last executing test programs:

1m20.176725023s ago: executing program 4 (id=1614):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r1}, 0x4)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
bpf$MAP_CREATE(0x0, &(0x7f0000004140)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000040c0)={&(0x7f0000004080)='bcache_read\x00', r2, 0x0, 0x9}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x17c, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x4}, {0xffe0}}, [@TCA_CHAIN={0x8, 0xb, 0x1ff}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x13c, 0x2, [@TCA_ROUTE4_ACT={0x138, 0x6, [@m_vlan={0xc8, 0x8, 0x0, 0x0, {{0x9}, {0x24, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x7}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x1a8}]}, {0x79, 0x6, "fe393046780fc0b9a04afd1cf1bacd6244fa765bb3658f46bbeae297438134ba976082924a6439961a38ab6dc487c7ce03cbe6d7aa8bb01e9ef7e8035280944e090ec29df32fd054804158ae1121f3a3e07e8201cdb4c8915f4cfd63ee91d436d5e5274cf2315f3b29b8d213540cd7f7d65f7d0ff8"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_gact={0x6c, 0x12, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x9, 0x81, 0x5, 0x7ff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x8, 0xc71, 0x2, 0x2, 0x5d}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x262f, 0x3}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}]}]}}]}, 0x17c}, 0x1, 0x0, 0x0, 0x1}, 0x20000810)
r3 = socket(0x10, 0x803, 0x0)
recvmmsg(r3, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
rseq(&(0x7f0000004200)={0x0, 0x0, &(0x7f00000041c0)={0x0, 0x0, 0x80000000000, 0xf, 0x6}}, 0x20, 0x0, 0x0)

1m19.493493886s ago: executing program 4 (id=1626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x2, 0x5, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
preadv(r2, &(0x7f00000002c0), 0x0, 0x0, 0x2000000)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
write(r3, 0x0, 0x0)

1m19.109377278s ago: executing program 4 (id=1634):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202075251af8ff00000000bfa100000016000007010000f8ffffffb702000008000000b703000005000000850000003d00000085000000230000009500"/96], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='timer_start\x00', r0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=@delchain={0x98, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_flower={{0xb}, {0x50, 0x2, [@TCA_FLOWER_KEY_ARP_OP={0x5}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x5}, @TCA_FLOWER_KEY_SCTP_DST_MASK={0x6}, @TCA_FLOWER_KEY_ENC_IPV6_SRC_MASK={0x14}, @TCA_FLOWER_KEY_ENC_UDP_DST_PORT={0x6}, @TCA_FLOWER_KEY_ICMPV6_TYPE={0x5}, @TCA_FLOWER_KEY_PORT_DST_MIN={0x6, 0x59, 0x20}, @TCA_FLOWER_KEY_ENC_UDP_SRC_PORT_MASK={0x6}]}}]}, 0x98}}, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x140)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00@\x00'/28], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = gettid()
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x18)
r5 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @auto=[0x35, 0x0, 0x0, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x65, 0x0, 0x33]}, &(0x7f0000000080)={0x0, "69dcaf2086ec9a8545f45826cb35be51ca73845d177dd8dba7221faeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700"}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r5, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000280)={'syz', 0x2}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xb1d, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005efe2100850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)

1m19.057145189s ago: executing program 4 (id=1637):
r0 = perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3b, 0x1, 0x0, 0x0, 0x0, 0x89, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x3000006, &(0x7f0000000040)={[{@discard}, {@abort}, {@block_validity}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@usrjquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@nobh}, {}, {@orlov}, {@user_xattr}, {@init_itable_val={'init_itable', 0x3d, 0x400}}]}, 0x1, 0x556, &(0x7f0000001100)="$eJzs3d1rW+UfAPDvSdu9/37rYAwVkcIunMyltvVlghfzUnQ40PsZ2rMymi6jScdaB24X7sYbGYKIA/Fe770c/gP+FQMtDBlFL7ypnPSky9akybL0ZebzgbM9zzknfc4353yfPCdPQgIYWGPZP4WIFyPi6yTiaNO24cg3jq3vt/rwxnS2JLG29smfSST5usb+Sf7/4bzyQkT8+mXE6cLmdqtLy3OlcjldyOvjtfmr49Wl5TOX50uz6Wx6ZXJq6uxbU5PvvvN232J97cLf331874OzX51c/fbnlWN3kjgXR/JtzXE8g5vNlbEYy5+TkTj3xI4TfWhsL0l2+wDoyVCe5yOR9QFHYyjPeuC/74uIWAMGVCL/YUA1xgGNe/s+3Qc/Nx68v34DtDn+4fX3RuJA/d7o0Gry2J1Rdr872of2szZ++ePunWyJ/r0PAdDRzVsRK0PDw5v7vyTv/3r3Rhf7PNmG/g92zr1s/PN6q/FPYWP8Ey3GP4db5G4vOud/YaUPzbSVjf/eazn+3Zi0Gh3Ka/+rj/lGkkuXy2nWt/0/Ik7FyP6svtV8ztnV+2vttjWP/7Ila78xFsyPY2V4/+OPmSnVSs8Sc7MHtyJeajn+TTbOf9Li/GfPx4Uu2ziR3n2l3bbO8W+vtR8jXm15/h/NaCVbz0+O16+H8cZVsdlft0/81q793Y4/O/+Hto5/NGmer60+fRs/HPgnbbet1+t/X/JpvbwvX3e9VKstTETsSz7avH7y0WMb9cb+WfynTm7d/7W6/g9GxGddxn/7+E8v9x7/9srin3mq8//0hfsffv59u/a7O/9v1kun8jXd9H/dHuCzPHcAAAAAAACw1xQi4kgkheJGuVAoFtc/33E8DhXKlWrt9KXK4pWZqH9XdjRGCo2Z7qNNn4eYyD8P26hPPlGfiohjEfHN0MF6vThdKc/sdvAAAAAAAAAAAAAAAAAAAACwRxxu8/3/zO9Du310wLbzk98wuDrmfz9+6QnYk7z+w+CS/zC45D8MLvkPg0v+w+DqkP/JTh0HsPO8/sPgkv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxfOn8+WtdWHN6az+sy1pcW5yrUzM2l1rji/OF2crixcLc5WKrPltDhdme/098qVytWJyVi8Pl5Lq7Xx6tLyxfnK4pXaxcvzpdn0YjqyI1EBAAAAAAAAAAAAAAAAAADA86W6tDxXKpfTBQWFngrDe+MwFPpc2O2eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+TcAAP//Z7w5Vw==")
r1 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r2 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f00000001c0)="a6", 0x1, r2)
keyctl$KEYCTL_MOVE(0x1e, r1, 0xffffffffffffffff, r2, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000100060000000077f2ab26850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000850000005000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x18)
eventfd2(0x0, 0x0)
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x1)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x21081a, &(0x7f0000000300), 0x1, 0x507, &(0x7f0000000c00)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hS1arZN426jqAcoJIVQJ0SNI25B4oyh2HMVOacIesmeuSKzECY78AZz3xJ0LghuX5YDEjwi0QXCYasaTrDdrb6LND0fx5yONZt68WX+/L9a8Zz+v/QIYWtcjYjcixiLik4iYzs8X8i0+7GzpdY/37i3t791bKkSSfPzPQlafnouuf5O6lj9mOSJ++N2InxSejdva3llbrNdrm3l5tt3YmG1t79xabSyu1FZq69XqwvzC3Pu336ueWVvfaIzlR1999Ifdb/4sTWsqP9PdjrPUaXrpME5qNCK+fx7BBmAkb8/YoBPhhRQj4tWIeDO7/6djJHs2AYCrLEmmI5nuLgMAV10xmwMrFCv5XMBUFIuVSmcO77WYLNabrfbNu82t9eXOXNlMlIp3V+u1uXyucCZKhbQ8nx0/KVePlG9HxCsR8YvxiaxcWWrWlwf5wgcAhti1I+P/f8Y74z8AcMWVB50AAHDhjP8AMHyM/wAwfIz/ADB8OuP/xKDTAAAukPf/ADB8jP8AMFR+8NFH6Zbs579/vfzp9tZa89Nby7XWWqWxtVRZam5uVFaazZXsN3saxz1evdncmH83tj6b+dZGqz3b2t6502hurbfvZL/rfadWyq7avYCWAQD9vPLGwz8X0hH5g4lsi661HEoDzQw4b8VBJwAMzMigEwAGxmpfMLxO8R7f9ABcET2W6H1KudcXhJIkSc4vJeCc3fiS+X8YVl3z//4XMAwZ8/8wvMz/w/BKksJJ1/yPk14IAFxu5viBPp//v5rvf5t/OPDj5aNXPDjPrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOByG4n/Jem+kq8FPhXFYqUS8VJEzESpcHe1XpuLiJcj4k/jpfG0PD/opAGAUyr+rZCv/3Vj+u2pp6pev3Z4OBYRP/3Vx7/8bLHd3vxjxFjhX+MH59sP8vPVi88eADjewTid7bveyD/eu7d0sF1kPn//TkSUO/H398Zi/zD+aIxm+3KUImLy34W83FHI5i5Ob/d+RHyxV/sLMZXNgXRWPj0aP4390oXGLz4Vv5jVdfbp3+ILZ5ALDJuHaf/zYa/7rxjXs33v+7+c9VCnl/d/6UMt7Wd94JP4B/3fSJ/+7/pJY7z7++91jiaerbsf8eXRiIPY+139z0H8Qp/4b58w/l++8vqb/eqSX0fciN7xu2PNthsbs63tnVurjcWV2kptvVpdmF+Ye//2e9XZbI56tv9o8I8Pbr7cry5t/2Sf+OVj2v/1E7b/N///5Edfe078d946jB/dz/9rz4mfjonfOGH8xcnflfvVpfGX+7T/uOf/5gnjP/rrzjPLhgMAg9Pa3llbrNdrmw4uw0H6Ou0SpHFpD+IS/32+fdw175xN8qWx6F3187c69/SRqiR5oVj9eoyzmHUDLoPDmz4i/jvoZAAAAAAAAAAAAAAAgJ4u4ttRg24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAV9fnAQAA//8SW80s")
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
eventfd(0x3989)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x436280)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x851800, 0x0)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f00000002c0), 0x0, 0x1200, 0x0, 0x3)
umount2(&(0x7f0000000100)='./bus\x00', 0x9)

1m18.824204519s ago: executing program 4 (id=1639):
pipe2(&(0x7f0000000000), 0x0)
r0 = gettid()
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="40ff01fcff000000003ec9021000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007663616e00000000040002800c001a800800028004000180"], 0x40}}, 0x4000840)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000300)={0x0, 0xffffffffffffff20, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="00002000d4176e016c31d88035a56d147a83351ece43176509b752f3d60c7f2a357ecdf09c1ebf6482d4da0ef99c2558cf35544974b1ad5daf3947e2d56cc2643b0448417e925c07c9352978a4f996a23200e2492b36b181e83ad540bbf5dd0d310cb4399a0dc9616387ce0d2dbd398a9e32453182a9eaa684b1ed7c71906ab78d951e9500"/145, @ANYRES16, @ANYBLOB="01070000000000000000670000000800c300000000000800c40000000000"], 0x2c}}, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000280)={&(0x7f00000004c0)={0x8c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x70, 0x22, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x4}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xeec}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x80000001}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x9}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x2}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x2}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x8001}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x10001}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x100}]}]}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x1}]}, 0x8c}}, 0x880)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
capset(&(0x7f00000020c0)={0x19980330}, &(0x7f00000001c0))
setrlimit(0x40000000000008, &(0x7f0000000000))
sendto$inet(r4, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10)
sendto$inet(r4, &(0x7f00000002c0)="9b", 0x1, 0x4004084, 0x0, 0x0)

1m17.684436705s ago: executing program 4 (id=1653):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)

1m17.668723275s ago: executing program 32 (id=1653):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)

1.716152582s ago: executing program 1 (id=3529):
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r1, &(0x7f00000014c0)=ANY=[], 0x46b)
sendmmsg$inet(r1, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}, {&(0x7f0000000e80)='\b', 0x1}], 0x5}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)}, {&(0x7f00000009c0)='\\', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
close_range(r0, 0xffffffffffffffff, 0x0)

1.452199473s ago: executing program 1 (id=3532):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r2, &(0x7f00000014c0)=ANY=[], 0x46b)
sendmmsg$inet(r2, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)='\\', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
close_range(r1, 0xffffffffffffffff, 0x0)

1.400187343s ago: executing program 1 (id=3536):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r1}, 0x4)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
bpf$MAP_CREATE(0x0, &(0x7f0000004140)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000040c0)={&(0x7f0000004080)='bcache_read\x00', r2, 0x0, 0x9}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1cc, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x4}, {0xffe0}}, [@TCA_CHAIN={0x8, 0xb, 0x1ff}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x18c, 0x2, [@TCA_ROUTE4_ACT={0x188, 0x6, [@m_vlan={0xc0, 0x8, 0x0, 0x0, {{0x9}, {0x24, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x7}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x1a8}]}, {0x72, 0x6, "fe393046780fc0b9a04afd1cf1bacd6244fa765bb3658f46bbeae297438134ba976082924a6439961a38ab6dc487c7ce03cbe6d7aa8bb01e9ef7e8035280944e090ec29df32fd054804158ae1121f3a3e07e8201cdb4c8915f4cfd63ee91d436d5e5274cf2315f3b29b8d213540c"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_gact={0xc4, 0x12, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x9, 0x81, 0x5, 0x7ff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x8, 0xc71, 0x2, 0x2, 0x5d}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x262f, 0x3}}]}, {0x59, 0x6, "1f0e42743fd4de959d8095ee21c5b975848927401be89d8210a12412b051a3ee2b8d715a9ea0ae67026b470ccc5d77f30a84717dc2983d0cddae71b0ec050713f8c92117adde36f8aeaeeca8af1ded63f03f767824"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}]}]}}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x1}, 0x20000810)
r3 = socket(0x10, 0x803, 0x0)
recvmmsg(r3, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
rseq(&(0x7f0000004200)={0x0, 0x0, &(0x7f00000041c0)={0x0, 0x0, 0x80000000000, 0xf, 0x6}}, 0x20, 0x0, 0x0)

1.389607413s ago: executing program 2 (id=3537):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={0x0, r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r2, 0x0, 0x46b)
sendmmsg$inet(r2, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}, {&(0x7f0000000e80)='\b', 0x1}], 0xa6}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)='\\', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
close_range(r1, 0xffffffffffffffff, 0x0)

1.324922024s ago: executing program 2 (id=3540):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, 0x0, 0x9, 0x1, &(0x7f0000000400)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x20000023896)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
sendfile(r1, r2, 0x0, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000007000000030000004800000000000000", @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000c2cf5aeda86c219b7e6100000000"], 0x48)
r6 = accept$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x0, 0x0, @private1}, &(0x7f0000000380)=0x1c)
setsockopt$inet6_int(r6, 0x29, 0x46, &(0x7f0000000480)=0xe3, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
truncate(&(0x7f0000000080)='./file1\x00', 0xc00)
setxattr$security_selinux(&(0x7f0000000340)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000400)='system_u:object_r:system_dbusd_var_run_t:s0\x00', 0x2c, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x1f0, 0x0, 0x11, 0x148, 0x0, 0x0, 0x158, 0x2a8, 0x2a8, 0x158, 0x2a8, 0x3, 0x0, {[{{@ip={@loopback, @local, 0xff000000, 0xff, 'vcan0\x00', 'wg0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0xca, 'netbios-ns\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0xff000000, 'vlan0\x00', 'netdevsim0\x00', {}, {}, 0x84}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2aa)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r8, &(0x7f0000000040)={0xa, 0x4e23, 0xa, @local, 0x3}, 0x1c)
sendmmsg$inet6(r8, &(0x7f0000000e40)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0xfffffffd, @local, 0x7}, 0x18, 0x0, 0x0, &(0x7f0000000080)=[@pktinfo={{0x24, 0x29, 0x32, {@local}}}], 0x28, 0x7ffffff7}}], 0x1, 0x0)

1.090419115s ago: executing program 0 (id=3546):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r2, &(0x7f00000014c0)=ANY=[], 0x46b)
sendmmsg$inet(r2, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}], 0x4}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)='\\', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
close_range(r1, 0xffffffffffffffff, 0x0)

1.011392556s ago: executing program 0 (id=3549):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4e24, 0x7, @mcast1, 0x6}, 0x1c)
getpeername$inet6(r3, 0x0, &(0x7f0000000040))
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="163e6cce65ffff0000000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
write$P9_RLERRORu(r6, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r6, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x30)
write$binfmt_elf64(r6, &(0x7f0000000280)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000001340)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})

841.416156ms ago: executing program 0 (id=3555):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85000000010000009563e8"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x3, &(0x7f0000000140), 0x4, 0x252, &(0x7f0000001140)="$eJzs3T9oJFUcB/Dv7B/P3C1yaiMIKoiIBsLZCTZno3Agh1gIKpyI2CgXISbY7VrZWGitksomiJ3RUtIEG0WwipoiNoIGC4OgFiP7JxJx0dXdzEjm84HNzmTfm98bmO970wwToLEuJrmcpJ1kOUk3SXGywV3jz8XJ7ubS7rWkLJ/4sRi1G++PHfe7kGSQ5MEkO60iL3aSje2nD37ee/TeN9a797y3/dRSpSc5cXiw/9jRu1df//DKAxuff/n91SKX0/vTeS1eMeV/nSK55TSK/U8UnbpHwCwef/WDr4a5vzXJ3aP8/1KOJW+u3bDTzf3vTO9Z9t/64Yvbqx4vsFhl2R2ugYMSaJxWkt7kJnW0nVZrZWV8D/91+3zrpdW1V5ZfWF2//nzdMxWwKL1k/5GPz310YbRdtFYm+f+uPc4/cFb1J99b3wz/HrXrHQ1QreH6v/xs/77IPzSO/ENzTfJ/Y+QfGudfrf9lWc2ggEq4/4fm+tv8d+sZE1AN6z80l/xDc8k/NJf8Q3OdzD8A0CzluRkfFB4cdwDOipqnHwAAAAAAAAAAAAAAAAAAYIrNpd1rx5+qan76dnL4cJLOtPrt0fuIk9ErinL+p2LY7A/FuNtcnrlzzgPM6f2an76+6dt66392R731+9eTwWtJLnU6f73+isn199/d/A+/d5+bs8CcHnrytI7cm6nVb1unVX82V/aST4bzz6Vp808rt42+p88/vQW8JuHlX+c8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJX5PQAA//+Be2/D")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000000340)={0x7, 0x8, 0xfa00, {r4}}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r2, 0xc04c5349, &(0x7f00000002c0)={0x7cd5, 0x8, 0xbb})
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
setns(r6, 0x24020000)
syz_clone(0xf58a3180, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigqueueinfo(r5, 0x39, &(0x7f0000000000)={0x1c, 0x7, 0xaa})

732.342347ms ago: executing program 5 (id=3559):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r2, &(0x7f00000014c0)=ANY=[], 0x46b)
sendmmsg$inet(r2, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}], 0x4}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)='\\', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
close_range(r1, 0xffffffffffffffff, 0x0)

711.550957ms ago: executing program 5 (id=3560):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty, 0x400000}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x103, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x26, 0x0, 0x40f00, 0x6b, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
sendmmsg$inet6(r0, &(0x7f0000005780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000000)

660.434047ms ago: executing program 3 (id=3561):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
close_range(r2, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94)

616.174127ms ago: executing program 5 (id=3562):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r2, 0x0, 0x46b)
sendmmsg$inet(r2, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}, {&(0x7f0000000e80)='\b', 0x1}], 0xa6}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)='\\', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
close_range(r1, 0xffffffffffffffff, 0x0)

590.875727ms ago: executing program 3 (id=3563):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x10000, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
sync()

572.318768ms ago: executing program 1 (id=3564):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={0x0, r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r1, 0x0, 0x46b)

504.381838ms ago: executing program 0 (id=3565):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x10000, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
sync()

504.012048ms ago: executing program 5 (id=3566):
pipe2(&(0x7f0000000000), 0x0)
r0 = gettid()
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="40ff01fcff000000003ec9021000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007663616e00000000040002800c001a800800028004000180"], 0x40}}, 0x4000840)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="00002000d4176e016c31d88035a56d147a83351ece43176509b752f3d60c7f2a357ecdf09c1ebf6482d4da0ef99c2558cf35544974b1ad5daf3947e2d56cc2643b0448417e925c07c9352978a4f996a23200e2492b36b181e83ad540bbf5dd0d310cb4399a0dc9616387ce0d2dbd398a9e32453182a9eaa684b1ed7c71906ab78d951e9500"/145, @ANYRES16], 0x2c}}, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000280)={&(0x7f00000004c0)={0x8c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x70, 0x22, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x4}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xeec}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x80000001}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x9}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x2}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x2}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x8001}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x10001}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x100}]}]}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x1}]}, 0x8c}}, 0x880)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
capset(&(0x7f00000020c0)={0x19980330}, &(0x7f00000001c0))
setrlimit(0x40000000000008, &(0x7f0000000000))
sendto$inet(r4, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10)
sendto$inet(r4, &(0x7f00000002c0)="9b", 0x1, 0x4004084, 0x0, 0x0)

489.699138ms ago: executing program 5 (id=3567):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4e24, 0x7, @mcast1, 0x6}, 0x1c)
getpeername$inet6(r3, 0x0, &(0x7f0000000040))
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="163e6cce65ffff0000000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
write$P9_RLERRORu(r6, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r6, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x30)
write$binfmt_elf64(r6, &(0x7f0000000280)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000001340)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})

469.727068ms ago: executing program 2 (id=3568):
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r1, &(0x7f00000014c0)=ANY=[], 0x46b)
sendmmsg$inet(r1, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}, {&(0x7f0000000e80)='\b', 0x1}], 0x5}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)='\\', 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
close_range(r0, 0xffffffffffffffff, 0x0)

469.397988ms ago: executing program 3 (id=3569):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000010001fff5c2a", @ANYRES32=0x0, @ANYBLOB="81ff"], 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x1f8, 0x60, &(0x7f0000000000)={'filter\x00', 0x4, 0x4, 0x3c8, 0x1f8, 0x110, 0x0, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2}}, {@mac=@random="3c192477987a"}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @dev={0xac, 0x14, 0x14, 0x22}, @broadcast, 0x4}}}, {{@arp={@loopback, @private=0xa010102, 0xff, 0xffffff00, 0xd, 0x10, {@mac=@multicast, {[0xff, 0xff, 0x0, 0x0, 0xff]}}, {@empty, {[0x0, 0xff, 0x0, 0x0, 0xff]}}, 0x8, 0x0, 0x0, 0x8, 0x1, 0x5a, 'macvlan0\x00', 'ipvlan0\x00', {0xff}, {}, 0x0, 0x100}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x2}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff, 0x0, 0x0, 0x0, {@mac=@link_local, {[0xff]}}, {@mac=@multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_vlan\x00', 'ipvlan1\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x3}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)

386.104728ms ago: executing program 3 (id=3570):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r2, &(0x7f00000014c0)=ANY=[], 0x46b)
sendmmsg$inet(r2, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}], 0x4}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)='\\', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
close_range(r1, 0xffffffffffffffff, 0x0)

385.630778ms ago: executing program 2 (id=3571):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000700)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fchownat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x1000)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000d40)={'wpan0\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r3, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001500)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="490900000000000000001500000004002b8008000300", @ANYRES32=r6, @ANYBLOB="08002a0000000000050029000100000020002b8004000380080001000104000005000200000000ef04b444a46f00000008002c"], 0x58}}, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x1, 0x220, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000500], 0x7, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB]}, 0x78)
fchdir(r2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000200700000000000001000084060000000000000001"], 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0)
getdents64(r9, &(0x7f0000000f80)=""/4096, 0x1000)
set_mempolicy(0x0, &(0x7f0000000780)=0x40000400001000, 0x9)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1100000000000000008084050000000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r2, @ANYBLOB, @ANYRES32=r2, @ANYBLOB], 0x50)
syz_emit_ethernet(0x42, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0086dd602e5cca000c3c00fc010000000000000000000000000000000000010000000e000c9078c10900"/66], 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000080)=ANY=[@ANYRES8=0x0, @ANYRES8, @ANYRES64, @ANYRES64=0x0], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r11 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r11, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3002, 0x2000006, 0x28011, r10, 0x0)

368.165189ms ago: executing program 3 (id=3572):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty, 0x400000}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x103, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x26, 0x0, 0x40f00, 0x6b, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
sendmmsg$inet6(r0, &(0x7f0000005780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000000)

210.660989ms ago: executing program 0 (id=3573):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
close_range(r2, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94)

210.015299ms ago: executing program 3 (id=3574):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read(r1, &(0x7f0000000040)=""/148, 0xffffff96)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=ANY=[@ANYBLOB="3000000001010101000000000000000002000000100002800c00028105000100210000000c0019"], 0x30}}, 0x0)

181.474309ms ago: executing program 0 (id=3575):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r1}, 0x4)
ptrace$getregset(0x4205, r0, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
bpf$MAP_CREATE(0x0, &(0x7f0000004140)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000040c0)={&(0x7f0000004080)='bcache_read\x00', r2, 0x0, 0x9}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1d0, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x4}, {0xffe0}}, [@TCA_CHAIN={0x8, 0xb, 0x1ff}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x190, 0x2, [@TCA_ROUTE4_ACT={0x18c, 0x6, [@m_vlan={0xc4, 0x8, 0x0, 0x0, {{0x9}, {0x24, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x7}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x1a8}]}, {0x76, 0x6, "fe393046780fc0b9a04afd1cf1bacd6244fa765bb3658f46bbeae297438134ba976082924a6439961a38ab6dc487c7ce03cbe6d7aa8bb01e9ef7e8035280944e090ec29df32fd054804158ae1121f3a3e07e8201cdb4c8915f4cfd63ee91d436d5e5274cf2315f3b29b8d213540cd7f7d65f"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_gact={0xc4, 0x12, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x9, 0x81, 0x5, 0x7ff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x8, 0xc71, 0x2, 0x2, 0x5d}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x262f, 0x3}}]}, {0x59, 0x6, "1f0e42743fd4de959d8095ee21c5b975848927401be89d8210a12412b051a3ee2b8d715a9ea0ae67026b470ccc5d77f30a84717dc2983d0cddae71b0ec050713f8c92117adde36f8aeaeeca8af1ded63f03f767824"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}]}]}}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x1}, 0x20000810)
r3 = socket(0x10, 0x803, 0x0)
recvmmsg(r3, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
rseq(&(0x7f0000004200)={0x0, 0x0, &(0x7f00000041c0)={0x0, 0x0, 0x80000000000, 0xf, 0x6}}, 0x20, 0x0, 0x0)

76.59221ms ago: executing program 2 (id=3576):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r2, 0x0, 0x46b)
sendmmsg$inet(r2, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}, {&(0x7f0000000e80)='\b', 0x1}], 0xa6}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)='\\', 0x1}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
close_range(r1, 0xffffffffffffffff, 0x0)

58.77265ms ago: executing program 1 (id=3577):
pipe2(&(0x7f0000000000), 0x0)
r0 = gettid()
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="40ff01fcff000000003ec9021000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007663616e00000000040002800c001a800800028004000180"], 0x40}}, 0x4000840)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="00002000d4176e016c31d88035a56d147a83351ece43176509b752f3d60c7f2a357ecdf09c1ebf6482d4da0ef99c2558cf35544974b1ad5daf3947e2d56cc2643b0448417e925c07c9352978a4f996a23200e2492b36b181e83ad540bbf5dd0d310cb4399a0dc9616387ce0d2dbd398a9e32453182a9eaa684b1ed7c71906ab78d951e9500"/145, @ANYRES16, @ANYBLOB], 0x2c}}, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000280)={&(0x7f00000004c0)={0x8c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x70, 0x22, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x4}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xeec}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x8}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x80000001}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x9}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x2}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x2}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x8001}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x7}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x10001}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x100}]}]}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x1}]}, 0x8c}}, 0x880)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
capset(&(0x7f00000020c0)={0x19980330}, &(0x7f00000001c0))
setrlimit(0x40000000000008, &(0x7f0000000000))
sendto$inet(r4, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10)
sendto$inet(r4, &(0x7f00000002c0)="9b", 0x1, 0x4004084, 0x0, 0x0)

20.2173ms ago: executing program 5 (id=3578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xf4}, 0x0)

5.20837ms ago: executing program 2 (id=3579):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, 0x0, 0x9, 0x1, &(0x7f0000000400)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x20000023896)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
sendfile(r1, r2, 0x0, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000007000000030000004800000000000000", @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000c2cf5aeda86c219b7e6100000000"], 0x48)
r6 = accept$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x0, 0x0, @private1}, &(0x7f0000000380)=0x1c)
setsockopt$inet6_int(r6, 0x29, 0x46, &(0x7f0000000480)=0xe3, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
truncate(&(0x7f0000000080)='./file1\x00', 0xc00)
setxattr$security_selinux(&(0x7f0000000340)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000400)='system_u:object_r:system_dbusd_var_run_t:s0\x00', 0x2c, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x1f0, 0x0, 0x11, 0x148, 0x0, 0x0, 0x158, 0x2a8, 0x2a8, 0x158, 0x2a8, 0x3, 0x0, {[{{@ip={@loopback, @local, 0xff000000, 0xff, 'vcan0\x00', 'wg0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0xca, 'netbios-ns\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0xff000000, 'vlan0\x00', 'netdevsim0\x00', {}, {}, 0x84}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2aa)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r8, &(0x7f0000000040)={0xa, 0x4e23, 0xa, @local, 0x3}, 0x1c)
sendmmsg$inet6(r8, &(0x7f0000000e40)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0xfffffffd, @local, 0x7}, 0x18, 0x0, 0x0, &(0x7f0000000080)=[@pktinfo={{0x24, 0x29, 0x32, {@local}}}], 0x28, 0x7ffffff7}}], 0x1, 0x0)

0s ago: executing program 1 (id=3580):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x10000, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
sync()

kernel console output (not intermixed with test programs):

ase bring it up to get a fully working HSR network
[  171.414472][T11249] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  171.482642][T11249] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.570776][T11249] veth0_vlan: entered promiscuous mode
[  171.579549][T11249] veth1_vlan: entered promiscuous mode
[  171.609291][T11249] veth0_macvtap: entered promiscuous mode
[  171.619952][T11249] veth1_macvtap: entered promiscuous mode
[  171.633676][T11249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.644326][T11249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.655927][T11249] batman_adv: batadv0: Interface activated: batadv_slave_0
[  171.667924][T11249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.678496][T11249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.689290][T11249] batman_adv: batadv0: Interface activated: batadv_slave_1
[  171.697905][T11249] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.706704][T11249] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.715519][T11249] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.724311][T11249] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  171.785632][T11387] loop2: detected capacity change from 0 to 256
[  171.897592][T11397] pimreg: entered allmulticast mode
[  171.911258][T11397] pimreg: left allmulticast mode
[  171.939309][T11402] loop0: detected capacity change from 0 to 1024
[  171.986520][T11402] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.000811][   T29] kauditd_printk_skb: 1118 callbacks suppressed
[  172.000830][   T29] audit: type=1326 audit(1867175290.519:14840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11408 comm="syz.5.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  172.030903][   T29] audit: type=1326 audit(1867175290.519:14841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11408 comm="syz.5.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  172.054493][   T29] audit: type=1326 audit(1867175290.519:14842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11408 comm="syz.5.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  172.078102][   T29] audit: type=1326 audit(1867175290.519:14843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11408 comm="syz.5.2939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  172.149089][T11402] EXT4-fs error (device loop0): ext4_xattr_inode_iget:440: inode #11: comm syz.0.2880: missing EA_INODE flag
[  172.162214][T11402] EXT4-fs (loop0): Remounting filesystem read-only
[  172.169102][T11402] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  172.188486][T11399] lo speed is unknown, defaulting to 1000
[  172.188505][T11402] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  172.230698][T11399] lo speed is unknown, defaulting to 1000
[  172.237123][T11399] lo speed is unknown, defaulting to 1000
[  172.292266][   T29] audit: type=1326 audit(1867175290.829:14844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11428 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  172.316152][   T29] audit: type=1326 audit(1867175290.829:14845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11428 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  172.339801][   T29] audit: type=1326 audit(1867175290.829:14846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11428 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  172.363527][   T29] audit: type=1326 audit(1867175290.829:14847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11428 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  172.387153][   T29] audit: type=1326 audit(1867175290.829:14848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11428 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  172.410789][   T29] audit: type=1326 audit(1867175290.829:14849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11428 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  172.470101][T11429] loop2: detected capacity change from 0 to 256
[  172.471971][T11399] chnl_net:caif_netlink_parms(): no params data found
[  172.557078][T11443] pimreg: entered allmulticast mode
[  172.563284][T11443] pimreg: left allmulticast mode
[  172.581152][T11399] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.588264][T11399] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.608189][T11249] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.618985][T11399] bridge_slave_0: entered allmulticast mode
[  172.653320][T11399] bridge_slave_0: entered promiscuous mode
[  172.678893][T11399] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.686183][T11399] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.702949][T11399] bridge_slave_1: entered allmulticast mode
[  172.709792][T11399] bridge_slave_1: entered promiscuous mode
[  172.739652][T11399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  172.767479][T11399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  172.796613][T11456] __nla_validate_parse: 8 callbacks suppressed
[  172.796630][T11456] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2956'.
[  172.814919][T11399] team0: Port device team_slave_0 added
[  172.823564][T11456] loop5: detected capacity change from 0 to 256
[  172.831308][T11399] team0: Port device team_slave_1 added
[  172.883411][T11399] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.890418][T11399] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.916567][T11399] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.938847][T11460] netlink: 100 bytes leftover after parsing attributes in process `syz.2.2958'.
[  172.954647][T11462] bridge_slave_0: left allmulticast mode
[  172.960431][T11462] bridge_slave_0: left promiscuous mode
[  172.966162][T11462] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.977583][T11462] bridge_slave_1: left allmulticast mode
[  172.983312][T11462] bridge_slave_1: left promiscuous mode
[  172.988952][T11462] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.998433][T11463] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2959'.
[  173.011778][T11462] bond0: (slave bond_slave_0): Releasing backup interface
[  173.020886][T11462] bond_slave_0: left promiscuous mode
[  173.026422][T11462] bond_slave_0: left allmulticast mode
[  173.039929][T11462] bond0: (slave bond_slave_1): Releasing backup interface
[  173.049036][T11462] bond_slave_1: left promiscuous mode
[  173.054626][T11462] bond_slave_1: left allmulticast mode
[  173.066395][T11462] team0: Port device team_slave_0 removed
[  173.075810][T11462] team0: Port device team_slave_1 removed
[  173.099672][T11399] batman_adv: batadv0: Adding interface: batadv_slave_1
[  173.106697][T11399] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.132906][T11399] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  173.169490][T11465] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  173.240106][T11399] hsr_slave_0: entered promiscuous mode
[  173.247186][T11399] hsr_slave_1: entered promiscuous mode
[  173.257297][T11399] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  173.269749][T11399] Cannot create hsr debugfs directory
[  173.326798][T11476] loop2: detected capacity change from 0 to 1024
[  173.356196][T11476] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.372164][T11476] EXT4-fs error (device loop2): ext4_xattr_inode_iget:440: inode #11: comm syz.2.2962: missing EA_INODE flag
[  173.372191][T11399] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.394835][T11476] EXT4-fs (loop2): Remounting filesystem read-only
[  173.403853][T11476] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  173.413093][T11476] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  173.432964][T11399] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.452969][T11483] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2960'.
[  173.474480][T11485] pimreg: entered allmulticast mode
[  173.476324][T11483] loop3: detected capacity change from 0 to 256
[  173.493883][T11399] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.505542][T11485] pimreg: left allmulticast mode
[  173.542853][T11399] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.566316][T11494] loop5: detected capacity change from 0 to 128
[  173.593134][T11494] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  173.608052][T11494] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  173.640494][T11399] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  173.657153][T11399] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  173.666389][T11399] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  173.682045][T11399] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  173.761957][T11399] 8021q: adding VLAN 0 to HW filter on device bond0
[  173.778966][T11399] 8021q: adding VLAN 0 to HW filter on device team0
[  173.790672][   T87] bridge0: port 1(bridge_slave_0) entered blocking state
[  173.797927][   T87] bridge0: port 1(bridge_slave_0) entered forwarding state
[  173.819083][   T87] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.826430][   T87] bridge0: port 2(bridge_slave_1) entered forwarding state
[  173.909888][T11399] 8021q: adding VLAN 0 to HW filter on device batadv0
[  174.002293][T11399] veth0_vlan: entered promiscuous mode
[  174.011725][T11399] veth1_vlan: entered promiscuous mode
[  174.032869][T11399] veth0_macvtap: entered promiscuous mode
[  174.053220][T10772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.054533][T11399] veth1_macvtap: entered promiscuous mode
[  174.077953][T11399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.088656][T11399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.098651][T11399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.109134][T11399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.124319][T11399] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.136252][T11399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.146784][T11399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.156685][T11399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.167326][T11399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.181792][T11399] batman_adv: batadv0: Interface activated: batadv_slave_1
[  174.193062][T11399] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.201902][T11399] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.210685][T11399] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.219472][T11399] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  174.248373][T11520] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2978'.
[  174.265411][T11520] loop2: detected capacity change from 0 to 256
[  174.413826][ T4700] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  174.446313][T11538] loop5: detected capacity change from 0 to 1024
[  174.470512][T11538] EXT4-fs: Ignoring removed orlov option
[  174.476271][T11538] EXT4-fs: Ignoring removed nomblk_io_submit option
[  174.550450][T11548] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2989'.
[  174.566595][T11554] loop2: detected capacity change from 0 to 1024
[  174.576154][T11548] loop1: detected capacity change from 0 to 256
[  174.590544][T11538] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.629005][T11560] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11560 comm=syz.1.2992
[  174.662839][T11554] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.684168][T11554] EXT4-fs error (device loop2): ext4_xattr_inode_iget:440: inode #11: comm syz.2.2986: missing EA_INODE flag
[  174.718711][T11554] EXT4-fs (loop2): Remounting filesystem read-only
[  174.719085][ T8086] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.731608][T11572] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  174.746864][T11572] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  174.785607][T11574] team0 (unregistering): Port device team_slave_0 removed
[  174.796803][T11574] team0 (unregistering): Port device team_slave_1 removed
[  174.813466][T11578] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11578 comm=syz.3.2999
[  175.020432][T11593] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3004'.
[  175.035443][T11593] loop3: detected capacity change from 0 to 256
[  175.214502][T10772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.337391][T11610] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  175.341923][T11614] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3015'.
[  175.363589][T11614] loop2: detected capacity change from 0 to 256
[  175.370554][T11610] xt_TPROXY: Can be used only with -p tcp or -p udp
[  175.445386][T11620] FAULT_INJECTION: forcing a failure.
[  175.445386][T11620] name failslab, interval 1, probability 0, space 0, times 0
[  175.458221][T11620] CPU: 1 UID: 0 PID: 11620 Comm: syz.2.3018 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  175.468687][T11620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  175.478836][T11620] Call Trace:
[  175.482255][T11620]  <TASK>
[  175.485196][T11620]  dump_stack_lvl+0xf2/0x150
[  175.489804][T11620]  dump_stack+0x15/0x20
[  175.493965][T11620]  should_fail_ex+0x223/0x230
[  175.498673][T11620]  ? vt_do_kdsk_ioctl+0x3d4/0x6f0
[  175.503712][T11620]  should_failslab+0x8f/0xb0
[  175.508321][T11620]  __kmalloc_cache_noprof+0x4e/0x320
[  175.513628][T11620]  vt_do_kdsk_ioctl+0x3d4/0x6f0
[  175.518631][T11620]  ? security_capable+0x81/0x90
[  175.523495][T11620]  vt_ioctl+0x8db/0x1810
[  175.527899][T11620]  ? tty_jobctrl_ioctl+0x2ab/0x810
[  175.533042][T11620]  tty_ioctl+0x815/0xbe0
[  175.537338][T11620]  ? __pfx_tty_ioctl+0x10/0x10
[  175.542114][T11620]  __se_sys_ioctl+0xc9/0x140
[  175.546760][T11620]  __x64_sys_ioctl+0x43/0x50
[  175.551399][T11620]  x64_sys_call+0x1690/0x2dc0
[  175.556092][T11620]  do_syscall_64+0xc9/0x1c0
[  175.560604][T11620]  ? clear_bhb_loop+0x55/0xb0
[  175.565289][T11620]  ? clear_bhb_loop+0x55/0xb0
[  175.569990][T11620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.575903][T11620] RIP: 0033:0x7f0632af0849
[  175.580329][T11620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.600387][T11620] RSP: 002b:00007f0631167058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  175.608877][T11620] RAX: ffffffffffffffda RBX: 00007f0632cb5fa0 RCX: 00007f0632af0849
[  175.616890][T11620] RDX: 0000000020000400 RSI: 0000000000004b47 RDI: 0000000000000003
[  175.624863][T11620] RBP: 00007f06311670a0 R08: 0000000000000000 R09: 0000000000000000
[  175.632837][T11620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.640831][T11620] R13: 0000000000000000 R14: 00007f0632cb5fa0 R15: 00007ffcf1ae9958
[  175.648868][T11620]  </TASK>
[  175.769186][T11641] loop3: detected capacity change from 0 to 1024
[  175.797466][T11642] loop2: detected capacity change from 0 to 1024
[  175.808104][T11641] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.822712][T11641] EXT4-fs error (device loop3): ext4_xattr_inode_iget:440: inode #11: comm syz.3.3019: missing EA_INODE flag
[  175.835366][T11641] EXT4-fs (loop3): Remounting filesystem read-only
[  175.843287][T11646] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3026'.
[  175.843961][T11642] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.3021: Failed to acquire dquot type 0
[  175.865761][T11641] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  175.876076][T11641] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  175.877704][T11646] loop0: detected capacity change from 0 to 256
[  175.888768][T11642] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  175.908748][T11642] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #13: comm syz.2.3021: corrupted inode contents
[  175.922280][T11642] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #13: comm syz.2.3021: mark_inode_dirty error
[  175.955622][T11642] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #13: comm syz.2.3021: corrupted inode contents
[  175.984393][T11642] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #13: comm syz.2.3021: mark_inode_dirty error
[  175.997880][T11642] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #13: comm syz.2.3021: corrupted inode contents
[  176.031912][T11642] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  176.047343][T11642] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #13: comm syz.2.3021: corrupted inode contents
[  176.062888][T11642] EXT4-fs error (device loop2): ext4_truncate:4240: inode #13: comm syz.2.3021: mark_inode_dirty error
[  176.074542][T11642] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  176.085712][T11642] EXT4-fs (loop2): 1 truncate cleaned up
[  176.092232][T11642] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.123581][T11656] syzkaller1: entered promiscuous mode
[  176.129308][T11656] syzkaller1: entered allmulticast mode
[  176.233592][T11660] Invalid ELF header magic: != ELF
[  176.378794][T11672] netlink: 'syz.0.3038': attribute type 8 has an invalid length.
[  176.394902][T11672] loop0: detected capacity change from 0 to 256
[  176.513255][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.564096][T10772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.675370][T11676] loop0: detected capacity change from 0 to 32768
[  176.710355][T11676]  loop0: p1 p3 < p5 p6 p7 > p4
[  176.725448][T11694] netlink: 'syz.2.3049': attribute type 8 has an invalid length.
[  176.738834][T11694] loop2: detected capacity change from 0 to 256
[  176.797464][T11702] loop2: detected capacity change from 0 to 1024
[  176.816425][T11702] EXT4-fs: Ignoring removed orlov option
[  176.822179][T11702] EXT4-fs: Ignoring removed nomblk_io_submit option
[  176.900385][T11702] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.942668][T11718] loop1: detected capacity change from 0 to 1024
[  176.981571][T11725] FAULT_INJECTION: forcing a failure.
[  176.981571][T11725] name failslab, interval 1, probability 0, space 0, times 0
[  176.994469][T11725] CPU: 0 UID: 0 PID: 11725 Comm: syz.5.3058 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  177.004916][T11725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  177.015002][T11725] Call Trace:
[  177.018309][T11725]  <TASK>
[  177.021263][T11725]  dump_stack_lvl+0xf2/0x150
[  177.025953][T11725]  dump_stack+0x15/0x20
[  177.030144][T11725]  should_fail_ex+0x223/0x230
[  177.034866][T11725]  should_failslab+0x8f/0xb0
[  177.039565][T11725]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  177.045937][T11725]  ? kstrdup_const+0x3e/0x50
[  177.050608][T11725]  kstrdup+0x38/0x80
[  177.054590][T11725]  kstrdup_const+0x3e/0x50
[  177.059095][T11725]  alloc_vfsmnt+0xa9/0x300
[  177.063626][T11725]  clone_mnt+0x45/0x7a0
[  177.067829][T11725]  copy_tree+0xba/0x7f0
[  177.072011][T11725]  ? proc_alloc_inum+0x4c/0x70
[  177.076803][T11725]  copy_mnt_ns+0x11e/0x5f0
[  177.081253][T11725]  ? kmem_cache_alloc_noprof+0x22c/0x320
[  177.086932][T11725]  ? create_new_namespaces+0x3c/0x430
[  177.092354][T11725]  create_new_namespaces+0x89/0x430
[  177.097584][T11725]  ? security_capable+0x81/0x90
[  177.102526][T11725]  unshare_nsproxy_namespaces+0xe6/0x120
[  177.108278][T11725]  ksys_unshare+0x3c9/0x6e0
[  177.112830][T11725]  __x64_sys_unshare+0x1f/0x30
[  177.117772][T11725]  x64_sys_call+0x1a3e/0x2dc0
[  177.122514][T11725]  do_syscall_64+0xc9/0x1c0
[  177.127037][T11725]  ? clear_bhb_loop+0x55/0xb0
[  177.131805][T11725]  ? clear_bhb_loop+0x55/0xb0
[  177.136561][T11725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.142476][T11725] RIP: 0033:0x7f2a335f0849
[  177.146916][T11725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.166565][T11725] RSP: 002b:00007f2a31c67058 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  177.175007][T11725] RAX: ffffffffffffffda RBX: 00007f2a337b5fa0 RCX: 00007f2a335f0849
[  177.183022][T11725] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c020400
[  177.191125][T11725] RBP: 00007f2a31c670a0 R08: 0000000000000000 R09: 0000000000000000
[  177.199159][T11725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.207147][T11725] R13: 0000000000000000 R14: 00007f2a337b5fa0 R15: 00007ffc750a6218
[  177.215199][T11725]  </TASK>
[  177.234098][T11718] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.279204][T11718] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: inode #11: comm syz.1.3053: missing EA_INODE flag
[  177.315557][T11718] EXT4-fs (loop1): Remounting filesystem read-only
[  177.329184][T11718] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  177.348782][   T29] kauditd_printk_skb: 1019 callbacks suppressed
[  177.348800][   T29] audit: type=1326 audit(1867175295.879:15867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11736 comm="syz.5.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  177.353143][T11737] netlink: 'syz.5.3063': attribute type 8 has an invalid length.
[  177.355391][   T29] audit: type=1326 audit(1867175295.879:15868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11736 comm="syz.5.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  177.385230][T11718] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  177.386741][   T29] audit: type=1326 audit(1867175295.879:15869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11736 comm="syz.5.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  177.431110][T11740] loop5: detected capacity change from 0 to 256
[  177.443555][   T29] audit: type=1326 audit(1867175295.879:15870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11736 comm="syz.5.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  177.473593][   T29] audit: type=1326 audit(1867175295.879:15871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11736 comm="syz.5.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  177.497448][   T29] audit: type=1326 audit(1867175295.879:15872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11736 comm="syz.5.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  177.521250][   T29] audit: type=1326 audit(1867175295.879:15873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11736 comm="syz.5.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  177.544985][   T29] audit: type=1326 audit(1867175295.879:15874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11736 comm="syz.5.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a335f0849 code=0x7ffc0000
[  177.572620][   T29] audit: type=1326 audit(1867175295.879:15875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11736 comm="syz.5.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2a335ef1b0 code=0x7ffc0000
[  177.596716][   T29] audit: type=1326 audit(1867175295.879:15876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11736 comm="syz.5.3063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2a335ef1b0 code=0x7ffc0000
[  177.638990][T11745] tmpfs: Bad value for 'mpol'
[  177.675602][T10772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.684652][T11748] loop0: detected capacity change from 0 to 1024
[  177.691680][T11399] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.744738][T11758] FAULT_INJECTION: forcing a failure.
[  177.744738][T11758] name failslab, interval 1, probability 0, space 0, times 0
[  177.757473][T11758] CPU: 1 UID: 0 PID: 11758 Comm: syz.1.3069 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  177.767982][T11758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  177.778069][T11758] Call Trace:
[  177.781356][T11758]  <TASK>
[  177.784299][T11758]  dump_stack_lvl+0xf2/0x150
[  177.788928][T11758]  dump_stack+0x15/0x20
[  177.793115][T11758]  should_fail_ex+0x223/0x230
[  177.797841][T11758]  should_failslab+0x8f/0xb0
[  177.802473][T11758]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  177.808838][T11758]  ? vfs_parse_fs_string+0x6a/0xd0
[  177.813974][T11758]  kmemdup_nul+0x30/0x80
[  177.818397][T11758]  vfs_parse_fs_string+0x6a/0xd0
[  177.823392][T11758]  shmem_parse_options+0x112/0x160
[  177.828668][T11758]  parse_monolithic_mount_data+0x43/0x50
[  177.834333][T11758]  do_new_mount+0x1fa/0x690
[  177.838852][T11758]  path_mount+0x49b/0xb30
[  177.843283][T11758]  __se_sys_mount+0x27c/0x2d0
[  177.848067][T11758]  __x64_sys_mount+0x67/0x80
[  177.852684][T11758]  x64_sys_call+0x2c84/0x2dc0
[  177.857392][T11758]  do_syscall_64+0xc9/0x1c0
[  177.861908][T11758]  ? clear_bhb_loop+0x55/0xb0
[  177.866685][T11758]  ? clear_bhb_loop+0x55/0xb0
[  177.871435][T11758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.877437][T11758] RIP: 0033:0x7fb4e2450849
[  177.881861][T11758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.901581][T11758] RSP: 002b:00007fb4e0ac7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  177.910168][T11758] RAX: ffffffffffffffda RBX: 00007fb4e2615fa0 RCX: 00007fb4e2450849
[  177.918160][T11758] RDX: 0000000020000400 RSI: 00000000200003c0 RDI: 0000000000000000
[  177.926144][T11758] RBP: 00007fb4e0ac70a0 R08: 0000000020000440 R09: 0000000000000000
[  177.934135][T11758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.942149][T11758] R13: 0000000000000000 R14: 00007fb4e2615fa0 R15: 00007ffeeefbe898
[  177.950142][T11758]  </TASK>
[  177.966465][T11755] wireguard0: entered promiscuous mode
[  177.972142][T11755] wireguard0: entered allmulticast mode
[  178.037175][T11774] loop5: detected capacity change from 0 to 1024
[  178.044204][T11774] EXT4-fs: Ignoring removed orlov option
[  178.049933][T11774] EXT4-fs: Ignoring removed nomblk_io_submit option
[  178.066069][T11775] __nla_validate_parse: 6 callbacks suppressed
[  178.066082][T11775] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3077'.
[  178.086485][T11775] loop1: detected capacity change from 0 to 256
[  178.097807][T11774] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.113799][T11781] loop0: detected capacity change from 0 to 1024
[  178.126143][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.133820][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.137519][T11781] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.141427][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.161543][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.169152][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.176845][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.184465][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.192450][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.200312][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.207892][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.215524][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.220153][T11794] loop3: detected capacity change from 0 to 1024
[  178.223118][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.237022][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.244591][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.252219][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.259915][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.267544][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.275154][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.282870][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.290612][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.298194][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.305836][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.313604][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.321192][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.328794][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.336425][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.344040][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.351633][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.359194][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.366776][ T3397] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  178.380228][T11794] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.381772][ T3397] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  178.403493][T11794] EXT4-fs error (device loop3): ext4_xattr_inode_iget:440: inode #11: comm syz.3.3080: missing EA_INODE flag
[  178.416886][T11794] EXT4-fs (loop3): Remounting filesystem read-only
[  178.427563][T11794] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  178.459111][T11794] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  178.561944][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  178.793490][T11249] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.921011][ T8086] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.001878][T11821] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3092'.
[  179.011387][T11823] loop0: detected capacity change from 0 to 128
[  179.027404][T11823] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  179.031910][T11821] loop1: detected capacity change from 0 to 256
[  179.066018][T11823] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  179.076812][ T3327] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.099884][T11823] EXT4-fs (loop0): resizing filesystem from 64 to 1 blocks
[  179.107285][T11823] EXT4-fs warning (device loop0): ext4_resize_fs:2042: can't shrink FS - resize aborted
[  179.114844][T11830] x_tables: duplicate underflow at hook 1
[  179.173609][T11839] loop1: detected capacity change from 0 to 512
[  179.180353][T11839] EXT4-fs: Ignoring removed bh option
[  179.185839][T11839] EXT4-fs: Invalid want_extra_isize 1
[  179.231692][T11838] loop5: detected capacity change from 0 to 1024
[  179.243444][T11838] EXT4-fs: Ignoring removed orlov option
[  179.249237][T11838] EXT4-fs: Ignoring removed nomblk_io_submit option
[  179.279037][T11838] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.301564][T11850] FAULT_INJECTION: forcing a failure.
[  179.301564][T11850] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.314841][T11850] CPU: 1 UID: 0 PID: 11850 Comm: syz.3.3104 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  179.325401][T11850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  179.335464][T11850] Call Trace:
[  179.338756][T11850]  <TASK>
[  179.341701][T11850]  dump_stack_lvl+0xf2/0x150
[  179.346315][T11850]  dump_stack+0x15/0x20
[  179.350496][T11850]  should_fail_ex+0x223/0x230
[  179.355259][T11850]  should_fail+0xb/0x10
[  179.359444][T11850]  should_fail_usercopy+0x1a/0x20
[  179.364653][T11850]  _copy_to_user+0x20/0xa0
[  179.369083][T11850]  simple_read_from_buffer+0xa0/0x110
[  179.374513][T11850]  proc_fail_nth_read+0xf9/0x140
[  179.379554][T11850]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  179.385136][T11850]  vfs_read+0x1a2/0x700
[  179.389971][T11850]  ? __rcu_read_unlock+0x4e/0x70
[  179.394941][T11850]  ? __fget_files+0x17c/0x1c0
[  179.399660][T11850]  ksys_read+0xe8/0x1b0
[  179.403947][T11850]  __x64_sys_read+0x42/0x50
[  179.408559][T11850]  x64_sys_call+0x2874/0x2dc0
[  179.413271][T11850]  do_syscall_64+0xc9/0x1c0
[  179.417792][T11850]  ? clear_bhb_loop+0x55/0xb0
[  179.422561][T11850]  ? clear_bhb_loop+0x55/0xb0
[  179.427257][T11850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.433200][T11850] RIP: 0033:0x7fb3285df25c
[  179.437635][T11850] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  179.457338][T11850] RSP: 002b:00007fb326c57050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  179.465812][T11850] RAX: ffffffffffffffda RBX: 00007fb3287a5fa0 RCX: 00007fb3285df25c
[  179.473797][T11850] RDX: 000000000000000f RSI: 00007fb326c570b0 RDI: 0000000000000005
[  179.481786][T11850] RBP: 00007fb326c570a0 R08: 0000000000000000 R09: 0000000000000000
[  179.490124][T11850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.498176][T11850] R13: 0000000000000000 R14: 00007fb3287a5fa0 R15: 00007ffee701ad78
[  179.506174][T11850]  </TASK>
[  179.571576][T11859] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3109'.
[  179.588008][T11249] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  179.589264][T11859] loop3: detected capacity change from 0 to 256
[  179.612538][T11863] loop2: detected capacity change from 0 to 256
[  179.667558][T11876] loop1: detected capacity change from 0 to 1024
[  179.693071][T11876] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.710112][T11876] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: inode #11: comm syz.1.3107: missing EA_INODE flag
[  179.716936][T11883] loop3: detected capacity change from 0 to 2048
[  179.726144][T11876] EXT4-fs (loop1): Remounting filesystem read-only
[  179.729034][T11883] msdos: Unknown parameter '†*Q�°Ž� ÏÃØ„‹£{'
[  179.744902][T11876] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  179.753898][T11876] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  179.764644][T11885] SELinux: security_context_str_to_sid (u) failed with errno=-22
[  179.888010][T11898] loop0: detected capacity change from 0 to 512
[  179.895006][T11898] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  179.907507][T11898] EXT4-fs error (device loop0): ext4_orphan_get:1415: comm syz.0.3121: bad orphan inode 131083
[  179.918969][T11898] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.955617][T11249] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.985466][T11901] loop0: detected capacity change from 0 to 256
[  180.052575][ T8086] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.156223][T11912] loop5: detected capacity change from 0 to 256
[  180.321419][T11399] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.575671][T11924] loop3: detected capacity change from 0 to 256
[  180.637624][T11929] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  180.685745][T11929] SELinux:  policydb version 0 does not match my version range 15-33
[  180.742298][T11929] SELinux: failed to load policy
[  180.775391][T11929] lo speed is unknown, defaulting to 1000
[  180.790190][T11929] lo speed is unknown, defaulting to 1000
[  180.799018][T11929] lo speed is unknown, defaulting to 1000
[  180.866000][T11944] loop1: detected capacity change from 0 to 1024
[  180.884598][T11947] FAULT_INJECTION: forcing a failure.
[  180.884598][T11947] name failslab, interval 1, probability 0, space 0, times 0
[  180.897280][T11947] CPU: 1 UID: 0 PID: 11947 Comm: syz.0.3142 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  180.907724][T11947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  180.917838][T11947] Call Trace:
[  180.921179][T11947]  <TASK>
[  180.924121][T11947]  dump_stack_lvl+0xf2/0x150
[  180.928783][T11947]  dump_stack+0x15/0x20
[  180.932976][T11947]  should_fail_ex+0x223/0x230
[  180.937689][T11947]  should_failslab+0x8f/0xb0
[  180.942310][T11947]  kmem_cache_alloc_noprof+0x52/0x320
[  180.947709][T11947]  ? audit_log_start+0x34c/0x6b0
[  180.952756][T11947]  audit_log_start+0x34c/0x6b0
[  180.957567][T11947]  audit_seccomp+0x4b/0x130
[  180.962103][T11947]  ? __rcu_read_unlock+0x4e/0x70
[  180.967048][T11947]  __seccomp_filter+0x6fa/0x1180
[  180.972016][T11947]  ? __fput+0x51f/0x6d0
[  180.976211][T11947]  ? kmem_cache_free+0x1e8/0x2d0
[  180.981294][T11947]  ? percpu_counter_add_batch+0xc6/0x140
[  180.986962][T11947]  ? __fput+0x51f/0x6d0
[  180.991169][T11947]  __secure_computing+0x9f/0x1c0
[  180.996154][T11947]  syscall_trace_enter+0xd1/0x1f0
[  181.001196][T11947]  ? fpregs_assert_state_consistent+0x83/0xa0
[  181.007364][T11947]  do_syscall_64+0xaa/0x1c0
[  181.011908][T11947]  ? clear_bhb_loop+0x55/0xb0
[  181.016647][T11947]  ? clear_bhb_loop+0x55/0xb0
[  181.021386][T11947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.027324][T11947] RIP: 0033:0x7f54de76f25c
[  181.031805][T11947] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  181.051575][T11947] RSP: 002b:00007f54dcde7050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  181.060105][T11947] RAX: ffffffffffffffda RBX: 00007f54de935fa0 RCX: 00007f54de76f25c
[  181.068145][T11947] RDX: 000000000000000f RSI: 00007f54dcde70b0 RDI: 0000000000000008
[  181.076147][T11947] RBP: 00007f54dcde70a0 R08: 0000000000000000 R09: 0000000000000000
[  181.084181][T11947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.092170][T11947] R13: 0000000000000000 R14: 00007f54de935fa0 R15: 00007fffc3229128
[  181.100216][T11947]  </TASK>
[  181.121014][T11944] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.152656][T11936] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: inode #11: comm syz.1.3140: missing EA_INODE flag
[  181.165068][T11959] FAULT_INJECTION: forcing a failure.
[  181.165068][T11959] name failslab, interval 1, probability 0, space 0, times 0
[  181.175492][T11936] EXT4-fs (loop1): Remounting filesystem read-only
[  181.177887][T11959] CPU: 0 UID: 0 PID: 11959 Comm: syz.2.3144 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  181.189457][T11936] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  181.194764][T11959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  181.194796][T11959] Call Trace:
[  181.205029][T11936] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  181.213644][T11959]  <TASK>
[  181.213656][T11959]  dump_stack_lvl+0xf2/0x150
[  181.233439][T11959]  dump_stack+0x15/0x20
[  181.237630][T11959]  should_fail_ex+0x223/0x230
[  181.242368][T11959]  ? legacy_init_fs_context+0x31/0x70
[  181.247798][T11959]  should_failslab+0x8f/0xb0
[  181.252402][T11959]  __kmalloc_cache_noprof+0x4e/0x320
[  181.257772][T11959]  legacy_init_fs_context+0x31/0x70
[  181.262981][T11959]  alloc_fs_context+0x3fb/0x4e0
[  181.267848][T11959]  fs_context_for_mount+0x21/0x30
[  181.272892][T11959]  do_new_mount+0xf3/0x690
[  181.277326][T11959]  path_mount+0x49b/0xb30
[  181.281753][T11959]  __se_sys_mount+0x27c/0x2d0
[  181.286528][T11959]  __x64_sys_mount+0x67/0x80
[  181.291202][T11959]  x64_sys_call+0x2c84/0x2dc0
[  181.295956][T11959]  do_syscall_64+0xc9/0x1c0
[  181.300463][T11959]  ? clear_bhb_loop+0x55/0xb0
[  181.305224][T11959]  ? clear_bhb_loop+0x55/0xb0
[  181.309912][T11959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.315828][T11959] RIP: 0033:0x7f0632af0849
[  181.320262][T11959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.339878][T11959] RSP: 002b:00007f0631167058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  181.348305][T11959] RAX: ffffffffffffffda RBX: 00007f0632cb5fa0 RCX: 00007f0632af0849
[  181.356354][T11959] RDX: 00000000200002c0 RSI: 0000000020000080 RDI: 0000000000000000
[  181.364340][T11959] RBP: 00007f06311670a0 R08: 0000000020000400 R09: 0000000000000000
[  181.372372][T11959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.380353][T11959] R13: 0000000000000000 R14: 00007f0632cb5fa0 R15: 00007ffcf1ae9958
[  181.388406][T11959]  </TASK>
[  181.408154][T11964] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3147'.
[  181.437660][T11964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3147'.
[  181.466907][T11970] loop2: detected capacity change from 0 to 256
[  181.537598][T11940] lo speed is unknown, defaulting to 1000
[  181.545471][T11940] lo speed is unknown, defaulting to 1000
[  181.551867][T11940] lo speed is unknown, defaulting to 1000
[  181.645682][T11940] chnl_net:caif_netlink_parms(): no params data found
[  181.707112][T11399] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.767765][T11940] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.775010][T11940] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.778452][T11997] loop2: detected capacity change from 0 to 1024
[  181.782442][T11940] bridge_slave_0: entered allmulticast mode
[  181.802182][T11940] bridge_slave_0: entered promiscuous mode
[  181.818343][T11940] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.825512][T11940] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.833004][T11997] EXT4-fs: Ignoring removed orlov option
[  181.838786][T11997] EXT4-fs: Ignoring removed nomblk_io_submit option
[  181.845911][T11940] bridge_slave_1: entered allmulticast mode
[  181.852707][T11940] bridge_slave_1: entered promiscuous mode
[  181.873905][T11997] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.899338][T11940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  181.910424][T11940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  181.936345][T12006] loop1: detected capacity change from 0 to 256
[  181.945201][T11940] team0: Port device team_slave_0 added
[  181.952228][T11940] team0: Port device team_slave_1 added
[  181.962679][T10772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.014623][T11940] batman_adv: batadv0: Adding interface: batadv_slave_0
[  182.021812][T11940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.048116][T11940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  182.063704][T12013] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3163'.
[  182.073968][T11940] batman_adv: batadv0: Adding interface: batadv_slave_1
[  182.081143][T11940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.107366][T11940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  182.176082][T12015] loop0: detected capacity change from 0 to 1024
[  182.202164][T11940] hsr_slave_0: entered promiscuous mode
[  182.219249][T11940] hsr_slave_1: entered promiscuous mode
[  182.225878][T11940] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  182.239741][T11940] Cannot create hsr debugfs directory
[  182.398180][T12015] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.415721][T12015] EXT4-fs error (device loop0): ext4_xattr_inode_iget:440: inode #11: comm syz.0.3164: missing EA_INODE flag
[  182.431943][T12017] loop1: detected capacity change from 0 to 32768
[  182.446418][T12015] EXT4-fs (loop0): Remounting filesystem read-only
[  182.453768][T12015] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  182.456724][   T29] kauditd_printk_skb: 741 callbacks suppressed
[  182.456741][   T29] audit: type=1326 audit(1867175300.989:16616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12016 comm="syz.1.3165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2450849 code=0x7ffc0000
[  182.462842][T12015] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  182.486280][   T29] audit: type=1326 audit(1867175301.009:16617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12016 comm="syz.1.3165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fb4e2450849 code=0x7ffc0000
[  182.525541][   T29] audit: type=1326 audit(1867175301.009:16618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12016 comm="syz.1.3165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2450849 code=0x7ffc0000
[  182.536473][T12017]  loop1: p1 p3 < p5 p6 p7 >
[  182.554707][   T29] audit: type=1326 audit(1867175301.039:16619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12026 comm="syz.1.3165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb4e2482925 code=0x7ffc0000
[  182.578557][   T29] audit: type=1326 audit(1867175301.039:16620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12016 comm="syz.1.3165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2450849 code=0x7ffc0000
[  182.602747][   T29] audit: type=1326 audit(1867175301.039:16621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12016 comm="syz.1.3165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb4e2450849 code=0x7ffc0000
[  182.626420][   T29] audit: type=1326 audit(1867175301.039:16622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12016 comm="syz.1.3165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2450849 code=0x7ffc0000
[  182.650174][   T29] audit: type=1326 audit(1867175301.039:16623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12016 comm="syz.1.3165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb4e2450849 code=0x7ffc0000
[  182.673723][   T29] audit: type=1326 audit(1867175301.039:16624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12016 comm="syz.1.3165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2450849 code=0x7ffc0000
[  182.697694][   T29] audit: type=1326 audit(1867175301.039:16625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12016 comm="syz.1.3165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2450849 code=0x7ffc0000
[  182.725836][T12034] loop5: detected capacity change from 0 to 128
[  182.748084][T12032] loop2: detected capacity change from 0 to 128
[  182.754677][T12034] lo speed is unknown, defaulting to 1000
[  182.760947][T12034] lo speed is unknown, defaulting to 1000
[  182.767200][T12034] lo speed is unknown, defaulting to 1000
[  182.836017][T12040] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3173'.
[  182.848624][T12042] loop2: detected capacity change from 0 to 256
[  182.902824][T11249] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.944281][T11940] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  182.965063][T11940] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  183.002433][T11940] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  183.015626][T11940] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  183.039118][T12058] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=258 sclass=netlink_route_socket pid=12058 comm=syz.5.3177
[  183.172785][T12064] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3183'.
[  183.184457][T11940] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.201020][T12068] loop0: detected capacity change from 0 to 256
[  183.204877][T11940] 8021q: adding VLAN 0 to HW filter on device team0
[  183.221282][T12062] FAULT_INJECTION: forcing a failure.
[  183.221282][T12062] name failslab, interval 1, probability 0, space 0, times 0
[  183.233982][T12062] CPU: 1 UID: 0 PID: 12062 Comm: syz.1.3182 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  183.243050][T11940] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  183.244399][T12062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  183.254811][T11940] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  183.264760][T12062] Call Trace:
[  183.264770][T12062]  <TASK>
[  183.264786][T12062]  dump_stack_lvl+0xf2/0x150
[  183.285182][   T87] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.285981][T12062]  dump_stack+0x15/0x20
[  183.293053][   T87] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.297140][T12062]  should_fail_ex+0x223/0x230
[  183.309142][T12062]  should_failslab+0x8f/0xb0
[  183.309179][   T87] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.309209][   T87] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.313782][T12062]  kmem_cache_alloc_node_noprof+0x59/0x320
[  183.313821][T12062]  ? __alloc_skb+0x10b/0x310
[  183.338558][T12062]  __alloc_skb+0x10b/0x310
[  183.343065][T12062]  netlink_alloc_large_skb+0xad/0xe0
[  183.348381][T12062]  netlink_sendmsg+0x3b4/0x6e0
[  183.353191][T12062]  ? __pfx_netlink_sendmsg+0x10/0x10
[  183.358516][T12062]  __sock_sendmsg+0x140/0x180
[  183.363233][T12062]  ____sys_sendmsg+0x312/0x410
[  183.368104][T12062]  __sys_sendmsg+0x19d/0x230
[  183.372756][T12062]  __x64_sys_sendmsg+0x46/0x50
[  183.377565][T12062]  x64_sys_call+0x2734/0x2dc0
[  183.382287][T12062]  do_syscall_64+0xc9/0x1c0
[  183.386819][T12062]  ? clear_bhb_loop+0x55/0xb0
[  183.391612][T12062]  ? clear_bhb_loop+0x55/0xb0
[  183.396393][T12062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.398647][T11940] 8021q: adding VLAN 0 to HW filter on device batadv0
[  183.402374][T12062] RIP: 0033:0x7fb4e2450849
[  183.402394][T12062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.433302][T12062] RSP: 002b:00007fb4e0ac7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  183.441834][T12062] RAX: ffffffffffffffda RBX: 00007fb4e2615fa0 RCX: 00007fb4e2450849
[  183.450179][T12062] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 000000000000000b
[  183.458262][T12062] RBP: 00007fb4e0ac70a0 R08: 0000000000000000 R09: 0000000000000000
[  183.466361][T12062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.474445][T12062] R13: 0000000000000000 R14: 00007fb4e2615fa0 R15: 00007ffeeefbe898
[  183.482508][T12062]  </TASK>
[  183.496461][T12080] FAULT_INJECTION: forcing a failure.
[  183.496461][T12080] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.509790][T12080] CPU: 0 UID: 0 PID: 12080 Comm: syz.5.3185 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  183.520227][T12080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  183.530307][T12080] Call Trace:
[  183.533610][T12080]  <TASK>
[  183.536560][T12080]  dump_stack_lvl+0xf2/0x150
[  183.541182][T12080]  dump_stack+0x15/0x20
[  183.545357][T12080]  should_fail_ex+0x223/0x230
[  183.550146][T12080]  should_fail+0xb/0x10
[  183.554351][T12080]  should_fail_usercopy+0x1a/0x20
[  183.559533][T12080]  _copy_from_user+0x1e/0xb0
[  183.564202][T12080]  get_nodes+0x28e/0x330
[  183.568598][T12080]  __x64_sys_set_mempolicy+0xf6/0x160
[  183.574011][T12080]  x64_sys_call+0x673/0x2dc0
[  183.578764][T12080]  do_syscall_64+0xc9/0x1c0
[  183.583362][T12080]  ? clear_bhb_loop+0x55/0xb0
[  183.588129][T12080]  ? clear_bhb_loop+0x55/0xb0
[  183.592898][T12080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.598908][T12080] RIP: 0033:0x7f2a335f0849
[  183.603348][T12080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.623015][T12080] RSP: 002b:00007f2a31c67058 EFLAGS: 00000246 ORIG_RAX: 00000000000000ee
[  183.631461][T12080] RAX: ffffffffffffffda RBX: 00007f2a337b5fa0 RCX: 00007f2a335f0849
[  183.639522][T12080] RDX: 0000000000000009 RSI: 0000000020001c00 RDI: 0000000000006005
[  183.647512][T12080] RBP: 00007f2a31c670a0 R08: 0000000000000000 R09: 0000000000000000
[  183.655505][T12080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.663589][T12080] R13: 0000000000000000 R14: 00007f2a337b5fa0 R15: 00007ffc750a6218
[  183.671596][T12080]  </TASK>
[  183.772267][T11940] veth0_vlan: entered promiscuous mode
[  183.781156][T11940] veth1_vlan: entered promiscuous mode
[  183.830842][T11940] veth0_macvtap: entered promiscuous mode
[  183.838884][T11940] veth1_macvtap: entered promiscuous mode
[  183.856357][T11940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  183.867178][T11940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.877230][T11940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  183.887901][T11940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.897906][T11940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  183.908490][T11940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.919439][T11940] batman_adv: batadv0: Interface activated: batadv_slave_0
[  183.919509][T12093] loop5: detected capacity change from 0 to 1024
[  183.934471][T11940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.945144][T11940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.955179][T11940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.966019][T11940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.976130][T11940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  183.986826][T11940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.997800][T11940] batman_adv: batadv0: Interface activated: batadv_slave_1
[  184.009950][T12106] FAULT_INJECTION: forcing a failure.
[  184.009950][T12106] name failslab, interval 1, probability 0, space 0, times 0
[  184.020929][T11940] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  184.022640][T12106] CPU: 1 UID: 0 PID: 12106 Comm: syz.1.3192 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  184.022747][T12106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  184.022768][T12106] Call Trace:
[  184.022773][T12106]  <TASK>
[  184.022780][T12106]  dump_stack_lvl+0xf2/0x150
[  184.022803][T12106]  dump_stack+0x15/0x20
[  184.031743][T11940] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  184.041903][T12106]  should_fail_ex+0x223/0x230
[  184.041941][T12106]  ? rtnl_newlink+0x5d/0x1200
[  184.041969][T12106]  should_failslab+0x8f/0xb0
[  184.042036][T12106]  __kmalloc_cache_noprof+0x4e/0x320
[  184.042113][T12106]  ? __pfx_rtnl_newlink+0x10/0x10
[  184.042146][T12106]  rtnl_newlink+0x5d/0x1200
[  184.042171][T12106]  ? free_unref_page_commit+0x67/0x270
[  184.052442][T11940] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  184.055533][T12106]  ? x86_call_depth_emit_accounting+0xe2/0x1f0
[  184.055577][T12106]  ? xas_load+0x3ae/0x3d0
[  184.055605][T12106]  ? xas_load+0x3ae/0x3d0
[  184.055633][T12106]  ? __rcu_read_unlock+0x4e/0x70
[  184.055660][T12106]  ? xa_load+0xb9/0xe0
[  184.058764][T11940] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  184.063175][T12106]  ? memcg_list_lru_alloc+0xce/0x4e0
[  184.063214][T12106]  ? __memcg_slab_free_hook+0xc9/0x1e0
[  184.063257][T12106]  ? __rcu_read_unlock+0x4e/0x70
[  184.063335][T12106]  ? avc_has_perm_noaudit+0x1cc/0x210
[  184.104545][T12107] loop0: detected capacity change from 0 to 4096
[  184.104936][T12106]  ? selinux_capable+0x1f2/0x260
[  184.183975][T12106]  ? security_capable+0x81/0x90
[  184.188933][T12106]  ? ns_capable+0x7d/0xb0
[  184.193272][T12106]  ? __pfx_rtnl_newlink+0x10/0x10
[  184.198364][T12106]  rtnetlink_rcv_msg+0x651/0x710
[  184.203316][T12106]  ? ref_tracker_free+0x3a5/0x410
[  184.208508][T12106]  ? __dev_queue_xmit+0x186/0x2090
[  184.213698][T12106]  netlink_rcv_skb+0x12c/0x230
[  184.218537][T12106]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  184.224066][T12106]  rtnetlink_rcv+0x1c/0x30
[  184.228526][T12106]  netlink_unicast+0x599/0x670
[  184.233324][T12106]  netlink_sendmsg+0x5cc/0x6e0
[  184.238122][T12106]  ? __pfx_netlink_sendmsg+0x10/0x10
[  184.243431][T12106]  __sock_sendmsg+0x140/0x180
[  184.248199][T12106]  ____sys_sendmsg+0x312/0x410
[  184.252979][T12106]  __sys_sendmsg+0x19d/0x230
[  184.257655][T12106]  __x64_sys_sendmsg+0x46/0x50
[  184.262433][T12106]  x64_sys_call+0x2734/0x2dc0
[  184.267157][T12106]  do_syscall_64+0xc9/0x1c0
[  184.271689][T12106]  ? clear_bhb_loop+0x55/0xb0
[  184.276416][T12106]  ? clear_bhb_loop+0x55/0xb0
[  184.281104][T12106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.287057][T12106] RIP: 0033:0x7fb4e2450849
[  184.291511][T12106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.311180][T12106] RSP: 002b:00007fb4e0ac7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.319603][T12106] RAX: ffffffffffffffda RBX: 00007fb4e2615fa0 RCX: 00007fb4e2450849
[  184.327618][T12106] RDX: 0000000000000810 RSI: 0000000020000280 RDI: 0000000000000005
[  184.335727][T12106] RBP: 00007fb4e0ac70a0 R08: 0000000000000000 R09: 0000000000000000
[  184.343794][T12106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.351776][T12106] R13: 0000000000000000 R14: 00007fb4e2615fa0 R15: 00007ffeeefbe898
[  184.359791][T12106]  </TASK>
[  184.370086][T12093] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.371121][T12107] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  184.404317][T12107] EXT4-fs: failed to create workqueue
[  184.419802][T12107] EXT4-fs (loop0): mount failed
[  184.428158][T12115] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3194'.
[  184.436306][T12090] EXT4-fs error (device loop5): ext4_xattr_inode_iget:440: inode #11: comm syz.5.3188: missing EA_INODE flag
[  184.467805][T12090] EXT4-fs (loop5): Remounting filesystem read-only
[  184.474839][T12117] loop3: detected capacity change from 0 to 1024
[  184.481874][T12090] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  184.491497][T12117] EXT4-fs: Ignoring removed orlov option
[  184.497412][T12117] EXT4-fs: Ignoring removed nomblk_io_submit option
[  184.500350][T12090] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  184.513044][T12121] FAULT_INJECTION: forcing a failure.
[  184.513044][T12121] name failslab, interval 1, probability 0, space 0, times 0
[  184.525978][T12121] CPU: 0 UID: 0 PID: 12121 Comm: syz.0.3195 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  184.536468][T12121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  184.546550][T12121] Call Trace:
[  184.549892][T12121]  <TASK>
[  184.552837][T12121]  dump_stack_lvl+0xf2/0x150
[  184.557502][T12121]  dump_stack+0x15/0x20
[  184.561679][T12121]  should_fail_ex+0x223/0x230
[  184.566398][T12121]  should_failslab+0x8f/0xb0
[  184.571103][T12121]  kmem_cache_alloc_noprof+0x52/0x320
[  184.576539][T12121]  ? alloc_empty_file+0xd0/0x200
[  184.581506][T12121]  ? _raw_spin_unlock+0x26/0x50
[  184.586425][T12121]  alloc_empty_file+0xd0/0x200
[  184.591244][T12121]  alloc_file_pseudo+0xc3/0x140
[  184.596221][T12121]  hugetlb_file_setup+0x290/0x3c0
[  184.600999][T12122] loop1: detected capacity change from 0 to 256
[  184.601332][T12121]  ksys_mmap_pgoff+0x172/0x330
[  184.612356][T12121]  x64_sys_call+0x1940/0x2dc0
[  184.617057][T12121]  do_syscall_64+0xc9/0x1c0
[  184.621661][T12121]  ? clear_bhb_loop+0x55/0xb0
[  184.626357][T12121]  ? clear_bhb_loop+0x55/0xb0
[  184.631056][T12121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.637057][T12121] RIP: 0033:0x7f54de770849
[  184.641530][T12121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.661259][T12121] RSP: 002b:00007f54dcde7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  184.669715][T12121] RAX: ffffffffffffffda RBX: 00007f54de935fa0 RCX: 00007f54de770849
[  184.672836][T12124] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12124 comm=syz.1.3198
[  184.677690][T12121] RDX: 0000000000000000 RSI: 0000000001400000 RDI: 0000000020000000
[  184.698601][T12121] RBP: 00007f54dcde70a0 R08: ffffffffffffffff R09: 0000000000000000
[  184.706673][T12121] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001
[  184.714661][T12121] R13: 0000000000000000 R14: 00007f54de935fa0 R15: 00007fffc3229128
[  184.722670][T12121]  </TASK>
[  184.741806][T12117] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.823088][T12139] loop1: detected capacity change from 0 to 512
[  184.841442][T12145] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3204'.
[  184.850830][T12145] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3204'.
[  184.853241][T12139] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  184.859960][T12145] netlink: 'syz.0.3204': attribute type 2 has an invalid length.
[  184.893819][T11940] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.907638][T12139] loop1: detected capacity change from 0 to 256
[  184.928222][T12152] FAULT_INJECTION: forcing a failure.
[  184.928222][T12152] name failslab, interval 1, probability 0, space 0, times 0
[  184.941120][T12152] CPU: 0 UID: 0 PID: 12152 Comm: syz.3.3206 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  184.951570][T12152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  184.961661][T12152] Call Trace:
[  184.964946][T12152]  <TASK>
[  184.967960][T12152]  dump_stack_lvl+0xf2/0x150
[  184.972661][T12152]  dump_stack+0x15/0x20
[  184.976840][T12152]  should_fail_ex+0x223/0x230
[  184.981559][T12152]  ? legacy_init_fs_context+0x31/0x70
[  184.987014][T12152]  should_failslab+0x8f/0xb0
[  184.991685][T12152]  __kmalloc_cache_noprof+0x4e/0x320
[  184.997083][T12152]  legacy_init_fs_context+0x31/0x70
[  185.002292][T12152]  alloc_fs_context+0x3fb/0x4e0
[  185.007235][T12152]  fs_context_for_mount+0x21/0x30
[  185.012304][T12152]  do_new_mount+0xf3/0x690
[  185.016727][T12152]  path_mount+0x49b/0xb30
[  185.021064][T12152]  __se_sys_mount+0x27c/0x2d0
[  185.025807][T12152]  __x64_sys_mount+0x67/0x80
[  185.030431][T12152]  x64_sys_call+0x2c84/0x2dc0
[  185.035126][T12152]  do_syscall_64+0xc9/0x1c0
[  185.039682][T12152]  ? clear_bhb_loop+0x55/0xb0
[  185.044535][T12152]  ? clear_bhb_loop+0x55/0xb0
[  185.049240][T12152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.055153][T12152] RIP: 0033:0x7f11086e0849
[  185.059646][T12152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.079281][T12152] RSP: 002b:00007f1106d57058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  185.087713][T12152] RAX: ffffffffffffffda RBX: 00007f11088a5fa0 RCX: 00007f11086e0849
[  185.095688][T12152] RDX: 00000000200002c0 RSI: 0000000020000080 RDI: 0000000000000000
[  185.103732][T12152] RBP: 00007f1106d570a0 R08: 0000000020000400 R09: 0000000000000000
[  185.111730][T12152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.119791][T12152] R13: 0000000000000000 R14: 00007f11088a5fa0 R15: 00007ffe7589aef8
[  185.127816][T12152]  </TASK>
[  185.194770][T12161] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3209'.
[  185.217405][ T8086] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.321530][T12159] loop1: detected capacity change from 0 to 256
[  185.399448][T12180] loop1: detected capacity change from 0 to 1024
[  185.445313][T12180] EXT4-fs: Ignoring removed orlov option
[  185.451253][T12180] EXT4-fs: Ignoring removed nomblk_io_submit option
[  185.510468][T12177] usb usb4: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  185.521184][T12186] FAULT_INJECTION: forcing a failure.
[  185.521184][T12186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.534441][T12186] CPU: 1 UID: 0 PID: 12186 Comm: syz.5.3219 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  185.545094][T12186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  185.555173][T12186] Call Trace:
[  185.558468][T12186]  <TASK>
[  185.561417][T12186]  dump_stack_lvl+0xf2/0x150
[  185.566033][T12186]  dump_stack+0x15/0x20
[  185.570208][T12186]  should_fail_ex+0x223/0x230
[  185.575029][T12186]  should_fail+0xb/0x10
[  185.579222][T12186]  should_fail_usercopy+0x1a/0x20
[  185.584311][T12186]  _copy_from_iter+0xd5/0xd00
[  185.589031][T12186]  ? __alloc_skb+0x1b5/0x310
[  185.593644][T12186]  ? kmalloc_reserve+0x16e/0x190
[  185.598611][T12186]  ? __build_skb_around+0x196/0x1f0
[  185.603908][T12186]  ? __alloc_skb+0x21f/0x310
[  185.608510][T12186]  ? __virt_addr_valid+0x1ed/0x250
[  185.613693][T12186]  ? __check_object_size+0x364/0x520
[  185.619096][T12186]  netlink_sendmsg+0x460/0x6e0
[  185.623919][T12186]  ? __pfx_netlink_sendmsg+0x10/0x10
[  185.629257][T12186]  __sock_sendmsg+0x140/0x180
[  185.633984][T12186]  ____sys_sendmsg+0x312/0x410
[  185.638825][T12186]  __sys_sendmsg+0x19d/0x230
[  185.643533][T12186]  __x64_sys_sendmsg+0x46/0x50
[  185.648364][T12186]  x64_sys_call+0x2734/0x2dc0
[  185.653112][T12186]  do_syscall_64+0xc9/0x1c0
[  185.657634][T12186]  ? clear_bhb_loop+0x55/0xb0
[  185.662414][T12186]  ? clear_bhb_loop+0x55/0xb0
[  185.667152][T12186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.673223][T12186] RIP: 0033:0x7f2a335f0849
[  185.677658][T12186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.677933][T12177] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub.
[  185.697419][T12186] RSP: 002b:00007f2a31c67058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  185.713065][T12186] RAX: ffffffffffffffda RBX: 00007f2a337b5fa0 RCX: 00007f2a335f0849
[  185.721052][T12186] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[  185.729038][T12186] RBP: 00007f2a31c670a0 R08: 0000000000000000 R09: 0000000000000000
[  185.737079][T12186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.745064][T12186] R13: 0000000000000000 R14: 00007f2a337b5fa0 R15: 00007ffc750a6218
[  185.753095][T12186]  </TASK>
[  185.768295][T12180] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.811222][T12184] team0 (unregistering): Port device team_slave_0 removed
[  185.837189][T12184] team0 (unregistering): Port device team_slave_1 removed
[  185.866919][T12192] netlink: 'syz.5.3221': attribute type 10 has an invalid length.
[  185.887704][T12194] loop3: detected capacity change from 0 to 1024
[  185.911196][T12194] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.928218][T12194] EXT4-fs error (device loop3): ext4_xattr_inode_iget:440: inode #11: comm syz.3.3222: missing EA_INODE flag
[  185.953058][T12194] EXT4-fs (loop3): Remounting filesystem read-only
[  185.966295][T12194] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  185.981060][T12194] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  185.993164][T12207] loop0: detected capacity change from 0 to 128
[  186.012570][T12200] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3223'.
[  186.088503][T12216] loop2: detected capacity change from 0 to 512
[  186.126665][T12221] loop3: detected capacity change from 0 to 256
[  186.135072][T12225] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3232'.
[  186.151441][T12216] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  186.188752][T12231] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3232'.
[  186.261681][T12235] loop3: detected capacity change from 0 to 1024
[  186.268960][T12233] loop1: detected capacity change from 0 to 2048
[  186.286850][T12235] EXT4-fs: Ignoring removed orlov option
[  186.292638][T12235] EXT4-fs: Ignoring removed nomblk_io_submit option
[  186.303752][T12239] 9pnet_fd: Insufficient options for proto=fd
[  186.336942][T12233] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  186.360374][T12233] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 16383 with max blocks 1 with error 28
[  186.373000][T12233] EXT4-fs (loop1): This should not happen!! Data will be lost
[  186.373000][T12233] 
[  186.382716][T12233] EXT4-fs (loop1): Total free blocks count 0
[  186.388743][T12233] EXT4-fs (loop1): Free/Dirty block details
[  186.394769][T12233] EXT4-fs (loop1): free_blocks=2415919104
[  186.400632][T12233] EXT4-fs (loop1): dirty_blocks=16
[  186.405836][T12233] EXT4-fs (loop1): Block reservation details
[  186.411868][T12233] EXT4-fs (loop1): i_reserved_data_blocks=1
[  186.463860][T12255] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3238'.
[  186.479032][T12256] loop5: detected capacity change from 0 to 1024
[  186.504074][T12256] EXT4-fs error (device loop5): ext4_xattr_inode_iget:440: inode #11: comm syz.5.3237: missing EA_INODE flag
[  186.527571][T12256] EXT4-fs (loop5): Remounting filesystem read-only
[  186.548612][T12256] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  186.574831][T12256] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  186.636429][T12265] loop2: detected capacity change from 0 to 1024
[  186.650602][T12265] EXT4-fs: Ignoring removed orlov option
[  186.656327][T12265] EXT4-fs: Ignoring removed nomblk_io_submit option
[  186.707339][T12271] loop1: detected capacity change from 0 to 256
[  186.766245][T12278] loop1: detected capacity change from 0 to 512
[  186.801024][T12278] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3245'.
[  186.897314][T12288] usb usb5: usbfs: process 12288 (syz.1.3250) did not claim interface 0 before use
[  186.993325][T12298] loop0: detected capacity change from 0 to 512
[  187.000558][T12297] loop1: detected capacity change from 0 to 256
[  187.091826][T12311] loop5: detected capacity change from 0 to 1024
[  187.098656][T12311] EXT4-fs: Ignoring removed orlov option
[  187.104435][T12311] EXT4-fs: Ignoring removed nomblk_io_submit option
[  187.165312][T12321] FAULT_INJECTION: forcing a failure.
[  187.165312][T12321] name failslab, interval 1, probability 0, space 0, times 0
[  187.175030][T12326] loop3: detected capacity change from 0 to 2048
[  187.178011][T12321] CPU: 1 UID: 0 PID: 12321 Comm: syz.2.3261 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  187.194806][T12321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  187.204899][T12321] Call Trace:
[  187.208194][T12321]  <TASK>
[  187.211160][T12321]  dump_stack_lvl+0xf2/0x150
[  187.215788][T12321]  dump_stack+0x15/0x20
[  187.219990][T12321]  should_fail_ex+0x223/0x230
[  187.224728][T12321]  should_failslab+0x8f/0xb0
[  187.229401][T12321]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  187.235821][T12321]  ? bcmp+0x5b/0x80
[  187.239643][T12321]  ? vfs_parse_fs_string+0x6a/0xd0
[  187.244775][T12321]  kmemdup_nul+0x30/0x80
[  187.249154][T12321]  vfs_parse_fs_string+0x6a/0xd0
[  187.254110][T12321]  shmem_parse_options+0x112/0x160
[  187.259378][T12321]  parse_monolithic_mount_data+0x43/0x50
[  187.265035][T12321]  do_new_mount+0x1fa/0x690
[  187.269556][T12321]  path_mount+0x49b/0xb30
[  187.273930][T12321]  __se_sys_mount+0x27c/0x2d0
[  187.278624][T12321]  __x64_sys_mount+0x67/0x80
[  187.283238][T12321]  x64_sys_call+0x2c84/0x2dc0
[  187.287929][T12321]  do_syscall_64+0xc9/0x1c0
[  187.292439][T12321]  ? clear_bhb_loop+0x55/0xb0
[  187.297206][T12321]  ? clear_bhb_loop+0x55/0xb0
[  187.301887][T12321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.307807][T12321] RIP: 0033:0x7f0632af0849
[  187.312243][T12321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.331861][T12321] RSP: 002b:00007f0631167058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  187.340288][T12321] RAX: ffffffffffffffda RBX: 00007f0632cb5fa0 RCX: 00007f0632af0849
[  187.348262][T12321] RDX: 0000000020000400 RSI: 00000000200003c0 RDI: 0000000000000000
[  187.356250][T12321] RBP: 00007f06311670a0 R08: 0000000020000440 R09: 0000000000000000
[  187.364239][T12321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.372408][T12321] R13: 0000000000000000 R14: 00007f0632cb5fa0 R15: 00007ffcf1ae9958
[  187.380395][T12321]  </TASK>
[  187.432043][T12326] FAULT_INJECTION: forcing a failure.
[  187.432043][T12326] name failslab, interval 1, probability 0, space 0, times 0
[  187.444898][T12326] CPU: 1 UID: 0 PID: 12326 Comm: syz.3.3262 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  187.455341][T12326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  187.465532][T12326] Call Trace:
[  187.468847][T12326]  <TASK>
[  187.471833][T12326]  dump_stack_lvl+0xf2/0x150
[  187.476451][T12326]  dump_stack+0x15/0x20
[  187.480632][T12326]  should_fail_ex+0x223/0x230
[  187.485404][T12326]  should_failslab+0x8f/0xb0
[  187.490129][T12326]  kmem_cache_alloc_noprof+0x52/0x320
[  187.495532][T12326]  ? __es_insert_extent+0x563/0xed0
[  187.500899][T12326]  ? _find_next_zero_bit+0x29/0x90
[  187.506050][T12326]  __es_insert_extent+0x563/0xed0
[  187.511253][T12326]  ? ___slab_alloc+0x2b7/0x980
[  187.516078][T12326]  ? ext4_find_extent+0x172/0x7c0
[  187.521177][T12326]  ext4_es_cache_extent+0x294/0x3a0
[  187.526408][T12326]  ext4_find_extent+0x34f/0x7c0
[  187.531343][T12326]  ext4_ext_map_blocks+0x11f/0x35c0
[  187.536621][T12326]  ? radix_tree_node_alloc+0x146/0x1e0
[  187.542171][T12326]  ? kmem_cache_alloc_noprof+0x1fb/0x320
[  187.547889][T12326]  ? radix_tree_node_alloc+0x146/0x1e0
[  187.553443][T12326]  ? down_read+0x171/0x4b0
[  187.557910][T12326]  ext4_map_query_blocks+0x71/0x180
[  187.563222][T12326]  ext4_map_blocks+0x23c/0xd20
[  187.568060][T12326]  ? xa_load+0xb9/0xe0
[  187.572157][T12326]  ? xas_load+0x3ae/0x3d0
[  187.576566][T12326]  ? xa_load+0xb9/0xe0
[  187.580684][T12326]  ext4_getblk+0x11f/0x530
[  187.585150][T12326]  ext4_bread_batch+0x5b/0x360
[  187.589985][T12326]  __ext4_find_entry+0xa1d/0x1090
[  187.595044][T12326]  ? d_alloc_parallel+0xbf0/0xc60
[  187.600120][T12326]  ext4_lookup+0xba/0x390
[  187.604474][T12326]  ? __pfx_ext4_lookup+0x10/0x10
[  187.609488][T12326]  path_openat+0xd40/0x1fa0
[  187.614143][T12326]  do_filp_open+0x107/0x230
[  187.618803][T12326]  do_open_execat+0xd0/0x280
[  187.623497][T12326]  alloc_bprm+0x28/0x5d0
[  187.627787][T12326]  do_execveat_common+0x134/0x800
[  187.632845][T12326]  ? getname_flags+0x15a/0x3b0
[  187.637781][T12326]  __x64_sys_execveat+0x75/0x90
[  187.642665][T12326]  x64_sys_call+0x291e/0x2dc0
[  187.647447][T12326]  do_syscall_64+0xc9/0x1c0
[  187.652040][T12326]  ? clear_bhb_loop+0x55/0xb0
[  187.656748][T12326]  ? clear_bhb_loop+0x55/0xb0
[  187.661536][T12326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.667483][T12326] RIP: 0033:0x7f11086e0849
[  187.672063][T12326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.691960][T12326] RSP: 002b:00007f1106d57058 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  187.700391][T12326] RAX: ffffffffffffffda RBX: 00007f11088a5fa0 RCX: 00007f11086e0849
[  187.708445][T12326] RDX: 0000000000000000 RSI: 0000000020000140 RDI: ffffffffffffff9c
[  187.708500][   T29] kauditd_printk_skb: 778 callbacks suppressed
[  187.708512][   T29] audit: type=1326 audit(1867175306.239:17404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12335 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  187.716490][T12326] RBP: 00007f1106d570a0 R08: 0000000000000000 R09: 0000000000000000
[  187.716508][T12326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.716525][T12326] R13: 0000000000000000 R14: 00007f11088a5fa0 R15: 00007ffe7589aef8
[  187.716562][T12326]  </TASK>
[  187.774714][   T29] audit: type=1326 audit(1867175306.289:17405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12335 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  187.782480][T12341] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12341 comm=syz.0.3267
[  187.798392][   T29] audit: type=1326 audit(1867175306.289:17406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12335 comm="syz.2.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  187.929767][   T29] audit: type=1400 audit(1867175306.459:17407): avc:  denied  { map_create } for  pid=12342 comm="syz.2.3268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  187.949339][   T29] audit: type=1400 audit(1867175306.459:17408): avc:  denied  { perfmon } for  pid=12342 comm="syz.2.3268" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  187.949366][   T29] audit: type=1400 audit(1867175306.459:17409): avc:  denied  { map_read map_write } for  pid=12342 comm="syz.2.3268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  187.949432][   T29] audit: type=1400 audit(1867175306.459:17410): avc:  denied  { create } for  pid=12348 comm="syz.3.3269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  187.949456][   T29] audit: type=1400 audit(1867175306.459:17411): avc:  denied  { prog_load } for  pid=12342 comm="syz.2.3268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  187.949482][   T29] audit: type=1400 audit(1867175306.459:17412): avc:  denied  { bpf } for  pid=12342 comm="syz.2.3268" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  187.999741][   T29] audit: type=1400 audit(1867175306.529:17413): avc:  denied  { read write } for  pid=8086 comm="syz-executor" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  188.231434][T12364] __nla_validate_parse: 6 callbacks suppressed
[  188.231453][T12364] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3278'.
[  188.253848][T12361] loop2: detected capacity change from 0 to 256
[  188.273262][T12369] loop0: detected capacity change from 0 to 1024
[  188.300445][T12369] EXT4-fs error (device loop0): ext4_xattr_inode_iget:440: inode #11: comm syz.0.3276: missing EA_INODE flag
[  188.329489][T12369] EXT4-fs (loop0): Remounting filesystem read-only
[  188.337078][T12378] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12378 comm=syz.3.3281
[  188.355811][T12383] loop1: detected capacity change from 0 to 1024
[  188.372815][T12369] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  188.391945][T12369] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  188.416070][T12383] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: inode #11: comm syz.1.3274: missing EA_INODE flag
[  188.453842][T12383] EXT4-fs (loop1): Remounting filesystem read-only
[  188.467068][T12383] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  188.475978][T12383] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  188.486488][T12394] loop2: detected capacity change from 0 to 1024
[  188.493206][T12394] EXT4-fs: Ignoring removed orlov option
[  188.498951][T12394] EXT4-fs: Ignoring removed nomblk_io_submit option
[  188.690238][T12409] loop2: detected capacity change from 0 to 256
[  188.745101][T12413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12413 comm=syz.3.3295
[  189.005831][T12434] loop3: detected capacity change from 0 to 256
[  189.065653][T12439] loop0: detected capacity change from 0 to 1024
[  189.072966][T12438] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12438 comm=syz.2.3309
[  189.088673][T12439] EXT4-fs: Ignoring removed orlov option
[  189.094779][T12439] EXT4-fs: Ignoring removed nomblk_io_submit option
[  189.347997][T12475] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12475 comm=syz.5.3321
[  189.385348][T12477] loop0: detected capacity change from 0 to 1024
[  189.397745][T12476] loop3: detected capacity change from 0 to 256
[  189.442344][T12477] EXT4-fs error (device loop0): ext4_xattr_inode_iget:440: inode #11: comm syz.0.3319: missing EA_INODE flag
[  189.492566][T12477] EXT4-fs (loop0): Remounting filesystem read-only
[  189.520078][T12477] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  189.529101][T12477] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=12
[  189.538741][T12490] loop5: detected capacity change from 0 to 8192
[  189.550704][T12490] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  189.649070][T12498] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12498 comm=syz.3.3334
[  189.712792][T12503] loop5: detected capacity change from 0 to 1024
[  189.735369][T12503] EXT4-fs: Ignoring removed orlov option
[  189.741220][T12503] EXT4-fs: Ignoring removed nomblk_io_submit option
[  189.782504][T12513] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3339'.
[  189.798389][T12513] loop1: detected capacity change from 0 to 256
[  189.883179][T12526] FAULT_INJECTION: forcing a failure.
[  189.883179][T12526] name failslab, interval 1, probability 0, space 0, times 0
[  189.896228][T12526] CPU: 1 UID: 0 PID: 12526 Comm: syz.3.3343 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  189.906735][T12526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  189.916830][T12526] Call Trace:
[  189.920161][T12526]  <TASK>
[  189.923131][T12526]  dump_stack_lvl+0xf2/0x150
[  189.927744][T12526]  dump_stack+0x15/0x20
[  189.931922][T12526]  should_fail_ex+0x223/0x230
[  189.936781][T12526]  should_failslab+0x8f/0xb0
[  189.941523][T12526]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  189.947896][T12526]  ? sidtab_sid2str_get+0xb8/0x140
[  189.953135][T12526]  kmemdup_noprof+0x2a/0x60
[  189.957665][T12526]  sidtab_sid2str_get+0xb8/0x140
[  189.962682][T12526]  security_sid_to_context_core+0x1eb/0x2f0
[  189.968659][T12526]  security_sid_to_context+0x27/0x30
[  189.974019][T12526]  selinux_lsmprop_to_secctx+0x2c/0x40
[  189.979515][T12526]  security_lsmprop_to_secctx+0x4a/0x90
[  189.985143][T12526]  audit_log_task_context+0x93/0x1c0
[  189.990480][T12526]  audit_log_task+0xf9/0x1c0
[  189.995157][T12526]  audit_seccomp+0x68/0x130
[  189.999707][T12526]  __seccomp_filter+0x6fa/0x1180
[  190.004742][T12526]  __secure_computing+0x9f/0x1c0
[  190.009742][T12526]  syscall_trace_enter+0xd1/0x1f0
[  190.014801][T12526]  do_syscall_64+0xaa/0x1c0
[  190.019372][T12526]  ? clear_bhb_loop+0x55/0xb0
[  190.024135][T12526]  ? clear_bhb_loop+0x55/0xb0
[  190.028827][T12526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.034819][T12526] RIP: 0033:0x7f11086df25c
[  190.039265][T12526] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  190.058940][T12526] RSP: 002b:00007f1106d57050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  190.067379][T12526] RAX: ffffffffffffffda RBX: 00007f11088a5fa0 RCX: 00007f11086df25c
[  190.075472][T12526] RDX: 000000000000000f RSI: 00007f1106d570b0 RDI: 0000000000000005
[  190.083469][T12526] RBP: 00007f1106d570a0 R08: 0000000000000000 R09: 0000000000000000
[  190.091485][T12526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.099505][T12526] R13: 0000000000000000 R14: 00007f11088a5fa0 R15: 00007ffe7589aef8
[  190.107509][T12526]  </TASK>
[  190.138259][T12532] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12532 comm=syz.0.3346
[  190.209573][T12541] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3351'.
[  190.255578][T12541] loop1: detected capacity change from 0 to 256
[  190.327571][T12551] loop0: detected capacity change from 0 to 2048
[  190.388304][T12561] loop1: detected capacity change from 0 to 1024
[  190.396729][T12561] EXT4-fs: Ignoring removed orlov option
[  190.402518][T12561] EXT4-fs: Ignoring removed nomblk_io_submit option
[  190.419078][T12564] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12564 comm=syz.5.3361
[  190.453274][T12563] loop3: detected capacity change from 0 to 1024
[  190.476577][T12563] EXT4-fs error (device loop3): ext4_xattr_inode_iget:440: inode #11: comm syz.3.3356: missing EA_INODE flag
[  190.499669][T12563] EXT4-fs (loop3): Remounting filesystem read-only
[  190.506996][T12563] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  190.518101][T12563] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  190.624761][T12590] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3369'.
[  190.640907][T12590] loop1: detected capacity change from 0 to 256
[  190.695925][T12596] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12596 comm=syz.1.3372
[  190.801236][T12604] netlink: 'syz.1.3376': attribute type 1 has an invalid length.
[  190.809159][T12604] netlink: 'syz.1.3376': attribute type 2 has an invalid length.
[  190.817120][T12604] netlink: 16074 bytes leftover after parsing attributes in process `syz.1.3376'.
[  190.948811][T12620] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12620 comm=syz.5.3384
[  190.949016][T12618] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3383'.
[  190.979535][T12618] loop1: detected capacity change from 0 to 256
[  191.075140][T12631] loop0: detected capacity change from 0 to 1024
[  191.081936][T12631] EXT4-fs: Ignoring removed orlov option
[  191.087644][T12631] EXT4-fs: Ignoring removed nomblk_io_submit option
[  191.289986][T12652] FAULT_INJECTION: forcing a failure.
[  191.289986][T12652] name failslab, interval 1, probability 0, space 0, times 0
[  191.302801][T12652] CPU: 1 UID: 0 PID: 12652 Comm: syz.1.3396 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  191.306554][T12640] loop3: detected capacity change from 0 to 512
[  191.313285][T12652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  191.313306][T12652] Call Trace:
[  191.313314][T12652]  <TASK>
[  191.313325][T12652]  dump_stack_lvl+0xf2/0x150
[  191.313354][T12652]  dump_stack+0x15/0x20
[  191.344645][T12652]  should_fail_ex+0x223/0x230
[  191.349367][T12652]  should_failslab+0x8f/0xb0
[  191.354052][T12652]  kmem_cache_alloc_noprof+0x52/0x320
[  191.359464][T12652]  ? dup_fd+0x3a/0x6a0
[  191.363557][T12652]  dup_fd+0x3a/0x6a0
[  191.367508][T12652]  ? avc_has_perm+0xd4/0x160
[  191.372235][T12652]  copy_files+0x98/0xe0
[  191.376428][T12652]  copy_process+0xcbf/0x1f90
[  191.381062][T12652]  kernel_clone+0x167/0x5e0
[  191.385586][T12652]  ? vfs_write+0x596/0x920
[  191.390076][T12652]  __x64_sys_clone+0xe8/0x120
[  191.394846][T12652]  x64_sys_call+0x2d7e/0x2dc0
[  191.399658][T12652]  do_syscall_64+0xc9/0x1c0
[  191.404230][T12652]  ? clear_bhb_loop+0x55/0xb0
[  191.408991][T12652]  ? clear_bhb_loop+0x55/0xb0
[  191.413739][T12652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.419676][T12652] RIP: 0033:0x7fb4e2450849
[  191.424135][T12652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.443812][T12652] RSP: 002b:00007fb4e0ac7008 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  191.452259][T12652] RAX: ffffffffffffffda RBX: 00007fb4e2615fa0 RCX: 00007fb4e2450849
[  191.460249][T12652] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[  191.468262][T12652] RBP: 00007fb4e0ac70a0 R08: 0000000000000000 R09: 0000000000000000
[  191.471897][T12656] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12656 comm=syz.5.3397
[  191.476318][T12652] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  191.476343][T12652] R13: 0000000000000000 R14: 00007fb4e2615fa0 R15: 00007ffeeefbe898
[  191.501472][T12640] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  191.504679][T12652]  </TASK>
[  191.528623][T12658] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3398'.
[  191.556725][T12640] EXT4-fs (loop3): 1 truncate cleaned up
[  191.567893][T12658] loop0: detected capacity change from 0 to 256
[  191.570206][T12640] EXT4-fs mount: 38 callbacks suppressed
[  191.570228][T12640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.666435][T12669] loop5: detected capacity change from 0 to 1024
[  191.734348][T12669] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.769409][T12669] EXT4-fs error (device loop5): ext4_xattr_inode_iget:440: inode #11: comm syz.5.3400: missing EA_INODE flag
[  191.824927][T12679] loop1: detected capacity change from 0 to 1024
[  191.839782][T12669] EXT4-fs (loop5): Remounting filesystem read-only
[  191.852747][T12669] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  191.861765][T12669] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  191.862365][T12679] EXT4-fs: Ignoring removed orlov option
[  191.876385][T12679] EXT4-fs: Ignoring removed nomblk_io_submit option
[  191.916782][T12679] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.995066][T11940] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.059403][T12701] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3413'.
[  192.087401][T12701] loop2: detected capacity change from 0 to 256
[  192.177782][T12707] IPv6: Can't replace route, no match found
[  192.341182][ T8086] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.373170][T12729] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3427'.
[  192.390268][T12729] loop3: detected capacity change from 0 to 256
[  192.472890][T12739] FAULT_INJECTION: forcing a failure.
[  192.472890][T12739] name failslab, interval 1, probability 0, space 0, times 0
[  192.485674][T12739] CPU: 0 UID: 0 PID: 12739 Comm: syz.5.3432 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  192.496118][T12739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  192.506229][T12739] Call Trace:
[  192.509529][T12739]  <TASK>
[  192.512520][T12739]  dump_stack_lvl+0xf2/0x150
[  192.517210][T12739]  dump_stack+0x15/0x20
[  192.521436][T12739]  should_fail_ex+0x223/0x230
[  192.526148][T12739]  should_failslab+0x8f/0xb0
[  192.530783][T12739]  __kmalloc_noprof+0xab/0x3f0
[  192.535661][T12739]  ? fib6_info_alloc+0x2c/0x90
[  192.540458][T12739]  fib6_info_alloc+0x2c/0x90
[  192.545152][T12739]  ip6_route_info_create+0x34c/0xba0
[  192.550499][T12739]  ? nla_memcpy+0x7a/0x90
[  192.554893][T12739]  inet6_rtm_newroute+0x3b8/0x1260
[  192.560142][T12739]  ? bpf_trace_run3+0x12b/0x1d0
[  192.565058][T12739]  ? memcg_list_lru_alloc+0xce/0x4e0
[  192.570418][T12739]  ? __memcg_slab_free_hook+0xc9/0x1e0
[  192.576063][T12739]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  192.581716][T12739]  rtnetlink_rcv_msg+0x6aa/0x710
[  192.586791][T12739]  ? ref_tracker_free+0x3a5/0x410
[  192.591889][T12739]  ? __dev_queue_xmit+0x186/0x2090
[  192.597038][T12739]  netlink_rcv_skb+0x12c/0x230
[  192.601853][T12739]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  192.607394][T12739]  rtnetlink_rcv+0x1c/0x30
[  192.611880][T12739]  netlink_unicast+0x599/0x670
[  192.616675][T12739]  netlink_sendmsg+0x5cc/0x6e0
[  192.621530][T12739]  ? __pfx_netlink_sendmsg+0x10/0x10
[  192.626876][T12739]  __sock_sendmsg+0x140/0x180
[  192.631706][T12739]  ____sys_sendmsg+0x312/0x410
[  192.636526][T12739]  __sys_sendmsg+0x19d/0x230
[  192.641232][T12739]  __x64_sys_sendmsg+0x46/0x50
[  192.646036][T12739]  x64_sys_call+0x2734/0x2dc0
[  192.650861][T12739]  do_syscall_64+0xc9/0x1c0
[  192.655426][T12739]  ? clear_bhb_loop+0x55/0xb0
[  192.660128][T12739]  ? clear_bhb_loop+0x55/0xb0
[  192.664912][T12739]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.670891][T12739] RIP: 0033:0x7f2a335f0849
[  192.675314][T12739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.695017][T12739] RSP: 002b:00007f2a31c67058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  192.703602][T12739] RAX: ffffffffffffffda RBX: 00007f2a337b5fa0 RCX: 00007f2a335f0849
[  192.711581][T12739] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000006
[  192.719574][T12739] RBP: 00007f2a31c670a0 R08: 0000000000000000 R09: 0000000000000000
[  192.727632][T12739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.735663][T12739] R13: 0000000000000000 R14: 00007f2a337b5fa0 R15: 00007ffc750a6218
[  192.743661][T12739]  </TASK>
[  192.753231][   T29] kauditd_printk_skb: 1112 callbacks suppressed
[  192.753256][   T29] audit: type=1326 audit(1867175311.289:18525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11086e0849 code=0x7ffc0000
[  192.792868][T12743] loop3: detected capacity change from 0 to 512
[  192.800030][   T29] audit: type=1326 audit(1867175311.319:18526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11086e0849 code=0x7ffc0000
[  192.823909][   T29] audit: type=1326 audit(1867175311.319:18527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11086e0849 code=0x7ffc0000
[  192.848034][   T29] audit: type=1326 audit(1867175311.319:18528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11086e0849 code=0x7ffc0000
[  192.871823][   T29] audit: type=1326 audit(1867175311.319:18529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11086e0849 code=0x7ffc0000
[  192.895436][   T29] audit: type=1326 audit(1867175311.329:18530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f11086e0849 code=0x7ffc0000
[  192.919364][   T29] audit: type=1326 audit(1867175311.329:18531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f11086e0883 code=0x7ffc0000
[  192.943402][   T29] audit: type=1326 audit(1867175311.329:18532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f11086df2ff code=0x7ffc0000
[  192.967359][   T29] audit: type=1326 audit(1867175311.329:18533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f11086e08d7 code=0x7ffc0000
[  192.990899][   T29] audit: type=1326 audit(1867175311.329:18534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12742 comm="syz.3.3433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f11086df1b0 code=0x7ffc0000
[  192.993437][T12743] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  193.030633][T11399] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.060302][T12743] System zones: 0-2, 18-18, 34-34
[  193.069055][T12743] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3433: bg 0: block 248: padding at end of block bitmap is not set
[  193.084286][T12743] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.3433: Failed to acquire dquot type 1
[  193.098993][T12743] EXT4-fs (loop3): 1 truncate cleaned up
[  193.105698][T12743] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.118437][T12743] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.154482][T11940] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.208956][T12761] loop5: detected capacity change from 0 to 1024
[  193.249594][T12761] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.254866][T12769] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3441'.
[  193.276819][T12761] EXT4-fs error (device loop5): ext4_xattr_inode_iget:440: inode #11: comm syz.5.3437: missing EA_INODE flag
[  193.283582][T12769] loop3: detected capacity change from 0 to 256
[  193.302295][T12761] EXT4-fs (loop5): Remounting filesystem read-only
[  193.319882][T12778] loop2: detected capacity change from 0 to 1024
[  193.326696][T12778] EXT4-fs: Ignoring removed orlov option
[  193.332632][T12778] EXT4-fs: Ignoring removed nomblk_io_submit option
[  193.347343][T12761] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  193.357887][T12761] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  193.375137][T12778] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.405035][T12784] selinux_netlink_send: 3 callbacks suppressed
[  193.405051][T12784] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12784 comm=syz.3.3449
[  193.783115][T12808] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3458'.
[  193.813969][ T8086] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.848670][T12808] loop1: detected capacity change from 0 to 256
[  193.946465][T12816] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12816 comm=syz.1.3462
[  194.127044][T12835] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3472'.
[  194.146269][T12835] loop5: detected capacity change from 0 to 256
[  194.199399][T10772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.204468][T12838] loop1: detected capacity change from 0 to 1024
[  194.223608][T12841] FAULT_INJECTION: forcing a failure.
[  194.223608][T12841] name failslab, interval 1, probability 0, space 0, times 0
[  194.236332][T12841] CPU: 1 UID: 0 PID: 12841 Comm: syz.0.3465 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  194.246813][T12841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  194.256889][T12841] Call Trace:
[  194.260186][T12841]  <TASK>
[  194.263140][T12841]  dump_stack_lvl+0xf2/0x150
[  194.267760][T12841]  dump_stack+0x15/0x20
[  194.272013][T12841]  should_fail_ex+0x223/0x230
[  194.276719][T12841]  should_failslab+0x8f/0xb0
[  194.281413][T12841]  kmem_cache_alloc_noprof+0x52/0x320
[  194.286846][T12841]  ? skb_clone+0x154/0x1f0
[  194.291316][T12841]  skb_clone+0x154/0x1f0
[  194.295611][T12841]  __netlink_deliver_tap+0x2bd/0x4f0
[  194.298449][T12847] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12847 comm=syz.2.3474
[  194.300914][T12841]  netlink_unicast+0x64a/0x670
[  194.300948][T12841]  netlink_sendmsg+0x5cc/0x6e0
[  194.301011][T12841]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.301045][T12841]  __sock_sendmsg+0x140/0x180
[  194.333158][T12841]  ____sys_sendmsg+0x312/0x410
[  194.337965][T12841]  __sys_sendmsg+0x19d/0x230
[  194.342644][T12841]  __x64_sys_sendmsg+0x46/0x50
[  194.347433][T12841]  x64_sys_call+0x2734/0x2dc0
[  194.352261][T12841]  do_syscall_64+0xc9/0x1c0
[  194.356825][T12841]  ? clear_bhb_loop+0x55/0xb0
[  194.361563][T12841]  ? clear_bhb_loop+0x55/0xb0
[  194.366329][T12841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.372267][T12841] RIP: 0033:0x7f54de770849
[  194.376714][T12841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.396377][T12841] RSP: 002b:00007f54dcde7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.404842][T12841] RAX: ffffffffffffffda RBX: 00007f54de935fa0 RCX: 00007f54de770849
[  194.412857][T12841] RDX: 0000000004000040 RSI: 0000000020000080 RDI: 0000000000000006
[  194.420856][T12841] RBP: 00007f54dcde70a0 R08: 0000000000000000 R09: 0000000000000000
[  194.428978][T12841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.437114][T12841] R13: 0000000000000000 R14: 00007f54de935fa0 R15: 00007fffc3229128
[  194.445210][T12841]  </TASK>
[  194.469314][T12838] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.487998][T12830] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: inode #11: comm syz.1.3469: missing EA_INODE flag
[  194.506965][T12830] EXT4-fs (loop1): Remounting filesystem read-only
[  194.514330][T12830] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  194.523384][T12830] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  194.679497][T12865] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3483'.
[  194.693899][T12867] loop2: detected capacity change from 0 to 1024
[  194.719336][T12865] loop3: detected capacity change from 0 to 256
[  194.727545][T12867] EXT4-fs: Ignoring removed orlov option
[  194.733451][T12867] EXT4-fs: Ignoring removed nomblk_io_submit option
[  194.769949][T12871] FAULT_INJECTION: forcing a failure.
[  194.769949][T12871] name failslab, interval 1, probability 0, space 0, times 0
[  194.782836][T12871] CPU: 0 UID: 0 PID: 12871 Comm: syz.0.3486 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  194.793301][T12871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  194.803371][T12871] Call Trace:
[  194.806673][T12871]  <TASK>
[  194.809704][T12871]  dump_stack_lvl+0xf2/0x150
[  194.814326][T12871]  dump_stack+0x15/0x20
[  194.818506][T12871]  should_fail_ex+0x223/0x230
[  194.823231][T12871]  should_failslab+0x8f/0xb0
[  194.827907][T12871]  kmem_cache_alloc_noprof+0x52/0x320
[  194.833304][T12871]  ? skb_clone+0x154/0x1f0
[  194.837749][T12871]  skb_clone+0x154/0x1f0
[  194.842100][T12871]  __netlink_deliver_tap+0x2bd/0x4f0
[  194.847432][T12871]  netlink_unicast+0x64a/0x670
[  194.852280][T12871]  netlink_sendmsg+0x5cc/0x6e0
[  194.857134][T12871]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.862604][T12871]  __sock_sendmsg+0x140/0x180
[  194.867385][T12871]  ____sys_sendmsg+0x312/0x410
[  194.872184][T12871]  __sys_sendmsg+0x19d/0x230
[  194.876842][T12871]  __x64_sys_sendmsg+0x46/0x50
[  194.881666][T12871]  x64_sys_call+0x2734/0x2dc0
[  194.886490][T12871]  do_syscall_64+0xc9/0x1c0
[  194.891106][T12871]  ? clear_bhb_loop+0x55/0xb0
[  194.895806][T12871]  ? clear_bhb_loop+0x55/0xb0
[  194.900506][T12871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.906467][T12871] RIP: 0033:0x7f54de770849
[  194.910952][T12871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.930713][T12871] RSP: 002b:00007f54dcde7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.939190][T12871] RAX: ffffffffffffffda RBX: 00007f54de935fa0 RCX: 00007f54de770849
[  194.945284][T12873] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12873 comm=syz.3.3487
[  194.947166][T12871] RDX: 0000000000000000 RSI: 0000000020006040 RDI: 0000000000000005
[  194.947185][T12871] RBP: 00007f54dcde70a0 R08: 0000000000000000 R09: 0000000000000000
[  194.975576][T12871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.983562][T12871] R13: 0000000000000000 R14: 00007f54de935fa0 R15: 00007fffc3229128
[  194.991587][T12871]  </TASK>
[  194.997840][T12867] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.072920][T12883] loop3: detected capacity change from 0 to 512
[  195.079648][T12883] EXT4-fs: Ignoring removed i_version option
[  195.085767][T12883] EXT4-fs: Ignoring removed nomblk_io_submit option
[  195.098964][T12883] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  195.107033][T12883] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=f840e11c, mo2=0003]
[  195.115176][T12883] System zones: 0-1, 15-15, 18-18, 34-34
[  195.121125][T12883] EXT4-fs (loop3): orphan cleanup on readonly fs
[  195.124265][T11399] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.127587][T12883] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  195.151210][T12883] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  195.170592][T12883] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3490: bg 0: block 40: padding at end of block bitmap is not set
[  195.190613][T12883] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  195.202139][T12883] EXT4-fs (loop3): 1 truncate cleaned up
[  195.208219][T12883] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  195.264454][T11940] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.330757][T12901] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3497'.
[  195.349970][T12907] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12907 comm=syz.5.3499
[  195.376002][T12901] loop1: detected capacity change from 0 to 256
[  195.446309][T12918] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3504'.
[  195.475943][T12920] xt_CT: You must specify a L4 protocol and not use inversions on it
[  195.541715][T12926] loop1: detected capacity change from 0 to 1024
[  195.562962][T10772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.584384][T12928] loop3: detected capacity change from 0 to 2048
[  195.601844][T12926] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.628971][T12926] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: inode #11: comm syz.1.3503: missing EA_INODE flag
[  195.641364][T12928] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.663319][T12936] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12936 comm=syz.5.3510
[  195.695488][T12926] EXT4-fs (loop1): Remounting filesystem read-only
[  195.695616][T12938] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  195.729783][T12938] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  195.804440][T11940] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.814958][T12944] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3513'.
[  195.844469][T12944] loop2: detected capacity change from 0 to 256
[  195.916459][T12952] FAULT_INJECTION: forcing a failure.
[  195.916459][T12952] name failslab, interval 1, probability 0, space 0, times 0
[  195.929303][T12952] CPU: 0 UID: 0 PID: 12952 Comm: syz.5.3516 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  195.939770][T12952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  195.949969][T12952] Call Trace:
[  195.953266][T12952]  <TASK>
[  195.956304][T12952]  dump_stack_lvl+0xf2/0x150
[  195.960975][T12952]  dump_stack+0x15/0x20
[  195.965212][T12952]  should_fail_ex+0x223/0x230
[  195.970017][T12952]  ? rtnl_newlink+0x5d/0x1200
[  195.974723][T12952]  should_failslab+0x8f/0xb0
[  195.979349][T12952]  __kmalloc_cache_noprof+0x4e/0x320
[  195.984729][T12952]  ? __pfx_rtnl_newlink+0x10/0x10
[  195.989786][T12952]  rtnl_newlink+0x5d/0x1200
[  195.994339][T12952]  ? free_unref_page_commit+0x67/0x270
[  195.999837][T12952]  ? x86_call_depth_emit_accounting+0xe2/0x1f0
[  196.006015][T12952]  ? xas_load+0x3ae/0x3d0
[  196.010505][T12952]  ? xas_load+0x3ae/0x3d0
[  196.014925][T12952]  ? __rcu_read_unlock+0x4e/0x70
[  196.019962][T12952]  ? xa_load+0xb9/0xe0
[  196.024049][T12952]  ? memcg_list_lru_alloc+0xce/0x4e0
[  196.029429][T12952]  ? __memcg_slab_free_hook+0xc9/0x1e0
[  196.034940][T12952]  ? __rcu_read_unlock+0x4e/0x70
[  196.039939][T12952]  ? avc_has_perm_noaudit+0x1cc/0x210
[  196.045322][T12952]  ? selinux_capable+0x1f2/0x260
[  196.050279][T12952]  ? security_capable+0x81/0x90
[  196.055214][T12952]  ? ns_capable+0x7d/0xb0
[  196.059585][T12952]  ? __pfx_rtnl_newlink+0x10/0x10
[  196.064631][T12952]  rtnetlink_rcv_msg+0x651/0x710
[  196.069740][T12952]  ? ref_tracker_free+0x3a5/0x410
[  196.074795][T12952]  ? __dev_queue_xmit+0x186/0x2090
[  196.080142][T12952]  netlink_rcv_skb+0x12c/0x230
[  196.084948][T12952]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  196.090425][T12952]  rtnetlink_rcv+0x1c/0x30
[  196.094940][T12952]  netlink_unicast+0x599/0x670
[  196.099751][T12952]  netlink_sendmsg+0x5cc/0x6e0
[  196.104533][T12952]  ? __pfx_netlink_sendmsg+0x10/0x10
[  196.109831][T12952]  __sock_sendmsg+0x140/0x180
[  196.114620][T12952]  ____sys_sendmsg+0x312/0x410
[  196.119456][T12952]  __sys_sendmsg+0x19d/0x230
[  196.124072][T12952]  __x64_sys_sendmsg+0x46/0x50
[  196.128937][T12952]  x64_sys_call+0x2734/0x2dc0
[  196.133672][T12952]  do_syscall_64+0xc9/0x1c0
[  196.138184][T12952]  ? clear_bhb_loop+0x55/0xb0
[  196.142956][T12952]  ? clear_bhb_loop+0x55/0xb0
[  196.147720][T12952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.153707][T12952] RIP: 0033:0x7f2a335f0849
[  196.158124][T12952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.177740][T12952] RSP: 002b:00007f2a31c67058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.186161][T12952] RAX: ffffffffffffffda RBX: 00007f2a337b5fa0 RCX: 00007f2a335f0849
[  196.194313][T12952] RDX: 0000000000000810 RSI: 0000000020000280 RDI: 0000000000000005
[  196.202349][T12952] RBP: 00007f2a31c670a0 R08: 0000000000000000 R09: 0000000000000000
[  196.210333][T12952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.218318][T12952] R13: 0000000000000000 R14: 00007f2a337b5fa0 R15: 00007ffc750a6218
[  196.226314][T12952]  </TASK>
[  196.326809][T12966] loop3: detected capacity change from 0 to 1024
[  196.333555][T12966] EXT4-fs: Ignoring removed orlov option
[  196.339325][T12966] EXT4-fs: Ignoring removed nomblk_io_submit option
[  196.363018][T12967] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12967 comm=syz.2.3522
[  196.456939][T12969] loop5: detected capacity change from 0 to 8192
[  196.495394][T12975] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3528'.
[  196.509658][T12975] loop2: detected capacity change from 0 to 256
[  196.518266][T12969]  loop5: p2 p4[EZD]
[  196.522387][T12969] loop5: p2 size 2130728454 extends beyond EOD, truncated
[  196.530970][T12969] loop5: p4 size 65536 extends beyond EOD, truncated
[  196.551942][T12966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.586094][T11399] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.607206][T12982] FAULT_INJECTION: forcing a failure.
[  196.607206][T12982] name failslab, interval 1, probability 0, space 0, times 0
[  196.619924][T12982] CPU: 1 UID: 0 PID: 12982 Comm: syz.2.3531 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  196.630434][T12982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  196.640524][T12982] Call Trace:
[  196.643892][T12982]  <TASK>
[  196.646846][T12982]  dump_stack_lvl+0xf2/0x150
[  196.651650][T12982]  dump_stack+0x15/0x20
[  196.655853][T12982]  should_fail_ex+0x223/0x230
[  196.660628][T12982]  ? sctp_add_bind_addr+0x6f/0x1e0
[  196.665804][T12982]  should_failslab+0x8f/0xb0
[  196.670517][T12982]  __kmalloc_cache_noprof+0x4e/0x320
[  196.675820][T12982]  sctp_add_bind_addr+0x6f/0x1e0
[  196.680828][T12982]  sctp_copy_local_addr_list+0x19b/0x220
[  196.686474][T12982]  sctp_copy_one_addr+0x83/0x410
[  196.691441][T12982]  sctp_bind_addr_copy+0x81/0x2b0
[  196.696528][T12982]  sctp_assoc_set_bind_addr_from_ep+0xc0/0xd0
[  196.702682][T12982]  sctp_connect_new_asoc+0x1d0/0x3b0
[  196.707979][T12982]  sctp_sendmsg+0xf05/0x1920
[  196.712631][T12982]  ? __pfx_sctp_sendmsg+0x10/0x10
[  196.717690][T12982]  inet_sendmsg+0xc5/0xd0
[  196.722029][T12982]  __sock_sendmsg+0x102/0x180
[  196.726721][T12982]  ____sys_sendmsg+0x312/0x410
[  196.731500][T12982]  __sys_sendmsg+0x19d/0x230
[  196.736215][T12982]  __x64_sys_sendmsg+0x46/0x50
[  196.740980][T12982]  x64_sys_call+0x2734/0x2dc0
[  196.745797][T12982]  do_syscall_64+0xc9/0x1c0
[  196.750361][T12982]  ? clear_bhb_loop+0x55/0xb0
[  196.755229][T12982]  ? clear_bhb_loop+0x55/0xb0
[  196.759971][T12982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.765916][T12982] RIP: 0033:0x7f0632af0849
[  196.770335][T12982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.790168][T12982] RSP: 002b:00007f0631167058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.798611][T12982] RAX: ffffffffffffffda RBX: 00007f0632cb5fa0 RCX: 00007f0632af0849
[  196.806664][T12982] RDX: 0000000000000060 RSI: 0000000020000380 RDI: 0000000000000003
[  196.814718][T12982] RBP: 00007f06311670a0 R08: 0000000000000000 R09: 0000000000000000
[  196.822754][T12982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.830735][T12982] R13: 0000000000000000 R14: 00007f0632cb5fa0 R15: 00007ffcf1ae9958
[  196.838753][T12982]  </TASK>
[  196.874214][T11940] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.886985][T12992] bridge0: port 3(vlan2) entered blocking state
[  196.893368][T12992] bridge0: port 3(vlan2) entered disabled state
[  196.905836][T12992] vlan2: entered allmulticast mode
[  196.915460][T12992] vlan2: left allmulticast mode
[  196.978488][T13001] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13001 comm=syz.3.3538
[  197.091391][T13009] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3542'.
[  197.129106][T13016] loop2: detected capacity change from 0 to 1024
[  197.153954][T13009] loop5: detected capacity change from 0 to 256
[  197.172625][T13016] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.196197][T13016] EXT4-fs error (device loop2): ext4_xattr_inode_iget:440: inode #11: comm syz.2.3540: missing EA_INODE flag
[  197.230251][T13016] EXT4-fs (loop2): Remounting filesystem read-only
[  197.258357][T13025] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  197.279779][T13025] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  197.316781][T13029] loop0: detected capacity change from 0 to 1024
[  197.323949][T13029] EXT4-fs: Ignoring removed orlov option
[  197.329811][T13029] EXT4-fs: Ignoring removed nomblk_io_submit option
[  197.382043][T13029] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.456739][T13044] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13044 comm=syz.3.3554
[  197.485047][T11249] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.538385][T13052] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3558'.
[  197.562036][T13055] loop0: detected capacity change from 0 to 128
[  197.579398][T13052] loop3: detected capacity change from 0 to 256
[  197.590435][T13055] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (16076!=39978)
[  197.608037][T13055] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  197.662101][T13055] lo speed is unknown, defaulting to 1000
[  197.668214][T13055] lo speed is unknown, defaulting to 1000
[  197.674502][T13055] lo speed is unknown, defaulting to 1000
[  197.755019][T11249] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  197.775028][T13068] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13068 comm=syz.5.3566
[  197.836394][T13072] loop5: detected capacity change from 0 to 1024
[  197.844958][T10772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.856698][T13072] EXT4-fs: Ignoring removed orlov option
[  197.862463][T13072] EXT4-fs: Ignoring removed nomblk_io_submit option
[  197.892309][T13072] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.940154][   T29] kauditd_printk_skb: 878 callbacks suppressed
[  197.940174][   T29] audit: type=1326 audit(1867175316.479:19410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13081 comm="syz.2.3571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  197.987641][   T29] audit: type=1326 audit(1867175316.479:19411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13081 comm="syz.2.3571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  197.990860][T13082] loop2: detected capacity change from 0 to 256
[  198.011263][   T29] audit: type=1326 audit(1867175316.479:19412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13081 comm="syz.2.3571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  198.041715][   T29] audit: type=1326 audit(1867175316.479:19413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13081 comm="syz.2.3571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  198.065582][   T29] audit: type=1326 audit(1867175316.479:19414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13081 comm="syz.2.3571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  198.089207][   T29] audit: type=1326 audit(1867175316.479:19415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13081 comm="syz.2.3571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  198.112850][   T29] audit: type=1326 audit(1867175316.479:19416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13081 comm="syz.2.3571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  198.136821][   T29] audit: type=1326 audit(1867175316.479:19417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13081 comm="syz.2.3571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0632aef1b0 code=0x7ffc0000
[  198.160420][   T29] audit: type=1326 audit(1867175316.479:19418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13081 comm="syz.2.3571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0632aef1b0 code=0x7ffc0000
[  198.184041][   T29] audit: type=1326 audit(1867175316.479:19419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13081 comm="syz.2.3571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0632af0849 code=0x7ffc0000
[  198.281510][ T8086] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.331398][T13105] ==================================================================
[  198.339521][T13105] BUG: KCSAN: data-race in hrtimer_interrupt / print_tickdevice
[  198.347191][T13105] 
[  198.349536][T13105] write to 0xffff888237c1c218 of 8 bytes by interrupt on cpu 0:
[  198.357196][T13105]  hrtimer_interrupt+0x80/0x4a0
[  198.362068][T13105]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  198.368020][T13105]  sysvec_apic_timer_interrupt+0x6e/0x80
[  198.373734][T13105]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  198.379763][T13105]  kcsan_setup_watchpoint+0x404/0x410
[  198.385179][T13105]  batadv_nc_purge_paths+0x5a/0x270
[  198.390401][T13105]  batadv_nc_worker+0x402/0xad0
[  198.395278][T13105]  process_scheduled_works+0x483/0x9a0
[  198.400770][T13105]  worker_thread+0x51d/0x6f0
[  198.405375][T13105]  kthread+0x1d1/0x210
[  198.409463][T13105]  ret_from_fork+0x4b/0x60
[  198.413904][T13105]  ret_from_fork_asm+0x1a/0x30
[  198.418693][T13105] 
[  198.421025][T13105] read to 0xffff888237c1c218 of 8 bytes by task 13105 on cpu 1:
[  198.428670][T13105]  print_tickdevice+0x144/0x340
[  198.433542][T13105]  timer_list_show+0x79/0x180
[  198.438246][T13105]  seq_read_iter+0x655/0x930
[  198.442855][T13105]  proc_reg_read_iter+0x118/0x190
[  198.447904][T13105]  copy_splice_read+0x3a0/0x5d0
[  198.452780][T13105]  splice_direct_to_actor+0x269/0x670
[  198.458174][T13105]  do_splice_direct+0xd7/0x150
[  198.462959][T13105]  do_sendfile+0x398/0x660
[  198.467386][T13105]  __x64_sys_sendfile64+0x110/0x150
[  198.472623][T13105]  x64_sys_call+0xfbd/0x2dc0
[  198.477232][T13105]  do_syscall_64+0xc9/0x1c0
[  198.481757][T13105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.487674][T13105] 
[  198.489998][T13105] value changed: 0x0000002e2d7bf4a8 -> 0x0000002e2d89a9bd
[  198.497111][T13105] 
[  198.499437][T13105] Reported by Kernel Concurrency Sanitizer on:
[  198.505626][T13105] CPU: 1 UID: 0 PID: 13105 Comm: syz.2.3579 Not tainted 6.12.0-syzkaller-10740-g509f806f7f70 #0
[  198.516073][T13105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  198.526149][T13105] ==================================================================
[  198.667433][T13111] loop2: detected capacity change from 0 to 1024
[  198.682720][T13111] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.697850][T13111] EXT4-fs error (device loop2): ext4_xattr_inode_iget:440: inode #11: comm syz.2.3579: missing EA_INODE flag
[  198.709658][T13111] EXT4-fs (loop2): Remounting filesystem read-only
[  198.718316][T13111] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  198.727305][T13111] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  198.982613][T10772] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.