last executing test programs:

3.907536528s ago: executing program 2 (id=250):
r0 = perf_event_open(&(0x7f0000000380)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x200, 0x0, 0x0, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, r0, 0x3)

3.877671539s ago: executing program 2 (id=252):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000100)='kmem_cache_free\x00', r3, 0x0, 0x1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='block_bio_remap\x00', r5}, 0x18)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)

2.940632144s ago: executing program 2 (id=259):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000380)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@nouid32}]}, 0xfd, 0x269, &(0x7f0000000780)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEkpvTXssvYReWgo9pW0O6aXQhh4aemgPW3Znt2ySDW33b9n5fGCYmbz35r0J832zLMxsAJk1GRGzEZGPiKmIKEZE0lrh7XSZbOxulLYXI6rVL+4m9XrpfqrZbiIiKhHxUUShWba29c3e/Z3P3vtjtfju/1tflwZ1fq3293Y/P/h3/vczcx+uXb56ez6J2Sg3ylrPo5eSNn8rJBGv9KOz50RSGPYIeBoLv56+Vsv9qxHxTj3/xcg1IvvnygsXivHBPye1/evOldcHOVag96rVYu0eWKkCmZOLiHIkuemISLdzuenp9DP89fx47qfllV+mflxeXfph2DMV0CvlSHY/PTd2duJI/m/l0/wDo6scsfvlwuaN2vZBftijAfqm9dv2N9JVLf9T362/H/IPmSP/kF3yD9kl/zACOsyu/EN2dZP/F/s0JmAw3P9hhBWbG5W2xfIP2SX/MKL+a/fU6WHyD9nVmn8AIFuqY8N+AhkYlmHPPwAAAAAAAAAAAAAAAAAAwHEbpe3F5jKoPi/+HbH/SUQU2vWfr/8ecfNt4+P3klq1x5K0WVe+favLA3TpVM+evi511Oqlm73qvzOX3uzPcX87vHviP2d9KaJSqzxTKBy//pLG9de5l59QXvy+yw6e0dG3An781WD7P+rh5nD7n9uJOF+bf2bazT+5eK2+bj//lFtfsdyhnx90eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG5lEAAAD//4oibec=")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000001c0), &(0x7f00000002c0)=0x8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=ANY=[], 0x44}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r4, 0x10, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004024)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x10, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r9}, 0x10)
sendmsg$rds(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f00000012c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {&(0x7f0000001080)=""/148, 0x94}, &(0x7f0000000080)=[{&(0x7f0000001140)=""/102, 0x66}], 0x1, 0x60, 0xffffffff00000001}}], 0x48, 0x8005}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r10, 0x0, 0x0)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r11 = socket$inet_udp(0x2, 0x2, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x2, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000080000000000000000000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000857f0000000000000023c8d8ad025f8aa1418d4ac3d147"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r12, 0x0, 0xffffffff}, 0x18)
setsockopt$IPT_SO_SET_REPLACE(r11, 0x0, 0x40, &(0x7f0000002480)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548)

2.622372039s ago: executing program 2 (id=268):
r0 = syz_io_uring_setup(0xa0a, &(0x7f0000000200)={0x0, 0x7973, 0x0, 0x3}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
r3 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x6d89, 0x400, 0x40000, 0x115}, &(0x7f0000000400)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x4, 0x224}, &(0x7f0000000040)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x81, 0x8, 0x1, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x11c, &(0x7f00000001c0)=0x7f, 0x0, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x110, &(0x7f0000000080)=0x400, 0x0, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x1, r8, 0x0, 0x0, 0x0, 0x40000000, 0x0, {0x2}})
io_uring_enter(r3, 0x8aa, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)
r9 = socket$inet6(0xa, 0x3, 0x8)
sendmmsg$inet6(r9, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7}, 0x1c, 0x0, 0x0, &(0x7f00000004c0)=ANY=[], 0x28}}], 0x1, 0x20000000)
r10 = syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f00000000c0), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
r11 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073000000950a82f353a73ee4572b53b4e43dac8c7138593723e919b0b1384d81ba93a098e98e17b6a5bab6ec54ed4e9e73a422dbe4778ef56dd2a57bacf046aae6a5ae9da86e0f266015dc382f8e1bfa4e00a4d260c0607149a50af021c5193ac79f6a653bb39b152d04ac500d7a8c4468aa0ab38d214e97b13b18"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r12 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0x14, &(0x7f00000003c0)=ANY=[@ANYBLOB="10fb469b89701ea4e3a6e5c9b634bdee093e9e9c150400006fecb1feeb", @ANYRES32=r1, @ANYRESDEC=r10], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r13 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r13, 0x0, 0xca, &(0x7f0000000140)={0x5, 0x1, 0xc, 0x2, @vifc_lcl_addr=@rand_addr=0x64010102, @broadcast}, 0x10)
setsockopt$MRT_FLUSH(r13, 0x0, 0xd4, &(0x7f0000000040)=0x8, 0x4)
r14 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x25, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r14, @ANYRESOCT], 0x0, 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYRES32=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
write$binfmt_register(r11, &(0x7f0000000140)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x2007, 0x3a, 'M', 0x3a, '\x84\xa3\xea\xd6O\x89|\xeb\x80\xf0\xe96\xf4`&\xd4E\xe7L\x82n;H\xd8\xdf\x9a, \\E\xd4\xab\x1ed', 0x3a, './file2', 0x3a, [0x46]}, 0x4b)
r15 = syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1258438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRES64=r11, @ANYRESHEX, @ANYRES8=r15], 0x48)

2.302689533s ago: executing program 1 (id=274):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x17, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b70400000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRES8=r2, @ANYRES32=r1, @ANYRES8=r2, @ANYRES8=r0], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000180)={0x80, 0x4000000, 0x3, 0x7, 0x1c27, 0x3fffffc})
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'bond0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x42082)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, @perf_config_ext={0x9, 0xfffffffffffffff9}, 0x100002, 0x0, 0xfffffffd, 0x3, 0x3, 0x3, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18e5bdd4003bb4b98295bd2bd20000", @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETQUEUE(r7, 0x400454d9, &(0x7f0000000280)={'veth1_to_bridge\x00', 0x400})
close(r7)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000c"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r8}, &(0x7f0000000300), &(0x7f0000000340)}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x18)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000000301010100000084cb02de000a0000010c001980080002000c08000004"], 0x24}, 0x1, 0x0, 0x0, 0x2400c045}, 0x20000800)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000200))

2.199771605s ago: executing program 2 (id=275):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB, @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',debug=0x0000000000000007,access=user,noextend,', @ANYRESDEC=0x0])

1.938253559s ago: executing program 4 (id=277):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace(0x4207, r1)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r4=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1b942ee3, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=<r7=>r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000201000085000000430000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r8=>0x0})
unshare(0x24020400)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r9, 0x0, 0x60, 0x0, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYRES8=r3, @ANYRESHEX=r9, @ANYRESOCT=r0, @ANYRESHEX=r7], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000005c0)='kmem_cache_free\x00', r11, 0x0, 0xfffffffffffeffff}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa08344, &(0x7f0000000200)={[{@nojournal_checksum}, {@nodioread_nolock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@quota}, {@usrjquota}, {@oldalloc}, {@resuid={'resuid', 0x3d, 0xee01}}]}, 0x2, 0x44a, &(0x7f0000000880)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
open_tree(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})

1.9097486s ago: executing program 1 (id=279):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

1.728313252s ago: executing program 0 (id=281):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read(r3, &(0x7f0000000040)=""/148, 0xffffff96)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000700000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec85"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000003c0)='sched_switch\x00', r4, 0x0, 0x3}, 0x18)
io_submit(0x0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000300)={0x84, @loopback, 0x4e22, 0x1, 'nq\x00', 0x0, 0x10000}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r2, 0x0, 0x483, &(0x7f0000001280)={0x20000000000084, @local, 0x0, 0x1, 'none\x00', 0x20}, 0x2c)

1.678590523s ago: executing program 1 (id=282):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0x24089, 0x80, 0x3}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r0, 0x47f6, 0xb277, 0x0, 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
io_pgetevents(r3, 0x7, 0x4e, &(0x7f0000000440)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="160000000000490009000000ff01000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x66, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)

1.521470976s ago: executing program 3 (id=285):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd885000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2ab}, 0x18)
r1 = io_uring_setup(0x25d8, &(0x7f0000000440)={0x0, 0xdf05, 0x2, 0x1002})
r2 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
listen(r2, 0x101)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)

1.407247568s ago: executing program 0 (id=286):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000680)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = syz_io_uring_setup(0x49f, &(0x7f0000000940)={0x0, 0x7077, 0x0, 0x8, 0x288}, 0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0xc54, 0xc993, 0x1, 0x0, 0x0)
io_uring_enter(r2, 0x3516, 0x300, 0x0, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x10, 0x8}, 0x8000, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f0000000140)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2d, 0x71}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x80})
r4 = socket$kcm(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='xprt_reserve\x00', r6, 0x0, 0xbc}, 0x18)
sync()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='mmap_lock_acquire_returned\x00', r6}, 0x10)
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0xd18c9b60, &(0x7f0000000080)=[{&(0x7f0000000100)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='[\x00')
sendmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmsg$unix(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x1400}, 0x2142)

1.407072188s ago: executing program 4 (id=287):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r2, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x5f0e, @local, 0x9}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x6, 0x10, &(0x7f0000000580)=ANY=[@ANYRESOCT=r0, @ANYRES16=r2, @ANYRESOCT=r0], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r3}, 0x18)
r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r5, 0x2)
socket$nl_rdma(0x10, 0x3, 0x14)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x10)
pread64(r5, &(0x7f00000000c0)=""/238, 0xee, 0x9)
close_range(r4, 0xffffffffffffffff, 0x0)

1.382393828s ago: executing program 3 (id=288):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000a50000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8f, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000040)='./file0\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newlink={0x3c, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r6, 0x5120b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r6}]}}}]}, 0x3c}}, 0x4000010)
sendmmsg$inet(r4, &(0x7f00000008c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @empty, @multicast1}}}], 0x20}}, {{&(0x7f0000000200)={0x2, 0x4e20, @local}, 0x10, 0x0, 0x0, &(0x7f0000000a00)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x3, 0x8c}]}}}], 0x18}}], 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
setgroups(0x0, 0x0)
getgroups(0x0, 0x0)

1.327844149s ago: executing program 3 (id=289):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000540), &(0x7f0000000500)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
personality(0x40000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYRES64=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @cgroup_device=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_int(r3, 0x1, 0x2, &(0x7f0000000080)=0x5, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000380)=ANY=[@ANYBLOB="0180c200000000000000000086dd600107000048110120010000000000000000000000000001ff02000000000000000000000000000100000e22004890780300000004000000e4574f9d3c5e7228020f5f1a296ebd2c3bbadb735eeb8cf520487988bca1150e96992f4fcc6c008ca257143847b6da45ad42d5cce94cda59"], 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000000)={[{@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r6 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r6, 0x0, 0x0, 0x1100f4)
socket$inet6(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000007c0)='sctp_probe_path\x00', r6}, 0x18)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r10=>0x0})
sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000580)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01000000000000000000010000000c00018008000100", @ANYRES32=r10, @ANYBLOB="b5a0c5b3d703615907212673446765d03934d8f59841c9547ccacebaab2870af4f93cd20ed2ad1bb5ab2a6b343bb136a89fd600c0757ebbafe8913e2b56250a046d5f4a1ffc2b456ccabd2484909997b5dc230a169e7e1246caa9f4abdac00a2e70bdc3b68e77f2419bfe05dbd115de07638098685bf7a97e329f23717ed135d4210882a7569b94be0e5016acd8f55e0dd361aaad6c4d3c2dd9dec151f98853a4a75e31631117bb3098ff11aaf127d867f909da2523afa70e0765e64c5f5c1fbbf29cc365e"], 0x20}}, 0x8040)
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.317805009s ago: executing program 1 (id=290):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace(0x4207, r1)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r4=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1b942ee3, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r7=>r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r8=>0x0})
unshare(0x24020400)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r9, 0x0, 0x60, 0x0, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYRES8=r3, @ANYRESHEX=r9, @ANYRESOCT=r0, @ANYRESHEX=r7], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000005c0)='kmem_cache_free\x00', r11, 0x0, 0xfffffffffffeffff}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa08344, &(0x7f0000000200)={[{@nojournal_checksum}, {@nodioread_nolock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@quota}, {@usrjquota}, {@oldalloc}, {@resuid={'resuid', 0x3d, 0xee01}}]}, 0x2, 0x44a, &(0x7f0000000880)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
open_tree(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})

1.196688591s ago: executing program 2 (id=291):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace(0x4207, r1)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r4=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1b942ee3, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r7=>r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000201000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r8=>0x0})
unshare(0x24020400)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r9, 0x0, 0x60, 0x0, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYRES8=r3, @ANYRESHEX=r9, @ANYRESOCT=r0, @ANYRESHEX=r7], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000005c0)='kmem_cache_free\x00', r11, 0x0, 0xfffffffffffeffff}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa08344, &(0x7f0000000200)={[{@nojournal_checksum}, {@nodioread_nolock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@quota}, {@usrjquota}, {@oldalloc}, {@resuid={'resuid', 0x3d, 0xee01}}]}, 0x2, 0x44a, &(0x7f0000000880)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
open_tree(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})

1.196376461s ago: executing program 4 (id=292):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYRESHEX=r0], 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r3=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000100)={r3, 0x2, 0x6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
set_robust_list(0x0, 0x0)
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @random="0b65c01cd7d3"}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x198)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0))
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
getresgid(&(0x7f0000000c40), &(0x7f0000000340), &(0x7f0000000240)) (fail_nth: 6)

1.195957491s ago: executing program 0 (id=293):
bpf$MAP_CREATE(0x500000000000000, &(0x7f0000001fc0)=ANY=[@ANYBLOB="1900"], 0x48)

1.083718843s ago: executing program 32 (id=291):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace(0x4207, r1)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r4=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1b942ee3, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r7=>r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000201000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r8=>0x0})
unshare(0x24020400)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r9, 0x0, 0x60, 0x0, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYRES8=r3, @ANYRESHEX=r9, @ANYRESOCT=r0, @ANYRESHEX=r7], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000005c0)='kmem_cache_free\x00', r11, 0x0, 0xfffffffffffeffff}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa08344, &(0x7f0000000200)={[{@nojournal_checksum}, {@nodioread_nolock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@quota}, {@usrjquota}, {@oldalloc}, {@resuid={'resuid', 0x3d, 0xee01}}]}, 0x2, 0x44a, &(0x7f0000000880)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
open_tree(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})

926.186546ms ago: executing program 0 (id=295):
r0 = perf_event_open(&(0x7f0000000380)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x200, 0x0, 0x0, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, r0, 0x3)

923.393496ms ago: executing program 1 (id=296):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0x24089, 0x80, 0x3}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r0, 0x47f6, 0xb277, 0x0, 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
io_pgetevents(r3, 0x7, 0x4e, &(0x7f0000000440)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="160000000000490009000000ff01000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x66, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)

915.033215ms ago: executing program 0 (id=297):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0x24089, 0x80, 0x3}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r0, 0x47f6, 0xb277, 0x0, 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
io_pgetevents(r3, 0x7, 0x4e, &(0x7f0000000440)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="160000000000490009000000ff01000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x66, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)

868.289086ms ago: executing program 3 (id=298):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read(r3, &(0x7f0000000040)=""/148, 0xffffff96)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000700000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec85"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000003c0)='sched_switch\x00', r4, 0x0, 0x3}, 0x18)
io_submit(0x0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000300)={0x84, @loopback, 0x4e22, 0x1, 'nq\x00', 0x0, 0x10000}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r2, 0x0, 0x483, &(0x7f0000001280)={0x20000000000084, @local, 0x0, 0x1, 'none\x00', 0x20}, 0x2c)

797.583578ms ago: executing program 4 (id=299):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r3, @ANYBLOB="0000000a010000001800120008000100736974000c000200080003003688"], 0x38}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=@newlink={0x30, 0x10, 0x439, 0x70bd2a, 0xffffffea, {0x0, 0x0, 0xe403, r4, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8}, {0x4}}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040) (fail_nth: 6)

339.134125ms ago: executing program 4 (id=300):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0x24089, 0x80, 0x3}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0xb9, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r0, 0x47f6, 0xb277, 0x0, 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
io_pgetevents(r3, 0x7, 0x4e, &(0x7f0000000440)=[{}, {}, {}], &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="160000000000490009000000ff01000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x66, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)

298.168256ms ago: executing program 3 (id=301):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)={0x30, r1, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x17, {0x0, 0x0, @l2={'ib', 0x3a, 'gre0\x00'}}}}}, 0x30}}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="000000000200000000000000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000a4510000850000005700000095"], 0x0, 0xab, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r4, &(0x7f00000000c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x140d, 0x10, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x20040080}, 0x4)

150.449737ms ago: executing program 3 (id=302):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e000100"/20, @ANYRES32=r1, @ANYRES16], 0x1c}}, 0x10) (fail_nth: 6)

115.324058ms ago: executing program 1 (id=303):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003140)=[{{0x0, 0x0, &(0x7f0000001f00)=[{&(0x7f0000000e40)="74836a608a879c0f4933e2980e3c27227b44c5f674d374f685a7252ac48df7cbdb6cb4b24ef98291b83a501c8237790fe9dd1ab86749497a19e5823d8a30793254456ddc653c653fa808d834a5eb7d4d59ffb92952f1066a00bce07815b7b6d48a1722932d00dbdee09c36353b3109cdf5e573402fe43eed02728bedac7695eecc6592553d856ef5c81f3ac1aae42258794c093e644c10232030162346daaed7eb5035eeedc50977abe7153d2a693ed4a3808361052bbbd83cdd05d314de0d22a343bc438fb7d6cf3e96986d06662f1005a21a1a92a75cc0b9e59032f9cdeccd2d0ce9961ac063991b8adade53529e42a66e71cfe2898c62fea7a35048348ed3c1558f7dccf1d57ec1e04dce785f2b7d53a725bee3285c34c39c4bcfc7e78de0e2056ee113473335dff60475785116916d1f140a093a98912ab97185763da02e09aff786dabac1ecb508f44c729831afccd8127a432236ca799e232e24d6a432401121373560729431c07d280d5ddca29f8b090ba9fb342c0472dd41254696804d890335594dc908892b5b4141817d074e3d18f60fcc88a09d01167ebc34abe1fa88ad479b255fed991086555f6715611b75281c919e08295d7dce5a94354de0d3f9ab6a0ca20a76060b23caf7c18bf50d5cc1035f292394bf1be8640588918f692827dfdc1e4095c2b468a80b722b69e350e66c88c222bf1c357b3867d162e5e1d90777223b7dac6b9bd8fca2ee2019dbe35f7eb9f4562dd0d761adf16f1c2659aea0fe284602a4c188fae98d28f6bbe8c9928ecaa3ab282e4eb4480f8d26b1e38df368d808dc037350d13fd898638c1ffb13005709a6340fa4dec43307c7a53236399d02e03280fe5b37326b4bf920770607950aa957f73b56eb42b50428b80f533d57042b8cec67548f60789e557f5e68426b7ea3c7e2ed0c68e571bbb4d14dbb1a7e32750c30a97535bc6a398204e0b4b20038a2905fa97a899c0c153b9f783e08561d6d7ce9c593b20a8c9d0342c64639db4e4a900de891f9cf418caf585a9fb1fe88cd1febb3fadc934827e10adc73668c2bec4161c6d9d8af83b94916ba183fd4319139cea73173a5a2a5a50665643a0ca3de14b989706eecdbb010c45c9826ef368fc494c468446813208021c973c933a58507bc8a51baf3b77af624c8d15fad4e2d3cc7b2092c089baed0cd1f545cd6f1646bdaab17a11a74666c24e2af78dff22c8767155c7257235e851a4d57f51cc65e14f51c4a2afe1af92cdc25e5e71bdd3dde36ed40cb6393cc9696d7235e47929dbdb6a5d9d9059e19cd5e2e55ee1c25408f7deae259db7da26b81aa60365da1694085cfcda459930e6cc31501ece761aa36c12027a297f9e8b7da2b8149b251519a805ba3d5d850221e50ccc97b93281753193943d23b50be93fe957395c0ca116ebcedca7998c7f408dc938aba02b18ad9da724c2e3716981a658ce235d1723aba974c768c07dbef8678ff11cf46afae541ac5ac3a65ae67a51d201d9c8619592484afadcd4af0a4b0ea4af052a551e61bca70f2fac665e2e4d974ae3ee76f71ed58fc2e4194d9fd94b1a627cc7e116f11d67683144308947f4707422d31d4485a573e760963c74085dec9ed551d63c802d57e1633b82711b514a5b873b2be89660d84a188dbf1b97d7a23cb8b364f6ea031077718b19d01a6ed5942564525cb749e21c9a68ce245489db7e4fd383ed3e93ee006ff10a58c2fe3c91d97f790b8a271180c69589c21a0c72e68d84eddde3e01d5eb034e77a5a27cb80e34fa36f0fa4125a22944f60590e1b9b0f1c836d64217322286e3d24af8e991458af3a542ea8354fbe83a4d513893a39539523eef23802bff8019a5de324cbf39ec1e913fbb3cacbf7c7cf15ebfffbdd11c24543845d87e8b401671d2ae8d5db07d7e929248e1a348a17d80aff99ef1b3836f79a93f958a70d4e33a7f04fa15e1336f5c26289b46e470eff41958dce02e3163c199dd1ec083df1c8447624e529320fba36b848d27390aeb331d357de60465c2e0fb501916b1aa238ac1869dce80a17d9bba484c48a8928c170925889cd2224872ad328afb9321c9eb676096f5ad01c39652c906880b04190ad16855c9b03875356fef8fb2e470fc2432b878ea8daf6beb9b94e4dbaef0a1674403d1d2a72b593ac56de5237e7da7e662863b41f00e9332775c11e4d67c19f23e0d0eea7d2cec9ddb030baaf793e223052c6315ed478aa4d8707f2400d7d03bc32fff163acc1536e459f4807efacd3a855c55725392e635c3f432a2f724080a7aae411718b32f096c6dba2ed280b8169b1486812685f6aa34418b0b1777afd3c0f8030be528e31db140ee48814a1f56993678f97cb54abde61d8dcc8ecdcfc13531ac3fa53972e2be36f47f22ff6fce17f6a92c24ecd533ce544d47584683211e732dc49bffb3ecac90becf5dec9a2197512dcaca04f791cc04710105f7e80a704629834bca658c9928471cbcc32b2abfe50e0d3d63f7fe9b7c74313abf62b6a2addb4476c3ffd98ccc9c5bf3608da20d315d1428ed5025af648eafc90b5fec2fff3e1f3e284c661bb53c17e3e722a62122d62b8274bda4404d1b17144f2f04c3cc5bccee3b2568e2da456a284e4f76de40e70d4a34020530257e96a9c2f1d2ca661605641bc9bd78da275529dbf65203633f86a20b5971f3efc1b5160dcd0a4f2eb81bba79c3e6ceb46c8b8b301d8e050cb73df803b922d9edecadc4fd3c7d1598f44a16a0098202be9c180ca53fa26fc28f5dbd23cb052a9fda3d219f7f1fc8b5e85db094657f7263dfbe1b3c80022518890ff80b5bd91547d7a3404ce0b37974315cfc2dc6906eebc5f5e0227c2f6cbf98bda4466dd11026508026a8f7485f3ccb1273ff43f24fb49325db5e4a243d3f7c5ce6f35eb922d81544ed807897c896ce2f36705ffd58396022d093f6c74cc5f5eb2102bf9f2f213e471cfdf1f30f76ec8764f7a92d94cf00ff88107462bc3cb6e87c5926c0fdc6b5f45bcab6937ab0128f39a46fc8721548fd1451a9535905a70613f74d401989bffed243cd3560114ebcb38ea93474fe9ab948f930d236b244a562451d9c564dd86d635c6ce0bd0522f10a0d399e7bcd6e6ba89138c2da6b0b47dcfdd6cc773561943d15afb950b1d9a710ec2c3772e4ceacbddab61a344e360ee2a63e99c0fe6ef635cb0f40fa29246e37db290c1a038f59ee5fa379eaf26ead1146eaacaefbb753c3b0e3b16118ff3df617292c0705a6727f96770e3f0869effe493311469dfceb6c5f7f68976a04175b99df0b4ae0a8723188a210e9f66098332e022b02ca3a651ab99d660d764940b6868e59c7773efb0b4827b0d91d8429ea5bf545aa08013abfeac6160f97802cab7b32b38d9922a954e96cc4c5d7c43a7c89ca1e2d00c51208733dd8539724e62f5f5e69f556a1a3e5f4e9ee57363dd0317132e9829015ae0878fdf49e917f32e088ad00779cb801bcb2d34b21a5126d260c126ac3fa64182e9a640228f1707063a5bb4ea79f8b8b703367b31d8f387cb2695d1f27349ae5ba8ae40649ec6af188a68c0c4e2c8af927535a154db2661c71f0fd02fa07b154572addb912df3c844e1bc9ed6b4b14c4f802525374f075bc61c11c53cce143c812ffb53fc32766198464c8a574255b1727ec61a5812079fc23b773f4532284e9bf113c1b841b525dc6f9be7017c7bf1b8896e90925a633ee8724579f7f18f765a4029186eda52ff8292e4d44fa3d2edc99090e03568bf466200a35548ca3de102acd80355a9407fbabdb8722588d2396a5ff3b899e488346e9eeff8e8b349dbea0d6e8f86543bea1c8db9ec7b882909ebf7cdab930547afb8b0748abc72c9013cb72464dfb33354b1295d584800cf87869d7edbd07d0f88468b1e6d5d8679d5dce3d68c7c46b4cec0a5b9ed21ec1ede3deeb5c1bb98d92cd36a643e35a279aed569334181a70a37029ab8e79d0697359e58fecb7241e26188125e84123cde051d9a8bca2044e9786a88ef88e379a8e00a2c91ae98efa3649c0c2fe88a4e31c91e3372d5ccea58eb1d74cc48ef8e37b7248628b270df2c864a4b1a66d6ccf1b83cb6c484a2224e42905b0505fa5268a77fb1b10d08f57952e415c3f94e2f6299a3b1972a66e5aa34f000016803534160f99ccdd6a2cbb2c3b29ad078aec93f33d4f436549ffe88939cc7747c605c930a906c787c115ea6da9fcbd2148cfbabd4f88", 0xbba}], 0x1}}], 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x10004, &(0x7f00000000c0), 0x0, 0x4c0, &(0x7f0000000540)="$eJzs3d9rXFUeAPDvnWSStJ1u0t3C/njZbtvdLpTOZLKk0IVlW/ZhF9aC2D+gxmQaQyaZkJnUJBRM/wUVLfggIvjki6DvRcRXfRH1QXzxSRAtFRF8GJk7kzZNMklImkzNfD5wuPfcO5nvORnu+c6cSe4JoGudioiViOiLiGcjYrB1PGmVuNwsjcfdv3drvFGSqNevfZek5xv1WPMzDcdazzkQEc/8N+K5ZGPc6tLy9Fi5XJpv1Qu1mblCdWn5wtTM2GRpsjQ7Mjx6abR4sVgsPra+vvRj7venP7j8rzeeeuvjt99bXEzW9HdtP3ZrZZNjza5nI7fmWG9E/H+vwZ4QPa3+9HW6IexKJiJ+GxGn0+t/MHrSVxMAOMzq9cGoD66tAwCHXePzfy6STL41F5CLTCafb87hnYyjmXKlWjt/o7IwOxHpHNZQZDM3psql4dbc2VBkk0a9mO4/rI+sq/8jIk5ExCv9R9J6frxSnujkGx8A6GLH1uX/H/qb+R8AOOQGOt0AAODAyf8A0H3kfwDoPvI/AHQf+R8Auo/8DwDdR/4HgK7y9NWrjVJfvf/1xM2lhenKzQsTpep0fmZhPD9emZ/LT1Yqk+k9e2a2e75ypTJ3MWYXFgu1UrVWqC4tX5+pLMzWrqf39b5eyh5IrwCArZz4890vkohY+eeRtMSatRzkajjcMp1uANAxPZ1uANAxVvuC7uUzPrDJEr1rZNv/idCd3cc09wCdde6P5v+hW8nB0L3M/0P3Mv8P3ateT6z5DwBdZjdz/Jf34X0I0Dlbf/+/xS1C9vD9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPza5dKSZPKttcBzkcnk8xHHI2IossmNqXJpOCJ+ExGf92f7G/VipxsNAOxR5puktf7XucGzufVn+5Kf+tNtRLzw+rXXFsdqtfli4/j3D47X7rSOj3Si/QDAdlbz9GoeX3X/3q3x1XKQ7fn2SnNx0Y3xe6M33Q5ENiKO3k9a9abG+5WexxB/5XZE/GGz+EnkIo4MtVY+XR+/Efv4/sePh/Ezj8TPpOea28bv4nePoS3Qbe5eaS5ovvH6y8SpdLv59T+QjlB71378yzwY/3rajH+ndtrHjwb/1zb+7Yg/9W4+/qzGT9rEP7vD+F9Xvny53bn6mxHnNs0/ySOxCrWZuUJ1afnC1MzYZGmyNDsyPHpptHixWCwW0jnqwupM9Ub/fvWzF7fq/9E28Qe26f9fd9j/rz75z4d/2SL+389s/vqf3CJ+Iyf+bYfx3znz/vPtzjXiT7Tp/3av//kdxr/76bs/7/ChAMABqC4tT4+Vy6V5O3b2c6fvyWiGnZ3udHpkAvbbw4u+0y0BAAAAAAAAAAAAAADaOYh/J+p0HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi8fgkAAP//ZCDc4A==")
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x2)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000180)={0x2, &(0x7f0000000140)=[{0x7db5, 0xb, 0x8, 0x2}, {0x3, 0x4, 0x3, 0x6}]})
mkdir(&(0x7f00000001c0)='./file0\x00', 0x50)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'veth1_virt_wifi\x00', 0x1000})
preadv(r0, &(0x7f0000000500)=[{&(0x7f0000000240)=""/13, 0xd}, {&(0x7f0000000280)=""/83, 0x53}, {&(0x7f0000000300)=""/22, 0x16}, {&(0x7f0000000340)=""/230, 0xe6}, {&(0x7f0000000440)}, {&(0x7f0000000480)=""/124, 0x7c}], 0x6, 0xab5, 0x3ff)
r1 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000580)='ip6erspan0\x00', 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
splice(r2, &(0x7f00000005c0)=0xcf80, r1, &(0x7f0000000600)=0x6f, 0x0, 0xd)
fremovexattr(r2, &(0x7f0000000640)=@random={'os2.', '\x00'})
close(r1)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
open(&(0x7f0000000700)='./file0\x00', 0x58940, 0x46)
getsockopt$sock_timeval(r3, 0x1, 0x0, &(0x7f00000007c0), &(0x7f0000000800)=0x10)
fsetxattr$security_selinux(r3, &(0x7f0000000940), &(0x7f0000000980)='system_u:object_r:syslogd_var_lib_t:s0\x00', 0x27, 0x1)
recvmmsg(r2, &(0x7f0000001f40)=[{{0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f0000000ac0)=""/234, 0xea}, {&(0x7f0000000bc0)=""/31, 0x1f}, {&(0x7f0000000c00)=""/4096, 0x1000}, {&(0x7f0000001c00)=""/66, 0x42}, {&(0x7f0000001c80)=""/201, 0xc9}, {&(0x7f0000001d80)=""/238, 0xee}], 0x6, &(0x7f0000001f00)=""/49, 0x31}, 0x4}], 0x1, 0x101, &(0x7f0000001f80))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0xa, 0x7, 0x209, 0x40, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000180), 0x3ff, r4}, 0x38)

99.478049ms ago: executing program 0 (id=304):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000700)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2e}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r1, 0x18000000000002a0, 0x4f, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r2, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @time={0x9e, 0xbdaf}, {}, {}, @raw32}, {0x3, 0x0, 0x0, 0x0, @tick=0x7, {}, {}, @ext={0x0, 0x0}}], 0x38)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r7}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@version_9p2000}]}})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r3, 0x58, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r2, 0xe0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, &(0x7f00000005c0)=[0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r9=>0x0, 0x63, &(0x7f00000006c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000700), &(0x7f0000000740), 0x8, 0x99, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x19, 0x5, &(0x7f0000000040)=@raw=[@generic={0x45, 0x1, 0x8, 0x4, 0x2}, @jmp={0x5, 0x0, 0x2, 0x9, 0xb, 0x18, 0xfffffffffffffffc}, @ldst={0x1, 0x0, 0x1, 0x7, 0x1, 0x18, 0x4}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x8}], &(0x7f0000000140)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x52, '\x00', r8, @fallback=0x12, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x5, 0x9, 0x13, 0x80}, 0x10, r9, r7, 0x3, &(0x7f0000000800)=[r3, r2, r3], &(0x7f00000009c0)=[{0x1, 0x1, 0xa, 0x9}, {0x5, 0x3, 0xf, 0x9}, {0x4, 0x4, 0x5, 0x6}], 0x10, 0x200, @void, @value}, 0x94)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000700)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x2e}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r1, 0x18000000000002a0, 0x4f, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
fcntl$dupfd(r0, 0x0, r0) (async)
write$sndseq(r2, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @time={0x9e, 0xbdaf}, {}, {}, @raw32}, {0x3, 0x0, 0x0, 0x0, @tick=0x7, {}, {}, @ext={0x0, 0x0}}], 0x38) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
pipe2$9p(&(0x7f00000000c0), 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r7}, 0x10) (async)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@version_9p2000}]}}) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r3, 0x58, &(0x7f0000000380)}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r2, 0xe0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, &(0x7f00000005c0)=[0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x63, &(0x7f00000006c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000700), &(0x7f0000000740), 0x8, 0x99, 0x8, 0x8, &(0x7f0000000780)}}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x19, 0x5, &(0x7f0000000040)=@raw=[@generic={0x45, 0x1, 0x8, 0x4, 0x2}, @jmp={0x5, 0x0, 0x2, 0x9, 0xb, 0x18, 0xfffffffffffffffc}, @ldst={0x1, 0x0, 0x1, 0x7, 0x1, 0x18, 0x4}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x8}], &(0x7f0000000140)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x52, '\x00', r8, @fallback=0x12, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x5, 0x9, 0x13, 0x80}, 0x10, r9, r7, 0x3, &(0x7f0000000800)=[r3, r2, r3], &(0x7f00000009c0)=[{0x1, 0x1, 0xa, 0x9}, {0x5, 0x3, 0xf, 0x9}, {0x4, 0x4, 0x5, 0x6}], 0x10, 0x200, @void, @value}, 0x94) (async)

0s ago: executing program 4 (id=305):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000010c0)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(r1, 0x2, &(0x7f00000002c0)=0x1)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_config_ext={0x4, 0x6}, 0x400, 0xfffffffd, 0x6, 0x3, 0x1, 0x1, 0xfff6, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000000400000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='fscache_access\x00', r4}, 0x18)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000003580)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0xffffffffffffffff}], 0x9, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r5)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r6, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r6, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r7, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r8 = socket$netlink(0x10, 0x3, 0xf)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x18)
clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
r10 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
fcntl$setsig(r10, 0xa, 0x13)
fcntl$setlease(r10, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x8)
fcntl$dupfd(r0, 0x406, r0)
sendmsg$OSF_MSG_REMOVE(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="60100000010501"], 0x1060}}, 0x0)

kernel console output (not intermixed with test programs):

[   22.418248][   T29] audit: type=1400 audit(1744131426.267:81): avc:  denied  { read } for  pid=2985 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
Warning: Permanently added '10.128.10.0' (ED25519) to the list of known hosts.
[   26.792140][   T29] audit: type=1400 audit(1744131430.647:82): avc:  denied  { mounton } for  pid=3287 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   26.793221][ T3287] cgroup: Unknown subsys name 'net'
[   26.815606][   T29] audit: type=1400 audit(1744131430.647:83): avc:  denied  { mount } for  pid=3287 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   26.842797][   T29] audit: type=1400 audit(1744131430.677:84): avc:  denied  { unmount } for  pid=3287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   26.998933][ T3287] cgroup: Unknown subsys name 'cpuset'
[   27.005157][ T3287] cgroup: Unknown subsys name 'rlimit'
[   27.108246][   T29] audit: type=1400 audit(1744131430.967:85): avc:  denied  { setattr } for  pid=3287 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   27.133584][   T29] audit: type=1400 audit(1744131430.967:86): avc:  denied  { create } for  pid=3287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.142495][ T3293] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   27.154338][   T29] audit: type=1400 audit(1744131430.967:87): avc:  denied  { write } for  pid=3287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.183445][   T29] audit: type=1400 audit(1744131430.967:88): avc:  denied  { read } for  pid=3287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.203864][   T29] audit: type=1400 audit(1744131430.967:89): avc:  denied  { mounton } for  pid=3287 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   27.228777][   T29] audit: type=1400 audit(1744131430.967:90): avc:  denied  { mount } for  pid=3287 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   27.252171][   T29] audit: type=1400 audit(1744131431.017:91): avc:  denied  { relabelto } for  pid=3293 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   27.289990][ T3287] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   28.366350][ T3300] chnl_net:caif_netlink_parms(): no params data found
[   28.487830][ T3308] chnl_net:caif_netlink_parms(): no params data found
[   28.511674][ T3300] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.518854][ T3300] bridge0: port 1(bridge_slave_0) entered disabled state
[   28.526047][ T3300] bridge_slave_0: entered allmulticast mode
[   28.532716][ T3300] bridge_slave_0: entered promiscuous mode
[   28.548350][ T3301] chnl_net:caif_netlink_parms(): no params data found
[   28.557274][ T3307] chnl_net:caif_netlink_parms(): no params data found
[   28.565850][ T3300] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.572962][ T3300] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.580434][ T3300] bridge_slave_1: entered allmulticast mode
[   28.586953][ T3300] bridge_slave_1: entered promiscuous mode
[   28.621309][ T3300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   28.631643][ T3300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   28.673450][ T3310] chnl_net:caif_netlink_parms(): no params data found
[   28.685047][ T3300] team0: Port device team_slave_0 added
[   28.717770][ T3300] team0: Port device team_slave_1 added
[   28.740551][ T3308] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.747689][ T3308] bridge0: port 1(bridge_slave_0) entered disabled state
[   28.754876][ T3308] bridge_slave_0: entered allmulticast mode
[   28.761340][ T3308] bridge_slave_0: entered promiscuous mode
[   28.790378][ T3307] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.797492][ T3307] bridge0: port 1(bridge_slave_0) entered disabled state
[   28.804728][ T3307] bridge_slave_0: entered allmulticast mode
[   28.811388][ T3307] bridge_slave_0: entered promiscuous mode
[   28.817902][ T3308] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.825069][ T3308] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.832284][ T3308] bridge_slave_1: entered allmulticast mode
[   28.838833][ T3308] bridge_slave_1: entered promiscuous mode
[   28.850186][ T3301] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.857260][ T3301] bridge0: port 1(bridge_slave_0) entered disabled state
[   28.864477][ T3301] bridge_slave_0: entered allmulticast mode
[   28.871072][ T3301] bridge_slave_0: entered promiscuous mode
[   28.879762][ T3307] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.886854][ T3307] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.894331][ T3307] bridge_slave_1: entered allmulticast mode
[   28.900880][ T3307] bridge_slave_1: entered promiscuous mode
[   28.917162][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_0
[   28.924249][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   28.950215][ T3300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   28.961037][ T3301] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.968211][ T3301] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.975440][ T3301] bridge_slave_1: entered allmulticast mode
[   28.981916][ T3301] bridge_slave_1: entered promiscuous mode
[   29.000648][ T3300] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.007678][ T3300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.033705][ T3300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.062943][ T3307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.073103][ T3308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.083860][ T3308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.094235][ T3301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.110183][ T3307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.134958][ T3301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.144206][ T3310] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.151342][ T3310] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.158609][ T3310] bridge_slave_0: entered allmulticast mode
[   29.165019][ T3310] bridge_slave_0: entered promiscuous mode
[   29.183630][ T3300] hsr_slave_0: entered promiscuous mode
[   29.189726][ T3300] hsr_slave_1: entered promiscuous mode
[   29.201265][ T3310] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.208438][ T3310] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.215679][ T3310] bridge_slave_1: entered allmulticast mode
[   29.222155][ T3310] bridge_slave_1: entered promiscuous mode
[   29.238362][ T3308] team0: Port device team_slave_0 added
[   29.244856][ T3308] team0: Port device team_slave_1 added
[   29.256777][ T3301] team0: Port device team_slave_0 added
[   29.268090][ T3307] team0: Port device team_slave_0 added
[   29.274702][ T3307] team0: Port device team_slave_1 added
[   29.291178][ T3301] team0: Port device team_slave_1 added
[   29.297177][ T3308] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.304223][ T3308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.330232][ T3308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.342246][ T3310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.371784][ T3308] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.378857][ T3308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.404852][ T3308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.419287][ T3310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.440718][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.447759][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.473700][ T3307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.485111][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.492144][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.518249][ T3307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.555188][ T3308] hsr_slave_0: entered promiscuous mode
[   29.561213][ T3308] hsr_slave_1: entered promiscuous mode
[   29.567038][ T3308] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   29.574900][ T3308] Cannot create hsr debugfs directory
[   29.583253][ T3301] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.590363][ T3301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.616319][ T3301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.627749][ T3310] team0: Port device team_slave_0 added
[   29.642267][ T3301] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.649266][ T3301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.675287][ T3301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.689178][ T3310] team0: Port device team_slave_1 added
[   29.746413][ T3307] hsr_slave_0: entered promiscuous mode
[   29.752606][ T3307] hsr_slave_1: entered promiscuous mode
[   29.758745][ T3307] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   29.766308][ T3307] Cannot create hsr debugfs directory
[   29.782308][ T3301] hsr_slave_0: entered promiscuous mode
[   29.788476][ T3301] hsr_slave_1: entered promiscuous mode
[   29.794322][ T3301] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   29.801965][ T3301] Cannot create hsr debugfs directory
[   29.807829][ T3310] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.814880][ T3310] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.840873][ T3310] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.864167][ T3310] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.871313][ T3310] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.897429][ T3310] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.983553][ T3310] hsr_slave_0: entered promiscuous mode
[   29.989665][ T3310] hsr_slave_1: entered promiscuous mode
[   29.995669][ T3310] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   30.003328][ T3310] Cannot create hsr debugfs directory
[   30.070682][ T3300] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   30.082333][ T3300] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   30.097444][ T3300] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   30.117763][ T3300] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   30.154056][ T3308] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   30.162982][ T3308] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   30.177259][ T3308] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   30.185993][ T3308] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   30.223350][ T3301] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   30.232261][ T3301] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   30.244982][ T3301] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   30.256163][ T3301] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   30.288703][ T3300] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.319738][ T3308] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.328616][ T3310] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   30.344667][ T3310] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   30.359871][ T3300] 8021q: adding VLAN 0 to HW filter on device team0
[   30.371338][ T3310] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   30.380271][ T3310] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   30.395591][ T3308] 8021q: adding VLAN 0 to HW filter on device team0
[   30.412630][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.419800][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.428533][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.435627][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.447130][ T3307] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   30.456775][ T3307] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   30.465960][ T3307] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   30.476806][ T3307] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   30.486378][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.493536][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.504463][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.511620][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.572022][ T3301] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.593146][ T3308] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   30.606228][ T3301] 8021q: adding VLAN 0 to HW filter on device team0
[   30.627798][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.635032][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.644120][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.651360][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.696027][ T3310] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.715443][ T3300] 8021q: adding VLAN 0 to HW filter on device batadv0
[   30.741282][ T3307] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.752762][ T3308] 8021q: adding VLAN 0 to HW filter on device batadv0
[   30.775690][ T3310] 8021q: adding VLAN 0 to HW filter on device team0
[   30.790261][ T3307] 8021q: adding VLAN 0 to HW filter on device team0
[   30.803213][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.810424][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.830813][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.837926][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.848163][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.855265][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.873970][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.881207][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.913907][ T3301] 8021q: adding VLAN 0 to HW filter on device batadv0
[   30.977375][ T3308] veth0_vlan: entered promiscuous mode
[   30.992386][ T3300] veth0_vlan: entered promiscuous mode
[   31.001557][ T3308] veth1_vlan: entered promiscuous mode
[   31.016901][ T3308] veth0_macvtap: entered promiscuous mode
[   31.028377][ T3308] veth1_macvtap: entered promiscuous mode
[   31.042306][ T3300] veth1_vlan: entered promiscuous mode
[   31.062406][ T3310] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.077126][ T3300] veth0_macvtap: entered promiscuous mode
[   31.090709][ T3300] veth1_macvtap: entered promiscuous mode
[   31.106610][ T3307] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.115747][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.135163][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.147477][ T3300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.158177][ T3300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.172116][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.182810][ T3308] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.191762][ T3308] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.200580][ T3308] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.209398][ T3308] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.225485][ T3300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.236107][ T3300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.246907][ T3300] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.256854][ T3301] veth0_vlan: entered promiscuous mode
[   31.278465][ T3300] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.287295][ T3300] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.296083][ T3300] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.304919][ T3300] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.316417][ T3301] veth1_vlan: entered promiscuous mode
[   31.353060][ T3307] veth0_vlan: entered promiscuous mode
[   31.382891][ T3307] veth1_vlan: entered promiscuous mode
[   31.396400][ T3310] veth0_vlan: entered promiscuous mode
[   31.409284][ T3308] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   31.425901][ T3301] veth0_macvtap: entered promiscuous mode
[   31.436330][ T3310] veth1_vlan: entered promiscuous mode
[   31.459971][ T3301] veth1_macvtap: entered promiscuous mode
[   31.483165][ T3307] veth0_macvtap: entered promiscuous mode
[   31.504950][ T3301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.515580][ T3301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.525492][ T3301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.536259][ T3301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.551402][ T3301] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.562864][ T3307] veth1_macvtap: entered promiscuous mode
[   31.587711][ T3310] veth0_macvtap: entered promiscuous mode
[   31.596456][ T3310] veth1_macvtap: entered promiscuous mode
[   31.610840][ T3310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.621448][ T3310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.631493][ T3310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.641993][ T3310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.651858][ T3310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.662358][ T3310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.673669][ T3310] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.681972][ T3301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.692648][ T3301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.702525][ T3301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.713097][ T3301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.731731][ T3301] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.733184][ T3449] loop0: detected capacity change from 0 to 128
[   31.741254][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.755907][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.765762][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.765984][ T3449] =======================================================
[   31.765984][ T3449] WARNING: The mand mount option has been deprecated and
[   31.765984][ T3449]          and is ignored by this kernel. Remove the mand
[   31.765984][ T3449]          option from the mount to silence this warning.
[   31.765984][ T3449] =======================================================
[   31.776249][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.776267][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.776304][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.776318][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.852000][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.866093][   T29] kauditd_printk_skb: 49 callbacks suppressed
[   31.866111][   T29] audit: type=1400 audit(1744131435.717:141): avc:  denied  { prog_run } for  pid=3446 comm="syz.3.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   31.893140][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.934919][ T3301] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.943801][ T3301] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.952820][ T3301] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.961926][ T3301] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.981040][ T3310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.991650][ T3310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.001505][ T3310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.012082][ T3310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.021943][ T3310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.032482][ T3310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.047702][ T3310] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.064351][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.074960][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.084957][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.095448][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.105331][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.115815][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.125792][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.136292][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.153216][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.164261][ T3310] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.173093][ T3310] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.181913][ T3310] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.190712][ T3310] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.229673][ T3449] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   32.231476][ T3307] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.250597][ T3307] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.259417][ T3307] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.260310][   T29] audit: type=1400 audit(1744131436.117:142): avc:  denied  { mount } for  pid=3448 comm="syz.0.7" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   32.268296][ T3307] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.293022][ T3449] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   32.368071][   T29] audit: type=1400 audit(1744131436.217:143): avc:  denied  { write } for  pid=3448 comm="syz.0.7" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   32.389568][   T29] audit: type=1400 audit(1744131436.217:144): avc:  denied  { add_name } for  pid=3448 comm="syz.0.7" name="cpu.stat" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   32.410459][   T29] audit: type=1400 audit(1744131436.217:145): avc:  denied  { create } for  pid=3448 comm="syz.0.7" name="cpu.stat" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   32.430813][   T29] audit: type=1400 audit(1744131436.217:146): avc:  denied  { read append open } for  pid=3448 comm="syz.0.7" path="/1/file0/cpu.stat" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   32.454514][   T29] audit: type=1400 audit(1744131436.217:147): avc:  denied  { ioctl } for  pid=3448 comm="syz.0.7" path="/1/file0/cpu.stat" dev="loop0" ino=12 ioctlcmd=0x583b scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   32.478621][   T29] audit: type=1400 audit(1744131436.217:148): avc:  denied  { create } for  pid=3448 comm="syz.0.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   32.498995][   T29] audit: type=1400 audit(1744131436.217:149): avc:  denied  { write } for  pid=3448 comm="syz.0.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   32.572918][   T29] audit: type=1400 audit(1744131436.337:150): avc:  denied  { map } for  pid=3457 comm="syz.4.5" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=4430 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   32.622851][ T3466] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.5'.
[   32.659503][ T3464] loop3: detected capacity change from 0 to 512
[   32.679467][ T3464] EXT4-fs: Ignoring removed oldalloc option
[   32.701587][ T3469] loop2: detected capacity change from 0 to 1024
[   32.737063][ T3464] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.8: Parent and EA inode have the same ino 15
[   32.749878][ T3469] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.782921][ T3464] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   32.836802][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.847324][ T3464] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.8: Parent and EA inode have the same ino 15
[   32.892184][ T3464] EXT4-fs (loop3): 1 orphan inode deleted
[   32.912220][ T3464] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.175001][ T3493] loop4: detected capacity change from 0 to 512
[   33.180696][ T3308] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   33.192837][ T3493] EXT4-fs: Ignoring removed oldalloc option
[   33.204652][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.210301][ T3493] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.17: Parent and EA inode have the same ino 15
[   33.230008][ T3493] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.17: Parent and EA inode have the same ino 15
[   33.376995][ T3493] EXT4-fs (loop4): 1 orphan inode deleted
[   33.419272][ T3493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.672689][ T3506] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.690518][ T3503] loop1: detected capacity change from 0 to 8192
[   33.706659][ T3506] loop0: detected capacity change from 0 to 512
[   33.718538][ T3503]  loop1: p2 p3 p4
[   33.722387][ T3503] loop1: p2 size 130943 extends beyond EOD, truncated
[   33.725563][ T3506] EXT4-fs: Ignoring removed oldalloc option
[   33.751249][ T3503] loop1: p3 size 16776960 extends beyond EOD, truncated
[   33.762596][ T3506] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.18: Parent and EA inode have the same ino 15
[   33.776010][ T3506] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.18: Parent and EA inode have the same ino 15
[   33.795862][ T3506] EXT4-fs (loop0): 1 orphan inode deleted
[   33.802438][ T3503] loop1: p4 size 3599499392 extends beyond EOD, truncated
[   33.828813][ T3506] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.030073][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.243532][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   34.261040][ T3379] udevd[3379]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   34.293018][ T3521] udevd[3521]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   34.524614][ T3546] loop3: detected capacity change from 0 to 8192
[   34.577620][ T3557] loop0: detected capacity change from 0 to 1024
[   34.584362][ T3546]  loop3: p2 p3 p4
[   34.588785][ T3557] EXT4-fs: Ignoring removed nobh option
[   34.594474][ T3557] EXT4-fs: Ignoring removed bh option
[   34.609303][ T3546] loop3: p2 size 130943 extends beyond EOD, truncated
[   34.622957][ T3546] loop3: p3 size 16776960 extends beyond EOD, truncated
[   34.632124][ T3546] loop3: p4 size 3599499392 extends beyond EOD, truncated
[   34.639810][ T3561] loop2: detected capacity change from 0 to 8192
[   34.657886][ T3557] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.710053][ T3561]  loop2: p1 p2 p3 p4
[   34.747232][ T3561] loop2: p1 start 67159808 is beyond EOD, truncated
[   34.754167][ T3561] loop2: p2 size 130943 extends beyond EOD, truncated
[   34.788227][ T3561] loop2: p3 start 340266 is beyond EOD, truncated
[   34.794734][ T3561] loop2: p4 size 3599499264 extends beyond EOD, truncated
[   34.837102][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   34.844452][ T3292] udevd[3292]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   34.853664][ T3379] udevd[3379]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   34.919364][ T3585] lo speed is unknown, defaulting to 1000
[   34.925251][ T3585] lo speed is unknown, defaulting to 1000
[   34.932022][ T3581] udevd[3581]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   34.936410][ T3582] udevd[3582]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   34.955949][ T3585] lo speed is unknown, defaulting to 1000
[   34.963530][ T3585] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   34.973111][ T3576] loop4: detected capacity change from 0 to 512
[   34.976742][ T3585] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   35.001846][ T3576] EXT4-fs: Ignoring removed oldalloc option
[   35.015843][ T3587] loop3: detected capacity change from 0 to 512
[   35.033336][ T3576] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.48: Parent and EA inode have the same ino 15
[   35.046383][ T3585] lo speed is unknown, defaulting to 1000
[   35.058488][ T3587] EXT4-fs: Ignoring removed nomblk_io_submit option
[   35.076477][ T3585] lo speed is unknown, defaulting to 1000
[   35.084545][ T3585] lo speed is unknown, defaulting to 1000
[   35.092714][ T3585] lo speed is unknown, defaulting to 1000
[   35.099051][ T3576] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.48: Parent and EA inode have the same ino 15
[   35.099362][ T3585] lo speed is unknown, defaulting to 1000
[   35.119866][ T3587] EXT4-fs: Ignoring removed mblk_io_submit option
[   35.127779][ T3587] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[   35.137136][ T3587] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[   35.145896][ T3587] EXT4-fs (loop3): 1 truncate cleaned up
[   35.155644][ T3587] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.156401][ T3576] EXT4-fs (loop4): 1 orphan inode deleted
[   35.198659][ T3576] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.211430][ T3597] loop1: detected capacity change from 0 to 512
[   35.224972][ T3593] loop2: detected capacity change from 0 to 512
[   35.246620][ T3593] EXT4-fs: Ignoring removed oldalloc option
[   35.250028][ T3597] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.275601][ T3585] syz.3.51 (3585) used greatest stack depth: 10776 bytes left
[   35.281216][ T3597] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   35.295966][ T3593] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.53: Parent and EA inode have the same ino 15
[   35.309736][ T3593] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.53: Parent and EA inode have the same ino 15
[   35.325040][ T3593] EXT4-fs (loop2): 1 orphan inode deleted
[   35.332512][ T3593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.363021][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.394269][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.409536][ T3605] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   35.425316][ T3300] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.436182][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.461146][ T3609] netlink: 24 bytes leftover after parsing attributes in process `syz.2.60'.
[   35.482546][ T3607] netlink: 8 bytes leftover after parsing attributes in process `syz.4.59'.
[   35.512043][ T3607] IPVS: Error joining to the multicast group
[   35.523788][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.540089][ T3615] loop0: detected capacity change from 0 to 512
[   35.552530][ T3615] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[   35.561733][ T3615] EXT4-fs (loop0): 1 truncate cleaned up
[   35.571787][ T3615] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.612594][ T3615] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[   35.638780][ T3615] openvswitch: netlink: Message has 6 unknown bytes.
[   35.672624][ T3634] loop1: detected capacity change from 0 to 128
[   35.679135][ T3627] loop2: detected capacity change from 0 to 2048
[   35.688240][    C1] hrtimer: interrupt took 47833 ns
[   35.728674][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.743682][ T3627] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.775792][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4
[   35.783678][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2
[   35.791725][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.799498][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.807172][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.814930][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.822642][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.830360][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.838136][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.845813][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.853546][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.861286][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.869151][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.877190][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.884973][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.892688][   T23] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0
[   35.901641][   T23] hid-generic 0000:3000000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   35.903832][ T3638] xt_connbytes: Forcing CT accounting to be enabled
[   35.930218][ T3647] batadv_slave_1: entered promiscuous mode
[   35.940344][ T3627] infiniband syz!: set active
[   35.945110][ T3627] infiniband syz!: added team_slave_0
[   35.962935][ T3647] netlink: 8 bytes leftover after parsing attributes in process `syz.1.68'.
[   35.972763][ T3627] RDS/IB: syz!: added
[   35.973996][ T3638] Cannot find set identified by id 0 to match
[   35.976985][ T3627] smc: adding ib device syz! with port count 1
[   35.991965][ T3627] smc:    ib device syz! port 1 has pnetid 
[   36.012038][ T3645] batadv_slave_1: left promiscuous mode
[   36.040858][ T3656] loop0: detected capacity change from 0 to 1024
[   36.062050][ T3656] EXT4-fs: Ignoring removed nobh option
[   36.067735][ T3656] EXT4-fs: Ignoring removed bh option
[   36.096861][ T3656] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.143520][ T3668] veth0: entered promiscuous mode
[   36.152342][ T3668] netlink: 4 bytes leftover after parsing attributes in process `syz.4.71'.
[   36.163424][ T3666] loop1: detected capacity change from 0 to 1024
[   36.171978][ T3666] EXT4-fs: Ignoring removed nobh option
[   36.177692][ T3666] EXT4-fs: Ignoring removed bh option
[   36.250274][ T3666] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.266687][ T3673] netlink: 32 bytes leftover after parsing attributes in process `syz.4.72'.
[   36.367977][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.465821][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.500525][ T3627] syz.2.64 (3627) used greatest stack depth: 10624 bytes left
[   36.539198][ T3377] IPVS: starting estimator thread 0...
[   36.554194][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.575270][ T3690] netlink: 28 bytes leftover after parsing attributes in process `syz.1.76'.
[   36.584235][ T3690] netlink: 28 bytes leftover after parsing attributes in process `syz.1.76'.
[   36.632848][ T3690] lo speed is unknown, defaulting to 1000
[   36.648758][ T3696] SELinux:  Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped).
[   36.652278][ T3697] netlink: 8 bytes leftover after parsing attributes in process `syz.0.78'.
[   36.658418][ T3688] IPVS: using max 2064 ests per chain, 103200 per kthread
[   36.666863][ T3697] netlink: 'syz.0.78': attribute type 5 has an invalid length.
[   36.738848][ T3703] Unsupported ieee802154 address type: 0
[   36.759233][ T3705] Cannot find add_set index 0 as target
[   36.765507][ T3701] loop4: detected capacity change from 0 to 1024
[   36.780849][ T3701] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   36.792331][ T3701] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   36.837035][ T3701] JBD2: no valid journal superblock found
[   36.842897][ T3701] EXT4-fs (loop4): Could not load journal inode
[   36.869101][   T29] kauditd_printk_skb: 424 callbacks suppressed
[   36.869117][   T29] audit: type=1400 audit(1744131440.727:575): avc:  denied  { name_bind } for  pid=3712 comm="syz.1.87" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   36.872714][ T3710] loop3: detected capacity change from 0 to 1024
[   36.923942][ T3714] SELinux:  Context � is not valid (left unmapped).
[   36.926940][ T3710] EXT4-fs: Ignoring removed nobh option
[   36.936402][ T3710] EXT4-fs: Ignoring removed bh option
[   36.954664][   T29] audit: type=1326 audit(1744131440.807:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3711 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e92c1d169 code=0x7ffc0000
[   37.013212][   T29] audit: type=1326 audit(1744131440.837:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3711 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f9e92c1d169 code=0x7ffc0000
[   37.036602][   T29] audit: type=1326 audit(1744131440.837:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3711 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e92c1d169 code=0x7ffc0000
[   37.052827][ T3710] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.059906][   T29] audit: type=1326 audit(1744131440.837:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3711 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e92c1d169 code=0x7ffc0000
[   37.096342][   T29] audit: type=1326 audit(1744131440.837:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3711 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f9e92c1d169 code=0x7ffc0000
[   37.119614][   T29] audit: type=1326 audit(1744131440.837:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3715 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f9e92c4fa25 code=0x7ffc0000
[   37.143074][   T29] audit: type=1326 audit(1744131440.837:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3711 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e92c1d169 code=0x7ffc0000
[   37.166686][   T29] audit: type=1326 audit(1744131440.847:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3711 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e92c1d169 code=0x7ffc0000
[   37.190185][   T29] audit: type=1326 audit(1744131440.847:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3711 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e92c1d169 code=0x7ffc0000
[   37.312264][ T3727] Zero length message leads to an empty skb
[   37.431575][ T3736] FAULT_INJECTION: forcing a failure.
[   37.431575][ T3736] name failslab, interval 1, probability 0, space 0, times 0
[   37.444311][ T3736] CPU: 0 UID: 0 PID: 3736 Comm: syz.0.92 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   37.444341][ T3736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   37.444356][ T3736] Call Trace:
[   37.444363][ T3736]  <TASK>
[   37.444370][ T3736]  dump_stack_lvl+0xf6/0x150
[   37.444447][ T3736]  dump_stack+0x15/0x1a
[   37.444506][ T3736]  should_fail_ex+0x261/0x270
[   37.444535][ T3736]  should_failslab+0x8f/0xb0
[   37.444569][ T3736]  __kmalloc_cache_node_noprof+0x58/0x340
[   37.444593][ T3736]  ? __get_vm_area_node+0xfb/0x1c0
[   37.444698][ T3736]  __get_vm_area_node+0xfb/0x1c0
[   37.444736][ T3736]  __vmalloc_node_range_noprof+0x285/0xe80
[   37.444805][ T3736]  ? kernel_read_file+0x2be/0x4f0
[   37.444825][ T3736]  ? avc_has_perm_noaudit+0x1cc/0x210
[   37.444856][ T3736]  ? avc_has_perm+0xd6/0x150
[   37.444946][ T3736]  ? kernel_read_file+0x2be/0x4f0
[   37.444971][ T3736]  vmalloc_noprof+0x5e/0x70
[   37.445046][ T3736]  ? kernel_read_file+0x2be/0x4f0
[   37.445074][ T3736]  kernel_read_file+0x2be/0x4f0
[   37.445103][ T3736]  __se_sys_finit_module+0x2c0/0x450
[   37.445141][ T3736]  __x64_sys_finit_module+0x3e/0x50
[   37.445206][ T3736]  x64_sys_call+0x1d8a/0x2e10
[   37.445230][ T3736]  do_syscall_64+0xc9/0x1c0
[   37.445266][ T3736]  ? clear_bhb_loop+0x25/0x80
[   37.445319][ T3736]  ? clear_bhb_loop+0x25/0x80
[   37.445366][ T3736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.445416][ T3736] RIP: 0033:0x7fcdf6a8d169
[   37.445434][ T3736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.445455][ T3736] RSP: 002b:00007fcdf50ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[   37.445491][ T3736] RAX: ffffffffffffffda RBX: 00007fcdf6ca5fa0 RCX: 00007fcdf6a8d169
[   37.445508][ T3736] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   37.445522][ T3736] RBP: 00007fcdf50ef090 R08: 0000000000000000 R09: 0000000000000000
[   37.445560][ T3736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.445571][ T3736] R13: 0000000000000000 R14: 00007fcdf6ca5fa0 R15: 00007fff2b1a2808
[   37.445647][ T3736]  </TASK>
[   37.445655][ T3736] syz.0.92: vmalloc error: size 4096, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0
[   37.672478][ T3736] CPU: 0 UID: 0 PID: 3736 Comm: syz.0.92 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   37.672505][ T3736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   37.672518][ T3736] Call Trace:
[   37.672525][ T3736]  <TASK>
[   37.672534][ T3736]  dump_stack_lvl+0xf6/0x150
[   37.672622][ T3736]  dump_stack+0x15/0x1a
[   37.672643][ T3736]  warn_alloc+0x145/0x1b0
[   37.672698][ T3736]  __vmalloc_node_range_noprof+0x2aa/0xe80
[   37.672726][ T3736]  ? avc_has_perm_noaudit+0x1cc/0x210
[   37.672762][ T3736]  ? avc_has_perm+0xd6/0x150
[   37.672798][ T3736]  ? kernel_read_file+0x2be/0x4f0
[   37.672823][ T3736]  vmalloc_noprof+0x5e/0x70
[   37.672895][ T3736]  ? kernel_read_file+0x2be/0x4f0
[   37.672920][ T3736]  kernel_read_file+0x2be/0x4f0
[   37.673096][ T3736]  __se_sys_finit_module+0x2c0/0x450
[   37.673139][ T3736]  __x64_sys_finit_module+0x3e/0x50
[   37.673168][ T3736]  x64_sys_call+0x1d8a/0x2e10
[   37.673196][ T3736]  do_syscall_64+0xc9/0x1c0
[   37.673242][ T3736]  ? clear_bhb_loop+0x25/0x80
[   37.673317][ T3736]  ? clear_bhb_loop+0x25/0x80
[   37.673342][ T3736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.673368][ T3736] RIP: 0033:0x7fcdf6a8d169
[   37.673384][ T3736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.673405][ T3736] RSP: 002b:00007fcdf50ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[   37.673425][ T3736] RAX: ffffffffffffffda RBX: 00007fcdf6ca5fa0 RCX: 00007fcdf6a8d169
[   37.673437][ T3736] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   37.673448][ T3736] RBP: 00007fcdf50ef090 R08: 0000000000000000 R09: 0000000000000000
[   37.673533][ T3736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.673546][ T3736] R13: 0000000000000000 R14: 00007fcdf6ca5fa0 R15: 00007fff2b1a2808
[   37.673568][ T3736]  </TASK>
[   37.673576][ T3736] Mem-Info:
[   37.863150][ T3736] active_anon:7866 inactive_anon:0 isolated_anon:18
[   37.863150][ T3736]  active_file:4659 inactive_file:2050 isolated_file:0
[   37.863150][ T3736]  unevictable:0 dirty:119 writeback:0
[   37.863150][ T3736]  slab_reclaimable:2773 slab_unreclaimable:14643
[   37.863150][ T3736]  mapped:31315 shmem:3238 pagetables:1153
[   37.863150][ T3736]  sec_pagetables:0 bounce:0
[   37.863150][ T3736]  kernel_misc_reclaimable:0
[   37.863150][ T3736]  free:1895723 free_pcp:11958 free_cma:0
[   37.908356][ T3736] Node 0 active_anon:31464kB inactive_anon:0kB active_file:18636kB inactive_file:8200kB unevictable:0kB isolated(anon):72kB isolated(file):0kB mapped:125260kB dirty:476kB writeback:0kB shmem:12952kB writeback_tmp:0kB kernel_stack:2944kB pagetables:4612kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   37.937306][ T3736] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   37.964694][ T3736] lowmem_reserve[]: 0 2882 7860 7860
[   37.970133][ T3736] Node 0 DMA32 free:2947808kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951336kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[   37.998859][ T3736] lowmem_reserve[]: 0 0 4978 4978
[   38.003908][ T3736] Node 0 Normal free:4619724kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB active_anon:31464kB inactive_anon:0kB active_file:18636kB inactive_file:8200kB unevictable:0kB writepending:476kB present:5242880kB managed:5098244kB mlocked:4kB bounce:0kB free_pcp:44300kB local_pcp:29300kB free_cma:0kB
[   38.034058][ T3736] lowmem_reserve[]: 0 0 0 0
[   38.038818][ T3736] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   38.051659][ T3736] Node 0 DMA32: 4*4kB (M) 0*8kB 1*16kB (M) 4*32kB (M) 5*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947808kB
[   38.067473][ T3736] Node 0 Normal: 1*4kB (M) 1*8kB (E) 1*16kB (M) 1*32kB (M) 4*64kB (UME) 3*128kB (UE) 3*256kB (UME) 0*512kB 4*1024kB (UE) 13*2048kB (UE) 1120*4096kB (UM) = 4619708kB
[   38.084373][ T3736] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   38.093880][ T3736] 9942 total pagecache pages
[   38.098503][ T3736] 0 pages in swap cache
[   38.102658][ T3736] Free swap  = 124996kB
[   38.106832][ T3736] Total swap = 124996kB
[   38.111079][ T3736] 2097051 pages RAM
[   38.114891][ T3736] 0 pages HighMem/MovableOnly
[   38.119696][ T3736] 80816 pages reserved
[   38.130017][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.253036][ T3748] loop4: detected capacity change from 0 to 512
[   38.261335][ T3748] EXT4-fs: Ignoring removed oldalloc option
[   38.381581][ T3748] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.98: Parent and EA inode have the same ino 15
[   38.540249][ T3754] veth0: entered promiscuous mode
[   38.567655][ T3754] netlink: 4 bytes leftover after parsing attributes in process `syz.2.99'.
[   38.582470][ T3748] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.98: Parent and EA inode have the same ino 15
[   38.626828][ T3748] EXT4-fs (loop4): 1 orphan inode deleted
[   38.640784][ T3748] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.731592][ T3763] netlink: 44 bytes leftover after parsing attributes in process `syz.1.103'.
[   38.735643][ T3765] loop2: detected capacity change from 0 to 1024
[   38.755317][   T23] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   38.762911][   T23] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   38.770418][   T23] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   38.780259][ T3767] rdma_rxe: rxe_newlink: failed to add bond0
[   38.789564][ T3765] EXT4-fs: Ignoring removed nobh option
[   38.795186][ T3765] EXT4-fs: Ignoring removed bh option
[   38.795322][ T3767] loop3: detected capacity change from 0 to 1024
[   38.802016][   T23] hid-generic 0000:0004:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   38.808389][ T3763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.826119][ T3767] EXT4-fs: Ignoring removed nobh option
[   38.831829][ T3767] EXT4-fs: Ignoring removed bh option
[   38.839338][ T3767] EXT4-fs: Mount option(s) incompatible with ext3
[   38.857909][ T3765] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.896261][ T3776] lo speed is unknown, defaulting to 1000
[   38.939273][ T3767] lo speed is unknown, defaulting to 1000
[   38.949860][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.000760][ T3783] loop1: detected capacity change from 0 to 1024
[   39.018757][ T3776] lo speed is unknown, defaulting to 1000
[   39.069208][ T3783] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.138171][ T3796] loop0: detected capacity change from 0 to 1024
[   39.151421][ T3796] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   39.162517][ T3796] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   39.198638][ T3796] JBD2: no valid journal superblock found
[   39.204408][ T3796] EXT4-fs (loop0): Could not load journal inode
[   39.221902][ T3776] lo speed is unknown, defaulting to 1000
[   39.255967][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.285865][ T3377] IPVS: starting estimator thread 0...
[   39.382257][ T3802] IPVS: using max 2304 ests per chain, 115200 per kthread
[   39.401051][ T3808] random: crng reseeded on system resumption
[   39.512067][ T3812] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   39.553697][ T3776] lo speed is unknown, defaulting to 1000
[   39.947719][ T3819] netlink: 8 bytes leftover after parsing attributes in process `syz.2.122'.
[   40.046197][ T3808] SELinux: ebitmap: map size 74280818 does not match my size 64 (high bit was 33554432)
[   40.068523][ T3819] IPVS: Error joining to the multicast group
[   40.141143][ T3808] SELinux: failed to load policy
[   40.206303][ T3823] random: crng reseeded on system resumption
[   40.291682][ T3825] ALSA: seq fatal error: cannot create timer (-19)
[   40.310670][ T3823] FAULT_INJECTION: forcing a failure.
[   40.310670][ T3823] name failslab, interval 1, probability 0, space 0, times 0
[   40.323424][ T3823] CPU: 0 UID: 0 PID: 3823 Comm: syz.4.123 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   40.323457][ T3823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   40.323470][ T3823] Call Trace:
[   40.323478][ T3823]  <TASK>
[   40.323486][ T3823]  dump_stack_lvl+0xf6/0x150
[   40.323541][ T3823]  dump_stack+0x15/0x1a
[   40.323561][ T3823]  should_fail_ex+0x261/0x270
[   40.323594][ T3823]  should_failslab+0x8f/0xb0
[   40.323696][ T3823]  __kmalloc_cache_node_noprof+0x58/0x340
[   40.323725][ T3823]  ? __get_vm_area_node+0xfb/0x1c0
[   40.323796][ T3823]  __get_vm_area_node+0xfb/0x1c0
[   40.323828][ T3823]  __vmalloc_node_range_noprof+0x285/0xe80
[   40.323862][ T3823]  ? sel_write_load+0x15b/0x3c0
[   40.323891][ T3823]  ? _parse_integer_limit+0x167/0x180
[   40.323923][ T3823]  ? _parse_integer+0x27/0x30
[   40.323981][ T3823]  ? avc_has_perm_noaudit+0x1cc/0x210
[   40.324018][ T3823]  ? sel_write_load+0x15b/0x3c0
[   40.324067][ T3823]  vmalloc_noprof+0x5e/0x70
[   40.324098][ T3823]  ? sel_write_load+0x15b/0x3c0
[   40.324127][ T3823]  sel_write_load+0x15b/0x3c0
[   40.324157][ T3823]  ? __pfx_sel_write_load+0x10/0x10
[   40.324229][ T3823]  vfs_write+0x295/0x950
[   40.324257][ T3823]  ? putname+0xe1/0x100
[   40.324276][ T3823]  ? __fget_files+0x186/0x1c0
[   40.324298][ T3823]  ksys_write+0xeb/0x1b0
[   40.324412][ T3823]  __x64_sys_write+0x42/0x50
[   40.324516][ T3823]  x64_sys_call+0x2a45/0x2e10
[   40.324542][ T3823]  do_syscall_64+0xc9/0x1c0
[   40.324595][ T3823]  ? clear_bhb_loop+0x25/0x80
[   40.324620][ T3823]  ? clear_bhb_loop+0x25/0x80
[   40.324646][ T3823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.324742][ T3823] RIP: 0033:0x7f1ba925d169
[   40.324759][ T3823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.324780][ T3823] RSP: 002b:00007f1ba78bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   40.324802][ T3823] RAX: ffffffffffffffda RBX: 00007f1ba9475fa0 RCX: 00007f1ba925d169
[   40.324816][ T3823] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 000000000000000b
[   40.324829][ T3823] RBP: 00007f1ba78bf090 R08: 0000000000000000 R09: 0000000000000000
[   40.324843][ T3823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.324933][ T3823] R13: 0000000000000000 R14: 00007f1ba9475fa0 R15: 00007ffea7678ad8
[   40.325023][ T3823]  </TASK>
[   40.620278][ T3838] loop3: detected capacity change from 0 to 164
[   40.631868][ T3838] ISOFS: unable to read i-node block
[   40.637210][ T3838] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   40.768135][ T3848] loop2: detected capacity change from 0 to 1024
[   40.782538][ T3848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.799026][ T3835] loop1: detected capacity change from 0 to 1024
[   40.816367][ T3835] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   40.827400][ T3835] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   40.910621][ T3835] JBD2: no valid journal superblock found
[   40.916420][ T3835] EXT4-fs (loop1): Could not load journal inode
[   40.969508][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.032430][ T3862] loop3: detected capacity change from 0 to 1024
[   41.040637][ T3864] FAULT_INJECTION: forcing a failure.
[   41.040637][ T3864] name failslab, interval 1, probability 0, space 0, times 0
[   41.053376][ T3864] CPU: 1 UID: 0 PID: 3864 Comm: syz.0.138 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   41.053404][ T3864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   41.053418][ T3864] Call Trace:
[   41.053427][ T3864]  <TASK>
[   41.053436][ T3864]  dump_stack_lvl+0xf6/0x150
[   41.053503][ T3864]  dump_stack+0x15/0x1a
[   41.053519][ T3864]  should_fail_ex+0x261/0x270
[   41.053552][ T3864]  should_failslab+0x8f/0xb0
[   41.053589][ T3864]  kmem_cache_alloc_noprof+0x59/0x340
[   41.053683][ T3864]  ? alloc_empty_file+0x78/0x200
[   41.053709][ T3864]  ? _raw_spin_unlock+0x26/0x50
[   41.053734][ T3864]  alloc_empty_file+0x78/0x200
[   41.053837][ T3864]  alloc_file_pseudo+0xcb/0x160
[   41.053867][ T3864]  __shmem_file_setup+0x1bb/0x1f0
[   41.053902][ T3864]  shmem_file_setup+0x3b/0x50
[   41.053981][ T3864]  __se_sys_memfd_create+0x2e1/0x5a0
[   41.054012][ T3864]  __x64_sys_memfd_create+0x31/0x40
[   41.054037][ T3864]  x64_sys_call+0x1163/0x2e10
[   41.054059][ T3864]  do_syscall_64+0xc9/0x1c0
[   41.054090][ T3864]  ? clear_bhb_loop+0x25/0x80
[   41.054122][ T3864]  ? clear_bhb_loop+0x25/0x80
[   41.054142][ T3864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.054162][ T3864] RIP: 0033:0x7fcdf6a8d169
[   41.054185][ T3864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.054202][ T3864] RSP: 002b:00007fcdf50eee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   41.054283][ T3864] RAX: ffffffffffffffda RBX: 00000000000004be RCX: 00007fcdf6a8d169
[   41.054295][ T3864] RDX: 00007fcdf50eeef0 RSI: 0000000000000000 RDI: 00007fcdf6b0ec3c
[   41.054307][ T3864] RBP: 0000200000000980 R08: 00007fcdf50eebb7 R09: 00007fcdf50eee40
[   41.054318][ T3864] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[   41.054329][ T3864] R13: 00007fcdf50eeef0 R14: 00007fcdf50eeeb0 R15: 0000200000000900
[   41.054350][ T3864]  </TASK>
[   41.268404][ T3381] IPVS: starting estimator thread 0...
[   41.274569][ T3862] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.323673][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.336154][ T3871] loop0: detected capacity change from 0 to 1024
[   41.362118][ T3867] IPVS: using max 2304 ests per chain, 115200 per kthread
[   41.507260][ T3886] loop4: detected capacity change from 0 to 1024
[   41.522563][ T3886] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.794889][ T3875] netlink: 'syz.2.135': attribute type 10 has an invalid length.
[   41.802760][ T3875] netlink: 40 bytes leftover after parsing attributes in process `syz.2.135'.
[   41.867794][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.880657][   T29] kauditd_printk_skb: 410 callbacks suppressed
[   41.880735][   T29] audit: type=1400 audit(1744131446.736:995): avc:  denied  { write } for  pid=3902 comm="syz.1.148" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   41.953300][ T3905] loop0: detected capacity change from 0 to 1024
[   42.003428][ T3905] EXT4-fs: Ignoring removed nobh option
[   42.009269][ T3905] EXT4-fs: Ignoring removed bh option
[   42.073373][   T29] audit: type=1400 audit(1744131446.796:996): avc:  denied  { setopt } for  pid=3902 comm="syz.1.148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   42.105928][ T3908] loop1: detected capacity change from 0 to 512
[   42.113128][ T3908] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   42.121615][ T3908] EXT4-fs (loop1): can't mount with commit=, fs mounted w/o journal
[   42.122079][ T3875] team0: Port device geneve1 added
[   42.137739][ T3906] netlink: 44 bytes leftover after parsing attributes in process `syz.2.135'.
[   42.168614][ T3905] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.264838][   T29] audit: type=1400 audit(1744131447.116:997): avc:  denied  { create } for  pid=3915 comm="syz.4.154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   42.383170][ T3922] FAULT_INJECTION: forcing a failure.
[   42.383170][ T3922] name failslab, interval 1, probability 0, space 0, times 0
[   42.395930][ T3922] CPU: 0 UID: 0 PID: 3922 Comm: syz.2.155 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   42.396026][ T3922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   42.396041][ T3922] Call Trace:
[   42.396049][ T3922]  <TASK>
[   42.396057][ T3922]  dump_stack_lvl+0xf6/0x150
[   42.396087][ T3922]  dump_stack+0x15/0x1a
[   42.396107][ T3922]  should_fail_ex+0x261/0x270
[   42.396180][ T3922]  should_failslab+0x8f/0xb0
[   42.396218][ T3922]  __kmalloc_node_noprof+0xaf/0x420
[   42.396245][ T3922]  ? qdisc_alloc+0x65/0x450
[   42.396287][ T3922]  qdisc_alloc+0x65/0x450
[   42.396311][ T3922]  qdisc_create+0xc0/0x930
[   42.396364][ T3922]  tc_modify_qdisc+0xe13/0x14d0
[   42.396455][ T3922]  ? ns_capable+0x7d/0xb0
[   42.396479][ T3922]  ? __pfx_tc_modify_qdisc+0x10/0x10
[   42.396519][ T3922]  rtnetlink_rcv_msg+0x6b7/0x740
[   42.396618][ T3922]  ? ref_tracker_free+0x3b8/0x420
[   42.396651][ T3922]  netlink_rcv_skb+0x12f/0x230
[   42.396677][ T3922]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   42.396742][ T3922]  rtnetlink_rcv+0x1c/0x30
[   42.396835][ T3922]  netlink_unicast+0x605/0x6c0
[   42.396864][ T3922]  netlink_sendmsg+0x609/0x720
[   42.396965][ T3922]  ? __pfx_netlink_sendmsg+0x10/0x10
[   42.396995][ T3922]  __sock_sendmsg+0x140/0x180
[   42.397045][ T3922]  ____sys_sendmsg+0x350/0x4e0
[   42.397106][ T3922]  __sys_sendmsg+0x1a0/0x240
[   42.397181][ T3922]  __x64_sys_sendmsg+0x46/0x50
[   42.397206][ T3922]  x64_sys_call+0x26f3/0x2e10
[   42.397231][ T3922]  do_syscall_64+0xc9/0x1c0
[   42.397269][ T3922]  ? clear_bhb_loop+0x25/0x80
[   42.397295][ T3922]  ? clear_bhb_loop+0x25/0x80
[   42.397321][ T3922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.397367][ T3922] RIP: 0033:0x7f9e92c1d169
[   42.397384][ T3922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.397404][ T3922] RSP: 002b:00007f9e9127f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   42.397424][ T3922] RAX: ffffffffffffffda RBX: 00007f9e92e35fa0 RCX: 00007f9e92c1d169
[   42.397438][ T3922] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000005
[   42.397452][ T3922] RBP: 00007f9e9127f090 R08: 0000000000000000 R09: 0000000000000000
[   42.397465][ T3922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.397478][ T3922] R13: 0000000000000000 R14: 00007f9e92e35fa0 R15: 00007ffed4e24518
[   42.397499][ T3922]  </TASK>
[   42.680595][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.689961][ T3927] loop4: detected capacity change from 0 to 1024
[   42.697214][ T3927] EXT4-fs: Ignoring removed nobh option
[   42.702916][ T3927] EXT4-fs: Ignoring removed bh option
[   42.716977][   T29] audit: type=1326 audit(1744131447.566:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3932 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e92c1d169 code=0x7ffc0000
[   42.762117][ T3933] loop2: detected capacity change from 0 to 512
[   42.826546][ T3933] EXT4-fs: Ignoring removed oldalloc option
[   42.850037][   T29] audit: type=1326 audit(1744131447.596:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3932 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e92c1d169 code=0x7ffc0000
[   42.873633][   T29] audit: type=1326 audit(1744131447.606:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3932 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9e92c1d169 code=0x7ffc0000
[   42.897106][   T29] audit: type=1326 audit(1744131447.606:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3932 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9e92c1d1a3 code=0x7ffc0000
[   42.920458][   T29] audit: type=1326 audit(1744131447.606:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3932 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9e92c1bc1f code=0x7ffc0000
[   42.943765][   T29] audit: type=1326 audit(1744131447.616:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3932 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f9e92c1d1f7 code=0x7ffc0000
[   42.967184][   T29] audit: type=1326 audit(1744131447.616:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3932 comm="syz.2.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9e92c1bad0 code=0x7ffc0000
[   42.998243][ T3940] openvswitch: netlink: Message has 6 unknown bytes.
[   43.138007][ T3927] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.139102][ T3933] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.160: Parent and EA inode have the same ino 15
[   43.178868][ T3947] loop3: detected capacity change from 0 to 1024
[   43.188745][ T3933] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.160: Parent and EA inode have the same ino 15
[   43.209341][ T3951] openvswitch: netlink: Message has 6 unknown bytes.
[   43.216692][ T3933] EXT4-fs (loop2): 1 orphan inode deleted
[   43.225352][ T3947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.240222][ T3933] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.245002][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.300425][ T3947] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.378933][ T3954] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   43.395557][ T3958] loop1: detected capacity change from 0 to 512
[   43.414777][ T3961] loop4: detected capacity change from 0 to 1024
[   43.421542][ T3963] loop2: detected capacity change from 0 to 2048
[   43.437669][ T3958] EXT4-fs: Ignoring removed oldalloc option
[   43.450925][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.454122][ T3961] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.492421][ T3958] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.170: Parent and EA inode have the same ino 15
[   43.510367][ T3963] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.534498][ T3958] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.170: Parent and EA inode have the same ino 15
[   43.553752][ T3963] syz!: rxe_newlink: already configured on team_slave_0
[   43.566173][ T3958] EXT4-fs (loop1): 1 orphan inode deleted
[   43.577636][ T3958] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.600702][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.636214][ T3310] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.656838][   T23] IPVS: starting estimator thread 0...
[   43.705172][ T3994] loop3: detected capacity change from 0 to 128
[   43.725475][ T3996] tipc: Started in network mode
[   43.730531][ T3996] tipc: Node identity ac14140f, cluster identity 4711
[   43.739738][ T3994] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   43.752059][ T3987] IPVS: using max 2304 ests per chain, 115200 per kthread
[   43.758509][ T3996] tipc: New replicast peer: 255.255.255.255
[   43.761741][ T3994] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.765353][ T3996] tipc: Enabled bearer <udp:syz2>, priority 10
[   43.822999][ T3990] loop4: detected capacity change from 0 to 4096
[   43.839642][ T4002] netlink: 12 bytes leftover after parsing attributes in process `syz.1.176'.
[   43.848606][ T4002] tipc: Disabling bearer <udp:syz2>
[   43.911012][ T3990] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.962669][ T4003] netlink: 'syz.0.178': attribute type 10 has an invalid length.
[   43.970707][ T4003] netlink: 40 bytes leftover after parsing attributes in process `syz.0.178'.
[   44.006024][ T4003] team0: Port device geneve1 added
[   44.014978][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.145446][ T4007] loop4: detected capacity change from 0 to 512
[   44.170355][ T4007] EXT4-fs: Ignoring removed oldalloc option
[   44.210459][ T4007] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.179: Parent and EA inode have the same ino 15
[   44.246815][ T4007] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.179: Parent and EA inode have the same ino 15
[   44.265056][ T4007] EXT4-fs (loop4): 1 orphan inode deleted
[   44.292768][ T4007] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.313143][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.372140][ T4014] loop0: detected capacity change from 0 to 1024
[   44.404155][ T4014] EXT4-fs: Ignoring removed nobh option
[   44.407954][ T4016] random: crng reseeded on system resumption
[   44.409812][ T4014] EXT4-fs: Ignoring removed bh option
[   44.494827][ T4018] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   44.494827][ T4018]    program syz.4.183 not setting count and/or reply_len properly
[   44.514603][ T4014] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.564340][ T4014] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.719258][ T4030] loop1: detected capacity change from 0 to 1024
[   44.747460][ T4030] EXT4-fs: Ignoring removed nobh option
[   44.753128][ T4030] EXT4-fs: Ignoring removed bh option
[   44.785586][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.805777][ T4030] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.304115][ T4048] loop4: detected capacity change from 0 to 2048
[   45.322294][ T4048] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.352035][ T3994] syz.3.177 (3994) used greatest stack depth: 7144 bytes left
[   45.363415][ T4048] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   45.378624][ T3300] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   45.573428][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.596959][ T4068] loop2: detected capacity change from 0 to 512
[   45.605271][ T4068] EXT4-fs: Ignoring removed oldalloc option
[   45.631239][ T4068] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.195: Parent and EA inode have the same ino 15
[   45.657553][ T4078] loop0: detected capacity change from 0 to 1024
[   45.664661][ T4078] EXT4-fs: Ignoring removed nobh option
[   45.670439][ T4078] EXT4-fs: Ignoring removed bh option
[   45.682583][ T4068] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.195: Parent and EA inode have the same ino 15
[   45.700198][ T4068] EXT4-fs (loop2): 1 orphan inode deleted
[   45.706645][ T4068] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.720181][ T4078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.744146][ T4084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.199'.
[   45.755669][ T4078] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.767357][ T4084] IPVS: Error joining to the multicast group
[   45.846171][ T4093] loop3: detected capacity change from 0 to 1024
[   45.867918][ T4093] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.921687][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.962540][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.981159][ T4105] loop1: detected capacity change from 0 to 1024
[   45.990313][ T4105] EXT4-fs: Ignoring removed nobh option
[   45.996016][ T4105] EXT4-fs: Ignoring removed bh option
[   46.040352][ T4105] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.072843][ T4107] loop3: detected capacity change from 0 to 512
[   46.085640][ T4114] loop2: detected capacity change from 0 to 512
[   46.115531][ T4107] EXT4-fs: Ignoring removed oldalloc option
[   46.143616][ T4114] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[   46.156375][ T4107] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.205: Parent and EA inode have the same ino 15
[   46.164750][ T4114] EXT4-fs (loop2): 1 truncate cleaned up
[   46.176152][ T4114] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.203748][ T4107] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.205: Parent and EA inode have the same ino 15
[   46.217242][ T4114] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[   46.227525][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.227933][ T4107] EXT4-fs (loop3): 1 orphan inode deleted
[   46.244756][ T4121] openvswitch: netlink: Message has 6 unknown bytes.
[   46.253391][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.264992][ T4107] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.287913][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.290287][ T4123] netlink: 8 bytes leftover after parsing attributes in process `syz.0.212'.
[   46.326372][ T4123] netlink: 4 bytes leftover after parsing attributes in process `syz.0.212'.
[   46.370908][ T4135] sctp: [Deprecated]: syz.0.212 (pid 4135) Use of int in maxseg socket option.
[   46.370908][ T4135] Use struct sctp_assoc_value instead
[   46.404051][ T4139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.214'.
[   46.460251][ T4142] loop0: detected capacity change from 0 to 256
[   46.511405][ T4142] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.541436][ T4147] loop2: detected capacity change from 0 to 1024
[   46.572154][ T4147] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.592162][ T4142] FAULT_INJECTION: forcing a failure.
[   46.592162][ T4142] name failslab, interval 1, probability 0, space 0, times 0
[   46.604843][ T4142] CPU: 1 UID: 0 PID: 4142 Comm: syz.0.217 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   46.604876][ T4142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   46.604892][ T4142] Call Trace:
[   46.604899][ T4142]  <TASK>
[   46.604910][ T4142]  dump_stack_lvl+0xf6/0x150
[   46.604942][ T4142]  dump_stack+0x15/0x1a
[   46.604993][ T4142]  should_fail_ex+0x261/0x270
[   46.605022][ T4142]  should_failslab+0x8f/0xb0
[   46.605055][ T4142]  kmem_cache_alloc_lru_noprof+0x5e/0x330
[   46.605086][ T4142]  ? fat_alloc_inode+0x38/0xc0
[   46.605118][ T4142]  fat_alloc_inode+0x38/0xc0
[   46.605145][ T4142]  ? __pfx_fat_alloc_inode+0x10/0x10
[   46.605174][ T4142]  alloc_inode+0x40/0x170
[   46.605256][ T4142]  new_inode+0x1e/0xe0
[   46.605275][ T4142]  fat_build_inode+0x159/0x280
[   46.605304][ T4142]  msdos_mkdir+0x29f/0x350
[   46.605328][ T4142]  vfs_mkdir+0x214/0x350
[   46.605359][ T4142]  do_mkdirat+0x13c/0x2e0
[   46.605390][ T4142]  __x64_sys_mkdirat+0x4e/0x60
[   46.605493][ T4142]  x64_sys_call+0x2ce3/0x2e10
[   46.605516][ T4142]  do_syscall_64+0xc9/0x1c0
[   46.605547][ T4142]  ? clear_bhb_loop+0x25/0x80
[   46.605570][ T4142]  ? clear_bhb_loop+0x25/0x80
[   46.605607][ T4142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.605650][ T4142] RIP: 0033:0x7fcdf6a8d169
[   46.605685][ T4142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.605703][ T4142] RSP: 002b:00007fcdf50ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   46.605722][ T4142] RAX: ffffffffffffffda RBX: 00007fcdf6ca5fa0 RCX: 00007fcdf6a8d169
[   46.605735][ T4142] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[   46.605747][ T4142] RBP: 00007fcdf50ef090 R08: 0000000000000000 R09: 0000000000000000
[   46.605759][ T4142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.605814][ T4142] R13: 0000000000000000 R14: 00007fcdf6ca5fa0 R15: 00007fff2b1a2808
[   46.605836][ T4142]  </TASK>
[   46.806589][ T4148] netlink: 'syz.4.218': attribute type 10 has an invalid length.
[   46.813367][ T4153] netlink: 'syz.3.221': attribute type 27 has an invalid length.
[   46.814596][ T4148] netlink: 40 bytes leftover after parsing attributes in process `syz.4.218'.
[   46.852148][ T4156] FAULT_INJECTION: forcing a failure.
[   46.852148][ T4156] name failslab, interval 1, probability 0, space 0, times 0
[   46.864945][ T4156] CPU: 0 UID: 0 PID: 4156 Comm: syz.0.222 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   46.864975][ T4156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   46.864989][ T4156] Call Trace:
[   46.864996][ T4156]  <TASK>
[   46.865005][ T4156]  dump_stack_lvl+0xf6/0x150
[   46.865084][ T4156]  dump_stack+0x15/0x1a
[   46.865099][ T4156]  should_fail_ex+0x261/0x270
[   46.865130][ T4156]  should_failslab+0x8f/0xb0
[   46.865174][ T4156]  __kmalloc_cache_noprof+0x55/0x320
[   46.865194][ T4156]  ? rtnl_newlink+0x5f/0x12d0
[   46.865222][ T4156]  rtnl_newlink+0x5f/0x12d0
[   46.865268][ T4156]  ? htab_map_hash+0x15d/0x1e0
[   46.865347][ T4156]  ? __htab_map_lookup_elem+0x124/0x150
[   46.865374][ T4156]  ? htab_percpu_map_lookup_percpu_elem+0x98/0xb0
[   46.865465][ T4156]  ? __rcu_read_unlock+0x34/0x70
[   46.865566][ T4156]  ? bpf_trace_run3+0x134/0x1d0
[   46.865594][ T4156]  ? __kfree_skb+0x102/0x150
[   46.865615][ T4156]  ? memcg_list_lru_alloc+0xe1/0x530
[   46.865718][ T4156]  ? __kfree_skb+0x102/0x150
[   46.865738][ T4156]  ? __traceiter_kmem_cache_free+0x33/0x50
[   46.865779][ T4156]  ? __rcu_read_unlock+0x4e/0x70
[   46.865802][ T4156]  ? avc_has_perm_noaudit+0x1cc/0x210
[   46.865834][ T4156]  ? selinux_capable+0x1f9/0x260
[   46.865863][ T4156]  ? security_capable+0x81/0x90
[   46.865885][ T4156]  ? ns_capable+0x7d/0xb0
[   46.865903][ T4156]  ? __pfx_rtnl_newlink+0x10/0x10
[   46.865930][ T4156]  rtnetlink_rcv_msg+0x65a/0x740
[   46.866018][ T4156]  ? should_fail_ex+0xd7/0x270
[   46.866041][ T4156]  ? ref_tracker_free+0x3b8/0x420
[   46.866066][ T4156]  netlink_rcv_skb+0x12f/0x230
[   46.866137][ T4156]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   46.866171][ T4156]  rtnetlink_rcv+0x1c/0x30
[   46.866277][ T4156]  netlink_unicast+0x605/0x6c0
[   46.866298][ T4156]  netlink_sendmsg+0x609/0x720
[   46.866322][ T4156]  ? __pfx_netlink_sendmsg+0x10/0x10
[   46.866342][ T4156]  __sock_sendmsg+0x140/0x180
[   46.866449][ T4156]  ____sys_sendmsg+0x350/0x4e0
[   46.866503][ T4156]  __sys_sendmsg+0x1a0/0x240
[   46.866541][ T4156]  __x64_sys_sendmsg+0x46/0x50
[   46.866589][ T4156]  x64_sys_call+0x26f3/0x2e10
[   46.866608][ T4156]  do_syscall_64+0xc9/0x1c0
[   46.866633][ T4156]  ? clear_bhb_loop+0x25/0x80
[   46.866676][ T4156]  ? clear_bhb_loop+0x25/0x80
[   46.866764][ T4156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.866782][ T4156] RIP: 0033:0x7fcdf6a8d169
[   46.866813][ T4156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.866828][ T4156] RSP: 002b:00007fcdf50ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   46.866843][ T4156] RAX: ffffffffffffffda RBX: 00007fcdf6ca5fa0 RCX: 00007fcdf6a8d169
[   46.866854][ T4156] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[   46.866932][ T4156] RBP: 00007fcdf50ef090 R08: 0000000000000000 R09: 0000000000000000
[   46.866943][ T4156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.866952][ T4156] R13: 0000000000000000 R14: 00007fcdf6ca5fa0 R15: 00007fff2b1a2808
[   46.866972][ T4156]  </TASK>
[   47.178111][ T4153] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.185449][ T4153] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.198158][   T29] kauditd_printk_skb: 1102 callbacks suppressed
[   47.198175][   T29] audit: type=1400 audit(1744131452.046:2104): avc:  denied  { accept } for  pid=4158 comm="syz.1.223" lport=44817 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   47.227655][   T29] audit: type=1400 audit(1744131452.046:2105): avc:  denied  { write } for  pid=4158 comm="syz.1.223" lport=44817 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   47.281914][ T4164] FAULT_INJECTION: forcing a failure.
[   47.281914][ T4164] name failslab, interval 1, probability 0, space 0, times 0
[   47.294671][ T4164] CPU: 0 UID: 0 PID: 4164 Comm: syz.0.224 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   47.294703][ T4164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   47.294717][ T4164] Call Trace:
[   47.294724][ T4164]  <TASK>
[   47.294732][ T4164]  dump_stack_lvl+0xf6/0x150
[   47.294759][ T4164]  dump_stack+0x15/0x1a
[   47.294776][ T4164]  should_fail_ex+0x261/0x270
[   47.294814][ T4164]  should_failslab+0x8f/0xb0
[   47.294859][ T4164]  kmem_cache_alloc_noprof+0x59/0x340
[   47.294883][ T4164]  ? alloc_empty_file+0x78/0x200
[   47.294908][ T4164]  alloc_empty_file+0x78/0x200
[   47.294930][ T4164]  path_openat+0x6f/0x2000
[   47.295002][ T4164]  ? _parse_integer_limit+0x167/0x180
[   47.295032][ T4164]  ? kstrtoull+0x115/0x140
[   47.295061][ T4164]  ? kstrtouint+0x7b/0xc0
[   47.295164][ T4164]  do_filp_open+0x115/0x240
[   47.295216][ T4164]  do_sys_openat2+0xaa/0x110
[   47.295251][ T4164]  __x64_sys_openat+0xf8/0x120
[   47.295275][ T4164]  x64_sys_call+0x1ac/0x2e10
[   47.295301][ T4164]  do_syscall_64+0xc9/0x1c0
[   47.295334][ T4164]  ? clear_bhb_loop+0x25/0x80
[   47.295360][ T4164]  ? clear_bhb_loop+0x25/0x80
[   47.295404][ T4164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.295425][ T4164] RIP: 0033:0x7fcdf6a8bad0
[   47.295441][ T4164] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[   47.295458][ T4164] RSP: 002b:00007fcdf50cdb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   47.295516][ T4164] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcdf6a8bad0
[   47.295528][ T4164] RDX: 0000000000000000 RSI: 00007fcdf50cdc10 RDI: 00000000ffffff9c
[   47.295540][ T4164] RBP: 00007fcdf50cdc10 R08: 0000000000000000 R09: 002367732f766564
[   47.295559][ T4164] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   47.295570][ T4164] R13: 0000000000000000 R14: 00007fcdf6ca6080 R15: 00007fff2b1a2808
[   47.295591][ T4164]  </TASK>
[   47.311372][   T29] audit: type=1400 audit(1744131452.136:2106): avc:  denied  { append } for  pid=4160 comm="syz.0.224" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   47.517897][   T29] audit: type=1400 audit(1744131452.206:2107): avc:  denied  { sqpoll } for  pid=4165 comm="syz.1.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   47.537192][   T29] audit: type=1400 audit(1744131452.366:2108): avc:  denied  { create } for  pid=4168 comm="syz.1.227" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_netfilter_socket permissive=1
[   47.558609][   T29] audit: type=1400 audit(1744131452.366:2109): avc:  denied  { write } for  pid=4168 comm="syz.1.227" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_netfilter_socket permissive=1
[   47.597913][ T4153] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   47.609850][ T4153] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   47.631656][ T4176] FAULT_INJECTION: forcing a failure.
[   47.631656][ T4176] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   47.644862][ T4176] CPU: 0 UID: 0 PID: 4176 Comm: syz.1.229 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   47.644890][ T4176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   47.644902][ T4176] Call Trace:
[   47.644908][ T4176]  <TASK>
[   47.644915][ T4176]  dump_stack_lvl+0xf6/0x150
[   47.644941][ T4176]  dump_stack+0x15/0x1a
[   47.644961][ T4176]  should_fail_ex+0x261/0x270
[   47.644997][ T4176]  should_fail+0xb/0x10
[   47.645024][ T4176]  should_fail_usercopy+0x1a/0x20
[   47.645117][ T4176]  _copy_from_user+0x1c/0xa0
[   47.645145][ T4176]  copy_msghdr_from_user+0x54/0x2b0
[   47.645174][ T4176]  ? __fget_files+0x186/0x1c0
[   47.645256][ T4176]  __sys_sendmsg+0x141/0x240
[   47.645322][ T4176]  __x64_sys_sendmsg+0x46/0x50
[   47.645420][ T4176]  x64_sys_call+0x26f3/0x2e10
[   47.645438][ T4176]  do_syscall_64+0xc9/0x1c0
[   47.645462][ T4176]  ? clear_bhb_loop+0x25/0x80
[   47.645506][ T4176]  ? clear_bhb_loop+0x25/0x80
[   47.645524][ T4176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.645544][ T4176] RIP: 0033:0x7f3fbb64d169
[   47.645559][ T4176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.645576][ T4176] RSP: 002b:00007f3fb9caf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   47.645647][ T4176] RAX: ffffffffffffffda RBX: 00007f3fbb865fa0 RCX: 00007f3fbb64d169
[   47.645657][ T4176] RDX: 0000000020000000 RSI: 0000200000000180 RDI: 0000000000000003
[   47.645667][ T4176] RBP: 00007f3fb9caf090 R08: 0000000000000000 R09: 0000000000000000
[   47.645731][ T4176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.645741][ T4176] R13: 0000000000000000 R14: 00007f3fbb865fa0 R15: 00007ffd94bc8db8
[   47.645796][ T4176]  </TASK>
[   47.831985][ T4153] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   47.841117][ T4153] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   47.850121][ T4153] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   47.859195][ T4153] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   47.873553][   T29] audit: type=1326 audit(1744131452.726:2110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4177 comm="syz.1.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fbb64d169 code=0x7ffc0000
[   47.897121][   T23] lo speed is unknown, defaulting to 1000
[   47.903234][   T23] syz0: Port: 1 Link DOWN
[   47.912717][ T4148] team0: Port device geneve1 added
[   47.918331][ T4178] loop1: detected capacity change from 0 to 1024
[   47.925679][   T29] audit: type=1326 audit(1744131452.766:2111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4177 comm="syz.1.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f3fbb64d169 code=0x7ffc0000
[   47.949101][   T29] audit: type=1326 audit(1744131452.766:2112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4177 comm="syz.1.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fbb64d169 code=0x7ffc0000
[   47.965986][ T4183] loop3: detected capacity change from 0 to 128
[   47.972473][   T29] audit: type=1326 audit(1744131452.766:2113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4177 comm="syz.1.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3fbb64d169 code=0x7ffc0000
[   48.013146][ T4161] lo speed is unknown, defaulting to 1000
[   48.020660][ T4178] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.037950][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.086815][ T4183] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   48.125968][ T4183] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.172755][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.235073][ T4197] loop1: detected capacity change from 0 to 1024
[   48.245120][ T4199] loop2: detected capacity change from 0 to 128
[   48.258317][ T4197] EXT4-fs: Ignoring removed nobh option
[   48.264050][ T4197] EXT4-fs: Ignoring removed bh option
[   48.264341][ T4195] loop0: detected capacity change from 0 to 512
[   48.297091][ T4202] netlink: 'syz.4.240': attribute type 1 has an invalid length.
[   48.309834][ T4202] FAULT_INJECTION: forcing a failure.
[   48.309834][ T4202] name failslab, interval 1, probability 0, space 0, times 0
[   48.322887][ T4202] CPU: 1 UID: 0 PID: 4202 Comm: syz.4.240 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   48.322912][ T4202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   48.322923][ T4202] Call Trace:
[   48.322930][ T4202]  <TASK>
[   48.322937][ T4202]  dump_stack_lvl+0xf6/0x150
[   48.322975][ T4202]  dump_stack+0x15/0x1a
[   48.322995][ T4202]  should_fail_ex+0x261/0x270
[   48.323026][ T4202]  should_failslab+0x8f/0xb0
[   48.323063][ T4202]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   48.323125][ T4202]  ? __alloc_skb+0x10d/0x320
[   48.323150][ T4202]  ? security_capable+0x81/0x90
[   48.323179][ T4202]  __alloc_skb+0x10d/0x320
[   48.323201][ T4202]  netlink_ack+0xf1/0x4f0
[   48.323223][ T4202]  ? ref_tracker_free+0x3b8/0x420
[   48.323313][ T4202]  netlink_rcv_skb+0x19f/0x230
[   48.323340][ T4202]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   48.323386][ T4202]  rtnetlink_rcv+0x1c/0x30
[   48.323420][ T4202]  netlink_unicast+0x605/0x6c0
[   48.323488][ T4202]  netlink_sendmsg+0x609/0x720
[   48.323523][ T4202]  ? __pfx_netlink_sendmsg+0x10/0x10
[   48.323553][ T4202]  __sock_sendmsg+0x140/0x180
[   48.323593][ T4202]  ____sys_sendmsg+0x350/0x4e0
[   48.323629][ T4202]  __sys_sendmsg+0x1a0/0x240
[   48.323734][ T4202]  __x64_sys_sendmsg+0x46/0x50
[   48.323797][ T4202]  x64_sys_call+0x26f3/0x2e10
[   48.323825][ T4202]  do_syscall_64+0xc9/0x1c0
[   48.323861][ T4202]  ? clear_bhb_loop+0x25/0x80
[   48.323925][ T4202]  ? clear_bhb_loop+0x25/0x80
[   48.323949][ T4202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.323969][ T4202] RIP: 0033:0x7f1ba925d169
[   48.323986][ T4202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.324005][ T4202] RSP: 002b:00007f1ba78bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.324055][ T4202] RAX: ffffffffffffffda RBX: 00007f1ba9475fa0 RCX: 00007f1ba925d169
[   48.324069][ T4202] RDX: 0000000000000000 RSI: 0000200000001dc0 RDI: 0000000000000003
[   48.324081][ T4202] RBP: 00007f1ba78bf090 R08: 0000000000000000 R09: 0000000000000000
[   48.324095][ T4202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.324109][ T4202] R13: 0000000000000000 R14: 00007f1ba9475fa0 R15: 00007ffea7678ad8
[   48.324131][ T4202]  </TASK>
[   48.324445][ T4199] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   48.405598][ T4206] netlink: 4 bytes leftover after parsing attributes in process `syz.4.241'.
[   48.432436][ T4199] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.583308][ T4197] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.585937][ T4210] lo speed is unknown, defaulting to 1000
[   48.602689][ T4206] netlink: 16 bytes leftover after parsing attributes in process `syz.4.241'.
[   48.623232][ T4195] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.637212][ T3307] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   48.646656][ T4195] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.736762][ T4215] loop4: detected capacity change from 0 to 4096
[   48.756085][ T4215] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.795480][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.821857][ T4220] FAULT_INJECTION: forcing a failure.
[   48.821857][ T4220] name failslab, interval 1, probability 0, space 0, times 0
[   48.834642][ T4220] CPU: 0 UID: 0 PID: 4220 Comm: syz.2.245 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   48.834673][ T4220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   48.834687][ T4220] Call Trace:
[   48.834694][ T4220]  <TASK>
[   48.834718][ T4220]  dump_stack_lvl+0xf6/0x150
[   48.834744][ T4220]  dump_stack+0x15/0x1a
[   48.834760][ T4220]  should_fail_ex+0x261/0x270
[   48.834787][ T4220]  should_failslab+0x8f/0xb0
[   48.834821][ T4220]  __kmalloc_cache_noprof+0x55/0x320
[   48.834886][ T4220]  ? rtnl_newlink+0x5f/0x12d0
[   48.834926][ T4220]  rtnl_newlink+0x5f/0x12d0
[   48.834961][ T4220]  ? xas_load+0x27/0x3d0
[   48.834988][ T4220]  ? perf_swevent_event+0x263/0x4c0
[   48.835034][ T4220]  ? perf_trace_buf_update+0xac/0xe0
[   48.835065][ T4220]  ? perf_tp_event+0x9ca/0xa00
[   48.835099][ T4220]  ? skb_release_data+0x611/0x630
[   48.835148][ T4220]  ? __rcu_read_unlock+0x4e/0x70
[   48.835206][ T4220]  ? avc_has_perm_noaudit+0x1cc/0x210
[   48.835237][ T4220]  ? selinux_capable+0x1f9/0x260
[   48.835275][ T4220]  ? security_capable+0x81/0x90
[   48.835335][ T4220]  ? ns_capable+0x7d/0xb0
[   48.835364][ T4220]  ? __pfx_rtnl_newlink+0x10/0x10
[   48.835402][ T4220]  rtnetlink_rcv_msg+0x65a/0x740
[   48.835439][ T4220]  ? should_fail_ex+0xd7/0x270
[   48.835468][ T4220]  ? ref_tracker_free+0x3b8/0x420
[   48.835500][ T4220]  netlink_rcv_skb+0x12f/0x230
[   48.835528][ T4220]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   48.835646][ T4220]  rtnetlink_rcv+0x1c/0x30
[   48.835675][ T4220]  netlink_unicast+0x605/0x6c0
[   48.835697][ T4220]  netlink_sendmsg+0x609/0x720
[   48.835728][ T4220]  ? __pfx_netlink_sendmsg+0x10/0x10
[   48.835835][ T4220]  __sock_sendmsg+0x140/0x180
[   48.835877][ T4220]  ____sys_sendmsg+0x350/0x4e0
[   48.835993][ T4220]  __sys_sendmsg+0x1a0/0x240
[   48.836044][ T4220]  __x64_sys_sendmsg+0x46/0x50
[   48.836114][ T4220]  x64_sys_call+0x26f3/0x2e10
[   48.836140][ T4220]  do_syscall_64+0xc9/0x1c0
[   48.836225][ T4220]  ? clear_bhb_loop+0x25/0x80
[   48.836246][ T4220]  ? clear_bhb_loop+0x25/0x80
[   48.836339][ T4220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.836367][ T4220] RIP: 0033:0x7f9e92c1d169
[   48.836382][ T4220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.836398][ T4220] RSP: 002b:00007f9e9127f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.836417][ T4220] RAX: ffffffffffffffda RBX: 00007f9e92e35fa0 RCX: 00007f9e92c1d169
[   48.836432][ T4220] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[   48.836446][ T4220] RBP: 00007f9e9127f090 R08: 0000000000000000 R09: 0000000000000000
[   48.836460][ T4220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.836517][ T4220] R13: 0000000000000000 R14: 00007f9e92e35fa0 R15: 00007ffed4e24518
[   48.836534][ T4220]  </TASK>
[   49.157763][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.173992][ T4220] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   49.186790][ T4220] batman_adv: batadv0: Removing interface: batadv_slave_1
[   49.339914][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.371014][ T4224] loop1: detected capacity change from 0 to 512
[   49.378086][ T4224] EXT4-fs: Ignoring removed oldalloc option
[   49.388385][ T4224] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.244: Parent and EA inode have the same ino 15
[   49.420366][ T4231] loop0: detected capacity change from 0 to 2048
[   49.426914][ T4228] loop2: detected capacity change from 0 to 512
[   49.427509][ T4226] loop4: detected capacity change from 0 to 1024
[   49.440344][ T4224] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.244: Parent and EA inode have the same ino 15
[   49.457438][ T4224] EXT4-fs (loop1): 1 orphan inode deleted
[   49.531677][ T4235] Direct I/O collision with buffered writes! File: /file2 Comm: syz.0.247
[   49.531829][ T4236] Direct I/O collision with buffered writes! File: /file2 Comm: syz.0.247
[   49.638663][ T4246] FAULT_INJECTION: forcing a failure.
[   49.638663][ T4246] name failslab, interval 1, probability 0, space 0, times 0
[   49.651439][ T4246] CPU: 0 UID: 0 PID: 4246 Comm: syz.4.251 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   49.651502][ T4246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   49.651580][ T4246] Call Trace:
[   49.651588][ T4246]  <TASK>
[   49.651596][ T4246]  dump_stack_lvl+0xf6/0x150
[   49.651620][ T4246]  dump_stack+0x15/0x1a
[   49.651636][ T4246]  should_fail_ex+0x261/0x270
[   49.651664][ T4246]  should_failslab+0x8f/0xb0
[   49.651713][ T4246]  __kmalloc_cache_noprof+0x55/0x320
[   49.651740][ T4246]  ? bpf_prog_alloc_no_stats+0xc3/0x390
[   49.651765][ T4246]  ? bpf_prog_alloc_no_stats+0x49/0x390
[   49.651835][ T4246]  bpf_prog_alloc_no_stats+0xc3/0x390
[   49.651891][ T4246]  bpf_prog_alloc+0x3a/0x150
[   49.651911][ T4246]  bpf_prog_load+0x532/0x10e0
[   49.651943][ T4246]  __sys_bpf+0x533/0x800
[   49.651970][ T4246]  __x64_sys_bpf+0x43/0x50
[   49.651991][ T4246]  x64_sys_call+0x23da/0x2e10
[   49.652040][ T4246]  do_syscall_64+0xc9/0x1c0
[   49.652075][ T4246]  ? clear_bhb_loop+0x25/0x80
[   49.652101][ T4246]  ? clear_bhb_loop+0x25/0x80
[   49.652127][ T4246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.652153][ T4246] RIP: 0033:0x7f1ba925d169
[   49.652266][ T4246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.652295][ T4246] RSP: 002b:00007f1ba78bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   49.652315][ T4246] RAX: ffffffffffffffda RBX: 00007f1ba9475fa0 RCX: 00007f1ba925d169
[   49.652398][ T4246] RDX: 0000000000000090 RSI: 0000200000000880 RDI: 0000000000000005
[   49.652431][ T4246] RBP: 00007f1ba78bf090 R08: 0000000000000000 R09: 0000000000000000
[   49.652446][ T4246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.652460][ T4246] R13: 0000000000000000 R14: 00007f1ba9475fa0 R15: 00007ffea7678ad8
[   49.652483][ T4246]  </TASK>
[   49.870348][ T4242] FAULT_INJECTION: forcing a failure.
[   49.870348][ T4242] name failslab, interval 1, probability 0, space 0, times 0
[   49.883113][ T4242] CPU: 0 UID: 0 PID: 4242 Comm: syz.1.253 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   49.883273][ T4242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   49.883301][ T4242] Call Trace:
[   49.883309][ T4242]  <TASK>
[   49.883319][ T4242]  dump_stack_lvl+0xf6/0x150
[   49.883353][ T4242]  dump_stack+0x15/0x1a
[   49.883377][ T4242]  should_fail_ex+0x261/0x270
[   49.883415][ T4242]  should_failslab+0x8f/0xb0
[   49.883484][ T4242]  __kmalloc_cache_noprof+0x55/0x320
[   49.883589][ T4242]  ? audit_log_d_path+0x8e/0x150
[   49.883624][ T4242]  audit_log_d_path+0x8e/0x150
[   49.883657][ T4242]  audit_log_d_path_exe+0x42/0x70
[   49.883687][ T4242]  audit_log_task+0x1f1/0x250
[   49.883715][ T4242]  audit_seccomp+0x68/0x130
[   49.883777][ T4242]  __seccomp_filter+0x694/0x10e0
[   49.883820][ T4242]  ? vfs_write+0x669/0x950
[   49.883858][ T4242]  ? putname+0xe1/0x100
[   49.883889][ T4242]  __secure_computing+0x7e/0x160
[   49.883932][ T4242]  syscall_trace_enter+0xcf/0x1f0
[   49.883974][ T4242]  ? fpregs_assert_state_consistent+0x83/0xa0
[   49.884013][ T4242]  do_syscall_64+0xaa/0x1c0
[   49.884120][ T4242]  ? clear_bhb_loop+0x25/0x80
[   49.884182][ T4242]  ? clear_bhb_loop+0x25/0x80
[   49.884211][ T4242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.884242][ T4242] RIP: 0033:0x7f3fbb64d169
[   49.884274][ T4242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.884299][ T4242] RSP: 002b:00007f3fb9caf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000049
[   49.884325][ T4242] RAX: ffffffffffffffda RBX: 00007f3fbb865fa0 RCX: 00007f3fbb64d169
[   49.884343][ T4242] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000007
[   49.884419][ T4242] RBP: 00007f3fb9caf090 R08: 0000000000000000 R09: 0000000000000000
[   49.884436][ T4242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.884453][ T4242] R13: 0000000000000000 R14: 00007f3fbb865fa0 R15: 00007ffd94bc8db8
[   49.884551][ T4242]  </TASK>
[   50.243338][ T4252] loop1: detected capacity change from 0 to 256
[   50.401001][ T4248] loop4: detected capacity change from 0 to 512
[   50.437705][ T4254] 9pnet: p9_errstr2errno: server reported unknown error �e����L	�1�bwV���M_w��9����,���DQm��w�Z��H�D
[   50.437705][ T4254] �J���rxrpc
[   50.515756][ T4248] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   50.524582][ T4248] EXT4-fs (loop4): 1 truncate cleaned up
[   50.543054][ T4261] loop2: detected capacity change from 0 to 128
[   50.549529][ T4248] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   50.552350][ T4261] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.584934][ T4248] openvswitch: netlink: Message has 6 unknown bytes.
[   50.635731][ T4266] loop3: detected capacity change from 0 to 512
[   50.648872][ T4268] loop1: detected capacity change from 0 to 1024
[   50.695783][ T4274] rdma_op ffff88812c020580 conn xmit_rdma 0000000000000000
[   50.705605][ T4274] xt_hashlimit: max too large, truncated to 1048576
[   50.754263][ T4266] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[   50.780061][ T4279] capability: warning: `syz.0.265' uses deprecated v2 capabilities in a way that may be insecure
[   50.818096][ T4266] EXT4-fs (loop3): 1 truncate cleaned up
[   50.859280][ T4284] netlink: 'syz.0.265': attribute type 13 has an invalid length.
[   50.867955][ T4266] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[   50.890667][ T4286] openvswitch: netlink: Message has 6 unknown bytes.
[   50.912296][ T4283] loop1: detected capacity change from 0 to 4096
[   50.943335][ T4288] loop2: detected capacity change from 0 to 4096
[   50.960761][ T4284] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.968096][ T4284] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.018697][ T4294] siw: device registration error -23
[   51.116376][ T4301] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   51.120908][ T4284] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   51.127503][ T4301] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   51.152080][ T4284] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   51.183552][ T4305] netlink: 'syz.4.271': attribute type 10 has an invalid length.
[   51.191903][ T4305] netlink: 40 bytes leftover after parsing attributes in process `syz.4.271'.
[   51.221576][ T4284] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.230743][ T4284] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.239917][ T4284] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.249165][ T4284] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   51.263393][   T23] syz1: Port: 1 Link DOWN
[   51.278337][ T3307] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /53/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   51.300146][ T3307] EXT4-fs error (device loop2): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   51.329076][ T3307] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[   51.352079][ T4299] netlink: 'syz.3.272': attribute type 10 has an invalid length.
[   51.355690][ T3307] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /53/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   51.360056][ T4299] netlink: 40 bytes leftover after parsing attributes in process `syz.3.272'.
[   51.382951][ T3307] EXT4-fs error (device loop2): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   51.408529][ T4299] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   51.413759][ T3307] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[   51.418109][ T4299] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   51.429937][ T3307] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /53/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   51.438377][ T4299] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   51.468532][ T4299] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   51.479548][ T4299] team0: Port device geneve1 added
[   51.479971][ T3307] EXT4-fs error (device loop2): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   51.504773][ T4311] loop0: detected capacity change from 0 to 1024
[   51.524551][ T3307] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[   51.588256][ T3307] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /53/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   51.618541][ T3307] EXT4-fs error (device loop2): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   51.641406][ T3307] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[   51.665795][ T3307] EXT4-fs error (device loop2): ext4_readdir:264: inode #12: block 80: comm syz-executor: path /53/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   51.688353][ T3307] EXT4-fs error (device loop2): ext4_empty_dir:3095: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[   51.726554][ T3307] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[   51.752512][ T4325] 9pnet_fd: Insufficient options for proto=fd
[   51.761176][ T3307] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[   51.776173][ T4325] tmpfs: Unknown parameter 'mpoO'
[   51.781677][ T4315] loop4: detected capacity change from 0 to 512
[   51.789265][ T4315] EXT4-fs: Ignoring removed oldalloc option
[   51.821176][ T4315] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.277: Parent and EA inode have the same ino 15
[   51.835687][ T3307] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[   51.849770][ T3307] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[   51.864119][ T3307] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[   51.877283][ T4334] loop3: detected capacity change from 0 to 256
[   51.885055][ T4315] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.277: Parent and EA inode have the same ino 15
[   51.900048][ T4315] EXT4-fs (loop4): 1 orphan inode deleted
[   51.906780][ T3307] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '..'
[   52.125766][ T4347] ip6gre1: entered allmulticast mode
[   52.162553][ T4349] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.286'.
[   52.213763][   T29] kauditd_printk_skb: 666 callbacks suppressed
[   52.213838][   T29] audit: type=1326 audit(1744131457.066:2780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4351 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe73d48bc1f code=0x7ffc0000
[   52.252190][ T4350] loop1: detected capacity change from 0 to 512
[   52.260399][ T4350] EXT4-fs: Ignoring removed oldalloc option
[   52.285454][ T4350] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.290: Parent and EA inode have the same ino 15
[   52.299397][ T4352] loop3: detected capacity change from 0 to 1024
[   52.300139][   T29] audit: type=1326 audit(1744131457.066:2781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4351 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe73d48d169 code=0x7ffc0000
[   52.315915][ T4350] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.290: Parent and EA inode have the same ino 15
[   52.329099][   T29] audit: type=1326 audit(1744131457.066:2782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4351 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe73d48d169 code=0x7ffc0000
[   52.364669][   T29] audit: type=1326 audit(1744131457.066:2783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4351 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe73d48d1a3 code=0x7ffc0000
[   52.387857][   T29] audit: type=1326 audit(1744131457.066:2784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4351 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe73d48bc1f code=0x7ffc0000
[   52.400322][ T4350] EXT4-fs (loop1): 1 orphan inode deleted
[   52.411093][   T29] audit: type=1326 audit(1744131457.076:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4351 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe73d48d1f7 code=0x7ffc0000
[   52.440168][   T29] audit: type=1326 audit(1744131457.106:2786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fbb64d169 code=0x7ffc0000
[   52.463496][   T29] audit: type=1326 audit(1744131457.106:2787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3fbb64d169 code=0x7ffc0000
[   52.486898][   T29] audit: type=1326 audit(1744131457.106:2788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3fbb64d1a3 code=0x7ffc0000
[   52.510083][   T29] audit: type=1326 audit(1744131457.106:2789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3fbb64bc1f code=0x7ffc0000
[   52.563172][ T3324] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.670367][ T3324] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.702962][ T4380] FAULT_INJECTION: forcing a failure.
[   52.702962][ T4380] name failslab, interval 1, probability 0, space 0, times 0
[   52.715773][ T4380] CPU: 0 UID: 0 PID: 4380 Comm: syz.4.299 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   52.715804][ T4380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   52.715819][ T4380] Call Trace:
[   52.715826][ T4380]  <TASK>
[   52.715834][ T4380]  dump_stack_lvl+0xf6/0x150
[   52.715859][ T4380]  dump_stack+0x15/0x1a
[   52.715877][ T4380]  should_fail_ex+0x261/0x270
[   52.715911][ T4380]  should_failslab+0x8f/0xb0
[   52.715986][ T4380]  __kmalloc_cache_noprof+0x55/0x320
[   52.716012][ T4380]  ? rtnl_newlink+0x5f/0x12d0
[   52.716047][ T4380]  rtnl_newlink+0x5f/0x12d0
[   52.716083][ T4380]  ? nlmon_xmit+0x51/0x60
[   52.716120][ T4380]  ? dev_hard_start_xmit+0x3d1/0x400
[   52.716158][ T4380]  ? xas_load+0x3ba/0x3d0
[   52.716190][ T4380]  ? xas_load+0x3ba/0x3d0
[   52.716272][ T4380]  ? cgroup_rstat_updated+0xa4/0x590
[   52.716297][ T4380]  ? try_charge_memcg+0x1c4/0x820
[   52.716326][ T4380]  ? page_counter_charge+0x21a/0x240
[   52.716357][ T4380]  ? __rcu_read_unlock+0x4e/0x70
[   52.716386][ T4380]  ? refill_obj_stock+0x160/0x230
[   52.716409][ T4380]  ? mod_objcg_state+0x3f9/0x530
[   52.716436][ T4380]  ? skb_release_data+0x611/0x630
[   52.716480][ T4380]  ? __rcu_read_unlock+0x4e/0x70
[   52.716506][ T4380]  ? avc_has_perm_noaudit+0x1cc/0x210
[   52.716539][ T4380]  ? selinux_capable+0x1f9/0x260
[   52.716579][ T4380]  ? security_capable+0x81/0x90
[   52.716645][ T4380]  ? ns_capable+0x7d/0xb0
[   52.716668][ T4380]  ? __pfx_rtnl_newlink+0x10/0x10
[   52.716735][ T4380]  rtnetlink_rcv_msg+0x65a/0x740
[   52.716801][ T4380]  ? should_fail_ex+0xd7/0x270
[   52.716827][ T4380]  ? ref_tracker_free+0x3b8/0x420
[   52.716858][ T4380]  netlink_rcv_skb+0x12f/0x230
[   52.716885][ T4380]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   52.716983][ T4380]  rtnetlink_rcv+0x1c/0x30
[   52.717060][ T4380]  netlink_unicast+0x605/0x6c0
[   52.717089][ T4380]  netlink_sendmsg+0x609/0x720
[   52.717119][ T4380]  ? __pfx_netlink_sendmsg+0x10/0x10
[   52.717149][ T4380]  __sock_sendmsg+0x140/0x180
[   52.717238][ T4380]  ____sys_sendmsg+0x350/0x4e0
[   52.717273][ T4380]  __sys_sendmsg+0x1a0/0x240
[   52.717392][ T4380]  __x64_sys_sendmsg+0x46/0x50
[   52.717421][ T4380]  x64_sys_call+0x26f3/0x2e10
[   52.717443][ T4380]  do_syscall_64+0xc9/0x1c0
[   52.717471][ T4380]  ? clear_bhb_loop+0x25/0x80
[   52.717493][ T4380]  ? clear_bhb_loop+0x25/0x80
[   52.717585][ T4380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.717645][ T4380] RIP: 0033:0x7f1ba925d169
[   52.717660][ T4380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.717677][ T4380] RSP: 002b:00007f1ba78bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.717710][ T4380] RAX: ffffffffffffffda RBX: 00007f1ba9475fa0 RCX: 00007f1ba925d169
[   52.717724][ T4380] RDX: 0000000004008040 RSI: 0000200000000280 RDI: 0000000000000003
[   52.717736][ T4380] RBP: 00007f1ba78bf090 R08: 0000000000000000 R09: 0000000000000000
[   52.717747][ T4380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.717758][ T4380] R13: 0000000000000000 R14: 00007f1ba9475fa0 R15: 00007ffea7678ad8
[   52.717775][ T4380]  </TASK>
[   53.061923][ T3324] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.107181][ T4366] lo speed is unknown, defaulting to 1000
[   53.165979][ T3324] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.227800][ T4394] tipc: Failed to obtain node identity
[   53.233425][ T4394] tipc: Enabling of bearer <ib:gre0> rejected, failed to enable media
[   53.284293][ T3324] bridge_slave_1: left allmulticast mode
[   53.290149][ T3324] bridge_slave_1: left promiscuous mode
[   53.295824][ T3324] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.304091][ T3324] bridge_slave_0: left allmulticast mode
[   53.309825][ T3324] bridge_slave_0: left promiscuous mode
[   53.315561][ T3324] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.429345][ T4405] loop1: detected capacity change from 0 to 512
[   53.458144][ T4413] sg_write: data in/out 122/14 bytes for SCSI command 0x0-- guessing data in;
[   53.458144][ T4413]    program syz.0.304 not setting count and/or reply_len properly
[   53.486034][ T3324] team0: Port device geneve1 removed
[   53.496030][ T4405] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[   53.508132][ T4405] System zones: 0-2, 18-18, 34-35
[   53.515645][ T4405] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.578119][    C1] ==================================================================
[   53.586270][    C1] BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick
[   53.593506][    C1] 
[   53.595851][    C1] read-write to 0xffff8881010a02b8 of 8 bytes by interrupt on cpu 0:
[   53.604012][    C1]  wq_worker_tick+0x63/0x240
[   53.608629][    C1]  sched_tick+0x116/0x260
[   53.612974][    C1]  update_process_times+0x161/0x190
[   53.618191][    C1]  tick_nohz_handler+0x250/0x2d0
[   53.623191][    C1]  __hrtimer_run_queues+0x221/0x5f0
[   53.628413][    C1]  hrtimer_interrupt+0x235/0x4a0
[   53.633361][    C1]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[   53.639285][    C1]  sysvec_apic_timer_interrupt+0x6e/0x80
[   53.644988][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   53.651006][    C1]  __rcu_read_unlock+0x1d/0x70
[   53.655812][    C1]  __memcg_slab_free_hook+0x69/0x1e0
[   53.661105][    C1]  kfree+0x226/0x320
[   53.665022][    C1]  __io_remove_buffers+0x10b/0x1f0
[   53.670168][    C1]  io_destroy_buffers+0xb8/0x150
[   53.672416][ T4423] SELinux:  Context system_u:object_r:syslogd_var_lib_t:s0 is not valid (left unmapped).
[   53.675120][    C1]  io_ring_ctx_free+0x82/0x370
[   53.689790][    C1]  io_ring_exit_work+0x531/0x560
[   53.694768][    C1]  process_scheduled_works+0x4de/0xa20
[   53.700263][    C1]  worker_thread+0x52c/0x710
[   53.704871][    C1]  kthread+0x4b7/0x540
[   53.708945][    C1]  ret_from_fork+0x4b/0x60
[   53.713409][    C1]  ret_from_fork_asm+0x1a/0x30
[   53.718228][    C1] 
[   53.720563][    C1] read-write to 0xffff8881010a02b8 of 8 bytes by interrupt on cpu 1:
[   53.728625][    C1]  wq_worker_tick+0x63/0x240
[   53.733220][    C1]  sched_tick+0x116/0x260
[   53.737554][    C1]  update_process_times+0x161/0x190
[   53.742758][    C1]  tick_nohz_handler+0x250/0x2d0
[   53.747704][    C1]  __hrtimer_run_queues+0x221/0x5f0
[   53.752909][    C1]  hrtimer_interrupt+0x235/0x4a0
[   53.757948][    C1]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[   53.763851][    C1]  sysvec_apic_timer_interrupt+0x6e/0x80
[   53.769486][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   53.775473][    C1]  refill_obj_stock+0x17a/0x230
[   53.780345][    C1]  __memcg_slab_free_hook+0x103/0x1e0
[   53.785768][    C1]  kfree+0x226/0x320
[   53.789697][    C1]  __io_remove_buffers+0x10b/0x1f0
[   53.794826][    C1]  io_destroy_buffers+0xb8/0x150
[   53.799794][    C1]  io_ring_ctx_free+0x82/0x370
[   53.804606][    C1]  io_ring_exit_work+0x531/0x560
[   53.809553][    C1]  process_scheduled_works+0x4de/0xa20
[   53.815113][    C1]  worker_thread+0x52c/0x710
[   53.819710][    C1]  kthread+0x4b7/0x540
[   53.823782][    C1]  ret_from_fork+0x4b/0x60
[   53.828199][    C1]  ret_from_fork_asm+0x1a/0x30
[   53.832969][    C1] 
[   53.835287][    C1] value changed: 0x0000000000053020 -> 0x0000000000055730
[   53.842387][    C1] 
[   53.844728][    C1] Reported by Kernel Concurrency Sanitizer on:
[   53.850887][    C1] CPU: 1 UID: 0 PID: 1303 Comm: kworker/u8:5 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[   53.861743][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   53.871799][    C1] Workqueue: iou_exit io_ring_exit_work
[   53.877384][    C1] ==================================================================
[   53.888406][ T3324] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   53.903580][ T3324] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   53.913556][ T3324] bond0 (unregistering): Released all slaves
[   53.977836][ T4366] chnl_net:caif_netlink_parms(): no params data found
[   54.040831][ T3324] hsr_slave_0: left promiscuous mode
[   54.046899][ T3324] hsr_slave_1: left promiscuous mode
[   54.053144][ T3324] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   54.060682][ T3324] batman_adv: batadv0: Removing interface: batadv_slave_0
[   54.071903][ T3324] veth1_macvtap: left promiscuous mode
[   54.077433][ T3324] veth0_macvtap: left promiscuous mode
[   54.083062][ T3324] veth1_vlan: left promiscuous mode
[   54.088458][ T3324] veth0_vlan: left promiscuous mode
[   54.145802][ T3324] team0 (unregistering): Port device team_slave_1 removed
[   54.155901][ T3324] team0 (unregistering): Port device team_slave_0 removed
[   54.163719][   T31] smc: removing ib device syz!
[   54.212094][ T4366] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.219248][ T4366] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.226450][ T4366] bridge_slave_0: entered allmulticast mode
[   54.235208][ T4366] bridge_slave_0: entered promiscuous mode
[   54.242474][ T4366] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.249609][ T4366] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.257083][ T4366] bridge_slave_1: entered allmulticast mode
[   54.264215][ T4366] bridge_slave_1: entered promiscuous mode
[   54.288987][ T4366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.301025][ T4366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.328581][ T4366] team0: Port device team_slave_0 added
[   54.337235][ T4366] team0: Port device team_slave_1 added
[   54.374957][ T4366] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.382039][ T4366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.408259][ T4366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.419923][ T4366] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.426928][ T4366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.453057][ T4366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.482165][ T4366] hsr_slave_0: entered promiscuous mode
[   54.488317][ T4366] hsr_slave_1: entered promiscuous mode
[   54.494325][ T4366] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   54.502817][ T4366] Cannot create hsr debugfs directory
[   54.583297][ T4366] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   54.594045][ T4366] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   54.604042][ T4366] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   54.613214][ T4366] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   54.633411][ T4366] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.640652][ T4366] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.648098][ T4366] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.655377][ T4366] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.689592][ T4366] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.701576][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.709851][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.723886][ T4366] 8021q: adding VLAN 0 to HW filter on device team0
[   54.735327][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.742580][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.755103][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.762231][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.787475][ T4366] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   54.798090][ T4366] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   54.858322][ T4366] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.983917][ T4366] veth0_vlan: entered promiscuous mode
[   54.994046][ T4366] veth1_vlan: entered promiscuous mode
[   55.014810][ T4366] veth0_macvtap: entered promiscuous mode
[   55.022839][ T4366] veth1_macvtap: entered promiscuous mode
[   55.036501][ T4366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   55.047234][ T4366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   55.057302][ T4366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   55.067812][ T4366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   55.079367][ T4366] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.091057][ T4366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   55.101757][ T4366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   55.111627][ T4366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   55.122097][ T4366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   55.132890][ T4366] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.143478][ T4366] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.152261][ T4366] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.161141][ T4366] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.169887][ T4366] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0