last executing test programs:

5.206467794s ago: executing program 1 (id=464):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000069000010000000000100000018010000696c6c2500000000002020207b1af8ff00000000bfa1000000000000070100fef7ffffffb702000008000000b703000000400000850000001000000095"], &(0x7f0000000040)='syzkaller\x00', 0x1, 0xfe3, &(0x7f0000001e00)=""/4067, 0x41000, 0x67, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800, @void, @value}, 0x94)

5.184388334s ago: executing program 1 (id=465):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f00000002c0)=[{0x6}]}, 0x10)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f00000003c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ff8}]})
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x0, &(0x7f00000002c0)}, 0x10)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000001280), 0x6)
perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext, 0x100, 0x0, 0x0, 0x0, 0x4000000000000003, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x108804, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
epoll_wait(0xffffffffffffffff, &(0x7f0000000000)=[{}], 0x1, 0xfffffe38)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r6, &(0x7f0000000200)={0xa0000001})
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x3)
ppoll(&(0x7f0000000380)=[{r5, 0x7490}, {r7, 0x2209}, {r4}, {r5, 0x2435}], 0x4, &(0x7f0000000400), &(0x7f0000000480)={[0xe]}, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
write$binfmt_misc(r0, &(0x7f0000001280), 0x6)

4.162396727s ago: executing program 4 (id=474):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r4, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="000008000002"})

4.028500359s ago: executing program 4 (id=479):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000002"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r2, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2}, 0x7}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, 0x0)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f40), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000ac0)={0x4c, r3, 0x1, 0x7ffffc, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c011}, 0x40000)

3.94311045s ago: executing program 1 (id=480):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000002"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r2, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2}, 0x7}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, 0x0)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f40), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000ac0)={0x4c, r3, 0x1, 0x7ffffc, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c011}, 0x40000)

3.16431801s ago: executing program 2 (id=502):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r1 = epoll_create1(0x80000)
epoll_wait(r1, 0x0, 0x0, 0x85)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c004d06333b565c87257d0c505800baf86a85c5d4ebcbe04a29761497e20f5b28d89f604bd11784ba2514455e4dacb8d88ce29bf1c94c3b22e79ce729467e44f805419db2b76bbf55bb86fcc661b1e1400c20afa42828580c0c6beafb4dbaa10ba52396645530c03ce224c5f82f5444fa77aba37d09c7ab1e6350e18e7c40eb53076dc5cf122fb909d91b4c2a3ea2fb3c1884701c7d9b24fb41b3d9adc2748ac4180bd8a016a5b0d5940daddaaf26f1fb3cecd78a914d885f462dd2"])
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getpeername(r2, 0x0, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="68020000210001000000000000000000ff0200000000000000000000000000017f00000100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000a001000010000000000000008000b00000000002c001300e0000001007e00000000000000000000fc0000000000000000000000000000000000000000000000cc0111"], 0x268}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r7, 0x0, 0x4ab}, 0x18)
r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
syz_usb_connect$uac1(0x6, 0x82, &(0x7f0000000000)=ANY=[], 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
r9 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854529f45826cb35be51682e30944313e2ca73845d177d601880221daeccfda56b75cfe2bad94f000066b2ddab614fec2236da7d88ea07c9ee"}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r9, &(0x7f0000000180)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)

3.16404286s ago: executing program 4 (id=503):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)

3.130080361s ago: executing program 4 (id=505):
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x20004004)
r0 = syz_pidfd_open(0x0, 0x0)
process_madvise(r0, &(0x7f0000000340)=[{&(0x7f0000000180)="934244064e926eae5389050acf9986028b358a93327b51f1f1f019bafbf9799a25ef352e75ea0fe9e4b758812c4818d01ee003db625865fc93acbd2fa37f580bfef547287203de92861880b2290fb9be0f827a6583eb8c68d1b334d96751c4a4d38d3861aac849ea7ccbac11cb1f297c198282746b6ae0d290a0bbe7a33f0561d23e87cb3834eeb131881e634d644d2f19b8d8cdf553e7c2f1a1214adf15a7a2324b9751534ac621619417175890a6c7c7d09ccd0e31bf448fbc57b6bc2e27a7cdff", 0xc2}, {&(0x7f0000000040)="2c089fd9440825ab40439b6d8638e87bd378c408771f63624a5d0a2e250aaeafea06932191be4219c29dbce281f68d097501c21d63dbde6ee5ab6c04b7f968ffce81038ef644c988cada717feafae3222658ca3a", 0x54}, {&(0x7f0000000100)="0df8d58f68b2671081b8c1", 0xb}, {&(0x7f00000002c0)="31a6ee8403dcbda06afb2e4c4bc9ce5149fa0b4f73b3527ef78ac6600bebbc71bf0b3c0b981aa6248d0883f54b8e517703cc69ba9f7365dd852f3ff0841a90267970e7b1feea6eed0c876710c27d9def6e8ad4e467428cad444e04801567ce6974535b1b0d28232911a690820e8dc2e1575e00a6ee928bb41bbac59943541360", 0x80}], 0x4, 0x2e, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
r2 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000000))
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
readv(r3, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

3.044888562s ago: executing program 1 (id=507):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a3100000000e8010000030a01020000000000000000010000000900030073797a3200000000280004800800024000000000080001400000000514000300626174616476300000000000000000000900010073797a3100"], 0x25c}}, 0x0)

2.955381053s ago: executing program 1 (id=509):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRESHEX=r0], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b0000000500000000040000090000000100", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000680)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x1, 0xc4d4}}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}]}, 0x44}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000010c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff}, 0x13f, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={0x0, r7, 0x0, 0x3}}, 0x20)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00'})
gettid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r8, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x500, 0x0, 0x2000040}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000400))
syz_genetlink_get_family_id$nl802154(&(0x7f0000000ac0), 0xffffffffffffffff)

2.753027496s ago: executing program 0 (id=514):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000002"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r2, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2}, 0x7}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, 0x0)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f40), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000ac0)={0x4c, r3, 0x1, 0x7ffffc, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c011}, 0x40000)

2.491214399s ago: executing program 2 (id=515):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)

2.449611049s ago: executing program 2 (id=516):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20001f, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@jqfmt_vfsv0}, {@delalloc}]}, 0x3, 0x54f, &(0x7f0000000600)="$eJzs3dFvW1cZAPDv3sSx02VLNvYACFgZg4KqOo27VdMeYDwhhCYh9ghSFxI3qmrXUe2MJfSh+x+QmMQL8MgfgOBtT7zzguCNl/GANKACNRNINbrX14mbxq1LnDjEv590dc851/Z3znXvPfbX1ieAqXU+Iu5GxFxEvBMRi0V7UmzxZm/LHnf/3p213Xt31pLodt/+e5Ifz9pi4DmZZ4rXrETE974V8cPk0bjt7Z2bq41G/XYv5Pxyp7m53N7euXSjubpR36jfqtWurly9/PqV12rjGehMxEvNuaLy+Y9+f/drP866tVC09MdxSFePpPd6pb04mdmI+M6Y40zKTDGeuf/t6eM+3TylNCJeiIiX8+t/MWbydxMAOMu63cXoLg7WAYCzLs1zYElaLXIBC5Gm1Wovh/dinEsbrXbn4vXW1q31Xq5sKUrp9RuN+uUiV7gUpSSrr+Tl/XrtQP1KRDwfET8pz+f16lqrsT7JDz4AMMWeOTD//6vcm/8BgDOu8nB1aVL9AABOTmXSHQAATpz5HwCmj/kfAKaP+R8Apo/5HwCmj/kfAKbKd996K9u6u8XvX6+/u711s/XupfV6+2a1ubVWXWvd3qxutFob+W/2NJ/0eo1Wa3Pl1dh6b+nrm+3Ocnt751qztXWrcy3/Xe9r9dKJjAoAeJznX/rwT0lE3H1jPsoxn7f113IwV8PZlk66A8DEzEy6A8DEWO0LptcRvuNLD8AZkS/E+qBYFOSQ45WIIjs4YMhjh/BRA06ZC5/Zz/9nW8j/w9QYyP/7V8AwZeT/YXr5Ug7Tq9tNRl3zP0Z9IABwusnxA8nhzS8U+18Vfznwg/WDj/jgOHsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1t//d9qlPO1wBciTavViGcjYilKyfUbjfrliHguIv5YLpWz+sqE+wwAHFX616RY/+vC4isLB4/OJZ+U831E/Ohnb//0vdVO5/YfsvZ/7LV3Pijaa08dfH48YwAAHqc/T+f7gS/y9+/dWetvJ9mfj78ZEZVe/N17c7G7F382ZvN9JUoRce6fSVHvSQZyF0dx9/2IuPKbIuKgfxcrJPdWPj0YP4v97Ljif/qw85/EQp6D6cdPH4qf5sd6++xcfGoMfYFp82F2/3nzsOsvjfP5vn/9xYO96+/nvbbZMcQv7n/ZS63t5vfA/fj9+9/MkPvf+VFjvPq7b/dKj37d+vj9iM/ORvRjZ1t/Leh+/GRI/FdGCX4+4s+f+8LLww53fxFxIR6Ovx9hv7TcaW4ut7d3Lt1orm7UN+q3arWrK1cvv37ltdpynqNeHj4b/O2Ni88NO5aN/9yQ+JUnjP/Lo4w/In75n3e+/8XHxP/qlw6Ln8aLj4mfzYlfGTH+6rlfV4Ydy+KvDxn/k97/iyPG/+gvO48sGw4ATE57e+fmaqNRv50VylEU9lqOp9D/IHESsU5XoRSnohv/R4X+n5VeS1Ya8em/jWPpT3noO/iNh1ruF/0+htMyF0/1rG53sCUZ9bQMu2OMI+sGnAZ7F31EfDLpzgAAAAAAAAAAAAAAAIc6vv+/le61THqMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF3/DQAA///Xj86C")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2012024, 0x0) (fail_nth: 1)

2.108720173s ago: executing program 4 (id=517):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) (async)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000000), 0x1, 0x0)
preadv(r2, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/148, 0x94}], 0x1, 0x1, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="57aa0b5243b9343971d8715217f99f50090ec8aef3824a214d2baf6732fc09f13f5d15be9e1b913cee790e1baf4bb2a22e12667dc55f4c19d153390f591eee3e053532b8028a0564ecdd23e26a6f545d304e7cedca91234297a93510f068b04c2b0568e8584fcbfc59a1ab5fe36eb44e8d2eae655ab333172403ffaedc7c0cc4735307bd9d0aff5339a3b7bf749ccfe2ab5e456fed25f64e1b7552375cc6c740b15e29241909830968c32ec3501f09fbba723f65bf33e7e76ae854273d9903df1ff5", @ANYRESDEC=r1, @ANYBLOB="41b2fafb816f6e6f848f146c7ca9c9238ca9a335db50f51336841443ec2792ec3a5a266269cac1e42930a9f4389ee6faa681190e9d1ec4c050fda6d24fcaf2d556114213621621c4d797eb751d27dd3ba953fed093061696d2212bda85f199cd87b82237b68e75a9fe596a3ac3d7c8c109c1c26b81b896b357f0450007f6b018e85e924fe03e11"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0) (async)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5, 0x0, 0x5}, 0x18)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x0) (async)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x9)

2.013450585s ago: executing program 1 (id=518):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x3, &(0x7f0000000380)=ANY=[@ANYRES32=0x0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000200)='\'\x00')
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRES8=r1, @ANYBLOB, @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000080000"], 0x0, 0x2000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r5 = socket$inet6(0x10, 0x3, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r6}, 0x10)
sendto$inet6(r5, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r8, 0x402c542c, &(0x7f0000000340)={0x0, 0x0, 0xfffffe3f, 0x0, 0x0, "4d6b55f67e02bfc6aafbd98ec07c05a8765ccb"})
ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000a40))
readv(r8, &(0x7f0000000380)=[{&(0x7f0000000280)=""/79, 0x4f}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0xf8)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xa1c81c, &(0x7f0000000500)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x50e, &(0x7f0000001040)="$eJzs3c9vI1cdAPDvOHHi3U2btPQACNqlLSxotc7G20ZVD1BOCKFIiB5B2obEG0Wx4yh2ShP2kJ65IlGJExz5Azj3xJ0LghuXckDiRwRqKnEYNONx6iZ2N9r8cBR/PpI1782b+PtesvPe+pvYL4CxdTsi9iNiKiLeiYjZ4nxSPOKt7iO77uODxyuHB49XkkjTt/+V5O3Zuej7msyt4jkrEfGj70X8NDkZt727t7HcaNS3I6az+nynuTXf3t27t95cXquv1TdrtcWFxftvPHi9dm5jfak5VZS++tEf97/186xbM8WZ/nGcp+7Qy0dxMpMR8YOLCDYCE8V4pkbdEZ5KKSKej4iX8/t/NibynyYAcJ2l6Wyks/11AOC6K+U5sKRULXIBM1EqVavdHN4LcbPUaLU7dx+1djZXu7myuSiXHq036veLXOFclJOsvpCXP63XjtUfRMRzEfHL6Rt5vbrSaqyO8j8+ADDGbh1b//873V3/AYBrrjLqDgAAl876DwDjx/oPAOPH+g8A46e7/t8YdTcAgEvk9T8AjB/rPwCMlR8uLU3G0lJ6WHz+9eq7uzsbrXfvrdbbG9Xmzkp1pbW9VV1rtdbyz+xpPun5Gq3W1sJrsfPe3Le32p359u7ew2ZrZ7PzMP9c74f1cn7V/iWMDAAY5rmXPvxLkq3Ib97IH9G3l0N5pD0DLlpp1B0ARmZi1B0ARsZuXzC+zvAaX3oArokBW/R+RmXQG4TSNE0vrkvABbvzJfl/GFd9+X9/BQxjRv4fxpf8P4yvNE1Ou+d/nPZCAOBqk+MHhvz+//ni+LvilwM/WT1+xQcX2SsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42nr7/1aLvcBnolSqViOeiYi5KCeP1hv1+3MRz0bEn6fL01l9YcR9BgDOqvT3pNj/687sqzOfaXrx1lFxKiJ+9uu3f/Xecqez/aeIqeTf073znQ+K87XL7z0A8GS9dTo/9r2Q//jg8UrvcZn9+cd3I6LSjX94MBWHR/EnYzI/VqIcETf/kxT1rqQvd3EW++9HxBcHjT+JmTwH0t359Hj8LPYzlxq/FJ+kadr7ulLe1j1m34svnENfYNx8mM0/bw26/0pxOz8Ovv8r+Qx1dsX8lz3VymE+B34avzf/TQyZ/26fNsZrf/h+t3TjZNv7EV+ejOjFPuybf3rxkyHxXz1l/L9+5cWXh7Wlv4m4E4Pj98ea7zS35tu7e/fWm8tr9bX6Zq22uLB4/40Hr9fm8xz1/PDV4J9v3n12WFs2/ptD4lf6xz9xcvxfP+X4f/u/d378tc+J/81XBsUvxQv98Y99/7M18RunjL988/eVYW1Z/NUh43/Sz//uKeN/9Le9E9uGAwCj097d21huNOrbCgpXv5D9k70C3RhY+E6vkCQRFxlrKgY3/eKV7j19rClNnyrWsBnjPLJuwFVwdNNHxCej7gwAAAAAAAAAAAAAADDQZbw7atRjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Pr6fwAAAP//JY/QOw==")
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r2, 0x8982, &(0x7f0000000280)={0x8, 'veth1_to_bond\x00', {'pimreg1\x00'}, 0xd1})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)

1.937538925s ago: executing program 2 (id=519):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a3100000000e8010000030a01020000000000000000010000000900030073797a3200000000280004800800024000000000080001400000000514000300626174616476300000000000000000000900010073797a31000000000900010073797a"], 0x25c}}, 0x0)

1.821459777s ago: executing program 0 (id=520):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
r0 = syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000002900)={<r2=>0x0, <r3=>0x0, "9b9aefd4991a5f7b44acb306cd1390f17e1d1f25dd69c6310a5f8760ac134473edd9e4f27da59820f7603065caca6960981b22c6d6def52fdc968059af7e503833c12714a43d286482b97f6bc2bcb0c6052063e54c5cfeef7879c9b3257afe9cbb5722950791101fe207e2daa8d66013b92606d1e15220d39d84bbbb13a49c2c6466b6274ead285fda109d0a98fc00f76e4e7ff2fbc46c24feaca1c31f7e505aa775904741e7a34f148c05005738f0f1f37d35feee053123ac749670c74aad0c52e99d17a77e95c597dd189ee4c215bdf488e62f6fc1d586a4cd7414497a7e0dca3d22a36d15613d4cf87ce1e51ba4de7b905d5b536c4bb829791740cfcc210d", "9ef0b910ba11f40c71bd50d6dd58c3442c8371249de285c5118196ffc7dc4a6c72c72bbe793f7e5f41465ecdc2de67ec12b83fde17acec06d4a96b73398903014adef9808f4df0fce71206011c3f9c73f07229f0357f5044a83e1a0ccbfb4dd2cbb2390d1b0fa746d62497788ee9a98341c2cc1137158bc69cf25e6222f90d52089694597453fb69d64761314331148694eae56bde38c6085da934114cd1fd6a014bf7734f5adf573d669b86333b03fdc7f5b18dc75f32736e3077dcd6b9ad8ff2ed6a5d08dd6e1d6f849f756352718afc99b6defb9fbdf072f5858cc80584f084c5154e0560414bb068af4464a232ff27ee467461c8ccb8621452045a35bc4b09f4673744134d892ed18e4c935f87f185760ce20782ae36c045cb996426a5f79b22e5a229512de3f92f078eda013a0a78df89ac053c295c87719a43ea6ddda77c1f07315929028f8b767391fd4f6bcb0312db39cdb93490c5353d309db62e700c0bd1a534e1325712bcce0c8be81a72af35786a177b9608f2e9680a6668cd9b01e65aec099746f191675bbffa3e1cd328e68cc3350ad4541855979a640459282bd11249ee98b831cb1a5afa176c34e3b75d49e7ebc924927cb76538428a5d98045805d170ce410c1c45918b95fcc07e70450e3dfb8c992a301420ccd9ca0898d8a9c215b90c3cc8896ef67cfa178476eb48323a4cb201056b2fb80aecda337a410e919689edcecc109b0443f8d76bba3a0e268be3b9a9be50787e9a9f7cfd9f98030cd17ae49a4c1b825a888eed0cd5675df76c47f6c6412c74ad14581723de788e40c7f9fdb80b42a21678bf7bca38fbe96ac05bd341425e5797813715d80abcbd23954bc2c5a64d160b1b8861fb5bf37e2f6e87b9a744d9a8bc95e8d5548d39daf4f2a995dad84e51b62be9ce54e05440c47299f59e1a9afdda9548fe4066b221671b102606bb661f57b4d901774a9a54c148c83fdc606fe52725f6643f0095f06a65f6920ffbb61330f321ec0e9f5bd06a3de6fc95deff7ba7b485a24fc815049e8290f6f57071914563feed509d82bd15a04e7f149a72bd80424ef88285c1e3bb81942b093f6c07b6ec45efd7fa6ff29c59f5bb613cfd8877dafda5665da8a46c2f6952d71842f0eee2ed1006f9384fe2087138d50d42a00e238d12dd919b7cabfdcc894277aadcb811b78a164bccbf02a190c5b61b2094a771ae7bc7d32d6220afd3a85c6f14eda42be1bf065d80c89f2b18f9f986ec18af6f412e58977dd92159c0b59ca173e036969723e0cd6cc387f92ed3f1614ae894a198c675d1ff5c721e9b9b852a910e8fd8e4b4ca43798d5b34d545b6ccf0a44ff56b077183556cfaf629fb96ef1d3ef2b30d11d6ee360d5a82e08d9a02e51f1e975cef870f85b6bd73d52ded27465b3aa2f2a17677afa2c7d48d644a0ec6092baa6757167b6e9507033806b1dfb5cdb898ae83db39e30bcba74bb9be85f6d13ff877a388dc5275c30c2737c77d818e130dd7bd24d7a3b6e167bb027c082d62bdc7acf6a9dfa3fa659b14ad015f7b391d093b1289c9d9cdb6f8afce8eaea663e6a4eceb05585a5e558b8e5e92c6b624d79f48193501e253ee03687c67ade8938744a7de5e9f608d991a10b246140947a13d5c4e04c0f47545685086f6c91520f58faebb01585bad8b80f7e7df34046160541c63ff70ba691ccdf1dddee382298fc6edbcbe86019d23a6f79aeb03e3fcc0d8566662650285db81afd13f6f97d9d3db88629e10c92aff0417bb66e9549c4b0865b1cfdc504a2856697348882421f083a13208299916bed8fa9420b12d1dbe05abdea2b1d030ddd042156721c5ddf2aefced84712a4e71c13a5ab4759927c560e48542e4adbdb2aa08bd16c7f8294299b026863adb4238725db172ee9972c6bbb5fc932c9cb89bb31b2948731cfc7b6b02bd984bac954f4b24b80dfab55c4f2c94c3e5754af6b74b47f09b8f4f2effd544af76dea54e8257563f95a99ed6757554add896ee43960a52e6c088b4186b2f5039dfa03ca07212f193fda1a5cd32ad1ac506ce175e4f1c46ad02ffc8abd20ecfe3362cd3db18f0764d4cf2d026547185f41a3f4fa0c83b9ff020d81c926c0207affde03f23df9b374c72b350ce6f6bfe69300bd451242ed8091db1d1e93de3ceda82ce39c269c4f2ee9dd996b4fad5376b7682b6f44b931eb06111567d13290d1c62f81dca2607cbd905855fb89000c0d3dcba7e85d0524fd45d9a95b8be21506c94c89a6a3187d8f6e45c2232cc353b279e35dca316c6d7a8bf39f7c51c2e13cc7802c1a4bcd4bacd08fe40d5942aefdef77b56773d9a04e23e04cbf454c6cf1da038ea0e03df820f6d1d1d623cd79269871a9487b53e59d247c20c5b9e226bfe8c7b9154dfaab853453bc1d221a642d903b96ef39821e07f41a4058b721e991f1d612d6deade7ad974b824a04a1b2805e51980c1df816cddfb3585586bfb4fe3947bcde9bad8eee6042a1fbed0c8500b6ff255858b2f222e1587d3465d1d2600c18cb860d21b15b73d2112323d5a46ce4b3c3855905aa1d0d21f02267ae792f6f2771fd99b422e09b4440d165669907082647ef84cd6d80b499d5e339318625fe4a6e47e89e80eb6bdb236e0c023d21f48e412c2c19afb207e087e13b66d674350374b9a7c105af75aed56b6cbc70db57d48329f74ffea22eecedb33849118734f21cac83977f5b957d82b9155384c12014df59db90c9c98d6664760fcedfe19a3625ccdfa13efccc1e135d316541eff2a29342d08fad301c661383d3d2464da24af4fbd3ebddaed79f60054b806e27e946757e4b832ce1668c3e724768fcb9fe38b67021935c00287990cfbcec0a9277a83be63f30dbeae6eb9428aee200230acac92c8977dc220cfbb5506f477e22dced9ea087c19c817b606cde5410d3d7dfa1f17514606a8eec2a3465797ffdcad354118e8143b324ee2d0d779185d198e50c2875d9483224abe996bce9e9282936ab8f708ac61f12b678f9b74c48ffe54ee81a77c87b38999f915bc78e9edd9dec5072c972e9ac1bb08b06b69e0d8e470ae9b1259a640d8efa84e866b334464f52dcda79a1a894c5354ec90eab2a5a5e0da9bb82725910280f5f998139537159c4e80057293d1bbaf05b9a752012a209701eccef001c2c7dcff0737cd682d025c567a278c58439f19f145eb551b872483b77e765bc43a413b33862623fb09f952b978121d41730708c593f4ab1d39be35a30cd79d0dac6003ea308b643030f905e91a9f2bea78fc04c4d447c7258d96ff8efb46d5e6f7f23dd0dba71800691223977ae1f6d2b2e4a32448fcb153e7e37128022ad3c003213778018ea74269698881a647138cb6b138d292e0c9ecc493441f2318ca24c2192f4d7ac1d8ce0b5d4a9126d737d628835cb8fc3b37607ce4cb56e5e1c7d95ca475ff16c7c2d3714867d42c935f2f7e4c218c06811a8496a3489b124c308328400a058acd510d85c5edc5ed5e79c120b18089730d4f81fd7b65d49a1b8283edc9159d5c6f72190fe09edf348c42efebe5b6aada3bbb5e80a0517e204361034dfcf7f11dd6418e679925d0ad1c2f6760d317a17be62310fa229cb416450c313140c8eafa660bff3c38e95fd739df98e1ad2765226ec988950a1db539d8dde9c46676fbc529ffce080c2b67e6e0ff07b40e5a01b8ff1ea8cb08f6aefe7dfa2c93b56b3c3043ca71fc0f5ef4e7661ee07fb190f1bb8b7cc845991534146ede904fd680f32798d541cef2611d092b95e3ecdad0361b5f03e50c885769a9771d3e7f174600ff54d3373d29190d6fcdf6020cab8645d690df1fec0099295c8928e252c90bbbf8d520ad06290e01931bf9927454a899a0ff91e00cdab36f6c69e62d4bb9ab9546ecf63c5adb416d0031491c44a9d2c608c64f4bfe7f8e39f28d3283c8db8d0531456effc376ce1f25bb5dea4fa050e4820789e7334874c188d441c06ae1c9113a8e7c5a2697711dba89d8deece04681914d68351fd33ad62dc83ba260bdad2f9cf0d6f78bf16098ddc6302088de57bce61a4587f28bc4aadd41a43a48f041e128dbfb27a11dc26ec01cbe6d339c7bff31db61043032b26acc8573cb41839bc07d1fbcacc14b8330d44059578d539b553beebd63d8ce805d64df128dd52aaaabde33606cf82f1fd14ba04ad022233b8ffcb1a7bb1aae521c37428ef924442487d47ed2498975813f707016de938b9b9d9cc2c1e5404a48311a5d3fbbaba4a2225b79ce9c3d576cda47a4400fb1a872a7d17e4c72212631264ec80ba5c0baa8e88dca9ac1946654bacc51bcb1cfea6894864bc905a30b11e16c553e862b59a6dbb1d3150fac210e612002966272ea6b3c1e891079d58b6c0b383c0cc6a7027da2f104667715bdb36e6270b827881668876a584f5797dd6f81db3ec97e1d80cf759328a8ad20185b71c60ca9050d6092bdc84becf5493ed2d8b3cd4defadfc8676663cdb9d3d19918aa4ab1d557868e9be2f47a752b7df01bc08b1291ebd044f607f3abcc56f0336673d63e7c69b302b62aafcdb2b75eedd1e4f45ccdd868e606cd2c722a3ca79a2398256230daab436df13514618e29faa95ae4f0166b5147fc23671038fd7a268525daf402c957cdabd825e5fda2595c1155265e2bf26f8a871fba5b5899c3b33a0f445cb175046007f796dea86c12d8fb144f5340e7bdaa66069a7f9cf2eb10da5fd65e8b2dad3f346db43b322e960917bca0630e11c1d80b22915c66b5516f96c3d8159516f79c98669415065f7a3f7a6fb95f38002151b99cdd85712cd66fc943c3929191f6e64527c1c0fdcf594d9e44607cd13e7d671cd4c44a5128dbb5b8d618cab3ad0f37e18c3ce71fa7177f0be52df4e7e13269785af053e33431878de8338d2b1fc15c1367ac4c1af5134ad14a8e29d30b6dd11533ea6237d49375d9e3b0db3007a018e914734cb53d57de36ebef62164914575b3fed0fe076366cf7ed507a68fba506abab1f4d5db5e57ffcc326f3c16574027b8f0e2cb570a45670cb69c3605e36287a522a360d037ee576be3823eef5c74cdd4fd4bb673fc426d00215ad3c899167842222a8c3a1a77e327033c2194577cf64fc0a9dff179563bd91f0a15e1898ec552307587e791873d48354827190b186256510302e4cb4c5ec4f8b847c36b6aaaa2e596ddfa1edf4769ea7abf5473c54a1625922cbcfd03f5fae6dc6a3ffe521390575cbe7b9ef9c793ca6d53533d4e966f1d2a4687b824e6522e0a06d6947bad01defe5dd610b399541c4cb6f032cc8a545e2371e2c7aca5742052e8ab90499ada9f2b9b6dbb1c0f116c88fc60fd0077f4ce22d1096d6607871adc4b9acd7a04a4faa622b5e76423d730ff25649409b1e9f46eba44de95bf3d30"})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000080)={{<r4=>r3, 0x4, 0x100000001, 0x100000000, 0x5e, 0x8000000000000001, 0x0, 0x3, 0x4, 0x1, 0x7f, 0x9, 0x8, 0x16d3, 0xffffffffffffffff}, 0x10, [0x0, 0x0]})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000004900)={<r5=>r2, <r6=>r3, "ecb0157bda35112a3c0d47d58d4666d55f961e07716dff6776a190eb7cee65cf820216e61e453e292817aa709d18c2cc547c183bc33f1d42805d255967685a5fc06500b3aa38d966cd5f42a61003b12279553f2badb51d0b788ca9681fcd49ecb458d6e278d8495878a3879fc30583f4be22d5168e38991ca72c48e6d1e36c212e184552b1244bc7ffe225ae23f7b27bda47d38ba2890119bbdc4efcb0135ac0f738ea2a5b79768f4bed47222a7507ad9e61d7236457b536127b310cb4cbefbced2ee095277ab087067f5b1ffd8df561d91754ee3ed61981838f538781f06784161db6cbce39ca2e6b58679eca16f8481422d135b22d05589bcfe19b4d3d3dcb", "2603b3525b8a8974c39a2fe6f6739653fb11b830300a8476324f4c9ada9ba9ac439a9d2afd6b6c9b76c8e62e642295926d42ddc0dd22efaa75def16b001aebec36650ac7d66767b054636e3fefda6e67deb2070fe91967b35ff3c7f3e3ee03a99d4f1f98e5b71e00c9ba0879da354e32760e1446057587b4f327c06580f53617a3395f410683afb463c31d7e399c33bc40f9d3d9332c22b956ad495b46848b30c7f95ccee0ae7a197f15e6eba1439b0a9ff76ababd78afa399a5a5329cf16cbb4468aa82ff113a55f31344b4924e410f06d98b13c32dde9bab42be16d27ab3c50914f939f5034dd029cbeba778b54f9664eb533e5169d7e6a6a09452d27a15e3c81ab151281ec3016e9baeb59dd7740c21628e7664b6872c2df062f285073faa9dda78c4dd5c8ec945057de6c241a7cf051d4fb3478cea2d9c8d866c8be227d2388b0af1537688f4c0989db43906efeb9da4f448f28633499977ee772ba0f0e94114c3324bf6613c41a55a9d53790c0b1b0b4f860f87480a7cb820d7fbdc4c3551bb4d3d6e1c20f8520cea8dbafc0e71dae356a2c264a8091ccb1d7c3f9f9ce66679d239a7926ec9ca595e6bd49cc3b7de7d1768476c57e2394d5fd39ffa1a7d837840c33361ff4f679e289af0bfc782497c02c62a2b5a2127d77f66e3ab9494c12a255313a5538dbea2f539f0194d3e68931612f5d15249813d26ac9eb0a07af1de62e28a3fb0f9101ba842f0335138471fd0e863a44fcfb53a8b6ba3cbb80a339b13157de311a729bae5c3cc9d5c2ee973f3fa486caf164a356d01fce0f8729d3ee77d1f9ff488f7b286ce81adb45c856590628c22572441fed66990696416ef50f64fd37cfbf6e4c85ee5ebc2f3ecfbfa45f33cd06c938c8e403438fc2650a5b8364cf17b22bfd262e684fa916fb9772e7b2a605ec795d64378eba8a5e844d6e5aa2d0a2915fd6d8a0a0d57ae067b986e88bc530e46cebc914d4159d8466106fd15fc1f666d219c41c63909ee2d908b97be4638bb16f3772704a98f27d66abca9be084ad9e0bde44456b9021667d48d9404587f365fa93a08fe3cbd7c491438c562f6c06febd15f6728c7ef39bb3f715c981f5a39e24a9eb64d45345def96a1f2a1cff99ef942e3faef1ebae5dbbee3bfafd6435b7ebdeae8d1b73d7f636543e2ade9fd963dd9e236dce6b74c765c5ef07d39e7f6859a298c04584997907c7736b6b9815024c5c0f0b47440057585797dc75a065ba828e747bbe3ec2a6d91c674be224fcb99b19909740276dfcb2b6df46b7dd8dba9bf4c59cf71672164a744811fcea0e952882e74f8b1f1989085e8cb2d9db43d73ae745c0136ad4897488f5ca0d3b2b44b8874162ea0bb66e4616d558324836770e9d9bd19c21655237e4cd8d52d6258b369ff61b5bea59e99b14e124c806df2e2fd8902c195589ffdce4d5fceacebeeff29039973d2d9813327924f2ea9631752251ebe3bc8c20ab73eb8b21fcb8159884ae8c7503e04fbe03912a3b9cbfb53bf211a6360d2c94e799ce90812c27c96e93d60e021c1d08abecbf859f4a3bb50dfbe1608e27a9657c6683ac0d3077898f096b6d2cff58c9bcfd79c481f1a5ed01fda004b5b573ff80fa9218c93443e1702d2e2cc0a878048595605ba6e078fffe2e4e6060a71e26e52696a55728b1ccc63a071d228511e1b7ee90dd5e4acf1f80d948604de891b55ae80d6df1b0119af345877d241ecf8a0349342d54fdca31f47d716b44b669de1b6891aa3a274a0a627434cc0411353860e9badc803358b2aee8aad774c5d638ee26f97f84057aa82ef4f87930f19435f1b953cd51c22bb31bcbbbb50dbcdab1fe33925a74c4d0fd138ef67e5f844b7ef9b42d676f85787974dff71ec70e066db669ce3d0ac03a5dc10a466701c63e931230731ed6092f9db4023455e1cde3e1a9ff6915a50b513a7223f263fd0d2b4529738c4d3df2d415be28f4c041703527c3170ca3d1818b8571303d4f069153c1bb7f269d063d7a0bdd5ecbab4844807e3ae9c38b3a36c9dccd8c41ac3ecc2bd59cbb05ae88e5981a2678d2d762b71e8af97f520c38f66fc16becd853a781e8e91db27fd9d3a215cc1d81b9f32b62d176532fa0801f79fa83dd1e0e08bb7c145680d237e86217a4f4965739c1c31a835b82e521dcd96a41edeb21cffa5293ef5f414cb3bc596f5941d3064ab89cabd61dba7abf1dda9cfd606ba30d2e9f196338f81508fa8ccd0b580bb12ac81a70e9adb6ee71baba45bb03a004d6126aa167eff8db4af2f5119f587da9aa727057503e6007167009a4c80f80543bdb930f56071423146bf04b4cc65cc40fd610792dc6b914feae39f6087caa5cb579d421bff33b543148309146c78792d6635c23364b6b7a0fb7c93df6e89fa35ccdb7555d2c5afa7f52d565ebc7d8befcdfc3e831983c105702df006f272391e5ffd6bb80cb787333d3fdded361cf0be19e091b8179d3bfcb491e278395e93bbe8aab9377670bc37b57608869f8a21b8e7ebfc9a3098d27879f0113e47b3ead746c46d50c3b3a13b270279889c2c733820dd2e4494a374ebab56c6afa5c975a736ed76c25e956ee98041b94dee1eddd0e51d508e78e9189bf4311c6c77dcc307d2ed94fb95a8771baf1fe12f859ec5adc4ae840ea5616f24adf086fb9be5d7612db74049d51e7c3c468322557d3db4c0949886dc1543ab67d9920d148505553426f6a6be8178ae67c6e23b26f8d4ca17b7c77ea9f765cf9814c086aef17d1cdf9e8398ac6487bde88e5c0e8cbbaead4093e9bab47072bb410246e26906debcb12e9dcef2d5b1bb85d8505a3261d40285227600be343d285171565896454a1fc5ae82f6ced3cf90a4cd176882360e4b4d6f6df2c11b250cf5ea58e3a553774e3b7bd3adb9f3fb482c60074a93e0af41184d723655005ba8c1ffb768769e5af9f87299fcbcd56fcb7289e57722707de415d9ec1b8e28909076ea77e1618ac0febe5b9cdf96f7850d972115ac6cb6dc5060240496cab3c3fb94e946c3ff0e37bac453eeed7903ba2daae943e51b18cb4983ebf874a1247cc96e1af052f85b376e86aa862fba6b96943a0fa563c394401801b5cd05409aef60ca126a3eeb61f9212b3d62defda884197fc865d97c36cb17c407a4f99b9365f924e828a88f85c0f26afac4df1a25b2a4020006faafcfd21fba133630ab5e6701a66878b1e1fc069f5923659200f2e9813cd47b6ac50ebe7885fa71b65a848a6f8b2061f6d60c31441728e5c2c586cacc022340b7a023de661b38ba57c73db501b859510d3c0519cda015b92a420d878fe601dca49f928f1912d80451135a116c7f046b5eb0800438cdbf932491fee5c745edf3fe80ecab78e6a957370f2ec9fe86873253f420a1b397259155597d54ff239763cf602c8170dba18132811d78a5d801aff28ae48e72807061bbd237936649b0d33d4016390853a4fa14a8a48431886c2c12daa05748ebef4ac99ae8110b10e9f39ac38a26a6e6dac271835f17a9c76f4f6074620e2c457b47edceba0fa240a70a7d26cc3981870381a1f45ed1197d940e1a7fb4240646b0b9f5b1240dcec889a49ea9b6c61d5721a20e8a65c18295fd5b2a5b422b9d1609921e1be24273fee72feeb185b971d801e3993237420ccf4805aabd7fdf9095b907ac2d79f93ada09b4836f11089fef1716775e8035d8003c5972e9e9b154c895cfd325e2eab539966cee94bfcb52a73ab2543fb70bdab19ed19851f83ae7f4ba57112a0a76f55e8dd1c534a361b901095be655b42616feda00d96ebb2679e2749d3e08f1e9eb2ebe79d16307c9a44c6d8befe362c70a51c19235c70115f764f083900c2eb11b539d1899c9b7f0b86cef85147c5de3a5f556acf3a9fb45eaf9d4c73b753d8dc2920a546a793fab91173defe9114a837ebc30f903d95e3ac02c0d323b0d8bf20b2923f7d1afc0cd26bc13b5f98fa184d7e132c78fffa2d7f25bb9ff9fb60e7f404afbd6d761265aefa4ba022eb180dc665c2690be737277246b9de0febee5dc440dd543b479909f9aa3cbe9b30b947a9fa352ba958076b162c354aa1669480172ad7ca61f81a761374e3a4b2957b05275d69a8d43fac503e37b8cfd77db0a840efdf25671bc305f561fae111e4edf0c2f4fb09b0ecb4e7101ceba339ef3dc430c18da7ea06bfdd53852e7c6b198195d68ef991c2952683f9663df911deec92a0df844c012227379fba1bb2892bed52c38a385f10cb96a6b87ddfe45df91d15d073d58260d1f2a6b218c7b074959ede366c342fcde4e07b22b0279f8c221a5b1cd2e8f6e3a1a12668e642622dadf91bc7a775636d2710709b81506dd50e2a0ad94c0d4cd8b1a2649becd1e2b83ffceb746af995c4b396f53a06aeca7d0e8c1221c0e67a4b68aadf4fe27ec3ed55c90ff59d91bf0c3699e97e54b5cc09bd71862422947f0644c479408836563347c2bcb976f09a60261ac457840e158660c9a23505d05883ec8b436dce55e252faf1d165357039c13f09cc0f410265b3e97481ae63803340b1fd4ed6019e532921e29b54449724d678a1d529dce21baeb9483cf97ff5b88b0e91ebae7d01534d0d4faa3dcabc9dc110b5d5a6eb5f8cd529d35cb8bc6754b25b01a246c9138e59a93b8e85be13e3294c845a44e952aba103a42d811243c1460e618acfe998d68dc24e8af028fc1c5363c2f0aca7fe7b72e0991ad0f1890efff8962bf76a79b1a59aec546a3eb6dc87686601043939559a0c18c914a510404d58be5016add5ad6b91a6c3fde4c086a7e14c56d200c5a284b604e9b287cd1eda08336c553f901564f3d5cef4375f0d7f007243aefc283051942fc6c169345e10728bc9cea3242100ae6e8007f77edc4fcb140d8a279c65ce4148b6223299ab816a48f3664bffada66d312e8bd38f399b481d036b1b5c3fb9cdb209b63c0f091cf0feb54a0d81a4b129be6f9a5318c9e8375ed023573cd8d0fdb5908a1ce013a99426ab47a1dc7171c32a9641a3b62831773211cf327c4d6d877d7c4003660de9d929d7ef6355bdc532a98abc7ab416666c826ae10de2aab57a54ff5a7464fd3e7a9b62bab86a77a760335c95195099ca86af4e99c74ed7aac2a0bcd83fc117ae8a1f1819dbf9bdeb38da4f2548c4ee353dd3d1104e4d61cf75ecc3a6e6ebb4384917b54d2472e3507dd1dc9137fb3a35fa78defdb5ad65138f0ebf1b018437bf11651e2070ded0704e8fa431cb0ef911a777b5c06d7da12f9cc08050ee61ba44fa9a53f008fb79bb87414e43b3f1a5d22b53b7582c18096b27f365411052858e5fb15d8ba1618f778c8a7b80a6c67f2f27c55649482318158acbe3756abbacb6737acc9e79499fd3c2df1ac5fa56b152b35035ec4a17806ae644d8f9d1e"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000001900)={0x6, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {r3, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}], 0x3, "54b594ecdf07b9"})
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)

1.59895953s ago: executing program 2 (id=521):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0x192}, 0x18)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000280), 0x10, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=")
newfstatat(0xffffffffffffff9c, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x0)
lchown(&(0x7f00000006c0)='./file0\x00', r0, 0xee01)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x44, 0x6, 0x418, 0x2b0, 0x2b0, 0x2b0, 0x138, 0x98, 0x380, 0x380, 0x380, 0x380, 0x380, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @ECN={0x28}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@multicast}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x478)

1.272558924s ago: executing program 0 (id=522):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x8}, 0x18)
mq_open(0x0, 0x40, 0x9, 0x0)

851.365409ms ago: executing program 3 (id=523):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000000020000000900020073797a32000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r2 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000500)={<r3=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000600)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x3, @loopback, 0x1}, {0xa, 0x0, 0x5, @mcast2}, r3}}, 0x48)
close_range(r0, 0xffffffffffffffff, 0x0)

722.266611ms ago: executing program 4 (id=524):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0x192}, 0x18)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000280), 0x10, 0x4dc, &(0x7f0000000d80)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eTlG52LsnnA9M5M2d3v9/TsGfmzBx2Aji2zkXEzYgYiYhLETGe70/z5Va7/k7ndS+eP5pvL0m0Wnf/mkSS7+t+VpKvz0TETkScjIiv34r4VvL/cRtb2ytztVp1I9+uNFfXK42t7cvLq3NL1aXq2szM9LXZ67NXZ6cG0s6JiLjxlT/+8Hs/++qNX33+we/v/fnit9tpjeX1r7ZjkDpNL2X/F12jEbFxGMEKMJKvS33qvzsyxGQAANhX+xz/4xHxmez8fzxGsrNTAAAA4ChpfWks/pVEtAAAAIAjK83mwCZpOZ8LMBZpWi535vB+Mk6ntXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkvT2dz7Htbl/ZtT0TEe9FxA/GT2Xb5fl6baHoix8AAABwTJzZNf7/x3g2/j9RdF4AAADAgE0UnQAAAABw6Iz/AQAA4Ogz/gcAAIAj7Wu3b7eXVvf51wv3tzZX6vcvL1QbK+XVzfnyfH1jvbxUry9lv9m3ut/n1er19S/E2ubDSrPaaFYaW9v3Vuuba817y689AhsAAAAYovfOPvldEhE7XzyVLW3vFJ0UMBTJPvXZQ0Ke5Rt/GEJCwNCMFJ0AUJjRohMAClMqOgGgcPtdB+g7eefXg88FAAA4HJOf6n//37UBONrSohMAAIbO/X84vkqvzwC8WlwmQFE+tk/929//b7XeKCEAAGDgxrIlScv5vcCxSNNyOeLd7LEApWRxuVadyscHvx0vnWhvT2fvTPadMwwAAAAAAAAAAAAAAAAAAAAAAAAAdLRaSbQAAACAIy0i/VOS/Zp/xOT4hbHd1wfeSf45nq0j4sFP7v7o4VyzuTHd3v+3l/ubP873XyniCgYAAACwW3ec3h3HAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAgvXj+aL67DDPuX74cERM94589ma1ORikiTv89idFX3pdExMgA4u88joj3e8VP2mnFRHSy6BX/VIHx04g4M4D4cJw9afc/N3t9/9I4l617f/9G8+Vt9e//0uj2fyN9+p93Dxjjg6e/qPSN/zjig9He/U83ftIn/vkDxv/mN7a3+9W1fhox2fP4k7wWq9JcXa80trYvL6/OLVWXqmszM9PXZq/PXp2dqiwu16r5vz1jfP/Tv/zPXu0/3Sf+xD7tv3DA9v/76cPnn+gUS73iXzzf+/j7fp/4aX7s+2xebtdPdss7nfKrPvz5bz7cq/0Lfdr/8u/f40DbjnnxgO2/dOc7zw74UgBgCBpb2ytztVp1460Kg/qcNyykUUBQhUMqnPhopKHQKezVayTD66AAAICB+d9Jf9GZAAAAAAAAAAAAAAAAAAAAwPE1jJ8T2x1zp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs6b8BAAD///JI2KQ=")
newfstatat(0xffffffffffffff9c, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x0)
lchown(&(0x7f00000006c0)='./file0\x00', r0, 0xee01)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x44, 0x6, 0x418, 0x2b0, 0x2b0, 0x2b0, 0x138, 0x98, 0x380, 0x380, 0x380, 0x380, 0x380, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @ECN={0x28}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@multicast}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x478)

676.133072ms ago: executing program 2 (id=525):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f00000002c0)={@empty}, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x98, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80200, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000005c0)={r1, r0, 0x4, r0}, 0x10)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r3, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
syz_open_procfs(r3, &(0x7f0000000000)='net/fib_trie\x00')
ioctl$TCSETA(r2, 0x5406, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000001c0)=0x16)
r4 = socket(0x18, 0x4, 0x3)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000780)={'dummy0\x00'})
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r6, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xd4}, 0x24008000)
r7 = socket(0x40000000000a, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000b40)=@newtfilter={0x60, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0xb, 0x6}, {}, {0x7}}, [@filter_kind_options=@f_basic={{0xa}, {0x30, 0x2, [@TCA_BASIC_EMATCHES={0x2c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}, @TCA_EMATCH_TREE_LIST={0x20, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x9, 0x3, 0x5}, {0x8, 0xa, 0x4, 0xda5}}}]}]}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4084}, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x4000810}, 0x4)

663.084132ms ago: executing program 0 (id=526):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x18)
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x40, 0x33, 0x0, @private, @broadcast}, {0x0, 0x2, 0x8}}}}}, 0x0)

619.705603ms ago: executing program 3 (id=527):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
uname(&(0x7f0000000300)=""/10)
r2 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0x826e, 0x40, 0x3, 0xf0})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000640)=[{0x0}], 0x1)

507.674374ms ago: executing program 0 (id=528):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x200000)
ioctl$TIOCMBIC(r2, 0x5417, &(0x7f0000000000)=0x8001)
syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x21412ca, 0x0, 0x4, 0x0, &(0x7f00000002c0))
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
utimes(&(0x7f0000000740)='./file0\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710433000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
fcntl$getownex(r4, 0x10, &(0x7f0000000240))
lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0))
statx(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x3000, 0x7ff, &(0x7f0000000380))
r5 = socket$nl_route(0x10, 0x3, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0xfff9, @multicast1}, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r5, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c00070000000000adffffff0c00", @ANYRES16=r5], 0x40c}}, 0x0)
gettid()
io_uring_setup(0x51d2, &(0x7f0000000400)={0x0, 0x631d, 0x1000, 0x2, 0x402d7})
r6 = socket(0x1a, 0x1, 0xfe)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000002100)=0x21, 0x4)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x2, 0x4)
socket(0x40000000015, 0x5, 0x0)

507.275674ms ago: executing program 3 (id=529):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
close(0xffffffffffffffff)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f00000006c0)=0x5f)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = fsopen(&(0x7f0000000100)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)

415.060055ms ago: executing program 3 (id=530):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r4, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="000008000002"})

117.917199ms ago: executing program 3 (id=531):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a3100000000e8010000030a01020000000000000000010000000900030073797a3200000000280004800800024000000000080001400000000514000300626174616476300000000000000000000900010073797a31000000000900010073797a"], 0x25c}}, 0x0)

17.0048ms ago: executing program 3 (id=532):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec85"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000000)={0x40, 0x8, 0x101, 0xc, 0x0, 0x101, 0x0})

0s ago: executing program 0 (id=533):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854529f45826cb35be51682e30944313e2ca73845d177d601880221daeccfda56b75cfe2bad94f000066b2ddab614fec2236da7d88ea07c9ee"}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r2, &(0x7f0000000180)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)

kernel console output (not intermixed with test programs):

99355][ T3307] team0: Port device team_slave_0 added
[   37.107094][ T3307] team0: Port device team_slave_1 added
[   37.114369][ T3309] team0: Port device team_slave_1 added
[   37.128451][ T3317] team0: Port device team_slave_1 added
[   37.162777][ T3317] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.171910][ T3317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.198512][ T3317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.220499][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.228311][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.258283][ T3309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.271827][ T3317] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.279453][ T3317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.306423][ T3317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.325033][ T3305] hsr_slave_0: entered promiscuous mode
[   37.331481][ T3305] hsr_slave_1: entered promiscuous mode
[   37.337586][ T3305] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   37.345506][ T3305] Cannot create hsr debugfs directory
[   37.351451][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.359060][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.386331][ T3307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.397916][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.405658][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.434997][ T3309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.456476][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.464217][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.492167][ T3307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.555261][ T3307] hsr_slave_0: entered promiscuous mode
[   37.562062][ T3307] hsr_slave_1: entered promiscuous mode
[   37.568976][ T3307] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   37.578002][ T3307] Cannot create hsr debugfs directory
[   37.602975][ T3309] hsr_slave_0: entered promiscuous mode
[   37.609875][ T3309] hsr_slave_1: entered promiscuous mode
[   37.616627][ T3309] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   37.625277][ T3309] Cannot create hsr debugfs directory
[   37.646391][ T3317] hsr_slave_0: entered promiscuous mode
[   37.653351][ T3317] hsr_slave_1: entered promiscuous mode
[   37.660443][ T3317] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   37.668619][ T3317] Cannot create hsr debugfs directory
[   37.838994][ T3303] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   37.854332][ T3303] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   37.871703][ T3303] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   37.880777][ T3303] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   37.903999][ T3305] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   37.915401][ T3305] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   37.931142][ T3305] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   37.942631][ T3305] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   37.980107][ T3309] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   37.992421][ T3309] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   38.006164][ T3309] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   38.015690][ T3309] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   38.053759][ T3307] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   38.069499][ T3307] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   38.079774][ T3307] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   38.099803][ T3307] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   38.129516][ T3317] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   38.139652][ T3317] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   38.171899][ T3303] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.179484][ T3317] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   38.193837][ T3317] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   38.210553][ T3303] 8021q: adding VLAN 0 to HW filter on device team0
[   38.226930][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.234965][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.246555][ T3309] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.257418][ T3305] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.276672][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.284354][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.303678][ T3309] 8021q: adding VLAN 0 to HW filter on device team0
[   38.315501][ T3305] 8021q: adding VLAN 0 to HW filter on device team0
[   38.334556][ T3303] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   38.346432][ T3303] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   38.362107][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.370240][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.383654][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.391146][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.402181][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.410786][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.446303][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.453953][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.472341][ T3307] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.496472][ T3307] 8021q: adding VLAN 0 to HW filter on device team0
[   38.524905][ T3305] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   38.537394][ T3305] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   38.555127][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.564416][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.588497][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.596998][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.635217][ T3303] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.655123][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.684990][ T3305] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.722608][ T3317] 8021q: adding VLAN 0 to HW filter on device team0
[   38.757567][ T3309] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.775515][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.784399][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.811713][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.821811][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.855152][ T3303] veth0_vlan: entered promiscuous mode
[   38.875684][ T3307] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.893059][ T3303] veth1_vlan: entered promiscuous mode
[   38.961303][ T3303] veth0_macvtap: entered promiscuous mode
[   38.984797][ T3303] veth1_macvtap: entered promiscuous mode
[   38.995820][ T3309] veth0_vlan: entered promiscuous mode
[   39.016011][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.035653][ T3309] veth1_vlan: entered promiscuous mode
[   39.054336][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.070600][ T3309] veth0_macvtap: entered promiscuous mode
[   39.085842][ T3317] 8021q: adding VLAN 0 to HW filter on device batadv0
[   39.096227][ T3303] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.107160][ T3303] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.118716][ T3303] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.129388][ T3303] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.142899][ T3309] veth1_macvtap: entered promiscuous mode
[   39.177826][ T3305] veth0_vlan: entered promiscuous mode
[   39.184649][ T3307] veth0_vlan: entered promiscuous mode
[   39.195189][ T3307] veth1_vlan: entered promiscuous mode
[   39.206015][ T3309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.218289][ T3309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.231328][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.257577][ T3309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.271433][ T3309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.284098][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.294105][ T3305] veth1_vlan: entered promiscuous mode
[   39.295285][ T3303] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   39.310510][ T3309] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.328698][ T3309] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.339298][ T3309] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.352381][ T3309] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.378606][ T3305] veth0_macvtap: entered promiscuous mode
[   39.387037][ T3305] veth1_macvtap: entered promiscuous mode
[   39.403374][   T29] kauditd_printk_skb: 25 callbacks suppressed
[   39.403392][   T29] audit: type=1400 audit(1745501712.138:116): avc:  denied  { read write } for  pid=3303 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   39.439779][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.450891][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.462807][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.474048][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.474062][   T29] audit: type=1400 audit(1745501712.178:117): avc:  denied  { open } for  pid=3303 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   39.489058][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.515062][   T29] audit: type=1400 audit(1745501712.178:118): avc:  denied  { ioctl } for  pid=3303 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   39.564134][   T29] audit: type=1400 audit(1745501712.298:119): avc:  denied  { prog_load } for  pid=3441 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   39.568178][ T3307] veth0_macvtap: entered promiscuous mode
[   39.586566][   T29] audit: type=1400 audit(1745501712.298:120): avc:  denied  { bpf } for  pid=3441 comm="syz.1.2" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   39.601698][ T3307] veth1_macvtap: entered promiscuous mode
[   39.619439][   T29] audit: type=1400 audit(1745501712.298:121): avc:  denied  { perfmon } for  pid=3441 comm="syz.1.2" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   39.635738][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.652182][   T29] audit: type=1400 audit(1745501712.298:122): avc:  denied  { prog_run } for  pid=3441 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   39.664837][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.688640][   T29] audit: type=1400 audit(1745501712.298:123): avc:  denied  { map_create } for  pid=3441 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   39.725810][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.725827][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.725839][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.740381][ T3445] vhci_hcd: invalid port number 12
[   39.749507][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.762497][ T3445] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[   39.763419][   T29] audit: type=1400 audit(1745501712.478:124): avc:  denied  { write } for  pid=3441 comm="syz.1.2" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   39.776134][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.826276][ T3443] netem: change failed
[   39.834466][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.845673][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.857518][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.857537][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.860528][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.888823][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.901276][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.912479][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.926033][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.937405][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.949236][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.962584][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.979346][ T3305] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.991576][ T3305] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.002052][ T3305] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.012546][ T3305] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.026524][   T29] audit: type=1400 audit(1745501712.758:125): avc:  denied  { create } for  pid=3447 comm="syz.1.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   40.028203][ T3307] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.060572][ T3307] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.070349][ T3307] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.081489][ T3307] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.099219][ T3317] veth0_vlan: entered promiscuous mode
[   40.132391][ T3450] loop2: detected capacity change from 0 to 512
[   40.133971][ T3317] veth1_vlan: entered promiscuous mode
[   40.144117][ T3450] =======================================================
[   40.144117][ T3450] WARNING: The mand mount option has been deprecated and
[   40.144117][ T3450]          and is ignored by this kernel. Remove the mand
[   40.144117][ T3450]          option from the mount to silence this warning.
[   40.144117][ T3450] =======================================================
[   40.195465][ T3451] loop1: detected capacity change from 0 to 512
[   40.199372][ T3317] veth0_macvtap: entered promiscuous mode
[   40.222218][ T3317] veth1_macvtap: entered promiscuous mode
[   40.233184][ T3450] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent
[   40.244371][ T3317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.248714][ T3451] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   40.255721][ T3317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.270045][ T3451] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   40.281645][ T3317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.301291][ T3451] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   40.304649][ T3317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.321294][ T3451] EXT4-fs (loop1): 1 truncate cleaned up
[   40.329643][ T3317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.329662][ T3317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.337764][ T3451] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.346711][ T3317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.379989][ T3317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.392210][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.430600][ T3448] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.6: invalid indirect mapped block 3489660928 (level 0)
[   40.449605][ T3448] EXT4-fs (loop1): Remounting filesystem read-only
[   40.495337][ T3317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.506489][ T3317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.517469][ T3317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.528429][ T3317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.540212][ T3317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.551532][ T3317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.555154][ T3458] loop3: detected capacity change from 0 to 2048
[   40.564386][ T3317] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.581418][ T3317] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.592987][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.605213][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.616611][ T3317] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.627783][ T3317] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.638735][ T3317] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.648197][ T3317] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.649787][ T3458] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.725279][ T3464] xt_TPROXY: Can be used only with -p tcp or -p udp
[   40.876830][ T3467] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   40.930624][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.504151][ T3495] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   41.522145][ T3495] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   41.981316][ T3505] netlink: 340 bytes leftover after parsing attributes in process `syz.2.16'.
[   41.992551][ T3502] Falling back ldisc for ttyS3.
[   41.992901][ T3505] netlink: 48 bytes leftover after parsing attributes in process `syz.2.16'.
[   42.079933][ T3507] Falling back ldisc for ttyS3.
[   42.139169][ T3510] Falling back ldisc for ttyS3.
[   42.263612][ T3520] Zero length message leads to an empty skb
[   42.451544][    C0] hrtimer: interrupt took 37156 ns
[   42.537763][ T3556] netlink: 8 bytes leftover after parsing attributes in process `syz.3.23'.
[   42.705431][ T3554] vlan2: entered allmulticast mode
[   43.366558][ T3554] syz.0.25 (3554) used greatest stack depth: 10952 bytes left
[   43.404755][ T3569] netlink: 340 bytes leftover after parsing attributes in process `syz.0.29'.
[   43.416845][ T3569] netlink: 48 bytes leftover after parsing attributes in process `syz.0.29'.
[   43.432325][ T3571] FAULT_INJECTION: forcing a failure.
[   43.432325][ T3571] name failslab, interval 1, probability 0, space 0, times 1
[   43.445934][ T3571] CPU: 1 UID: 0 PID: 3571 Comm: syz.3.28 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   43.445971][ T3571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   43.445990][ T3571] Call Trace:
[   43.445997][ T3571]  <TASK>
[   43.446007][ T3571]  dump_stack_lvl+0xf6/0x150
[   43.446036][ T3571]  dump_stack+0x15/0x1a
[   43.446059][ T3571]  should_fail_ex+0x261/0x270
[   43.446163][ T3571]  should_failslab+0x8f/0xb0
[   43.446185][ T3571]  kmem_cache_alloc_noprof+0x59/0x340
[   43.446212][ T3571]  ? skb_clone+0x154/0x1f0
[   43.446287][ T3571]  skb_clone+0x154/0x1f0
[   43.446326][ T3571]  __netlink_deliver_tap+0x2bd/0x4f0
[   43.446358][ T3571]  netlink_unicast+0x69e/0x6c0
[   43.446473][ T3571]  netlink_sendmsg+0x609/0x720
[   43.446502][ T3571]  ? __pfx_netlink_sendmsg+0x10/0x10
[   43.446529][ T3571]  __sock_sendmsg+0x140/0x180
[   43.446574][ T3571]  ____sys_sendmsg+0x350/0x4e0
[   43.446606][ T3571]  __sys_sendmsg+0x1a0/0x240
[   43.446651][ T3571]  __x64_sys_sendmsg+0x46/0x50
[   43.446680][ T3571]  x64_sys_call+0x26f3/0x2e10
[   43.446747][ T3571]  do_syscall_64+0xc9/0x1a0
[   43.446810][ T3571]  ? clear_bhb_loop+0x25/0x80
[   43.446831][ T3571]  ? clear_bhb_loop+0x25/0x80
[   43.446871][ T3571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.446892][ T3571] RIP: 0033:0x7f066a62e969
[   43.446913][ T3571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.446930][ T3571] RSP: 002b:00007f0668c97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   43.446952][ T3571] RAX: ffffffffffffffda RBX: 00007f066a855fa0 RCX: 00007f066a62e969
[   43.446964][ T3571] RDX: 0000000024040040 RSI: 0000200000000080 RDI: 0000000000000003
[   43.446976][ T3571] RBP: 00007f0668c97090 R08: 0000000000000000 R09: 0000000000000000
[   43.446988][ T3571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.446999][ T3571] R13: 0000000000000000 R14: 00007f066a855fa0 R15: 00007ffc8bad4ab8
[   43.447097][ T3571]  </TASK>
[   43.663337][ T3571] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28'.
[   43.672653][ T3571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.28'.
[   43.721716][ T3577] loop0: detected capacity change from 0 to 512
[   43.742421][ T3577] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   43.770149][ T3575] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[   43.788417][ T3577] EXT4-fs (loop0): 1 truncate cleaned up
[   43.799743][ T3577] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.831384][ T3577] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.852470][ T3586] 9pnet_fd: Insufficient options for proto=fd
[   43.857304][ T3577] netlink: 72 bytes leftover after parsing attributes in process `syz.0.31'.
[   43.890701][ T3589] process 'syz.2.36' launched './file0' with NULL argv: empty string added
[   43.907964][ T3588] process '/newroot/8/file0' started with executable stack
[   43.922431][ T3590] loop0: detected capacity change from 0 to 128
[   43.937033][ T3590] vfat: Unknown parameter ' vÑU(á]ÝyçEv•ˆtbNs®©á¿E¾_ÛÞçsxÎó'
[   44.017173][ T3593] loop2: detected capacity change from 0 to 512
[   44.056886][ T3600] xt_TPROXY: Can be used only with -p tcp or -p udp
[   44.095399][ T3593] EXT4-fs error (device loop2): ext4_get_journal_inode:5798: inode #32: comm syz.2.37: iget: special inode unallocated
[   44.114272][ T3593] EXT4-fs (loop2): Remounting filesystem read-only
[   44.121299][ T3593] EXT4-fs (loop2): no journal found
[   44.126811][ T3593] EXT4-fs (loop2): can't get journal size
[   44.136011][ T3593] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   44.197688][ T3606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.39'.
[   44.229406][ T3604] Falling back ldisc for ttyS3.
[   44.248438][ T3593] EXT4-fs (loop2): failed to initialize system zone (-117)
[   44.302252][ T3593] EXT4-fs (loop2): mount failed
[   44.622344][ T3584] delete_channel: no stack
[   44.704437][   T29] kauditd_printk_skb: 340 callbacks suppressed
[   44.704454][   T29] audit: type=1400 audit(1745501717.438:466): avc:  denied  { unlink } for  pid=3307 comm="syz-executor" name="file0" dev="tmpfs" ino=75 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   44.939173][ T3611] Falling back ldisc for ttyS3.
[   44.948028][   T29] audit: type=1326 audit(1745501717.658:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3592 comm="syz.2.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f63ca45d2d0 code=0x7ffc0000
[   44.972364][   T29] audit: type=1326 audit(1745501717.658:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3592 comm="syz.2.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f63ca45e56b code=0x7ffc0000
[   44.997650][   T29] audit: type=1326 audit(1745501717.658:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3592 comm="syz.2.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f63ca45d5ca code=0x7ffc0000
[   45.022421][   T29] audit: type=1326 audit(1745501717.658:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3592 comm="syz.2.37" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63ca45e969 code=0x7ffc0000
[   45.144142][   T29] audit: type=1400 audit(1745501717.878:471): avc:  denied  { create } for  pid=3624 comm="syz.1.49" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   45.171975][ T3628] FAULT_INJECTION: forcing a failure.
[   45.171975][ T3628] name failslab, interval 1, probability 0, space 0, times 0
[   45.177869][   T29] audit: type=1400 audit(1745501717.908:472): avc:  denied  { connect } for  pid=3624 comm="syz.1.49" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   45.185414][ T3628] CPU: 0 UID: 0 PID: 3628 Comm: syz.2.50 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   45.185448][ T3628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   45.185465][ T3628] Call Trace:
[   45.185474][ T3628]  <TASK>
[   45.185485][ T3628]  dump_stack_lvl+0xf6/0x150
[   45.185543][ T3628]  dump_stack+0x15/0x1a
[   45.185559][ T3628]  should_fail_ex+0x261/0x270
[   45.185590][ T3628]  should_failslab+0x8f/0xb0
[   45.185617][ T3628]  __kmalloc_node_track_caller_noprof+0xaa/0x410
[   45.185657][ T3628]  ? sidtab_sid2str_get+0xb8/0x140
[   45.185682][ T3628]  ? vsnprintf+0x84d/0x8a0
[   45.185726][ T3628]  kmemdup_noprof+0x2b/0x70
[   45.185767][ T3628]  sidtab_sid2str_get+0xb8/0x140
[   45.185786][ T3628]  security_sid_to_context_core+0x1eb/0x2f0
[   45.185895][ T3628]  security_sid_to_context+0x27/0x30
[   45.185936][ T3628]  selinux_lsmprop_to_secctx+0x6c/0xf0
[   45.185964][ T3628]  security_lsmprop_to_secctx+0x40/0x80
[   45.186052][ T3628]  audit_log_task_context+0x7a/0x180
[   45.186094][ T3628]  audit_log_task+0xfb/0x250
[   45.186124][ T3628]  ? kstrtouint+0x7b/0xc0
[   45.186153][ T3628]  audit_seccomp+0x62/0x100
[   45.186229][ T3628]  __seccomp_filter+0x694/0x10e0
[   45.186257][ T3628]  ? vfs_write+0x669/0x950
[   45.186299][ T3628]  __secure_computing+0x7e/0x150
[   45.186325][ T3628]  syscall_trace_enter+0xcf/0x1f0
[   45.186355][ T3628]  ? fpregs_assert_state_consistent+0x83/0xa0
[   45.186593][ T3628]  do_syscall_64+0xaa/0x1a0
[   45.186666][ T3628]  ? clear_bhb_loop+0x25/0x80
[   45.186693][ T3628]  ? clear_bhb_loop+0x25/0x80
[   45.186720][ T3628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.186747][ T3628] RIP: 0033:0x7f63ca45e969
[   45.186766][ T3628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.186834][ T3628] RSP: 002b:00007f63c8ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000083
[   45.186859][ T3628] RAX: ffffffffffffffda RBX: 00007f63ca685fa0 RCX: 00007f63ca45e969
[   45.186874][ T3628] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   45.186890][ T3628] RBP: 00007f63c8ac7090 R08: 0000000000000000 R09: 0000000000000000
[   45.186906][ T3628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.186922][ T3628] R13: 0000000000000000 R14: 00007f63ca685fa0 R15: 00007fff327e2a08
[   45.186946][ T3628]  </TASK>
[   45.186959][ T3628] audit: error in audit_log_task_context
[   45.206033][   T29] audit: type=1326 audit(1745501717.908:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.2.50" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63ca45e969 code=0x7ffc0000
[   45.265231][ T3633] netlink: 340 bytes leftover after parsing attributes in process `syz.0.52'.
[   45.267572][   T29] audit: type=1326 audit(1745501717.908:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3627 comm="syz.2.50" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f63ca45d2d0 code=0x7ffc0000
[   45.585368][ T3641] xt_TPROXY: Can be used only with -p tcp or -p udp
[   45.669313][ T3643] Falling back ldisc for ttyS3.
[   45.791789][ T3665] loop2: detected capacity change from 0 to 128
[   45.832692][ T3665] EXT4-fs (loop2): unsupported inode size: 237
[   45.839371][ T3665] EXT4-fs (loop2): blocksize: 1024
[   45.842386][ T3680] loop0: detected capacity change from 0 to 2048
[   45.875951][ T3680] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.953684][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.216310][ T3712] loop3: detected capacity change from 0 to 512
[   46.226355][ T3707] loop2: detected capacity change from 0 to 512
[   46.244742][ T3712] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.72: Failed to acquire dquot type 1
[   46.259097][ T3707] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   46.276568][ T3712] EXT4-fs (loop3): 1 truncate cleaned up
[   46.288978][ T3712] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.305968][ T3712] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.320354][ T3707] EXT4-fs (loop2): 1 truncate cleaned up
[   46.326719][ T3707] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.361296][ T3712] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   46.383706][ T3707] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.69: invalid indirect mapped block 3489660928 (level 0)
[   46.403019][ T3707] EXT4-fs (loop2): Remounting filesystem read-only
[   46.430227][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.499599][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.604864][ T3722] loop2: detected capacity change from 0 to 8192
[   46.639722][ T3722] vfat: Unknown parameter ''
[   46.795740][ T3744] loop2: detected capacity change from 0 to 128
[   46.880619][ T3748] sch_tbf: burst 3092 is lower than device lo mtu (65550) !
[   46.883383][ T3744] syz.2.73: attempt to access beyond end of device
[   46.883383][ T3744] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128
[   46.916803][ T3722] syz.2.73: attempt to access beyond end of device
[   46.916803][ T3722] loop2: rw=524288, sector=145, nr_sectors = 224 limit=128
[   46.932718][ T3722] syz.2.73: attempt to access beyond end of device
[   46.932718][ T3722] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   46.998766][ T3722] syz.2.73: attempt to access beyond end of device
[   46.998766][ T3722] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   47.029502][ T3759] loop1: detected capacity change from 0 to 256
[   47.030636][ T3722] syz.2.73: attempt to access beyond end of device
[   47.030636][ T3722] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   47.037428][ T3759] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   47.056084][ T3722] syz.2.73: attempt to access beyond end of device
[   47.056084][ T3722] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   47.075015][ T3722] syz.2.73: attempt to access beyond end of device
[   47.075015][ T3722] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   47.116894][ T3722] syz.2.73: attempt to access beyond end of device
[   47.116894][ T3722] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   47.124119][ T3761] vhci_hcd: invalid port number 12
[   47.130740][ T3722] syz.2.73: attempt to access beyond end of device
[   47.130740][ T3722] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   47.135583][ T3761] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[   47.149447][ T3722] syz.2.73: attempt to access beyond end of device
[   47.149447][ T3722] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[   47.186084][ T3768] __nla_validate_parse: 13 callbacks suppressed
[   47.186105][ T3768] netlink: 340 bytes leftover after parsing attributes in process `syz.1.92'.
[   47.194061][ T3769] netlink: 8 bytes leftover after parsing attributes in process `syz.0.91'.
[   47.203612][ T3768] netlink: 48 bytes leftover after parsing attributes in process `syz.1.92'.
[   47.319515][ T3776] netlink: 8 bytes leftover after parsing attributes in process `syz.0.94'.
[   47.328665][ T3776] netlink: 8 bytes leftover after parsing attributes in process `syz.0.94'.
[   47.433400][ T3783] netlink: 132 bytes leftover after parsing attributes in process `syz.0.99'.
[   47.460903][ T3785] FAULT_INJECTION: forcing a failure.
[   47.460903][ T3785] name failslab, interval 1, probability 0, space 0, times 0
[   47.473968][ T3785] CPU: 0 UID: 0 PID: 3785 Comm: syz.2.98 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   47.473999][ T3785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   47.474013][ T3785] Call Trace:
[   47.474021][ T3785]  <TASK>
[   47.474035][ T3785]  dump_stack_lvl+0xf6/0x150
[   47.474064][ T3785]  dump_stack+0x15/0x1a
[   47.474083][ T3785]  should_fail_ex+0x261/0x270
[   47.474113][ T3785]  should_failslab+0x8f/0xb0
[   47.474139][ T3785]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   47.474174][ T3785]  ? dup_task_struct+0x6e/0x6e0
[   47.474258][ T3785]  dup_task_struct+0x6e/0x6e0
[   47.474333][ T3785]  ? cgroup_rstat_updated+0xa4/0x590
[   47.474371][ T3785]  copy_process+0x39e/0x1f60
[   47.474409][ T3785]  ? io_rw_init_file+0x35/0x600
[   47.474474][ T3785]  ? __pfx_io_wq_worker+0x10/0x10
[   47.474500][ T3785]  create_io_thread+0xab/0xe0
[   47.474547][ T3785]  ? __pfx_io_wq_worker+0x10/0x10
[   47.474578][ T3785]  create_io_worker+0xdd/0x380
[   47.474605][ T3785]  io_wq_enqueue+0x32a/0x410
[   47.474680][ T3785]  ? __pfx_io_wq_work_match_item+0x10/0x10
[   47.474710][ T3785]  io_queue_iowq+0x248/0x380
[   47.474733][ T3785]  io_queue_async+0x42c/0x460
[   47.474756][ T3785]  ? io_req_task_submit+0xaf/0xc0
[   47.474775][ T3785]  io_req_task_submit+0xb9/0xc0
[   47.474837][ T3785]  ? __pfx_io_req_task_submit+0x10/0x10
[   47.474861][ T3785]  io_handle_tw_list+0x194/0x1d0
[   47.474886][ T3785]  tctx_task_work_run+0x6e/0x1c0
[   47.474958][ T3785]  tctx_task_work+0x44/0x80
[   47.474980][ T3785]  task_work_run+0x13c/0x1b0
[   47.475008][ T3785]  get_signal+0xee2/0x1080
[   47.475036][ T3785]  ? bloom_map_peek_elem+0xc2/0xe0
[   47.475136][ T3785]  ? __rcu_read_unlock+0x4e/0x70
[   47.475161][ T3785]  ? bpf_trace_run2+0x12c/0x1d0
[   47.475190][ T3785]  arch_do_signal_or_restart+0x9a/0x480
[   47.475234][ T3785]  syscall_exit_to_user_mode+0x62/0x120
[   47.475275][ T3785]  do_syscall_64+0xd6/0x1a0
[   47.475301][ T3785]  ? clear_bhb_loop+0x25/0x80
[   47.475323][ T3785]  ? clear_bhb_loop+0x25/0x80
[   47.475406][ T3785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.475430][ T3785] RIP: 0033:0x7f63ca45e969
[   47.475444][ T3785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.475464][ T3785] RSP: 002b:00007f63c8ac7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   47.475486][ T3785] RAX: 0000000000000001 RBX: 00007f63ca685fa0 RCX: 00007f63ca45e969
[   47.475540][ T3785] RDX: 0000000000000000 RSI: 000000000000184c RDI: 0000000000000006
[   47.475553][ T3785] RBP: 00007f63c8ac7090 R08: 0000000000000000 R09: 0000000000000000
[   47.475567][ T3785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.475580][ T3785] R13: 0000000000000000 R14: 00007f63ca685fa0 R15: 00007fff327e2a08
[   47.475599][ T3785]  </TASK>
[   47.881513][ T3795] netlink: 8 bytes leftover after parsing attributes in process `syz.3.104'.
[   47.920530][ T3799] netlink: 340 bytes leftover after parsing attributes in process `syz.3.105'.
[   47.932053][ T3799] netlink: 48 bytes leftover after parsing attributes in process `syz.3.105'.
[   48.012194][ T3775] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[   48.012194][ T3775]    program syz.1.95 not setting count and/or reply_len properly
[   48.049871][ T3807] netlink: 8 bytes leftover after parsing attributes in process `syz.3.107'.
[   48.533017][ T3814] loop4: detected capacity change from 0 to 512
[   48.616747][ T3814] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   48.754510][ T3814] EXT4-fs (loop4): 1 truncate cleaned up
[   48.763681][ T3814] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.767009][ T3819] loop3: detected capacity change from 0 to 512
[   48.814681][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.824659][ T3819] EXT4-fs: dax option not supported
[   49.101906][ T3847] loop0: detected capacity change from 0 to 512
[   49.145179][ T3842] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.160978][ T3847] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   49.181454][ T3847] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.194157][ T3842] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.532925][ T3884] loop1: detected capacity change from 0 to 8192
[   49.554294][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   49.572730][ T3884] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[   49.581730][ T3884] FAT-fs (loop1): Filesystem has been set read-only
[   49.607177][ T3884] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[   49.644527][ T3884] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[   49.710185][   T29] kauditd_printk_skb: 308 callbacks suppressed
[   49.710203][   T29] audit: type=1326 audit(1745501722.438:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3905 comm="syz.3.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066a62e969 code=0x7ffc0000
[   49.744417][   T29] audit: type=1326 audit(1745501722.438:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3905 comm="syz.3.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f066a62e969 code=0x7ffc0000
[   49.769442][   T29] audit: type=1326 audit(1745501722.438:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3905 comm="syz.3.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066a62e969 code=0x7ffc0000
[   49.794461][   T29] audit: type=1326 audit(1745501722.438:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3905 comm="syz.3.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f066a62e969 code=0x7ffc0000
[   49.822185][   T29] audit: type=1326 audit(1745501722.448:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3905 comm="syz.3.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066a62e969 code=0x7ffc0000
[   49.846789][   T29] audit: type=1326 audit(1745501722.448:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3905 comm="syz.3.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066a62e969 code=0x7ffc0000
[   50.010634][   T29] audit: type=1326 audit(1745501722.748:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3921 comm="syz.2.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63ca45e969 code=0x7ffc0000
[   50.035285][   T29] audit: type=1326 audit(1745501722.748:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3921 comm="syz.2.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63ca45e969 code=0x7ffc0000
[   50.068665][   T29] audit: type=1326 audit(1745501722.798:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3921 comm="syz.2.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f63ca45e969 code=0x7ffc0000
[   50.093109][   T29] audit: type=1326 audit(1745501722.798:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3921 comm="syz.2.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63ca45e969 code=0x7ffc0000
[   50.144114][ T3929] loop4: detected capacity change from 0 to 2048
[   50.170501][ T3922] pim6reg1: entered promiscuous mode
[   50.175898][ T3922] pim6reg1: entered allmulticast mode
[   50.189029][ T3929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.205360][ T3922] capability: warning: `syz.2.141' uses deprecated v2 capabilities in a way that may be insecure
[   50.291408][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.327534][ T3938] loop3: detected capacity change from 0 to 512
[   50.362272][ T3938] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   50.419283][ T3938] EXT4-fs (loop3): 1 truncate cleaned up
[   50.457950][ T3938] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.613806][ T3944] vhci_hcd: invalid port number 12
[   50.619515][ T3944] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[   50.695423][ T3948] loop2: detected capacity change from 0 to 2048
[   50.732456][ T3948] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.775989][ T3955] loop4: detected capacity change from 0 to 256
[   50.787017][ T3955] FAT-fs (loop4): bogus number of FAT sectors
[   50.793355][ T3955] FAT-fs (loop4): Can't find a valid FAT filesystem
[   50.889388][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.960760][ T3963] loop0: detected capacity change from 0 to 2048
[   50.993016][ T3964] syz.1.154 (3964) used greatest stack depth: 10728 bytes left
[   51.027899][ T3963] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.064284][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.221216][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.281834][ T3992] loop1: detected capacity change from 0 to 8192
[   51.304820][ T3992] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[   51.313042][ T3992] FAT-fs (loop1): Filesystem has been set read-only
[   51.334079][ T3992] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[   51.349344][ T3992] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[   51.363904][ T3997] smc: net device bond0 applied user defined pnetid SYZ0
[   51.377874][ T3999] loop0: detected capacity change from 0 to 512
[   51.386576][ T3999] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   51.396862][ T3997] smc: net device bond0 erased user defined pnetid SYZ0
[   51.405305][ T3999] EXT4-fs (loop0): 1 truncate cleaned up
[   51.419028][ T3999] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.619556][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.984610][ T4021] syz.0.171 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   52.059260][ T4023] Falling back ldisc for ttyS3.
[   52.455911][ T4077] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   52.464696][ T4078] Falling back ldisc for ttyS3.
[   52.476076][ T4077] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   52.580331][ T4083] SELinux: failed to load policy
[   52.593779][ T4086] __nla_validate_parse: 22 callbacks suppressed
[   52.593796][ T4086] netlink: 40 bytes leftover after parsing attributes in process `syz.2.188'.
[   52.717836][ T4090] netlink: 8 bytes leftover after parsing attributes in process `syz.4.189'.
[   52.727515][ T4090] netlink: 8 bytes leftover after parsing attributes in process `syz.4.189'.
[   52.799961][ T4089] netlink: 256 bytes leftover after parsing attributes in process `syz.4.189'.
[   52.809327][ T4089] netlink: 72 bytes leftover after parsing attributes in process `syz.4.189'.
[   53.017004][ T4101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.192'.
[   53.025990][ T4101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.192'.
[   53.073167][ T4105] netlink: 8 bytes leftover after parsing attributes in process `syz.3.195'.
[   53.168928][ T4109] Falling back ldisc for ttyS3.
[   53.303985][ T4113] mmap: syz.3.199 (4113) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   53.320964][ T4121] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   53.439781][ T4134] netlink: 8 bytes leftover after parsing attributes in process `syz.3.201'.
[   53.448970][ T4134] netlink: 8 bytes leftover after parsing attributes in process `syz.3.201'.
[   53.513117][ T4138] loop0: detected capacity change from 0 to 1024
[   53.560604][ T4138] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.573750][ T4145] loop2: detected capacity change from 0 to 128
[   53.582980][ T4145] vfat: Unknown parameter '’ni_xlat'
[   53.624984][ T4152] vhci_hcd: invalid port number 12
[   53.630358][ T4152] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[   53.651612][ T4138] FAULT_INJECTION: forcing a failure.
[   53.651612][ T4138] name failslab, interval 1, probability 0, space 0, times 0
[   53.665688][ T4138] CPU: 0 UID: 0 PID: 4138 Comm: syz.0.204 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   53.665748][ T4138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   53.665838][ T4138] Call Trace:
[   53.665845][ T4138]  <TASK>
[   53.665852][ T4138]  dump_stack_lvl+0xf6/0x150
[   53.665876][ T4138]  dump_stack+0x15/0x1a
[   53.665893][ T4138]  should_fail_ex+0x261/0x270
[   53.665943][ T4138]  should_failslab+0x8f/0xb0
[   53.665997][ T4138]  __kmalloc_noprof+0xad/0x410
[   53.666028][ T4138]  ? ext4_mb_init_cache+0x11e/0xbd0
[   53.666062][ T4138]  ext4_mb_init_cache+0x11e/0xbd0
[   53.666082][ T4138]  ? filemap_add_folio+0x135/0x1b0
[   53.666103][ T4138]  ? __filemap_get_folio+0x481/0x6b0
[   53.666130][ T4138]  ? ext4_get_group_info+0xb5/0xd0
[   53.666214][ T4138]  ext4_mb_init_group+0x245/0x3e0
[   53.666319][ T4138]  ext4_mb_regular_allocator+0xc3e/0x23f0
[   53.666356][ T4138]  ? should_fail_ex+0xd7/0x270
[   53.666384][ T4138]  ext4_mb_new_blocks+0x81d/0x2020
[   53.666491][ T4138]  ? ext4_find_extent+0x6bf/0x7e0
[   53.666519][ T4138]  ? ext4_inode_to_goal_block+0x1cb/0x1f0
[   53.666552][ T4138]  ext4_ext_map_blocks+0x106c/0x36a0
[   53.666635][ T4138]  ? ext4_map_query_blocks+0x10e/0x180
[   53.666675][ T4138]  ext4_map_blocks+0x5c6/0xd00
[   53.666722][ T4138]  ext4_iomap_begin+0x497/0x5c0
[   53.666744][ T4138]  ? __pfx_ext4_iomap_begin+0x10/0x10
[   53.666796][ T4138]  iomap_iter+0x32e/0x770
[   53.666823][ T4138]  __iomap_dio_rw+0x6f9/0x12a0
[   53.666888][ T4138]  ? ext4_xattr_security_get+0x32/0x40
[   53.666948][ T4138]  ? ext4_journal_check_start+0x122/0x1b0
[   53.666978][ T4138]  iomap_dio_rw+0x40/0x90
[   53.667006][ T4138]  ext4_file_write_iter+0xba9/0xf80
[   53.667062][ T4138]  do_iter_readv_writev+0x40d/0x4b0
[   53.667132][ T4138]  vfs_writev+0x2da/0x880
[   53.667179][ T4138]  ? get_pid_task+0x94/0xd0
[   53.667211][ T4138]  __se_sys_pwritev2+0x103/0x1d0
[   53.667240][ T4138]  __x64_sys_pwritev2+0x78/0x90
[   53.667269][ T4138]  x64_sys_call+0x1c86/0x2e10
[   53.667300][ T4138]  do_syscall_64+0xc9/0x1a0
[   53.667346][ T4138]  ? clear_bhb_loop+0x25/0x80
[   53.667371][ T4138]  ? clear_bhb_loop+0x25/0x80
[   53.667449][ T4138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.667474][ T4138] RIP: 0033:0x7fa4c1b7e969
[   53.667510][ T4138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.667531][ T4138] RSP: 002b:00007fa4c01e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   53.667551][ T4138] RAX: ffffffffffffffda RBX: 00007fa4c1da5fa0 RCX: 00007fa4c1b7e969
[   53.667568][ T4138] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000009
[   53.667582][ T4138] RBP: 00007fa4c01e7090 R08: 0000000000000000 R09: 0000000000000003
[   53.667596][ T4138] R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000001
[   53.667689][ T4138] R13: 0000000000000000 R14: 00007fa4c1da5fa0 R15: 00007ffe140ae3b8
[   53.667712][ T4138]  </TASK>
[   54.001432][ T4138] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.204: Allocating blocks 497-513 which overlap fs metadata
[   54.043648][ T4160] loop2: detected capacity change from 0 to 512
[   54.060918][ T4138] EXT4-fs (loop0): pa ffff888106158070: logic 272, phys. 385, len 8
[   54.062550][ T4164] FAULT_INJECTION: forcing a failure.
[   54.062550][ T4164] name failslab, interval 1, probability 0, space 0, times 0
[   54.069006][ T4138] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, 
[   54.081672][ T4164] CPU: 1 UID: 0 PID: 4164 Comm: syz.4.214 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   54.081711][ T4164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   54.081723][ T4164] Call Trace:
[   54.081729][ T4164]  <TASK>
[   54.081736][ T4164]  dump_stack_lvl+0xf6/0x150
[   54.081760][ T4164]  dump_stack+0x15/0x1a
[   54.081780][ T4164]  should_fail_ex+0x261/0x270
[   54.081811][ T4164]  should_failslab+0x8f/0xb0
[   54.081840][ T4164]  __kmalloc_cache_noprof+0x55/0x320
[   54.081971][ T4164]  ? __hw_addr_add_ex+0x15a/0x430
[   54.081997][ T4164]  __hw_addr_add_ex+0x15a/0x430
[   54.082051][ T4164]  dev_addr_init+0xb7/0x130
[   54.082075][ T4164]  ? __pfx_ip6gre_tap_setup+0x10/0x10
[   54.082100][ T4164]  alloc_netdev_mqs+0x225/0xac0
[   54.082129][ T4164]  ? snprintf+0x8c/0xb0
[   54.082170][ T4164]  rtnl_create_link+0x232/0x720
[   54.082217][ T4164]  rtnl_newlink_create+0x14f/0x640
[   54.082257][ T4164]  ? security_capable+0x81/0x90
[   54.082286][ T4164]  ? netlink_ns_capable+0x88/0xa0
[   54.082334][ T4164]  rtnl_newlink+0xf38/0x12d0
[   54.082454][ T4164]  ? bpf_trace_run3+0x134/0x1d0
[   54.082481][ T4164]  ? strlen+0x19/0x30
[   54.082512][ T4164]  ? __kfree_skb+0x102/0x150
[   54.082588][ T4164]  ? __memcg_slab_free_hook+0xc9/0x1e0
[   54.082629][ T4164]  ? __rcu_read_unlock+0x4e/0x70
[   54.082654][ T4164]  ? avc_has_perm_noaudit+0x1cc/0x210
[   54.082712][ T4164]  ? selinux_capable+0x1f9/0x260
[   54.082750][ T4164]  ? security_capable+0x81/0x90
[   54.082809][ T4164]  ? ns_capable+0x7d/0xb0
[   54.082897][ T4164]  ? __pfx_rtnl_newlink+0x10/0x10
[   54.082938][ T4164]  rtnetlink_rcv_msg+0x65a/0x740
[   54.082972][ T4164]  ? should_fail_ex+0xd7/0x270
[   54.082999][ T4164]  ? ref_tracker_free+0x3b8/0x420
[   54.083030][ T4164]  netlink_rcv_skb+0x12f/0x230
[   54.083070][ T4164]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   54.083151][ T4164]  rtnetlink_rcv+0x1c/0x30
[   54.083183][ T4164]  netlink_unicast+0x605/0x6c0
[   54.083226][ T4164]  netlink_sendmsg+0x609/0x720
[   54.083256][ T4164]  ? __pfx_netlink_sendmsg+0x10/0x10
[   54.083283][ T4164]  __sock_sendmsg+0x140/0x180
[   54.083351][ T4164]  ____sys_sendmsg+0x350/0x4e0
[   54.083386][ T4164]  __sys_sendmsg+0x1a0/0x240
[   54.083427][ T4164]  __x64_sys_sendmsg+0x46/0x50
[   54.083476][ T4164]  x64_sys_call+0x26f3/0x2e10
[   54.083531][ T4164]  do_syscall_64+0xc9/0x1a0
[   54.083557][ T4164]  ? clear_bhb_loop+0x25/0x80
[   54.083584][ T4164]  ? clear_bhb_loop+0x25/0x80
[   54.083610][ T4164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.083658][ T4164] RIP: 0033:0x7fd3a943e969
[   54.083677][ T4164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.083697][ T4164] RSP: 002b:00007fd3a7aa7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.083720][ T4164] RAX: ffffffffffffffda RBX: 00007fd3a9665fa0 RCX: 00007fd3a943e969
[   54.083735][ T4164] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[   54.083750][ T4164] RBP: 00007fd3a7aa7090 R08: 0000000000000000 R09: 0000000000000000
[   54.083764][ T4164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.083838][ T4164] R13: 0000000000000000 R14: 00007fd3a9665fa0 R15: 00007ffff02167e8
[   54.083949][ T4164]  </TASK>
[   54.119577][ T4165] 9pnet_fd: Insufficient options for proto=fd
[   54.120304][ T4138] free 0, pa_free 1
[   54.141378][ T4164] syz.4.214 (4164) used greatest stack depth: 10552 bytes left
[   54.296681][ T4160] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.479955][ T4160] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.524052][ T4138] syz.0.204 (4138) used greatest stack depth: 9928 bytes left
[   54.537654][ T4169] infiniband syz!: set active
[   54.540785][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.542800][ T4169] infiniband syz!: added team_slave_0
[   54.560842][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.588378][ T4169] RDS/IB: syz!: added
[   54.593267][ T4169] smc: adding ib device syz! with port count 1
[   54.606252][ T4178] loop1: detected capacity change from 0 to 512
[   54.630887][ T4169] smc:    ib device syz! port 1 has pnetid 
[   54.637817][ T4178] EXT4-fs: dax option not supported
[   54.650192][ T4184] FAULT_INJECTION: forcing a failure.
[   54.650192][ T4184] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   54.663856][ T4184] CPU: 0 UID: 0 PID: 4184 Comm: syz.2.219 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   54.663987][ T4184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   54.664002][ T4184] Call Trace:
[   54.664009][ T4184]  <TASK>
[   54.664017][ T4184]  dump_stack_lvl+0xf6/0x150
[   54.664040][ T4184]  dump_stack+0x15/0x1a
[   54.664055][ T4184]  should_fail_ex+0x261/0x270
[   54.664087][ T4184]  should_fail_alloc_page+0xfd/0x110
[   54.664115][ T4184]  __alloc_frozen_pages_noprof+0x11d/0x360
[   54.664139][ T4184]  alloc_pages_mpol+0xb6/0x260
[   54.664204][ T4184]  vma_alloc_folio_noprof+0x19c/0x300
[   54.664244][ T4184]  handle_mm_fault+0xdda/0x2e80
[   54.664285][ T4184]  exc_page_fault+0x296/0x6a0
[   54.664373][ T4184]  ? path_openat+0x1ab2/0x2000
[   54.664410][ T4184]  asm_exc_page_fault+0x26/0x30
[   54.664433][ T4184] RIP: 0010:rep_stos_alternative+0x40/0x80
[   54.664551][ T4184] Code: c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[   54.664633][ T4184] RSP: 0018:ffffc90001bbbce8 EFLAGS: 00050202
[   54.664651][ T4184] RAX: 0000000000000000 RBX: 0000200000006080 RCX: 0000000000000080
[   54.664666][ T4184] RDX: 0000000000000000 RSI: 0000200000005080 RDI: 0000200000006000
[   54.664680][ T4184] RBP: 0000200000005080 R08: ffffffff81e4d54e R09: 0000000000000000
[   54.664692][ T4184] R10: 0001ffffffffffff R11: ffff8881088d6300 R12: 0000000000001000
[   54.664702][ T4184] R13: 000000007fffa000 R14: ffffc90001bbbe10 R15: 0000000000005000
[   54.664716][ T4184]  ? iov_iter_zero+0xee/0xca0
[   54.664808][ T4184]  iov_iter_zero+0x111/0xca0
[   54.664838][ T4184]  ? kstrtouint_from_user+0xbf/0x100
[   54.664864][ T4184]  ? avc_policy_seqno+0x15/0x20
[   54.664908][ T4184]  ? selinux_file_permission+0x22d/0x360
[   54.665004][ T4184]  read_iter_zero+0x5e/0x1e0
[   54.665083][ T4184]  vfs_read+0x5e6/0x710
[   54.665105][ T4184]  ksys_read+0xeb/0x1b0
[   54.665195][ T4184]  __x64_sys_read+0x42/0x50
[   54.665211][ T4184]  x64_sys_call+0x2a3b/0x2e10
[   54.665232][ T4184]  do_syscall_64+0xc9/0x1a0
[   54.665261][ T4184]  ? clear_bhb_loop+0x25/0x80
[   54.665286][ T4184]  ? clear_bhb_loop+0x25/0x80
[   54.665347][ T4184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.665373][ T4184] RIP: 0033:0x7f63ca45e969
[   54.665387][ T4184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.665482][ T4184] RSP: 002b:00007f63c8ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   54.665500][ T4184] RAX: ffffffffffffffda RBX: 00007f63ca685fa0 RCX: 00007f63ca45e969
[   54.665512][ T4184] RDX: 00000000ffffff1c RSI: 0000200000000080 RDI: 0000000000000003
[   54.665526][ T4184] RBP: 00007f63c8ac7090 R08: 0000000000000000 R09: 0000000000000000
[   54.665540][ T4184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.665552][ T4184] R13: 0000000000000000 R14: 00007f63ca685fa0 R15: 00007fff327e2a08
[   54.665568][ T4184]  </TASK>
[   54.976345][   T29] kauditd_printk_skb: 317 callbacks suppressed
[   54.976360][   T29] audit: type=1326 audit(1745501727.408:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c1b7e969 code=0x7ffc0000
[   55.006734][   T29] audit: type=1326 audit(1745501727.408:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa4c1b7e969 code=0x7ffc0000
[   55.030653][   T29] audit: type=1326 audit(1745501727.408:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c1b7e969 code=0x7ffc0000
[   55.054222][   T29] audit: type=1326 audit(1745501727.408:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c1b7e969 code=0x7ffc0000
[   55.078615][ T4158] delete_channel: no stack
[   55.087621][   T29] audit: type=1326 audit(1745501727.798:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fa4c1b7e969 code=0x7ffc0000
[   55.112453][   T29] audit: type=1326 audit(1745501727.818:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c1b7e969 code=0x7ffc0000
[   55.137974][   T29] audit: type=1326 audit(1745501727.818:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c1b7e969 code=0x7ffc0000
[   55.161750][   T29] audit: type=1326 audit(1745501727.818:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa4c1b7e969 code=0x7ffc0000
[   55.185770][   T29] audit: type=1326 audit(1745501727.818:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c1b7e969 code=0x7ffc0000
[   55.210269][   T29] audit: type=1326 audit(1745501727.818:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4182 comm="syz.0.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4c1b7e969 code=0x7ffc0000
[   55.253327][ T4196] 9pnet_fd: p9_fd_create_unix (4196): problem connecting socket: ./file1: -2
[   55.384889][ T4205] loop2: detected capacity change from 0 to 512
[   55.431280][ T4205] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.225: corrupted in-inode xattr: invalid ea_ino
[   55.489612][ T4211] vhci_hcd: invalid port number 12
[   55.494938][ T4211] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[   55.506297][ T4205] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.225: couldn't read orphan inode 15 (err -117)
[   55.535479][ T4205] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.615595][ T4219] netlink: 'syz.4.228': attribute type 1 has an invalid length.
[   55.641531][ T4216] loop1: detected capacity change from 0 to 2048
[   55.656323][ T4219] 8021q: adding VLAN 0 to HW filter on device bond1
[   55.673937][ T4216] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.738176][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.752140][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.762315][ T4227] loop4: detected capacity change from 0 to 512
[   55.821913][ T4234] loop1: detected capacity change from 0 to 512
[   55.845373][ T4234] EXT4-fs: dax option not supported
[   55.930573][ T4245] syz.4.237 uses obsolete (PF_INET,SOCK_PACKET)
[   56.019333][ T4256] loop0: detected capacity change from 0 to 2048
[   56.050562][ T4256] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.081669][ T4252] loop2: detected capacity change from 0 to 512
[   56.096143][ T4252] EXT4-fs (loop2): orphan cleanup on readonly fs
[   56.108135][ T4252] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.232: bg 0: block 248: padding at end of block bitmap is not set
[   56.121687][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.123616][ T4252] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.232: Failed to acquire dquot type 1
[   56.144271][ T4252] EXT4-fs (loop2): 1 truncate cleaned up
[   56.152837][ T4252] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   56.223083][ T4252] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[   56.246372][ T4269] loop0: detected capacity change from 0 to 128
[   56.264103][ T4273] FAULT_INJECTION: forcing a failure.
[   56.264103][ T4273] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   56.277533][ T4273] CPU: 1 UID: 0 PID: 4273 Comm: syz.3.245 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   56.277638][ T4273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   56.277654][ T4273] Call Trace:
[   56.277663][ T4273]  <TASK>
[   56.277673][ T4273]  dump_stack_lvl+0xf6/0x150
[   56.277701][ T4273]  dump_stack+0x15/0x1a
[   56.277795][ T4273]  should_fail_ex+0x261/0x270
[   56.277823][ T4273]  should_fail+0xb/0x10
[   56.277843][ T4273]  should_fail_usercopy+0x1a/0x20
[   56.277937][ T4273]  _copy_from_user+0x1c/0xa0
[   56.278007][ T4273]  copy_msghdr_from_user+0x54/0x2b0
[   56.278043][ T4273]  ? __fget_files+0x186/0x1c0
[   56.278071][ T4273]  __sys_sendmmsg+0x1eb/0x4b0
[   56.278137][ T4273]  __x64_sys_sendmmsg+0x57/0x70
[   56.278166][ T4273]  x64_sys_call+0x2b53/0x2e10
[   56.278192][ T4273]  do_syscall_64+0xc9/0x1a0
[   56.278222][ T4273]  ? clear_bhb_loop+0x25/0x80
[   56.278249][ T4273]  ? clear_bhb_loop+0x25/0x80
[   56.278277][ T4273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.278342][ T4273] RIP: 0033:0x7f066a62e969
[   56.278360][ T4273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.278379][ T4273] RSP: 002b:00007f0668c97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   56.278444][ T4273] RAX: ffffffffffffffda RBX: 00007f066a855fa0 RCX: 00007f066a62e969
[   56.278458][ T4273] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000003
[   56.278469][ T4273] RBP: 00007f0668c97090 R08: 0000000000000000 R09: 0000000000000000
[   56.278550][ T4273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.278563][ T4273] R13: 0000000000000000 R14: 00007f066a855fa0 R15: 00007ffc8bad4ab8
[   56.278585][ T4273]  </TASK>
[   56.690063][ T4252] syz.2.232 (4252) used greatest stack depth: 9208 bytes left
[   56.707570][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.769836][ T4300] loop1: detected capacity change from 0 to 2048
[   56.814743][ T4300] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.833116][ T4288] bridge: RTM_NEWNEIGH with invalid ether address
[   56.882745][ T4309] loop4: detected capacity change from 0 to 256
[   56.889824][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.054909][ T4321] loop1: detected capacity change from 0 to 1764
[   57.119270][ T4321] iso9660: Corrupted directory entry in block 2 of inode 1920
[   57.246591][ T4335] ipvlan2: entered promiscuous mode
[   57.253311][ T4335] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   57.263670][ T4335] team0: Device ipvlan2 is already an upper device of the team interface
[   57.282933][ T4336] ipvlan2: entered promiscuous mode
[   57.290634][ T4336] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   57.311383][ T4336] team0: Device ipvlan2 is already an upper device of the team interface
[   57.387928][ T4353] loop1: detected capacity change from 0 to 2048
[   57.444398][ T4353] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.493154][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.585489][ T4373] loop4: detected capacity change from 0 to 512
[   57.599674][ T4373] EXT4-fs: dax option not supported
[   57.619057][ T4374] binfmt_misc: register: failed to install interpreter file ./file0
[   57.636134][ T4389] __nla_validate_parse: 8 callbacks suppressed
[   57.636155][ T4389] netlink: 12 bytes leftover after parsing attributes in process `syz.0.278'.
[   57.736733][ T4406] xt_TPROXY: Can be used only with -p tcp or -p udp
[   57.758862][ T4404] Falling back ldisc for ttyS3.
[   57.770900][ T4409] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[   57.780832][ T4409] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'.
[   57.829324][ T4414] loop4: detected capacity change from 0 to 2048
[   57.873328][ T4414] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.949549][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.006909][ T4432] FAULT_INJECTION: forcing a failure.
[   58.006909][ T4432] name failslab, interval 1, probability 0, space 0, times 0
[   58.020297][ T4432] CPU: 1 UID: 0 PID: 4432 Comm: syz.2.293 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   58.020325][ T4432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   58.020337][ T4432] Call Trace:
[   58.020344][ T4432]  <TASK>
[   58.020402][ T4432]  dump_stack_lvl+0xf6/0x150
[   58.020428][ T4432]  dump_stack+0x15/0x1a
[   58.020443][ T4432]  should_fail_ex+0x261/0x270
[   58.020471][ T4432]  should_failslab+0x8f/0xb0
[   58.020494][ T4432]  kmem_cache_alloc_noprof+0x59/0x340
[   58.020528][ T4432]  ? sctp_get_port_local+0x417/0xad0
[   58.020637][ T4432]  sctp_get_port_local+0x417/0xad0
[   58.020682][ T4432]  sctp_do_bind+0x3a1/0x4c0
[   58.020714][ T4432]  sctp_connect_new_asoc+0x161/0x3c0
[   58.020802][ T4432]  sctp_sendmsg+0xe96/0x1870
[   58.020864][ T4432]  ? __pfx_sctp_sendmsg+0x10/0x10
[   58.020901][ T4432]  inet_sendmsg+0xc5/0xd0
[   58.020932][ T4432]  __sock_sendmsg+0x102/0x180
[   58.021009][ T4432]  ____sys_sendmsg+0x350/0x4e0
[   58.021036][ T4432]  __sys_sendmmsg+0x22a/0x4b0
[   58.021083][ T4432]  __x64_sys_sendmmsg+0x57/0x70
[   58.021111][ T4432]  x64_sys_call+0x2b53/0x2e10
[   58.021201][ T4432]  do_syscall_64+0xc9/0x1a0
[   58.021226][ T4432]  ? clear_bhb_loop+0x25/0x80
[   58.021246][ T4432]  ? clear_bhb_loop+0x25/0x80
[   58.021281][ T4432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.021306][ T4432] RIP: 0033:0x7f63ca45e969
[   58.021324][ T4432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.021357][ T4432] RSP: 002b:00007f63c8ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   58.021381][ T4432] RAX: ffffffffffffffda RBX: 00007f63ca685fa0 RCX: 00007f63ca45e969
[   58.021392][ T4432] RDX: 0000000000000001 RSI: 00002000000032c0 RDI: 0000000000000006
[   58.021475][ T4432] RBP: 00007f63c8ac7090 R08: 0000000000000000 R09: 0000000000000000
[   58.021486][ T4432] R10: 00000000000040c0 R11: 0000000000000246 R12: 0000000000000001
[   58.021496][ T4432] R13: 0000000000000000 R14: 00007f63ca685fa0 R15: 00007fff327e2a08
[   58.021514][ T4432]  </TASK>
[   58.328782][ T4434] Falling back ldisc for ttyS3.
[   58.410743][ T4447] loop2: detected capacity change from 0 to 2048
[   58.419424][ T4450] batadv_slave_1: entered promiscuous mode
[   58.425919][ T4450] batadv_slave_1: left promiscuous mode
[   58.447821][ T4447] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.482822][ T4454] vhci_hcd: invalid port number 12
[   58.488185][ T4454] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[   58.568687][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.641041][ T4466] netlink: 8 bytes leftover after parsing attributes in process `syz.4.307'.
[   58.654924][ T4463] FAULT_INJECTION: forcing a failure.
[   58.654924][ T4463] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.668627][ T4463] CPU: 1 UID: 0 PID: 4463 Comm: GPL Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   58.668656][ T4463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   58.668670][ T4463] Call Trace:
[   58.668677][ T4463]  <TASK>
[   58.668725][ T4463]  dump_stack_lvl+0xf6/0x150
[   58.668753][ T4463]  dump_stack+0x15/0x1a
[   58.668769][ T4463]  should_fail_ex+0x261/0x270
[   58.668792][ T4463]  should_fail+0xb/0x10
[   58.668811][ T4463]  should_fail_usercopy+0x1a/0x20
[   58.668867][ T4463]  _copy_to_user+0x20/0xa0
[   58.668948][ T4463]  simple_read_from_buffer+0xb2/0x130
[   58.668997][ T4463]  proc_fail_nth_read+0x103/0x140
[   58.669038][ T4463]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   58.669078][ T4463]  vfs_read+0x1b2/0x710
[   58.669096][ T4463]  ? __rcu_read_unlock+0x4e/0x70
[   58.669201][ T4463]  ? __fget_files+0x186/0x1c0
[   58.669230][ T4463]  ksys_read+0xeb/0x1b0
[   58.669254][ T4463]  __x64_sys_read+0x42/0x50
[   58.669345][ T4463]  x64_sys_call+0x2a3b/0x2e10
[   58.669370][ T4463]  do_syscall_64+0xc9/0x1a0
[   58.669401][ T4463]  ? clear_bhb_loop+0x25/0x80
[   58.669426][ T4463]  ? clear_bhb_loop+0x25/0x80
[   58.669448][ T4463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.669527][ T4463] RIP: 0033:0x7fe83826d37c
[   58.669541][ T4463] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   58.669559][ T4463] RSP: 002b:00007fe8368d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   58.669580][ T4463] RAX: ffffffffffffffda RBX: 00007fe838495fa0 RCX: 00007fe83826d37c
[   58.669644][ T4463] RDX: 000000000000000f RSI: 00007fe8368d70a0 RDI: 0000000000000005
[   58.669655][ T4463] RBP: 00007fe8368d7090 R08: 0000000000000000 R09: 0000000000000000
[   58.669666][ T4463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.669676][ T4463] R13: 0000000000000000 R14: 00007fe838495fa0 R15: 00007ffc7d96c968
[   58.669696][ T4463]  </TASK>
[   58.878700][ T4472] netlink: 12 bytes leftover after parsing attributes in process `syz.0.308'.
[   58.936867][ T4481] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   58.957888][ T4487] loop1: detected capacity change from 0 to 512
[   58.976701][ T4481] netlink: 16 bytes leftover after parsing attributes in process `syz.3.309'.
[   58.998019][ T4487] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   59.002443][ T4481] hub 1-0:1.0: USB hub found
[   59.013066][ T4481] hub 1-0:1.0: 8 ports detected
[   59.029497][ T4487] EXT4-fs (loop1): 1 truncate cleaned up
[   59.035718][ T4487] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.111992][ T4502] vhci_hcd: invalid port number 12
[   59.117282][ T4502] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[   59.182238][ T4506] FAULT_INJECTION: forcing a failure.
[   59.182238][ T4506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.195670][ T4506] CPU: 0 UID: 0 PID: 4506 Comm: syz.3.320 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   59.195702][ T4506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   59.195716][ T4506] Call Trace:
[   59.195724][ T4506]  <TASK>
[   59.195733][ T4506]  dump_stack_lvl+0xf6/0x150
[   59.195758][ T4506]  dump_stack+0x15/0x1a
[   59.195774][ T4506]  should_fail_ex+0x261/0x270
[   59.195797][ T4506]  should_fail+0xb/0x10
[   59.195816][ T4506]  should_fail_usercopy+0x1a/0x20
[   59.195844][ T4506]  _copy_from_user+0x1c/0xa0
[   59.195899][ T4506]  move_addr_to_kernel+0x8c/0x130
[   59.196012][ T4506]  __sys_sendto+0x130/0x230
[   59.196040][ T4506]  __x64_sys_sendto+0x78/0x90
[   59.196059][ T4506]  x64_sys_call+0x2bcb/0x2e10
[   59.196112][ T4506]  do_syscall_64+0xc9/0x1a0
[   59.196134][ T4506]  ? clear_bhb_loop+0x25/0x80
[   59.196152][ T4506]  ? clear_bhb_loop+0x25/0x80
[   59.196170][ T4506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.196188][ T4506] RIP: 0033:0x7f066a62e969
[   59.196201][ T4506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.196224][ T4506] RSP: 002b:00007f0668c97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   59.196240][ T4506] RAX: ffffffffffffffda RBX: 00007f066a855fa0 RCX: 00007f066a62e969
[   59.196250][ T4506] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000006
[   59.196260][ T4506] RBP: 00007f0668c97090 R08: 0000200000000100 R09: 000000000000001c
[   59.196334][ T4506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.196344][ T4506] R13: 0000000000000000 R14: 00007f066a855fa0 R15: 00007ffc8bad4ab8
[   59.196361][ T4506]  </TASK>
[   59.440260][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.578975][ T4516] Falling back ldisc for ttyS3.
[   59.631034][ T4529] vhci_hcd: invalid port number 12
[   59.636749][ T4529] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[   59.689701][ T4534] loop1: detected capacity change from 0 to 512
[   59.700066][ T4539] netlink: 8 bytes leftover after parsing attributes in process `syz.3.327'.
[   59.710193][ T4539] netlink: 8 bytes leftover after parsing attributes in process `syz.3.327'.
[   59.727872][ T4534] EXT4-fs (loop1): blocks per group (71) and clusters per group (20800) inconsistent
[   59.750630][ T4523] netlink: 256 bytes leftover after parsing attributes in process `syz.3.327'.
[   59.760303][ T4523] netlink: 72 bytes leftover after parsing attributes in process `syz.3.327'.
[   59.771728][ T4544] loop0: detected capacity change from 0 to 128
[   59.785279][ T4544] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   59.889910][ T4544] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   59.919398][ T4552] FAULT_INJECTION: forcing a failure.
[   59.919398][ T4552] name failslab, interval 1, probability 0, space 0, times 0
[   59.932367][ T4552] CPU: 0 UID: 0 PID: 4552 Comm: syz.3.333 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   59.932442][ T4552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   59.932461][ T4552] Call Trace:
[   59.932469][ T4552]  <TASK>
[   59.932478][ T4552]  dump_stack_lvl+0xf6/0x150
[   59.932504][ T4552]  dump_stack+0x15/0x1a
[   59.932524][ T4552]  should_fail_ex+0x261/0x270
[   59.932552][ T4552]  should_failslab+0x8f/0xb0
[   59.932601][ T4552]  __kmalloc_noprof+0xad/0x410
[   59.932635][ T4552]  ? fib6_info_alloc+0x2c/0x90
[   59.932672][ T4552]  ? __rcu_read_unlock+0x4e/0x70
[   59.932698][ T4552]  fib6_info_alloc+0x2c/0x90
[   59.932746][ T4552]  ip6_route_info_create+0x34c/0xa90
[   59.932772][ T4552]  ip6_route_add+0x26/0x120
[   59.932870][ T4552]  ipv6_route_ioctl+0x29e/0x2e0
[   59.932907][ T4552]  inet6_ioctl+0x158/0x190
[   59.932933][ T4552]  sock_do_ioctl+0x86/0x220
[   59.932967][ T4552]  sock_ioctl+0x436/0x630
[   59.933002][ T4552]  ? __pfx_sock_ioctl+0x10/0x10
[   59.933108][ T4552]  __se_sys_ioctl+0xc9/0x140
[   59.933137][ T4552]  __x64_sys_ioctl+0x43/0x50
[   59.933168][ T4552]  x64_sys_call+0x168d/0x2e10
[   59.933246][ T4552]  do_syscall_64+0xc9/0x1a0
[   59.933278][ T4552]  ? clear_bhb_loop+0x25/0x80
[   59.933304][ T4552]  ? clear_bhb_loop+0x25/0x80
[   59.933330][ T4552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.933410][ T4552] RIP: 0033:0x7f066a62e969
[   59.933438][ T4552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.933466][ T4552] RSP: 002b:00007f0668c97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   59.933567][ T4552] RAX: ffffffffffffffda RBX: 00007f066a855fa0 RCX: 00007f066a62e969
[   59.933582][ T4552] RDX: 0000200000000540 RSI: 000000000000890b RDI: 0000000000000004
[   59.933596][ T4552] RBP: 00007f0668c97090 R08: 0000000000000000 R09: 0000000000000000
[   59.933611][ T4552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.933630][ T4552] R13: 0000000000000000 R14: 00007f066a855fa0 R15: 00007ffc8bad4ab8
[   59.933651][ T4552]  </TASK>
[   60.030842][   T29] kauditd_printk_skb: 216 callbacks suppressed
[   60.030861][   T29] audit: type=1326 audit(1745501732.728:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4503 comm="syz.4.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a943e969 code=0x7ffc0000
[   60.253936][ T4534] xt_TPROXY: Can be used only with -p tcp or -p udp
[   60.276603][   T29] audit: type=1326 audit(1745501732.808:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4503 comm="syz.4.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a943e969 code=0x7ffc0000
[   60.302075][   T29] audit: type=1326 audit(1745501732.808:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4503 comm="syz.4.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a943e969 code=0x7ffc0000
[   60.326160][   T29] audit: type=1326 audit(1745501732.818:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4503 comm="syz.4.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3a943e969 code=0x7ffc0000
[   60.350060][   T29] audit: type=1326 audit(1745501732.818:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4503 comm="syz.4.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a943e969 code=0x7ffc0000
[   60.373705][   T29] audit: type=1326 audit(1745501732.818:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4503 comm="syz.4.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a943e969 code=0x7ffc0000
[   60.398546][   T29] audit: type=1326 audit(1745501732.818:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4503 comm="syz.4.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd3a943e969 code=0x7ffc0000
[   60.422472][   T29] audit: type=1326 audit(1745501732.818:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4503 comm="syz.4.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a943e969 code=0x7ffc0000
[   60.446272][   T29] audit: type=1326 audit(1745501732.838:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4503 comm="syz.4.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3a943e969 code=0x7ffc0000
[   60.672862][ T4574] loop1: detected capacity change from 0 to 256
[   60.676675][   T29] audit: type=1400 audit(1745501733.408:1337): avc:  denied  { bind } for  pid=4563 comm="syz.1.336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   60.872852][ T4598] loop1: detected capacity change from 0 to 512
[   60.889445][ T4598] EXT4-fs (loop1): blocks per group (71) and clusters per group (20800) inconsistent
[   60.919245][ T4603] 9pnet_fd: Insufficient options for proto=fd
[   61.164751][ T4617] xt_TPROXY: Can be used only with -p tcp or -p udp
[   61.568667][ T4625] loop0: detected capacity change from 0 to 2048
[   61.592778][ T4625] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.610600][ T4625] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   61.622118][ T4625] FAULT_INJECTION: forcing a failure.
[   61.622118][ T4625] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.635529][ T4625] CPU: 0 UID: 0 PID: 4625 Comm: syz.0.356 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   61.635555][ T4625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   61.635566][ T4625] Call Trace:
[   61.635572][ T4625]  <TASK>
[   61.635580][ T4625]  dump_stack_lvl+0xf6/0x150
[   61.635641][ T4625]  dump_stack+0x15/0x1a
[   61.635660][ T4625]  should_fail_ex+0x261/0x270
[   61.635688][ T4625]  should_fail+0xb/0x10
[   61.635743][ T4625]  should_fail_usercopy+0x1a/0x20
[   61.635772][ T4625]  _copy_from_iter+0xd8/0xd10
[   61.635804][ T4625]  ? kmalloc_reserve+0x16e/0x190
[   61.635828][ T4625]  ? __build_skb_around+0x199/0x1f0
[   61.635848][ T4625]  ? __alloc_skb+0x227/0x320
[   61.635869][ T4625]  ? __virt_addr_valid+0x1ed/0x250
[   61.635922][ T4625]  ? __check_object_size+0x367/0x510
[   61.635962][ T4625]  netlink_sendmsg+0x492/0x720
[   61.635995][ T4625]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.636096][ T4625]  __sock_sendmsg+0x140/0x180
[   61.636154][ T4625]  ____sys_sendmsg+0x350/0x4e0
[   61.636227][ T4625]  __sys_sendmsg+0x1a0/0x240
[   61.636265][ T4625]  __x64_sys_sendmsg+0x46/0x50
[   61.636294][ T4625]  x64_sys_call+0x26f3/0x2e10
[   61.636357][ T4625]  do_syscall_64+0xc9/0x1a0
[   61.636389][ T4625]  ? clear_bhb_loop+0x25/0x80
[   61.636416][ T4625]  ? clear_bhb_loop+0x25/0x80
[   61.636442][ T4625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.636468][ T4625] RIP: 0033:0x7fa4c1b7e969
[   61.636552][ T4625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.636653][ T4625] RSP: 002b:00007fa4c01e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.636675][ T4625] RAX: ffffffffffffffda RBX: 00007fa4c1da5fa0 RCX: 00007fa4c1b7e969
[   61.636690][ T4625] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[   61.636705][ T4625] RBP: 00007fa4c01e7090 R08: 0000000000000000 R09: 0000000000000000
[   61.636719][ T4625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.636733][ T4625] R13: 0000000000000000 R14: 00007fa4c1da5fa0 R15: 00007ffe140ae3b8
[   61.636756][ T4625]  </TASK>
[   61.988006][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.025841][ T4645] loop1: detected capacity change from 0 to 2048
[   62.160826][ T4645] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.181409][ T4661] loop0: detected capacity change from 0 to 1764
[   62.393812][ T4661] iso9660: Corrupted directory entry in block 2 of inode 1920
[   62.403085][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.579656][ T4674] 9pnet_fd: Insufficient options for proto=fd
[   62.657157][ T4678] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7424 sclass=netlink_route_socket pid=4678 comm=syz.1.375
[   62.705917][ T4680] FAULT_INJECTION: forcing a failure.
[   62.705917][ T4680] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   62.719596][ T4680] CPU: 0 UID: 0 PID: 4680 Comm: syz.2.376 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   62.719625][ T4680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   62.719645][ T4680] Call Trace:
[   62.719653][ T4680]  <TASK>
[   62.719660][ T4680]  dump_stack_lvl+0xf6/0x150
[   62.719682][ T4680]  dump_stack+0x15/0x1a
[   62.719698][ T4680]  should_fail_ex+0x261/0x270
[   62.719780][ T4680]  should_fail+0xb/0x10
[   62.719799][ T4680]  should_fail_usercopy+0x1a/0x20
[   62.719824][ T4680]  _copy_to_user+0x20/0xa0
[   62.719939][ T4680]  sctp_getsockopt_reconfig_supported+0x338/0x380
[   62.720001][ T4680]  sctp_getsockopt+0x4d4/0xab0
[   62.720040][ T4680]  sock_common_getsockopt+0x5b/0x70
[   62.720090][ T4680]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   62.720128][ T4680]  do_sock_getsockopt+0x1fc/0x290
[   62.720154][ T4680]  __x64_sys_getsockopt+0x13f/0x1c0
[   62.720183][ T4680]  x64_sys_call+0x128f/0x2e10
[   62.720266][ T4680]  do_syscall_64+0xc9/0x1a0
[   62.720300][ T4680]  ? clear_bhb_loop+0x25/0x80
[   62.720327][ T4680]  ? clear_bhb_loop+0x25/0x80
[   62.720350][ T4680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.720370][ T4680] RIP: 0033:0x7f63ca45e969
[   62.720383][ T4680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.720447][ T4680] RSP: 002b:00007f63c8ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   62.720472][ T4680] RAX: ffffffffffffffda RBX: 00007f63ca685fa0 RCX: 00007f63ca45e969
[   62.720484][ T4680] RDX: 0000000000000075 RSI: 0000000000000084 RDI: 0000000000000003
[   62.720496][ T4680] RBP: 00007f63c8ac7090 R08: 0000200000000240 R09: 0000000000000000
[   62.720510][ T4680] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[   62.720524][ T4680] R13: 0000000000000000 R14: 00007f63ca685fa0 R15: 00007fff327e2a08
[   62.720546][ T4680]  </TASK>
[   62.975919][ T4690] __nla_validate_parse: 5 callbacks suppressed
[   62.975938][ T4690] netlink: 108 bytes leftover after parsing attributes in process `syz.3.380'.
[   63.072796][ T4698] loop3: detected capacity change from 0 to 736
[   63.090619][ T4700] loop4: detected capacity change from 0 to 512
[   63.097318][ T4700] EXT4-fs: dax option not supported
[   63.168227][ T4698] netlink: 8 bytes leftover after parsing attributes in process `syz.3.380'.
[   63.180935][ T4698] rock: directory entry would overflow storage
[   63.182089][ T4707] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   63.187639][ T4698] rock: sig=0x5850, size=36, remaining=14
[   63.206202][ T4707] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   63.327000][ T4670] delete_channel: no stack
[   63.407822][ T4727] FAULT_INJECTION: forcing a failure.
[   63.407822][ T4727] name failslab, interval 1, probability 0, space 0, times 0
[   63.421024][ T4727] CPU: 1 UID: 0 PID: 4727 Comm: syz.4.389 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   63.421057][ T4727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   63.421100][ T4727] Call Trace:
[   63.421110][ T4727]  <TASK>
[   63.421120][ T4727]  dump_stack_lvl+0xf6/0x150
[   63.421148][ T4727]  dump_stack+0x15/0x1a
[   63.421167][ T4727]  should_fail_ex+0x261/0x270
[   63.421198][ T4727]  should_failslab+0x8f/0xb0
[   63.421232][ T4727]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   63.421346][ T4727]  ? __alloc_skb+0x10d/0x320
[   63.421373][ T4727]  __alloc_skb+0x10d/0x320
[   63.421396][ T4727]  xfrm_send_acquire+0xc2/0x840
[   63.421423][ T4727]  ? __pfx_xfrm_timer_handler+0x10/0x10
[   63.421449][ T4727]  km_query+0x5f/0xc0
[   63.421473][ T4727]  xfrm_state_find+0x247d/0x2f00
[   63.421551][ T4727]  ? __find_rr_leaf+0x360/0x4c0
[   63.421583][ T4727]  ? fib6_node_lookup+0xaf/0xf0
[   63.421631][ T4727]  xfrm_resolve_and_create_bundle+0x528/0x1ec0
[   63.421680][ T4727]  ? ip6_pol_route_output+0x3f/0x50
[   63.421837][ T4727]  ? __pfx_ip6_pol_route_output+0x10/0x10
[   63.421887][ T4727]  ? xfrm_expand_policies+0x248/0x2b0
[   63.421974][ T4727]  xfrm_lookup_with_ifid+0x1d8/0x1360
[   63.422005][ T4727]  ? ip6_dst_lookup_tail+0x827/0xac0
[   63.422039][ T4727]  ? _copy_from_iter+0x16c/0xd10
[   63.422074][ T4727]  xfrm_lookup_route+0x3b/0x110
[   63.422167][ T4727]  ip6_dst_lookup_flow+0x9d/0xd0
[   63.422199][ T4727]  rawv6_sendmsg+0xa19/0xfd0
[   63.422253][ T4727]  ? __pfx_rawv6_sendmsg+0x10/0x10
[   63.422279][ T4727]  inet_sendmsg+0xc5/0xd0
[   63.422362][ T4727]  __sock_sendmsg+0x102/0x180
[   63.422404][ T4727]  sock_write_iter+0x186/0x1c0
[   63.422443][ T4727]  vfs_write+0x79b/0x950
[   63.422508][ T4727]  ? __pfx_sock_write_iter+0x10/0x10
[   63.422548][ T4727]  ksys_write+0xeb/0x1b0
[   63.422571][ T4727]  __x64_sys_write+0x42/0x50
[   63.422594][ T4727]  x64_sys_call+0x2a45/0x2e10
[   63.422622][ T4727]  do_syscall_64+0xc9/0x1a0
[   63.422687][ T4727]  ? clear_bhb_loop+0x25/0x80
[   63.422711][ T4727]  ? clear_bhb_loop+0x25/0x80
[   63.422731][ T4727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.422751][ T4727] RIP: 0033:0x7fd3a943e969
[   63.422838][ T4727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.422857][ T4727] RSP: 002b:00007fd3a7a86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   63.422880][ T4727] RAX: ffffffffffffffda RBX: 00007fd3a9666080 RCX: 00007fd3a943e969
[   63.422903][ T4727] RDX: 000000000000000b RSI: 0000200000000a00 RDI: 0000000000000004
[   63.422917][ T4727] RBP: 00007fd3a7a86090 R08: 0000000000000000 R09: 0000000000000000
[   63.422931][ T4727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.422942][ T4727] R13: 0000000000000001 R14: 00007fd3a9666080 R15: 00007ffff02167e8
[   63.422959][ T4727]  </TASK>
[   63.887491][ T3307] rock: directory entry would overflow storage
[   63.893861][ T3307] rock: sig=0x5850, size=36, remaining=14
[   63.949098][ T4796] netem: change failed
[   63.956340][ T4799] loop2: detected capacity change from 0 to 512
[   63.964614][ T4799] EXT4-fs: dax option not supported
[   63.968285][ T4796] SELinux:  Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped).
[   64.031906][ T4806] netlink: 'syz.2.397': attribute type 3 has an invalid length.
[   64.069795][ T4812] FAULT_INJECTION: forcing a failure.
[   64.069795][ T4812] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.083225][ T4812] CPU: 0 UID: 0 PID: 4812 Comm: syz.2.398 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   64.083268][ T4812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   64.083281][ T4812] Call Trace:
[   64.083289][ T4812]  <TASK>
[   64.083298][ T4812]  dump_stack_lvl+0xf6/0x150
[   64.083327][ T4812]  dump_stack+0x15/0x1a
[   64.083347][ T4812]  should_fail_ex+0x261/0x270
[   64.083378][ T4812]  should_fail+0xb/0x10
[   64.083397][ T4812]  should_fail_usercopy+0x1a/0x20
[   64.083420][ T4812]  _copy_to_user+0x20/0xa0
[   64.083469][ T4812]  sctp_getsockopt_enable_strreset+0x307/0x350
[   64.083512][ T4812]  sctp_getsockopt+0x7cb/0xab0
[   64.083543][ T4812]  sock_common_getsockopt+0x5b/0x70
[   64.083582][ T4812]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   64.083669][ T4812]  do_sock_getsockopt+0x1fc/0x290
[   64.083693][ T4812]  __x64_sys_getsockopt+0x13f/0x1c0
[   64.083721][ T4812]  x64_sys_call+0x128f/0x2e10
[   64.083747][ T4812]  do_syscall_64+0xc9/0x1a0
[   64.083855][ T4812]  ? clear_bhb_loop+0x25/0x80
[   64.083874][ T4812]  ? clear_bhb_loop+0x25/0x80
[   64.083894][ T4812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.083977][ T4812] RIP: 0033:0x7f63ca45e969
[   64.083995][ T4812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.084015][ T4812] RSP: 002b:00007f63c8ac7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   64.084036][ T4812] RAX: ffffffffffffffda RBX: 00007f63ca685fa0 RCX: 00007f63ca45e969
[   64.084050][ T4812] RDX: 0000000000000076 RSI: 0000000000000084 RDI: 0000000000000003
[   64.084063][ T4812] RBP: 00007f63c8ac7090 R08: 0000200000000080 R09: 0000000000000000
[   64.084074][ T4812] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.084085][ T4812] R13: 0000000000000000 R14: 00007f63ca685fa0 R15: 00007fff327e2a08
[   64.084183][ T4812]  </TASK>
[   64.426834][ T4845] netlink: 256 bytes leftover after parsing attributes in process `syz.2.399'.
[   64.436307][ T4845] netlink: 72 bytes leftover after parsing attributes in process `syz.2.399'.
[   64.546743][ T4866] netlink: 8 bytes leftover after parsing attributes in process `syz.1.405'.
[   64.550216][ T4865] loop3: detected capacity change from 0 to 512
[   64.557707][ T4866] netlink: 8 bytes leftover after parsing attributes in process `syz.1.405'.
[   64.565522][ T4865] EXT4-fs: dax option not supported
[   64.666421][ T4873] loop0: detected capacity change from 0 to 1764
[   64.675344][ T4873] netlink: 'syz.0.410': attribute type 4 has an invalid length.
[   64.691700][ T4873] netlink: 'syz.0.410': attribute type 4 has an invalid length.
[   64.717971][ T4873] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.883299][ T4873] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.002029][ T4873] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.049201][   T29] kauditd_printk_skb: 185 callbacks suppressed
[   65.049219][   T29] audit: type=1400 audit(1745501737.788:1523): avc:  denied  { create } for  pid=4880 comm="syz.3.412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   65.080874][   T29] audit: type=1400 audit(1745501737.788:1524): avc:  denied  { write } for  pid=4880 comm="syz.3.412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   65.104402][ T4873] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.148231][ T4873] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.160271][ T4873] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.172128][ T4873] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.184629][ T4873] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.225428][   T29] audit: type=1400 audit(1745501737.958:1525): avc:  denied  { unmount } for  pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   65.267417][   T29] audit: type=1400 audit(1745501737.998:1526): avc:  denied  { allowed } for  pid=4885 comm="syz.2.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   65.287223][   T29] audit: type=1400 audit(1745501737.998:1527): avc:  denied  { create } for  pid=4885 comm="syz.2.414" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   65.308958][   T29] audit: type=1400 audit(1745501737.998:1528): avc:  denied  { map } for  pid=4885 comm="syz.2.414" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=8519 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   65.333918][   T29] audit: type=1400 audit(1745501737.998:1529): avc:  denied  { read write } for  pid=4885 comm="syz.2.414" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=8519 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   65.375958][   T29] audit: type=1400 audit(1745501738.008:1530): avc:  denied  { execute } for  pid=4885 comm="syz.2.414" path="/94/cpu.stat" dev="tmpfs" ino=513 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   65.399494][   T29] audit: type=1400 audit(1745501738.098:1531): avc:  denied  { read } for  pid=2986 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   65.422045][   T29] audit: type=1400 audit(1745501738.098:1532): avc:  denied  { search } for  pid=2986 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   65.469650][ T4893] vhci_hcd: invalid port number 12
[   65.474823][ T4893] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[   65.503996][ T4895] loop0: detected capacity change from 0 to 512
[   65.517255][ T4895] EXT4-fs: dax option not supported
[   65.535251][ T4897] vhci_hcd: invalid port number 12
[   65.541605][ T4897] vhci_hcd: default hub control req: 4008 v0101 i000c l0
[   65.792910][ T4922] loop4: detected capacity change from 0 to 128
[   65.816815][ T4922] No source specified
[   65.823109][ T4922] netlink: 24 bytes leftover after parsing attributes in process `syz.4.429'.
[   65.871716][ T4929] loop3: detected capacity change from 0 to 512
[   65.896875][ T4929] EXT4-fs: dax option not supported
[   65.918180][ T4931] loop0: detected capacity change from 0 to 2048
[   65.930570][ T4933] loop4: detected capacity change from 0 to 2048
[   65.970419][ T4933] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   65.995956][ T4931] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.013934][ T4943] FAULT_INJECTION: forcing a failure.
[   66.013934][ T4943] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.028143][ T4943] CPU: 1 UID: 0 PID: 4943 Comm: syz.3.434 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   66.028240][ T4943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   66.028254][ T4943] Call Trace:
[   66.028261][ T4943]  <TASK>
[   66.028270][ T4943]  dump_stack_lvl+0xf6/0x150
[   66.028297][ T4943]  dump_stack+0x15/0x1a
[   66.028317][ T4943]  should_fail_ex+0x261/0x270
[   66.028345][ T4943]  should_fail+0xb/0x10
[   66.028402][ T4943]  should_fail_usercopy+0x1a/0x20
[   66.028493][ T4943]  _copy_from_user+0x1c/0xa0
[   66.028533][ T4943]  vmemdup_user+0x66/0xd0
[   66.028567][ T4943]  path_setxattrat+0x1cd/0x320
[   66.028612][ T4943]  __x64_sys_fsetxattr+0x6d/0x80
[   66.028636][ T4943]  x64_sys_call+0x2bad/0x2e10
[   66.028722][ T4943]  do_syscall_64+0xc9/0x1a0
[   66.028750][ T4943]  ? clear_bhb_loop+0x25/0x80
[   66.028786][ T4943]  ? clear_bhb_loop+0x25/0x80
[   66.028834][ T4943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.028859][ T4943] RIP: 0033:0x7f066a62e969
[   66.028876][ T4943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.028896][ T4943] RSP: 002b:00007f0668c76038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[   66.028918][ T4943] RAX: ffffffffffffffda RBX: 00007f066a856080 RCX: 00007f066a62e969
[   66.028933][ T4943] RDX: 0000200000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   66.028947][ T4943] RBP: 00007f0668c76090 R08: 0000000000000000 R09: 0000000000000000
[   66.028967][ T4943] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[   66.028981][ T4943] R13: 0000000000000000 R14: 00007f066a856080 R15: 00007ffc8bad4ab8
[   66.029002][ T4943]  </TASK>
[   66.315106][ T4949] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[   66.360850][ T4942] veth0_macvtap: left promiscuous mode
[   66.366710][ T4942] macvtap0: entered promiscuous mode
[   66.374879][ T4942] veth0_macvtap: entered promiscuous mode
[   66.384225][ T4942] team0: Device macvtap0 failed to register rx_handler
[   66.392183][ T4942] veth0_macvtap: left promiscuous mode
[   66.411014][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.492776][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.524355][ T4958] loop0: detected capacity change from 0 to 512
[   66.534987][ T4960] netlink: 12 bytes leftover after parsing attributes in process `syz.4.439'.
[   66.550792][ T4958] EXT4-fs (loop0): blocks per group (71) and clusters per group (20800) inconsistent
[   66.641418][ T4969] netlink: 16 bytes leftover after parsing attributes in process `syz.1.443'.
[   66.650489][ T4969] A link change request failed with some changes committed already. Interface hsr0 may have been left with an inconsistent configuration, please check.
[   66.701804][ T4972] loop1: detected capacity change from 0 to 512
[   66.711335][ T4972] EXT4-fs: dax option not supported
[   66.763465][ T4974] loop2: detected capacity change from 0 to 1764
[   66.774377][ T4974] iso9660: Corrupted directory entry in block 2 of inode 1920
[   66.838764][ T4976] xt_TPROXY: Can be used only with -p tcp or -p udp
[   67.280187][ T4985] loop2: detected capacity change from 0 to 2048
[   67.316051][ T4985] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.347386][ T4994] loop1: detected capacity change from 0 to 2048
[   67.360786][ T4997] netlink: 12 bytes leftover after parsing attributes in process `syz.4.450'.
[   67.416504][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.451548][ T4994] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.520964][ T5014] loop0: detected capacity change from 0 to 512
[   67.546293][ T5014] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   67.575739][ T5014] EXT4-fs (loop0): orphan cleanup on readonly fs
[   67.593124][ T5020] loop2: detected capacity change from 0 to 512
[   67.594716][ T5014] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[   67.602385][ T5020] EXT4-fs: dax option not supported
[   67.614199][ T5014] EXT4-fs (loop0): Cannot turn on quotas: error -22
[   67.614222][ T5014] EXT4-fs error (device loop0): ext4_orphan_get:1416: comm syz.0.455: bad orphan inode 768
[   67.623376][ T5014] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   67.640364][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.665653][ T5014] FAULT_INJECTION: forcing a failure.
[   67.665653][ T5014] name failslab, interval 1, probability 0, space 0, times 0
[   67.678452][ T5014] CPU: 0 UID: 0 PID: 5014 Comm: syz.0.455 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   67.678489][ T5014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   67.678506][ T5014] Call Trace:
[   67.678519][ T5014]  <TASK>
[   67.678528][ T5014]  dump_stack_lvl+0xf6/0x150
[   67.678555][ T5014]  dump_stack+0x15/0x1a
[   67.678576][ T5014]  should_fail_ex+0x261/0x270
[   67.678686][ T5014]  should_failslab+0x8f/0xb0
[   67.678712][ T5014]  kmem_cache_alloc_noprof+0x59/0x340
[   67.678746][ T5014]  ? getname_flags+0x81/0x3b0
[   67.678897][ T5014]  getname_flags+0x81/0x3b0
[   67.678925][ T5014]  user_path_at+0x26/0x140
[   67.679016][ T5014]  __se_sys_mount+0x25e/0x2e0
[   67.679034][ T5014]  ? fput+0x99/0xd0
[   67.679064][ T5014]  __x64_sys_mount+0x67/0x80
[   67.679166][ T5014]  x64_sys_call+0xd11/0x2e10
[   67.679191][ T5014]  do_syscall_64+0xc9/0x1a0
[   67.679221][ T5014]  ? clear_bhb_loop+0x25/0x80
[   67.679246][ T5014]  ? clear_bhb_loop+0x25/0x80
[   67.679292][ T5014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.679318][ T5014] RIP: 0033:0x7fa4c1b7e969
[   67.679335][ T5014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.679355][ T5014] RSP: 002b:00007fa4c01e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   67.679376][ T5014] RAX: ffffffffffffffda RBX: 00007fa4c1da5fa0 RCX: 00007fa4c1b7e969
[   67.679390][ T5014] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[   67.679401][ T5014] RBP: 00007fa4c01e7090 R08: 0000000000000000 R09: 0000000000000000
[   67.679412][ T5014] R10: 0000000002012024 R11: 0000000000000246 R12: 0000000000000001
[   67.679510][ T5014] R13: 0000000000000000 R14: 00007fa4c1da5fa0 R15: 00007ffe140ae3b8
[   67.679561][ T5014]  </TASK>
[   67.896538][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.927634][ T5025] vhci_hcd: invalid port number 96
[   67.932929][ T5025] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   68.009583][ T5030] vhci_hcd: invalid port number 96
[   68.014851][ T5030] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   68.076831][ T5041] FAULT_INJECTION: forcing a failure.
[   68.076831][ T5041] name failslab, interval 1, probability 0, space 0, times 0
[   68.089881][ T5041] CPU: 0 UID: 0 PID: 5041 Comm: syz.0.466 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   68.089912][ T5041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   68.089926][ T5041] Call Trace:
[   68.089958][ T5041]  <TASK>
[   68.089967][ T5041]  dump_stack_lvl+0xf6/0x150
[   68.089992][ T5041]  dump_stack+0x15/0x1a
[   68.090011][ T5041]  should_fail_ex+0x261/0x270
[   68.090035][ T5041]  should_failslab+0x8f/0xb0
[   68.090057][ T5041]  __kmalloc_node_noprof+0xaf/0x420
[   68.090085][ T5041]  ? __vmalloc_node_range_noprof+0x3e1/0xe80
[   68.090201][ T5041]  __vmalloc_node_range_noprof+0x3e1/0xe80
[   68.090244][ T5041]  ? selinux_capable+0x1f9/0x260
[   68.090278][ T5041]  ? bpf_prog_alloc_no_stats+0x49/0x390
[   68.090305][ T5041]  __vmalloc_noprof+0x5e/0x70
[   68.090322][ T5041]  ? bpf_prog_alloc_no_stats+0x49/0x390
[   68.090350][ T5041]  bpf_prog_alloc_no_stats+0x49/0x390
[   68.090376][ T5041]  ? bpf_prog_alloc+0x28/0x150
[   68.090438][ T5041]  bpf_prog_alloc+0x3a/0x150
[   68.090464][ T5041]  bpf_prog_load+0x532/0x10e0
[   68.090503][ T5041]  __sys_bpf+0x533/0x800
[   68.090570][ T5041]  __x64_sys_bpf+0x43/0x50
[   68.090595][ T5041]  x64_sys_call+0x23da/0x2e10
[   68.090616][ T5041]  do_syscall_64+0xc9/0x1a0
[   68.090642][ T5041]  ? clear_bhb_loop+0x25/0x80
[   68.090702][ T5041]  ? clear_bhb_loop+0x25/0x80
[   68.090724][ T5041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.090744][ T5041] RIP: 0033:0x7fa4c1b7e969
[   68.090759][ T5041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.090776][ T5041] RSP: 002b:00007fa4c01e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   68.090822][ T5041] RAX: ffffffffffffffda RBX: 00007fa4c1da5fa0 RCX: 00007fa4c1b7e969
[   68.090834][ T5041] RDX: 0000000000000094 RSI: 00002000000001c0 RDI: 0000000000000005
[   68.090845][ T5041] RBP: 00007fa4c01e7090 R08: 0000000000000000 R09: 0000000000000000
[   68.090857][ T5041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.090868][ T5041] R13: 0000000000000001 R14: 00007fa4c1da5fa0 R15: 00007ffe140ae3b8
[   68.090886][ T5041]  </TASK>
[   68.090896][ T5041] syz.0.466: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[   68.319996][ T5048] __nla_validate_parse: 2 callbacks suppressed
[   68.320017][ T5048] netlink: 8 bytes leftover after parsing attributes in process `syz.3.468'.
[   68.329518][ T5041] CPU: 0 UID: 0 PID: 5041 Comm: syz.0.466 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   68.329553][ T5041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   68.329567][ T5041] Call Trace:
[   68.329576][ T5041]  <TASK>
[   68.329585][ T5041]  dump_stack_lvl+0xf6/0x150
[   68.329653][ T5041]  dump_stack+0x15/0x1a
[   68.329676][ T5041]  warn_alloc+0x145/0x1b0
[   68.329723][ T5041]  __vmalloc_node_range_noprof+0x478/0xe80
[   68.329827][ T5041]  ? selinux_capable+0x1f9/0x260
[   68.329873][ T5041]  ? bpf_prog_alloc_no_stats+0x49/0x390
[   68.329986][ T5041]  __vmalloc_noprof+0x5e/0x70
[   68.330006][ T5041]  ? bpf_prog_alloc_no_stats+0x49/0x390
[   68.330076][ T5041]  bpf_prog_alloc_no_stats+0x49/0x390
[   68.330109][ T5041]  ? bpf_prog_alloc+0x28/0x150
[   68.330219][ T5041]  bpf_prog_alloc+0x3a/0x150
[   68.330278][ T5041]  bpf_prog_load+0x532/0x10e0
[   68.330383][ T5041]  __sys_bpf+0x533/0x800
[   68.330426][ T5041]  __x64_sys_bpf+0x43/0x50
[   68.330456][ T5041]  x64_sys_call+0x23da/0x2e10
[   68.330484][ T5041]  do_syscall_64+0xc9/0x1a0
[   68.330516][ T5041]  ? clear_bhb_loop+0x25/0x80
[   68.330581][ T5041]  ? clear_bhb_loop+0x25/0x80
[   68.330607][ T5041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.330633][ T5041] RIP: 0033:0x7fa4c1b7e969
[   68.330653][ T5041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.330674][ T5041] RSP: 002b:00007fa4c01e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   68.330698][ T5041] RAX: ffffffffffffffda RBX: 00007fa4c1da5fa0 RCX: 00007fa4c1b7e969
[   68.330713][ T5041] RDX: 0000000000000094 RSI: 00002000000001c0 RDI: 0000000000000005
[   68.330804][ T5041] RBP: 00007fa4c01e7090 R08: 0000000000000000 R09: 0000000000000000
[   68.330819][ T5041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.330833][ T5041] R13: 0000000000000001 R14: 00007fa4c1da5fa0 R15: 00007ffe140ae3b8
[   68.330863][ T5041]  </TASK>
[   68.330871][ T5041] Mem-Info:
[   68.464139][ T5048] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.466701][ T5041] active_anon:7835 inactive_anon:1 isolated_anon:0
[   68.466701][ T5041]  active_file:4941 inactive_file:2073 isolated_file:0
[   68.466701][ T5041]  unevictable:6757 dirty:477 writeback:0
[   68.466701][ T5041]  slab_reclaimable:2849 slab_unreclaimable:15032
[   68.466701][ T5041]  mapped:32701 shmem:3175 pagetables:1319
[   68.466701][ T5041]  sec_pagetables:0 bounce:0
[   68.466701][ T5041]  kernel_misc_reclaimable:0
[   68.466701][ T5041]  free:1890130 free_pcp:12762 free_cma:0
[   68.506914][ T5048] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.511696][ T5041] Node 0 active_anon:31572kB inactive_anon:4kB active_file:19764kB inactive_file:8292kB unevictable:30972kB isolated(anon):0kB isolated(file):0kB mapped:130920kB dirty:1908kB writeback:0kB shmem:12700kB writeback_tmp:0kB kernel_stack:3280kB pagetables:5508kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   68.656559][ T5041] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   68.684527][ T5041] lowmem_reserve[]: 0 2882 7860 7860
[   68.690552][ T5041] Node 0 DMA32 free:2947680kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951308kB mlocked:0kB bounce:0kB free_pcp:3628kB local_pcp:100kB free_cma:0kB
[   68.723096][ T5041] lowmem_reserve[]: 0 0 4978 4978
[   68.729705][ T5041] Node 0 Normal free:4564724kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB active_anon:31316kB inactive_anon:4kB active_file:19764kB inactive_file:8244kB unevictable:56232kB writepending:1900kB present:5242880kB managed:5098244kB mlocked:56224kB bounce:0kB free_pcp:49764kB local_pcp:18476kB free_cma:0kB
[   68.763534][ T5041] lowmem_reserve[]: 0 0 0 0
[   68.768258][ T5041] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   68.781706][ T5041] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947680kB
[   68.797856][ T5041] Node 0 Normal: 306*4kB (UE) 158*8kB (U) 46*16kB (UM) 70*32kB (U) 58*64kB (UME) 18*128kB (U) 17*256kB (UE) 35*512kB (UME) 41*1024kB (UME) 18*2048kB (UM) 1083*4096kB (UM) = 4548568kB
[   68.816834][ T5041] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   68.826698][ T5041] 10133 total pagecache pages
[   68.831673][ T5041] 1 pages in swap cache
[   68.836339][ T5041] Free swap  = 124992kB
[   68.841072][ T5041] Total swap = 124996kB
[   68.845432][ T5041] 2097051 pages RAM
[   68.849592][ T5041] 0 pages HighMem/MovableOnly
[   68.855278][ T5041] 80823 pages reserved
[   69.193693][ T5099] netlink: 12 bytes leftover after parsing attributes in process `syz.2.477'.
[   69.285101][ T5107] 9pnet_fd: Insufficient options for proto=fd
[   69.454943][ T5116] loop3: detected capacity change from 0 to 512
[   69.461767][ T5116] EXT4-fs: dax option not supported
[   69.497416][ T5119] netlink: 404 bytes leftover after parsing attributes in process `syz.3.483'.
[   69.575078][ T5127] loop3: detected capacity change from 0 to 2048
[   69.592171][ T5127] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.640943][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.796058][ T5145] loop2: detected capacity change from 0 to 512
[   69.803056][ T5145] EXT4-fs: dax option not supported
[   69.819735][ T5140] netlink: 8 bytes leftover after parsing attributes in process `syz.3.491'.
[   69.848416][ T5140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.857216][ T5140] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.905259][ T5156] netlink: 404 bytes leftover after parsing attributes in process `syz.2.495'.
[   70.061907][ T5100] delete_channel: no stack
[   70.098161][ T5176] netlink: 12 bytes leftover after parsing attributes in process `syz.2.502'.
[   70.124989][ T5181] loop0: detected capacity change from 0 to 512
[   70.136018][ T5181] EXT4-fs: dax option not supported
[   70.142975][   T29] kauditd_printk_skb: 195 callbacks suppressed
[   70.142992][   T29] audit: type=1400 audit(1745501742.878:1726): avc:  denied  { append } for  pid=5183 comm="syz.4.505" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   70.221729][   T29] audit: type=1400 audit(1745501742.928:1727): avc:  denied  { name_bind } for  pid=5186 comm="syz.0.506" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   70.251726][ T5190] netlink: 404 bytes leftover after parsing attributes in process `syz.1.507'.
[   70.283258][ T5192] loop0: detected capacity change from 0 to 2048
[   70.308100][   T29] audit: type=1326 audit(1745501743.038:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5193 comm="syz.1.509" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe83826e969 code=0x0
[   70.341847][ T3317] EXT4-fs unmount: 1 callbacks suppressed
[   70.341860][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.371835][   T29] audit: type=1400 audit(1745501743.108:1729): avc:  denied  { read } for  pid=5198 comm="syz.0.510" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   70.421966][ T5199] netlink: 24 bytes leftover after parsing attributes in process `syz.0.510'.
[   70.575173][ T5209] loop3: detected capacity change from 0 to 4096
[   70.592823][ T5209] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.822973][ T5215] loop2: detected capacity change from 0 to 512
[   70.841418][ T5215] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   70.855719][ T5215] EXT4-fs (loop2): orphan cleanup on readonly fs
[   70.863700][ T5215] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[   70.878545][ T5215] EXT4-fs (loop2): Cannot turn on quotas: error -22
[   70.885200][ T5215] EXT4-fs error (device loop2): ext4_orphan_get:1416: comm syz.2.516: bad orphan inode 768
[   70.898667][ T5215] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.913581][ T5215] FAULT_INJECTION: forcing a failure.
[   70.913581][ T5215] name failslab, interval 1, probability 0, space 0, times 0
[   70.926689][ T5215] CPU: 0 UID: 0 PID: 5215 Comm: syz.2.516 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   70.926722][ T5215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   70.926809][ T5215] Call Trace:
[   70.926857][ T5215]  <TASK>
[   70.926864][ T5215]  dump_stack_lvl+0xf6/0x150
[   70.926890][ T5215]  dump_stack+0x15/0x1a
[   70.926910][ T5215]  should_fail_ex+0x261/0x270
[   70.926940][ T5215]  should_failslab+0x8f/0xb0
[   70.926962][ T5215]  kmem_cache_alloc_noprof+0x59/0x340
[   70.926989][ T5215]  ? getname_flags+0x81/0x3b0
[   70.927055][ T5215]  getname_flags+0x81/0x3b0
[   70.927117][ T5215]  user_path_at+0x26/0x140
[   70.927151][ T5215]  __se_sys_mount+0x25e/0x2e0
[   70.927174][ T5215]  ? schedule+0x5f/0xd0
[   70.927222][ T5215]  __x64_sys_mount+0x67/0x80
[   70.927292][ T5215]  x64_sys_call+0xd11/0x2e10
[   70.927319][ T5215]  do_syscall_64+0xc9/0x1a0
[   70.927428][ T5215]  ? clear_bhb_loop+0x25/0x80
[   70.927448][ T5215]  ? clear_bhb_loop+0x25/0x80
[   70.927467][ T5215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.927490][ T5215] RIP: 0033:0x7f63ca45e969
[   70.927504][ T5215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.927521][ T5215] RSP: 002b:00007f63c8ac7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   70.927598][ T5215] RAX: ffffffffffffffda RBX: 00007f63ca685fa0 RCX: 00007f63ca45e969
[   70.927612][ T5215] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[   70.927625][ T5215] RBP: 00007f63c8ac7090 R08: 0000000000000000 R09: 0000000000000000
[   70.927636][ T5215] R10: 0000000002012024 R11: 0000000000000246 R12: 0000000000000001
[   70.927646][ T5215] R13: 0000000000000000 R14: 00007f63ca685fa0 R15: 00007fff327e2a08
[   70.927676][ T5215]  </TASK>
[   71.161316][   T29] audit: type=1400 audit(1745501743.888:1730): avc:  denied  { read } for  pid=5217 comm="syz.4.517" name="usbmon1" dev="devtmpfs" ino=143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   71.185251][   T29] audit: type=1400 audit(1745501743.888:1731): avc:  denied  { open } for  pid=5217 comm="syz.4.517" path="/dev/usbmon1" dev="devtmpfs" ino=143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   71.266361][   T29] audit: type=1400 audit(1745501743.988:1732): avc:  denied  { mount } for  pid=5217 comm="syz.4.517" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   71.289064][   T29] audit: type=1400 audit(1745501743.998:1733): avc:  denied  { unmount } for  pid=5217 comm="syz.4.517" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   71.372442][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.455977][ T5225] netlink: 96 bytes leftover after parsing attributes in process `syz.1.518'.
[   71.474464][ T5227] loop0: detected capacity change from 0 to 2048
[   71.502273][ T5229] netlink: 392 bytes leftover after parsing attributes in process `syz.2.519'.
[   71.562976][ T5227] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.624312][ T5225] loop1: detected capacity change from 0 to 512
[   71.705103][ T5234] loop2: detected capacity change from 0 to 512
[   71.743373][ T5225] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 12
[   71.770283][ T5234] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent
[   71.974126][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.056799][ T5236] xt_TPROXY: Can be used only with -p tcp or -p udp
[   72.400146][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.521199][ T5242] loop4: detected capacity change from 0 to 512
[   72.597918][ T5242] EXT4-fs (loop4): blocks per group (71) and clusters per group (20800) inconsistent
[   72.654639][   T29] audit: type=1326 audit(1745501745.388:1734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.3.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f066a62e969 code=0x7ffc0000
[   72.749051][   T29] audit: type=1326 audit(1745501745.418:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.3.527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f066a62e969 code=0x7ffc0000
[   72.894060][ T5261] xt_TPROXY: Can be used only with -p tcp or -p udp
[   72.995522][ T5257] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[   73.321041][ T3294] ==================================================================
[   73.329221][ T3294] BUG: KCSAN: data-race in fill_mg_cmtime / shmem_unlink
[   73.336614][ T3294] 
[   73.339047][ T3294] write to 0xffff88810331f25c of 4 bytes by task 3503 on cpu 0:
[   73.346715][ T3294]  shmem_unlink+0x13b/0x170
[   73.351303][ T3294]  shmem_rename2+0x1d4/0x2c0
[   73.355930][ T3294]  vfs_rename+0x8d8/0xa70
[   73.360288][ T3294]  do_renameat2+0x60e/0xac0
[   73.364810][ T3294]  __x64_sys_rename+0x58/0x70
[   73.369506][ T3294]  x64_sys_call+0x2cd9/0x2e10
[   73.374214][ T3294]  do_syscall_64+0xc9/0x1a0
[   73.378733][ T3294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.384651][ T3294] 
[   73.386993][ T3294] read to 0xffff88810331f25c of 4 bytes by task 3294 on cpu 1:
[   73.394668][ T3294]  fill_mg_cmtime+0x58/0x280
[   73.399291][ T3294]  generic_fillattr+0x241/0x330
[   73.404166][ T3294]  shmem_getattr+0x17b/0x200
[   73.408792][ T3294]  vfs_getattr_nosec+0x141/0x1d0
[   73.413745][ T3294]  vfs_statx+0x145/0x2f0
[   73.417994][ T3294]  vfs_fstatat+0xd9/0x150
[   73.422333][ T3294]  __se_sys_newfstatat+0x58/0x260
[   73.427370][ T3294]  __x64_sys_newfstatat+0x55/0x70
[   73.432480][ T3294]  x64_sys_call+0x2d6f/0x2e10
[   73.437273][ T3294]  do_syscall_64+0xc9/0x1a0
[   73.441800][ T3294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.447731][ T3294] 
[   73.450063][ T3294] value changed: 0x03f509f9 -> 0x03f78b15
[   73.455788][ T3294] 
[   73.458117][ T3294] Reported by Kernel Concurrency Sanitizer on:
[   73.464376][ T3294] CPU: 1 UID: 0 PID: 3294 Comm: udevd Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(voluntary) 
[   73.476381][ T3294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   73.486449][ T3294] ==================================================================
[   73.528241][ T5268] vhci_hcd: invalid port number 12
[   73.533641][ T5268] vhci_hcd: default hub control req: 4008 v0101 i000c l0