last executing test programs:

5.101696964s ago: executing program 0 (id=3256):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f0000000c80)='./file1\x00', 0x1004491, &(0x7f0000000380)=ANY=[], 0x2, 0x826, &(0x7f00000012c0)="$eJzs3U9sHFf9APDvuHacOGp+1e/3U4miNJ0kRUpE6q7t1sXqoWzXY2dae9faXaNEqGqjxilRnLZqVZVGiJJLCwiEOHEsvVa99AZCAokDcEKiBy4cKlXqBVQQSAiEkIJ2djde/1k7ThynlM9n1X2zb957897sZL87W7+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiqUyXSmNJzOXVxTNpf5Xpem1+k/Xd9n6+KtlkuxFJ67/YuzcOtrMO/v/K6ntbT8ficPvV4djbSvbGlf333vPY/w0OdOtv0qGbdbT/qqHeF0nEN1udunRueXnp5dvQkV30nZ92FvbecJV/XGs9z2bVvFHL58uzWZo3aunU5GTpodMzjXQmn8saZxvNbD6t1LNys1ZPT1ROpmNTUxNpNnq2tlidnS7PZd3MRx8cL5Um0ydHF7JyvVGrPvTkaKNyOp+by6uzRZnx0mvRKvNo60B8Km+mzaw8n6YXLi4vTWzV1VahsVU5w6sOnMMP3PPxqx/99eJS64Ds10jSOTDHx8bGx8cmH5l65NFSaXC8NL46o7RGXC8RAxGtErfloOXO2r9B3mDniFm3IuLa/+zMhzfcooFO/I+5yKMai3Em0khjoHheeQxFJaajHrWYb73+3dCa9evi/+cf+tNvNttub/zvRvmDK6sPRRH/j7RfHekX/9f1Ygceg/1arb7X7k1v3ivxelyJS3EulmM5luLltbX2rK2xweNGytzyY7idDuxsq7ORRTXyaEQSecxHuchJi5xapDEVkzEZpXgmTsdMNCKNmchjLrJoxNloRDOy4oiqRD2yKEczalGPNE5EJU5GGmMxFVMxEWlkMRpnoxaLUY3ZmI5y0cqFuFjs94k1/br3G8/+5Pnffvx2a/l6obFNBpK0vszt/zDiL5sUWhfutxH/WyUGOkf3rsQkdsnebb6rO/PBDTvgWhH/B+90NwAAAIDbKCl+fU8iYijuK5Zm8rnsK3e6WwAAAMAOKv6u+XArGWot3RdJ6/y/tEHJDyKGd717AAAAwA5Iijl2SUSMxP3tpe50qY1+BAAAAAD+AxX///9IKxmJeKPIcP4PAAAAnzHf6neN/Y/2FNfYHYnGwnDysz9HvT6UXF0480ByudwqV758V7teJ/ny9RabM4eSA51GimRy8Mr+JCIGK9nhpHv1y3915hJ8UjwfWrkAYb9r/SdbdCA270DxKr4bR9tljp5vp+e7a9pbGZnJ57LRSm3usbGk8+NI89UXLn4tiuF/uzp/IIkLF5eXRp97cfl80ZerrVauXu5cHj7p1opoT6jYpC/XurMp7tt4xEPFRIzOdkfa2y31jr9zNdmBzcef9G7zzTjWLnNspJ2OrB7/3tY2x0YfG4ty+cBAMzvTfPVaz+g7vRhbGflwd7TJNt6FN+N4u8zxE8fbyQa9GF/VixfW92K8d//f2L644V68ffSNM3/7ZS3JJrbqxcQt9gLgTrlQXPVnJQrtK6LQP6+1tQLamri7r1tzO59yF1a+ZXTr98S6wVgX3dObie5vxol2mRPt7xODhzaIK6UNPtFfuvjSrzqf6A+/+8MfPX3k1++vievb6MW7cbJdppPE//6iT4xtjfl7a6LqO60a7/TdbmNuPHlteGIoad98KK48ePHyueeXnl96YXx8YrL0cKn0yHgMFV8VOkmfnoo8AP/dtrrHzvtfv1603114koe3OKtOBrt/UjAaz8WLsRzn41Qx2yAi7t+41ZGeP0M4tcVZ60jPHV5ObXFuuVJ2fG3Z4eNJ9Ck70bPHPveDIvn7bXpDAGAXHNsiDidxT/uyP6/d3amxpsRdSXKq97z7qxFxqF/MbcXyk+0b53bPjqN/LO/1h076xd3YKQDwGZfVP0lGmm8l9Xq+8MzY1NRYuXk6S+u1ylNpPZ+ezdK82szqldPl6myWLtRrzVql+9PxdNZIG4sLC7V6M52p1dOFWiM/U9z5Pe3c+r2RzZerzbzSWJjLyo0srdSqzXKlmU7njUq6sPjEXN44ndWLyo2FrJLP5JVyM69V00ZtsV7JRtO0kWU9BfPprNrMZ/JsKM2r6UI9ny/Xr0bE3OJ8lk5njUo9X2jW2g12t5VXZw7U54tmR9cP/4+7vb8B4NPgldevXDq3vLz08s0t/P5GCt/pMQIAq4nSAAAAAAAAAAAAAADw6bd+ul4rd1sTAYfipqcPvjIcrYV9N1u9tfB0ZyS3MItxk4XB2OEGN1/4wnvtwexEg+vbGerm3L3VvM99q97TPZ1dvEs7YScXnn388UtXrkZEkZMM9u7eJ944ePrDLLqj26Sdjf+lbDTV9a0DEXt+/P12zpf6FE4Gd3ikH3QHuL3q15JN/uHv6scQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyQfwcAAP//LdJG/Q==")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f00000004c0)={'filter\x00', 0x7, 0x4, 0x3c8, 0x1f8, 0xe8, 0x1f8, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@arp={@multicast1, @multicast2, 0xffffffff, 0xff, 0xd, 0x1, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}, {[0x0, 0xff, 0xff, 0xff, 0x0, 0xff]}}, {@empty, {[0xff, 0x0, 0xff, 0x0, 0x0, 0xff]}}, 0xe, 0x3, 0xff, 0xfff1, 0x5, 0xfff, 'caif0\x00', 'veth0_to_batadv\x00', {0xff}, {}, 0x0, 0x80}, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x80, 0x6, 0x3}}}, {{@arp={@multicast1, @remote, 0x0, 0xff000000, 0x4, 0x8, {@empty, {[0xff, 0xff, 0x0, 0x0, 0xff]}}, {@mac=@multicast, {[0x0, 0x0, 0x0, 0xff, 0x0, 0xff]}}, 0x0, 0x9, 0x1fdd, 0x3, 0x7, 0x2, 'syzkaller1\x00', 'rose0\x00', {0xff}, {}, 0x0, 0x982521f66ee8fc8}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @mac, @broadcast, @empty, 0x2, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x5, 0x8000, 0x2}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)
ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r6=>r1, {0x9}}, './file0\x00'})
sendfile(r6, r3, &(0x7f00000002c0)=0x7, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=@newsa={0x13c, 0x10, 0x413, 0x0, 0x25dfdbfb, {{@in6=@dev, @in=@remote}, {@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x6}, 0x0, 0x32}, @in=@dev, {}, {0x0, 0x8, 0x0, 0x8000}, {}, 0x0, 0x1000000, 0xa, 0x0, 0x2}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x40}}]}, 0x13c}}, 0x4000080)

5.009103734s ago: executing program 0 (id=3259):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000200), 0x800, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

4.898260796s ago: executing program 0 (id=3261):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xec6, @void, @value}, 0x94)
ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, &(0x7f0000000c00)={<r3=>0x0, "2bbcda6a215243e6dcfe577b1fbeb744"})
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000001c00)={r3, "22464fbd63748a9378dc7121bdedbe41"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r2, 0x0, 0xefffffff}, 0x18)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r4, 0x0)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r5, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

3.349880205s ago: executing program 2 (id=3275):
socket$nl_route(0x10, 0x3, 0x0)
gettid()
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r0, 0x0, 0x2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x8000f28, 0x0)
splice(r3, 0x0, r2, 0x0, 0x7f, 0xe)
write(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000a44000/0x4000)=nil, 0x4000, 0x0, 0xbc32038f2d035af6, 0xffffffffffffffff, 0x2882c000)
syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r6, &(0x7f0000000380)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000500)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000002c0)=[{&(0x7f0000000600)=""/183, 0xb7}], 0x1, 0x0, 0x6}}], 0x48}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000002380)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
r7 = open(&(0x7f0000000040)='./file1\x00', 0x105802, 0x22d)
pwritev2(r7, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f0000000300)="5811d0", 0x3}], 0x3, 0x8c81, 0x1, 0x16)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf55"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3.340867055s ago: executing program 3 (id=3277):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
epoll_create1(0x80000)
lchown(0x0, 0x0, 0xee01)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000152e000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000010400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
syz_open_dev$hiddev(0x0, 0x2, 0x440)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)

2.797549401s ago: executing program 2 (id=3281):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r2 = fcntl$dupfd(r1, 0x0, r1)
write$sndseq(r2, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0xfc, 0x9}, @queue={0xee, {0x7, 0xc9a}}}, {0x0, 0x0, 0x0, 0x0, @time={0x367f, 0xfffffffd}, {0x0, 0x5}, {0x80}, @time=@time={0x9, 0x1}}], 0x38)
read$snapshot(r2, 0x0, 0xffffffbf)
ioctl$SG_GET_PACK_ID(r2, 0x227c, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
r6 = socket$key(0xf, 0x3, 0x2)
r7 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x0, 0x800}, &(0x7f0000000240)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x3, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x23, 0x0, {0x2}})
io_uring_enter(r7, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10)
r12 = socket$kcm(0xa, 0x1, 0x106)
close(r12)
write$nci(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="414601", @ANYRES16=r3], 0x4)
r13 = socket(0x28, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r13, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x10000, 0x0, 0x0, 0x0, 0x2}})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r14 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r6, @ANYRES32=r14, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r15 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r15}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x0, 0x5b5, &(0x7f0000002a80)="$eJzs3c9vVNUeAPDvnZkWSt977SMvT3FhGg2BRGlpAYM/FrAnBH/s3FhpIcjwI7RGiyaWBDcmxo0LElcuxP9CiW5dmbhw4caVIUFj2GiMjrkzd4ZhOtNOS4dbez+f5Lbn3HNvz7nQb8+Ze8+ZCaCwJtIvpYg9EXE5iRhrK6tEVjjROO7ur++eTrckarWXf0kiyfalRyVt541mJ/85FvHtV0nsLq+sd2Hp6vnZanX+SpafWrxweWph6eqBcxdmz86fnb8488zM0SOHjxydPvhA11dqS5+4/sZbYx+cfPWzT/5Ipj//4WQSx+LnM42y5nVspomYiN9qtfc696f/rkc3u7KclFu/J/cknTvYsipZjAxHxCMxFuW2/82xeP/FXBsHDFQtiagBBZWIfyio5jig+dq+v9fBpQGPSoCH4c7x9OtQl/ivNO4NxngMRcTejvO63NLbkLSOb74+eT3dYkD34YDulq/tyFKd8Z/UY3M8dtZzu+6W7rvPm44ATmXf0/0vbbD+iY68+IeHZ/laRDzabfy/dvy/1hb/r2+wfvEPAAAAAAAAm+fW8Yh4utvzv1L2bG5nPFF//pc0nv99d2+F4LFNqH/t53+l2x2HJJtQLZDN/3uh6/zf1hzf8XKW+3djNmBy5lx1/mBE/Cci9sfQjjQ/vUodBz7cfaNXWfv8v3RL62/OBczacbuy4/5z5mYXZx/kmoGGO9ciHqv0nv+T9v9Je/+fSf8eXO6zjt17b57qVbZ2/AODUvs0Yl/X/v/eMDtZ/f05purjganmqGClx9/56Ite9Yt/yE/a/+9aPf7Hk/b361lY388fjohDS5Var/KNjv+Hk1fKzZ+fent2cfHKdMRwcmLl/pn1tRm2q2Y8NOMljf/9T65+/681/m+Lw5GIWO6zzv//NfpjrzL9P+Qnjf+5dfX/60/M3Bz/slf9/fX/h+t9+v5sj/t/sLp+AzTvdgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP1EpIv4VSWmylS6VJicjRiPif7GrVL20sPjUmUtvXpxLy+qf/19qftLvWCOfND//f7wtP9ORPxQR/42Ij8sj9fzk6UvVubwvHgAAAAAAAAAAAAAAAAAAALaI0R7r/1M/lfNuHTBwley7eIfiqeTdACA34h+KS/xDcYl/KC7xD8W1wfj3uAC2Af0/FNVQf4ftHHQ7gDzo/wEAAAAAYFu59fyzN5KIWH5upL6lhrOy1oPBkbxaBwxSKe8GALkxhxeKy9QfKK4+J/8C21jSSv1e61bee/Z/MpgGAQAAAAAAAAAAAAAr7Ntz6/s11/9H1KwThO3H+n8oLv06FJf1/1Bc1v8Da63it/4fAAAAAAAAAAAAAPK3sHT1/Gy1On9FQmKrJYYiYgs0I4fEcP7hmfMfJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOXvAAAA//9JxiYA")

2.670084873s ago: executing program 0 (id=3283):
socket$nl_route(0x10, 0x3, 0x0)
gettid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0, 0x0, 0x2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x8000f28, 0x0)
splice(r3, 0x0, r2, 0x0, 0x7f, 0xe)
write(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000a44000/0x4000)=nil, 0x4000, 0x0, 0xbc32038f2d035af6, 0xffffffffffffffff, 0x2882c000)
r5 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
lseek(r5, 0x2004, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r7, &(0x7f0000000380)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000500)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000002c0)=[{&(0x7f0000000600)=""/183, 0xb7}], 0x1, 0x0, 0x6}}], 0x48}, 0x0)
r8 = open(&(0x7f0000000040)='./file1\x00', 0x105802, 0x22d)
pwritev2(r8, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f0000000300)="5811d0", 0x3}], 0x3, 0x8c81, 0x1, 0x16)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf55"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

2.669355693s ago: executing program 2 (id=3284):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r2}, 0x10)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x22000000}, 0x3000c010)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)

2.444849094s ago: executing program 3 (id=3286):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [], 0x6b}})

2.373105566s ago: executing program 3 (id=3288):
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)

2.352159645s ago: executing program 4 (id=3289):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xec6, @void, @value}, 0x94)
ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, &(0x7f0000000c00)={<r2=>0x0, "2bbcda6a215243e6dcfe577b1fbeb744"})
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000001c00)={r2, "22464fbd63748a9378dc7121bdedbe41"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r3, 0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

2.009222019s ago: executing program 0 (id=3290):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$unix(r1, &(0x7f0000000240)=@file={0x1, './file0/file0/file0\x00'}, 0x6e)

2.00711809s ago: executing program 4 (id=3291):
openat$sndseq(0xffffffffffffff9c, &(0x7f00000011c0), 0x0)
epoll_create1(0x80000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bind$tipc(r2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000400000000000000000000850000002c000000850000002a00000095"], &(0x7f0000000400)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r3, r1, 0x25, 0x0, @val=@netkit={@void, @value=r3}}, 0x1c)
syz_emit_ethernet(0xfdef, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaa"], 0x0)

1.936684621s ago: executing program 4 (id=3292):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
mount(0x0, 0x0, 0x0, 0x2200020, 0x0)
r2 = socket(0x10, 0x80003, 0x0)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
close_range(r2, 0xffffffffffffffff, 0x0)
syz_clone(0x44044000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.936039691s ago: executing program 0 (id=3293):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xec6, @void, @value}, 0x94)
ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, &(0x7f0000000c00)={<r3=>0x0, "2bbcda6a215243e6dcfe577b1fbeb744"})
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000001c00)={r3, "22464fbd63748a9378dc7121bdedbe41"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r2, 0x0, 0xefffffff}, 0x18)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r4, 0x0)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r5, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

1.780697623s ago: executing program 2 (id=3294):
syz_io_uring_setup(0x110, &(0x7f0000000300)={0x0, 0xfad6, 0x80, 0x0, 0x87}, &(0x7f0000000240), &(0x7f0000000280))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x128000, 0x800}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
sendmsg$inet(r3, &(0x7f00000008c0)={&(0x7f00000006c0)={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000000880)=[{&(0x7f0000000700)="b4ef5223644a2cd562d7e282dca8282b6475edf3e824fedc37ecfb4bc60b492d77bde83bf0c42b06767f2b7f2ffdc5ca4dd669a93e9dced7991b55f97314f177352008eb2f86a16eca50c49a8bf2ec879205b8962eb1609cb7ba8656a2221d9f7662b30a286e4ba8c173c95235b4722c019a63802e416b555757fbdce32d4829f48ee26b2ea62537a93058e80aac23c51f655e52465cd52e83e66132e941fb9a0d1d0d85d32bb2a8641cd4a6f7de0a1e9d37751bd8b849f7e7e35f0d791e0d53a9c35e1a84ad9a42ea076d26db3d9da3fbd176cfaaedbc3a2984d70457a72ca531", 0xe1}, {&(0x7f0000000800)}, {&(0x7f0000001a00)="83eb7bd71913bf0031440bc49267da4ec08e1d0388dabf867fa9199f4a27d54ad3704ef7fa67105571bb71ad132a0ca267d3a85dbad71c6595cda8d8dddb105cd3086a17f28ed006131f0987ef1ea22b1f7ffc1ec8332dbd5a4459944a40b59c9632ec09e1b516b0a224c91b9e291078fc2fc452b63b76d20f62a4f58b3fe223b45095b7cc9768db818a751ab24be06d46cd46530569c18b03ffce4c420f1ffeb17797e82fa1045dd57c8bef4ce99f4dec34f9afa16522f5a9637d9bdff453a0afe258bbb7eea72289b6e0ea7c0652a38c7a6948ba297a19e44c80761de43c1402ea2e1c00779bf7c2325c66449d831a51d51b137c165970bbaea50b01c77c676a4563aafa0ec90ae4d141a81ea6c3b1e11aa9afac4bdd292d987c483eb4e3026a8daab57e2ddb7b140880c9c4cfca8c87e0d15eb26e285642ca8973be2eb15afaa2bbe773a747333f625ba59d74eed51ec470df36c52970b5b77d851c3577f38fa7c6e1260627cd27382cd8301833d7c20b78de75c01cf8659276ec80e856e6dbd412462e5f64a236844f97ddb03ebf5ba04ce07dd8e196533e73b00b7677e6e3c5f8c682032e8cd8d969778adfdef797cccd905b44927c93f585771ed38a0d183df9943a9451aa88af1c14ca9054ef586a69ae5ed90c4798eb69ea12ea52fa64ff44bb7d6f9ca71a7eaf00a45e4f926c5ae50b002ec0c4ec5115c795eac2bbc3812e031e29391e8f200cf8525d9daaeb50a695933c0a631801dfc77b49596c16fdee50a68a55fcc7650e9721f7fedaea4eedb82f9d3b2e24d8669b4d726a0c778f4df839f00bcc511441591eabebeb837f79bf3e1bd4ec650d612cae597271c19a9c8af2f6c55ab5c07c10edf6833782acaa4fbce58ca67741d77600066206481103724686168db4d63f89178c8bbdba8331cc1e4ac4f96fde5d2d73ee0c12c7c5b73e6f4edef5b55dc662ceada29765dfe3c1fab0c088d1316eb3b8407b742984d6ae4672f535a15c1123a02f4b863ddc8fb0cfb166600c2ca4a753acb40940ed213546c6b58ed10d061c35f25798c7ab5349243ffa9fa6e8caf110c45d0109034315ac058c9541774062b03438afefbc30cf68401ee3820cbcececa5fe4d8d430b5d843b5e931af8ec5bceceece6e67f46a97a20a3394848db2b7c5d0b00c4186bee30ca95fd61803eaa38d18cbbe292a2ca0e9260c67bf71f42219a135531e72974ce0725b9bea7b57fd3720b538b6b4948d5d020f3f33108bac5d0f9eec52c62297d9760a1aef80a9c46ca93eae61a6fb5e16fdc59583e49feb8c8e6865f756ba574657e045bca84faa162c42bd638a4ee0498bf93ad33e3e29846a0323e2cc10ac7217ee8c1fd0a9ecceb173e7fa2634c6e626b5ac71749910cf616265a4f23be0f33549ce55bc48257926b0fa98dce9f0e285c08cc45be1293add93b5ec072d64d52cbd3780f6055d1eebbf4ced6949e5a3f821f8ac6ee5e353a4250ece8516b63baeaa7929e20867c419556b7f6f169379182f67f83e3fe4621c851e52a3bc41816c7beb7f748808accef775aaa236b1cf08f814f7748d395fb8c4f3c1096c1f348b1efe788ef71a0bf45fea5d77cbdb0d86b3ebb9e6e31c82dde21517abbf0d32bcce75902c929b1c3abe43db2e591c6b8c685791593580eb0d70a793412a8a5ec3b2e6d999767aaa4b46a05d934a9c04952e311bcf7335414d385c573c397e5caf374542943d0d91c7e22dfe97c7def54c8f62998740aa52ef2604f8315a9d284f01f3106a1601d98b4d0aa8c1c4208d32cc37b4288377064a533d561cc3eeeed1e126593a78dbf36443f1b42816c870ddb9d05e6c318954d62e578a484da114f75237c9bea8f8d81c17f2c7c98201dc91af6d337467433314ad644d92c3830ec1f540486a019f19eba8ffc39745f0313b56ea682e95844e7cdf97b9dc0d071a985d1f98fd9f808cdaa7c0c6ce0ff01122b33fca374db179e0cd241b13501f80e6c8537a7fa3dffb513c5a1982335107664152f342d4587bdc370fda8a0155c5cb62806b8bfcc2a9a6cb99d1cff213b05b3b6258cdbb902bdf9e6512f4d03b1e502118ac63bcba55f685ff00fbb996705bee7a55ce408a1d30a434f4112f91550f676ee3435bad43819d87bbe39f618afdd485d7a055a29041e1345153190a787d7888eff3c2a9934907b6c7a50d0d7ad81cb45487540d36068826cdd4d498e05f59c9a0f858f04ad8ce288dbf0f23d7daa3c3bc52df786a4a81ccf503aa8547166005197b99e079e41f46313783a608df5ec9ac29833c6cbd9184f6e10c1b2cfe62e7e07d8bb4700dc9bcf0f3c1a10f3c81097e8ed0f334a1d97645dd843baecb9bed21d29f11dadf5c4c8331b6d927b05ec091aa6405ec706f9efdc5c3c4cd8341c0c78b5b81177341d1a2113bd05ebde059f4e8b55c7b6eaa8ca34ddf269ecf59a3e15fe7c7847bb9fbdceedfedc1d24bdaff9f704f88481bad9abff8ec434ed17e96f8695cb4cb747f635d2d9b2dbd66f8c828d436bab42930c8d67dee353dd4ae1f5e2affede6e24ed7abef1d9fa6be9448633913f6db955ef2f11359bcb22d5f489194f5c5183476be85b3c9e56fb1f350e1a2abdf60edb659d85c3772d9cdb43dd254a903a7452a8eb92437b8035e142dacf2902acd217552f5167277e9f5b7f425057690a0af45bd1db97cf8d6cec1541206d08a9e6554054e94e6a851745ac82777b91f5ca4a13fd7ef50dd4e28df518925c2267833a9df46b4c59b2d00972aa3498de18570332643c604f0147db9ff6d1f9a0df71b0bbdaf185668bbdd795794794227232f715aa33df059420f23eb2f0161a8419fc51f2cfe50c48a25b65a936f6b90b492352fde1100528491d4c17b40e538fbcb4f0974a2e356804dd274b4eb7ded765e0af0caea3e4960903d7bdaee56cf8c4bf543b7d70d7dc0bf5af8051d9f0a7ccaa65abc9793b5ab2c831d891bb236795d3887ee1708c94cde9546ac9ee63d7ce899a9f939d725575fa5648374e4eae4eb967d97c3aca5309c4e17f05695e92283f91a6002914a94ae5a3f58223b8d28c76d1a81a699cc52a06fc9bd1241b948c6e31304727cb14c2520ad97afd1f39119a9b4da5d26773d53425aeb69afb645be74d162fccda4f9f6acc0adefa63b830a7714225ee2f3630c5e277b118fa7d7a40bff7f502782f9c54bf82897bdf3f099755eeeeedcbbf52f20f68a40dc31049e2306d5f62611235ac760cea94bec0043900af392de83a45569501cfc68688add7d50454501a136ea32bb3a0166ec8802f148dfe1890da314818d639262c2798818e41395a8dfb9abaefa684495d7162a656643a8dae29719b37b86e5d07daaf8c085b58934c6303596ce2ae349aa66adb16027d76f050a056f038f7362dbdd33b3426cb5634353c4d4a141044d617e8176ea3db9cf4377e3e6ebd45de753b19f85e2ce5b8c098e5601516c68f1a2970f10bb6f3be5467f0052f30240a37948bb9852d9121539c55170ff4d8b946ce7bb1169f7d574a79aa1ead1c6247056dac8c784ddaf57c9c22450702e5bac1e0d2ba94a9455f878f7449d737fe1a70a98a1d95d3e3fcc2ae4c480ba1c4c675474ae7d69bb9b915321ba757aaa4c9ac15c3379d3c0f882f2f16e54c66fb70a5f73868b2c789bbdcd7eb031c7347c388a1c096da486c04acb0cc70fa09ec54ab4624e9745e2746a330560064259d3e55a794b5a337743fb6f846beb2ecc7c1ecc48f9f2352898efc50402ba5ba9a8c0cff8619e7c5a5620dfa5377149e1d642ef17d2776b197a2333f2becce9bed00eca2c24dc2371d17f6a6ffb017ff7868460b0ea277409d724c8e823acade052966e9b20a909f536613c962464e677f73b9854df39302685b755c603796145d364c6f0d0c5717c89200955f4e142f401a1a91e47e3593b676bba6a31fe1d827004e4d4e04ebdcd011744ae17f2351341e538243256a3ba64b6f97e371f7c23cc02bd12e98fe06689409b49de8b135a40781ddbd3579c32b3fbe5ff5f95cfe7ff5ed2038f760a7c901ea782cab86a5ef270391391584c93538c3ffa3dbd89f17af64f5285457d4c18958d8ddcc0c4fba5bff59e19464dc655c7afb4edcc082b24d49999c65a378a3a4a26af36cdf46d108558d2f9ba7e6dd353c3f426c4d4dc54a8bc7720b69af0c249ecdfa1a9353e54b724e4918b2fcc5cb4067413668865d8043f59717fdcfd3e9d550e7ee1c78139fcfd0c5c90c0e1544b6b420527f469eac308cc1811a5f589c91b2aaaa4ba759344e35877cb033b3bcc97ed3cd0b590eb656338a43ab1a4b770fa006b835a7674229be3f5abadf9a2478644f11af485c6cb2df3cc953fc5df9e7c5aff266cf7c828ea68245377b5db30db3d34a05137da9752e6a358254b9a7dbe1a5fcfb41b841d6c0dbcda1a60751905fc204e285c060d08daecee968c5f8e61047af7d9d658cf7afdcfff0118ed6bb747f3477b0186771c2907fd17464948c90e09b43bcf2584582024e2d2c347f7c8d6e10df260959aa15230ae313eb8ae608af3d753aa27190b0b1e76990f6af55f5ce5f4030913af30703ec50263c7bc48626f42230484945d294bb69875ecf39157b8ca9b604209f55eaad8eb271233f0a2b34f19daacd9dadb43733b1028bdcbd9e784639a845d6118349b4cd4aa963c92eebcd84c154c165d60283488c980591dad1973ad0ce2cdbc9d0f90e45aeeedbab9e792fbb15f100d2cfcbbb57d25648fc4607c406c9f29cb3d95dff0e5e486c02e77a462e973b5aac9fc839ca744e7e0086d52342068e25c4c7a971b77b9b72dee55616a413e214b3190a8fb33590c9823e72b95d915d2547da0559a5978b585c31691bb89a442ff80a42fcb323f382893d99c2b2e0797e7963f5f72e1ff8a938f5b6cf4e0cebe32ba7d3194baf898ae488dc8dea0666b80508bb2a194e8732c2daaefb8c9094d49c68c8b583b7771262e776d57d92e3e13838330d2b003a2d815ad37abf5aaecef191946ce8ad6282767982b7e7369410b91de73fd6a059d7d831cb2b851b932029354679998b11a50097722a05044a597cd3d2563161e8ed7ff74aabda9f9ff2a5d6df0f53fc620e2e2ae417dbeca1b382ec2f2458e98400f348ed60f855ff7918630c10bcd8dd1c3a0e4088fd85cbc69d58ba14b1da155537362d3d666bc5ce7f7fa6449630e0eb848e2db28257f21ede061567899bfa3fbce90eee3cec37e06b7e56630cb34b5ea36245e6c52dc8ae647b5efca48e05997f857f510388a0544b1a09fc48bf7ebaad1a7a762f1f9a9ab21410981132bfd1396225421ae1b643b7f6194901d5c20667398ac762fe5324536edc2d49104858ada5a3692ec314e62f6565678ca88da93e6181dcd46970d1d8d4a57ff6ceb612c0ecb4242977e745f822aeddee2b95273618625d667822970c795c83f45d11389923c7bb744ad7de14e65a30266b76647a29ae4fcb79f5899f3489503392068e4320c78fe5799a56eab69d31b034a622793a8295a5cf6682c3cc3057ba1fa10b08079201ddbfeaa1c820a047acb66bf026ce71fe0b92478f9f798decf2840b8b8afebde9c77458c5eea9c16d39dfe3f786c3ad15b72e88eab9c87e64c154204d451da9737e0187754e2db42970f30c051f54a9c15892ae641cf58cc078e4325d9f03311f8a12334db4bca4c3cda2fb420fab1b83d37807fe1dbd4fbfe18c2e1f38d0554361a62d4c2f966b8f513d92d19547685549a7418e49255c93868551c59ef430d0e9c04d9b79ac", 0x1000}, {&(0x7f0000000840)="80599b9a9d799e2b9030ec4db34dc82b765e5702e514efeefa4cbfffd52fe03a6c70741f10f8454d582c0f1748f3", 0x2e}], 0x4}, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x20, &(0x7f0000000040)={&(0x7f0000000500)=""/136, 0x88, <r4=>0x0, &(0x7f0000000a00)=""/4096, 0x1000}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
pread64(0xffffffffffffffff, &(0x7f0000000180)=""/59, 0x3b, 0x1c)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="500000000206050000000000000000000000000005000400000000000900020073797a32000000000500050002000000050001000600000016000300686173683a6e65742c706f72742c6e6574000000ac93fb953de1f15bc0f901f2a0ebdf22da11efd2a9b37253b4defc3d7a227b281ccd4641c6b863eafeb808000000fa2585e03c168cd790d2cdb2df8ff1bc4621409034c521308c5296606a7e70a6c7fc507f497c1749869e5e3681a10d44d9b3d4d556bcbee08d1bd2cd01007e77d9d1042ce683823ad92de23ea7c8635cb8f34639a16921d9b40db2a3e582ff6db693300c0eef7d321d0baa3a8af8d17a"], 0x50}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000900)=ANY=[@ANYBLOB="1c000000030601080000000000000000000000040500010007000000a3ebe770794b9eab84ed657e89e0e955933ab66e1699d56927dab21dce1a56bee0d7407323a56bb6a7a14dc6d93a3d9f715a5b85a5a6f849c725cd094266038548433b4d920f2d1d602ee3c33922f159d0b7ebcdb5b4767d311153ca232d5ec8e2b82b1e9a586f0b58727c74215c722cead1817db71a702a5592c78e920f1d56d6115714986bdee9fc8da95222a5"], 0x1c}, 0x1, 0x0, 0x0, 0x20000043}, 0x4000)

1.725713244s ago: executing program 2 (id=3295):
shmctl$SHM_LOCK(0x0, 0xb)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00'}, 0x18)
r3 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000002c0)=@chain)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000000)={[{@errors_remount}, {@nobh}]}, 0x3, 0x519, &(0x7f0000001300)="$eJzs3c9vI1cdAPDvTOJtsptiFxAqlSgVLcpWsHbS0DZCCMoFTpWAcl9C4kRR7DiKnbKJKkjFf4CQQOLEiQsSfwBS1QN/AKpUCS6IAwIEQrCFA+JHB9ke041jJ6k2yezGn4/04vdmxvN9byy/+eGXmQAm1lMR8VJETEXEsxFRzqeneYrDfuou987d11a7KYkse+WvSST5tMG6uuXpiLiRv20mIr725YhvJsfjtvcPtlYajfpuXq51mju19v7Brc3mykZ9o769tLT4wvKLy88vL2S5+2pnZZD5yZc+/8anv/W723+++e1utT73kSjFUDvOU7/ppd62GOhuo92LCFaAqbw9paIrAgDAmXSP8T8YEZ/oHf+XY6p3NDdkqoiaAQAAAOcl+8Jc/CeJyAAAAIArK42IuUjSaj4WYC7S9Fp+beDDcT1ttNqdT6239rbXuvMiKlFK1zcb9YV8rHAlSkm3vJiPsR2UnxsqL0XEYxHx/fJsr1xdbTXWCr72AQAAAJPixtD5/z/KaS9/uhH/JwAAAAA8uCpjCwAAAMBV4ZQfAAAArr7h8/83CqoHAAAAcCG+8vLL3ZQNnn+99ur+3lbr1Vtr9fZWtbm3Wl1t7e5UN1qtjd49+5qnra/Rau18Jrb37tQ69Xan1t4/uN1s7W13bm8eeQQ2AAAAcIke+/ibv04i4vCzs70U+X0AAY74Q9EVAM7TVNEVAArjLt4wuUpFVwAoXHLKfIN3AADg4Tf/0eO//w+e/+/aAFxtxvoAwOSZjtmiqwAUpGQEIEy0NCI+0M8+Mm6Zsb////KsUbIs4q3yvVNcXwQAgMs110tJWs3PA+YiTavViEcj0kqUkvXNRn0hPz/4Vbn0SLe82HtncuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgL8uSyAAAAIArLSL9U9K7m3/EfPmZueHrA9eSf5bjj3nhR6/84M5Kp7O72J3+t96zvK5FROeH+fTnxj4+DAAAADhvyeHYWf3z9Px18VJrBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAEeOfua6uDdJlx//LFiKiMij8dM73XmShFxPW/JzF9z/uSiJg6h/iHr0fE46PiJ/FulmWVvBbD8dOImL3g+JXephkf/8Y5xIdJ9ma3/3lp1Pcvjad6r6O/f9N5ul/j+780j/x4r58b1f89emxtzZExnnj7Z7Wx8V+PeGJ6dP8z6H+TMfGfPra2f2dZdjzGN75+cDAufvbjiPmR+5/kSKxap7lTa+8f3NpsrmzUN+rbS0uLLyy/uPz88kJtfbNRz/+OjPG9j/383ZPaf31E/N/+pt//ntT+Z8atdMh/375z90P9bGlU/JtPj9z/zsSY+Gm+7/tknu/Onx/kD/v5ez3507eePKn9a2O2/2mf/80ztv/Zr37392dcFAC4BO39g62VRqO+e0Jm5gzLPIyZX8w8ENV4n5nsO/1P7oRlysXV8F9nXrh7tPrelEGrCt+8RzLZpcWaigekyf/PFNotAQAAF+C9g/6iawIAAAAAAAAAAAAAAAAAAACT6zJuJzYc87CYpgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnOh/AQAA///uxuBB")

1.543188415s ago: executing program 4 (id=3296):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue0\x00'})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r4, &(0x7f00000015c0)=[{&(0x7f00000002c0)=""/4094, 0xffe}], 0x1, 0xf0, 0x3)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000380)={0x1d7, @time={0x65757901, 0x2}, 0x4})
r5 = gettid()
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000000380))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000001440)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r8, 0x0, r7, 0x0, 0x3, 0x0)
fcntl$setpipe(r6, 0x4, 0xfffffffffffff000)

1.179118988s ago: executing program 1 (id=3300):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
r1 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_elf64(r1, &(0x7f00000017c0)={{0x7f, 0x45, 0x4c, 0x46, 0xa7, 0x0, 0x7, 0x2, 0x40, 0x2, 0x3, 0x6, 0xf3, 0x40, 0x39a, 0x10, 0x2ec, 0x38, 0x2, 0x9, 0x1, 0x200}, [{0x2, 0xffffffff, 0x6, 0xa8, 0x100000001, 0x8000000000000000, 0x2, 0x4}, {0x4, 0x7ff, 0xf7d, 0x8, 0x4, 0xd2, 0x6, 0x800}], "06a78b595b978825810030a685ef06e303340a1d79d7fa67458ee92cc5764872421b767eca2cd59c81ed604050d49676a225c8c818aaa16abfaa5f49af882de2f6a42cc037b9cb729b1abd8a62ca656c8676236a5dc1524a8369b79356ea17e70046cc74bb4b2bc3d5", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x919)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee3c0cb001829a", 0xc}], 0x1}}], 0x1, 0x20008000)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000080)=@ccm_128={{0x303}, "f1a0f9fff9e440b4", "881aae83544dfa6412f91b9057e3f415", "9dca43b6", "9ecb592c6ee49fbd"}, 0x28)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000800)={{}, &(0x7f0000000580), &(0x7f00000007c0)='%-5lx  \x00'}, 0x20)
r3 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000008c0), 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4, 0xe1b0, @private2={0xfc, 0x2, '\x00', 0x1}, 0xa77}, 0x1c)

1.05162216s ago: executing program 3 (id=3301):
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xec6, @void, @value}, 0x94)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000c00)={<r1=>0x0, "2bbcda6a215243e6dcfe577b1fbeb744"})
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000001c00)={r1, "22464fbd63748a9378dc7121bdedbe41"})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

1.01603834s ago: executing program 1 (id=3302):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
syz_open_procfs(0x0, &(0x7f00000001c0)='attr\x00')
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x7ff, 0x4000)
ioctl$USBDEVFS_SETCONFIGURATION(r1, 0x80045505, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getpgid(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r5 = gettid()
rt_sigtimedwait(&(0x7f0000000080)={[0x3ff]}, 0xffffffffffffffff, 0x0, 0x8)
tkill(r5, 0x7)

929.23713ms ago: executing program 1 (id=3303):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$unix(r1, &(0x7f0000000240)=@file={0x1, './file0/file0/file0\x00'}, 0x6e)

928.7214ms ago: executing program 1 (id=3304):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [], 0x6b}})

905.85952ms ago: executing program 1 (id=3305):
syz_io_uring_setup(0x110, &(0x7f0000000300)={0x0, 0xfad6, 0x80, 0x0, 0x87}, &(0x7f0000000240), &(0x7f0000000280))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x128000, 0x800}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
sendmsg$inet(r3, &(0x7f00000008c0)={&(0x7f00000006c0)={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000000880)=[{&(0x7f0000000700)="b4ef5223644a2cd562d7e282dca8282b6475edf3e824fedc37ecfb4bc60b492d77bde83bf0c42b06767f2b7f2ffdc5ca4dd669a93e9dced7991b55f97314f177352008eb2f86a16eca50c49a8bf2ec879205b8962eb1609cb7ba8656a2221d9f7662b30a286e4ba8c173c95235b4722c019a63802e416b555757fbdce32d4829f48ee26b2ea62537a93058e80aac23c51f655e52465cd52e83e66132e941fb9a0d1d0d85d32bb2a8641cd4a6f7de0a1e9d37751bd8b849f7e7e35f0d791e0d53a9c35e1a84ad9a42ea076d26db3d9da3fbd176cfaaedbc3a2984d70457a72ca531", 0xe1}, {&(0x7f0000000800)}, {&(0x7f0000001a00)="83eb7bd71913bf0031440bc49267da4ec08e1d0388dabf867fa9199f4a27d54ad3704ef7fa67105571bb71ad132a0ca267d3a85dbad71c6595cda8d8dddb105cd3086a17f28ed006131f0987ef1ea22b1f7ffc1ec8332dbd5a4459944a40b59c9632ec09e1b516b0a224c91b9e291078fc2fc452b63b76d20f62a4f58b3fe223b45095b7cc9768db818a751ab24be06d46cd46530569c18b03ffce4c420f1ffeb17797e82fa1045dd57c8bef4ce99f4dec34f9afa16522f5a9637d9bdff453a0afe258bbb7eea72289b6e0ea7c0652a38c7a6948ba297a19e44c80761de43c1402ea2e1c00779bf7c2325c66449d831a51d51b137c165970bbaea50b01c77c676a4563aafa0ec90ae4d141a81ea6c3b1e11aa9afac4bdd292d987c483eb4e3026a8daab57e2ddb7b140880c9c4cfca8c87e0d15eb26e285642ca8973be2eb15afaa2bbe773a747333f625ba59d74eed51ec470df36c52970b5b77d851c3577f38fa7c6e1260627cd27382cd8301833d7c20b78de75c01cf8659276ec80e856e6dbd412462e5f64a236844f97ddb03ebf5ba04ce07dd8e196533e73b00b7677e6e3c5f8c682032e8cd8d969778adfdef797cccd905b44927c93f585771ed38a0d183df9943a9451aa88af1c14ca9054ef586a69ae5ed90c4798eb69ea12ea52fa64ff44bb7d6f9ca71a7eaf00a45e4f926c5ae50b002ec0c4ec5115c795eac2bbc3812e031e29391e8f200cf8525d9daaeb50a695933c0a631801dfc77b49596c16fdee50a68a55fcc7650e9721f7fedaea4eedb82f9d3b2e24d8669b4d726a0c778f4df839f00bcc511441591eabebeb837f79bf3e1bd4ec650d612cae597271c19a9c8af2f6c55ab5c07c10edf6833782acaa4fbce58ca67741d77600066206481103724686168db4d63f89178c8bbdba8331cc1e4ac4f96fde5d2d73ee0c12c7c5b73e6f4edef5b55dc662ceada29765dfe3c1fab0c088d1316eb3b8407b742984d6ae4672f535a15c1123a02f4b863ddc8fb0cfb166600c2ca4a753acb40940ed213546c6b58ed10d061c35f25798c7ab5349243ffa9fa6e8caf110c45d0109034315ac058c9541774062b03438afefbc30cf68401ee3820cbcececa5fe4d8d430b5d843b5e931af8ec5bceceece6e67f46a97a20a3394848db2b7c5d0b00c4186bee30ca95fd61803eaa38d18cbbe292a2ca0e9260c67bf71f42219a135531e72974ce0725b9bea7b57fd3720b538b6b4948d5d020f3f33108bac5d0f9eec52c62297d9760a1aef80a9c46ca93eae61a6fb5e16fdc59583e49feb8c8e6865f756ba574657e045bca84faa162c42bd638a4ee0498bf93ad33e3e29846a0323e2cc10ac7217ee8c1fd0a9ecceb173e7fa2634c6e626b5ac71749910cf616265a4f23be0f33549ce55bc48257926b0fa98dce9f0e285c08cc45be1293add93b5ec072d64d52cbd3780f6055d1eebbf4ced6949e5a3f821f8ac6ee5e353a4250ece8516b63baeaa7929e20867c419556b7f6f169379182f67f83e3fe4621c851e52a3bc41816c7beb7f748808accef775aaa236b1cf08f814f7748d395fb8c4f3c1096c1f348b1efe788ef71a0bf45fea5d77cbdb0d86b3ebb9e6e31c82dde21517abbf0d32bcce75902c929b1c3abe43db2e591c6b8c685791593580eb0d70a793412a8a5ec3b2e6d999767aaa4b46a05d934a9c04952e311bcf7335414d385c573c397e5caf374542943d0d91c7e22dfe97c7def54c8f62998740aa52ef2604f8315a9d284f01f3106a1601d98b4d0aa8c1c4208d32cc37b4288377064a533d561cc3eeeed1e126593a78dbf36443f1b42816c870ddb9d05e6c318954d62e578a484da114f75237c9bea8f8d81c17f2c7c98201dc91af6d337467433314ad644d92c3830ec1f540486a019f19eba8ffc39745f0313b56ea682e95844e7cdf97b9dc0d071a985d1f98fd9f808cdaa7c0c6ce0ff01122b33fca374db179e0cd241b13501f80e6c8537a7fa3dffb513c5a1982335107664152f342d4587bdc370fda8a0155c5cb62806b8bfcc2a9a6cb99d1cff213b05b3b6258cdbb902bdf9e6512f4d03b1e502118ac63bcba55f685ff00fbb996705bee7a55ce408a1d30a434f4112f91550f676ee3435bad43819d87bbe39f618afdd485d7a055a29041e1345153190a787d7888eff3c2a9934907b6c7a50d0d7ad81cb45487540d36068826cdd4d498e05f59c9a0f858f04ad8ce288dbf0f23d7daa3c3bc52df786a4a81ccf503aa8547166005197b99e079e41f46313783a608df5ec9ac29833c6cbd9184f6e10c1b2cfe62e7e07d8bb4700dc9bcf0f3c1a10f3c81097e8ed0f334a1d97645dd843baecb9bed21d29f11dadf5c4c8331b6d927b05ec091aa6405ec706f9efdc5c3c4cd8341c0c78b5b81177341d1a2113bd05ebde059f4e8b55c7b6eaa8ca34ddf269ecf59a3e15fe7c7847bb9fbdceedfedc1d24bdaff9f704f88481bad9abff8ec434ed17e96f8695cb4cb747f635d2d9b2dbd66f8c828d436bab42930c8d67dee353dd4ae1f5e2affede6e24ed7abef1d9fa6be9448633913f6db955ef2f11359bcb22d5f489194f5c5183476be85b3c9e56fb1f350e1a2abdf60edb659d85c3772d9cdb43dd254a903a7452a8eb92437b8035e142dacf2902acd217552f5167277e9f5b7f425057690a0af45bd1db97cf8d6cec1541206d08a9e6554054e94e6a851745ac82777b91f5ca4a13fd7ef50dd4e28df518925c2267833a9df46b4c59b2d00972aa3498de18570332643c604f0147db9ff6d1f9a0df71b0bbdaf185668bbdd795794794227232f715aa33df059420f23eb2f0161a8419fc51f2cfe50c48a25b65a936f6b90b492352fde1100528491d4c17b40e538fbcb4f0974a2e356804dd274b4eb7ded765e0af0caea3e4960903d7bdaee56cf8c4bf543b7d70d7dc0bf5af8051d9f0a7ccaa65abc9793b5ab2c831d891bb236795d3887ee1708c94cde9546ac9ee63d7ce899a9f939d725575fa5648374e4eae4eb967d97c3aca5309c4e17f05695e92283f91a6002914a94ae5a3f58223b8d28c76d1a81a699cc52a06fc9bd1241b948c6e31304727cb14c2520ad97afd1f39119a9b4da5d26773d53425aeb69afb645be74d162fccda4f9f6acc0adefa63b830a7714225ee2f3630c5e277b118fa7d7a40bff7f502782f9c54bf82897bdf3f099755eeeeedcbbf52f20f68a40dc31049e2306d5f62611235ac760cea94bec0043900af392de83a45569501cfc68688add7d50454501a136ea32bb3a0166ec8802f148dfe1890da314818d639262c2798818e41395a8dfb9abaefa684495d7162a656643a8dae29719b37b86e5d07daaf8c085b58934c6303596ce2ae349aa66adb16027d76f050a056f038f7362dbdd33b3426cb5634353c4d4a141044d617e8176ea3db9cf4377e3e6ebd45de753b19f85e2ce5b8c098e5601516c68f1a2970f10bb6f3be5467f0052f30240a37948bb9852d9121539c55170ff4d8b946ce7bb1169f7d574a79aa1ead1c6247056dac8c784ddaf57c9c22450702e5bac1e0d2ba94a9455f878f7449d737fe1a70a98a1d95d3e3fcc2ae4c480ba1c4c675474ae7d69bb9b915321ba757aaa4c9ac15c3379d3c0f882f2f16e54c66fb70a5f73868b2c789bbdcd7eb031c7347c388a1c096da486c04acb0cc70fa09ec54ab4624e9745e2746a330560064259d3e55a794b5a337743fb6f846beb2ecc7c1ecc48f9f2352898efc50402ba5ba9a8c0cff8619e7c5a5620dfa5377149e1d642ef17d2776b197a2333f2becce9bed00eca2c24dc2371d17f6a6ffb017ff7868460b0ea277409d724c8e823acade052966e9b20a909f536613c962464e677f73b9854df39302685b755c603796145d364c6f0d0c5717c89200955f4e142f401a1a91e47e3593b676bba6a31fe1d827004e4d4e04ebdcd011744ae17f2351341e538243256a3ba64b6f97e371f7c23cc02bd12e98fe06689409b49de8b135a40781ddbd3579c32b3fbe5ff5f95cfe7ff5ed2038f760a7c901ea782cab86a5ef270391391584c93538c3ffa3dbd89f17af64f5285457d4c18958d8ddcc0c4fba5bff59e19464dc655c7afb4edcc082b24d49999c65a378a3a4a26af36cdf46d108558d2f9ba7e6dd353c3f426c4d4dc54a8bc7720b69af0c249ecdfa1a9353e54b724e4918b2fcc5cb4067413668865d8043f59717fdcfd3e9d550e7ee1c78139fcfd0c5c90c0e1544b6b420527f469eac308cc1811a5f589c91b2aaaa4ba759344e35877cb033b3bcc97ed3cd0b590eb656338a43ab1a4b770fa006b835a7674229be3f5abadf9a2478644f11af485c6cb2df3cc953fc5df9e7c5aff266cf7c828ea68245377b5db30db3d34a05137da9752e6a358254b9a7dbe1a5fcfb41b841d6c0dbcda1a60751905fc204e285c060d08daecee968c5f8e61047af7d9d658cf7afdcfff0118ed6bb747f3477b0186771c2907fd17464948c90e09b43bcf2584582024e2d2c347f7c8d6e10df260959aa15230ae313eb8ae608af3d753aa27190b0b1e76990f6af55f5ce5f4030913af30703ec50263c7bc48626f42230484945d294bb69875ecf39157b8ca9b604209f55eaad8eb271233f0a2b34f19daacd9dadb43733b1028bdcbd9e784639a845d6118349b4cd4aa963c92eebcd84c154c165d60283488c980591dad1973ad0ce2cdbc9d0f90e45aeeedbab9e792fbb15f100d2cfcbbb57d25648fc4607c406c9f29cb3d95dff0e5e486c02e77a462e973b5aac9fc839ca744e7e0086d52342068e25c4c7a971b77b9b72dee55616a413e214b3190a8fb33590c9823e72b95d915d2547da0559a5978b585c31691bb89a442ff80a42fcb323f382893d99c2b2e0797e7963f5f72e1ff8a938f5b6cf4e0cebe32ba7d3194baf898ae488dc8dea0666b80508bb2a194e8732c2daaefb8c9094d49c68c8b583b7771262e776d57d92e3e13838330d2b003a2d815ad37abf5aaecef191946ce8ad6282767982b7e7369410b91de73fd6a059d7d831cb2b851b932029354679998b11a50097722a05044a597cd3d2563161e8ed7ff74aabda9f9ff2a5d6df0f53fc620e2e2ae417dbeca1b382ec2f2458e98400f348ed60f855ff7918630c10bcd8dd1c3a0e4088fd85cbc69d58ba14b1da155537362d3d666bc5ce7f7fa6449630e0eb848e2db28257f21ede061567899bfa3fbce90eee3cec37e06b7e56630cb34b5ea36245e6c52dc8ae647b5efca48e05997f857f510388a0544b1a09fc48bf7ebaad1a7a762f1f9a9ab21410981132bfd1396225421ae1b643b7f6194901d5c20667398ac762fe5324536edc2d49104858ada5a3692ec314e62f6565678ca88da93e6181dcd46970d1d8d4a57ff6ceb612c0ecb4242977e745f822aeddee2b95273618625d667822970c795c83f45d11389923c7bb744ad7de14e65a30266b76647a29ae4fcb79f5899f3489503392068e4320c78fe5799a56eab69d31b034a622793a8295a5cf6682c3cc3057ba1fa10b08079201ddbfeaa1c820a047acb66bf026ce71fe0b92478f9f798decf2840b8b8afebde9c77458c5eea9c16d39dfe3f786c3ad15b72e88eab9c87e64c154204d451da9737e0187754e2db42970f30c051f54a9c15892ae641cf58cc078e4325d9f03311f8a12334db4bca4c3cda2fb420fab1b83d37807fe1dbd4fbfe18c2e1f38d0554361a62d4c2f966b8f513d92d19547685549a7418e49255c93868551c59ef430d0e9c04d9b79ac", 0x1000}, {&(0x7f0000000840)="80599b9a9d799e2b9030ec4db34dc82b765e5702e514efeefa4cbfffd52fe03a6c70741f10f8454d582c0f1748f3", 0x2e}], 0x4}, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x20, &(0x7f0000000040)={&(0x7f0000000500)=""/136, 0x88, <r4=>0x0, &(0x7f0000000a00)=""/4096, 0x1000}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
pread64(0xffffffffffffffff, &(0x7f0000000180)=""/59, 0x3b, 0x1c)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="500000000206050000000000000000000000000005000400000000000900020073797a32000000000500050002000000050001000600000016000300686173683a6e65742c706f72742c6e6574000000ac93fb953de1f15bc0f901f2a0ebdf22da11efd2a9b37253b4defc3d7a227b281ccd4641c6b863eafeb808000000fa2585e03c168cd790d2cdb2df8ff1bc4621409034c521308c5296606a7e70a6c7fc507f497c1749869e5e3681a10d44d9b3d4d556bcbee08d1bd2cd01007e77d9d1042ce683823ad92de23ea7c8635cb8f34639a16921d9b40db2a3e582ff6db693300c0eef7d321d0baa3a8af8d17a"], 0x50}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000900)=ANY=[@ANYBLOB="1c000000030601080000000000000000000000040500010007000000a3ebe770794b9eab84ed657e89e0e955933ab66e1699d56927dab21dce1a56bee0d7407323a56bb6a7a14dc6d93a3d9f715a5b85a5a6f849c725cd094266038548433b4d920f2d1d602ee3c33922f159d0b7ebcdb5b4767d311153ca232d5ec8e2b82b1e9a586f0b58727c74215c722cead1817db71a702a5592c78e920f1d56d6115714986bdee9fc8da95222a5"], 0x1c}, 0x1, 0x0, 0x0, 0x20000043}, 0x4000)

856.504341ms ago: executing program 1 (id=3306):
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x71, 0x5, 0x8, 0x23, 0x0, 0x1f, 0x0, 0x8, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, @perf_bp={0x0, 0x1}, 0xb06, 0x3, 0x8, 0x1, 0x7f, 0x800, 0x5, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x40, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYRES8=r0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x3a, &(0x7f0000000640)={0x0, 0xaddc, 0x10100, 0x3, 0x203}, &(0x7f0000000380)=<r5=>0x0, &(0x7f00000003c0)=<r6=>0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r7, &(0x7f0000000440)=[{&(0x7f0000000100)=""/16, 0x11}, {&(0x7f00000003c0)=""/106, 0xffffffffffffffcf}], 0x1)
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r8, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x3}})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
syz_io_uring_submit(r5, r6, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r9, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r4, 0xd81, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r10)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
r12 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
getdents(r12, 0xffffffffffffffff, 0x5a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'team0\x00', <r13=>0x0})
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000440)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r14=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1c, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="6ed5eea2ffff185700000a000000000000000000000085000000b500000000001ec98870dcd99460f1fd0e"], &(0x7f0000000240)='GPL\x00', 0x9ea8, 0xfd, &(0x7f0000000280)=""/253, 0x40f01, 0x10, '\x00', r13, @fallback=0x5, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x2, 0x6, 0x1, 0xffffff1c}, 0x10, 0x0, 0xffffffffffffffff, 0x4, &(0x7f00000004c0)=[r1, r1, r1, r1, r1, r11, r14, r1, r1], &(0x7f0000000500)=[{0x1, 0x2, 0x6, 0x8}, {0x2004, 0x1, 0x2, 0x232d8d82eff7695}, {0x2, 0x1, 0x6, 0x7}, {0x2, 0x1, 0xc, 0x6}], 0x10, 0x4, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

812.114081ms ago: executing program 2 (id=3307):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

629.930882ms ago: executing program 4 (id=3308):
socket$nl_route(0x10, 0x3, 0x0)
gettid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0, 0x0, 0x2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x8000f28, 0x0)
splice(r3, 0x0, r2, 0x0, 0x7f, 0xe)
write(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000a44000/0x4000)=nil, 0x4000, 0x0, 0xbc32038f2d035af6, 0xffffffffffffffff, 0x2882c000)
r5 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
lseek(r5, 0x2004, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r7, &(0x7f0000000380)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000500)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000002c0)=[{&(0x7f0000000600)=""/183, 0xb7}], 0x1, 0x0, 0x6}}], 0x48}, 0x0)
r8 = open(&(0x7f0000000040)='./file1\x00', 0x105802, 0x22d)
pwritev2(r8, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f0000000300)="5811d0", 0x3}], 0x3, 0x8c81, 0x1, 0x16)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf55"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

447.176784ms ago: executing program 3 (id=3309):
socket$nl_route(0x10, 0x3, 0x0)
gettid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0, 0x0, 0x2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x8000f28, 0x0)
splice(r3, 0x0, r2, 0x0, 0x7f, 0xe)
write(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000a44000/0x4000)=nil, 0x4000, 0x0, 0xbc32038f2d035af6, 0xffffffffffffffff, 0x2882c000)
r5 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
lseek(r5, 0x2004, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r7, &(0x7f0000000380)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000500)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000002c0)=[{&(0x7f0000000600)=""/183, 0xb7}], 0x1, 0x0, 0x6}}], 0x48}, 0x0)
r8 = open(&(0x7f0000000040)='./file1\x00', 0x105802, 0x22d)
pwritev2(r8, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f0000000300)="5811d0", 0x3}], 0x3, 0x8c81, 0x1, 0x16)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf55"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

340.160185ms ago: executing program 4 (id=3310):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000002900000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, 0x0, &(0x7f0000000040)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000005c0)={[{@discard}, {@bh}, {@nomblk_io_submit}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r2, &(0x7f0000004200)='t', 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0xf, 0x66, 0x8, 0x7fffffff, 0x101})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x3000490, &(0x7f0000000380)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@bsdgroups}, {@auto_da_alloc}, {@jqfmt_vfsv1}, {@nouid32}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@grpjquota}, {@usrjquota}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
socket$unix(0x1, 0x5, 0x0)
write$binfmt_script(r5, &(0x7f0000000040), 0x208e24b)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0xfffffffffffffffc, &(0x7f00000002c0)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r7, 0x0, 0x2, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r5, &(0x7f0000000200)={0xb, 0x10, 0xfa00, {&(0x7f00000000c0), r7, 0xa}}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
fdatasync(r5)

0s ago: executing program 3 (id=3311):
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)

kernel console output (not intermixed with test programs):

41][T11783] Symlink component flag not implemented
[  228.235264][T11783] Symlink component flag not implemented (7)
[  228.249969][T11786] Cannot find add_set index 0 as target
[  228.332161][T11800] dvmrp1: entered allmulticast mode
[  228.343167][T11800] dvmrp1: left allmulticast mode
[  228.396053][T11806] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2705'.
[  229.304761][T11823] loop3: detected capacity change from 0 to 1024
[  229.322737][T11823] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  229.336877][T11823] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  229.347443][T11823] jbd2_journal_init_inode: Cannot locate journal superblock
[  229.354885][T11823] EXT4-fs (loop3): Could not load journal inode
[  229.449286][T11833] loop3: detected capacity change from 0 to 128
[  229.467551][T11832] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  229.475533][T11832] FAT-fs (loop3): Filesystem has been set read-only
[  229.482905][T11832] syz.3.2715: attempt to access beyond end of device
[  229.482905][T11832] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  229.496817][T11832] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  229.504673][T11832] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  230.233418][T11859] netlink: 'syz.2.2722': attribute type 3 has an invalid length.
[  230.409253][T11863] cgroup: none used incorrectly
[  230.831665][T11881] netlink: 'syz.0.2732': attribute type 10 has an invalid length.
[  230.916908][T11892] loop2: detected capacity change from 0 to 128
[  230.924913][T11892] EXT4-fs: Ignoring removed nobh option
[  230.953565][T11892] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  230.966285][T11892] ext4 filesystem being mounted at /567/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  231.017528][ T3325] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  231.056528][T11898] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2737'.
[  231.066566][T11898] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2737'.
[  231.143335][T11905] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  231.476660][T11913] loop4: detected capacity change from 0 to 128
[  231.489081][T11912] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  231.497215][T11912] FAT-fs (loop4): Filesystem has been set read-only
[  231.503988][T11912] syz.4.2742: attempt to access beyond end of device
[  231.503988][T11912] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  231.518169][T11912] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  231.526177][T11912] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  231.585874][T11921] netlink: 'syz.4.2744': attribute type 10 has an invalid length.
[  231.601038][T11921] loop4: detected capacity change from 0 to 512
[  231.607723][T11923] FAULT_INJECTION: forcing a failure.
[  231.607723][T11923] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  231.621065][T11923] CPU: 0 UID: 0 PID: 11923 Comm: syz.1.2746 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  231.621157][T11923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  231.621173][T11923] Call Trace:
[  231.621181][T11923]  <TASK>
[  231.621189][T11923]  __dump_stack+0x1d/0x30
[  231.621212][T11923]  dump_stack_lvl+0xe8/0x140
[  231.621233][T11923]  dump_stack+0x15/0x1b
[  231.621334][T11923]  should_fail_ex+0x265/0x280
[  231.621363][T11923]  should_fail+0xb/0x20
[  231.621427][T11923]  should_fail_usercopy+0x1a/0x20
[  231.621498][T11923]  _copy_to_iter+0x381/0xe30
[  231.621538][T11923]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  231.621586][T11923]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  231.621693][T11923]  __skb_datagram_iter+0xc6/0x690
[  231.621722][T11923]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  231.621754][T11923]  skb_copy_datagram_iter+0x3d/0x110
[  231.621853][T11923]  netlink_recvmsg+0x1ab/0x7f0
[  231.621883][T11923]  ? __pfx_netlink_recvmsg+0x10/0x10
[  231.621906][T11923]  sock_recvmsg+0x136/0x170
[  231.621937][T11923]  ____sys_recvmsg+0xf5/0x280
[  231.621994][T11923]  ___sys_recvmsg+0x11f/0x370
[  231.622038][T11923]  do_recvmmsg+0x1ef/0x540
[  231.622078][T11923]  __x64_sys_recvmmsg+0xe5/0x170
[  231.622125][T11923]  x64_sys_call+0x1c6a/0x2fb0
[  231.622154][T11923]  do_syscall_64+0xd0/0x1b0
[  231.622181][T11923]  ? clear_bhb_loop+0x40/0x90
[  231.622207][T11923]  ? clear_bhb_loop+0x40/0x90
[  231.622229][T11923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.622275][T11923] RIP: 0033:0x7fb012d9e969
[  231.622294][T11923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.622317][T11923] RSP: 002b:00007fb011407038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  231.622369][T11923] RAX: ffffffffffffffda RBX: 00007fb012fc5fa0 RCX: 00007fb012d9e969
[  231.622386][T11923] RDX: 0000000000000007 RSI: 0000200000001b40 RDI: 0000000000000006
[  231.622403][T11923] RBP: 00007fb011407090 R08: 0000000000000000 R09: 0000000000000000
[  231.622470][T11923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.622484][T11923] R13: 0000000000000000 R14: 00007fb012fc5fa0 R15: 00007ffc32074628
[  231.622511][T11923]  </TASK>
[  231.623227][T11921] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  231.705231][T11926] FAULT_INJECTION: forcing a failure.
[  231.705231][T11926] name failslab, interval 1, probability 0, space 0, times 0
[  231.706232][T11921] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  231.711533][T11926] CPU: 0 UID: 0 PID: 11926 Comm: syz.1.2747 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  231.711572][T11926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  231.711596][T11926] Call Trace:
[  231.711605][T11926]  <TASK>
[  231.711616][T11926]  __dump_stack+0x1d/0x30
[  231.711707][T11926]  dump_stack_lvl+0xe8/0x140
[  231.711754][T11926]  dump_stack+0x15/0x1b
[  231.711778][T11926]  should_fail_ex+0x265/0x280
[  231.711817][T11926]  should_failslab+0x8c/0xb0
[  231.711863][T11926]  kmem_cache_alloc_node_noprof+0x57/0x320
[  231.711934][T11926]  ? __alloc_skb+0x101/0x320
[  231.711978][T11926]  __alloc_skb+0x101/0x320
[  231.712083][T11926]  pfkey_sendmsg+0x7e4/0x900
[  231.712142][T11926]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  231.712217][T11926]  __sock_sendmsg+0x145/0x180
[  231.712254][T11926]  ____sys_sendmsg+0x31e/0x4e0
[  231.712287][T11926]  ___sys_sendmsg+0x17b/0x1d0
[  231.712411][T11926]  __x64_sys_sendmsg+0xd4/0x160
[  231.712446][T11926]  x64_sys_call+0x2999/0x2fb0
[  231.712476][T11926]  do_syscall_64+0xd0/0x1b0
[  231.712508][T11926]  ? clear_bhb_loop+0x40/0x90
[  231.712553][T11926]  ? clear_bhb_loop+0x40/0x90
[  231.712583][T11926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.712665][T11926] RIP: 0033:0x7fb012d9e969
[  231.712687][T11926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.712712][T11926] RSP: 002b:00007fb0113e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  231.712747][T11926] RAX: ffffffffffffffda RBX: 00007fb012fc6080 RCX: 00007fb012d9e969
[  231.712764][T11926] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000009
[  231.712781][T11926] RBP: 00007fb0113e6090 R08: 0000000000000000 R09: 0000000000000000
[  231.712842][T11926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  231.712858][T11926] R13: 0000000000000000 R14: 00007fb012fc6080 R15: 00007ffc32074628
[  231.712886][T11926]  </TASK>
[  232.074904][T11921] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  232.115333][T11921] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  232.132088][T11921] System zones: 0-2, 18-18, 34-34
[  232.137838][T11921] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  232.155620][T11921] EXT4-fs (loop4): 1 truncate cleaned up
[  232.162117][T11921] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.183925][T11921] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.341067][T11945] lo speed is unknown, defaulting to 1000
[  232.416373][T11953] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2756'.
[  233.007649][   T29] kauditd_printk_skb: 73 callbacks suppressed
[  233.007719][   T29] audit: type=1400 audit(1748356385.086:6975): avc:  denied  { mounton } for  pid=11975 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  233.146801][T11985] FAULT_INJECTION: forcing a failure.
[  233.146801][T11985] name failslab, interval 1, probability 0, space 0, times 0
[  233.159714][T11985] CPU: 1 UID: 0 PID: 11985 Comm: syz.4.2762 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  233.159786][T11985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  233.159802][T11985] Call Trace:
[  233.159809][T11985]  <TASK>
[  233.159818][T11985]  __dump_stack+0x1d/0x30
[  233.159846][T11985]  dump_stack_lvl+0xe8/0x140
[  233.159919][T11985]  dump_stack+0x15/0x1b
[  233.159936][T11985]  should_fail_ex+0x265/0x280
[  233.159971][T11985]  should_failslab+0x8c/0xb0
[  233.160077][T11985]  __kmalloc_noprof+0xa5/0x3e0
[  233.160100][T11985]  ? security_inode_init_security+0xc5/0x330
[  233.160129][T11985]  ? current_umask+0x2f/0x40
[  233.160188][T11985]  security_inode_init_security+0xc5/0x330
[  233.160216][T11985]  ? __pfx_shmem_initxattrs+0x10/0x10
[  233.160243][T11985]  shmem_mknod+0xad/0x180
[  233.160326][T11985]  shmem_mkdir+0x33/0x70
[  233.160351][T11985]  vfs_mkdir+0x210/0x340
[  233.160388][T11985]  do_mkdirat+0x132/0x3f0
[  233.160476][T11985]  __x64_sys_mkdirat+0x4c/0x60
[  233.160578][T11985]  x64_sys_call+0x2be0/0x2fb0
[  233.160627][T11985]  do_syscall_64+0xd0/0x1b0
[  233.160651][T11985]  ? clear_bhb_loop+0x40/0x90
[  233.160679][T11985]  ? clear_bhb_loop+0x40/0x90
[  233.160709][T11985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.160737][T11985] RIP: 0033:0x7f506753d1d7
[  233.160794][T11985] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.160813][T11985] RSP: 002b:00007f5065ba6e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  233.160835][T11985] RAX: ffffffffffffffda RBX: 00007f5065ba6ef0 RCX: 00007f506753d1d7
[  233.160848][T11985] RDX: 00000000000001ff RSI: 0000200000000280 RDI: 00000000ffffff9c
[  233.160864][T11985] RBP: 00002000000006c0 R08: 0000200000000080 R09: 0000000000000000
[  233.160881][T11985] R10: 00002000000006c0 R11: 0000000000000246 R12: 0000200000000280
[  233.160897][T11985] R13: 00007f5065ba6eb0 R14: 0000000000000000 R15: 0000000000000000
[  233.160923][T11985]  </TASK>
[  233.443988][T11975] lo speed is unknown, defaulting to 1000
[  233.450076][T11987] netlink: 'syz.2.2763': attribute type 10 has an invalid length.
[  233.486388][T11987] loop2: detected capacity change from 0 to 512
[  233.532810][T11987] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  233.542086][T11987] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  233.599767][T11987] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  233.639818][T11987] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  233.676533][T11987] System zones: 0-2, 18-18, 34-34
[  233.696915][T11987] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  233.717240][ T3415] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.740313][T11975] chnl_net:caif_netlink_parms(): no params data found
[  233.757307][T11987] EXT4-fs (loop2): 1 truncate cleaned up
[  233.784429][T12006] loop3: detected capacity change from 0 to 1024
[  233.787786][T11987] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.811992][T11987] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.812209][T12006] Quota error (device loop3): do_check_range: Getting block 64 out of range 1-5
[  233.830156][T12006] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  233.839597][T12006] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.2770: Failed to acquire dquot type 0
[  233.853700][T12006] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  233.868710][T12006] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.2770: corrupted inode contents
[  233.869959][ T3415] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.891429][T12006] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #13: comm syz.3.2770: mark_inode_dirty error
[  233.904248][T12006] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.2770: corrupted inode contents
[  233.917128][T12006] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #13: comm syz.3.2770: mark_inode_dirty error
[  233.929142][T12006] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.2770: corrupted inode contents
[  233.942857][T12006] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  233.953449][ T3415] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.963871][T12006] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #13: comm syz.3.2770: corrupted inode contents
[  233.977021][T12006] EXT4-fs error (device loop3): ext4_truncate:4255: inode #13: comm syz.3.2770: mark_inode_dirty error
[  233.983762][T12015] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2772'.
[  233.988772][T12006] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  234.006701][T12006] EXT4-fs (loop3): 1 truncate cleaned up
[  234.006996][T11975] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.012953][T12006] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.019641][T11975] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.057962][T12018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2772'.
[  234.061014][T11975] bridge_slave_0: entered allmulticast mode
[  234.073684][T11975] bridge_slave_0: entered promiscuous mode
[  234.081603][ T3415] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.092539][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.106044][T11975] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.113282][T11975] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.120665][   T29] audit: type=1326 audit(1748356386.186:6976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12021 comm="syz.3.2773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  234.144284][   T29] audit: type=1326 audit(1748356386.186:6977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12021 comm="syz.3.2773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  234.167966][   T29] audit: type=1326 audit(1748356386.186:6978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12021 comm="syz.3.2773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  234.191498][   T29] audit: type=1326 audit(1748356386.186:6979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12021 comm="syz.3.2773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  234.215136][   T29] audit: type=1326 audit(1748356386.186:6980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12021 comm="syz.3.2773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  234.238731][   T29] audit: type=1326 audit(1748356386.186:6981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12021 comm="syz.3.2773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=313 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  234.255881][T12025] netlink: 204 bytes leftover after parsing attributes in process `syz.2.2774'.
[  234.262359][   T29] audit: type=1326 audit(1748356386.186:6982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12021 comm="syz.3.2773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  234.288636][T12025] FAULT_INJECTION: forcing a failure.
[  234.288636][T12025] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.308213][T12025] CPU: 0 UID: 0 PID: 12025 Comm: syz.2.2774 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  234.308251][T12025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  234.308265][T12025] Call Trace:
[  234.308294][T11975] bridge_slave_1: entered allmulticast mode
[  234.308337][T12025]  <TASK>
[  234.308349][T12025]  __dump_stack+0x1d/0x30
[  234.308380][T12025]  dump_stack_lvl+0xe8/0x140
[  234.308411][T12025]  dump_stack+0x15/0x1b
[  234.308436][T12025]  should_fail_ex+0x265/0x280
[  234.308473][T12025]  should_fail+0xb/0x20
[  234.308576][T12025]  should_fail_usercopy+0x1a/0x20
[  234.308615][T12025]  _copy_to_user+0x20/0xa0
[  234.308659][T12025]  simple_read_from_buffer+0xb5/0x130
[  234.308699][T12025]  proc_fail_nth_read+0x100/0x140
[  234.308818][T12025]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  234.308859][T12025]  vfs_read+0x1a0/0x6f0
[  234.308896][T12025]  ? __rcu_read_unlock+0x4f/0x70
[  234.308981][T12025]  ? __fget_files+0x184/0x1c0
[  234.309056][T12025]  ksys_read+0xda/0x1a0
[  234.309157][T12025]  __x64_sys_read+0x40/0x50
[  234.309196][T12025]  x64_sys_call+0x2d77/0x2fb0
[  234.309312][T12025]  do_syscall_64+0xd0/0x1b0
[  234.309343][T12025]  ? clear_bhb_loop+0x40/0x90
[  234.309424][T12025]  ? clear_bhb_loop+0x40/0x90
[  234.309454][T12025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.309484][T12025] RIP: 0033:0x7f0ce3b9d37c
[  234.309521][T12025] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  234.309546][T12025] RSP: 002b:00007f0ce2207030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  234.309572][T12025] RAX: ffffffffffffffda RBX: 00007f0ce3dc5fa0 RCX: 00007f0ce3b9d37c
[  234.309589][T12025] RDX: 000000000000000f RSI: 00007f0ce22070a0 RDI: 0000000000000006
[  234.309606][T12025] RBP: 00007f0ce2207090 R08: 0000000000000000 R09: 0000000000000000
[  234.309623][T12025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  234.309663][T12025] R13: 0000000000000000 R14: 00007f0ce3dc5fa0 R15: 00007ffd9a700928
[  234.309689][T12025]  </TASK>
[  234.390505][T12027] loop2: detected capacity change from 0 to 128
[  234.404550][T12026] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  234.416540][T11975] bridge_slave_1: entered promiscuous mode
[  234.417954][T12026] FAT-fs (loop2): Filesystem has been set read-only
[  234.546040][T12026] syz.2.2775: attempt to access beyond end of device
[  234.546040][T12026] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  234.560035][T12026] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  234.568002][T12026] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  234.581830][T11975] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  234.592878][T12031] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.617199][T11975] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  234.696015][T12031] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.714136][ T3415] bridge_slave_1: left allmulticast mode
[  234.719933][ T3415] bridge_slave_1: left promiscuous mode
[  234.725774][ T3415] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.738264][ T3415] bridge_slave_0: left allmulticast mode
[  234.744056][ T3415] bridge_slave_0: left promiscuous mode
[  234.750023][ T3415] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.789564][T12056] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  234.863435][T12066] netlink: 'syz.0.2780': attribute type 39 has an invalid length.
[  234.968991][ T3415] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  234.979400][ T3415] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  234.989193][ T3415] bond0 (unregistering): Released all slaves
[  234.999326][T11975] team0: Port device team_slave_0 added
[  235.009787][T12031] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.031167][T11975] team0: Port device team_slave_1 added
[  235.080411][T12031] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.106232][T12080] loop2: detected capacity change from 0 to 128
[  235.119801][T11975] batman_adv: batadv0: Adding interface: batadv_slave_0
[  235.126933][T11975] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  235.129527][T12079] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  235.153183][T11975] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  235.160905][T12079] FAT-fs (loop2): Filesystem has been set read-only
[  235.193941][ T3415] veth1_macvtap: left promiscuous mode
[  235.198972][T12079] syz.2.2788: attempt to access beyond end of device
[  235.198972][T12079] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  235.202455][ T3415] veth0_macvtap: left promiscuous mode
[  235.218933][T12079] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  235.226868][T12079] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  235.228466][ T3415] veth1_vlan: left promiscuous mode
[  235.240627][ T3415] veth0_vlan: left promiscuous mode
[  235.397867][T12031] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.406542][T11975] batman_adv: batadv0: Adding interface: batadv_slave_1
[  235.413795][T11975] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  235.440076][T11975] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  235.451026][ T3384] lo speed is unknown, defaulting to 1000
[  235.456844][ T3384] infiniband syz0: ib_query_port failed (-19)
[  235.471220][T12031] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.498435][T12031] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.510904][T12031] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.522118][T11975] hsr_slave_0: entered promiscuous mode
[  235.528925][T11975] hsr_slave_1: entered promiscuous mode
[  235.535176][T11975] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  235.543193][T11975] Cannot create hsr debugfs directory
[  235.706951][ T3415] IPVS: stop unused estimator thread 0...
[  235.942652][T11975] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  235.954661][T11975] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  235.966169][T11975] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  235.985403][T11975] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  236.064595][T11975] 8021q: adding VLAN 0 to HW filter on device bond0
[  236.082185][T11975] 8021q: adding VLAN 0 to HW filter on device team0
[  236.092797][ T3415] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.100025][ T3415] bridge0: port 1(bridge_slave_0) entered forwarding state
[  236.115503][ T3415] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.122654][ T3415] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.250640][T12168] loop3: detected capacity change from 0 to 128
[  236.272063][T11975] 8021q: adding VLAN 0 to HW filter on device batadv0
[  236.291664][T12167] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  236.299621][T12167] FAT-fs (loop3): Filesystem has been set read-only
[  236.327948][T12167] syz.3.2799: attempt to access beyond end of device
[  236.327948][T12167] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  236.346116][T12167] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  236.354056][T12167] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  236.491463][T12196] loop4: detected capacity change from 0 to 128
[  236.502293][T11975] veth0_vlan: entered promiscuous mode
[  236.510751][T12196] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  236.511053][T11975] veth1_vlan: entered promiscuous mode
[  236.538857][T11975] veth0_macvtap: entered promiscuous mode
[  236.546543][T11975] veth1_macvtap: entered promiscuous mode
[  236.558317][T11975] batman_adv: batadv0: Interface activated: batadv_slave_0
[  236.567326][T11975] batman_adv: batadv0: Interface activated: batadv_slave_1
[  236.575792][T11975] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  236.584715][T11975] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  236.593494][T11975] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  236.602258][T11975] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  236.621779][T12196] ext4 filesystem being mounted at /553/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  236.705529][T12207] FAULT_INJECTION: forcing a failure.
[  236.705529][T12207] name failslab, interval 1, probability 0, space 0, times 0
[  236.718368][T12207] CPU: 1 UID: 0 PID: 12207 Comm: syz.3.2803 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  236.718453][T12207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  236.718539][T12207] Call Trace:
[  236.718545][T12207]  <TASK>
[  236.718552][T12207]  __dump_stack+0x1d/0x30
[  236.718626][T12207]  dump_stack_lvl+0xe8/0x140
[  236.718655][T12207]  dump_stack+0x15/0x1b
[  236.718673][T12207]  should_fail_ex+0x265/0x280
[  236.718859][T12207]  should_failslab+0x8c/0xb0
[  236.718921][T12207]  kmem_cache_alloc_node_noprof+0x57/0x320
[  236.718953][T12207]  ? __alloc_skb+0x101/0x320
[  236.718993][T12207]  __alloc_skb+0x101/0x320
[  236.719074][T12207]  ? __sctp_packet_append_chunk+0x6c1/0x720
[  236.719120][T12207]  sctp_packet_transmit+0x1d0/0x1490
[  236.719299][T12207]  ? sctp_packet_append_chunk+0x735/0x850
[  236.719335][T12207]  ? sctp_transport_burst_limited+0x103/0x110
[  236.719398][T12207]  sctp_outq_flush+0x807/0x1970
[  236.719420][T12207]  ? sctp_ulpq_tail_event+0x35f/0x9d0
[  236.719446][T12207]  ? __alloc_skb+0x223/0x320
[  236.719550][T12207]  sctp_outq_uncork+0x56/0x70
[  236.719573][T12207]  sctp_do_sm+0x1228/0x3230
[  236.719598][T12207]  ? xas_load+0x413/0x430
[  236.719637][T12207]  sctp_primitive_ABORT+0x74/0x90
[  236.719793][T12207]  sctp_sendmsg_check_sflags+0x19b/0x1e0
[  236.719906][T12207]  sctp_sendmsg+0x10bb/0x18d0
[  236.719948][T12207]  ? __pfx_sctp_sendmsg+0x10/0x10
[  236.719981][T12207]  inet_sendmsg+0xc5/0xd0
[  236.720015][T12207]  __sock_sendmsg+0x102/0x180
[  236.720120][T12207]  ____sys_sendmsg+0x31e/0x4e0
[  236.720145][T12207]  ___sys_sendmsg+0x17b/0x1d0
[  236.720248][T12207]  __x64_sys_sendmsg+0xd4/0x160
[  236.720279][T12207]  x64_sys_call+0x2999/0x2fb0
[  236.720303][T12207]  do_syscall_64+0xd0/0x1b0
[  236.720366][T12207]  ? clear_bhb_loop+0x40/0x90
[  236.720389][T12207]  ? clear_bhb_loop+0x40/0x90
[  236.720473][T12207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.720496][T12207] RIP: 0033:0x7f5c0ac1e969
[  236.720512][T12207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.720531][T12207] RSP: 002b:00007f5c09266038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  236.720554][T12207] RAX: ffffffffffffffda RBX: 00007f5c0ae46080 RCX: 00007f5c0ac1e969
[  236.720567][T12207] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[  236.720580][T12207] RBP: 00007f5c09266090 R08: 0000000000000000 R09: 0000000000000000
[  236.720602][T12207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  236.720614][T12207] R13: 0000000000000000 R14: 00007f5c0ae46080 R15: 00007ffda56617d8
[  236.720635][T12207]  </TASK>
[  237.002351][T12208] loop2: detected capacity change from 0 to 164
[  237.221616][T12218] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.236702][T12220] FAULT_INJECTION: forcing a failure.
[  237.236702][T12220] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  237.250082][T12220] CPU: 1 UID: 0 PID: 12220 Comm: syz.0.2809 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  237.250243][T12220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  237.250260][T12220] Call Trace:
[  237.250269][T12220]  <TASK>
[  237.250279][T12220]  __dump_stack+0x1d/0x30
[  237.250308][T12220]  dump_stack_lvl+0xe8/0x140
[  237.250335][T12220]  dump_stack+0x15/0x1b
[  237.250359][T12220]  should_fail_ex+0x265/0x280
[  237.250465][T12220]  should_fail_alloc_page+0xf2/0x100
[  237.250500][T12220]  __alloc_frozen_pages_noprof+0xff/0x360
[  237.250537][T12220]  alloc_pages_mpol+0xb3/0x250
[  237.250621][T12220]  vma_alloc_folio_noprof+0x1aa/0x300
[  237.250660][T12220]  do_wp_page+0x673/0x23d0
[  237.250695][T12220]  ? __rcu_read_lock+0x37/0x50
[  237.250721][T12220]  handle_mm_fault+0x77d/0x2c00
[  237.250770][T12220]  ? mas_walk+0xf2/0x120
[  237.250849][T12220]  do_user_addr_fault+0x636/0x1090
[  237.250888][T12220]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  237.250925][T12220]  exc_page_fault+0x3d/0xb0
[  237.251018][T12220]  asm_exc_page_fault+0x26/0x30
[  237.251040][T12220] RIP: 0033:0x7faea0de0cc3
[  237.251057][T12220] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  237.251077][T12220] RSP: 002b:00007fae9f5864a0 EFLAGS: 00010202
[  237.251093][T12220] RAX: 0000000000000400 RBX: 00007fae9f586540 RCX: 00007fae97167000
[  237.251107][T12220] RDX: 00007fae9f5866e0 RSI: 0000000000000001 RDI: 00007fae9f5865e0
[  237.251120][T12220] RBP: 00000000000000f9 R08: 0000000000000008 R09: 00000000000000ab
[  237.251165][T12220] R10: 00000000000000c0 R11: 00007fae9f586540 R12: 0000000000000001
[  237.251178][T12220] R13: 00007faea0fbbfc0 R14: 0000000000000020 R15: 00007fae9f5865e0
[  237.251199][T12220]  </TASK>
[  237.251212][T12220] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  237.480632][ T3318] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  237.502840][T12218] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.575825][T12218] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.583455][T12231] loop4: detected capacity change from 0 to 764
[  237.621753][T12231] Symlink component flag not implemented
[  237.629194][T12231] Symlink component flag not implemented (7)
[  238.330074][T12255] loop4: detected capacity change from 0 to 164
[  238.892491][T12261] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  239.046045][   T29] kauditd_printk_skb: 135 callbacks suppressed
[  239.046062][   T29] audit: type=1326 audit(1748356391.086:7118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12269 comm="syz.3.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  239.076152][   T29] audit: type=1326 audit(1748356391.086:7119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12269 comm="syz.3.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  239.099870][   T29] audit: type=1326 audit(1748356391.086:7120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12269 comm="syz.3.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  239.123480][   T29] audit: type=1326 audit(1748356391.086:7121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12269 comm="syz.3.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  239.147182][   T29] audit: type=1326 audit(1748356391.086:7122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12269 comm="syz.3.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  239.170934][   T29] audit: type=1326 audit(1748356391.086:7123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12269 comm="syz.3.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  239.195458][   T29] audit: type=1326 audit(1748356391.086:7124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12269 comm="syz.3.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  239.220343][   T29] audit: type=1326 audit(1748356391.086:7125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12269 comm="syz.3.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  239.245108][   T29] audit: type=1326 audit(1748356391.086:7126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12269 comm="syz.3.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  239.269923][   T29] audit: type=1326 audit(1748356391.086:7127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12269 comm="syz.3.2829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0ac1e969 code=0x7ffc0000
[  240.849229][T12218] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.360458][T12340] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  241.379058][T12342] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2855'.
[  241.388944][T12342] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2855'.
[  241.600755][T12354] loop3: detected capacity change from 0 to 128
[  241.670694][T12354] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  241.698339][T12354] ext4 filesystem being mounted at /539/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  242.034984][ T3317] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  242.092477][T12376] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2866'.
[  242.102129][T12376] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2866'.
[  242.304712][T12218] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  242.316952][T12218] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  242.355177][T12218] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  242.367698][T12218] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  242.401104][T12398] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2872'.
[  242.745182][T12402] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2872'.
[  242.827595][T12398] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  242.835087][T12398] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.290049][T12398] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.297550][T12398] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.322461][T12402] team0 (unregistering): Port device team_slave_0 removed
[  243.339099][T12402] team0 (unregistering): Port device team_slave_1 removed
[  243.358369][T12410] netlink: 'syz.3.2874': attribute type 10 has an invalid length.
[  243.379298][T12409] loop3: detected capacity change from 0 to 512
[  243.386597][T12409] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  243.395706][T12409] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  243.430702][T12409] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  243.459713][T12412] loop4: detected capacity change from 0 to 128
[  243.475440][T12409] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  243.502999][T12412] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  243.505471][T12409] System zones: 0-2, 18-18, 34-34
[  243.548251][T12412] ext4 filesystem being mounted at /567/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  243.627924][T12409] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  243.686718][T12409] EXT4-fs (loop3): 1 truncate cleaned up
[  243.692937][T12409] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.728307][T12409] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.879726][T12430] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2879'.
[  243.906464][T12439] loop3: detected capacity change from 0 to 1024
[  243.911950][T12430] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2879'.
[  243.951537][ T3318] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  243.970242][T12439] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.008428][T12419] chnl_net:caif_netlink_parms(): no params data found
[  244.020006][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.078911][T12419] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.086066][T12419] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.099041][T12419] bridge_slave_0: entered allmulticast mode
[  244.105825][T12419] bridge_slave_0: entered promiscuous mode
[  244.113222][T12419] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.120421][T12419] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.128552][T12419] bridge_slave_1: entered allmulticast mode
[  244.135198][T12419] bridge_slave_1: entered promiscuous mode
[  244.189460][T12419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  244.210029][T12419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  244.213112][T12463] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2885'.
[  244.228119][T12463] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2885'.
[  244.239771][ T6269] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.275781][T12419] team0: Port device team_slave_0 added
[  244.283219][T12419] team0: Port device team_slave_1 added
[  244.302372][T12419] batman_adv: batadv0: Adding interface: batadv_slave_0
[  244.309540][T12419] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.335610][T12419] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  244.373362][ T6269] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.399027][T12469] netlink: 'syz.3.2887': attribute type 10 has an invalid length.
[  244.408187][T12419] batman_adv: batadv0: Adding interface: batadv_slave_1
[  244.415165][T12419] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.441317][T12419] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.456913][T12469] loop3: detected capacity change from 0 to 512
[  244.468436][T12469] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  244.477608][T12469] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  244.498333][ T6269] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.566945][T12469] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  244.583602][T12469] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  244.597821][T12419] hsr_slave_0: entered promiscuous mode
[  244.609774][T12469] System zones: 0-2, 18-18, 34-34
[  244.617521][T12419] hsr_slave_1: entered promiscuous mode
[  244.628049][T12469] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  244.645271][T12419] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  244.661455][T12419] Cannot create hsr debugfs directory
[  244.669088][ T6269] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.687145][T12469] EXT4-fs (loop3): 1 truncate cleaned up
[  244.704871][T12469] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.736380][T12469] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.836217][ T6269] gretap0: left allmulticast mode
[  244.841334][ T6269] gretap0: left promiscuous mode
[  244.846631][ T6269] bridge0: port 3(gretap0) entered disabled state
[  244.854833][ T6269] bridge_slave_1: left allmulticast mode
[  244.860813][ T6269] bridge_slave_1: left promiscuous mode
[  244.866758][ T6269] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.879311][ T6269] bridge_slave_0: left allmulticast mode
[  244.885024][ T6269] bridge_slave_0: left promiscuous mode
[  244.890944][ T6269] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.952494][T12480] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  245.079724][T12488] 9pnet_fd: Insufficient options for proto=fd
[  245.099240][ T6269] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  245.108191][ T6269] bond_slave_0: left promiscuous mode
[  245.114791][ T6269] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  245.123645][   T29] kauditd_printk_skb: 151 callbacks suppressed
[  245.123662][   T29] audit: type=1326 audit(1748356397.186:7279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12492 comm="syz.0.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  245.153520][   T29] audit: type=1326 audit(1748356397.186:7280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12492 comm="syz.0.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  245.177197][   T29] audit: type=1326 audit(1748356397.186:7281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12492 comm="syz.0.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  245.200802][   T29] audit: type=1326 audit(1748356397.186:7282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12492 comm="syz.0.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  245.224381][   T29] audit: type=1326 audit(1748356397.186:7283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12492 comm="syz.0.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  245.248233][   T29] audit: type=1326 audit(1748356397.186:7284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12492 comm="syz.0.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  245.271927][   T29] audit: type=1326 audit(1748356397.186:7285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12492 comm="syz.0.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  245.295471][   T29] audit: type=1326 audit(1748356397.186:7286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12492 comm="syz.0.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  245.319128][   T29] audit: type=1326 audit(1748356397.186:7287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12492 comm="syz.0.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  245.342712][   T29] audit: type=1326 audit(1748356397.186:7288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12492 comm="syz.0.2895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  245.367236][ T6269] bond_slave_1: left promiscuous mode
[  245.373514][ T6269] $Hÿ (unregistering): Released all slaves
[  245.473069][ T6269] hsr_slave_0: left promiscuous mode
[  245.481407][ T6269] hsr_slave_1: left promiscuous mode
[  245.493134][ T6269] veth1_macvtap: left promiscuous mode
[  245.509284][ T6269] veth0_macvtap: left promiscuous mode
[  245.521357][ T6269] veth1_vlan: left promiscuous mode
[  245.526953][ T6269] veth0_vlan: left promiscuous mode
[  245.876856][T12521] loop4: detected capacity change from 0 to 164
[  246.020159][T12419] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  246.094150][T12419] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  246.138542][T12526] netlink: 'syz.0.2898': attribute type 10 has an invalid length.
[  246.149443][T12419] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  246.179050][T12419] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  246.387467][T12419] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.413070][T12419] 8021q: adding VLAN 0 to HW filter on device team0
[  246.427253][ T6275] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.434409][ T6275] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.456601][ T6269] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.464249][ T6269] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.745902][T12419] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.160921][T12419] veth0_vlan: entered promiscuous mode
[  247.173755][T12419] veth1_vlan: entered promiscuous mode
[  247.200051][T12419] veth0_macvtap: entered promiscuous mode
[  247.208936][T12419] veth1_macvtap: entered promiscuous mode
[  247.224231][T12419] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.239956][T12419] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.252714][T12419] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  247.261586][T12419] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  247.270381][T12419] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  247.279255][T12419] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  247.545878][T12595] loop4: detected capacity change from 0 to 128
[  247.560059][T12595] EXT4-fs: Ignoring removed nobh option
[  247.739887][T12595] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  247.786864][T12595] ext4 filesystem being mounted at /577/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  247.858554][T12602] loop2: detected capacity change from 0 to 164
[  248.022079][ T3318] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  248.349925][T12605] loop4: detected capacity change from 0 to 128
[  248.387857][ T3726] udevd[3726]: incorrect ext4 checksum on /dev/loop4
[  248.409444][T12605] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  248.498809][T12605] ext4 filesystem being mounted at /578/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  248.770936][T12616] loop2: detected capacity change from 0 to 164
[  249.196326][T12617] loop3: detected capacity change from 0 to 164
[  249.248027][T12619] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2913'.
[  249.330148][ T3318] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  249.591216][T12629] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2917'.
[  249.600313][T12629] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2917'.
[  249.770164][T12636] loop4: detected capacity change from 0 to 2048
[  250.061122][T12645] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2923'.
[  250.140576][T12645] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2923'.
[  251.209197][T12688] loop4: detected capacity change from 0 to 764
[  251.224435][T12685] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2937'.
[  251.251866][T12688] Symlink component flag not implemented
[  251.272598][T12688] Symlink component flag not implemented (7)
[  251.296269][T12692] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2937'.
[  251.603413][T12705] loop4: detected capacity change from 0 to 512
[  251.610432][T12705] EXT4-fs: Ignoring removed nobh option
[  251.682400][T12705] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.2940: corrupted inode contents
[  251.695090][T12705] EXT4-fs (loop4): Remounting filesystem read-only
[  251.701804][T12705] EXT4-fs (loop4): 1 truncate cleaned up
[  251.708426][T12705] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.721154][T12705] ext4 filesystem being mounted at /590/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.976807][   T29] kauditd_printk_skb: 56 callbacks suppressed
[  251.976844][   T29] audit: type=1326 audit(1748356404.026:7345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12711 comm="syz.0.2945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  252.006569][   T29] audit: type=1326 audit(1748356404.026:7346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12711 comm="syz.0.2945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  252.030426][   T29] audit: type=1326 audit(1748356404.036:7347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12711 comm="syz.0.2945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  252.054159][   T29] audit: type=1326 audit(1748356404.036:7348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12711 comm="syz.0.2945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  252.077825][   T29] audit: type=1326 audit(1748356404.036:7349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12711 comm="syz.0.2945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  252.101633][   T29] audit: type=1326 audit(1748356404.036:7350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12711 comm="syz.0.2945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  252.125343][   T29] audit: type=1326 audit(1748356404.036:7351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12711 comm="syz.0.2945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  252.129383][ T3415] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  252.148970][   T29] audit: type=1326 audit(1748356404.036:7352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12711 comm="syz.0.2945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faea0f1e969 code=0x7ffc0000
[  252.159501][ T3415] Quota error (device loop4): write_blk: dquota write failed
[  252.159520][ T3415] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries
[  252.159568][ T3415] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  252.212081][ T3415] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  252.349341][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.364339][T12728] FAULT_INJECTION: forcing a failure.
[  252.364339][T12728] name failslab, interval 1, probability 0, space 0, times 0
[  252.377445][T12728] CPU: 0 UID: 0 PID: 12728 Comm: syz.3.2952 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  252.377494][T12728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  252.377516][T12728] Call Trace:
[  252.377522][T12728]  <TASK>
[  252.377604][T12728]  __dump_stack+0x1d/0x30
[  252.377657][T12728]  dump_stack_lvl+0xe8/0x140
[  252.377684][T12728]  dump_stack+0x15/0x1b
[  252.377708][T12728]  should_fail_ex+0x265/0x280
[  252.377743][T12728]  ? sctp_auth_asoc_copy_shkeys+0xfa/0x330
[  252.377785][T12728]  should_failslab+0x8c/0xb0
[  252.377847][T12728]  __kmalloc_cache_noprof+0x4c/0x320
[  252.377880][T12728]  sctp_auth_asoc_copy_shkeys+0xfa/0x330
[  252.377951][T12728]  sctp_association_new+0xde5/0x1200
[  252.377996][T12728]  sctp_connect_new_asoc+0x1a8/0x3a0
[  252.378075][T12728]  sctp_sendmsg+0xf10/0x18d0
[  252.378191][T12728]  ? selinux_socket_sendmsg+0xf1/0x1b0
[  252.378289][T12728]  ? __pfx_sctp_sendmsg+0x10/0x10
[  252.378332][T12728]  inet_sendmsg+0xc5/0xd0
[  252.378446][T12728]  __sock_sendmsg+0x102/0x180
[  252.378480][T12728]  __sys_sendto+0x268/0x330
[  252.378523][T12728]  __x64_sys_sendto+0x76/0x90
[  252.378564][T12728]  x64_sys_call+0x2eb6/0x2fb0
[  252.378594][T12728]  do_syscall_64+0xd0/0x1b0
[  252.378623][T12728]  ? clear_bhb_loop+0x40/0x90
[  252.378652][T12728]  ? clear_bhb_loop+0x40/0x90
[  252.378799][T12728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.378825][T12728] RIP: 0033:0x7f5c0ac1e969
[  252.378845][T12728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.378863][T12728] RSP: 002b:00007f5c09287038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  252.378882][T12728] RAX: ffffffffffffffda RBX: 00007f5c0ae45fa0 RCX: 00007f5c0ac1e969
[  252.378977][T12728] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000005
[  252.378991][T12728] RBP: 00007f5c09287090 R08: 0000200000000100 R09: 000000000000001c
[  252.379006][T12728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.379021][T12728] R13: 0000000000000000 R14: 00007f5c0ae45fa0 R15: 00007ffda56617d8
[  252.379045][T12728]  </TASK>
[  252.385553][T12731] syz!: rxe_newlink: already configured on team_slave_0
[  252.439798][T12734] loop4: detected capacity change from 0 to 128
[  252.540486][T12741] loop3: detected capacity change from 0 to 512
[  252.549747][T12734] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  252.564513][T12741] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  252.597479][T12734] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  252.666526][T12741] EXT4-fs (loop3): 1 truncate cleaned up
[  252.674995][T12741] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.718652][T12741] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2957'.
[  252.790142][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.888766][   T51] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  252.930386][T12773] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2970'.
[  252.960757][T12771] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2971'.
[  252.961783][T12776] loop3: detected capacity change from 0 to 1024
[  252.970334][T12773] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  252.984396][T12773] batman_adv: batadv0: Removing interface: batadv_slave_0
[  252.991398][T12772] loop4: detected capacity change from 0 to 128
[  253.012357][T12773] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  253.019893][T12773] batman_adv: batadv0: Removing interface: batadv_slave_1
[  253.033696][T12776] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.046392][T12776] ext4 filesystem being mounted at /561/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.060408][T12776] EXT4-fs error (device loop3): ext4_map_blocks:709: inode #15: block 3: comm syz.3.2972: lblock 3 mapped to illegal pblock 3 (length 13)
[  253.075365][T12776] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  253.088207][T12776] EXT4-fs (loop3): This should not happen!! Data will be lost
[  253.088207][T12776] 
[  253.099782][T12776] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #15: block 3: comm syz.3.2972: lblock 3 mapped to illegal pblock 3 (length 1)
[  253.109545][T12772] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  253.130793][T12772] ext4 filesystem being mounted at /592/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  253.136753][T12776] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #15: block 3: comm syz.3.2972: lblock 3 mapped to illegal pblock 3 (length 1)
[  253.188780][T12779] team0 (unregistering): Port device team_slave_0 removed
[  253.209825][T12774] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #15: block 3: comm syz.3.2972: lblock 3 mapped to illegal pblock 3 (length 1)
[  253.225032][T12776] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #15: block 3: comm syz.3.2972: lblock 3 mapped to illegal pblock 3 (length 1)
[  253.227383][T12779] team0 (unregistering): Port device team_slave_1 removed
[  253.263236][T12774] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #15: block 3: comm syz.3.2972: lblock 3 mapped to illegal pblock 3 (length 1)
[  253.286988][T12776] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #15: block 3: comm syz.3.2972: lblock 3 mapped to illegal pblock 3 (length 1)
[  253.312923][T12774] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #15: block 3: comm syz.3.2972: lblock 3 mapped to illegal pblock 3 (length 1)
[  253.329133][T12776] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #15: block 3: comm syz.3.2972: lblock 3 mapped to illegal pblock 3 (length 1)
[  253.344139][T12774] EXT4-fs error (device loop3): ext4_map_blocks:675: inode #15: block 3: comm syz.3.2972: lblock 3 mapped to illegal pblock 3 (length 1)
[  253.699173][ T3318] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  253.868106][T12811] bridge_slave_1: left allmulticast mode
[  253.873933][T12811] bridge_slave_1: left promiscuous mode
[  253.879674][T12811] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.041857][T12811] bridge_slave_0: left allmulticast mode
[  254.047595][T12811] bridge_slave_0: left promiscuous mode
[  254.053304][T12811] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.246175][T12807] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  255.079664][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.092586][T12855] __nla_validate_parse: 4 callbacks suppressed
[  255.092601][T12855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2997'.
[  255.237595][T12857] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2998'.
[  255.433684][T12864] 9pnet_fd: Insufficient options for proto=fd
[  255.553995][T12879] loop4: detected capacity change from 0 to 128
[  255.599064][T12879] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  255.738766][T12879] ext4 filesystem being mounted at /597/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  256.081219][T12888] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.095385][ T3318] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  256.157089][T12888] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.207121][T12888] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.267186][T12888] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.302225][T12888] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  256.314160][T12888] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  256.326278][T12888] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  256.338852][T12888] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  256.667373][T12907] 9pnet_fd: Insufficient options for proto=fd
[  256.883472][T12899] loop3: detected capacity change from 0 to 4096
[  256.909895][T12899] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.993925][ T6275] bridge_slave_1: left allmulticast mode
[  256.999705][ T6275] bridge_slave_1: left promiscuous mode
[  257.005487][ T6275] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.056054][ T6275] bridge_slave_0: left allmulticast mode
[  257.061784][ T6275] bridge_slave_0: left promiscuous mode
[  257.067659][ T6275] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.204188][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.244155][T12951] loop3: detected capacity change from 0 to 512
[  257.287548][T12951] EXT4-fs: Ignoring removed nobh option
[  257.310812][T12952] loop4: detected capacity change from 0 to 512
[  257.317873][T12952] EXT4-fs: Ignoring removed nobh option
[  257.359208][ T6275] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  257.369250][ T6275] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  257.398998][ T6275] bond0 (unregistering): Released all slaves
[  257.681954][T12952] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #16: comm syz.4.3021: corrupted inode contents
[  257.694851][T12952] EXT4-fs (loop4): Remounting filesystem read-only
[  257.701820][T12952] EXT4-fs (loop4): 1 truncate cleaned up
[  257.711307][T12951] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.3022: corrupted inode contents
[  257.729859][ T3415] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  257.740487][ T3415] __quota_error: 163 callbacks suppressed
[  257.740499][ T3415] Quota error (device loop4): write_blk: dquota write failed
[  257.753688][ T3415] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries
[  257.755001][T12951] EXT4-fs (loop3): Remounting filesystem read-only
[  257.763789][ T3415] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  257.763818][ T3415] Quota error (device loop4): write_blk: dquota write failed
[  257.788564][ T3415] Quota error (device loop4): free_dqentry: Can't move quota data block (5) to free list
[  257.799985][T12952] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.812658][T12952] ext4 filesystem being mounted at /600/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.823313][ T3415] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  257.833474][ T3415] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  257.845392][T12951] EXT4-fs (loop3): 1 truncate cleaned up
[  257.851678][ T3415] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  257.871321][T12951] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.884080][ T3415] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  257.894804][ T3415] Quota error (device loop3): write_blk: dquota write failed
[  257.902239][ T3415] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[  257.912359][ T3415] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  257.923056][ T3415] Quota error (device loop3): write_blk: dquota write failed
[  257.930541][ T3415] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[  257.959372][ T6275] hsr_slave_0: left promiscuous mode
[  257.987797][ T6275] hsr_slave_1: left promiscuous mode
[  257.996471][T12951] ext4 filesystem being mounted at /566/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.997478][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.027319][ T3415] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  258.048658][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.169241][   T51] smc: removing ib device syz!
[  258.186875][T12982] loop4: detected capacity change from 0 to 1024
[  258.202278][T12985] loop3: detected capacity change from 0 to 1024
[  258.231547][T12985] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  258.256066][T12985] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  258.260489][T12982] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.296311][T12985] EXT4-fs error (device loop3): ext4_get_journal_inode:5798: inode #32: comm syz.3.3026: iget: special inode unallocated
[  258.312430][T12985] EXT4-fs (loop3): Remounting filesystem read-only
[  258.319040][T12985] EXT4-fs (loop3): no journal found
[  258.324347][T12985] EXT4-fs (loop3): can't get journal size
[  258.332037][ T3318] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /601/file2/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  258.355402][ T3318] EXT4-fs (loop4): Remounting filesystem read-only
[  258.382609][T12981] FAULT_INJECTION: forcing a failure.
[  258.382609][T12981] name failslab, interval 1, probability 0, space 0, times 0
[  258.395421][T12981] CPU: 0 UID: 0 PID: 12981 Comm: syz.2.3027 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  258.395451][T12981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  258.395490][T12981] Call Trace:
[  258.395499][T12981]  <TASK>
[  258.395508][T12981]  __dump_stack+0x1d/0x30
[  258.395537][T12981]  dump_stack_lvl+0xe8/0x140
[  258.395584][T12981]  dump_stack+0x15/0x1b
[  258.395603][T12981]  should_fail_ex+0x265/0x280
[  258.395631][T12981]  ? alloc_pipe_info+0xae/0x350
[  258.395702][T12981]  should_failslab+0x8c/0xb0
[  258.395743][T12981]  __kmalloc_cache_noprof+0x4c/0x320
[  258.395773][T12981]  alloc_pipe_info+0xae/0x350
[  258.395836][T12981]  splice_direct_to_actor+0x592/0x680
[  258.395871][T12981]  ? file_has_perm+0x324/0x370
[  258.395895][T12981]  ? __pfx_direct_splice_actor+0x10/0x10
[  258.395939][T12981]  do_splice_direct+0xda/0x150
[  258.395974][T12981]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  258.396048][T12981]  do_sendfile+0x380/0x650
[  258.396198][T12981]  __x64_sys_sendfile64+0x105/0x150
[  258.396226][T12981]  x64_sys_call+0xb39/0x2fb0
[  258.396255][T12981]  do_syscall_64+0xd0/0x1b0
[  258.396278][T12981]  ? clear_bhb_loop+0x40/0x90
[  258.396378][T12981]  ? clear_bhb_loop+0x40/0x90
[  258.396407][T12981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.396432][T12981] RIP: 0033:0x7f0a99a2e969
[  258.396447][T12981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.396465][T12981] RSP: 002b:00007f0a98097038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  258.396491][T12981] RAX: ffffffffffffffda RBX: 00007f0a99c55fa0 RCX: 00007f0a99a2e969
[  258.396508][T12981] RDX: 0000000000000000 RSI: 000000000000000d RDI: 000000000000000e
[  258.396524][T12981] RBP: 00007f0a98097090 R08: 0000000000000000 R09: 0000000000000000
[  258.396541][T12981] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  258.396557][T12981] R13: 0000000000000000 R14: 00007f0a99c55fa0 R15: 00007ffd58985748
[  258.396581][T12981]  </TASK>
[  258.601907][T12985] EXT4-fs (loop3): filesystem is read-only
[  258.609269][T12985] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  258.650211][ T3318] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.733607][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.936599][T12913] chnl_net:caif_netlink_parms(): no params data found
[  259.042467][T12913] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.049689][T12913] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.060825][T12913] bridge_slave_0: entered allmulticast mode
[  259.070179][T12913] bridge_slave_0: entered promiscuous mode
[  259.079894][T12913] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.087065][T12913] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.094488][T12913] bridge_slave_1: entered allmulticast mode
[  259.101172][T12913] bridge_slave_1: entered promiscuous mode
[  259.149010][T12913] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  259.159978][T12913] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  259.209773][T12913] team0: Port device team_slave_0 added
[  259.223114][T12913] team0: Port device team_slave_1 added
[  259.286479][T12913] batman_adv: batadv0: Adding interface: batadv_slave_0
[  259.293565][T12913] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.319639][T12913] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  259.336155][T12913] batman_adv: batadv0: Adding interface: batadv_slave_1
[  259.343152][T12913] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.369239][T12913] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  259.404876][T12913] hsr_slave_0: entered promiscuous mode
[  259.411219][T12913] hsr_slave_1: entered promiscuous mode
[  259.789517][T13079] loop4: detected capacity change from 0 to 764
[  259.806643][T12913] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  259.828431][T12913] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  259.837579][T12913] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  259.851983][T12913] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  259.874868][T13079] Symlink component flag not implemented
[  259.902857][T13079] Symlink component flag not implemented (7)
[  259.922076][T13080] netlink: 2036 bytes leftover after parsing attributes in process `syz.3.3045'.
[  259.931434][T13080] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3045'.
[  259.953659][T12913] 8021q: adding VLAN 0 to HW filter on device bond0
[  260.028908][T12913] 8021q: adding VLAN 0 to HW filter on device team0
[  260.078594][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.085802][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.106407][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.113600][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.166912][T13103] 9pnet_fd: Insufficient options for proto=fd
[  260.256171][T12913] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.452534][T12913] veth0_vlan: entered promiscuous mode
[  260.464031][T12913] veth1_vlan: entered promiscuous mode
[  260.484166][T12913] veth0_macvtap: entered promiscuous mode
[  260.493016][T12913] veth1_macvtap: entered promiscuous mode
[  260.505325][T12913] batman_adv: batadv0: Interface activated: batadv_slave_0
[  260.518761][T12913] batman_adv: batadv0: Interface activated: batadv_slave_1
[  260.530091][T12913] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  260.539254][T12913] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  260.548152][T12913] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  260.557011][T12913] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  260.712439][T13153] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3018'.
[  260.954858][T13139] loop2: detected capacity change from 0 to 4096
[  260.968842][T13139] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.138104][T13200] 9pnet_fd: Insufficient options for proto=fd
[  261.227198][T12419] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.267879][T13214] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10446 sclass=netlink_route_socket pid=13214 comm=syz.3.3068
[  261.351006][   T12] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.399162][   T12] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.449386][   T12] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.521668][   T12] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.583242][T13247] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3071'.
[  261.657693][   T12] gretap0: left allmulticast mode
[  261.662791][   T12] gretap0: left promiscuous mode
[  261.667904][   T12] bridge0: port 3(gretap0) entered disabled state
[  261.686302][   T12] bridge_slave_1: left allmulticast mode
[  261.692016][   T12] bridge_slave_1: left promiscuous mode
[  261.697830][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.709362][   T12] bridge_slave_0: left allmulticast mode
[  261.715070][   T12] bridge_slave_0: left promiscuous mode
[  261.720949][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.918901][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  261.930034][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  261.940457][   T12] bond0 (unregistering): Released all slaves
[  262.010182][   T12] hsr_slave_0: left promiscuous mode
[  262.022169][   T12] hsr_slave_1: left promiscuous mode
[  262.025495][T13280] infiniband syz!: set down
[  262.032168][T13280] infiniband syz!: added team_slave_0
[  262.037920][   T12] veth1_macvtap: left promiscuous mode
[  262.045834][T13280] RDS/IB: syz!: added
[  262.050141][T13280] smc: adding ib device syz! with port count 1
[  262.056810][T13280] smc:    ib device syz! port 1 has pnetid 
[  262.060648][   T12] veth0_macvtap: left promiscuous mode
[  262.070886][   T12] veth1_vlan: left promiscuous mode
[  262.076495][   T12] veth0_vlan: left promiscuous mode
[  262.297987][T13222] chnl_net:caif_netlink_parms(): no params data found
[  262.362011][T13327] loop3: detected capacity change from 0 to 512
[  262.387983][T13327] EXT4-fs (loop3): orphan cleanup on readonly fs
[  262.402932][T13327] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3091: bg 0: block 248: padding at end of block bitmap is not set
[  262.419189][T13327] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.3091: Failed to acquire dquot type 1
[  262.446185][T13327] EXT4-fs (loop3): 1 truncate cleaned up
[  262.449924][T13222] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.453221][T13327] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  262.459284][T13222] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.480375][T13327] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  262.481438][T13222] bridge_slave_0: entered allmulticast mode
[  262.496591][T13222] bridge_slave_0: entered promiscuous mode
[  262.503122][T13327] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  262.503639][T13222] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.518755][T13222] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.527556][T13222] bridge_slave_1: entered allmulticast mode
[  262.534363][T13222] bridge_slave_1: entered promiscuous mode
[  262.546953][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.565347][   T12] IPVS: stop unused estimator thread 0...
[  262.609000][T13335] loop3: detected capacity change from 0 to 512
[  262.618899][T13222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  262.638322][T13222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  262.650190][T13335] EXT4-fs: Ignoring removed orlov option
[  262.656927][T13335] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  262.682882][T13222] team0: Port device team_slave_0 added
[  262.690382][T13335] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3092: bg 0: block 248: padding at end of block bitmap is not set
[  262.697406][T13222] team0: Port device team_slave_1 added
[  262.712231][T13335] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.3092: Failed to acquire dquot type 1
[  262.733678][T13335] EXT4-fs (loop3): 1 truncate cleaned up
[  262.749329][T13335] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.762079][   T29] kauditd_printk_skb: 439 callbacks suppressed
[  262.762093][   T29] audit: type=1400 audit(1748356414.826:7945): avc:  denied  { mounton } for  pid=13343 comm="syz.1.3093" path="/36/file0" dev="tmpfs" ino=207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  262.791384][   T29] audit: type=1400 audit(1748356414.826:7946): avc:  denied  { mount } for  pid=13343 comm="syz.1.3093" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  262.813574][   T29] audit: type=1400 audit(1748356414.826:7947): avc:  denied  { write } for  pid=13343 comm="syz.1.3093" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  262.816372][T13335] ext4 filesystem being mounted at /584/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  262.834640][   T29] audit: type=1400 audit(1748356414.826:7948): avc:  denied  { write open } for  pid=13343 comm="syz.1.3093" path="/36/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  262.869918][T13222] batman_adv: batadv0: Adding interface: batadv_slave_0
[  262.871770][   T29] audit: type=1400 audit(1748356414.926:7949): avc:  denied  { unmount } for  pid=11975 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  262.876932][T13222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  262.923889][T13222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  262.943724][T13335] sch_tbf: burst 0 is lower than device lo mtu (76) !
[  262.971248][T13222] batman_adv: batadv0: Adding interface: batadv_slave_1
[  262.978304][T13222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  263.004320][T13222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  263.024789][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.057728][T13357] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3097'.
[  263.061194][   T29] audit: type=1326 audit(1748356415.126:7950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13351 comm="syz.1.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  263.090216][   T29] audit: type=1326 audit(1748356415.126:7951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13351 comm="syz.1.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  263.113811][   T29] audit: type=1326 audit(1748356415.126:7952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13351 comm="syz.1.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  263.137396][   T29] audit: type=1326 audit(1748356415.126:7953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13351 comm="syz.1.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  263.160934][   T29] audit: type=1326 audit(1748356415.126:7954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13351 comm="syz.1.3094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  263.191846][T13222] hsr_slave_0: entered promiscuous mode
[  263.198801][T13222] hsr_slave_1: entered promiscuous mode
[  263.204841][T13222] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  263.222655][T13222] Cannot create hsr debugfs directory
[  263.232122][T13366] loop3: detected capacity change from 0 to 128
[  263.318639][T13375] 9pnet_fd: Insufficient options for proto=fd
[  263.352100][T13366] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  263.385221][T13366] ext4 filesystem being mounted at /585/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  263.470456][T13392] 9pnet_fd: Insufficient options for proto=fd
[  263.585261][T13406] loop2: detected capacity change from 0 to 512
[  263.624011][T13406] EXT4-fs (loop2): orphan cleanup on readonly fs
[  263.638411][T13411] syz!: rxe_newlink: already configured on team_slave_0
[  263.656898][T13406] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3110: bg 0: block 248: padding at end of block bitmap is not set
[  263.685759][ T3317] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  263.700802][T13406] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.3110: Failed to acquire dquot type 1
[  263.719024][T13222] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  263.729850][T13222] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  263.738349][T13414] 9pnet_fd: Insufficient options for proto=fd
[  263.762776][T13406] EXT4-fs (loop2): 1 truncate cleaned up
[  263.768655][T13222] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  263.779496][T13222] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  263.790494][T13406] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  263.905713][T13222] 8021q: adding VLAN 0 to HW filter on device bond0
[  263.974941][T13435] tipc: Started in network mode
[  263.980033][T13435] tipc: Node identity ac14140f, cluster identity 4711
[  264.030294][T13450] loop3: detected capacity change from 0 to 764
[  264.036842][T13435] tipc: New replicast peer: 255.255.255.255
[  264.043082][T13435] tipc: Enabled bearer <udp:syz2>, priority 10
[  264.059412][T13222] 8021q: adding VLAN 0 to HW filter on device team0
[  264.095096][  T998] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.102284][  T998] bridge0: port 1(bridge_slave_0) entered forwarding state
[  264.111919][T13450] Symlink component flag not implemented
[  264.125605][T13450] Symlink component flag not implemented (7)
[  264.157552][T13222] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  264.168003][T13222] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  264.180237][T12419] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.185099][  T998] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.196414][  T998] bridge0: port 2(bridge_slave_1) entered forwarding state
[  264.340699][T13222] 8021q: adding VLAN 0 to HW filter on device batadv0
[  264.370237][T13493] 9pnet_fd: Insufficient options for proto=fd
[  264.504234][T13520] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3135'.
[  264.637614][T13531] loop3: detected capacity change from 0 to 764
[  264.677305][T13538] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3142'.
[  264.706161][T13531] Symlink component flag not implemented
[  264.716237][T13222] veth0_vlan: entered promiscuous mode
[  264.732492][T13531] Symlink component flag not implemented (7)
[  264.736754][T13222] veth1_vlan: entered promiscuous mode
[  264.807032][T13222] veth0_macvtap: entered promiscuous mode
[  264.814627][T13222] veth1_macvtap: entered promiscuous mode
[  264.827894][T13222] batman_adv: batadv0: Interface activated: batadv_slave_0
[  264.892045][T13222] batman_adv: batadv0: Interface activated: batadv_slave_1
[  264.904971][T13222] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  264.913892][T13222] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  264.922771][T13222] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  264.931597][T13222] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  265.026895][T13564] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.077462][T13564] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.147518][T13564] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.156195][   T36] tipc: Node number set to 2886997007
[  265.222357][T13564] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.316888][T13564] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  265.353405][T13564] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  265.392482][T13564] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  265.480099][T13564] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  265.522984][T13589] loop4: detected capacity change from 0 to 2048
[  265.559061][T13589] EXT4-fs: Ignoring removed i_version option
[  265.582376][T13589] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.605413][T13599] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3162'.
[  265.655494][T13589] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.765277][T13589] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3159: bg 0: block 345: padding at end of block bitmap is not set
[  265.792276][T13589] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[  265.804830][T13589] EXT4-fs (loop4): This should not happen!! Data will be lost
[  265.804830][T13589] 
[  265.941923][T13222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.012008][T13611] 9pnet_fd: Insufficient options for proto=fd
[  266.504021][T13627] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.570045][T13629] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  266.629172][T13631] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.645126][T13629] SELinux: failed to load policy
[  266.676569][T13627] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.747985][T13631] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.811628][T13627] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.836981][T13633] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3174'.
[  266.846097][T13633] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  266.853590][T13633] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.861371][T13633] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  266.868847][T13633] batman_adv: batadv0: Removing interface: batadv_slave_1
[  266.904739][T13631] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.919688][T13636] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3175'.
[  266.960281][T13631] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.982799][T13627] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.062862][T13627] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.081933][T13627] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.096780][T13631] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.110250][T13627] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.125507][T13631] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.155683][T13627] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.164449][T13646] netlink: 'syz.0.3180': attribute type 4 has an invalid length.
[  267.172353][T13646] netlink: 17 bytes leftover after parsing attributes in process `syz.0.3180'.
[  267.187379][T13631] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.201648][T13631] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.210403][T13647] netlink: 'syz.1.3177': attribute type 10 has an invalid length.
[  267.272619][T13651] FAULT_INJECTION: forcing a failure.
[  267.272619][T13651] name failslab, interval 1, probability 0, space 0, times 0
[  267.285362][T13651] CPU: 1 UID: 0 PID: 13651 Comm: syz.4.3179 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  267.285420][T13651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  267.285437][T13651] Call Trace:
[  267.285445][T13651]  <TASK>
[  267.285455][T13651]  __dump_stack+0x1d/0x30
[  267.285482][T13651]  dump_stack_lvl+0xe8/0x140
[  267.285509][T13651]  dump_stack+0x15/0x1b
[  267.285528][T13651]  should_fail_ex+0x265/0x280
[  267.285566][T13651]  should_failslab+0x8c/0xb0
[  267.285603][T13651]  kmem_cache_alloc_noprof+0x50/0x310
[  267.285667][T13651]  ? getname_flags+0x80/0x3b0
[  267.285691][T13651]  getname_flags+0x80/0x3b0
[  267.285714][T13651]  getname_uflags+0x21/0x30
[  267.285770][T13651]  __x64_sys_execveat+0x5d/0x90
[  267.285805][T13651]  x64_sys_call+0x2dae/0x2fb0
[  267.285882][T13651]  do_syscall_64+0xd0/0x1b0
[  267.285909][T13651]  ? clear_bhb_loop+0x40/0x90
[  267.285987][T13651]  ? clear_bhb_loop+0x40/0x90
[  267.286012][T13651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.286049][T13651] RIP: 0033:0x7f683322e969
[  267.286065][T13651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.286130][T13651] RSP: 002b:00007f6831897038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  267.286150][T13651] RAX: ffffffffffffffda RBX: 00007f6833455fa0 RCX: 00007f683322e969
[  267.286165][T13651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  267.286178][T13651] RBP: 00007f6831897090 R08: 0000000000001000 R09: 0000000000000000
[  267.286265][T13651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.286278][T13651] R13: 0000000000000000 R14: 00007f6833455fa0 R15: 00007ffcf1ce3848
[  267.286299][T13651]  </TASK>
[  267.476327][T13657] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  267.500964][T13657] SELinux: failed to load policy
[  267.561556][T13665] loop4: detected capacity change from 0 to 764
[  267.632247][T13670] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.648116][T13665] Symlink component flag not implemented
[  267.653839][T13665] Symlink component flag not implemented (7)
[  267.709294][T13670] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.721690][T13682] netlink: 244 bytes leftover after parsing attributes in process `syz.4.3193'.
[  267.789573][T13670] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.880185][T13670] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.945545][T13697] SELinux: failed to load policy
[  267.993229][T13670] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  268.026911][T13670] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  268.054664][T13670] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  268.079669][   T31] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.094982][T13670] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  268.170104][   T31] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.217989][   T29] kauditd_printk_skb: 144 callbacks suppressed
[  268.218048][   T29] audit: type=1400 audit(1748356420.296:8097): avc:  denied  { bind } for  pid=13707 comm="syz.4.3200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  268.267563][   T31] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.301552][T13672] chnl_net:caif_netlink_parms(): no params data found
[  268.301681][T13715] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3203'.
[  268.351836][   T31] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.448316][T13672] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.455433][T13672] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.497571][T13672] bridge_slave_0: entered allmulticast mode
[  268.517893][T13672] bridge_slave_0: entered promiscuous mode
[  268.538269][T13672] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.545499][T13672] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.555026][T13672] bridge_slave_1: entered allmulticast mode
[  268.562314][   T29] audit: type=1400 audit(1748356420.636:8098): avc:  denied  { write } for  pid=13736 comm="syz.2.3212" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  268.563645][T13672] bridge_slave_1: entered promiscuous mode
[  268.594321][   T29] audit: type=1400 audit(1748356420.656:8099): avc:  denied  { read } for  pid=13736 comm="syz.2.3212" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  268.647580][T13672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.711325][   T31] bond2 (unregistering): (slave geneve2): Releasing active interface
[  268.738097][   T31] geneve2 (unregistering): left promiscuous mode
[  268.789619][   T31] bond0 (unregistering): Released all slaves
[  268.799019][   T31] bond1 (unregistering): Released all slaves
[  268.818664][   T31] bond2 (unregistering): Released all slaves
[  268.831648][T13672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.849695][   T29] audit: type=1400 audit(1748356420.926:8100): avc:  denied  { write } for  pid=13758 comm="syz.1.3216" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  268.912538][T13672] team0: Port device team_slave_0 added
[  268.919901][T13672] team0: Port device team_slave_1 added
[  268.978040][T13672] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.985030][T13672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.011212][T13672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.059456][   T31] hsr_slave_0: left promiscuous mode
[  269.066981][   T31] hsr_slave_1: left promiscuous mode
[  269.106912][T13779] FAULT_INJECTION: forcing a failure.
[  269.106912][T13779] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.120027][T13779] CPU: 0 UID: 0 PID: 13779 Comm: syz.1.3222 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  269.120100][T13779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  269.120113][T13779] Call Trace:
[  269.120120][T13779]  <TASK>
[  269.120128][T13779]  __dump_stack+0x1d/0x30
[  269.120225][T13779]  dump_stack_lvl+0xe8/0x140
[  269.120248][T13779]  dump_stack+0x15/0x1b
[  269.120265][T13779]  should_fail_ex+0x265/0x280
[  269.120297][T13779]  should_fail+0xb/0x20
[  269.120376][T13779]  should_fail_usercopy+0x1a/0x20
[  269.120405][T13779]  _copy_to_user+0x20/0xa0
[  269.120462][T13779]  simple_read_from_buffer+0xb5/0x130
[  269.120510][T13779]  proc_fail_nth_read+0x100/0x140
[  269.120552][T13779]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  269.120601][T13779]  vfs_read+0x1a0/0x6f0
[  269.120714][T13779]  ? __rcu_read_unlock+0x4f/0x70
[  269.120742][T13779]  ? __fget_files+0x184/0x1c0
[  269.120792][T13779]  ? kmem_cache_free+0xdf/0x300
[  269.120819][T13779]  ksys_read+0xda/0x1a0
[  269.120852][T13779]  __x64_sys_read+0x40/0x50
[  269.120887][T13779]  x64_sys_call+0x2d77/0x2fb0
[  269.120959][T13779]  do_syscall_64+0xd0/0x1b0
[  269.120983][T13779]  ? clear_bhb_loop+0x40/0x90
[  269.121079][T13779]  ? clear_bhb_loop+0x40/0x90
[  269.121103][T13779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.121129][T13779] RIP: 0033:0x7f9fbb6fd37c
[  269.121149][T13779] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  269.121272][T13779] RSP: 002b:00007f9fb9d67030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  269.121298][T13779] RAX: ffffffffffffffda RBX: 00007f9fbb925fa0 RCX: 00007f9fbb6fd37c
[  269.121315][T13779] RDX: 000000000000000f RSI: 00007f9fb9d670a0 RDI: 0000000000000005
[  269.121328][T13779] RBP: 00007f9fb9d67090 R08: 0000000000000000 R09: 0000000000000000
[  269.121341][T13779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.121357][T13779] R13: 0000000000000000 R14: 00007f9fbb925fa0 R15: 00007ffd9e060b58
[  269.121383][T13779]  </TASK>
[  269.376201][T13772] vlan2: entered allmulticast mode
[  269.381414][T13772] dummy0: entered allmulticast mode
[  269.388866][T13672] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.395854][T13672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.421995][T13672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.465468][T13787] loop4: detected capacity change from 0 to 128
[  269.508192][T13672] hsr_slave_0: entered promiscuous mode
[  269.518745][T13672] hsr_slave_1: entered promiscuous mode
[  269.531218][T13672] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  269.540526][T13672] Cannot create hsr debugfs directory
[  269.600486][T13787] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  269.676953][T13787] ext4 filesystem being mounted at /16/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  269.805637][   T29] audit: type=1400 audit(1748356421.876:8101): avc:  denied  { tracepoint } for  pid=13818 comm="syz.2.3233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  269.808508][T13819] FAULT_INJECTION: forcing a failure.
[  269.808508][T13819] name failslab, interval 1, probability 0, space 0, times 0
[  269.838492][T13819] CPU: 1 UID: 0 PID: 13819 Comm: syz.2.3233 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  269.838525][T13819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  269.838541][T13819] Call Trace:
[  269.838548][T13819]  <TASK>
[  269.838558][T13819]  __dump_stack+0x1d/0x30
[  269.838644][T13819]  dump_stack_lvl+0xe8/0x140
[  269.838665][T13819]  dump_stack+0x15/0x1b
[  269.838686][T13819]  should_fail_ex+0x265/0x280
[  269.838721][T13819]  should_failslab+0x8c/0xb0
[  269.838813][T13819]  kmem_cache_alloc_noprof+0x50/0x310
[  269.838841][T13819]  ? skb_clone+0x151/0x1f0
[  269.838867][T13819]  skb_clone+0x151/0x1f0
[  269.838898][T13819]  __netlink_deliver_tap+0x2c9/0x500
[  269.838947][T13819]  netlink_unicast+0x64c/0x670
[  269.838979][T13819]  netlink_sendmsg+0x58b/0x6b0
[  269.838999][T13819]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.839098][T13819]  __sock_sendmsg+0x145/0x180
[  269.839133][T13819]  ____sys_sendmsg+0x31e/0x4e0
[  269.839163][T13819]  ___sys_sendmsg+0x17b/0x1d0
[  269.839202][T13819]  __x64_sys_sendmsg+0xd4/0x160
[  269.839232][T13819]  x64_sys_call+0x2999/0x2fb0
[  269.839280][T13819]  do_syscall_64+0xd0/0x1b0
[  269.839311][T13819]  ? clear_bhb_loop+0x40/0x90
[  269.839340][T13819]  ? clear_bhb_loop+0x40/0x90
[  269.839370][T13819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.839398][T13819] RIP: 0033:0x7f0a99a2e969
[  269.839492][T13819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.839517][T13819] RSP: 002b:00007f0a98097038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.839543][T13819] RAX: ffffffffffffffda RBX: 00007f0a99c55fa0 RCX: 00007f0a99a2e969
[  269.839557][T13819] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  269.839569][T13819] RBP: 00007f0a98097090 R08: 0000000000000000 R09: 0000000000000000
[  269.839662][T13819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.839679][T13819] R13: 0000000000000000 R14: 00007f0a99c55fa0 R15: 00007ffd58985748
[  269.839723][T13819]  </TASK>
[  269.891153][   T29] audit: type=1400 audit(1748356421.916:8102): avc:  denied  { map } for  pid=13814 comm="syz.0.3232" path="socket:[44365]" dev="sockfs" ino=44365 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  270.074513][   T29] audit: type=1400 audit(1748356421.916:8103): avc:  denied  { read write } for  pid=13814 comm="syz.0.3232" path="socket:[44365]" dev="sockfs" ino=44365 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  270.098776][   T29] audit: type=1400 audit(1748356421.916:8104): avc:  denied  { ioctl } for  pid=13786 comm="syz.4.3225" path="/16/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop4" ino=12 ioctlcmd=0x660b scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  270.185035][T13826] FAULT_INJECTION: forcing a failure.
[  270.185035][T13826] name failslab, interval 1, probability 0, space 0, times 0
[  270.197958][T13826] CPU: 0 UID: 0 PID: 13826 Comm: syz.0.3234 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  270.197992][T13826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  270.198019][T13826] Call Trace:
[  270.198025][T13826]  <TASK>
[  270.198032][T13826]  __dump_stack+0x1d/0x30
[  270.198104][T13826]  dump_stack_lvl+0xe8/0x140
[  270.198126][T13826]  dump_stack+0x15/0x1b
[  270.198145][T13826]  should_fail_ex+0x265/0x280
[  270.198282][T13826]  should_failslab+0x8c/0xb0
[  270.198317][T13826]  __kvmalloc_node_noprof+0x126/0x4f0
[  270.198442][T13826]  ? simple_xattr_set+0x6e/0x2b0
[  270.198462][T13826]  ? avc_has_perm_noaudit+0x1b1/0x200
[  270.198489][T13826]  simple_xattr_set+0x6e/0x2b0
[  270.198588][T13826]  ? strlen+0x19/0x40
[  270.198623][T13826]  shmem_xattr_handler_set+0x12b/0x220
[  270.198660][T13826]  ? __pfx_shmem_xattr_handler_set+0x10/0x10
[  270.198772][T13826]  __vfs_setxattr+0x2e3/0x310
[  270.198864][T13826]  __vfs_setxattr_noperm+0xe8/0x410
[  270.199025][T13826]  __vfs_setxattr_locked+0x1af/0x1d0
[  270.199059][T13826]  vfs_setxattr+0x132/0x270
[  270.199092][T13826]  file_setxattr+0x139/0x1b0
[  270.199124][T13826]  path_setxattrat+0x290/0x310
[  270.199162][T13826]  __x64_sys_fsetxattr+0x6b/0x80
[  270.199262][T13826]  x64_sys_call+0x2f7c/0x2fb0
[  270.199287][T13826]  do_syscall_64+0xd0/0x1b0
[  270.199311][T13826]  ? clear_bhb_loop+0x40/0x90
[  270.199399][T13826]  ? clear_bhb_loop+0x40/0x90
[  270.199422][T13826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.199523][T13826] RIP: 0033:0x7f3b788be969
[  270.199539][T13826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.199579][T13826] RSP: 002b:00007f3b76f27038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  270.199600][T13826] RAX: ffffffffffffffda RBX: 00007f3b78ae5fa0 RCX: 00007f3b788be969
[  270.199659][T13826] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  270.199672][T13826] RBP: 00007f3b76f27090 R08: 0000000000000000 R09: 0000000000000000
[  270.199685][T13826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.199698][T13826] R13: 0000000000000000 R14: 00007f3b78ae5fa0 R15: 00007ffe68f19c38
[  270.199718][T13826]  </TASK>
[  270.449728][T13222] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  270.465059][   T29] audit: type=1326 audit(1748356422.536:8105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13830 comm="syz.0.3236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b788be969 code=0x7ffc0000
[  270.488734][   T29] audit: type=1326 audit(1748356422.536:8106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13830 comm="syz.0.3236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b788be969 code=0x7ffc0000
[  270.617258][T13672] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  270.638531][T13672] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  270.660719][T13672] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  270.761057][T13672] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  270.859096][T13672] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.883334][T13672] 8021q: adding VLAN 0 to HW filter on device team0
[  270.947081][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.954233][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.981375][T13672] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  270.991878][T13672] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  271.007104][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.014209][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  271.125651][T13672] 8021q: adding VLAN 0 to HW filter on device batadv0
[  271.311436][T13672] veth0_vlan: entered promiscuous mode
[  271.321279][T13672] veth1_vlan: entered promiscuous mode
[  271.342892][T13879] SELinux:  Context system_u:object_r:dhcpd_exec_t:s0 is not valid (left unmapped).
[  271.349347][T13672] veth0_macvtap: entered promiscuous mode
[  271.362308][T13672] veth1_macvtap: entered promiscuous mode
[  271.393707][T13672] batman_adv: batadv0: Interface activated: batadv_slave_0
[  271.434903][T13672] batman_adv: batadv0: Interface activated: batadv_slave_1
[  271.450313][T13672] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  271.459297][T13672] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  271.468156][T13672] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  271.477125][T13672] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  271.660165][T13914] FAULT_INJECTION: forcing a failure.
[  271.660165][T13914] name failslab, interval 1, probability 0, space 0, times 0
[  271.673082][T13914] CPU: 1 UID: 0 PID: 13914 Comm: syz.2.3253 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  271.673119][T13914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  271.673162][T13914] Call Trace:
[  271.673171][T13914]  <TASK>
[  271.673180][T13914]  __dump_stack+0x1d/0x30
[  271.673204][T13914]  dump_stack_lvl+0xe8/0x140
[  271.673229][T13914]  dump_stack+0x15/0x1b
[  271.673250][T13914]  should_fail_ex+0x265/0x280
[  271.673358][T13914]  ? rtnl_newlink+0x5c/0x12d0
[  271.673382][T13914]  should_failslab+0x8c/0xb0
[  271.673427][T13914]  __kmalloc_cache_noprof+0x4c/0x320
[  271.673453][T13914]  rtnl_newlink+0x5c/0x12d0
[  271.673487][T13914]  ? rb_insert_color+0x264/0x2b0
[  271.673553][T13914]  ? x86_call_depth_emit_accounting+0x128/0x2e0
[  271.673637][T13914]  ? __list_add_valid_or_report+0x38/0xe0
[  271.673673][T13914]  ? xas_load+0x413/0x430
[  271.673693][T13914]  ? xas_load+0x413/0x430
[  271.673802][T13914]  ? __memcg_slab_free_hook+0x11e/0x240
[  271.673839][T13914]  ? __kfree_skb+0x109/0x150
[  271.673875][T13914]  ? __rcu_read_unlock+0x4f/0x70
[  271.673899][T13914]  ? avc_has_perm_noaudit+0x1b1/0x200
[  271.674066][T13914]  ? selinux_capable+0x1f9/0x270
[  271.674101][T13914]  ? security_capable+0x83/0x90
[  271.674129][T13914]  ? ns_capable+0x7d/0xb0
[  271.674153][T13914]  ? __pfx_rtnl_newlink+0x10/0x10
[  271.674236][T13914]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  271.674273][T13914]  netlink_rcv_skb+0x120/0x220
[  271.674369][T13914]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  271.674417][T13914]  rtnetlink_rcv+0x1c/0x30
[  271.674445][T13914]  netlink_unicast+0x59e/0x670
[  271.674486][T13914]  netlink_sendmsg+0x58b/0x6b0
[  271.674565][T13914]  ? __pfx_netlink_sendmsg+0x10/0x10
[  271.674608][T13914]  __sock_sendmsg+0x145/0x180
[  271.674642][T13914]  ____sys_sendmsg+0x31e/0x4e0
[  271.674671][T13914]  ___sys_sendmsg+0x17b/0x1d0
[  271.674704][T13914]  __x64_sys_sendmsg+0xd4/0x160
[  271.674768][T13914]  x64_sys_call+0x2999/0x2fb0
[  271.674798][T13914]  do_syscall_64+0xd0/0x1b0
[  271.674826][T13914]  ? clear_bhb_loop+0x40/0x90
[  271.674854][T13914]  ? clear_bhb_loop+0x40/0x90
[  271.674882][T13914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.674993][T13914] RIP: 0033:0x7f0a99a2e969
[  271.675014][T13914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.675085][T13914] RSP: 002b:00007f0a98097038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  271.675111][T13914] RAX: ffffffffffffffda RBX: 00007f0a99c55fa0 RCX: 00007f0a99a2e969
[  271.675127][T13914] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000006
[  271.675139][T13914] RBP: 00007f0a98097090 R08: 0000000000000000 R09: 0000000000000000
[  271.675152][T13914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.675164][T13914] R13: 0000000000000000 R14: 00007f0a99c55fa0 R15: 00007ffd58985748
[  271.675196][T13914]  </TASK>
[  272.329373][T13948] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.428801][T13948] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.559080][T13948] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.643821][T13947] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3258'.
[  272.687483][T13948] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.801729][T13963] loop3: detected capacity change from 0 to 128
[  272.863587][T13963] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  272.891515][T13963] ext4 filesystem being mounted at /2/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  273.091364][T13990] FAULT_INJECTION: forcing a failure.
[  273.091364][T13990] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  273.104844][T13990] CPU: 0 UID: 0 PID: 13990 Comm: syz.2.3266 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  273.104883][T13990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  273.104963][T13990] Call Trace:
[  273.104972][T13990]  <TASK>
[  273.104982][T13990]  __dump_stack+0x1d/0x30
[  273.105011][T13990]  dump_stack_lvl+0xe8/0x140
[  273.105039][T13990]  dump_stack+0x15/0x1b
[  273.105088][T13990]  should_fail_ex+0x265/0x280
[  273.105126][T13990]  should_fail_alloc_page+0xf2/0x100
[  273.105246][T13990]  __alloc_frozen_pages_noprof+0xff/0x360
[  273.105285][T13990]  alloc_pages_mpol+0xb3/0x250
[  273.105329][T13990]  vma_alloc_folio_noprof+0x1aa/0x300
[  273.105377][T13990]  handle_mm_fault+0xe9f/0x2c00
[  273.105441][T13990]  ? __rcu_read_lock+0x37/0x50
[  273.105482][T13990]  __get_user_pages+0x102c/0x2050
[  273.105553][T13990]  __gup_longterm_locked+0x9c9/0x1010
[  273.105604][T13990]  ? selinux_ptrace_access_check+0x102/0x110
[  273.105663][T13990]  ? security_ptrace_access_check+0x69/0x80
[  273.105694][T13990]  ? __ptrace_may_access+0x2c3/0x340
[  273.105727][T13990]  pin_user_pages_remote+0x7e/0xb0
[  273.105756][T13990]  process_vm_rw+0x484/0x950
[  273.105883][T13990]  __x64_sys_process_vm_writev+0x78/0x90
[  273.105997][T13990]  x64_sys_call+0xe80/0x2fb0
[  273.106028][T13990]  do_syscall_64+0xd0/0x1b0
[  273.106103][T13990]  ? clear_bhb_loop+0x40/0x90
[  273.106132][T13990]  ? clear_bhb_loop+0x40/0x90
[  273.106280][T13990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.106323][T13990] RIP: 0033:0x7f0a99a2e969
[  273.106344][T13990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.106369][T13990] RSP: 002b:00007f0a98097038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  273.106392][T13990] RAX: ffffffffffffffda RBX: 00007f0a99c55fa0 RCX: 00007f0a99a2e969
[  273.106408][T13990] RDX: 0000000000000001 RSI: 0000200000001c80 RDI: 00000000000000d6
[  273.106425][T13990] RBP: 00007f0a98097090 R08: 0000000000000001 R09: 0000000000000000
[  273.106442][T13990] R10: 0000200000001d80 R11: 0000000000000246 R12: 0000000000000001
[  273.106458][T13990] R13: 0000000000000000 R14: 00007f0a99c55fa0 R15: 00007ffd58985748
[  273.106523][T13990]  </TASK>
[  273.346594][T13988] syz!: rxe_newlink: already configured on team_slave_0
[  273.421181][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  273.421198][   T29] audit: type=1326 audit(1748356425.496:8143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  273.450953][   T29] audit: type=1326 audit(1748356425.496:8144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  273.475213][   T29] audit: type=1326 audit(1748356425.526:8145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  273.498871][   T29] audit: type=1326 audit(1748356425.526:8146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  273.522503][   T29] audit: type=1326 audit(1748356425.526:8147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  273.546415][   T29] audit: type=1326 audit(1748356425.526:8148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  273.570510][   T29] audit: type=1326 audit(1748356425.556:8149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  273.594095][   T29] audit: type=1326 audit(1748356425.556:8150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  273.618776][   T29] audit: type=1326 audit(1748356425.626:8151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  273.620821][T13672] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  273.642279][   T29] audit: type=1326 audit(1748356425.676:8152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fbb6fe969 code=0x7ffc0000
[  273.940883][T14026] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  274.027528][T14026] Cannot find add_set index 0 as target
[  274.064105][T14029] bridge0: entered promiscuous mode
[  274.069858][T14029] macvlan2: entered promiscuous mode
[  274.080635][T14029] bridge0: port 3(macvlan2) entered blocking state
[  274.087503][T14029] bridge0: port 3(macvlan2) entered disabled state
[  274.108682][T14029] macvlan2: entered allmulticast mode
[  274.114175][T14029] bridge0: entered allmulticast mode
[  274.216718][T14029] macvlan2: left allmulticast mode
[  274.221910][T14029] bridge0: left allmulticast mode
[  274.227619][T14029] bridge0: left promiscuous mode
[  274.299831][T13948] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.342337][T13948] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.362710][T14038] loop4: detected capacity change from 0 to 128
[  274.369595][T13948] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.376847][T13948] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.420265][T14038] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  274.445088][T14038] ext4 filesystem being mounted at /30/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  274.685349][T13222] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  274.792707][T14060] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.849182][T14060] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.908741][T14060] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.950388][T14060] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.993142][T14060] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  275.005092][T14060] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  275.016797][T14060] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  275.028689][T14060] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  275.207915][T14071] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.279482][T14071] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.357725][T14071] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.476984][T14071] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.598434][T14080] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3297'.
[  276.077400][T14097] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.183565][T14104] 9pnet_fd: Insufficient options for proto=fd
[  276.401695][T14097] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.490290][T14097] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.539417][T14097] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.593058][T14097] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  276.605725][T14097] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  276.618143][T14097] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  276.630629][T14097] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  276.779121][T14122] loop4: detected capacity change from 0 to 1024
[  276.786482][T14122] EXT4-fs: Ignoring removed bh option
[  276.791926][T14122] EXT4-fs: Ignoring removed nomblk_io_submit option
[  276.809410][T14122] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  277.066713][T14122] ==================================================================
[  277.074877][T14122] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  277.083158][T14122] 
[  277.085496][T14122] write to 0xffff888106ecd378 of 4 bytes by task 14125 on cpu 1:
[  277.093328][T14122]  writeback_single_inode+0x14a/0x3e0
[  277.098733][T14122]  sync_inode_metadata+0x5b/0x90
[  277.103686][T14122]  generic_buffers_fsync_noflush+0xd9/0x120
[  277.109606][T14122]  ext4_sync_file+0x1ab/0x690
[  277.114293][T14122]  vfs_fsync_range+0x10a/0x130
[  277.119083][T14122]  ext4_buffered_write_iter+0x34f/0x3c0
[  277.124661][T14122]  ext4_file_write_iter+0x383/0xf00
[  277.129886][T14122]  iter_file_splice_write+0x5ef/0x970
[  277.135276][T14122]  direct_splice_actor+0x156/0x2a0
[  277.140404][T14122]  splice_direct_to_actor+0x312/0x680
[  277.145793][T14122]  do_splice_direct+0xda/0x150
[  277.150572][T14122]  do_sendfile+0x380/0x650
[  277.155003][T14122]  __x64_sys_sendfile64+0x105/0x150
[  277.160209][T14122]  x64_sys_call+0xb39/0x2fb0
[  277.164850][T14122]  do_syscall_64+0xd0/0x1b0
[  277.169393][T14122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.175296][T14122] 
[  277.177625][T14122] read to 0xffff888106ecd378 of 4 bytes by task 14122 on cpu 0:
[  277.185261][T14122]  __mark_inode_dirty+0x18e/0x760
[  277.190312][T14122]  ext4_write_inline_data_end+0x3e5/0x5f0
[  277.196049][T14122]  ext4_write_end+0x4cd/0x730
[  277.200739][T14122]  generic_perform_write+0x30f/0x490
[  277.206057][T14122]  ext4_buffered_write_iter+0x1ee/0x3c0
[  277.211636][T14122]  ext4_file_write_iter+0x383/0xf00
[  277.216862][T14122]  iter_file_splice_write+0x5ef/0x970
[  277.222250][T14122]  direct_splice_actor+0x156/0x2a0
[  277.227382][T14122]  splice_direct_to_actor+0x312/0x680
[  277.232770][T14122]  do_splice_direct+0xda/0x150
[  277.237558][T14122]  do_sendfile+0x380/0x650
[  277.241986][T14122]  __x64_sys_sendfile64+0x105/0x150
[  277.247195][T14122]  x64_sys_call+0xb39/0x2fb0
[  277.251804][T14122]  do_syscall_64+0xd0/0x1b0
[  277.256321][T14122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.262226][T14122] 
[  277.264578][T14122] value changed: 0x00000008 -> 0x00000002
[  277.270300][T14122] 
[  277.272629][T14122] Reported by Kernel Concurrency Sanitizer on:
[  277.278880][T14122] CPU: 0 UID: 0 PID: 14122 Comm: syz.4.3310 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(voluntary) 
[  277.291046][T14122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  277.301111][T14122] ==================================================================
[  277.349285][T13222] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.631451][T14071] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  278.642839][T14071] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  278.654146][T14071] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  278.665065][T14071] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0