1: entered promiscuous mode
[  197.175299][T14849] macvtap1: entered allmulticast mode
[  197.180744][T14849] syz_tun: entered allmulticast mode
[  197.189508][T14849] syz_tun: left allmulticast mode
[  197.194673][T14849] syz_tun: left promiscuous mode
[  197.242061][T14851] team0: Device ipvlan2 failed to register rx_handler
[  197.312686][   T29] audit: type=1326 audit(1720996710.080:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14857 comm="syz.2.3646" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f93c692abd9 code=0x0
[  197.352748][T14864] netlink: 'syz.2.3647': attribute type 21 has an invalid length.
[  197.360982][T14864] netlink: 'syz.2.3647': attribute type 6 has an invalid length.
[  197.401089][T14866] loop2: detected capacity change from 0 to 256
[  197.414342][T14866] FAT-fs (loop2): Directory bread(block 64) failed
[  197.420944][T14866] FAT-fs (loop2): Directory bread(block 65) failed
[  197.427529][T14866] FAT-fs (loop2): Directory bread(block 66) failed
[  197.435300][T14866] FAT-fs (loop2): Directory bread(block 67) failed
[  197.446250][T14866] FAT-fs (loop2): Directory bread(block 68) failed
[  197.454307][T14866] FAT-fs (loop2): Directory bread(block 69) failed
[  197.460963][T14866] FAT-fs (loop2): Directory bread(block 70) failed
[  197.467689][T14866] FAT-fs (loop2): Directory bread(block 71) failed
[  197.474300][T14866] FAT-fs (loop2): Directory bread(block 72) failed
[  197.480876][T14866] FAT-fs (loop2): Directory bread(block 73) failed
[  197.510743][ T3162] IPVS: starting estimator thread 0...
[  197.607914][T14867] IPVS: using max 2544 ests per chain, 127200 per kthread
[  197.681496][T14869] syz.2.3648: attempt to access beyond end of device
[  197.681496][T14869] loop2: rw=2049, sector=1312, nr_sectors = 520 limit=256
[  197.702537][T14869] syz.2.3648: attempt to access beyond end of device
[  197.702537][T14869] loop2: rw=2049, sector=1864, nr_sectors = 432 limit=256
[  197.826507][   T28] kworker/u8:1: attempt to access beyond end of device
[  197.826507][   T28] loop2: rw=1, sector=1256, nr_sectors = 56 limit=256
[  197.842860][T13331] syz-executor: attempt to access beyond end of device
[  197.842860][T13331] loop2: rw=2051, sector=1224, nr_sectors = 32 limit=256
[  197.918368][T14872] netlink: 'syz.2.3649': attribute type 10 has an invalid length.
[  197.926236][T14872] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3649'.
[  197.938452][T14872] bridge0: port 4(team0) entered blocking state
[  197.944758][T14872] bridge0: port 4(team0) entered disabled state
[  197.962178][T14872] team0: entered allmulticast mode
[  197.967387][T14872] team_slave_0: entered allmulticast mode
[  197.973172][T14872] team_slave_1: entered allmulticast mode
[  198.069577][T14872] team0: left allmulticast mode
[  198.074495][T14872] team_slave_0: left allmulticast mode
[  198.080320][T14872] team_slave_1: left allmulticast mode
[  198.929345][T14892] loop1: detected capacity change from 0 to 128
[  198.938211][   T28] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.966963][T14892] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3654'.
[  199.000632][   T28] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.057971][   T28] netdevsim netdevsim4 netdevsim1 (unregistering): left promiscuous mode
[  199.066432][   T28] netdevsim netdevsim4 netdevsim1 (unregistering): left allmulticast mode
[  199.080070][   T28] team0: Port device netdevsim1 removed
[  199.097630][   T28] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.147304][T14916] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check.
[  199.182883][   T28] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.281941][   T28] team0: left allmulticast mode
[  199.286860][   T28] team_slave_0: left allmulticast mode
[  199.292379][   T28] team_slave_1: left allmulticast mode
[  199.297899][   T28] macvlan1: left allmulticast mode
[  199.303010][   T28] veth1_vlan: left allmulticast mode
[  199.308434][   T28] bridge0: port 3(team0) entered disabled state
[  199.315957][   T28] bridge_slave_1: left allmulticast mode
[  199.321654][   T28] bridge_slave_1: left promiscuous mode
[  199.327321][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.335422][   T28] bridge_slave_0: left allmulticast mode
[  199.341245][   T28] bridge_slave_0: left promiscuous mode
[  199.347016][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.523241][   T28] bond1 (unregistering): Released all slaves
[  199.553697][T14893] chnl_net:caif_netlink_parms(): no params data found
[  199.580624][   T28] tipc: Disabling bearer <eth:ipvlan0>
[  199.586390][   T28] tipc: Disabling bearer <ib:caif0>
[  199.592888][   T28] tipc: Left network mode
[  199.602063][T14898] chnl_net:caif_netlink_parms(): no params data found
[  199.653473][T14893] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.660630][T14893] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.670241][T14893] bridge_slave_0: entered allmulticast mode
[  199.676662][T14893] bridge_slave_0: entered promiscuous mode
[  199.691811][T14898] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.699000][T14898] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.706482][T14898] bridge_slave_0: entered allmulticast mode
[  199.714582][T14898] bridge_slave_0: entered promiscuous mode
[  199.723810][   T28] hsr_slave_0: left promiscuous mode
[  199.731363][   T28] hsr_slave_1: left promiscuous mode
[  199.740057][   T28] veth1_macvtap: left promiscuous mode
[  199.745561][   T28] veth0_macvtap: left promiscuous mode
[  199.751235][   T28] veth1_vlan: left promiscuous mode
[  199.756461][   T28] veth0_vlan: left allmulticast mode
[  199.761763][   T28] veth0_vlan: left promiscuous mode
[  199.843095][   T28] macvlan1 (unregistering): left promiscuous mode
[  199.851050][   T28] team0 (unregistering): Port device macvlan1 removed
[  199.883170][   T28] team_slave_1 (unregistering): left promiscuous mode
[  199.890627][   T28] team0 (unregistering): Port device team_slave_1 removed
[  199.901464][   T28] team_slave_0 (unregistering): left promiscuous mode
[  199.909761][   T28] team0 (unregistering): Port device team_slave_0 removed
[  199.953040][T14893] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.960352][T14893] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.968533][T14893] bridge_slave_1: entered allmulticast mode
[  199.975028][T14893] bridge_slave_1: entered promiscuous mode
[  199.984397][T14898] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.991517][T14898] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.006602][T14898] bridge_slave_1: entered allmulticast mode
[  200.013355][T14898] bridge_slave_1: entered promiscuous mode
[  200.049249][T14893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.060126][T14898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.073252][T14893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.084099][T14898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.130208][T14893] team0: Port device team_slave_0 added
[  200.147994][T14936] IPv6: Can't replace route, no match found
[  200.154774][T14893] team0: Port device team_slave_1 added
[  200.220390][T14898] team0: Port device team_slave_0 added
[  200.226882][T14893] batman_adv: batadv0: Adding interface: batadv_slave_0
[  200.233877][T14893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.259920][T14893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  200.274987][T14898] team0: Port device team_slave_1 added
[  200.286558][T14893] batman_adv: batadv0: Adding interface: batadv_slave_1
[  200.293643][T14893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.319579][T14893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  200.340639][T14898] batman_adv: batadv0: Adding interface: batadv_slave_0
[  200.347673][T14898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.373831][T14898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  200.433467][T14893] hsr_slave_0: entered promiscuous mode
[  200.448847][T14893] hsr_slave_1: entered promiscuous mode
[  200.454941][T14893] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  200.471084][T14893] Cannot create hsr debugfs directory
[  200.476966][T14898] batman_adv: batadv0: Adding interface: batadv_slave_1
[  200.483985][T14898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.510187][T14898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  200.615349][T14898] hsr_slave_0: entered promiscuous mode
[  200.621819][T14898] hsr_slave_1: entered promiscuous mode
[  200.634683][T14898] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  200.646186][T14898] Cannot create hsr debugfs directory
[  200.696570][   T28] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.709359][T14939] chnl_net:caif_netlink_parms(): no params data found
[  200.751990][T14963] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3669'.
[  200.770096][   T28] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.801716][T14963] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3669'.
[  200.860056][   T28] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.899953][T14939] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.907092][T14939] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.917070][T14939] bridge_slave_0: entered allmulticast mode
[  200.924273][T14939] bridge_slave_0: entered promiscuous mode
[  200.936104][   T28] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.961833][T14939] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.969066][T14939] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.989563][T14939] bridge_slave_1: entered allmulticast mode
[  201.000024][T14939] bridge_slave_1: entered promiscuous mode
[  201.052363][   T28] bond0: left allmulticast mode
[  201.057266][   T28] bond_slave_0: left allmulticast mode
[  201.062827][   T28] bond_slave_1: left allmulticast mode
[  201.068389][   T28] bond0: left promiscuous mode
[  201.073152][   T28] bond_slave_0: left promiscuous mode
[  201.078640][   T28] bond_slave_1: left promiscuous mode
[  201.084329][   T28] bridge0: port 3(bond0) entered disabled state
[  201.099578][   T28] bridge_slave_1: left allmulticast mode
[  201.105321][   T28] bridge_slave_1: left promiscuous mode
[  201.111204][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.127045][   T28] bridge_slave_0: left allmulticast mode
[  201.132752][   T28] bridge_slave_0: left promiscuous mode
[  201.138464][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.299854][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  201.322292][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  201.341716][   T28] bond0 (unregistering): Released all slaves
[  201.351980][T14939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  201.367841][T14939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.392298][T14939] team0: Port device team_slave_0 added
[  201.401163][T14939] team0: Port device team_slave_1 added
[  201.427566][T14939] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.434536][T14939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.460637][T14939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.477805][T14939] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.484758][T14939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.510788][T14939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  201.526227][   T28] IPVS: stopping backup sync thread 13934 ...
[  201.540565][   T28] dummy0: left promiscuous mode
[  201.547085][   T28] hsr_slave_0: left promiscuous mode
[  201.554389][   T28] hsr_slave_1: left promiscuous mode
[  201.569756][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  201.577187][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.595878][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  201.603577][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  201.615331][   T28] veth1_macvtap: left promiscuous mode
[  201.621078][   T28] veth0_macvtap: left promiscuous mode
[  201.706523][   T28] team_slave_1 (unregistering): left promiscuous mode
[  201.714683][   T28] team0 (unregistering): Port device team_slave_1 removed
[  201.724881][   T28] team_slave_0 (unregistering): left promiscuous mode
[  201.732213][   T28] team0 (unregistering): Port device team_slave_0 removed
[  201.811523][T14939] hsr_slave_0: entered promiscuous mode
[  201.820010][T14939] hsr_slave_1: entered promiscuous mode
[  201.825974][T14939] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  201.835386][T14939] Cannot create hsr debugfs directory
[  201.932383][T15008] loop1: detected capacity change from 0 to 1764
[  201.939200][T15008] iso9660: Unknown parameter '��18446744073709551615�18446744073709551615'
[  201.951395][T14893] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  201.966861][T14893] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  201.975579][T14893] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  201.985061][T14893] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  202.046025][T14893] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.061290][T14893] 8021q: adding VLAN 0 to HW filter on device team0
[  202.078938][ T8111] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.086146][ T8111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  202.122317][   T28] IPVS: stop unused estimator thread 0...
[  202.130135][ T8111] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.137292][ T8111] bridge0: port 2(bridge_slave_1) entered forwarding state
[  202.159557][T15022] loop1: detected capacity change from 0 to 764
[  202.171325][   T29] audit: type=1400 audit(1720996714.940:1375): avc:  denied  { mounton } for  pid=15021 comm="syz.1.3687" path="/39/file0/file0" dev="loop1" ino=1856 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=dir permissive=1
[  202.195624][T14893] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  202.206047][T14893] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  202.284854][T14893] 8021q: adding VLAN 0 to HW filter on device batadv0
[  202.295075][T14898] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  202.328580][T14898] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  202.349658][T14898] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  202.399663][T14898] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  202.545531][T14898] 8021q: adding VLAN 0 to HW filter on device bond0
[  202.584034][T14898] 8021q: adding VLAN 0 to HW filter on device team0
[  202.629225][T14893] veth0_vlan: entered promiscuous mode
[  202.636527][ T8111] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.643687][ T8111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  202.653540][ T8111] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.660675][ T8111] bridge0: port 2(bridge_slave_1) entered forwarding state
[  202.674000][T14939] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  202.684302][T14939] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  202.701066][T14893] veth1_vlan: entered promiscuous mode
[  202.713214][T14939] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  202.733239][T14898] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  202.743853][T14898] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  202.767861][T14939] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  202.786121][T14893] veth0_macvtap: entered promiscuous mode
[  202.794464][T14893] veth1_macvtap: entered promiscuous mode
[  202.823128][T14893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.833753][T14893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.843796][T14893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.854442][T14893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.864401][T14893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.874966][T14893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.889299][T14893] batman_adv: batadv0: Interface activated: batadv_slave_0
[  202.921315][T14893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.932040][T14893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.942024][T14893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.952632][T14893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.962722][T14893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.973287][T14893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.984668][T14893] batman_adv: batadv0: Interface activated: batadv_slave_1
[  202.995236][T14893] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.004263][T14893] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.013166][T14893] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.022069][T14893] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.075439][T14898] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.088208][T14939] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.112499][T14939] 8021q: adding VLAN 0 to HW filter on device team0
[  203.140146][ T3162] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.147308][ T3162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.166897][T15049] loop2: detected capacity change from 0 to 512
[  203.190306][ T3162] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.197392][ T3162] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.208205][T15049] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  203.217993][T15049] EXT4-fs (loop2): group descriptors corrupted!
[  203.240296][T14939] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  203.250835][T14939] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  203.341325][T15069] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3694'.
[  203.392423][T14939] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.424912][T14898] veth0_vlan: entered promiscuous mode
[  203.452371][T14898] veth1_vlan: entered promiscuous mode
[  203.460706][T15080] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3697'.
[  203.512844][T15080] loop1: detected capacity change from 0 to 512
[  203.520169][T15080] EXT4-fs: Ignoring removed orlov option
[  203.522586][T14898] veth0_macvtap: entered promiscuous mode
[  203.542209][T15080] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102]
[  203.544152][T14898] veth1_macvtap: entered promiscuous mode
[  203.564825][T14898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.570828][T15080] System zones: 1-12
[  203.575331][T14898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.575340][T15080] 
[  203.575373][T14898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.601962][T14898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.601981][T14898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.622225][T14898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.632137][T14898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.642594][T14898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.645508][T14898] batman_adv: batadv0: Interface activated: batadv_slave_0
[  203.654955][T15080] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz.1.3697: casefold flag without casefold feature
[  203.661903][T14898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.683099][T14898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.693023][T14898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.703491][T14898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.709896][T15080] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.3697: couldn't read orphan inode 15 (err -117)
[  203.713311][T14898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.735636][T14898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.735655][T14898] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.735671][T14898] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.737089][T14898] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.778215][T15080] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.801447][T14939] veth0_vlan: entered promiscuous mode
[  203.808511][T14898] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.808583][T14898] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.808614][T14898] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.808660][T14898] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.818614][T14939] veth1_vlan: entered promiscuous mode
[  203.894610][T14939] veth0_macvtap: entered promiscuous mode
[  203.909566][T14939] veth1_macvtap: entered promiscuous mode
[  203.943104][T14939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.943123][T14939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.943147][T14939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.943160][T14939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.943172][T14939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.943185][T14939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.943196][T14939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.943209][T14939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.943217][T14939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  203.943229][T14939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.955613][T14939] batman_adv: batadv0: Interface activated: batadv_slave_0
[  203.956810][T14939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.956826][T14939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.956846][T14939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.956858][T14939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.956937][T14939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.956948][T14939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.956959][T14939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.957014][T14939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.957025][T14939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.957039][T14939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.958346][T14939] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.976465][T14939] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.976505][T14939] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.976538][T14939] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.976637][T14939] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.988910][T14113] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.062359][T15106] loop4: detected capacity change from 0 to 1024
[  204.066377][   T29] audit: type=1400 audit(1720996716.810:1376): avc:  denied  { ioctl } for  pid=15102 comm="syz.4.3701" path="socket:[55367]" dev="sockfs" ino=55367 ioctlcmd=0xffff scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  204.083173][T15106] EXT4-fs: Ignoring removed nomblk_io_submit option
[  204.282958][T15106] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.306275][T14670] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.327916][T14898] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.339467][T14113] syz_tun (unregistering): left promiscuous mode
[  204.367970][T15122] loop2: detected capacity change from 0 to 512
[  204.381155][T15122] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.400278][T15122] ext4 filesystem being mounted at /6/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  204.490077][T14893] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.504279][T15099] chnl_net:caif_netlink_parms(): no params data found
[  204.546484][T15149] SELinux:  Context :yz1b߱�U�Lo笁k�-�@��;���Q�i�k;�M��-�� is not valid (left unmapped).
[  204.554170][T15146] loop4: detected capacity change from 0 to 512
[  204.563321][   T29] audit: type=1400 audit(1720996717.330:1377): avc:  denied  { relabelto } for  pid=15143 comm="syz.0.3712" name="file0" dev="tmpfs" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=3A797A31621ADFB1BD55D74C6FE7AC81106BCE2DF540BB9D3BE8F6FF5104AA69926B1B3BDD4DA2E12D0ED8DE
[  204.570695][T15146] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  204.594506][   T29] audit: type=1400 audit(1720996717.330:1378): avc:  denied  { associate } for  pid=15143 comm="syz.0.3712" name="file0" dev="tmpfs" ino=38 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=3A797A31621ADFB1BD55D74C6FE7AC81106BCE2DF540BB9D3BE8F6FF5104AA69926B1B3BDD4DA2E12D0ED8DE
[  204.638973][   T29] audit: type=1400 audit(1720996717.380:1379): avc:  denied  { unlink } for  pid=14939 comm="syz-executor" name="file0" dev="tmpfs" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=3A797A31621ADFB1BD55D74C6FE7AC81106BCE2DF540BB9D3BE8F6FF5104AA69926B1B3BDD4DA2E12D0ED8DE
[  204.641226][T15146] EXT4-fs (loop4): 1 truncate cleaned up
[  204.676540][T15146] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.691311][T15155] team_slave_0: entered promiscuous mode
[  204.697079][T15155] team_slave_0: entered allmulticast mode
[  204.709599][T14898] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.724497][T15155] team0: Port device team_slave_0 removed
[  204.725277][T15099] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.737818][T15099] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.739651][T15099] bridge_slave_0: entered allmulticast mode
[  204.740421][T15099] bridge_slave_0: entered promiscuous mode
[  204.756276][T15099] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.756317][T15099] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.756656][T15099] bridge_slave_1: entered allmulticast mode
[  204.757265][T15099] bridge_slave_1: entered promiscuous mode
[  204.800417][T15099] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  204.820733][T15099] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  204.821812][T15164] block device autoloading is deprecated and will be removed.
[  204.842850][T15164] syz.0.3718: attempt to access beyond end of device
[  204.842850][T15164] md102: rw=2048, sector=0, nr_sectors = 8 limit=0
[  204.870654][T15099] team0: Port device team_slave_0 added
[  204.893159][T15171] loop4: detected capacity change from 0 to 256
[  204.901882][T15099] team0: Port device team_slave_1 added
[  204.926518][T15099] batman_adv: batadv0: Adding interface: batadv_slave_0
[  204.933695][T15099] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.959651][T15099] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.974307][T15171] FAT-fs (loop4): Directory bread(block 64) failed
[  204.980996][T15171] FAT-fs (loop4): Directory bread(block 65) failed
[  204.987627][T15171] FAT-fs (loop4): Directory bread(block 66) failed
[  204.994178][T15171] FAT-fs (loop4): Directory bread(block 67) failed
[  205.000835][T15099] batman_adv: batadv0: Adding interface: batadv_slave_1
[  205.007818][T15099] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.033907][T15099] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  205.036882][T15171] FAT-fs (loop4): Directory bread(block 68) failed
[  205.053583][T15171] FAT-fs (loop4): Directory bread(block 69) failed
[  205.060523][T15171] FAT-fs (loop4): Directory bread(block 70) failed
[  205.067277][T15171] FAT-fs (loop4): Directory bread(block 71) failed
[  205.073927][T15171] FAT-fs (loop4): Directory bread(block 72) failed
[  205.087458][T15171] FAT-fs (loop4): Directory bread(block 73) failed
[  205.097272][T15099] hsr_slave_0: entered promiscuous mode
[  205.105146][T15099] hsr_slave_1: entered promiscuous mode
[  205.115216][T15099] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  205.123653][T15099] Cannot create hsr debugfs directory
[  205.209342][   T28] kworker/u8:1: attempt to access beyond end of device
[  205.209342][   T28] loop4: rw=1, sector=1224, nr_sectors = 32 limit=256
[  205.236191][   T28] kworker/u8:1: attempt to access beyond end of device
[  205.236191][   T28] loop4: rw=1, sector=1288, nr_sectors = 100 limit=256
[  205.250142][   T28] kworker/u8:1: attempt to access beyond end of device
[  205.250142][   T28] loop4: rw=1, sector=1416, nr_sectors = 4 limit=256
[  205.280300][T15099] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.337087][T15099] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.368948][T15199] netlink: 'syz.0.3724': attribute type 10 has an invalid length.
[  205.376871][T15199] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3724'.
[  205.389948][T15199] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  205.395375][T15201] loop4: detected capacity change from 0 to 1024
[  205.414357][T15099] netdevsim netdevsim3 netdevsim1 (unregistering): left promiscuous mode
[  205.414406][T15201] EXT4-fs: Ignoring removed oldalloc option
[  205.422813][T15099] netdevsim netdevsim3 netdevsim1 (unregistering): left allmulticast mode
[  205.428811][T15201] EXT4-fs: Ignoring removed orlov option
[  205.433389][T15201] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  205.453484][T15201] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.454200][T15099] team0: Port device netdevsim1 removed
[  205.474492][T15099] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.494458][T14898] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.545501][T15099] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.585235][T15222] loop4: detected capacity change from 0 to 128
[  205.597101][T15225] sctp: [Deprecated]: syz.2.3739 (pid 15225) Use of struct sctp_assoc_value in delayed_ack socket option.
[  205.597101][T15225] Use struct sctp_sack_info instead
[  205.644645][T15099] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  205.663233][T15099] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  205.681841][T15099] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  205.684002][T15099] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  205.764456][T15099] 8021q: adding VLAN 0 to HW filter on device bond0
[  205.775617][T15234] loop2: detected capacity change from 0 to 256
[  205.788320][T15099] 8021q: adding VLAN 0 to HW filter on device team0
[  205.801349][ T3160] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.808566][ T3160] bridge0: port 1(bridge_slave_0) entered forwarding state
[  205.821876][ T3160] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.828969][ T3160] bridge0: port 2(bridge_slave_1) entered forwarding state
[  205.834820][T15236] loop2: detected capacity change from 0 to 128
[  205.863480][T15099] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  205.873954][T15099] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  205.939074][T15099] 8021q: adding VLAN 0 to HW filter on device batadv0
[  206.004972][T15243] loop2: detected capacity change from 0 to 4096
[  206.026177][T15243] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.072865][T15099] veth0_vlan: entered promiscuous mode
[  206.086770][T15099] veth1_vlan: entered promiscuous mode
[  206.143216][T15099] veth0_macvtap: entered promiscuous mode
[  206.151839][T15099] veth1_macvtap: entered promiscuous mode
[  206.164699][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.175226][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.185098][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.195616][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.205492][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.215966][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.225865][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.236340][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.246233][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.256785][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.266746][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.277321][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.313728][T15099] batman_adv: batadv0: Interface activated: batadv_slave_0
[  206.334856][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.345328][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.355267][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.365723][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.375634][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.386068][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.395920][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.406638][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.416519][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.426957][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.436787][T15099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.447256][T15099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.627949][T15099] batman_adv: batadv0: Interface activated: batadv_slave_1
[  206.637071][T15099] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.645834][T15099] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.654668][T15099] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.663429][T15099] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  206.681519][T15267] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3747'.
[  206.693242][T15282] netlink: 2860 bytes leftover after parsing attributes in process `syz.4.3752'.
[  206.845864][T14893] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.941745][T15300] loop4: detected capacity change from 0 to 1024
[  206.950383][T15300] EXT4-fs: Ignoring removed nomblk_io_submit option
[  206.979309][T15300] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.002380][T14898] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.134753][   T29] audit: type=1326 audit(1720996719.900:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15315 comm="syz.2.3762" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc4bb29fbd9 code=0x0
[  207.454839][T15339] xt_l2tp: v2 tid > 0xffff: 4294967295
[  207.478230][   T29] audit: type=1400 audit(1720996720.250:1381): avc:  denied  { setopt } for  pid=15341 comm="syz.4.3768" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  207.499336][T15322] chnl_net:caif_netlink_parms(): no params data found
[  207.499816][T15342] loop4: detected capacity change from 0 to 2048
[  207.518740][T15342] ext4: Unknown parameter 'obj_role'
[  207.555079][T15322] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.562281][T15322] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.569708][T15322] bridge_slave_0: entered allmulticast mode
[  207.576341][T15322] bridge_slave_0: entered promiscuous mode
[  207.584214][T15322] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.591351][T15322] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.598802][T15322] bridge_slave_1: entered allmulticast mode
[  207.605400][T15322] bridge_slave_1: entered promiscuous mode
[  207.611718][T15348] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  207.629826][   T29] audit: type=1326 audit(1720996720.400:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15341 comm="syz.4.3768" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3dffd1dbd9 code=0x0
[  207.693696][T15350] netlink: 'syz.1.3770': attribute type 7 has an invalid length.
[  207.701539][T15350] netlink: 'syz.1.3770': attribute type 8 has an invalid length.
[  207.711724][T15322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  207.727526][T15322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  207.770353][T15322] team0: Port device team_slave_0 added
[  207.793176][T15362] loop1: detected capacity change from 0 to 1024
[  207.801992][T15322] team0: Port device team_slave_1 added
[  207.817871][T15362] EXT4-fs: Ignoring removed i_version option
[  207.824695][T15362] EXT4-fs: Mount option(s) incompatible with ext2
[  207.850399][T15322] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.857610][T15322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.883610][T15322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.923290][T15362] IPVS: Error connecting to the multicast addr
[  207.932249][T15322] batman_adv: batadv0: Adding interface: batadv_slave_1
[  207.939260][T15322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.965256][T15322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.046460][T15322] hsr_slave_0: entered promiscuous mode
[  208.055047][T15322] hsr_slave_1: entered promiscuous mode
[  208.063488][T15322] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  208.073320][T15322] Cannot create hsr debugfs directory
[  208.189330][T15322] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.213269][T15382] netlink: 188 bytes leftover after parsing attributes in process `syz.3.3779'.
[  208.252906][T15386] IPVS: sh: UDP 0.0.0.0:0 - no destination available
[  208.259713][ T8112] IPVS: starting estimator thread 0...
[  208.356196][T15401] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3785'.
[  208.365385][T15387] IPVS: using max 2400 ests per chain, 120000 per kthread
[  208.416394][T15410] loop3: detected capacity change from 0 to 128
[  208.441221][T15410] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  208.469553][T15425] syz.1.3794: attempt to access beyond end of device
[  208.469553][T15425] md102: rw=2048, sector=1155618608, nr_sectors = 8 limit=0
[  208.474658][T15410] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  208.518109][T15434] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3797'.
[  208.530070][T15431] netlink: 'syz.4.3796': attribute type 1 has an invalid length.
[  208.537114][T15410] IPVS: Scheduler module ip_vs_sip not found
[  208.537869][T15431] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3796'.
[  208.575689][T15099] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  208.579788][T15437] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  208.591240][T15437] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  208.599037][T15437] vhci_hcd vhci_hcd.0: Device attached
[  208.638135][T15436] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(7)
[  208.644686][T15436] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  208.652339][T15436] vhci_hcd vhci_hcd.0: Device attached
[  208.681784][T15322] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.705413][T15448] vhci_hcd: connection closed
[  208.705429][T15442] vhci_hcd: connection closed
[  208.710370][   T11] vhci_hcd: stop threads
[  208.719541][   T11] vhci_hcd: release socket
[  208.723967][   T11] vhci_hcd: disconnect device
[  208.733158][   T11] vhci_hcd: stop threads
[  208.737431][   T11] vhci_hcd: release socket
[  208.742016][   T11] vhci_hcd: disconnect device
[  208.769196][T15322] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.798206][ T8112] vhci_hcd: vhci_device speed not set
[  208.828239][T15322] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.839004][   T29] audit: type=1326 audit(1720996721.610:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15470 comm="syz.3.3808" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd9c436cbd9 code=0x0
[  208.867029][T15471] loop1: detected capacity change from 0 to 512
[  208.874223][T15471] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  208.885674][T15471] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (11649!=33280)
[  208.895345][T15471] EXT4-fs (loop1): group descriptors corrupted!
[  208.915009][ T7317] bridge_slave_1: left allmulticast mode
[  208.920768][ T7317] bridge_slave_1: left promiscuous mode
[  208.926450][ T7317] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.934826][ T7317] bridge_slave_0: left allmulticast mode
[  208.940555][ T7317] bridge_slave_0: left promiscuous mode
[  208.946343][ T7317] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.091281][ T7317] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  209.102385][ T7317] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  209.112945][ T7317] bond0 (unregistering): Released all slaves
[  209.142368][T15490] loop1: detected capacity change from 0 to 8192
[  209.143368][T15322] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  209.175118][T15322] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  209.184870][T15322] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  209.194204][T15492] netlink: 'syz.4.3816': attribute type 10 has an invalid length.
[  209.202152][T15492] macvlan1: entered promiscuous mode
[  209.207602][T15492] macvlan1: entered allmulticast mode
[  209.212984][T15492] veth1_vlan: entered allmulticast mode
[  209.220616][T15322] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  209.240500][ T7317] hsr_slave_0: left promiscuous mode
[  209.246325][ T7317] hsr_slave_1: left promiscuous mode
[  209.252595][ T7317] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  209.260092][ T7317] batman_adv: batadv0: Removing interface: batadv_slave_0
[  209.268222][ T7317] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  209.275648][ T7317] batman_adv: batadv0: Removing interface: batadv_slave_1
[  209.286365][ T7317] veth1_macvtap: left promiscuous mode
[  209.292070][ T7317] veth0_macvtap: left promiscuous mode
[  209.297699][ T7317] veth1_vlan: left promiscuous mode
[  209.302947][ T7317] veth0_vlan: left promiscuous mode
[  209.416662][ T7317] team0 (unregistering): Port device team_slave_1 removed
[  209.428669][ T7317] team0 (unregistering): Port device team_slave_0 removed
[  209.513713][T15499] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  209.536148][T15322] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.554667][T15322] 8021q: adding VLAN 0 to HW filter on device team0
[  209.565533][ T3161] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.572702][ T3161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.583020][T15503] netlink: 10 bytes leftover after parsing attributes in process `syz.0.3821'.
[  209.595210][ T8402] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.602371][ T8402] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.690240][T15322] 8021q: adding VLAN 0 to HW filter on device batadv0
[  209.691184][T15519] loop3: detected capacity change from 0 to 2048
[  209.775358][T15322] veth0_vlan: entered promiscuous mode
[  209.786638][T15322] veth1_vlan: entered promiscuous mode
[  209.803902][T15322] veth0_macvtap: entered promiscuous mode
[  209.811655][T15322] veth1_macvtap: entered promiscuous mode
[  209.822661][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.833218][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.843121][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.853938][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.864043][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.874478][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.884294][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.894745][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.904650][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.915104][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.924989][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.935461][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.948048][T15322] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.959702][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.970435][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.980353][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.990925][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.000761][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.011194][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.021069][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.031544][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.041351][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.051786][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.061667][T15322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.072159][T15322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.083886][T15322] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.093799][T15322] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.102563][T15322] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.111345][T15322] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.120137][T15322] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.248976][T15536] syz.2.3827: attempt to access beyond end of device
[  210.248976][T15536] md102: rw=2048, sector=1155618608, nr_sectors = 8 limit=0
[  210.424236][T15542] futex_wake_op: syz.0.3829 tries to shift op by 144; fix this program
[  210.454638][T15549] usb usb5: usbfs: process 15549 (syz.2.3833) did not claim interface 0 before use
[  210.481803][   T29] audit: type=1400 audit(1720996723.250:1384): avc:  denied  { getopt } for  pid=15559 comm="syz.1.3836" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  210.502350][T15554] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3830'.
[  210.511573][   T29] audit: type=1400 audit(1720996723.250:1385): avc:  denied  { setattr } for  pid=15559 comm="syz.1.3836" name="PING" dev="sockfs" ino=57582 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  210.512367][T15561] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.563195][T15565] netlink: 'syz.4.3838': attribute type 7 has an invalid length.
[  210.621439][T15569] syz.1.3839: attempt to access beyond end of device
[  210.621439][T15569] md102: rw=2048, sector=1155618608, nr_sectors = 8 limit=0
[  210.639747][T15571] netlink: 10 bytes leftover after parsing attributes in process `syz.0.3840'.
[  210.689062][T15588] loop1: detected capacity change from 0 to 256
[  210.692228][T15583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3844'.
[  210.712865][T15590] loop4: detected capacity change from 0 to 256
[  210.720345][T15590] FAT-fs (loop4): Unrecognized mount option "r�;)|" or missing value
[  210.764427][T15595] loop2: detected capacity change from 0 to 4096
[  210.786306][T15595] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.829233][T15605] loop3: detected capacity change from 0 to 512
[  210.841039][T15605] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.854104][T15605] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.863792][T15611] netlink: 'syz.1.3852': attribute type 9 has an invalid length.
[  210.867079][   T29] audit: type=1400 audit(1720996723.640:1386): avc:  denied  { ioctl } for  pid=15604 comm="syz.3.3851" path="/22/file0/file1" dev="loop3" ino=15 ioctlcmd=0x5839 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  210.876957][T15605] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  210.925861][T15322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.937214][T15605] Cannot find set identified by id 0 to match
[  210.951143][T15099] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.980179][T15617] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3854'.
[  211.029047][T15626] loop3: detected capacity change from 0 to 512
[  211.036838][T15626] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #15: comm syz.3.3858: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  211.057583][T15626] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.3858: couldn't read orphan inode 15 (err -117)
[  211.081096][T15626] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.094141][T15626] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  211.115213][T15099] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.133671][T15647] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3860'.
[  211.142901][T15647] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3860'.
[  211.147674][T15638] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  211.147674][T15638] The task syz.2.3862 (15638) triggered the difference, watch for misbehavior.
[  211.151965][T15647] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.177667][T15647] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.184772][T15647] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.309214][T15667] loop3: detected capacity change from 0 to 256
[  211.316306][T15667] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  211.333788][T15668] netlink: 'syz.2.3867': attribute type 7 has an invalid length.
[  211.467945][T15672] syz.0.3871: attempt to access beyond end of device
[  211.467945][T15672] md102: rw=2048, sector=1155618608, nr_sectors = 8 limit=0
[  211.492145][T15683] team0: Device ipvlan2 failed to register rx_handler
[  211.536765][T15689] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.545460][T15690] loop2: detected capacity change from 0 to 128
[  211.614518][T15703] loop3: detected capacity change from 0 to 2048
[  211.645347][T15703] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.773920][   T29] audit: type=1400 audit(1720996724.540:1387): avc:  denied  { read } for  pid=15710 comm="syz.4.3886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  211.934829][T15739] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  212.046623][T15748] delete_channel: no stack
[  212.063454][T15750] futex_wake_op: syz.2.3897 tries to shift op by 36; fix this program
[  212.074246][T15750] program syz.2.3897 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  212.096854][T15752] netlink: 'syz.2.3898': attribute type 21 has an invalid length.
[  212.104901][T15752] netlink: 'syz.2.3898': attribute type 1 has an invalid length.
[  212.461364][T15099] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.465256][T15763] tipc: Started in network mode
[  212.475335][T15763] tipc: Node identity id-name-, cluster identity 4711
[  212.482204][T15763] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  212.491434][T15761] macvlan0: entered allmulticast mode
[  212.496888][T15761] veth1_vlan: entered allmulticast mode
[  212.512566][T15761] pim6reg: entered allmulticast mode
[  212.535211][T15772] IPVS: Error joining to the multicast group
[  212.587657][   T29] audit: type=1326 audit(1720996725.350:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15780 comm="syz.0.3911" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f72b4431bd9 code=0x0
[  212.604464][T15789] loop1: detected capacity change from 0 to 2048
[  212.628617][T15792] netlink: 'syz.2.3910': attribute type 10 has an invalid length.
[  212.642466][T15789] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.664951][T15792] team0: Failed to send options change via netlink (err -105)
[  212.672559][T15792] team0: Port device netdevsim1 added
[  212.689364][T15786] syz.4.3912: attempt to access beyond end of device
[  212.689364][T15786] md102: rw=2048, sector=1155618608, nr_sectors = 8 limit=0
[  212.703505][T15779] netlink: 'syz.2.3910': attribute type 10 has an invalid length.
[  212.714540][T15779] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  212.734032][T15779] team0: Failed to send options change via netlink (err -105)
[  212.747895][T15779] team0: Failed to send port change of device netdevsim1 via netlink (err -105)
[  212.753201][T15811] xt_CT: You must specify a L4 protocol and not use inversions on it
[  212.758276][T15779] team0: Port device netdevsim1 removed
[  212.773599][T15779] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[  212.838005][T15803] loop3: detected capacity change from 0 to 512
[  212.846045][T15803] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2234: inode #15: comm syz.3.3916: corrupted in-inode xattr: bad e_name length
[  212.860032][T15803] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.3916: couldn't read orphan inode 15 (err -117)
[  212.872618][T15803] EXT4-fs (loop3): mounted filesystem 00000004-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.447278][T14670] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.535365][T15838] syz.1.3927: attempt to access beyond end of device
[  213.535365][T15838] md102: rw=2048, sector=1155618608, nr_sectors = 8 limit=0
[  213.555220][T15099] EXT4-fs (loop3): unmounting filesystem 00000004-0000-0000-0000-000000000000.
[  213.580547][T15848] __nla_validate_parse: 8 callbacks suppressed
[  213.580564][T15848] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3932'.
[  213.608707][T15850] syz_tun: entered promiscuous mode
[  213.615087][T15850] macvtap1: entered promiscuous mode
[  213.620638][T15850] macvtap1: entered allmulticast mode
[  213.626063][T15850] syz_tun: entered allmulticast mode
[  213.633896][T15854] loop1: detected capacity change from 0 to 2048
[  213.641209][T15850] syz_tun: left allmulticast mode
[  213.646322][T15850] syz_tun: left promiscuous mode
[  213.667982][T15854] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.695486][T15854] netlink: 10 bytes leftover after parsing attributes in process `syz.1.3934'.
[  213.752245][T15875] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3939'.
[  213.770113][T15879] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3941'.
[  213.784884][T15870] loop3: detected capacity change from 0 to 512
[  213.793918][T15870] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  213.809063][T15884] ALSA: seq fatal error: cannot create timer (-22)
[  213.813781][T15875] loop4: detected capacity change from 0 to 2048
[  213.824710][T15870] EXT4-fs (loop3): 1 truncate cleaned up
[  213.841111][T15870] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.857870][T15875]  loop4: p2 < > p4
[  213.862095][T15875] loop4: p4 size 8192 extends beyond EOD, truncated
[  214.004330][T15906] loop4: detected capacity change from 0 to 4096
[  214.019086][T15906] EXT4-fs: Ignoring removed nobh option
[  214.035891][T15906] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.054622][T15906] netlink: 'syz.4.3947': attribute type 7 has an invalid length.
[  214.066188][   T29] audit: type=1400 audit(1720996726.830:1389): avc:  denied  { write } for  pid=15905 comm="syz.4.3947" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  214.090888][T15099] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.125563][T14898] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.143384][T15921] loop3: detected capacity change from 0 to 512
[  214.150289][T15921] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  214.161234][T15921] EXT4-fs (loop3): can't mount with journal_async_commit, fs mounted w/o journal
[  214.181465][T15923] loop4: detected capacity change from 0 to 512
[  214.199350][T15923] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.212516][T15923] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.231178][T15923] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3950'.
[  214.293189][T15929] loop3: detected capacity change from 0 to 512
[  214.309179][T15929] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.321984][T15929] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.335021][T15929] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  214.350340][T15929] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 49280 with max blocks 2 with error 28
[  214.362907][T15929] EXT4-fs (loop3): This should not happen!! Data will be lost
[  214.362907][T15929] 
[  214.372577][T15929] EXT4-fs (loop3): Total free blocks count 0
[  214.378723][T15929] EXT4-fs (loop3): Free/Dirty block details
[  214.384617][T15929] EXT4-fs (loop3): free_blocks=65281
[  214.389920][T15929] EXT4-fs (loop3): dirty_blocks=2
[  214.394945][T15929] EXT4-fs (loop3): Block reservation details
[  214.400974][T15929] EXT4-fs (loop3): i_reserved_data_blocks=2
[  214.414721][T15099] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.466878][T14670] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.576408][T15953] loop2: detected capacity change from 0 to 1024
[  214.577220][T15956] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  214.595003][T15953] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  214.606663][T15953] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.646761][T15322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.656031][T15961] netlink: 10 bytes leftover after parsing attributes in process `syz.0.3965'.
[  214.687827][T15971] loop1: detected capacity change from 0 to 512
[  214.701611][T15971] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.714463][T15971] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.729646][T15971] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.807380][T15989] netlink: 92 bytes leftover after parsing attributes in process `syz.2.3973'.
[  214.816494][T15989] netlink: 92 bytes leftover after parsing attributes in process `syz.2.3973'.
[  214.831019][T15990] SELinux:  Context k��8mS���T�_�)d��+'Qd�#s�E��g��uz�L�ژK�.
[  214.831019][T15990] ���H@a�n�QTL��܎�09�tlCQ�:��H�7�]���f��Zj�()L��m��኷jK��C�{�hӴ�TF C^,���5�E�C��)�|s=�2@�3�^�efv�:l)t�ѹ�K*!Mz��G_N�P���g���zc])yA4���=�J�M�.~�q߮�� is not valid (left unmapped).
[  214.859101][T15990] SELinux:  Context �����ơ�Y�
�:����]��+���|0�fj@��:�d߻!�?|>F0=[W�{�'�b�y/xR������eZ} is not valid (left unmapped).
[  214.872738][T15990] SELinux:  Context ;�6T}jV
��:ң\��]��݅�xs�w�T���<{&s�Jv�/h��G��R�Yqˬ���~R���ώY��e�@��b�s���� is not valid (left unmapped).
[  214.908689][T15995] loop1: detected capacity change from 0 to 2048
[  214.919155][T15995] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.938831][T14670] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.995628][T16000] loop1: detected capacity change from 0 to 256
[  215.083547][T16002] syzkaller0: entered promiscuous mode
[  215.089143][T16002] syzkaller0: entered allmulticast mode
[  215.098999][T16002] pim6reg1: entered promiscuous mode
[  215.104312][T16002] pim6reg1: entered allmulticast mode
[  215.208827][T16004] FAULT_INJECTION: forcing a failure.
[  215.208827][T16004] name failslab, interval 1, probability 0, space 0, times 0
[  215.221471][T16004] CPU: 0 PID: 16004 Comm: syz.1.3978 Tainted: G        W          6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[  215.233107][T16004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  215.243270][T16004] Call Trace:
[  215.246615][T16004]  <TASK>
[  215.249546][T16004]  dump_stack_lvl+0xf2/0x150
[  215.254184][T16004]  dump_stack+0x15/0x20
[  215.258369][T16004]  should_fail_ex+0x229/0x230
[  215.263104][T16004]  ? alloc_workqueue+0x14a/0x12c0
[  215.268184][T16004]  __should_failslab+0x92/0xa0
[  215.272946][T16004]  should_failslab+0x9/0x20
[  215.277547][T16004]  __kmalloc_noprof+0xa5/0x370
[  215.282414][T16004]  alloc_workqueue+0x14a/0x12c0
[  215.287424][T16004]  nci_register_device+0x129/0x580
[  215.292549][T16004]  virtual_ncidev_open+0xdc/0x140
[  215.297600][T16004]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  215.303350][T16004]  misc_open+0x207/0x240
[  215.307709][T16004]  chrdev_open+0x323/0x3a0
[  215.312169][T16004]  ? __pfx_chrdev_open+0x10/0x10
[  215.317121][T16004]  do_dentry_open+0x647/0xa60
[  215.321816][T16004]  vfs_open+0x3b/0x1f0
[  215.325881][T16004]  path_openat+0x1ad9/0x1fa0
[  215.330540][T16004]  ? _parse_integer+0x27/0x30
[  215.335229][T16004]  ? kstrtoull+0x110/0x140
[  215.339718][T16004]  do_filp_open+0xf7/0x200
[  215.344170][T16004]  do_sys_openat2+0xab/0x120
[  215.348769][T16004]  __x64_sys_openat+0xf3/0x120
[  215.353603][T16004]  x64_sys_call+0x1057/0x2d70
[  215.358369][T16004]  do_syscall_64+0xc9/0x1c0
[  215.362887][T16004]  ? clear_bhb_loop+0x55/0xb0
[  215.367643][T16004]  ? clear_bhb_loop+0x55/0xb0
[  215.372340][T16004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.378238][T16004] RIP: 0033:0x7f12c2b1ebd9
[  215.382653][T16004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.402300][T16004] RSP: 002b:00007f12c1da0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  215.410851][T16004] RAX: ffffffffffffffda RBX: 00007f12c2cacf60 RCX: 00007f12c2b1ebd9
[  215.418888][T16004] RDX: 0000000000005400 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  215.426848][T16004] RBP: 00007f12c1da00a0 R08: 0000000000000000 R09: 0000000000000000
[  215.434834][T16004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  215.442827][T16004] R13: 000000000000000b R14: 00007f12c2cacf60 R15: 00007ffc35b79198
[  215.450802][T16004]  </TASK>
[  215.467685][T14898] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.560487][T16023] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3987'.
[  215.570284][T16013] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3983'.
[  215.586035][T16027] loop4: detected capacity change from 0 to 512
[  215.593277][T16027] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  215.610070][T16027] EXT4-fs (loop4): 1 orphan inode deleted
[  215.615826][T16027] EXT4-fs (loop4): 1 truncate cleaned up
[  215.616592][T16033] syz_tun: entered promiscuous mode
[  215.622103][T16027] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.629585][T16033] macvtap1: entered promiscuous mode
[  215.644476][T16033] macvtap1: entered allmulticast mode
[  215.650010][T16033] syz_tun: entered allmulticast mode
[  215.657293][T16033] syz_tun: left allmulticast mode
[  215.662510][T16033] syz_tun: left promiscuous mode
[  215.736926][ T8397] IPVS: starting estimator thread 0...
[  215.759915][T14898] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.800375][T16050] netlink: 'syz.1.3998': attribute type 21 has an invalid length.
[  215.810696][T16050] netlink: 'syz.1.3998': attribute type 6 has an invalid length.
[  215.827795][T16041] IPVS: using max 2400 ests per chain, 120000 per kthread
[  215.851088][T16053] loop4: detected capacity change from 0 to 256
[  215.900674][T16063] netlink: 'syz.1.4002': attribute type 33 has an invalid length.
[  215.919787][   T29] audit: type=1400 audit(1720996728.690:1390): avc:  denied  { mount } for  pid=16058 comm="syz.0.4000" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  215.961456][   T29] audit: type=1400 audit(1720996728.690:1391): avc:  denied  { getattr } for  pid=16058 comm="syz.0.4000" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  216.003751][T16070] loop1: detected capacity change from 0 to 512
[  216.015746][T16070] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  216.027909][T16070] EXT4-fs (loop1): 1 orphan inode deleted
[  216.033660][T16070] EXT4-fs (loop1): 1 truncate cleaned up
[  216.070465][T16073] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  216.166114][T16075] netlink: 'syz.4.4008': attribute type 4 has an invalid length.
[  216.252868][ T3125] hid-generic 0000:0000:0000.0007: item fetching failed at offset 0/1
[  216.263903][   T29] audit: type=1400 audit(1720996729.030:1392): avc:  denied  { ioctl } for  pid=16087 comm="syz.4.4011" path="/dev/usbmon0" dev="devtmpfs" ino=117 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  216.289604][ T3125] hid-generic 0000:0000:0000.0007: probe with driver hid-generic failed with error -22
[  216.363787][T16094] loop4: detected capacity change from 0 to 512
[  216.374718][T16094] EXT4-fs error (device loop4): ext4_orphan_get:1420: comm syz.4.4013: bad orphan inode 17
[  216.384885][T16094] ext4_test_bit(bit=16, block=4) = 1
[  216.390258][T16094] is_bad_inode(inode)=0
[  216.394493][T16094] NEXT_ORPHAN(inode)=0
[  216.398583][T16094] max_ino=32
[  216.401857][T16094] i_nlink=1
[  216.407357][T16094] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4013: bg 0: block 7: invalid block bitmap
[  216.450849][T16103] can: request_module (can-proto-3) failed.
[  216.486076][T16108] loop2: detected capacity change from 0 to 512
[  216.493549][T16108] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  216.505299][T16108] EXT4-fs (loop2): 1 orphan inode deleted
[  216.511122][T16108] EXT4-fs (loop2): 1 truncate cleaned up
[  216.688527][T16137] loop2: detected capacity change from 0 to 128
[  216.705576][   T29] audit: type=1400 audit(1720996729.470:1393): avc:  denied  { unmount } for  pid=14939 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  216.745804][T16143] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  216.748269][T16144] loop4: detected capacity change from 0 to 512
[  216.762743][T16143] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16143 comm=syz.0.4029
[  216.775946][T16143] ref_ctr_offset mismatch. inode: 0x17e offset: 0x0 ref_ctr_offset(old): 0x82 ref_ctr_offset(new): 0x0
[  216.791978][T16144] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  216.804489][T16144] EXT4-fs (loop4): 1 orphan inode deleted
[  216.810446][T16144] EXT4-fs (loop4): 1 truncate cleaned up
[  216.938563][T16156] syz_tun: entered promiscuous mode
[  216.944725][T16156] batadv_slave_1: entered promiscuous mode
[  216.951132][T16156] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  216.958745][T16156] Cannot create hsr debugfs directory
[  216.964227][T16156] hsr1: entered promiscuous mode
[  216.969240][T16156] hsr1: entered allmulticast mode
[  216.974282][T16156] syz_tun: entered allmulticast mode
[  216.979672][T16156] batadv_slave_1: entered allmulticast mode
[  217.112641][T16182] loop1: detected capacity change from 0 to 1024
[  217.126877][T16187] netlink: 'syz.2.4047': attribute type 10 has an invalid length.
[  217.145635][T16187] batman_adv: batadv0: Adding interface: team0
[  217.151954][T16187] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.177161][T16187] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  217.198205][T16193] geneve1: entered promiscuous mode
[  217.203691][T16193] geneve1: entered allmulticast mode
[  217.216164][T16193] team0: Port device geneve1 added
[  217.224105][T16192] netlink: 'syz.2.4047': attribute type 10 has an invalid length.
[  217.234740][T16192] team0: entered promiscuous mode
[  217.240120][T16192] team_slave_0: entered promiscuous mode
[  217.245993][T16192] team_slave_1: entered promiscuous mode
[  217.252861][T16192] 8021q: adding VLAN 0 to HW filter on device team0
[  217.260184][T16192] batman_adv: batadv0: Interface activated: team0
[  217.266774][T16192] batman_adv: batadv0: Interface deactivated: team0
[  217.273475][T16192] batman_adv: batadv0: Removing interface: team0
[  217.282537][T16192] bridge0: port 3(team0) entered blocking state
[  217.289737][T16192] bridge0: port 3(team0) entered disabled state
[  217.296386][T16192] team0: entered allmulticast mode
[  217.301560][T16192] team_slave_0: entered allmulticast mode
[  217.307289][T16192] team_slave_1: entered allmulticast mode
[  217.315173][T16192] bridge0: port 3(team0) entered blocking state
[  217.321619][T16192] bridge0: port 3(team0) entered forwarding state
[  217.626391][T16224] loop1: detected capacity change from 0 to 512
[  217.635898][T16224] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz.1.4058: casefold flag without casefold feature
[  217.651005][T16224] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.4058: couldn't read orphan inode 15 (err -117)
[  217.746086][T16227] loop1: detected capacity change from 0 to 512
[  217.753996][T16227] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #15: comm syz.1.4059: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  217.774810][T16227] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.4059: couldn't read orphan inode 15 (err -117)
[  217.789905][T16227] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.880814][T16232] loop1: detected capacity change from 0 to 512
[  218.054875][   T29] audit: type=1400 audit(1720996730.820:1394): avc:  denied  { accept } for  pid=16274 comm="syz.1.4077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  218.099789][T16280] loop2: detected capacity change from 0 to 2048
[  218.886637][T16298] loop4: detected capacity change from 0 to 128
[  218.897950][T16298] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978)
[  218.901713][T16298] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz.4.4084: No space for directory leaf checksum. Please run e2fsck -D.
[  218.922951][T16298] EXT4-fs error (device loop4): __ext4_find_entry:1695: inode #2: comm syz.4.4084: checksumming directory block 0
[  218.938692][T16298] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:405: inode #2: comm syz.4.4084: No space for directory leaf checksum. Please run e2fsck -D.
[  218.938727][T16298] EXT4-fs error (device loop4): __ext4_find_entry:1695: inode #2: comm syz.4.4084: checksumming directory block 0
[  218.956241][T16303] xt_policy: neither incoming nor outgoing policy selected
[  218.956424][T16307] xt_policy: neither incoming nor outgoing policy selected
[  218.960822][T16303] __nla_validate_parse: 16 callbacks suppressed
[  218.960838][T16303] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4086'.
[  218.969224][T16308] loop2: detected capacity change from 0 to 2048
[  219.016678][T16308] ext4: Unknown parameter 'fsname'
[  219.050156][T16319] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4090'.
[  219.072670][   T29] audit: type=1326 audit(1720996731.830:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16318 comm="syz.1.4090" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12c2b1ebd9 code=0x0
[  219.084053][T16328] netlink: 'syz.0.4094': attribute type 1 has an invalid length.
[  219.103562][T16328] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4094'.
[  219.125575][T16329] loop2: detected capacity change from 0 to 2048
[  219.160862][   T29] audit: type=1326 audit(1720996731.930:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16318 comm="syz.1.4090" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f12c2b1ebd9 code=0x0
[  219.189379][T16329] netlink: 10 bytes leftover after parsing attributes in process `syz.2.4093'.
[  219.206185][T16351] netlink: 'syz.0.4100': attribute type 10 has an invalid length.
[  219.231024][T16351] batman_adv: batadv0: Adding interface: team0
[  219.237194][T16351] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.262516][T16351] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  219.308376][T16359] loop4: detected capacity change from 0 to 256
[  219.994667][   T29] audit: type=1326 audit(1720996732.760:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16376 comm="syz.4.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dffd1dbd9 code=0x7ffc0000
[  220.018895][T16377] loop4: detected capacity change from 0 to 256
[  220.019150][   T29] audit: type=1326 audit(1720996732.760:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16376 comm="syz.4.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dffd1dbd9 code=0x7ffc0000
[  220.048884][   T29] audit: type=1326 audit(1720996732.760:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16376 comm="syz.4.4106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3dffd1dbd9 code=0x7ffc0000
[  220.104770][T16379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.115284][T16379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.125196][T16379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.135655][T16379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.145512][T16379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.156011][T16379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.165908][T16379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.176388][T16379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.186220][T16379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.196654][T16379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.206494][T16379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.216930][T16379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.226760][T16379] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.237371][T16379] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.369231][T16389] netlink: 'syz.4.4110': attribute type 21 has an invalid length.
[  220.377101][T16389] netlink: 176 bytes leftover after parsing attributes in process `syz.4.4110'.
[  220.471362][T16407] sctp: [Deprecated]: syz.2.4118 (pid 16407) Use of struct sctp_assoc_value in delayed_ack socket option.
[  220.471362][T16407] Use struct sctp_sack_info instead
[  220.489419][T16405] netlink: 10 bytes leftover after parsing attributes in process `syz.0.4117'.
[  220.610165][T16421] loop4: detected capacity change from 0 to 8192
[  220.638599][T16421]  loop4: p1 < > p2 < p5 > p4
[  220.644360][T16421] loop4: p4 size 16776960 extends beyond EOD, truncated
[  220.651840][T16421] loop4: p5 size 16776960 extends beyond EOD, truncated
[  220.791622][T16438] loop1: detected capacity change from 0 to 128
[  220.814656][T16442] netlink: 'syz.4.4129': attribute type 8 has an invalid length.
[  220.822571][T16442] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4129'.
[  220.875101][T16448] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=16448 comm=syz.4.4132
[  220.905550][T16450] loop4: detected capacity change from 0 to 2048
[  220.917956][T16452] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4133'.
[  220.938825][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  220.938843][   T29] audit: type=1400 audit(1720996733.710:1527): avc:  denied  { map } for  pid=16455 comm="syz.1.4135" path="socket:[60739]" dev="sockfs" ino=60739 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  221.004987][T16459] loop4: detected capacity change from 0 to 128
[  221.086823][   T29] audit: type=1326 audit(1720996733.850:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.4137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dffd1dbd9 code=0x7fc00000
[  221.183852][T16462] loop4: detected capacity change from 0 to 1024
[  221.190327][   T29] audit: type=1326 audit(1720996733.950:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.4137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3dffd14c27 code=0x7fc00000
[  221.213794][   T29] audit: type=1326 audit(1720996733.950:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.4137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3dffcb95d9 code=0x7fc00000
[  221.237207][   T29] audit: type=1326 audit(1720996733.950:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.4137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f3dffcb969f code=0x7fc00000
[  221.242188][T16462] EXT4-fs: Mount option(s) incompatible with ext3
[  221.260650][   T29] audit: type=1326 audit(1720996733.950:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.4.4137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3dffd1dbd9 code=0x7fc00000
[  221.325982][   T29] audit: type=1326 audit(1720996734.090:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16463 comm="syz.2.4139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fd04a9bd9 code=0x7ffc0000
[  221.371347][   T29] audit: type=1326 audit(1720996734.090:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16463 comm="syz.2.4139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f7fd04a9bd9 code=0x7ffc0000
[  221.394968][   T29] audit: type=1326 audit(1720996734.090:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16463 comm="syz.2.4139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fd04a9bd9 code=0x7ffc0000
[  221.418575][   T29] audit: type=1326 audit(1720996734.090:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16463 comm="syz.2.4139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7fd04ab9f7 code=0x7ffc0000
[  221.461507][T16475] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4143'.
[  221.503467][T16480] netlink: 2860 bytes leftover after parsing attributes in process `syz.1.4145'.
[  221.598584][T16488] loop2: detected capacity change from 0 to 1024
[  221.609675][T16488] EXT4-fs: Ignoring removed nomblk_io_submit option
[  221.805546][T16503] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  221.940445][T16505] loop1: detected capacity change from 0 to 8192
[  222.032332][T16517] ==================================================================
[  222.040456][T16517] BUG: KCSAN: data-race in mark_buffer_dirty_inode / mark_buffer_dirty_inode
[  222.049234][T16517] 
[  222.051567][T16517] write to 0xffff8881083f0128 of 8 bytes by task 16505 on cpu 0:
[  222.059299][T16517]  mark_buffer_dirty_inode+0x18d/0x1c0
[  222.064783][T16517]  fat_mirror_bhs+0x241/0x330
[  222.069505][T16517]  fat_alloc_clusters+0x994/0xa80
[  222.074581][T16517]  fat_get_block+0x25c/0x5e0
[  222.079178][T16517]  __block_write_begin_int+0x417/0xfa0
[  222.084667][T16517]  block_write_begin+0x7b/0x170
[  222.089565][T16517]  cont_write_begin+0x486/0x6b0
[  222.094439][T16517]  fat_write_begin+0x61/0xf0
[  222.099090][T16517]  generic_perform_write+0x1d5/0x410
[  222.104408][T16517]  __generic_file_write_iter+0xa1/0x120
[  222.109981][T16517]  generic_file_write_iter+0x7d/0x1d0
[  222.115379][T16517]  vfs_write+0x78f/0x900
[  222.119647][T16517]  ksys_write+0xeb/0x1b0
[  222.123903][T16517]  __x64_sys_write+0x42/0x50
[  222.128529][T16517]  x64_sys_call+0x27ef/0x2d70
[  222.133216][T16517]  do_syscall_64+0xc9/0x1c0
[  222.137749][T16517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.143671][T16517] 
[  222.145999][T16517] read to 0xffff8881083f0128 of 8 bytes by task 16517 on cpu 1:
[  222.153637][T16517]  mark_buffer_dirty_inode+0x96/0x1c0
[  222.159034][T16517]  fat_mirror_bhs+0x241/0x330
[  222.163767][T16517]  fat_alloc_clusters+0x994/0xa80
[  222.168825][T16517]  fat_get_block+0x25c/0x5e0
[  222.173428][T16517]  __block_write_begin_int+0x417/0xfa0
[  222.178894][T16517]  block_write_begin+0x7b/0x170
[  222.183777][T16517]  cont_write_begin+0x486/0x6b0
[  222.188645][T16517]  fat_write_begin+0x61/0xf0
[  222.193333][T16517]  generic_perform_write+0x1d5/0x410
[  222.198636][T16517]  __generic_file_write_iter+0xa1/0x120
[  222.204206][T16517]  generic_file_write_iter+0x7d/0x1d0
[  222.209606][T16517]  iter_file_splice_write+0x5e6/0x970
[  222.215004][T16517]  direct_splice_actor+0x16c/0x2c0
[  222.220138][T16517]  splice_direct_to_actor+0x305/0x670
[  222.225521][T16517]  do_splice_direct+0xd7/0x150
[  222.230303][T16517]  do_sendfile+0x3ab/0x950
[  222.234744][T16517]  __x64_sys_sendfile64+0xbd/0x150
[  222.239868][T16517]  x64_sys_call+0x2c9f/0x2d70
[  222.244574][T16517]  do_syscall_64+0xc9/0x1c0
[  222.249131][T16517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.255040][T16517] 
[  222.257434][T16517] value changed: 0x0000000000000000 -> 0xffff88810828da50
[  222.264639][T16517] 
[  222.266970][T16517] Reported by Kernel Concurrency Sanitizer on:
[  222.273131][T16517] CPU: 1 PID: 16517 Comm: syz.1.4154 Tainted: G        W          6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0
[  222.284790][T16517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  222.294869][T16517] ==================================================================