last executing test programs:

4.991930694s ago: executing program 3 (id=3224):
socket$nl_netfilter(0x10, 0x3, 0xc)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)=0x32e4000, 0x12)
connect$caif(0xffffffffffffffff, &(0x7f0000000380)=@dbg={0x25, 0x3, 0xf4}, 0x18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071123f000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="02001f2a2688d769f600"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x34)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

4.912875005s ago: executing program 3 (id=3226):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001540)=@newtaction={0x88c, 0x30, 0x12f, 0x4000, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x7c3, 0x2, 0x3, 0xffffff81, 0x10, 0xc, 0x2, 0x3, 0x40, 0x200, 0x8, 0x9, 0x0, 0x5, 0x0, 0x8, 0xa, 0x6, 0x200, 0x1, 0x3, 0xcc37, 0x5, 0xb5, 0x649f, 0x4, 0x0, 0x6, 0xfb1, 0x72a4, 0xd, 0x7fff, 0x5, 0x3, 0x0, 0x3, 0x7, 0xc3a0, 0x4, 0xc, 0x0, 0xaf, 0x1, 0x6, 0x5, 0x6, 0x5, 0x80, 0xe, 0x2, 0x7, 0x6, 0x7, 0x1991, 0x8, 0xfffffe29, 0x5, 0x3, 0x101, 0xfff, 0x4, 0x5, 0x8000, 0x4, 0x7, 0x3, 0x0, 0xfffffff3, 0x1, 0x9, 0x80020003, 0x2, 0x3, 0x5, 0x101, 0x1, 0xfffffffc, 0x6, 0x7fffffff, 0x200, 0x1, 0x7309, 0x6, 0x3, 0x100, 0x2, 0x7, 0x6d0, 0x226, 0x7ff, 0x0, 0x6, 0x7, 0xfffff001, 0x6, 0x7ed8, 0x203, 0xffff, 0x0, 0x0, 0x249, 0x5, 0x2fbf, 0x2, 0x8000, 0x7, 0x25fe9fd5, 0x1, 0x9, 0x1, 0xe, 0x9, 0x0, 0x10000003, 0x4e, 0xa158, 0x8, 0x1, 0x119203c5, 0xd0, 0x7, 0x80000001, 0x3226, 0x8, 0x3, 0x4, 0xc64f, 0xffffff6e, 0x5, 0x6, 0x6, 0xfffffff7, 0x6, 0x7, 0x1, 0xc, 0x6, 0x7, 0x200, 0x60459141, 0x1, 0x5, 0x6, 0x84, 0x0, 0x1, 0x5, 0x2, 0x29dc, 0x0, 0x2d5, 0x7, 0xfffffffa, 0x1000, 0x6, 0x94, 0x15a, 0x4, 0x6, 0x2, 0x4002, 0x2, 0x4, 0xfff, 0x5, 0x1, 0x3, 0x4003, 0x80, 0x7a5b054a, 0x8, 0xffffff80, 0x1, 0xfff, 0x3, 0xb, 0x8, 0x3, 0x4, 0x2, 0x6, 0xf, 0x2, 0x7, 0x1, 0x77, 0x20009, 0x274d, 0x6, 0x40, 0xfffffffe, 0xb, 0x7, 0x1, 0x9ab, 0x7, 0xffffffc0, 0x200, 0x2000007, 0x3c, 0x2c7, 0x7, 0x8, 0x4, 0x0, 0x99f, 0x5, 0x7ff, 0x0, 0x6, 0x4, 0x4, 0xb, 0x7ff, 0x1e, 0x3, 0xe49, 0x56, 0x9, 0x1, 0x6, 0x2, 0x6a1c, 0x9, 0x8, 0x4dbda2da, 0x7fff, 0x5, 0x5, 0x0, 0x7, 0x8, 0x7fff, 0xed, 0x7fff, 0x1000, 0xcbe, 0x7ff, 0x6, 0x8, 0xb, 0xff, 0x5, 0x1, 0x377a0eb2, 0x9, 0x5, 0x8, 0x5, 0x4, 0xfffffffd, 0x2, 0xeffe, 0xe74, 0x8]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x3a40da20, 0x9, 0x7, 0x4, 0x8000, 0x7fffffff, 0x2, 0x1, 0x7fff, 0x86, 0x10000, 0x2, 0x40, 0x2, 0x99d, 0x6, 0xffffff92, 0xe9c, 0x3ff, 0xfffffffe, 0x10001, 0xa, 0xfffff000, 0x7f, 0x4, 0x0, 0x81, 0x6f0, 0x18e, 0x8, 0x4, 0x3, 0x4, 0x2, 0xffffffff, 0x0, 0x80000000, 0x3, 0x9, 0xfffc, 0x2, 0xd, 0x3, 0x5, 0x1, 0x4, 0x8, 0x7, 0x2, 0xd92e, 0x7fffffff, 0x3, 0x90, 0xc0, 0x5b, 0x1, 0xe6, 0x1, 0x5, 0x1000, 0x3, 0x10, 0x0, 0x5, 0x6, 0x6, 0x100, 0xf3, 0x1, 0xa92, 0x0, 0x6, 0x7, 0x0, 0x8, 0xb, 0x10000, 0x3, 0x3, 0x3, 0x5, 0x5, 0x1, 0xee7e, 0x800, 0x81, 0x7fff, 0x1, 0x4, 0x5, 0x4, 0xffffff89, 0x7, 0xfffffff3, 0x2, 0xffffffff, 0x9, 0x5, 0x2, 0x101, 0x7fffffff, 0xfffff001, 0x6, 0x4, 0xffffffff, 0x5, 0x9, 0x1, 0x0, 0xb3e, 0x8, 0xf3, 0x401, 0x401, 0x9, 0x8, 0x2, 0xb, 0x0, 0x0, 0x9, 0xffffffff, 0x25c, 0x7, 0x100005, 0x0, 0x9, 0xfffffff9, 0x3, 0xe2, 0x8, 0x1, 0x8, 0x9, 0x0, 0x9, 0x2, 0x1, 0x9, 0x80, 0x5, 0xd3c3, 0x5, 0x2, 0x1, 0x472a8800, 0xc, 0xfffffff0, 0xfffffff8, 0x9, 0x8, 0xfffffffc, 0x9, 0x5, 0x9, 0x5, 0x6, 0x6, 0x7, 0x87f, 0x59, 0x4eedcacd, 0x1, 0x4, 0x9df4, 0x2, 0x7, 0x5, 0xfff, 0x3828, 0x0, 0x1, 0x7, 0xcf6, 0x7f, 0x4, 0x7, 0x2120, 0xfffffffa, 0x80, 0x3, 0xdbff, 0x52b6, 0xfffffffa, 0x49, 0x70, 0x0, 0xe1, 0x1401, 0xa, 0x101, 0x3ff, 0x101, 0x10001, 0x7ffe, 0x80000000, 0x81, 0xfffffff7, 0x3, 0x1, 0x7514, 0x7, 0x3, 0x1, 0x4, 0x2, 0x9, 0x4, 0x10000, 0x3ff, 0x0, 0x100, 0x7ef2, 0x300000, 0x1, 0xe, 0xd, 0x4, 0x6, 0x8, 0x4, 0x10001, 0xc01, 0x400, 0x436, 0x3, 0x205, 0x0, 0x0, 0xffffffff, 0xbc, 0xa8, 0x0, 0x6, 0x7, 0x800001, 0x81, 0x3, 0x2, 0x7, 0x4, 0x4, 0x2445c87b, 0x6, 0xd, 0x9, 0x2, 0x10, 0x2, 0x7, 0x57, 0x5, 0xd, 0x1000, 0x3]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xff, 0x7, 0x2, 0x7ff, 0x6, {0x9, 0x1, 0x8, 0xef3, 0x9, 0x1}, {0x2, 0x1, 0x2, 0x827, 0x29a, 0x100}, 0x3, 0x9, 0x7}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)

4.852594066s ago: executing program 3 (id=3227):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
setregid(0x0, 0x0)

4.797077447s ago: executing program 3 (id=3229):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x200000000000035a, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)
pipe2(&(0x7f0000000000)={0x0, <r9=>0x0}, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="11000000040000000400000022"], 0x48)
r11 = socket(0x2c, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r10, &(0x7f0000000140), &(0x7f0000000080)=@udp=r11}, 0x20)
close_range(r9, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r6}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff}, 0x0)
ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f00000003c0)=<r14=>0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r3, 0x50009417, &(0x7f0000000f80)={{r12}, r14, 0x18, @unused=[0x8, 0x6, 0x9], @subvolid=0x3})
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000880)=ANY=[@ANYRESOCT=r5, @ANYRESHEX=r12, @ANYRESOCT=r1, @ANYRESHEX=r13, @ANYBLOB=',version=9p2000.u,\x00'])
r15 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="00000000916973200da1a0a606986081eb0e3a07", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r16 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r16, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000001c0)={<r17=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r16, &(0x7f0000000040)={0x12, 0x10, 0xfa00, {0xfffffffffffffffc, r17, r16}}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r15}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xe)

4.796782677s ago: executing program 3 (id=3230):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
bind$inet(r2, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
sendmmsg$inet(r2, &(0x7f00000039c0)=[{{&(0x7f0000000800)={0x2, 0x6e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x2000c044)
sendto$inet(r2, &(0x7f0000000c80)="e8", 0x6200, 0x12000000, 0x0, 0x0)

4.753513068s ago: executing program 3 (id=3233):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000280)={'pim6reg1\x00', 0x2})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

2.769322798s ago: executing program 4 (id=3254):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB], 0x0}, 0x94)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, r1)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000300), r2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="60a2f0ccb6f47ad7310000445717c344f39389b1137def7b8bbc6b262b", @ANYRES32, @ANYRESDEC=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='kfree\x00', r5, 0x0, 0xfffffffffffffffd}, 0x18)
r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r6, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
r8 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000280)={r8, 0x20, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}}, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="ece56e7cf8c0a02f1e4bef5dcf00000200", @ANYRES16=r4, @ANYBLOB="010a25bd7000fddbdf250400000014000600000000000000000000000000000000000800020007000000"], 0x30}, 0x1, 0x0, 0x0, 0x8d1}, 0x4080)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000080), r3)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = openat$nci(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r11, 0x0, &(0x7f0000000a00)=<r12=>0x0)
r13 = syz_genetlink_get_family_id$nfc(&(0x7f0000000bc0), r10)
sendmsg$NFC_CMD_FW_DOWNLOAD(r10, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000c00)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="01002dbd7000fcdbdf251500000008000100", @ANYRES32=r12, @ANYBLOB="08001100", @ANYRES32=r12, @ANYBLOB="090014007d"], 0x30}, 0x1, 0x0, 0x0, 0x20040080}, 0x4090)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000200))
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

2.768594328s ago: executing program 0 (id=3255):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x50)
syz_usb_connect(0x0, 0x41, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000540)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x11, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)

2.509545722s ago: executing program 4 (id=3260):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xc}, {0xffff, 0xffff}, {0x4, 0xf}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x404c810}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a0000", @ANYRES32=r5, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x400c5)
sendmmsg(r3, &(0x7f0000000000), 0x400000000000235, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10)
mkdir(0x0, 0x5)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x12, 0x2, 0x8, 0xd0eb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r6, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

1.906723371s ago: executing program 0 (id=3271):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='sys_enter\x00', r1}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e0000000000000000180100", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a320000000005000400000000001400078008001240000000000500150022000000050005000200000005000100"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, 0x3, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, 0x0, 0x4004000)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r3, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x1c, 0x140f, 0x100, 0x70bd26, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xb, 0x45, 'smc_ib\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20000080)
syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r3, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00080000bfa200000000000007021d82ec8f6b2d00c4905659c2b1801c0000f8ffffffb703000008000000b704"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
unlink(&(0x7f0000000100)='./file0/file1\x00')
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3477, 0x0, 0x0, 0x0, 0x8}}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r9 = add_key$keyring(&(0x7f0000000780), &(0x7f0000000900)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff8)
request_key(&(0x7f0000000080)='.request_key_auth\x00', &(0x7f0000000700)={'syz', 0x0}, &(0x7f0000000740)='\x00', r9)
pwrite64(r8, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)

1.775625583s ago: executing program 0 (id=3275):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70500000800000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x36)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000700)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)

1.576047326s ago: executing program 0 (id=3277):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000010018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r3 = syz_create_resource$binfmt(0x0)
execveat$binfmt(0xffffffffffffff9c, r3, 0x0, &(0x7f0000000880)={[], 0xf000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=@deltfilter={0x24, 0x2d, 0x200, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4}}}, 0x24}}, 0x50)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r5=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.33080991s ago: executing program 4 (id=3280):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x50)
syz_usb_connect(0x0, 0x41, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000540)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x11, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)

1.160274762s ago: executing program 2 (id=3282):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = creat(&(0x7f0000000600)='./file0\x00', 0xe5)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$qrtrtun(r1, &(0x7f0000001880)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e84b928ecb96e0e4e781bfca4c928c956321dd51400000000000020011584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26cfbb2eb91e40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a63d070000930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299dea6c08073dd0c47b9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8303985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725436101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35cfe7d498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c17d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f91", 0x45c)
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x44)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r3, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x0, 0x0, 0x7, 0x2, 0x0, 0xc40a, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x2, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x800, &(0x7f0000000340)=ANY=[@ANYBLOB="9072614e733d66442c725c646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c756e616d653dd0aedec1aa20ffd81d1bf89329217cb058a396eda2ab40a26d93dd083c0074dcab6cab21ae16c4cdf97bdc355f3b41d27b654301345cb3c4cec37953322d01beaa7257964fd30fe2d72f171da72e389d382dea3c8d91906aead5d5aeccc097ef1082ea987c2b00000000000000002c00"])
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000, 0x0, 0x0, 0x41100}, 0x94)
r7 = msgget(0x1, 0x194)
msgctl$IPC_INFO(r7, 0x3, &(0x7f0000001d00)=""/4096)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r8}, 0x10)
r9 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0)
ioctl$AUTOFS_IOC_FAIL(r9, 0x4c80, 0xffffffe4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021181500001e0a05010000000000000000070000000900020073797a31000000000900010073797a3000000000ec140380300000802c000180250001"], 0x159c}}, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f00000008c0)=@getae={0x180, 0x1f, 0x400, 0x70bd26, 0x25dfdbfd, {{@in=@multicast1, 0x4d2, 0xa, 0x32}, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xca, 0x3500}, [@tfcpad={0x8, 0x16, 0x4}, @algo_auth={0x137, 0x1, {{'md5\x00'}, 0x778, "cfaa716f722601476acdd9b83adbab45405fa9fed29968ae592ce67294e805333d38fecdf75339fbcdf894ba76b55f403337107ef5f68821320a4a4180701dbbb4d4310663714205a43194ff97ab0397a98294885d85a4173acffe636131ae8901908f2be6a4d2066ddf5fa71fb60ece2b5d9e6110a66c7b515ab422dfd28521702e18c5b8f19021ba8bf0dcc9d5236c1b934e6eb45a0dc34cd523dbebfef3df7c98a0642b98afd7f35aeb5860c7e4c246e43affbf39d2451e388cb742416112b1ca4f9800ab4f758e871317ce0816dc6b2eb271ddfc8641986ca1fbec4da1e0a832a7f523f8102e4b7e43dbad9cde"}}]}, 0x180}, 0x1, 0x0, 0x0, 0x40001}, 0x20044804)

879.620567ms ago: executing program 2 (id=3283):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001540)=@newtaction={0x88c, 0x30, 0x12f, 0x4000, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x7c3, 0x2, 0x3, 0xffffff81, 0x10, 0xc, 0x2, 0x3, 0x40, 0x200, 0x8, 0x9, 0x0, 0x5, 0x0, 0x8, 0xa, 0x6, 0x200, 0x1, 0x3, 0xcc37, 0x5, 0xb5, 0x649f, 0x4, 0x0, 0x6, 0xfb1, 0x72a4, 0xd, 0x7fff, 0x5, 0x3, 0x0, 0x3, 0x7, 0xc3a0, 0x4, 0xc, 0x0, 0xaf, 0x1, 0x6, 0x5, 0x6, 0x5, 0x80, 0xe, 0x2, 0x7, 0x6, 0x7, 0x1991, 0x8, 0xfffffe29, 0x5, 0x3, 0x101, 0xfff, 0x4, 0x5, 0x8000, 0x4, 0x7, 0x3, 0x0, 0xfffffff3, 0x1, 0x9, 0x80020003, 0x2, 0x3, 0x5, 0x101, 0x1, 0xfffffffc, 0x6, 0x7fffffff, 0x200, 0x1, 0x7309, 0x6, 0x3, 0x100, 0x2, 0x7, 0x6d0, 0x226, 0x7ff, 0x0, 0x6, 0x7, 0xfffff001, 0x6, 0x7ed8, 0x203, 0xffff, 0x0, 0x0, 0x249, 0x5, 0x2fbf, 0x2, 0x8000, 0x7, 0x25fe9fd5, 0x1, 0x9, 0x1, 0xe, 0x9, 0x0, 0x10000003, 0x4e, 0xa158, 0x8, 0x1, 0x119203c5, 0xd0, 0x7, 0x80000001, 0x3226, 0x8, 0x3, 0x4, 0xc64f, 0xffffff6e, 0x5, 0x6, 0x6, 0xfffffff7, 0x6, 0x7, 0x1, 0xc, 0x6, 0x7, 0x200, 0x60459141, 0x1, 0x5, 0x6, 0x84, 0x0, 0x1, 0x5, 0x2, 0x29dc, 0x0, 0x2d5, 0x7, 0xfffffffa, 0x1000, 0x6, 0x94, 0x15a, 0x4, 0x6, 0x2, 0x4002, 0x2, 0x4, 0xfff, 0x5, 0x1, 0x3, 0x4003, 0x80, 0x7a5b054a, 0x8, 0xffffff80, 0x1, 0xfff, 0x3, 0xb, 0x8, 0x3, 0x4, 0x2, 0x6, 0xf, 0x2, 0x7, 0x1, 0x77, 0x20009, 0x274d, 0x6, 0x40, 0xfffffffe, 0xb, 0x7, 0x1, 0x9ab, 0x7, 0xffffffc0, 0x200, 0x2000007, 0x3c, 0x2c7, 0x7, 0x8, 0x4, 0x0, 0x99f, 0x5, 0x7ff, 0x0, 0x6, 0x4, 0x4, 0xb, 0x7ff, 0x1e, 0x3, 0xe49, 0x56, 0x9, 0x1, 0x6, 0x2, 0x6a1c, 0x9, 0x8, 0x4dbda2da, 0x7fff, 0x5, 0x5, 0x0, 0x7, 0x8, 0x7fff, 0xed, 0x7fff, 0x1000, 0xcbe, 0x7ff, 0x6, 0x8, 0xb, 0xff, 0x5, 0x1, 0x377a0eb2, 0x9, 0x5, 0x8, 0x5, 0x4, 0xfffffffd, 0x2, 0xeffe, 0xe74, 0x8]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x3a40da20, 0x9, 0x7, 0x4, 0x8000, 0x7fffffff, 0x2, 0x1, 0x7fff, 0x86, 0x10000, 0x2, 0x40, 0x2, 0x99d, 0x6, 0xffffff92, 0xe9c, 0x3ff, 0xfffffffe, 0x10001, 0xa, 0xfffff000, 0x7f, 0x4, 0x0, 0x81, 0x6f0, 0x18e, 0x8, 0x4, 0x3, 0x4, 0x2, 0xffffffff, 0x0, 0x80000000, 0x3, 0x9, 0xfffc, 0x2, 0xd, 0x3, 0x5, 0x1, 0x4, 0x8, 0x7, 0x2, 0xd92e, 0x7fffffff, 0x3, 0x90, 0xc0, 0x5b, 0x1, 0xe6, 0x1, 0x5, 0x1000, 0x3, 0x10, 0x0, 0x5, 0x6, 0x6, 0x100, 0xf3, 0x1, 0xa92, 0x0, 0x6, 0x7, 0x0, 0x8, 0xb, 0x10000, 0x3, 0x3, 0x3, 0x5, 0x5, 0x1, 0xee7e, 0x800, 0x81, 0x7fff, 0x1, 0x4, 0x5, 0x4, 0xffffff89, 0x7, 0xfffffff3, 0x2, 0xffffffff, 0x9, 0x5, 0x2, 0x101, 0x7fffffff, 0xfffff001, 0x6, 0x4, 0xffffffff, 0x5, 0x9, 0x1, 0x0, 0xb3e, 0x8, 0xf3, 0x401, 0x401, 0x9, 0x8, 0x2, 0xb, 0x0, 0x0, 0x9, 0xffffffff, 0x25c, 0x7, 0x100005, 0x0, 0x9, 0xfffffff9, 0x3, 0xe2, 0x8, 0x1, 0x8, 0x9, 0x0, 0x9, 0x2, 0x1, 0x9, 0x80, 0x5, 0xd3c3, 0x5, 0x2, 0x1, 0x472a8800, 0xc, 0xfffffff0, 0xfffffff8, 0x9, 0x8, 0xfffffffc, 0x9, 0x5, 0x9, 0x5, 0x6, 0x6, 0x7, 0x87f, 0x59, 0x4eedcacd, 0x1, 0x4, 0x9df4, 0x2, 0x7, 0x5, 0xfff, 0x3828, 0x0, 0x1, 0x7, 0xcf6, 0x7f, 0x4, 0x7, 0x2120, 0xfffffffa, 0x80, 0x3, 0xdbff, 0x52b6, 0xfffffffa, 0x49, 0x70, 0x0, 0xe1, 0x1401, 0xa, 0x101, 0x3ff, 0x101, 0x10001, 0x7ffe, 0x80000000, 0x81, 0xfffffff7, 0x3, 0x1, 0x7514, 0x7, 0x3, 0x1, 0x4, 0x2, 0x9, 0x4, 0x10000, 0x3ff, 0x0, 0x100, 0x7ef2, 0x300000, 0x1, 0xe, 0xd, 0x4, 0x6, 0x8, 0x4, 0x10001, 0xc01, 0x400, 0x436, 0x3, 0x205, 0x0, 0x0, 0xffffffff, 0xbc, 0xa8, 0x0, 0x6, 0x7, 0x800001, 0x81, 0x3, 0x2, 0x7, 0x4, 0x4, 0x2445c87b, 0x6, 0xd, 0x9, 0x2, 0x10, 0x2, 0x7, 0x57, 0x5, 0xd, 0x1000, 0x3]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xff, 0x7, 0x2, 0x7ff, 0x6, {0x9, 0x1, 0x8, 0xef3, 0x9, 0x1}, {0x2, 0x1, 0x2, 0x827, 0x29a, 0x100}, 0x3, 0x9, 0x7}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)

806.401998ms ago: executing program 2 (id=3284):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000061a0000040000000000000e0300000000000000030000000000000800000000000000000000000204000000000000000000000a02000000000000612e00"], 0x0, 0x52}, 0x28)
socket$can_j1939(0x1d, 0x2, 0x7)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mlock2(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x1)

776.695838ms ago: executing program 2 (id=3285):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x400e, &(0x7f0000000300), 0x1, 0x440, &(0x7f0000000cc0)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x2a020400)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c000780080012400500000005"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1200000002000000040000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000008973de38c4836ab07277fc0b29a074bfab6f3a176d435fc720ff1d1ada1d6a419f6ab1657d97d2312f20f85cc1afa43977dd5e54b950b06ef59500580000000000000000000000b8a1077aa3779b4360756e25b61def70998506a53ef351dfddf4828f69d514a69f77cdf2bbf9657c97d50afeaf5754c3801cc76fe4c8af922379fbfc42991de7cca626b6a4cddc"], 0x50)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20)
connect$unix(0xffffffffffffffff, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

754.409619ms ago: executing program 1 (id=3286):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)=ANY=[@ANYBLOB="4400000002060500f10de2cd44057eeb000000000c000300686173683a69700005000400000000000900020073797a310000000005000500020000000500010006"], 0x44}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, 0x9, 0x6, 0x201}, 0x14}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)

682.26786ms ago: executing program 1 (id=3287):
r0 = socket(0x80000000000000a, 0x2, 0x0)
connect$can_j1939(r0, &(0x7f0000000040)={0x1d, 0x0, 0x0, {0x2, 0xf0, 0x3}, 0xff}, 0x18)
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000001a00), 0x802, 0x0)
writev(r1, &(0x7f0000000740)=[{&(0x7f0000001bc0)="9f5e8b23f32534c7f2c8b256780f67ff35b334288b9cd75b93b5cd4c7b2851de3c8743f7d02958d47d3ec5c0f789aaa939a223298017b9df8180b6d8926b65571d5ad28b8c136e9135c19397a39f8c27ffa6cb5b5e444747789260fd050042c4ebecab21c017538c95ae722e8527728f44fdbc2cd891a23623a0f84fabee4c2ec97440e18ba96c3714f52f34e3970fb0c5dc2a7d79431a773f0135385a4b4917b597e87d3a37b8241c81016b279db16f52cd35d04c536d7521eebf35c4aea18aa26596dffac1b523136fd3023bd89137f4107ca4181b3dfb93b8be08d702705a792e1ff268a771af8b33b367fa97306d7d76b827ebdcd6efc1682b03a28f30fc5f5bb893d44f844d6028a8e74bba210b1b8f511662a8b080d51fb66aca948191879b5d7dd8c97739a5b3119176137879a2a71115ca9bcb96bd32bcf2f7b585ebd4a009cb1f5fdffebd9da49f4544e0775eb79f6e0c0ec185723382ffafc86be2c3a0d06a63112546ca7d93435b228df4badb0de2956baf1d0995c61a6e72a77bdae0b12905330fae5dcd4f35e21962960ffbb6a62293548bd9c88d2755098655fa55a04db41b6c188d636f8a38a0abfdbf62fa006a2e55f5aa4f51fffb7496cc8d15c3470ffb4f7318688afabbdeba1e69ba6e9c4aa6aabf6bca54705fcce3305b4aeffcfd068b58c5bf9208912ea49d7ad0fa0b834ababfd8bd85b0429c38d9d67f0bd5651a4397837ee82a5d1c40439a64515223e37c861a35a2fd2bb1c0a0f0f58cecbf9c49e1aa0b806477707919494efbb58ea1c78b26b136a62eb92a3efa49e18b29aaed79a8405f659d19a677f8017fc7563c50067e32d82480bb8b80d6e9da939341d5b34d2489fa0f17c7a195f8c85c063b6db9fc97c90f6cac01ca7cfdd3de0cee3f2d5bcf56bda3181be11dfd0a3140be12912e13a5e2a1477180f1e18742b991258a4c6d5f30c6e13186fbc5b1fe92fc62e5abed60748b7a6496ea6b84bb18bebbeaa41c7ed7276d04dbca4a429cd9b132721411b835e9080c8393aa9bf946b7debeb49bfe37086e7da90c85c7683f177dca5afbf7ed53da455a35634e34423b6fd641da29ac4ef30b8ba60b505828d38f658642b4acd8fea6e3a830434b14d80790f6ee37ded5bde9b5b16d9aa508fc98dc9a68145866e7caf3486841645cff5152bfd918303e5f27a8b5b371cc68ff9aafe1d34302f4cd1506d2b1945416db89b02f261923dea1c6a60f27003d3b44c2aad3048f548e90a84e3cf375a1257e74126d0d284023e425a3718d139e79d785fc5f18c14d722803f08127c92a911fbdd02fd3b2eb2681bfcf37905094507a1698bdcf6d0ef931c4f526cc2f1510b8432d623e31bc97186f1f72f84d1a26c8dbc5806a36ec49cfe8debb7c7347cfe95f8f4063469a4f4b9f1b7e4950be8d9a43b88642c254418ec378feacd37c83ab300b2eca85308effd805bc3064b9629831192593da2421e4c098a06a535f537746a8ce103c708a921c109d16cd8ef2be97735b4a5f97aab8ed4400a06997ab93555d9b2d70a6860b8544c44273c4ae16bf2a10448a5acc7738fd28c188d7e7ac971e2dcafda01e3510af6b2403b7379361a4e6d12344d59e42b79c9c14c0da84266cb6536806c408a9f19d38a90443ed099ac3a3b457f94e2320ec52193c4966502d3dbf7d5f67199ffcf201ee2066e1263b0208f733a6b20295b91223e4d6262e64bc46c97c26c0d35aedef2836507e713fc42c4e9d6898e3ec1d46d65a0866f53794d727da0564b006dcc5adb306e27a8ea3e545e7e1c1cc90fd058c0a4fb2249025e57388357214be3db0ab6578e690dbf98f3f10abf395c37040eb7c771e83d635a46a019126bf8ae2e3062c1085ea5ab9864625789716afbb380f1346d17d4c0e5a8267052862f9cac709a8af295eb059931ac481cc65bba71276b6001eed000539f1d84ed802df09791ab1aa76111e60e277d69ec419b8e0ae70188f3f2458931eaff802be53f42436411dbc7261c1d4cbacceee8ffcf259de9c05039440c974dbd3f2b620f6d9d45d1f823ce315320080c1722d7c2072ad865505fbf09255611c2cd5d56d5811bdb9505e2898d001684c9b580cce0f0f4d63904eb4c490df4ded6c71818e3b557a31e44f318e63554f56259a020955322ea5ef3fd3c4b2a96155d06c69a09104204e99dc85664ae25f93f46cbaf9683b8a6dc5bc1dbc13f31a2a4cd6291a1208bbbe5a124552e304406c90b3d07a047b06562ad51670152abeff21967117b394f90bf79cae8989038ed1aec4f6c9a061a69d448d54e0348d7adec3a8c359d121eb0ccbd94e32371293df5d13bc0e70a2495cd86d28f01edf2f9d520269bbd5b6cfad3d63d727b27fa2f2b55ab1ef0353948eceedb012d0fdee457133d974d4c034cca34b1cc3bf500efe36a069ef1d1f9a5c34062fd40143fcfe20dfa83d2c8b96b13e8c985d947827856101741824f5add1792ae34f058755d1526061b6bfac47f667d43cbe5f5482024565c0a4af28a8936d2db681bca014ccb58cb4a20547331cc55620f9ffb5b25889771e6b364a1643326f03b4ca0728290f1a2c8d54552bb3a3153a8ffbd82068c7b46e0c07304e911863783b8978db684796188181e141b40931b790feb81004e702573da7b09a8516464fd319afe90159e3360a88de115203bd73e5bc2d1cb9ef6f9b591c4162d78943f7d2086db7fde1ef397c9853854f89e9f3134bd86675c3cb997f6a90efdec183345473c0da255abb8214e9ce1b9e377e160fc22a910909f2ff3f2f7cd2aa82a36909c3c48affd784786ccf2698b40ddf7d41f2622574d5bfa4c1f60d3a07c9cecbbdb52797d67e63c0c80c492befee369d4410d952029f41ef5da8188ae4fc6b687c88d43056f5fc86b67d8385c716a911cbb4bc20d63fe208d414b2ce8821c046b34f61d1de2e5ee5777df30467a15b08d3b63353c4821ce83c9da2b8bc0158dacb6e49c68cda4943aa62816133e049f2dc90d8cf0003499f6db3af8631f3dcf56a3a5f0ee17051a3e841c8fe34629bad9ab57942de6d14dd9f46134bd70f217987d9d6576990188aae61d7ffbdeace95dbd648da48b1b26a3ef89faab0259f5a083d09d8870c35e34c14639ce67b6f0dbe58029188e950842375906c5f2b8b5e4a9c3c0855b1cc4cd0611b889e83d1d5a11c57a3e8129492e90e1883712236cf9c20210078763e7a7a77c6ba776aa1f57e3c581a4c313052c41ca1d7fadc9f496e42ff1fc33579b5c41ddde52d2f192e27cd96d366f65eeba3d618e0bace457d130eb0bb41b5e720355fab630c15ba1dda2b77e632dfa2760a6c2bc57e9285aa0d5b0b04a624e3d3a8e8e49920903d173a1ff14b0bf29aeef3d20a15cf6196cbae7ca5a5848cb7eba4b5e6cc4b8714d6f51fecb897588fbcda33580b31a3655078a1dea352f89aa231f471c6efec4ab07560f93f1f1dff2591dfb068182163091f53b2b121dec933ec1f3953b3e2dd3058c04d0ec08a64728bfdaee9b22dcb43276e4203eb6c205b0c0187e36f1c9f711a78b9f6f7c44d266811c3f311e17ba4de0fd35585d84b102b3d94680c5b154a1b748797c34310bee50a67a57cfb9ff6693e167d7407b4443b92373f0f78f2af0b98d30828b634b8e540f08868d19922f2eb5796aaea6fcbbbca6ecdee994c866f76342490005aa9174299b22ddae077d302c24e6495a06a8353981ab4b52fcabae7ad0da4e714417cc173c9958cf9ba9f0e4f47400778516c7658d22b7873627f6a9c7be567958b0057836fed0ccdc72656f1cbe6f63e073ace37bfad8cac3806abf4a2256ee1d73fd4ad2ec848c7151fbe26861a6861aa871241e34961133f9af822b2b46b7d37e79ba56a4790d7476bb8cf2e7e112d4db453fce34b4eda65f8a1b12071004abfa11f4d5ef29096274bf1d02287104efc88401181dde077567b26ea1b0637428909cae7458dacb51e87254d0ea3f8275cd249a64d20ec085e4f6bd09f67c48cd7b9ccfe976b9bd73d4b48a129baf502051900c98e0b3aa73a3f4a8f40a83e7d58d9d34de0ef2569e8a79176ac9bcf7bd420ddfd111dced05eb42b1c0f7f94e76486242b92f754fe9e0cb90671431e9dd85e59a6a1f8aeba218735e2b53d9ff31c27845613a170f686713026dd31cd88caebabba9084a82aa8f39d3d23aa886d48736593b6513236b99311b09bc7094289bf246dcebe065f0135100a3178b556547d91271044e02dc1bb409ea73f6c5722ecce68f1f25b67cc67587166870ece08800d5f2d86b09f5206d74403180ca27cb413e63c4b3d410b874430ef408735dfdb38a929a240ea96aa2dd80cfad06b2ea9421d9b276bdc0edfd5330d98086bb25a8132597bec2f30cc916fbc0b872098d940af6db40a0cf1b6053e99ed071b6b17ddf3db6f87df854a129f1518f44fa8956e3c5a3b056f855d2f283af0ab8d60df8882790cbdc43a9dcaa9901733d923f6be643a0bea030937e0c22f2778d782194ee10f7391d1ad0cdfcb8ca0ad6aaee6965244adedf766fda555b7de8c76a00d855ee86b641ffdabb5eba2b94bf3f09c0c7f486b81fcf1a0411f5582db4abe4a33ed025ab8c0fe1084574b39f106c3cbd5645389b743ac2c58bc830fd4f85779703d55fec0228d235823575dc61508d6b8cd0cb933e9a5fefb7a6972fae3e2506142ae84125260caaeca4a58a231bdf21c1cf38bb580848eccdf8d77770853ca4ead642bffb248c7ae04b21ec655200656647da8565128d17eb2e1bd5647c1b8279fa2fe4a3257e28628c6a93b03a4ab285ed0bbe7dd5aac342ea64d5a7e59737db4ca06f123f7aaab3dcc33170860a986d6a365151b13a66e6a1055a30b92eff555cfd5e2274f51d9097c242a7df082e2dded4a1acc10f79c1f74cb1e0544823476416a17d69ff77452f0865961977d0a967bb63bc3d328c7c56a37a1af7915c89f779d692008aba7b262741fb4a817f1d4e6b114d94834f23a95eb2d0e2e4722e905c47f3eb4dd5236ee50989fe3033400c1fe2868152b607ccde0ca0e896d6a6e1f3ef0ec7db7af964172b483a306bd3001b4e4148771d4df4300aff7ae4f1a2d61d3b9763bc52c741ff9ce9af4213340a0c092cb1aa038158cc0eccfd52e6584eb2e47a858001581cbee60d2fbd59e63eadf3f55b99c1376684dde1bdfdc54520111a57d888784402877b989279b9118db35e3ff03cddeb8d6d49fca63e1dbe0518f9546e8a5162b7698753ce5d39f6309d9e2d4dd549072f683409594ce75bd4d74299f172396b237691bc79bb3be8eb247d99c34ce20ae429c14ba401f0083a3397b76619ed158dc9e10c5a6377903aa61a07258e96dd6dada4ba2cdf7f801477782c1e628007fdb4256dbf5c59a6796f2bbe63c59320a147ac638ac68611d6b261d2513cb16033619d3bbab95edb2d9a13be28dbfd605191dbc72ced7f4c08ab974e2240cc82019350672c284b36db6181666a29381b083f3f12614655e893e60e220ef73c3907252d6f5a58efb713e1e17eca7537a7ff4c5d242225d184de8fd32a02067675ece0b7e9c0efbf947deb6912a0c546711b8a07f0c547649f644dbe82bc7b1d190d79d2abfd0b9465988a7e1be176657f8e8cce037f40c734161540b3ab6647c571b3287e441bd2d46793452834c4b513dff92e8743a19678895a36bd047df0cede25aa57463c7f5a3e9b9548f1cd008e2ae7faaa3b59c8d48d88d89efc431f2e9fa05583c24b0d5e64b624493b8824775", 0xff8}], 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000400)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x784, &(0x7f0000001900)="$eJzs3c1rHOUfAPDvbN7aNL9fIghaTwFBA6UbU2Or6KHiQQQLBT3bLpttqNlkS3dTmhDQIoIXQcWDoJeefak3r75c9V/w5EEsVdNixYNEZrPTbJvdNEmTbHU/H5js88zM5pnvPDPzPLvzMBtA1xpN/+QiDkbEe0nEcGN+EhF99VRvxPHV9W4uLxXTKYmVlVd+S+rr3FheKkbTe1IHGpmHI+LbtyMO5daXW11YnCmUy6Xzjfx4bfbceHWhPyIK06Xp0tzRicnJI8eeOnZ052L944fFoavvv/j4F8f/euuhK+9+l8TxGGosa45jp4zGaGOf9KW78DYv7HRhHZZ0egPYlvTU7Fk9y+NgDEdPPQUA/Je9ERErAECXSbT/ANBlsu8BbiwvFbOps99I7K1rz0fEvtX4s/ubq0t6G/fs9tXvgw7eSG67M5JExMgOlD8aEZ989dpn6ZTmf3y2u/Y/0DlvXoqI0yOj66//yboxC1v1xAbL+huvo3fM77b2Bzrp67T/83Sr/l/uVv8nWvR/Blqcu9tx1/N//w4UsoG0//dc09i2m03xN4z0NHL/q/f5+pIzZ8ul9Nr2/4gYi76BND+xQRlj1/++3m5Zc//v9w9e/zQtP31dWyP3S+/A7e+ZKtQK9xJzs2uXIh7pbRV/cqv+kzb935ObLOOlZ975uN2yNP403mxaH380RiftjpXLEY+1rP+1EW3J2vjExcNnZ+8YnzhePxzGs4OihS9/+miwXfnN9Z9OafnZZ4G9kNb/4MbxjyTN4zWrWy/j+8vD37Rbdvf4Wx///cmr9XTWj7hYqNXOT0T0Jy+vn39k7b1ZPls/jX/s0dbn/0bHf/qZ8HSrgFrUdO/VXz/ffvy7K41/akv1v/XElZszPe3K31z9T9ZTY405m7n+bXYD72XfAQAAAAAAAAAAAAAAAAAAAAAAAMBm5SJiKJJc/lY6l8vnV3/D+8EYzJUr1dqhM5X5uamo/1b2SPTlskddDjc9D3Wi8Tz8LH/kjvyTEfFARHw4sD/JnqM41eHYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBzoM3v/6d+Huj01gEAu2ZfpzcAANhz2n8A6D7afwDoPtp/AOg+2n8A6D7afwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbZyRMn0mnlz+WlYpqfurAwP1O5cHiqVJ3Jz84X88WhOJefrlSmy6V8sTJ7t/9XrlTOTcbc/MXxWqlaG68uLJ6arczP1U6dnS1Ml06V+vYkKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYmurC4kyhXC6dl9hGYuX+2IzOJ3oah9MuFJFEROcD3HAL74/N2OFEhy9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8S/wQAAP//iZYeGw==")

577.668681ms ago: executing program 2 (id=3288):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000"], 0x0}, 0x94)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, r1)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000300), r2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="60a2f0ccb6f47ad7310000445717c344f39389b1137def7b8bbc6b262b", @ANYRES32, @ANYRESDEC=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='kfree\x00', r5, 0x0, 0xfffffffffffffffd}, 0x18)
r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r6, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
r8 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000280)={r8, 0x20, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}}, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="ece56e7cf8c0a02f1e4bef5dcf00000200", @ANYRES16=r4, @ANYBLOB="010a25bd7000fddbdf250400000014000600000000000000000000000000000000000800020007000000"], 0x30}, 0x1, 0x0, 0x0, 0x8d1}, 0x4080)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000080), r3)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = openat$nci(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r11, 0x0, &(0x7f0000000a00)=<r12=>0x0)
r13 = syz_genetlink_get_family_id$nfc(&(0x7f0000000bc0), r10)
sendmsg$NFC_CMD_FW_DOWNLOAD(r10, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000c00)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="01002dbd7000fcdbdf251500000008000100", @ANYRES32=r12, @ANYBLOB="08001100", @ANYRES32=r12, @ANYBLOB="090014007d"], 0x30}, 0x1, 0x0, 0x0, 0x20040080}, 0x4090)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000200))
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

491.941072ms ago: executing program 1 (id=3289):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB], 0x0}, 0x94)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, r1)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000300), r2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="60a2f0ccb6f47ad7310000445717c344f39389b1137def7b8bbc6b262b", @ANYRES32, @ANYRESDEC=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='kfree\x00', r5, 0x0, 0xfffffffffffffffd}, 0x18)
r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r6, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
r8 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000280)={r8, 0x20, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}}, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="ece56e7cf8c0a02f1e4bef5dcf00000200", @ANYRES16=r4, @ANYBLOB="010a25bd7000fddbdf250400000014000600000000000000000000000000000000000800020007000000"], 0x30}, 0x1, 0x0, 0x0, 0x8d1}, 0x4080)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000080), r3)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = openat$nci(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r11, 0x0, &(0x7f0000000a00)=<r12=>0x0)
r13 = syz_genetlink_get_family_id$nfc(&(0x7f0000000bc0), r10)
sendmsg$NFC_CMD_FW_DOWNLOAD(r10, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000c00)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="01002dbd7000fcdbdf251500000008000100", @ANYRES32=r12, @ANYBLOB="08001100", @ANYRES32=r12, @ANYBLOB="090014007d"], 0x30}, 0x1, 0x0, 0x0, 0x20040080}, 0x4090)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000200))
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

479.440483ms ago: executing program 0 (id=3290):
r0 = socket(0x10, 0x3, 0x9)
connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000c600000000010000000000000011000100"/40], 0x28}}, 0x0)

398.743584ms ago: executing program 0 (id=3291):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000e40)=ANY=[@ANYRES64=0x0, @ANYRES32=0x1, @ANYBLOB="0400"/20, @ANYRES32=0x0, @ANYRESDEC=r0, @ANYRESHEX=r0], 0x50)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x4010, &(0x7f0000000580)={[{@noauto_da_alloc}, {@prjquota}, {@auto_da_alloc}, {@nobarrier}, {@noblock_validity}, {@sb={'sb', 0x3d, 0x66d}}]}, 0xfe, 0x4cc, &(0x7f0000000940)="$eJzs3EtsVFUfAPD/nT54FCgfHx/f9/GQKhobHy0tqCxMjEZ3mpjoApe1LQQZqKElEUKkGoNLQ+LeuDJGF65d6YaoKxO3ujckRAkGdCFj7sy9w/QxfUznAfT3SwbO6T1zz/n3vs49p/cGsG4NpP8kEVsi4ueI6K9k5xYYqPx36/qF8T+vXxhPolR67bekXO7m9QvjedH8e31ZZrAQUfggySqZa/rc+ZNjxeLkmSw/PHPq7eHpc+efPHFq7Pjk8cnTo0eOHD408szTo081Jc40rpu7353am3S/cfmV8aOX3/z+y+6I2LWvsrw2jjUp9FWTA2ngv5fK5hd7pCmV3T221qST7g42hFXpioh0c/WUj//+6Io7G68/Xnq/3vd62tVAoGXSa9OG+otnb5eA+1cSnW4B0Bn5hT69/80/bep63BWuPV+5AUrjvpV9Kku6o5CVaeW9zv8i4ujsX5+kn8i2w99bWlghALDufZP2f55YrP9XiF015bZlcyjbI+JfEbEjIv4dETsj4j8R5bL/zfozq1GZGuqq5hf2PwtXGw5uBdL+37PZ3Nbc/l+l91cqlW53Zbmt5fh7kmMnipMHs9/JYPRsSPMjS9Tx7Ys/fVRv2UBN/y/9pPXnfcGsHVe75w3QTYzNjDWrU3rtvYjd3YvFn1RnApKI+H9E7F7dqrfliROPfb63XqHl419CE+aZSp9GPFrZ/rMxL/5csvT85PDGKE4eHM73ioV++PHSq/XqX1P8TZBu/81z9/95JfpvJLXztdOrr+PSLx/WvadsdP/vTV4vz1lvyn72ztjMzJmRiN7k5XK+92LNz0fvfDfP5+XT+AcPVOPfUHv876gkrqTx74mIdCfeFxEPRMT+rO0PRsRDEXGgXoCbIr574eG3Gon/jzbcB6bxTyx6/qvu/9vnbv/VJ7pOXvl6pfF3LSiRbv/D5dRgdh4un/+WUb85UZxMT+sN780AAABw70nvp7dEUhiqpguFoaHK3/DvjM2F4tT0zOPHps6enqg8I7A9egr5SFd/Nh6a3m2PJLPZGivjo6PZWHE+XnooGzf+uGtTOT80PlWc6HDssN711Tn+U78uHIwD7jfz5tE82wPryPx59EKH2gG0n+e1Yf1q5Ph/rgXtANrP9R/Wr5rj/4uzl/aUE5W/n95fXbDoXMASbw4B7g211//zHWwH0H7L9//vt9dVArn8+F9+3u9Gy9sCtFej43/nmtwOoK0Wf0g+H9dr+JH/ZRK9LVvznURv81YYG9f2AoTVJT7raV9da0hEYYkyX/VF2xsWd8WvZQWJ7NWbF1dUOFnyZRYtTHT4xAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAk/wQAAP//WQfuAw==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r2=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000003c0)={'syztnl1\x00', &(0x7f0000000000)={'gretap0\x00', <r6=>0x0, 0x80, 0x7, 0xd4, 0x80000000, {{0x9, 0x4, 0x1, 0x2c, 0x24, 0x66, 0x0, 0x4, 0x29, 0x0, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x26}, {[@ssrr={0x89, 0x3, 0xb1}, @timestamp={0x44, 0xc, 0x5a, 0x0, 0x2, [0x7858, 0x8]}]}}}}})
recvfrom(r5, &(0x7f0000000700)=""/228, 0xe4, 0x40000000, &(0x7f0000000400)=@ll={0x11, 0xf5, r6, 0x1, 0x9, 0x6, @random="eb31beea2234"}, 0x80)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
sched_setscheduler(r3, 0x0, &(0x7f0000000500)=0x687f30e7)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f00000004c0)={0x0, 'syz_tun\x00', {}, 0x8})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r7 = syz_open_procfs(0x0, &(0x7f0000000300)='mountstats\x00')
pread64(r7, &(0x7f0000001300)=""/4118, 0x1016, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)

299.007035ms ago: executing program 4 (id=3292):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x2, 0x3, &(0x7f00000027c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0x9, 0x3, 0xc4f, 0x1, 0x1}, 0x50)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x3)
syz_emit_ethernet(0x42, &(0x7f00000002c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0xffff, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x10009, 0x52}]}}}}}}}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0x1000}}}}}}, 0x0)

276.851976ms ago: executing program 1 (id=3293):
socket$kcm(0xa, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000040)={[{@noquota}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_opts(r2, 0x29, 0x4d, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x8)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0xffff, 0x0, @mcast2, 0x9}, 0x1c)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$SEG6_CMD_GET_TUNSRC(r4, &(0x7f00000006c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000680)={0x0}, 0x1, 0x0, 0x0, 0x4000010}, 0x4000000)

246.190556ms ago: executing program 4 (id=3294):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x200000000000035a, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000880)=ANY=[@ANYRESOCT=r3, @ANYRESHEX, @ANYRESOCT=r0, @ANYRESHEX, @ANYBLOB=',version=9p2000.u,\x00'])

214.445057ms ago: executing program 2 (id=3295):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES32=r0, @ANYBLOB="1800000000000000000000000018000018110100", @ANYBLOB="0000000000000000b708000000c02d75c9b89b22f1510eed2ea3d0cfe1361a469256f51b7262b2b90000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000300000000000000000095", @ANYRES64=<r1=>0x0], 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r3, r3)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="60a2f0ccb6f47ad7310000445717c344f39389b1137def7b8bbc6b262b", @ANYRES32, @ANYRESDEC=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='kfree\x00', r7, 0x0, 0xfffffffffffffffd}, 0x18)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(0xffffffffffffffff, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
r9 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r8, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000280)={r9, 0x20, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}}, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="ece56e7cf8c0a02f1e4bef5dcf00000200", @ANYRES16=r6, @ANYBLOB="010a25bd7000fddbdf250400000014000600000000000000000000000000000000000800020007000000"], 0x30}, 0x1, 0x0, 0x0, 0x8d1}, 0x4080)
waitid(0x2, r3, 0x0, 0x4, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000380)=ANY=[@ANYRESDEC=r4, @ANYRES8=r1], &(0x7f0000000600)='GPL\x00', 0x1ff, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='sched_kthread_stop_ret\x00', r10}, 0x10)
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000080), r5)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r13 = openat$nci(0xffffffffffffff9c, &(0x7f00000009c0), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r13, 0x0, &(0x7f0000000a00)=<r14=>0x0)
r15 = syz_genetlink_get_family_id$nfc(&(0x7f0000000bc0), r12)
sendmsg$NFC_CMD_FW_DOWNLOAD(r12, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000c00)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r15, @ANYBLOB="01002dbd7000fcdbdf251500000008000100", @ANYRES32=r14, @ANYBLOB="08001100", @ANYRES32=r14, @ANYBLOB="090014007d"], 0x30}, 0x1, 0x0, 0x0, 0x20040080}, 0x4090)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000200))
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

204.655947ms ago: executing program 4 (id=3296):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x400e, &(0x7f0000000300), 0x1, 0x440, &(0x7f0000000cc0)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x2a020400)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x810)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_DELETE_ELEM(0x4, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
pipe(&(0x7f0000005880))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

101.147978ms ago: executing program 1 (id=3297):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70500000800000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x36)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000700)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)

0s ago: executing program 1 (id=3298):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mlock2(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x1)

kernel console output (not intermixed with test programs):

86] bridge_slave_1: left allmulticast mode
[  229.990409][T13301] netlink: 'syz.2.2687': attribute type 17 has an invalid length.
[  229.994218][ T3786] bridge_slave_1: left promiscuous mode
[  230.007782][ T3786] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.018639][ T3786] bridge_slave_0: left allmulticast mode
[  230.024313][ T3786] bridge_slave_0: left promiscuous mode
[  230.030097][ T3786] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.099203][ T3786] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  230.108639][ T3786] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  230.117894][ T3786] bond0 (unregistering): Released all slaves
[  230.126506][ T3786] bond1 (unregistering): Released all slaves
[  230.135982][ T3786] bond2 (unregistering): Released all slaves
[  230.145193][ T3786] bond3 (unregistering): Released all slaves
[  230.154902][ T3786] bond4 (unregistering): Released all slaves
[  230.164266][ T3786] bond5 (unregistering): Released all slaves
[  230.173835][ T3786] bond6 (unregistering): Released all slaves
[  230.182902][T13223] team0: Port device team_slave_0 added
[  230.189865][T13223] team0: Port device team_slave_1 added
[  230.221174][T13223] batman_adv: batadv0: Adding interface: batadv_slave_0
[  230.228219][T13223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.254323][T13223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  230.268411][ T3786] hsr_slave_0: left promiscuous mode
[  230.274298][ T3786] hsr_slave_1: left promiscuous mode
[  230.314084][ T3786] team0 (unregistering): Port device team_slave_1 removed
[  230.326759][ T3786] team0 (unregistering): Port device team_slave_0 removed
[  230.356134][ T3786] team0 (unregistering): Port device dummy0 removed
[  230.376465][T13223] batman_adv: batadv0: Adding interface: batadv_slave_1
[  230.383434][T13223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.409760][T13223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  230.461818][T13329] loop3: detected capacity change from 0 to 128
[  230.467598][T13223] hsr_slave_0: entered promiscuous mode
[  230.474697][T13331] loop2: detected capacity change from 0 to 128
[  230.481189][T13223] hsr_slave_1: entered promiscuous mode
[  230.481308][T13331] vfat: Unknown parameter '01777777777777777777777b'
[  230.487168][T13223] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  230.501592][T13223] Cannot create hsr debugfs directory
[  230.538281][T13329] IPVS: stopping master sync thread 13337 ...
[  230.542555][T13337] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  230.565859][T13342] loop4: detected capacity change from 0 to 128
[  230.617644][T13348] netlink: 'syz.2.2700': attribute type 17 has an invalid length.
[  230.628280][T13355] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  230.639546][T13342] IPVS: stopping master sync thread 13355 ...
[  230.709881][T13366] loop3: detected capacity change from 0 to 1024
[  230.724215][T13368] loop1: detected capacity change from 0 to 512
[  230.735991][T13368] EXT4-fs (loop1): unable to read superblock
[  230.752110][T13366] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.764774][T13366] ext4 filesystem being mounted at /459/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.802485][ T3837] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  230.821415][T13377] FAULT_INJECTION: forcing a failure.
[  230.821415][T13377] name failslab, interval 1, probability 0, space 0, times 0
[  230.834079][T13377] CPU: 1 UID: 0 PID: 13377 Comm: syz.4.2709 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  230.834135][T13377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  230.834209][T13377] Call Trace:
[  230.834215][T13377]  <TASK>
[  230.834223][T13377]  __dump_stack+0x1d/0x30
[  230.834243][T13377]  dump_stack_lvl+0xe8/0x140
[  230.834261][T13377]  dump_stack+0x15/0x1b
[  230.834280][T13377]  should_fail_ex+0x265/0x280
[  230.834382][T13377]  ? __pfx_ip6_dst_gc+0x10/0x10
[  230.834429][T13377]  should_failslab+0x8c/0xb0
[  230.834533][T13377]  kmem_cache_alloc_noprof+0x50/0x310
[  230.834560][T13377]  ? dst_alloc+0xbd/0x100
[  230.834645][T13377]  ? __pfx_ip6_dst_gc+0x10/0x10
[  230.834678][T13377]  dst_alloc+0xbd/0x100
[  230.834754][T13377]  ip6_pol_route+0x6bf/0xb40
[  230.834789][T13377]  ? ip6_pol_route+0x389/0xb40
[  230.834827][T13377]  ip6_pol_route_output+0x40/0x50
[  230.834848][T13377]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  230.834967][T13377]  fib6_rule_lookup+0x112/0x470
[  230.835050][T13377]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  230.835085][T13377]  ? xa_load+0xb1/0xe0
[  230.835156][T13377]  ? dev_get_by_index_rcu+0xa0/0xc0
[  230.835194][T13377]  ip6_route_output_flags+0x1e0/0x2c0
[  230.835218][T13377]  ip6_dst_lookup_tail+0xb6/0xab0
[  230.835321][T13377]  ? should_fail_ex+0x30/0x280
[  230.835353][T13377]  ? xas_load+0x413/0x430
[  230.835382][T13377]  ? __rcu_read_unlock+0x4f/0x70
[  230.835420][T13377]  ? xa_load+0xb1/0xe0
[  230.835439][T13377]  ? __rcu_read_unlock+0x4f/0x70
[  230.835465][T13377]  ip6_sk_dst_lookup_flow+0x47d/0x580
[  230.835494][T13377]  ? __rcu_read_unlock+0x4f/0x70
[  230.835520][T13377]  udpv6_sendmsg+0x10f5/0x1580
[  230.835610][T13377]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  230.835638][T13377]  ? _raw_spin_unlock_bh+0x36/0x40
[  230.835722][T13377]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  230.835758][T13377]  inet6_sendmsg+0xac/0xd0
[  230.835797][T13377]  __sock_sendmsg+0x8b/0x180
[  230.835893][T13377]  ____sys_sendmsg+0x31e/0x4e0
[  230.835937][T13377]  ___sys_sendmsg+0x17b/0x1d0
[  230.835994][T13377]  __x64_sys_sendmsg+0xd4/0x160
[  230.836113][T13377]  x64_sys_call+0x2999/0x2fb0
[  230.836137][T13377]  do_syscall_64+0xd2/0x200
[  230.836166][T13377]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  230.836197][T13377]  ? clear_bhb_loop+0x40/0x90
[  230.836268][T13377]  ? clear_bhb_loop+0x40/0x90
[  230.836290][T13377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.836309][T13377] RIP: 0033:0x7f7b96bbe9a9
[  230.836324][T13377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.836345][T13377] RSP: 002b:00007f7b9521f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  230.836388][T13377] RAX: ffffffffffffffda RBX: 00007f7b96de5fa0 RCX: 00007f7b96bbe9a9
[  230.836402][T13377] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  230.836414][T13377] RBP: 00007f7b9521f090 R08: 0000000000000000 R09: 0000000000000000
[  230.836425][T13377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.836435][T13377] R13: 0000000000000000 R14: 00007f7b96de5fa0 R15: 00007fff01b7d508
[  230.836453][T13377]  </TASK>
[  230.837054][ T3837] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  231.158832][ T3837] EXT4-fs (loop3): This should not happen!! Data will be lost
[  231.158832][ T3837] 
[  231.168534][ T3837] EXT4-fs (loop3): Total free blocks count 0
[  231.174616][ T3837] EXT4-fs (loop3): Free/Dirty block details
[  231.180596][ T3837] EXT4-fs (loop3): free_blocks=4293918720
[  231.186570][ T3837] EXT4-fs (loop3): dirty_blocks=16
[  231.191797][ T3837] EXT4-fs (loop3): Block reservation details
[  231.197869][ T3837] EXT4-fs (loop3): i_reserved_data_blocks=1
[  231.205348][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.284504][T13223] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  231.310302][T13223] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  231.326971][T13223] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  231.337303][T13223] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  231.488546][T13416] netlink: 'syz.3.2719': attribute type 12 has an invalid length.
[  231.496441][T13416] netlink: 'syz.3.2719': attribute type 29 has an invalid length.
[  231.504279][T13416] netlink: 148 bytes leftover after parsing attributes in process `syz.3.2719'.
[  231.538960][T13422] loop2: detected capacity change from 0 to 512
[  231.573781][T13223] 8021q: adding VLAN 0 to HW filter on device bond0
[  231.624922][T13416] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.635127][T13422] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  231.653781][T13223] 8021q: adding VLAN 0 to HW filter on device team0
[  231.665638][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.672718][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.682472][T13422] EXT4-fs (loop2): 1 truncate cleaned up
[  231.688575][T13422] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.711076][T13223] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  231.721474][T13223] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  231.802257][T13416] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.815344][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.822434][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.871296][T13416] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.911110][T13416] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.931253][T13223] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.977343][T13416] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.011723][T13416] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.053048][T13416] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.093321][T13416] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.146598][T13223] veth0_vlan: entered promiscuous mode
[  232.187354][T13223] veth1_vlan: entered promiscuous mode
[  232.217585][T13223] veth0_macvtap: entered promiscuous mode
[  232.237319][T13223] veth1_macvtap: entered promiscuous mode
[  232.255430][T13223] batman_adv: batadv0: Interface activated: batadv_slave_0
[  232.281846][T13223] batman_adv: batadv0: Interface activated: batadv_slave_1
[  232.311684][T13223] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.320504][T13223] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.329303][T13223] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.338091][T13223] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.366385][T13465] loop3: detected capacity change from 0 to 128
[  232.424124][T13468] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  232.493550][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.593627][T13488] loop3: detected capacity change from 0 to 2048
[  232.614453][T13488] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.709452][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.858214][T13525] loop2: detected capacity change from 0 to 512
[  232.867886][T13526] loop4: detected capacity change from 0 to 512
[  232.887496][T13526] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  232.908300][T13525] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.930260][T13525] ext4 filesystem being mounted at /539/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  232.943989][T13526] EXT4-fs (loop4): 1 truncate cleaned up
[  232.952981][T13526] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.967138][T13525] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.2737: path /539/file1: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  232.987879][T13540] loop3: detected capacity change from 0 to 512
[  232.995624][T13540] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  233.010826][T13525] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 4: comm syz.2.2737: path /539/file1: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=11, rec_len=10454, size=2048 fake=1
[  233.050737][T13540] EXT4-fs (loop3): 1 truncate cleaned up
[  233.091055][T13525] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.2737: path /539/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  233.112668][T13540] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.122367][T13525] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.2737: path /539/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  233.188208][T13525] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 14: comm syz.2.2737: path /539/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  233.241803][T13525] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 15: comm syz.2.2737: path /539/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  233.246661][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.272362][T13525] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz.2.2737: path /539/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  233.308330][T13525] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 17: comm syz.2.2737: path /539/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  233.357923][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.366539][T13525] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 18: comm syz.2.2737: lblock 23 mapped to illegal pblock 18 (length 1)
[  233.400375][T13553] loop3: detected capacity change from 0 to 128
[  233.406897][T13547] loop4: detected capacity change from 0 to 8192
[  233.426013][T13525] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 19: comm syz.2.2737: path /539/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  233.475641][T13556] IPVS: stopping master sync thread 13468 ...
[  233.506934][T13555] validate_nla: 5 callbacks suppressed
[  233.506951][T13555] netlink: 'syz.0.2744': attribute type 17 has an invalid length.
[  233.675643][T13571] loop1: detected capacity change from 0 to 2048
[  233.765981][T13571] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.834479][T13575] pim6reg1: entered promiscuous mode
[  233.839849][T13575] pim6reg1: entered allmulticast mode
[  233.878710][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.970091][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.087262][T13593] loop1: detected capacity change from 0 to 2048
[  234.105813][T13596] loop2: detected capacity change from 0 to 512
[  234.105870][T13591] loop0: detected capacity change from 0 to 1024
[  234.120900][T13593] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.141062][T13596] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.155725][T13596] ext4 filesystem being mounted at /542/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.156131][T13591] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.172329][T13596] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.2759: path /542/file1: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  234.178849][T13591] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.203072][T13596] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 4: comm syz.2.2759: path /542/file1: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=11, rec_len=10454, size=2048 fake=1
[  234.232552][T13596] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.2759: path /542/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  234.263762][T13596] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.2759: path /542/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  234.285532][T13596] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 14: comm syz.2.2759: path /542/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  234.286409][ T3836] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  234.306657][T13596] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 15: comm syz.2.2759: path /542/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  234.341591][T13596] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz.2.2759: path /542/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  234.362810][ T3836] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  234.375217][ T3836] EXT4-fs (loop0): This should not happen!! Data will be lost
[  234.375217][ T3836] 
[  234.384981][ T3836] EXT4-fs (loop0): Total free blocks count 0
[  234.391139][ T3836] EXT4-fs (loop0): Free/Dirty block details
[  234.397264][ T3836] EXT4-fs (loop0): free_blocks=4293918720
[  234.402900][T13596] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 17: comm syz.2.2759: path /542/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  234.403211][T13596] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 18: comm syz.2.2759: lblock 23 mapped to illegal pblock 18 (length 1)
[  234.423360][ T3836] EXT4-fs (loop0): dirty_blocks=16
[  234.439057][T13596] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 19: comm syz.2.2759: path /542/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  234.442677][ T3836] EXT4-fs (loop0): Block reservation details
[  234.469103][ T3836] EXT4-fs (loop0): i_reserved_data_blocks=1
[  234.477762][T13223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.478308][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.557283][T13613] loop1: detected capacity change from 0 to 2048
[  234.568155][T13613] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.610729][T13623] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2763'.
[  234.617392][T13620] netlink: 'syz.0.2762': attribute type 17 has an invalid length.
[  234.637876][T13623] loop3: detected capacity change from 0 to 512
[  234.647771][T13623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.661023][T13623] ext4 filesystem being mounted at /478/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.677680][   T29] kauditd_printk_skb: 376 callbacks suppressed
[  234.677698][   T29] audit: type=1400 audit(1753203733.974:10831): avc:  denied  { append } for  pid=13622 comm="syz.3.2763" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  234.715298][   T29] audit: type=1400 audit(1753203734.005:10832): avc:  denied  { setattr } for  pid=13622 comm="syz.3.2763" path="/478/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  234.753672][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.769055][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.796482][T13635] loop3: detected capacity change from 0 to 512
[  234.803276][T13635] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  234.834295][T13635] EXT4-fs (loop3): 1 truncate cleaned up
[  234.842918][T13635] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.843318][T13638] netlink: 'syz.0.2766': attribute type 12 has an invalid length.
[  234.862953][T13638] netlink: 'syz.0.2766': attribute type 29 has an invalid length.
[  234.870828][T13638] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2766'.
[  234.977192][T13643] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.000513][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.015591][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.056167][T13648] vlan2: entered allmulticast mode
[  235.123205][T13647] netlink: 'syz.2.2770': attribute type 17 has an invalid length.
[  235.209264][T13662] loop2: detected capacity change from 0 to 512
[  235.233748][T13662] EXT4-fs (loop2): unable to read superblock
[  235.402781][T13674] netlink: 'syz.3.2777': attribute type 17 has an invalid length.
[  235.488720][T13684] loop3: detected capacity change from 0 to 128
[  235.551712][T13643] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.575130][T13690] loop3: detected capacity change from 0 to 512
[  235.601625][T13643] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.614366][T13690] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.633730][T13690] ext4 filesystem being mounted at /489/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.654773][T13690] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.2781: path /489/file1: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  235.681887][T13643] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.705699][T13690] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 4: comm syz.3.2781: path /489/file1: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=11, rec_len=10454, size=2048 fake=1
[  235.801538][T13690] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 12: comm syz.3.2781: path /489/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  235.896817][T13690] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 13: comm syz.3.2781: path /489/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  235.928498][T13690] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 14: comm syz.3.2781: path /489/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  235.976185][T13690] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 15: comm syz.3.2781: path /489/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  236.023351][T13690] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 16: comm syz.3.2781: path /489/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  236.091074][T13643] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  236.102717][T13643] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  236.127929][T13643] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  236.155351][T13690] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 17: comm syz.3.2781: path /489/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  236.178176][T13643] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  236.227610][T13690] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #2: block 18: comm syz.3.2781: lblock 23 mapped to illegal pblock 18 (length 1)
[  236.260300][T13690] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 19: comm syz.3.2781: path /489/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  236.422240][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.458680][   T29] audit: type=1326 audit(1753203735.767:10833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13709 comm="syz.4.2788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96bbe9a9 code=0x7ffc0000
[  236.482384][   T29] audit: type=1326 audit(1753203735.767:10834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13709 comm="syz.4.2788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96bbe9a9 code=0x7ffc0000
[  236.506001][   T29] audit: type=1326 audit(1753203735.767:10835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13709 comm="syz.4.2788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b96bbe9a9 code=0x7ffc0000
[  236.530105][   T29] audit: type=1326 audit(1753203735.767:10836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13709 comm="syz.4.2788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96bbe9a9 code=0x7ffc0000
[  236.553766][   T29] audit: type=1326 audit(1753203735.767:10837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13709 comm="syz.4.2788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f7b96bbe9a9 code=0x7ffc0000
[  236.554082][T13716] loop4: detected capacity change from 0 to 128
[  236.577749][   T29] audit: type=1326 audit(1753203735.767:10838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13709 comm="syz.4.2788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96bbe9a9 code=0x7ffc0000
[  236.607481][   T29] audit: type=1326 audit(1753203735.767:10839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13709 comm="syz.4.2788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f7b96bbe9a9 code=0x7ffc0000
[  236.631106][   T29] audit: type=1326 audit(1753203735.767:10840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13709 comm="syz.4.2788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b96bbe9a9 code=0x7ffc0000
[  236.657269][T13716] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  236.679735][T13715] loop3: detected capacity change from 0 to 128
[  236.689363][T13716] ext4 filesystem being mounted at /544/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  236.707322][T13715] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  236.731852][T13715] ext4 filesystem being mounted at /491/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  236.747833][ T3312] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  236.772395][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  236.786633][T13726] netlink: 'syz.1.2792': attribute type 13 has an invalid length.
[  236.794555][T13726] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2792'.
[  236.810186][T13726] erspan0: refused to change device tx_queue_len
[  236.817274][T13727] loop0: detected capacity change from 0 to 512
[  236.822196][T13726] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  236.840051][T13727] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  236.860495][T13727] EXT4-fs (loop0): 1 truncate cleaned up
[  236.866699][T13727] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.891812][T13732] loop4: detected capacity change from 0 to 1024
[  236.943682][T13732] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.968823][T13732] ext4 filesystem being mounted at /545/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.001255][   T31] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  237.030447][   T31] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  237.043063][   T31] EXT4-fs (loop4): This should not happen!! Data will be lost
[  237.043063][   T31] 
[  237.052885][   T31] EXT4-fs (loop4): Total free blocks count 0
[  237.058973][   T31] EXT4-fs (loop4): Free/Dirty block details
[  237.064953][   T31] EXT4-fs (loop4): free_blocks=4293918720
[  237.070805][   T31] EXT4-fs (loop4): dirty_blocks=16
[  237.075943][   T31] EXT4-fs (loop4): Block reservation details
[  237.082119][   T31] EXT4-fs (loop4): i_reserved_data_blocks=1
[  237.137270][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.166695][T13223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.244924][T13744] loop1: detected capacity change from 0 to 1024
[  237.262794][T13746] loop0: detected capacity change from 0 to 512
[  237.282910][T13744] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.306566][T13744] ext4 filesystem being mounted at /597/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.366457][T13746] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  237.460070][T13746] EXT4-fs (loop0): 1 truncate cleaned up
[  237.476192][T13746] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.500033][T13754] loop4: detected capacity change from 0 to 128
[  237.507632][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.707194][T13764] loop3: detected capacity change from 0 to 512
[  237.761096][T13764] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.784834][T13773] loop1: detected capacity change from 0 to 512
[  237.791964][T13764] ext4 filesystem being mounted at /493/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.792196][T13773] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  237.822820][T13764] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.2805: path /493/file1: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  237.851072][T13223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.861239][T13773] EXT4-fs (loop1): 1 truncate cleaned up
[  237.870216][T13764] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 4: comm syz.3.2805: path /493/file1: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=11, rec_len=10454, size=2048 fake=1
[  237.890299][T13773] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.910108][T13764] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 12: comm syz.3.2805: path /493/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  237.938798][T13780] loop0: detected capacity change from 0 to 128
[  237.945633][T13780] vfat: Unknown parameter '01777777777777777777777b'
[  237.986707][T13764] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 13: comm syz.3.2805: path /493/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  238.033658][T13764] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 14: comm syz.3.2805: path /493/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  238.039464][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.075476][T13764] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 15: comm syz.3.2805: path /493/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  238.105096][T13764] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 16: comm syz.3.2805: path /493/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  238.152759][T13784] netlink: 'syz.0.2811': attribute type 17 has an invalid length.
[  238.161347][T13764] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 17: comm syz.3.2805: path /493/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  238.201129][T13764] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #2: block 18: comm syz.3.2805: lblock 23 mapped to illegal pblock 18 (length 1)
[  238.275181][T13806] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13806 comm=syz.0.2815
[  238.293772][T13764] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 19: comm syz.3.2805: path /493/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  238.294770][T13806] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  238.327078][T13808] loop4: detected capacity change from 0 to 128
[  238.351012][T13808] IPVS: stopping master sync thread 13813 ...
[  238.351949][T13813] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  238.371537][T13810] $Hÿ: renamed from bond0 (while UP)
[  238.378714][T13810] $Hÿ: entered promiscuous mode
[  238.383824][T13810] bond_slave_0: entered promiscuous mode
[  238.389784][T13810] bond_slave_1: entered promiscuous mode
[  238.433012][ T3786] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.481762][ T3786] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.539463][T13796] chnl_net:caif_netlink_parms(): no params data found
[  238.562292][ T3786] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.642444][ T3786] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.679562][T13833] loop4: detected capacity change from 0 to 128
[  238.687380][T13834] loop2: detected capacity change from 0 to 128
[  238.704120][T13833] vfat: Unknown parameter '01777777777777777777777b'
[  238.718667][T13796] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.725893][T13796] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.733253][T13796] bridge_slave_0: entered allmulticast mode
[  238.740182][T13796] bridge_slave_0: entered promiscuous mode
[  238.747132][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.756711][T13796] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.763880][T13796] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.771542][T13796] bridge_slave_1: entered allmulticast mode
[  238.778920][T13796] bridge_slave_1: entered promiscuous mode
[  238.813631][T13845] loop2: detected capacity change from 0 to 128
[  238.828366][T13796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  238.845840][T13796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  238.855475][ T3786] bridge_slave_1: left allmulticast mode
[  238.861292][ T3786] bridge_slave_1: left promiscuous mode
[  238.867159][ T3786] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.878586][ T3786] bridge_slave_0: left allmulticast mode
[  238.884349][ T3786] bridge_slave_0: left promiscuous mode
[  238.890154][ T3786] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.932364][T13852] netlink: 'syz.3.2824': attribute type 17 has an invalid length.
[  238.942252][T13854] netlink: 'syz.4.2827': attribute type 17 has an invalid length.
[  238.988924][ T3786] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  238.999235][ T3786] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  239.008789][ T3786] bond0 (unregistering): Released all slaves
[  239.017730][ T3786] bond1 (unregistering): Released all slaves
[  239.027045][T13851] IPVS: stopping master sync thread 13869 ...
[  239.032490][T13869] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  239.062423][T13796] team0: Port device team_slave_0 added
[  239.069272][T13796] team0: Port device team_slave_1 added
[  239.084204][ T3786] hsr_slave_0: left promiscuous mode
[  239.090371][ T3786] hsr_slave_1: left promiscuous mode
[  239.099714][ T3786] veth1_macvtap: left promiscuous mode
[  239.112027][ T3786] veth0_macvtap: left promiscuous mode
[  239.120324][ T3786] veth1_vlan: left promiscuous mode
[  239.126192][ T3786] veth0_vlan: left promiscuous mode
[  239.202246][ T3786] team0 (unregistering): Port device team_slave_1 removed
[  239.211867][ T3786] team0 (unregistering): Port device team_slave_0 removed
[  239.218448][T13883] netlink: 'syz.2.2832': attribute type 17 has an invalid length.
[  239.251964][T13882] netlink: 'syz.0.2831': attribute type 12 has an invalid length.
[  239.259982][T13882] netlink: 'syz.0.2831': attribute type 29 has an invalid length.
[  239.267967][T13882] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2831'.
[  239.277952][T13796] batman_adv: batadv0: Adding interface: batadv_slave_0
[  239.285048][T13796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  239.311032][T13796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  239.344731][T13796] batman_adv: batadv0: Adding interface: batadv_slave_1
[  239.351822][T13796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  239.377773][T13796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  239.390297][T13882] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.446034][T13796] hsr_slave_0: entered promiscuous mode
[  239.452564][T13796] hsr_slave_1: entered promiscuous mode
[  239.458774][T13796] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  239.466548][T13796] Cannot create hsr debugfs directory
[  239.494651][T13882] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.562595][T13882] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.598127][T13893] FAULT_INJECTION: forcing a failure.
[  239.598127][T13893] name failslab, interval 1, probability 0, space 0, times 0
[  239.604906][T13905] loop2: detected capacity change from 0 to 2048
[  239.610913][T13893] CPU: 0 UID: 0 PID: 13893 Comm: syz.3.2833 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  239.610991][T13893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  239.611009][T13893] Call Trace:
[  239.611018][T13893]  <TASK>
[  239.611028][T13893]  __dump_stack+0x1d/0x30
[  239.611093][T13893]  dump_stack_lvl+0xe8/0x140
[  239.611120][T13893]  dump_stack+0x15/0x1b
[  239.611142][T13893]  should_fail_ex+0x265/0x280
[  239.611241][T13893]  should_failslab+0x8c/0xb0
[  239.611272][T13893]  kmem_cache_alloc_noprof+0x50/0x310
[  239.611306][T13893]  ? __se_sys_mbind+0x3d7/0xac0
[  239.611408][T13893]  __se_sys_mbind+0x3d7/0xac0
[  239.611486][T13893]  __x64_sys_mbind+0x78/0x90
[  239.611522][T13893]  x64_sys_call+0x14af/0x2fb0
[  239.611559][T13893]  do_syscall_64+0xd2/0x200
[  239.611584][T13893]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  239.611680][T13893]  ? clear_bhb_loop+0x40/0x90
[  239.611709][T13893]  ? clear_bhb_loop+0x40/0x90
[  239.611821][T13893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.611902][T13893] RIP: 0033:0x7f927ea5e9a9
[  239.611923][T13893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.611947][T13893] RSP: 002b:00007f927d0c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  239.611972][T13893] RAX: ffffffffffffffda RBX: 00007f927ec85fa0 RCX: 00007f927ea5e9a9
[  239.611988][T13893] RDX: 0000000000004003 RSI: 0000000000004000 RDI: 0000200000000000
[  239.612081][T13893] RBP: 00007f927d0c7090 R08: 0000000000000006 R09: 0000000000000002
[  239.612098][T13893] R10: 0000200000000c00 R11: 0000000000000246 R12: 0000000000000001
[  239.612115][T13893] R13: 0000000000000000 R14: 00007f927ec85fa0 R15: 00007ffece1125a8
[  239.612141][T13893]  </TASK>
[  239.810087][T13905] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.832832][T13882] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.842858][T13911] loop4: detected capacity change from 0 to 2048
[  239.852259][T13911] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.903250][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.949802][T13921] netlink: 'syz.2.2843': attribute type 12 has an invalid length.
[  239.957762][T13921] netlink: 'syz.2.2843': attribute type 29 has an invalid length.
[  239.965725][T13921] netlink: 148 bytes leftover after parsing attributes in process `syz.2.2843'.
[  239.989541][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.016815][T13921] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.026748][T13924] loop4: detected capacity change from 0 to 2048
[  240.041392][T13924] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  240.058772][T13796] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  240.070293][T13796] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  240.080335][T13796] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  240.089085][T13796] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  240.099100][T13921] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.137006][T13796] 8021q: adding VLAN 0 to HW filter on device bond0
[  240.151539][T13796] 8021q: adding VLAN 0 to HW filter on device team0
[  240.158748][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.161181][ T3786] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.174845][ T3786] bridge0: port 1(bridge_slave_0) entered forwarding state
[  240.186446][ T3836] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.193628][ T3836] bridge0: port 2(bridge_slave_1) entered forwarding state
[  240.207572][T13921] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.260199][T13921] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.277642][T13796] 8021q: adding VLAN 0 to HW filter on device batadv0
[  240.336514][T13921] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.348696][T13921] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.359961][T13951] netlink: 'syz.4.2846': attribute type 17 has an invalid length.
[  240.363989][T13796] veth0_vlan: entered promiscuous mode
[  240.376574][T13921] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.390606][T13921] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.401134][T13796] veth1_vlan: entered promiscuous mode
[  240.416957][T13796] veth0_macvtap: entered promiscuous mode
[  240.425632][T13796] veth1_macvtap: entered promiscuous mode
[  240.439772][T13796] batman_adv: batadv0: Interface activated: batadv_slave_0
[  240.456902][T13796] batman_adv: batadv0: Interface activated: batadv_slave_1
[  240.468570][T13796] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.477460][T13796] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.486526][T13796] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.495370][T13796] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.584093][T13976] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13976 comm=syz.1.2855
[  240.597426][   T29] kauditd_printk_skb: 210 callbacks suppressed
[  240.597442][   T29] audit: type=1107 audit(1753203739.933:11051): pid=13975 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  240.598847][T13976] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  240.650264][T13980] loop2: detected capacity change from 0 to 128
[  240.663440][T13980] IPVS: stopping master sync thread 13983 ...
[  240.666345][T13983] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  240.687043][T13981] $Hÿ: renamed from bond0 (while UP)
[  240.695857][T13981] $Hÿ: entered promiscuous mode
[  240.701008][T13981] bond_slave_0: entered promiscuous mode
[  240.706784][T13981] bond_slave_1: entered promiscuous mode
[  240.742216][T13989] loop2: detected capacity change from 0 to 128
[  240.749076][T13989] vfat: Unknown parameter '01777777777777777777777b'
[  240.799529][T13997] loop2: detected capacity change from 0 to 512
[  240.809238][T13997] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  240.821741][T13997] EXT4-fs (loop2): 1 truncate cleaned up
[  240.828111][T13997] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  240.910578][T13882] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.928962][T13882] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.942197][T14008] netlink: 'syz.3.2863': attribute type 17 has an invalid length.
[  240.955978][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.965929][T13882] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.983622][T13882] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  241.079406][T14027] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2870'.
[  241.111945][T14030] loop2: detected capacity change from 0 to 128
[  241.118620][T14030] vfat: Unknown parameter '01777777777777777777777b'
[  241.159102][T14032] loop2: detected capacity change from 0 to 512
[  241.177987][T14032] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.190952][T14032] ext4 filesystem being mounted at /569/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.202676][   T29] audit: type=1326 audit(1753203740.547:11052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14038 comm="syz.3.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f927ea5e9a9 code=0x7ffc0000
[  241.226350][   T29] audit: type=1326 audit(1753203740.547:11053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14038 comm="syz.3.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f927ea5e9a9 code=0x7ffc0000
[  241.250513][   T29] audit: type=1326 audit(1753203740.547:11054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14038 comm="syz.3.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f927ea5e9a9 code=0x7ffc0000
[  241.253196][T14032] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.2872: path /569/file1: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  241.274172][   T29] audit: type=1326 audit(1753203740.547:11055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14038 comm="syz.3.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f927ea5e9a9 code=0x7ffc0000
[  241.274206][   T29] audit: type=1326 audit(1753203740.547:11056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14038 comm="syz.3.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f927ea5e9a9 code=0x7ffc0000
[  241.304369][T14041] loop3: detected capacity change from 0 to 128
[  241.318345][   T29] audit: type=1326 audit(1753203740.547:11057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14038 comm="syz.3.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f927ea5e9a9 code=0x7ffc0000
[  241.372035][   T29] audit: type=1326 audit(1753203740.547:11058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14038 comm="syz.3.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f927ea5e9a9 code=0x7ffc0000
[  241.392058][T14032] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 4: comm syz.2.2872: path /569/file1: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=11, rec_len=10454, size=2048 fake=1
[  241.395584][   T29] audit: type=1326 audit(1753203740.547:11059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14038 comm="syz.3.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f927ea5e9a9 code=0x7ffc0000
[  241.438691][   T29] audit: type=1326 audit(1753203740.547:11060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14038 comm="syz.3.2874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f927ea5e9a9 code=0x7ffc0000
[  241.464987][T14041] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  241.477177][T14032] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.2872: path /569/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  241.481559][T14041] ext4 filesystem being mounted at /503/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  241.524648][T14032] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.2872: path /569/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  241.559739][T14048] loop1: detected capacity change from 0 to 128
[  241.559711][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  241.578696][T14032] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 14: comm syz.2.2872: path /569/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  241.600021][T14032] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 15: comm syz.2.2872: path /569/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  241.628057][T14032] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz.2.2872: path /569/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  241.652403][T14048] IPVS: stopping master sync thread 14053 ...
[  241.652577][T14053] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  241.683148][T14032] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 17: comm syz.2.2872: path /569/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  241.704482][T14032] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 18: comm syz.2.2872: lblock 23 mapped to illegal pblock 18 (length 1)
[  241.719055][T14032] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 19: comm syz.2.2872: path /569/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  241.853147][T14065] loop1: detected capacity change from 0 to 128
[  241.865902][T14067] loop4: detected capacity change from 0 to 128
[  241.873128][T14067] vfat: Unknown parameter '01777777777777777777777b'
[  241.968495][T14079] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  241.990407][T14065] IPVS: stopping master sync thread 14079 ...
[  241.999906][T14078] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2886'.
[  242.027198][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.053984][T14083] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2887'.
[  242.108352][T14089] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14089 comm=syz.4.2892
[  242.122592][T14089] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  242.235421][T14102] vlan2: entered allmulticast mode
[  242.269356][T14102] dummy0: entered allmulticast mode
[  242.328493][T14105] netlink: 'syz.2.2889': attribute type 17 has an invalid length.
[  242.508348][T14110] loop3: detected capacity change from 0 to 1024
[  242.608781][T14110] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.636656][T14110] ext4 filesystem being mounted at /511/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.661134][ T3837] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  242.677355][ T3837] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  242.689900][ T3837] EXT4-fs (loop3): This should not happen!! Data will be lost
[  242.689900][ T3837] 
[  242.699742][ T3837] EXT4-fs (loop3): Total free blocks count 0
[  242.705875][ T3837] EXT4-fs (loop3): Free/Dirty block details
[  242.711794][ T3837] EXT4-fs (loop3): free_blocks=4293918720
[  242.717564][ T3837] EXT4-fs (loop3): dirty_blocks=16
[  242.722692][ T3837] EXT4-fs (loop3): Block reservation details
[  242.728821][ T3837] EXT4-fs (loop3): i_reserved_data_blocks=1
[  242.736880][T14119] loop2: detected capacity change from 0 to 128
[  242.743488][T14119] vfat: Unknown parameter '01777777777777777777777b'
[  242.764482][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.796127][T14122] loop3: detected capacity change from 0 to 2048
[  242.807183][T14125] loop2: detected capacity change from 0 to 512
[  242.814673][T14122] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.827541][T14122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.838655][T14125] ext4 filesystem being mounted at /574/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.851965][T14125] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.2900: path /574/file1: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  242.878393][T14125] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 4: comm syz.2.2900: path /574/file1: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=11, rec_len=10454, size=2048 fake=1
[  242.904545][T14125] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.2900: path /574/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  242.959356][T14125] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.2900: path /574/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  242.983668][T14125] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 14: comm syz.2.2900: path /574/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  243.024987][T14135] loop4: detected capacity change from 0 to 128
[  243.037785][T14125] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 15: comm syz.2.2900: path /574/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  243.080679][T14125] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz.2.2900: path /574/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  243.103769][T14125] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 17: comm syz.2.2900: path /574/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  243.104111][T14141] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  243.125453][T14125] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 18: comm syz.2.2900: lblock 23 mapped to illegal pblock 18 (length 1)
[  243.137614][T14135] IPVS: stopping master sync thread 14141 ...
[  243.166863][T14140] loop1: detected capacity change from 0 to 2048
[  243.180888][T14125] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 19: comm syz.2.2900: path /574/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  243.284875][T14153] pim6reg1: entered promiscuous mode
[  243.290312][T14153] pim6reg1: entered allmulticast mode
[  243.345346][T14160] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2910'.
[  243.358183][T14160] erspan0: refused to change device tx_queue_len
[  243.365702][T14160] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  243.708468][T14195] loop1: detected capacity change from 0 to 8192
[  243.936915][T14210] pim6reg1: entered promiscuous mode
[  243.942389][T14210] pim6reg1: entered allmulticast mode
[  244.562052][T14227] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2932'.
[  244.648422][T14228] validate_nla: 2 callbacks suppressed
[  244.648440][T14228] netlink: 'syz.4.2931': attribute type 17 has an invalid length.
[  244.663532][T14234] loop2: detected capacity change from 0 to 8192
[  244.808060][T14248] loop0: detected capacity change from 0 to 2048
[  244.820800][T14250] netlink: 'syz.4.2938': attribute type 13 has an invalid length.
[  244.828786][T14250] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2938'.
[  244.838374][T14250] erspan0: refused to change device tx_queue_len
[  244.845270][T14250] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  245.009100][T14255] loop4: detected capacity change from 0 to 2048
[  245.391246][T14275] netlink: 'syz.4.2945': attribute type 13 has an invalid length.
[  245.399387][T14275] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2945'.
[  245.408946][T14275] erspan0: refused to change device tx_queue_len
[  245.415929][T14275] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  245.527426][T14282] netlink: 'syz.4.2947': attribute type 17 has an invalid length.
[  245.577764][T14292] loop3: detected capacity change from 0 to 128
[  245.603302][T14294] loop4: detected capacity change from 0 to 2048
[  245.701775][T14305] netlink: 'syz.4.2953': attribute type 17 has an invalid length.
[  245.751217][   T29] kauditd_printk_skb: 581 callbacks suppressed
[  245.751235][   T29] audit: type=1326 audit(1753203745.108:11642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14312 comm="syz.0.2954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  245.781370][   T29] audit: type=1326 audit(1753203745.108:11643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14312 comm="syz.0.2954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  245.805059][   T29] audit: type=1326 audit(1753203745.108:11644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14312 comm="syz.0.2954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  245.828977][   T29] audit: type=1326 audit(1753203745.108:11645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14312 comm="syz.0.2954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  245.830488][T14315] loop0: detected capacity change from 0 to 128
[  245.852693][   T29] audit: type=1326 audit(1753203745.108:11646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14312 comm="syz.0.2954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  245.862299][T14315] ext4 filesystem being mounted at /39/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  245.882575][   T29] audit: type=1326 audit(1753203745.108:11647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14312 comm="syz.0.2954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  245.882614][   T29] audit: type=1326 audit(1753203745.108:11648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14312 comm="syz.0.2954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  245.939962][   T29] audit: type=1326 audit(1753203745.108:11649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14312 comm="syz.0.2954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  245.963644][   T29] audit: type=1326 audit(1753203745.108:11650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14312 comm="syz.0.2954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  245.987289][   T29] audit: type=1326 audit(1753203745.108:11651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14312 comm="syz.0.2954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  246.051489][T14320] FAULT_INJECTION: forcing a failure.
[  246.051489][T14320] name failslab, interval 1, probability 0, space 0, times 0
[  246.064251][T14320] CPU: 0 UID: 0 PID: 14320 Comm: syz.4.2956 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  246.064284][T14320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  246.064298][T14320] Call Trace:
[  246.064304][T14320]  <TASK>
[  246.064312][T14320]  __dump_stack+0x1d/0x30
[  246.064342][T14320]  dump_stack_lvl+0xe8/0x140
[  246.064389][T14320]  dump_stack+0x15/0x1b
[  246.064406][T14320]  should_fail_ex+0x265/0x280
[  246.064489][T14320]  ? __se_sys_memfd_create+0x1cc/0x590
[  246.064526][T14320]  should_failslab+0x8c/0xb0
[  246.064551][T14320]  __kmalloc_cache_noprof+0x4c/0x320
[  246.064638][T14320]  ? fput+0x8f/0xc0
[  246.064668][T14320]  __se_sys_memfd_create+0x1cc/0x590
[  246.064759][T14320]  __x64_sys_memfd_create+0x31/0x40
[  246.064797][T14320]  x64_sys_call+0x122f/0x2fb0
[  246.064824][T14320]  do_syscall_64+0xd2/0x200
[  246.064896][T14320]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  246.064927][T14320]  ? clear_bhb_loop+0x40/0x90
[  246.064954][T14320]  ? clear_bhb_loop+0x40/0x90
[  246.064981][T14320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.065082][T14320] RIP: 0033:0x7f7b96bbe9a9
[  246.065101][T14320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.065134][T14320] RSP: 002b:00007f7b9521ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  246.065213][T14320] RAX: ffffffffffffffda RBX: 0000000000000512 RCX: 00007f7b96bbe9a9
[  246.065230][T14320] RDX: 00007f7b9521eef0 RSI: 0000000000000000 RDI: 00007f7b96c416fc
[  246.065247][T14320] RBP: 0000200000000c40 R08: 00007f7b9521ebb7 R09: 00007f7b9521ee40
[  246.065262][T14320] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000200
[  246.065274][T14320] R13: 00007f7b9521eef0 R14: 00007f7b9521eeb0 R15: 00002000000006c0
[  246.065295][T14320]  </TASK>
[  246.383534][T14340] loop4: detected capacity change from 0 to 2048
[  246.386446][T14341] netlink: 'syz.0.2961': attribute type 17 has an invalid length.
[  246.490915][T14354] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14354 comm=syz.0.2965
[  246.508701][T14354] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  246.606284][ T3836] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.640429][T14351] chnl_net:caif_netlink_parms(): no params data found
[  246.672285][T14370] netlink: 'syz.3.2966': attribute type 17 has an invalid length.
[  246.707764][T14351] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.714917][T14351] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.722264][T14351] bridge_slave_0: entered allmulticast mode
[  246.729005][T14351] bridge_slave_0: entered promiscuous mode
[  246.735843][T14351] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.743073][T14351] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.750810][T14351] bridge_slave_1: entered allmulticast mode
[  246.757675][T14351] bridge_slave_1: entered promiscuous mode
[  246.766708][ T3836] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.777480][T14384] netlink: 'syz.1.2967': attribute type 17 has an invalid length.
[  246.800529][T14351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  246.810931][ T3836] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.822928][T14351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  246.845708][T14351] team0: Port device team_slave_0 added
[  246.859130][T14351] team0: Port device team_slave_1 added
[  246.879429][T14351] batman_adv: batadv0: Adding interface: batadv_slave_0
[  246.886636][T14351] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.912764][T14351] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  246.924862][ T3836] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.936976][T14351] batman_adv: batadv0: Adding interface: batadv_slave_1
[  246.944059][T14351] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.970210][T14351] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  246.971448][T14396] loop3: detected capacity change from 0 to 2048
[  247.022270][T14351] hsr_slave_0: entered promiscuous mode
[  247.028726][T14351] hsr_slave_1: entered promiscuous mode
[  247.034656][T14351] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  247.042436][T14351] Cannot create hsr debugfs directory
[  247.081825][ T3836] bridge_slave_1: left allmulticast mode
[  247.087650][ T3836] bridge_slave_1: left promiscuous mode
[  247.093349][ T3836] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.175214][T14405] loop3: detected capacity change from 0 to 2048
[  247.184794][ T3836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  247.196163][ T3836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  247.206254][ T3836] bond0 (unregistering): Released all slaves
[  247.216007][ T3836] bond1 (unregistering): Released all slaves
[  247.225076][ T3836] bond2 (unregistering): Released all slaves
[  247.233923][ T3836] bond3 (unregistering): Released all slaves
[  247.273771][ T3836] hsr_slave_0: left promiscuous mode
[  247.279628][ T3836] hsr_slave_1: left promiscuous mode
[  247.288887][ T3836] veth1_macvtap: left promiscuous mode
[  247.294412][ T3836] veth0_macvtap: left promiscuous mode
[  247.300085][ T3836] veth1_vlan: left promiscuous mode
[  247.305413][ T3836] veth0_vlan: left promiscuous mode
[  247.334036][T14416] netlink: 'syz.1.2974': attribute type 17 has an invalid length.
[  247.387034][ T3836] team0 (unregistering): Port device team_slave_1 removed
[  247.397209][ T3836] team0 (unregistering): Port device team_slave_0 removed
[  247.563284][T14436] loop0: detected capacity change from 0 to 1024
[  247.590908][T14436] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.641991][ T3837] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  247.664371][ T3837] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  247.676806][ T3837] EXT4-fs (loop0): This should not happen!! Data will be lost
[  247.676806][ T3837] 
[  247.686559][ T3837] EXT4-fs (loop0): Total free blocks count 0
[  247.692087][T14446] loop2: detected capacity change from 0 to 2048
[  247.692597][ T3837] EXT4-fs (loop0): Free/Dirty block details
[  247.704928][ T3837] EXT4-fs (loop0): free_blocks=4293918720
[  247.710648][ T3837] EXT4-fs (loop0): dirty_blocks=16
[  247.715887][ T3837] EXT4-fs (loop0): Block reservation details
[  247.721999][ T3837] EXT4-fs (loop0): i_reserved_data_blocks=1
[  247.787159][T14458] netlink: 'syz.3.2981': attribute type 17 has an invalid length.
[  247.843937][T14472] loop1: detected capacity change from 0 to 128
[  247.857164][T14474] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  247.868429][T14472] IPVS: stopping master sync thread 14474 ...
[  247.878261][T14463] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2987'.
[  247.894806][T14463] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  247.904286][T14463] bond_slave_0: left promiscuous mode
[  247.913790][T14463] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  247.924607][T14463] bond_slave_1: left promiscuous mode
[  247.932778][T14463] $Hÿ (unregistering): Released all slaves
[  247.981491][T14351] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  248.001198][T14351] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  248.028407][T14351] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  248.048947][T14351] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  248.055880][T14496] loop0: detected capacity change from 0 to 2048
[  248.126339][T14351] 8021q: adding VLAN 0 to HW filter on device bond0
[  248.139183][T14351] 8021q: adding VLAN 0 to HW filter on device team0
[  248.150865][ T3944] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.157960][ T3944] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.176543][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.183704][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.241954][T14521] loop1: detected capacity change from 0 to 512
[  248.261129][T14524] loop3: detected capacity change from 0 to 512
[  248.268850][T14524] EXT4-fs: quotafile must be on filesystem root
[  248.280693][T14521] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  248.292041][T14521] EXT4-fs (loop1): orphan cleanup on readonly fs
[  248.301625][T14533] xt_CT: You must specify a L4 protocol and not use inversions on it
[  248.304244][T14521] EXT4-fs (loop1): 1 orphan inode deleted
[  248.317323][T14351] 8021q: adding VLAN 0 to HW filter on device batadv0
[  248.324483][   T31] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  248.407181][T14534] vlan2: entered allmulticast mode
[  248.451020][T14534] dummy0: entered allmulticast mode
[  248.461870][T14521] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3001'.
[  248.773340][T14351] veth0_vlan: entered promiscuous mode
[  248.786232][T14351] veth1_vlan: entered promiscuous mode
[  248.802870][T14584] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3012'.
[  248.813187][T14351] veth0_macvtap: entered promiscuous mode
[  248.820503][T14351] veth1_macvtap: entered promiscuous mode
[  248.844449][T14351] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.856724][T14590] loop2: detected capacity change from 0 to 512
[  248.866081][T14590] EXT4-fs (loop2): unable to read superblock
[  248.872689][T14351] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.884920][T14351] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.893783][T14351] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.902589][T14351] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.911399][T14351] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.095421][T14605] loop3: detected capacity change from 0 to 1024
[  249.165371][T14605] ext4 filesystem being mounted at /548/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.241864][ T3833] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  249.264913][ T3833] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  249.277454][ T3833] EXT4-fs (loop3): This should not happen!! Data will be lost
[  249.277454][ T3833] 
[  249.287226][ T3833] EXT4-fs (loop3): Total free blocks count 0
[  249.293264][ T3833] EXT4-fs (loop3): Free/Dirty block details
[  249.299214][ T3833] EXT4-fs (loop3): free_blocks=4293918720
[  249.304958][ T3833] EXT4-fs (loop3): dirty_blocks=16
[  249.310139][ T3833] EXT4-fs (loop3): Block reservation details
[  249.316206][ T3833] EXT4-fs (loop3): i_reserved_data_blocks=1
[  249.373651][T14617] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3026'.
[  249.435642][T14617] erspan0: refused to change device tx_queue_len
[  249.471699][T14624] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3024'.
[  249.481875][T14617] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  249.542730][T14635] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3028'.
[  249.559123][T14635] erspan0: refused to change device tx_queue_len
[  249.569086][T14635] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  249.734177][T14643] loop4: detected capacity change from 0 to 512
[  249.736646][T14644] pim6reg1: entered promiscuous mode
[  249.746055][T14644] pim6reg1: entered allmulticast mode
[  249.755693][T14643] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  249.777641][T14643] EXT4-fs (loop4): 1 truncate cleaned up
[  249.786704][T14643] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3033'.
[  249.808208][T14651] loop3: detected capacity change from 0 to 1024
[  249.818919][T14651] ext4 filesystem being mounted at /552/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.854851][ T3833] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  249.854937][T14656] loop2: detected capacity change from 0 to 256
[  249.876843][ T3833] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  249.889395][ T3833] EXT4-fs (loop3): This should not happen!! Data will be lost
[  249.889395][ T3833] 
[  249.899111][ T3833] EXT4-fs (loop3): Total free blocks count 0
[  249.905177][ T3833] EXT4-fs (loop3): Free/Dirty block details
[  249.911115][ T3833] EXT4-fs (loop3): free_blocks=4293918720
[  249.916922][ T3833] EXT4-fs (loop3): dirty_blocks=16
[  249.922218][ T3833] EXT4-fs (loop3): Block reservation details
[  249.928248][ T3833] EXT4-fs (loop3): i_reserved_data_blocks=1
[  249.958957][T14660] validate_nla: 6 callbacks suppressed
[  249.958975][T14660] netlink: 'syz.4.3038': attribute type 13 has an invalid length.
[  249.972364][T14660] netlink: 152 bytes leftover after parsing attributes in process `syz.4.3038'.
[  249.984139][T14660] erspan0: refused to change device tx_queue_len
[  249.991303][T14660] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  250.509838][T14679] loop4: detected capacity change from 0 to 2048
[  250.576727][T14681] pim6reg1: entered promiscuous mode
[  250.582078][T14681] pim6reg1: entered allmulticast mode
[  250.682224][T14689] loop4: detected capacity change from 0 to 512
[  250.689338][T14689] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  250.705859][T14689] EXT4-fs (loop4): 1 truncate cleaned up
[  250.722737][T14689] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3049'.
[  250.860360][T14696] netlink: 'syz.0.3050': attribute type 17 has an invalid length.
[  250.946580][T14709] loop4: detected capacity change from 0 to 128
[  250.980663][T14709] IPVS: stopping master sync thread 14712 ...
[  251.030169][T14718] loop1: detected capacity change from 0 to 1024
[  251.045460][T14718] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.067266][T14723] netlink: 'syz.0.3053': attribute type 17 has an invalid length.
[  251.137904][ T3833] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  251.161585][ T3833] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  251.174123][ T3833] EXT4-fs (loop1): This should not happen!! Data will be lost
[  251.174123][ T3833] 
[  251.183826][ T3833] EXT4-fs (loop1): Total free blocks count 0
[  251.189857][ T3833] EXT4-fs (loop1): Free/Dirty block details
[  251.195881][ T3833] EXT4-fs (loop1): free_blocks=4293918720
[  251.201628][ T3833] EXT4-fs (loop1): dirty_blocks=16
[  251.206806][ T3833] EXT4-fs (loop1): Block reservation details
[  251.210463][T14738] loop2: detected capacity change from 0 to 2048
[  251.212860][ T3833] EXT4-fs (loop1): i_reserved_data_blocks=1
[  251.244173][T14744] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 0
[  251.273674][T14750] loop4: detected capacity change from 0 to 512
[  251.289935][T14750] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  251.305383][   T29] kauditd_printk_skb: 164 callbacks suppressed
[  251.305396][   T29] audit: type=1326 audit(1753203750.687:11815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14752 comm="syz.0.3064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  251.335752][   T29] audit: type=1326 audit(1753203750.687:11816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14752 comm="syz.0.3064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  251.359393][   T29] audit: type=1326 audit(1753203750.687:11817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14752 comm="syz.0.3064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  251.359760][T14750] EXT4-fs (loop4): 1 truncate cleaned up
[  251.383014][   T29] audit: type=1326 audit(1753203750.687:11818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14752 comm="syz.0.3064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  251.412341][   T29] audit: type=1326 audit(1753203750.687:11819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14752 comm="syz.0.3064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  251.435972][   T29] audit: type=1326 audit(1753203750.687:11820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14752 comm="syz.0.3064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  251.437187][T14750] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3063'.
[  251.459589][   T29] audit: type=1326 audit(1753203750.687:11821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14752 comm="syz.0.3064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  251.459622][   T29] audit: type=1326 audit(1753203750.687:11822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14752 comm="syz.0.3064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  251.515695][   T29] audit: type=1326 audit(1753203750.687:11823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14752 comm="syz.0.3064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  251.539336][   T29] audit: type=1326 audit(1753203750.687:11824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14752 comm="syz.0.3064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  251.571590][T14759] loop3: detected capacity change from 0 to 1024
[  251.572838][T14761] loop0: detected capacity change from 0 to 128
[  251.578503][T14759] EXT4-fs: inline encryption not supported
[  251.601636][T14756] netlink: 'syz.2.3066': attribute type 13 has an invalid length.
[  251.603261][T14761] IPVS: stopping master sync thread 14744 ...
[  251.609541][T14756] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3066'.
[  251.617590][T14759] EXT4-fs: Ignoring removed bh option
[  251.652414][T14756] erspan0: refused to change device tx_queue_len
[  251.659436][T14756] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  251.765239][T14776] loop2: detected capacity change from 0 to 8192
[  252.028447][T14787] loop1: detected capacity change from 0 to 8192
[  252.624318][T14803] loop3: detected capacity change from 0 to 128
[  252.694529][T14803] IPVS: stopping master sync thread 14805 ...
[  252.700893][T14805] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  252.735809][T14807] loop4: detected capacity change from 0 to 512
[  252.782443][T14807] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  252.833152][T14807] EXT4-fs (loop4): 1 truncate cleaned up
[  252.900675][T14807] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3081'.
[  252.949728][T14813] netlink: 'syz.3.3082': attribute type 13 has an invalid length.
[  252.957636][T14813] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3082'.
[  252.971624][T14813] erspan0: refused to change device tx_queue_len
[  252.983477][T14813] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  253.088329][T14822] vlan2: entered allmulticast mode
[  253.108618][T14824] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  253.248279][T14830] netlink: 'syz.4.3087': attribute type 17 has an invalid length.
[  253.331212][T14838] loop4: detected capacity change from 0 to 2048
[  253.757332][T14848] vlan2: entered allmulticast mode
[  253.778517][T14848] dummy0: entered allmulticast mode
[  253.856751][T14850] loop0: detected capacity change from 0 to 512
[  253.898668][T14850] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.918655][T14850] (unnamed net_device) (uninitialized): down delay (2) is not a multiple of miimon (5), value rounded to 0 ms
[  253.930499][T14850] (unnamed net_device) (uninitialized): peer notification delay (216) is not a multiple of miimon (5), value rounded to 215 ms
[  253.973856][T14853] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3091'.
[  253.982820][T14853] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3091'.
[  254.219111][T14870] loop0: detected capacity change from 0 to 2048
[  254.315648][T14881] netlink: 'syz.3.3098': attribute type 17 has an invalid length.
[  254.361159][T14888] netlink: 'syz.0.3100': attribute type 17 has an invalid length.
[  254.687799][T14909] loop4: detected capacity change from 0 to 2048
[  254.694691][T14909] EXT4-fs: Ignoring removed nobh option
[  254.706218][T14909] FAULT_INJECTION: forcing a failure.
[  254.706218][T14909] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.719349][T14909] CPU: 0 UID: 0 PID: 14909 Comm: syz.4.3106 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  254.719449][T14909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  254.719474][T14909] Call Trace:
[  254.719479][T14909]  <TASK>
[  254.719486][T14909]  __dump_stack+0x1d/0x30
[  254.719506][T14909]  dump_stack_lvl+0xe8/0x140
[  254.719524][T14909]  dump_stack+0x15/0x1b
[  254.719616][T14909]  should_fail_ex+0x265/0x280
[  254.719685][T14909]  should_fail+0xb/0x20
[  254.719717][T14909]  should_fail_usercopy+0x1a/0x20
[  254.719747][T14909]  _copy_from_user+0x1c/0xb0
[  254.719771][T14909]  ___sys_sendmsg+0xc1/0x1d0
[  254.719859][T14909]  __x64_sys_sendmsg+0xd4/0x160
[  254.719959][T14909]  x64_sys_call+0x2999/0x2fb0
[  254.719986][T14909]  do_syscall_64+0xd2/0x200
[  254.720009][T14909]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  254.720034][T14909]  ? clear_bhb_loop+0x40/0x90
[  254.720127][T14909]  ? clear_bhb_loop+0x40/0x90
[  254.720162][T14909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.720190][T14909] RIP: 0033:0x7f3774d9e9a9
[  254.720208][T14909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.720307][T14909] RSP: 002b:00007f37733ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.720327][T14909] RAX: ffffffffffffffda RBX: 00007f3774fc5fa0 RCX: 00007f3774d9e9a9
[  254.720343][T14909] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000006
[  254.720359][T14909] RBP: 00007f37733ff090 R08: 0000000000000000 R09: 0000000000000000
[  254.720375][T14909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.720390][T14909] R13: 0000000000000000 R14: 00007f3774fc5fa0 R15: 00007fffe43aa668
[  254.720435][T14909]  </TASK>
[  254.999531][T14915] loop2: detected capacity change from 0 to 2048
[  255.006565][T14915] EXT4-fs: Ignoring removed nobh option
[  255.042150][T14926] loop1: detected capacity change from 0 to 2048
[  255.084118][T14934] 9pnet_fd: Insufficient options for proto=fd
[  255.112284][T14934] loop1: detected capacity change from 0 to 512
[  255.145094][T14934] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.260679][T14948] loop3: detected capacity change from 0 to 8192
[  255.296105][T14952] loop2: detected capacity change from 0 to 2048
[  255.352690][T14959] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3124'.
[  255.517328][T14973] SELinux: failed to load policy
[  255.530320][T14973] loop2: detected capacity change from 0 to 512
[  255.556648][T14973] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  255.578060][T14980] pim6reg1: entered promiscuous mode
[  255.583426][T14980] pim6reg1: entered allmulticast mode
[  255.597348][T14973] EXT4-fs (loop2): mount failed
[  255.630384][T14984] netlink: 'syz.1.3131': attribute type 17 has an invalid length.
[  255.883728][T14997] loop1: detected capacity change from 0 to 512
[  255.919120][T14997] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.933989][T15005] loop4: detected capacity change from 0 to 128
[  255.957658][T14997] FAULT_INJECTION: forcing a failure.
[  255.957658][T14997] name failslab, interval 1, probability 0, space 0, times 0
[  255.970405][T14997] CPU: 1 UID: 0 PID: 14997 Comm: syz.1.3137 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  255.970494][T14997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  255.970509][T14997] Call Trace:
[  255.970515][T14997]  <TASK>
[  255.970521][T14997]  __dump_stack+0x1d/0x30
[  255.970610][T14997]  dump_stack_lvl+0xe8/0x140
[  255.970632][T14997]  dump_stack+0x15/0x1b
[  255.970647][T14997]  should_fail_ex+0x265/0x280
[  255.970676][T14997]  should_failslab+0x8c/0xb0
[  255.970739][T14997]  kmem_cache_alloc_noprof+0x50/0x310
[  255.970770][T14997]  ? audit_log_start+0x365/0x6c0
[  255.970808][T14997]  audit_log_start+0x365/0x6c0
[  255.970859][T14997]  audit_seccomp+0x48/0x100
[  255.970883][T14997]  ? __seccomp_filter+0x68c/0x10d0
[  255.970972][T14997]  __seccomp_filter+0x69d/0x10d0
[  255.970993][T14997]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  255.971031][T14997]  ? vfs_write+0x75e/0x8e0
[  255.971078][T14997]  ? __rcu_read_unlock+0x4f/0x70
[  255.971174][T14997]  ? __fget_files+0x184/0x1c0
[  255.971194][T14997]  __secure_computing+0x82/0x150
[  255.971220][T14997]  syscall_trace_enter+0xcf/0x1e0
[  255.971248][T14997]  do_syscall_64+0xac/0x200
[  255.971270][T14997]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  255.971356][T14997]  ? clear_bhb_loop+0x40/0x90
[  255.971381][T14997]  ? clear_bhb_loop+0x40/0x90
[  255.971407][T14997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.971432][T14997] RIP: 0033:0x7fa47897e9a9
[  255.971447][T14997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.971509][T14997] RSP: 002b:00007fa476fdf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  255.971526][T14997] RAX: ffffffffffffffda RBX: 00007fa478ba5fa0 RCX: 00007fa47897e9a9
[  255.971537][T14997] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000012
[  255.971549][T14997] RBP: 00007fa476fdf090 R08: 0000000000000000 R09: 0000000000000000
[  255.971560][T14997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.971573][T14997] R13: 0000000000000000 R14: 00007fa478ba5fa0 R15: 00007ffc8bd29078
[  255.971596][T14997]  </TASK>
[  255.973623][T15005] FAULT_INJECTION: forcing a failure.
[  255.973623][T15005] name failslab, interval 1, probability 0, space 0, times 0
[  256.105616][T15015] netlink: 'syz.0.3139': attribute type 17 has an invalid length.
[  256.109734][T15005] CPU: 1 UID: 0 PID: 15005 Comm: syz.4.3133 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  256.109768][T15005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  256.109786][T15005] Call Trace:
[  256.109795][T15005]  <TASK>
[  256.109808][T15005]  __dump_stack+0x1d/0x30
[  256.109838][T15005]  dump_stack_lvl+0xe8/0x140
[  256.109867][T15005]  dump_stack+0x15/0x1b
[  256.109891][T15005]  should_fail_ex+0x265/0x280
[  256.109988][T15005]  should_failslab+0x8c/0xb0
[  256.110020][T15005]  kmem_cache_alloc_noprof+0x50/0x310
[  256.110082][T15005]  ? getname_flags+0x80/0x3b0
[  256.110112][T15005]  getname_flags+0x80/0x3b0
[  256.110142][T15005]  __x64_sys_renameat2+0x6c/0x90
[  256.110169][T15005]  x64_sys_call+0x2bf6/0x2fb0
[  256.110201][T15005]  do_syscall_64+0xd2/0x200
[  256.110227][T15005]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  256.110342][T15005]  ? clear_bhb_loop+0x40/0x90
[  256.110370][T15005]  ? clear_bhb_loop+0x40/0x90
[  256.110400][T15005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.110444][T15005] RIP: 0033:0x7f3774d9e9a9
[  256.110466][T15005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.110519][T15005] RSP: 002b:00007f37733ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  256.110546][T15005] RAX: ffffffffffffffda RBX: 00007f3774fc5fa0 RCX: 00007f3774d9e9a9
[  256.110606][T15005] RDX: 0000000000000004 RSI: 0000200000000240 RDI: 0000000000000004
[  256.110623][T15005] RBP: 00007f37733ff090 R08: 0000000000000002 R09: 0000000000000000
[  256.110640][T15005] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  256.110657][T15005] R13: 0000000000000000 R14: 00007f3774fc5fa0 R15: 00007fffe43aa668
[  256.110715][T15005]  </TASK>
[  256.434547][T15030] netlink: 'syz.4.3143': attribute type 13 has an invalid length.
[  256.442475][T15030] netlink: 152 bytes leftover after parsing attributes in process `syz.4.3143'.
[  256.459847][T15030] erspan0: refused to change device tx_queue_len
[  256.467192][T15030] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  256.532959][   T29] kauditd_printk_skb: 310 callbacks suppressed
[  256.532972][   T29] audit: type=1326 audit(1753203755.931:12132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3774d9e9a9 code=0x7ffc0000
[  256.564862][T15011] chnl_net:caif_netlink_parms(): no params data found
[  256.568339][   T29] audit: type=1326 audit(1753203755.961:12133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7f3774d9e9a9 code=0x7ffc0000
[  256.595488][   T29] audit: type=1326 audit(1753203755.961:12134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3774d9e9a9 code=0x7ffc0000
[  256.619178][   T29] audit: type=1326 audit(1753203755.961:12135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3774d9e9a9 code=0x7ffc0000
[  256.643120][   T29] audit: type=1326 audit(1753203755.971:12136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3774d9e9a9 code=0x7ffc0000
[  256.666812][   T29] audit: type=1326 audit(1753203755.971:12137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3774d9e9a9 code=0x7ffc0000
[  256.690419][   T29] audit: type=1326 audit(1753203755.971:12138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3774d9e9a9 code=0x7ffc0000
[  256.714230][   T29] audit: type=1326 audit(1753203755.971:12139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3774d9e9a9 code=0x7ffc0000
[  256.737917][   T29] audit: type=1326 audit(1753203755.971:12140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3774d9e9a9 code=0x7ffc0000
[  256.761521][   T29] audit: type=1326 audit(1753203755.981:12141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15042 comm="syz.4.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3774d9e9a9 code=0x7ffc0000
[  256.787049][ T3944] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.839281][T15053] loop0: detected capacity change from 0 to 2048
[  256.856223][T15011] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.863417][T15011] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.870826][T15011] bridge_slave_0: entered allmulticast mode
[  256.877474][T15011] bridge_slave_0: entered promiscuous mode
[  256.884411][T15011] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.891533][T15011] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.898975][T15011] bridge_slave_1: entered allmulticast mode
[  256.906214][T15011] bridge_slave_1: entered promiscuous mode
[  256.928617][T15064] netlink: 'syz.4.3152': attribute type 2 has an invalid length.
[  256.939207][T15064] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3152'.
[  256.949967][ T3944] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.964405][T15067] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  256.984632][T15011] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  256.996524][T15011] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  257.021119][T15011] team0: Port device team_slave_0 added
[  257.034339][T15011] team0: Port device team_slave_1 added
[  257.057648][T15011] batman_adv: batadv0: Adding interface: batadv_slave_0
[  257.064723][T15011] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.090871][T15011] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  257.102561][T15011] batman_adv: batadv0: Adding interface: batadv_slave_1
[  257.109749][T15011] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.135846][T15011] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  257.151119][ T3944] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.206839][T15077] loop0: detected capacity change from 0 to 2048
[  257.228925][T15011] hsr_slave_0: entered promiscuous mode
[  257.235885][T15011] hsr_slave_1: entered promiscuous mode
[  257.242022][T15011] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  257.250147][T15011] Cannot create hsr debugfs directory
[  257.258979][ T3944] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.274474][T15081] vlan2: entered allmulticast mode
[  257.324763][T15086] netlink: 'syz.1.3158': attribute type 17 has an invalid length.
[  257.365718][ T3944] bridge_slave_1: left allmulticast mode
[  257.371498][ T3944] bridge_slave_1: left promiscuous mode
[  257.377282][ T3944] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.388629][ T3944] bridge_slave_0: left allmulticast mode
[  257.394389][ T3944] bridge_slave_0: left promiscuous mode
[  257.400144][ T3944] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.530532][ T3944] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  257.539380][ T3944] bond_slave_0: left promiscuous mode
[  257.546414][ T3944] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  257.556452][ T3944] bond_slave_1: left promiscuous mode
[  257.562567][ T3944] $Hÿ (unregistering): Released all slaves
[  257.572436][ T3944] bond1 (unregistering): Released all slaves
[  257.581518][ T3944] bond2 (unregistering): Released all slaves
[  257.591250][ T3944] bond3 (unregistering): Released all slaves
[  257.656637][T15097] loop0: detected capacity change from 0 to 1024
[  257.669281][ T3944] veth1_macvtap: left promiscuous mode
[  257.674893][ T3944] veth0_macvtap: left promiscuous mode
[  257.681658][ T3944] veth1_vlan: left promiscuous mode
[  257.689278][T15097] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.700301][ T3944] veth0_vlan: left promiscuous mode
[  257.747828][ T3836] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  257.780766][ T3836] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  257.793368][ T3836] EXT4-fs (loop0): This should not happen!! Data will be lost
[  257.793368][ T3836] 
[  257.803090][ T3836] EXT4-fs (loop0): Total free blocks count 0
[  257.809137][ T3836] EXT4-fs (loop0): Free/Dirty block details
[  257.815137][ T3836] EXT4-fs (loop0): free_blocks=4293918720
[  257.820985][ T3836] EXT4-fs (loop0): dirty_blocks=16
[  257.826228][ T3836] EXT4-fs (loop0): Block reservation details
[  257.832215][ T3836] EXT4-fs (loop0): i_reserved_data_blocks=1
[  257.878579][ T3944] team0 (unregistering): Port device team_slave_1 removed
[  257.895178][ T3944] team0 (unregistering): Port device team_slave_0 removed
[  258.055123][T15118] loop4: detected capacity change from 0 to 512
[  258.068360][T15118] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  258.083613][T15118] EXT4-fs (loop4): mount failed
[  258.105970][T15011] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  258.114845][T15011] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  258.123809][T15011] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  258.137527][T15011] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  258.162633][T15130] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3170'.
[  258.171739][T15130] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3170'.
[  258.216276][T15011] 8021q: adding VLAN 0 to HW filter on device bond0
[  258.229433][T15011] 8021q: adding VLAN 0 to HW filter on device team0
[  258.248621][ T3833] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.255751][ T3833] bridge0: port 1(bridge_slave_0) entered forwarding state
[  258.275043][ T3833] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.282220][ T3833] bridge0: port 2(bridge_slave_1) entered forwarding state
[  258.297519][T15146] netlink: 'syz.1.3171': attribute type 17 has an invalid length.
[  258.328632][T15154] loop3: detected capacity change from 0 to 2048
[  258.360511][T15011] 8021q: adding VLAN 0 to HW filter on device batadv0
[  258.444150][T15175] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15175 comm=syz.3.3177
[  258.491579][T15011] veth0_vlan: entered promiscuous mode
[  258.504213][T15182] netlink: 'syz.4.3174': attribute type 17 has an invalid length.
[  258.508330][T15011] veth1_vlan: entered promiscuous mode
[  258.543944][T15011] veth0_macvtap: entered promiscuous mode
[  258.553980][T15011] veth1_macvtap: entered promiscuous mode
[  258.565451][T15011] batman_adv: batadv0: Interface activated: batadv_slave_0
[  258.578086][T15175] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.603029][T15011] batman_adv: batadv0: Interface activated: batadv_slave_1
[  258.620413][T15011] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  258.629426][T15011] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  258.638231][T15011] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  258.646958][T15011] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  258.686811][T15175] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.709902][T15197] loop4: detected capacity change from 0 to 512
[  258.723491][T15197] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  258.739806][T15197] EXT4-fs (loop4): 1 truncate cleaned up
[  258.764879][T15197] EXT4-fs mount: 72 callbacks suppressed
[  258.764898][T15197] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.785052][T15203] loop2: detected capacity change from 0 to 2048
[  258.835464][T15203] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.854532][T15203] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.916241][T15175] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.975280][T15175] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.995394][T15213] loop2: detected capacity change from 0 to 128
[  259.003759][T14351] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.032156][T15213] IPVS: stopping master sync thread 15219 ...
[  259.038814][T15219] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  259.060285][T15175] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  259.072509][T15175] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.084833][T15175] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.097621][T15175] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  259.114530][T15217] loop4: detected capacity change from 0 to 2048
[  259.139847][T15217] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.160863][T15227] netlink: 'syz.1.3188': attribute type 17 has an invalid length.
[  259.233251][T14351] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.321736][T15253] netlink: 'syz.2.3191': attribute type 17 has an invalid length.
[  259.387014][T15264] loop0: detected capacity change from 0 to 2048
[  259.410048][T15264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.633736][T15276] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15276 comm=syz.2.3200
[  259.707815][T15276] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.777941][T15285] netlink: 'syz.3.3202': attribute type 17 has an invalid length.
[  260.254638][T13223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.337289][T15317] capability: warning: `syz.3.3207' uses 32-bit capabilities (legacy support in use)
[  260.394697][T15310] netlink: 180 bytes leftover after parsing attributes in process `syz.3.3207'.
[  260.484571][T15322] loop3: detected capacity change from 0 to 1024
[  260.495915][T15324] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15324 comm=syz.4.3212
[  260.510275][T15324] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  260.522092][T15322] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.534872][T15322] ext4 filesystem being mounted at /588/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.559598][ T3837] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  260.575562][ T3837] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  260.578837][T15331] $Hÿ: renamed from bond0 (while UP)
[  260.587987][ T3837] EXT4-fs (loop3): This should not happen!! Data will be lost
[  260.587987][ T3837] 
[  260.588006][ T3837] EXT4-fs (loop3): Total free blocks count 0
[  260.588023][ T3837] EXT4-fs (loop3): Free/Dirty block details
[  260.588036][ T3837] EXT4-fs (loop3): free_blocks=4293918720
[  260.588049][ T3837] EXT4-fs (loop3): dirty_blocks=16
[  260.588063][ T3837] EXT4-fs (loop3): Block reservation details
[  260.588117][ T3837] EXT4-fs (loop3): i_reserved_data_blocks=1
[  260.639151][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.639483][T15331] $Hÿ: entered promiscuous mode
[  260.653340][T15331] bond_slave_0: entered promiscuous mode
[  260.659184][T15331] bond_slave_1: entered promiscuous mode
[  260.847572][T15344] validate_nla: 1 callbacks suppressed
[  260.847590][T15344] netlink: 'syz.1.3217': attribute type 17 has an invalid length.
[  260.998125][T15362] netlink: 'syz.1.3221': attribute type 17 has an invalid length.
[  261.044121][T15371] loop3: detected capacity change from 0 to 2048
[  261.061599][T15371] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.133822][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.218356][T15380] loop0: detected capacity change from 0 to 2048
[  261.232288][T15380] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.249856][T15380] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.383813][T15276] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.395763][T15398] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15398 comm=syz.4.3232
[  261.409444][T15398] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  261.427869][T15400] pim6reg1: entered promiscuous mode
[  261.433369][T15400] pim6reg1: entered allmulticast mode
[  261.476902][T15403] netlink: 'syz.0.3231': attribute type 17 has an invalid length.
[  261.690296][   T29] kauditd_printk_skb: 346 callbacks suppressed
[  261.690311][   T29] audit: type=1400 audit(1753203761.101:12485): avc:  denied  { map } for  pid=15413 comm="syz.0.3235" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  261.720692][   T29] audit: type=1400 audit(1753203761.101:12486): avc:  denied  { execute } for  pid=15413 comm="syz.0.3235" path="/dev/sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  261.734341][T15416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3235'.
[  261.745147][   T29] audit: type=1326 audit(1753203761.141:12487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15413 comm="syz.0.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  261.777777][   T29] audit: type=1326 audit(1753203761.141:12488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15413 comm="syz.0.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  261.779282][T15416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3235'.
[  261.801413][   T29] audit: type=1326 audit(1753203761.141:12489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15413 comm="syz.0.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  261.801447][   T29] audit: type=1326 audit(1753203761.141:12490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15413 comm="syz.0.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  261.857732][   T29] audit: type=1326 audit(1753203761.141:12491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15413 comm="syz.0.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  261.881330][   T29] audit: type=1326 audit(1753203761.141:12492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15413 comm="syz.0.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  261.904995][   T29] audit: type=1326 audit(1753203761.141:12493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15413 comm="syz.0.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  261.928536][   T29] audit: type=1326 audit(1753203761.141:12494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15413 comm="syz.0.3235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90eacce9a9 code=0x7ffc0000
[  261.965717][T15416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3235'.
[  261.981143][T15416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3235'.
[  262.009470][T15416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3235'.
[  262.018477][T15416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3235'.
[  262.245488][T15439] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15439 comm=syz.4.3243
[  262.259319][T15439] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  262.882566][T15445] loop1: detected capacity change from 0 to 128
[  262.893698][T15447] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  262.893756][T15445] IPVS: stopping master sync thread 15447 ...
[  263.101883][T15276] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.143632][T15276] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.217576][T15276] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.229171][T15276] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.241357][T15276] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.255615][T15276] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.502638][T15482] netlink: 'syz.4.3254': attribute type 17 has an invalid length.
[  263.531663][T15491] loop2: detected capacity change from 0 to 128
[  263.561059][T15491] IPVS: stopping master sync thread 15493 ...
[  263.567512][T15493] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  263.622599][T15500] netlink: 592 bytes leftover after parsing attributes in process `syz.4.3260'.
[  263.677582][ T3944] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.704122][T15500] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.736885][ T3944] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.779628][T15500] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.823461][ T3944] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.850368][T15500] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.883180][T15523] loop1: detected capacity change from 0 to 2048
[  263.901295][ T3944] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.915421][T15523] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.917376][T15495] chnl_net:caif_netlink_parms(): no params data found
[  263.942350][T15500] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.951266][T15530] loop2: detected capacity change from 0 to 2048
[  263.980052][T15530] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.000295][ T3944] bridge_slave_1: left allmulticast mode
[  264.006036][ T3944] bridge_slave_1: left promiscuous mode
[  264.011783][ T3944] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.020659][T15011] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.029953][ T3944] bridge_slave_0: left allmulticast mode
[  264.035779][ T3944] bridge_slave_0: left promiscuous mode
[  264.041524][ T3944] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.064135][T13796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.196566][ T3944] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  264.206707][ T3944] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  264.216382][ T3944] bond0 (unregistering): Released all slaves
[  264.241002][T15495] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.248367][T15495] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.248496][T15543] loop0: detected capacity change from 0 to 1024
[  264.260283][T15495] bridge_slave_0: entered allmulticast mode
[  264.269221][T15495] bridge_slave_0: entered promiscuous mode
[  264.283994][T15495] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.291208][T15495] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.299866][T15495] bridge_slave_1: entered allmulticast mode
[  264.308275][T15543] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.310431][T15495] bridge_slave_1: entered promiscuous mode
[  264.322264][T15543] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.351741][ T3944] hsr_slave_0: left promiscuous mode
[  264.357192][ T3833] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  264.372235][ T3944] hsr_slave_1: left promiscuous mode
[  264.372344][ T3833] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  264.390035][ T3833] EXT4-fs (loop0): This should not happen!! Data will be lost
[  264.390035][ T3833] 
[  264.399781][ T3833] EXT4-fs (loop0): Total free blocks count 0
[  264.405810][ T3833] EXT4-fs (loop0): Free/Dirty block details
[  264.411861][ T3833] EXT4-fs (loop0): free_blocks=4293918720
[  264.417716][ T3833] EXT4-fs (loop0): dirty_blocks=16
[  264.422958][ T3833] EXT4-fs (loop0): Block reservation details
[  264.428984][ T3833] EXT4-fs (loop0): i_reserved_data_blocks=1
[  264.438742][T13223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.448391][ T3944] veth1_macvtap: left promiscuous mode
[  264.458913][ T3944] veth0_macvtap: left promiscuous mode
[  264.465417][ T3944] veth1_vlan: left promiscuous mode
[  264.471977][ T3944] veth0_vlan: left promiscuous mode
[  264.566579][ T3944] team0 (unregistering): Port device team_slave_1 removed
[  264.585302][T15559] loop2: detected capacity change from 0 to 2048
[  264.586690][ T3944] team0 (unregistering): Port device team_slave_0 removed
[  264.606979][T15559] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.657982][T15011] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.677074][T15495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  264.689241][T15495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.707047][T15500] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  264.724855][T15500] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  264.744364][T15500] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  264.753347][T15495] team0: Port device team_slave_0 added
[  264.764048][T15500] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  264.775089][T15495] team0: Port device team_slave_1 added
[  264.825796][T15495] batman_adv: batadv0: Adding interface: batadv_slave_0
[  264.832806][T15495] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.858811][T15495] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  264.874533][T15495] batman_adv: batadv0: Adding interface: batadv_slave_1
[  264.881564][T15495] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  264.907704][T15495] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  264.930748][T15569] vlan1: entered allmulticast mode
[  264.985094][T15495] hsr_slave_0: entered promiscuous mode
[  264.991529][T15495] hsr_slave_1: entered promiscuous mode
[  265.356435][T15584] loop2: detected capacity change from 0 to 512
[  265.382990][T15584] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  265.395035][T15584] EXT4-fs (loop2): 1 truncate cleaned up
[  265.401203][T15584] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.457537][T15589] loop1: detected capacity change from 0 to 2048
[  265.491246][T15589] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.510905][T15495] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  265.520489][T15589] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.532803][T15495] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  265.547241][T15495] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  265.556417][T15495] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  265.567537][T15011] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.644673][T15495] 8021q: adding VLAN 0 to HW filter on device bond0
[  265.655573][T15607] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15607 comm=syz.0.3290
[  265.670810][T15495] 8021q: adding VLAN 0 to HW filter on device team0
[  265.679468][T15608] netlink: 'syz.2.3288': attribute type 17 has an invalid length.
[  265.688873][ T3833] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.696023][ T3833] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.705390][ T3833] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.712488][ T3833] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.734581][T15612] netlink: 'syz.1.3289': attribute type 17 has an invalid length.
[  265.750611][T15620] loop0: detected capacity change from 0 to 512
[  265.758862][T15620] EXT4-fs (loop0): unable to read superblock
[  265.856450][T15495] 8021q: adding VLAN 0 to HW filter on device batadv0
[  265.896835][T15631] loop1: detected capacity change from 0 to 2048
[  265.934760][T15639] loop4: detected capacity change from 0 to 512
[  265.949330][T15631] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.963908][T15639] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  265.978651][T15639] EXT4-fs (loop4): 1 truncate cleaned up
[  265.986160][T15639] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.013906][T13796] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.051614][T15495] veth0_vlan: entered promiscuous mode
[  266.062466][T15495] veth1_vlan: entered promiscuous mode
[  266.161566][T15639] ==================================================================
[  266.169716][T15639] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  266.179569][T15639] 
[  266.181903][T15639] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 0:
[  266.189984][T15639]  tick_do_update_jiffies64+0x113/0x1c0
[  266.195573][T15639]  tick_nohz_handler+0x7f/0x2d0
[  266.200453][T15639]  __hrtimer_run_queues+0x20f/0x5a0
[  266.205674][T15639]  hrtimer_interrupt+0x21a/0x460
[  266.210634][T15639]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  266.216562][T15639]  sysvec_apic_timer_interrupt+0x6f/0x80
[  266.222225][T15639]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  266.228232][T15639]  kcsan_setup_watchpoint+0x415/0x430
[  266.233626][T15639]  __scm_recv_common+0x26f/0x340
[  266.238591][T15639]  scm_recv_unix+0x4a/0x220
[  266.243118][T15639]  __unix_dgram_recvmsg+0x74f/0x840
[  266.248342][T15639]  unix_dgram_recvmsg+0x81/0x90
[  266.253221][T15639]  sock_recvmsg_nosec+0x107/0x130
[  266.258279][T15639]  ____sys_recvmsg+0x26f/0x280
[  266.263087][T15639]  ___sys_recvmsg+0x11f/0x370
[  266.267781][T15639]  do_recvmmsg+0x1ef/0x540
[  266.272223][T15639]  __x64_sys_recvmmsg+0xe5/0x170
[  266.277176][T15639]  x64_sys_call+0x1c6a/0x2fb0
[  266.281863][T15639]  do_syscall_64+0xd2/0x200
[  266.286393][T15639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.292313][T15639] 
[  266.294647][T15639] read to 0xffffffff868099c0 of 8 bytes by task 15639 on cpu 1:
[  266.302316][T15639]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  266.308581][T15639]  count_shadow_nodes+0x6a/0x230
[  266.313561][T15639]  do_shrink_slab+0x63/0x680
[  266.318173][T15639]  shrink_slab+0x448/0x760
[  266.322608][T15639]  shrink_node+0x6c3/0x2120
[  266.327137][T15639]  do_try_to_free_pages+0x3f6/0xcd0
[  266.332354][T15639]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  266.338267][T15639]  try_charge_memcg+0x358/0x9e0
[  266.343174][T15639]  obj_cgroup_charge_pages+0xa6/0x150
[  266.348569][T15639]  __memcg_kmem_charge_page+0x9f/0x170
[  266.354064][T15639]  __alloc_frozen_pages_noprof+0x188/0x360
[  266.359902][T15639]  alloc_pages_mpol+0xb3/0x250
[  266.364701][T15639]  alloc_pages_noprof+0x90/0x130
[  266.369669][T15639]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  266.375515][T15639]  __kvmalloc_node_noprof+0x30f/0x4e0
[  266.380912][T15639]  ip_set_alloc+0x1f/0x30
[  266.385266][T15639]  hash_netiface_create+0x282/0x740
[  266.390507][T15639]  ip_set_create+0x3c9/0x960
[  266.395139][T15639]  nfnetlink_rcv_msg+0x4c6/0x590
[  266.400100][T15639]  netlink_rcv_skb+0x120/0x220
[  266.404902][T15639]  nfnetlink_rcv+0x16b/0x1690
[  266.409602][T15639]  netlink_unicast+0x5a8/0x680
[  266.414400][T15639]  netlink_sendmsg+0x58b/0x6b0
[  266.419194][T15639]  __sock_sendmsg+0x145/0x180
[  266.423907][T15639]  ____sys_sendmsg+0x31e/0x4e0
[  266.428790][T15639]  ___sys_sendmsg+0x17b/0x1d0
[  266.433496][T15639]  __x64_sys_sendmsg+0xd4/0x160
[  266.438383][T15639]  x64_sys_call+0x2999/0x2fb0
[  266.443079][T15639]  do_syscall_64+0xd2/0x200
[  266.447607][T15639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.453525][T15639] 
[  266.455855][T15639] value changed: 0x00000000fffff311 -> 0x00000000fffff312
[  266.462979][T15639] 
[  266.465313][T15639] Reported by Kernel Concurrency Sanitizer on:
[  266.471478][T15639] CPU: 1 UID: 0 PID: 15639 Comm: syz.4.3296 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  266.482256][T15639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  266.492347][T15639] ==================================================================
[  266.509066][T15637] netlink: 'syz.2.3295': attribute type 17 has an invalid length.
[  267.059456][T15495] veth0_macvtap: entered promiscuous mode
[  267.067006][T15495] veth1_macvtap: entered promiscuous mode
[  267.078051][T15495] batman_adv: batadv0: Interface activated: batadv_slave_0
[  267.094999][T15495] batman_adv: batadv0: Interface activated: batadv_slave_1
[  267.115885][T15495] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  267.124689][T15495] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  267.133435][T15495] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  267.142148][T15495] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  267.172807][   T29] kauditd_printk_skb: 278 callbacks suppressed
[  267.172830][   T29] audit: type=1326 audit(1753203766.590:12773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15667 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa47897e9a9 code=0x7ffc0000
[  267.202842][   T29] audit: type=1326 audit(1753203766.590:12774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15667 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa47897e9a9 code=0x7ffc0000
[  267.226591][   T29] audit: type=1326 audit(1753203766.590:12775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15667 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fa47897e9a9 code=0x7ffc0000
[  267.250421][   T29] audit: type=1326 audit(1753203766.590:12776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15667 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa47897e9a9 code=0x7ffc0000
[  267.274282][   T29] audit: type=1326 audit(1753203766.590:12777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15667 comm="syz.1.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa47897e9a9 code=0x7ffc0000
[  267.324023][T14351] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.355137][   T29] audit: type=1400 audit(1753203766.770:12778): avc:  denied  { write } for  pid=15495 comm="syz-executor" name="cgroup.procs" dev="cgroup" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:zero_device_t:s0"