last executing test programs:

2m26.219422484s ago: executing program 0 (id=312):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYBLOB="62a02a3a3409777777"], 0xa)
r3 = socket(0x10, 0x3, 0x6)
r4 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000040)={'team0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)

2m26.044171077s ago: executing program 0 (id=313):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x5d00, 0x0, 0x0, 0x41100, 0xa83909e33c40a919, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000500)={'wpan4\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="24000000200001032cbd7000ffdbdf2502002000000000bdd400000008000200ac14141ae03c63a33bd45b26cdd2be56561970cf21871f4acce0408dfc191b97d9040d043aec9e3288a109672f095ea0850ee7bfb42add01ef0a71951e6411eddf42de9fc348629f991041ce0e6dad397c5fa6f87ecf20bc05a67a2223aeb2eb472fb5a3b9968dd8346821b00c68bb287b84a81a99d43cda5c5ec7b308f7f0bd3402eb14523a90afaf2f674f8db47d4131d9ba55434deebdcc98abe9105505f44885860756d572ee673ec213d1b1dfdb647bbbd99c371ad3eb8d16c0af39f31e8d156e916f2c255cfaebb38f27783a2b89fb5137dd8298bfd085e86f0da1002afe41a96924c6e9adb4e142d96bb9448299916fc990295503a0df2548de6a96d2726ed50771de651a", @ANYBLOB="be262c2be995595c2a12ff8f959417cf8b2a109f7308a7db1c426389a6499e7e3cf775f798ff03106300da20f63475cdf4be9b7f454c8154c805c80f48b6d8265650bc97f27f2b2cbf928c09e856fee32d035f671e2dca8e96751cb184adf3f33afdb17014f84f2039c7282d5952eae28636f53a7483e14d1d19d29826"], 0x24}, 0x1, 0x0, 0x0, 0x8054}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r10}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[], 0xa0}}, 0x0)
r11 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000006800019ef00000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
sendmmsg(r11, &(0x7f0000000000), 0x4000000000001f2, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
r12 = gettid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x500, 0x0, 0x2000040}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x2c, r5, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_PID={0x8, 0x1c, r12}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000540)='./file1/file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYRES64, @ANYRES16=r6, @ANYBLOB="f6f9fdf61e6cbce36b15c3fbc0a2aea9b851ea8b5a18440b826835a974592e95b16c446e723369b614930a779aef", @ANYRES16=r3, @ANYRES8=r6], 0xf, 0x2a9, &(0x7f0000000580)="$eJzs3T9rc2UUAPBz07xp1CFFXBTBC76DU3nr6tIoFcROSgR10GJbkCQUWgioYOzUT+Do9/ADOLi4+A0EV8GtHSpX7r8mbZO22JhC399venrPc557ek+aTjn58vVhf/cgiePTP6LdTqKxGZtxlsRaNKL2QzQDAHg8zrIs/s7+S2azsfhqAIBlKP//lx66FgBgOT7+9LMPu9vbWx+laTte7ZyMeklEDE9GvTLe3Y+vYxB78Sw6cR6RXSjX73+wvRXNNLcWT4fjUS/PHH7xW3V+96+IIn8jOrE2O38jLV3kv1hXl0Z3/0n9QydemZ3/9tX8GI6j14q33pyqfz068ftXcRCD2I08d5L//Uaavpf9ePrd5/lt8vykEb3VYl8Ue7PxUpsCAAAAAAAAAAAAAAAAAAAAAMCjt56mSTm+p5jfk18q5ueMeivnRXw9rU3P9xnX84GS+qByPlAW1YiecRY/1fN1nqVpmlUbJ/nNeK3piwUAAAAAAAAAAAAAAAAAAAAgd/TNt/2dwWDvcCGLehpA/bH+a3t+eVoGbjlnc+rKG/nmlXkH9ndW54euLqanDeS13rg5ms1Y0GO5bfFCXs/CT16dNPeT6oHXjVnovV5+96KnaRWqH3J/J7ntXu26cT9Ph1px38Ky4iVxnl3uaXvOy6+1oKfRemlm6J8sy+52zjt/lj2qriTFiI273f1JtZj799W+3otf5x849y1j5f7vOgAAAAAAAAAAAAAAAAAAwCyTD/3OCB7fmNr434oCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCWbfP9/vWhHxOUr1xbjKvmmPdWiFYdHD/wrAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bz4NwAA//81F05G")
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000200)={0x118, r2, 0x8, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_KEY={0x4c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "b78b9f4ea7096bfdbeafd45ad8625cb7af6be90e9ada547fe18df50bd130de22"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "e9ef779c567552cfb9ec78e2e4eab760fab2fa9c70746db53dac1a4bc32ab109"}]}, @NL802154_ATTR_SEC_KEY={0x14, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x10, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0xc, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}]}]}]}, @NL802154_ATTR_SEC_KEY={0x9c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x34, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xfffffffc}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "d8601e8b0efe4d864877df7e7a6df5b188ba0fb7924b33b3432587bb90fb877d"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "1ef6cdd93fc96c16686eca63c62533421d2e40b9877cd0003e4d5256296c7086"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7a6b8bcb7286fffe66b6720b565362d5"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x118}, 0x1, 0x0, 0x0, 0x8094}, 0x811)
r13 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r13, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000080)={@void, @void, @eth={@broadcast, @broadcast, @val={@val={0x88a8, 0x6}, {0x8100, 0x7, 0x0, 0x4}}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x3, 0x21, 0x14, 0x66, 0x0, 0x0, 0x84, 0x0, @rand_addr=0x64010102, @multicast1}}}}}}, 0x2a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})

2m25.81991885s ago: executing program 0 (id=320):
signalfd(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
truncate(&(0x7f0000000280)='./file0\x00', 0xffffffffffffffc8)

2m25.739975781s ago: executing program 0 (id=323):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x21081e, &(0x7f0000000040)={[{@grpquota}, {@nouid32}, {@minixdf}, {@jqfmt_vfsold}, {@nombcache}]}, 0x1, 0x504, &(0x7f0000001480)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9sCWE0KoEqJHkNqQuFEUO45ipzShh/TMFYlKnODIH8C5J+5cENy4lAMSPyJQg8TBaMaT1E3tJtokdhR/PtJo3ps3nu97cea9+Dn2C2BoXY2I3YgYi4h7ETGdHc9lW9xqb8l5z/ceLe3vPVrKRat155+5tDw5Fh2PSVzJrlmMiB9+N+InuVfjNrZ31har1cpmlp9t1jZmG9s7N1ZriyuVlcp6ubwwvzD3yc2Py2fW1vdqY1nqq8/+sPutnyXVmsqOdLbjLLWbXjiMkxiNiO+fR7ABGMnaMzboivC55CPi7Yh4P73/p2MkfTYBgMus1ZqO1nRnHgC47PLpHFguX8rmAqYiny+V2nN478RkvlpvNK/fr2+tL7fnymaikL+/Wq3MZXOFM1HIJfn5NP0iXz6SvxkRb0XEL8Yn0nxpqV5dHuQfPgAwxK4cGf//M94e/wGAS6446AoAAH1n/AeA4WP8B4DhY/wHgOHTHv8nBl0NAKCPvP4HgOFj/AeAofKD27eTrbWfff/18oPtrbX6gxvLlcZaqba1VFqqb26UVur1lfQ7e2rHXa9ar2/MfxRbD2e+vdFozja2d+7W6lvrzbvp93rfrRTSs3b70DIAoJe33nv651wyIn86kW7RsZZDYaA1A85bftAVAAZmZNAVAAbGal8wvE7xGt/0AFwSXZbofUmx2weEWq1W6/yqBJyza18y/w/DqmP+338Bw5Ax/w/Dy/w/DK9WK3fSNf/jpCcCABebOX6gx/v/b2f732ZvDvx4+egZT7o+bjfrXs6uggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHABHaz/W8rWAp+KfL5UingjImaikLu/Wq3MRcSbEfGn8cJ4kp8fcJ0BgNPK/y2Xrf91bfrDqZeK3r1ymByLiJ/+6s4vHy42m5t/jBjL/Wv84HjzSXa83P/aAwDHOxin033HC/nne4+WDrZ+1ufv34mIYjv+/t5Y7B/GH43RdF+MQkRM/juX5dtyHXMXp7H7OCK+2K39uZhK50DaK58ejZ/EfqOv8fMvxc+nZe198rP4whnUBYbN06T/udXt/svH1XTf/f4vpj3U6WX9X3Kppf20D3wR/6D/G+nR/109aYyPfv+9dmri1bLHEV8ejTiIvd/R/xzEz/WI/+EJ4//lK+++36us9euIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m85Rz/YeDf7x6fU3e5Ul7Z/sEb94TPu/fsL2/+Z/9370tdfE/+YH3eLn453XxE/GxG+cMP7i5O+KvcqS+Ms92n/c83/9hPGf/XXnlWXDAYDBaWzvrC1Wq5VNCYmLn0h+ZS9ANbomPutXrLHoXvTzD9r39JGiVuv1F/yse1GvHuMsZt2Ai+Dwpo+I/w66MgAAAAAAAAAAAAAAQFf9+MTSoNsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5fX/AAAA//+YXdZi")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000004, 0x100010, r0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000e8ffffffe0"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x16, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="4daa000000000000711053000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000a80)='kfree\x00', r3, 0x0, 0x800}, 0x9)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
ioctl$sock_SIOCINQ(r5, 0x541b, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000180)={'bridge_slave_1\x00', &(0x7f00000002c0)=@ethtool_gstrings={0x1b, 0x4}})
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000240)={{r0}, &(0x7f0000000080), &(0x7f00000001c0)='%pB    \x00'}, 0x20)
open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0)

2m25.305122167s ago: executing program 0 (id=328):
r0 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000040)=0x14)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000300)={<r1=>0x0, <r2=>0x0}, &(0x7f0000000340)=0xc)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000900, &(0x7f00000002c0)=@sg0, r2, &(0x7f0000000400))
quotactl$Q_GETNEXTQUOTA(0x0, &(0x7f0000000040)=@filename='./file0\x00', r2, &(0x7f0000000200))
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, r1, 0x0, &(0x7f0000000380))
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r5 = dup(r4)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])

2m25.124808329s ago: executing program 0 (id=331):
mkdir(0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0xfc, 0x7ffffcb9}]})
r0 = creat(&(0x7f0000000380)='./file1\x00', 0x10)
fsync(r0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x7}, 0x18)
fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r4)

2m25.08600578s ago: executing program 32 (id=331):
mkdir(0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0xfc, 0x7ffffcb9}]})
r0 = creat(&(0x7f0000000380)='./file1\x00', 0x10)
fsync(r0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x7}, 0x18)
fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r4)

1m26.671794191s ago: executing program 4 (id=1090):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0xa0142, 0x188)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x30410, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30c3a0e4, 0x1, @perf_config_ext={0x20000000000000, 0x1}, 0x11d08, 0x2, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2, <r3=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000200)={r3, 0x0, &(0x7f0000001780)=""/4096}, 0x20)

1m26.590218143s ago: executing program 4 (id=1093):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000140)={[{@min_batch_time={'min_batch_time', 0x3d, 0xd}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@noblock_validity}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x8d)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r4, 0x0, 0x61, 0x0, &(0x7f0000000100)=0x2c)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000007d00000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
open_tree(0xffffffffffffffff, 0x0, 0x100)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
ioprio_set$uid(0x0, 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000002880)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x7}, 0x0, 0x0, 0x1, 0x1414, 0x10001, 0x4e, 0xffffffffffffffca, 0x8, 0x8580, 0x3})
semtimedop(0x0, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x8b7c, 0x800, 0x7, 0x22}, &(0x7f0000000940)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfe}], 0x1, 0x5405, 0x0, 0x0)

1m25.639535116s ago: executing program 4 (id=1101):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x400}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x6}, 0x18)
r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
fchdir(r4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)

1m25.524339377s ago: executing program 4 (id=1104):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)={[&(0x7f0000000080)=').%\x00', &(0x7f0000000180)='GPL\x00']}, &(0x7f00000004c0)={[&(0x7f0000000200)='GPL\x00', &(0x7f0000000280)='-.\\\x00', &(0x7f00000002c0)='GPL\x00', &(0x7f00000003c0)='/\x00', &(0x7f0000000400)='\x00']}, 0x400)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, @perf_config_ext={0xffffffffffffffff, 0x8}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

1m25.266358071s ago: executing program 4 (id=1112):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0xc0400, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0x6, 0x800000000003}, 0x1140, 0x40005dda, 0x0, 0x3, 0x1, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xd, 0x4, 0x4, 0x7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = epoll_create1(0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000000c0)={0x80000000})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000000)={0xc0000009})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r5)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="12000000020000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r8, <r9=>0xffffffffffffffff}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r7}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r9}, &(0x7f0000000140), &(0x7f00000001c0)=r5}, 0x20)
close(r6)
getsockopt$sock_cred(r4, 0x1, 0x11, 0x0, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000340)={&(0x7f00000000c0), 0x0, 0x0, 0x0, 0x3, r1}, 0x38)

1m25.149465643s ago: executing program 4 (id=1116):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_getattr(r0, &(0x7f0000000040)={0x38}, 0x38, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x54, 0x30, 0xb, 0x0, 0x0, {}, [{0x40, 0x1, [@m_ct={0x3c, 0x1, 0x0, 0x0, {{0x7}, {0x14, 0x2, 0x0, 0x1, [@TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e20}, @TCA_CT_MARK={0x8, 0x10, 0x2}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4004000}, 0x4)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000048000), 0x20fffffe)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000004980)=ANY=[@ANYBLOB="38010000100001000000000000000000ac1e0101000000000000000000000000ff020000000000000000000000000001000000002000"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe8000000000000000000000000000bb000000006c000000ac14141c000000000000000000000000fcffffffffffffff0000000000000000000000000000000003000000f8ffffff00000000000000000000000000000000fdffffffffffff0f0000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0001063500000000000000480003006465666c617465000000000000"], 0x138}, 0x1, 0x0, 0x0, 0x4004050}, 0x8000)
pipe2$9p(0x0, 0x0)

1m25.120394993s ago: executing program 33 (id=1116):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_getattr(r0, &(0x7f0000000040)={0x38}, 0x38, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
listxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x54, 0x30, 0xb, 0x0, 0x0, {}, [{0x40, 0x1, [@m_ct={0x3c, 0x1, 0x0, 0x0, {{0x7}, {0x14, 0x2, 0x0, 0x1, [@TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e20}, @TCA_CT_MARK={0x8, 0x10, 0x2}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4004000}, 0x4)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000048000), 0x20fffffe)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000004980)=ANY=[@ANYBLOB="38010000100001000000000000000000ac1e0101000000000000000000000000ff020000000000000000000000000001000000002000"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe8000000000000000000000000000bb000000006c000000ac14141c000000000000000000000000fcffffffffffffff0000000000000000000000000000000003000000f8ffffff00000000000000000000000000000000fdffffffffffff0f0000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0001063500000000000000480003006465666c617465000000000000"], 0x138}, 0x1, 0x0, 0x0, 0x4004050}, 0x8000)
pipe2$9p(0x0, 0x0)

3.014173327s ago: executing program 1 (id=3047):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

2.975577818s ago: executing program 1 (id=3048):
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000001240)={0x2, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x36c, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x800000, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$nci(r0, 0x0, 0xfffffeea)

2.888766529s ago: executing program 1 (id=3050):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000003300)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4}, 0x1c, &(0x7f0000000800)=[{&(0x7f0000000080)="6183", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000880)="3c6fc95adb", 0x5}], 0x1}}], 0x2, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = semget(0x0, 0x1, 0x104)
semctl$IPC_RMID(r1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = shmget$private(0x0, 0x20e4, 0x4, &(0x7f0000f0e000/0x2000)=nil)
shmctl$SHM_UNLOCK(r2, 0xc)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x1, &(0x7f0000000080))
epoll_create1(0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000040)=0xcc, 0x4)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10, 0x4}}}}}}}, 0x0)

2.032304881s ago: executing program 1 (id=3068):
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
timer_create(0x3, 0x0, &(0x7f00000001c0))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r2 = openat$cgroup_devices(r1, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r2, &(0x7f0000000000)={'b', ' *:* ', 'm\x00'}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r0}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64"], 0x44}}, 0x0)

1.925320883s ago: executing program 1 (id=3071):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

1.863858874s ago: executing program 1 (id=3074):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

1.307254851s ago: executing program 6 (id=3088):
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000340)=@filename='./bus\x00', 0x0, &(0x7f0000000180)={0x0, 0x1, 0x14, 0x2000000000000, 0xfffffffffffffffe, 0x2, 0x0, 0xfffffffffffffffd, 0x3f})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r0)

1.120534634s ago: executing program 2 (id=3094):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
unlink(0x0)

1.070082055s ago: executing program 2 (id=3095):
r0 = memfd_secret(0x80000)
fcntl$setlease(r0, 0x400, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000044850000000e0000003f0000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9, 0x4}}, './file0\x00'})
r2 = openat2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r2, 0x0, 0x486, 0x0, &(0x7f0000000240))
ioctl$EVIOCGVERSION(0xffffffffffffffff, 0x80044501, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000e40)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18110000", @ANYRES32=r2, @ANYBLOB="0000000000000000000000f10fa8506eb877bdf3ac089afac4b81c0210e7c3caffbd0a0e9db67c1a0a5d0275"], &(0x7f0000000cc0)='GPL\x00', 0xc, 0x6c, &(0x7f0000000d00)=""/108, 0x41000, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000d80)={0x5, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000e00)=[{0x2, 0x2, 0x0, 0x2}], 0x10, 0x10001, @void, @value}, 0x94)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x511e36599023629, 0x100000, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x4})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, &(0x7f00000004c0)={{0x80}, 'port1\x00', 0x48, 0x120000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
tgkill(0x0, 0x0, 0x16)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xb}]})
syz_clone(0x2002000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r5, &(0x7f0000000080), 0x10)
listen(r5, 0x0)
accept4$llc(r5, 0x0, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

981.859746ms ago: executing program 3 (id=3097):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lstat(0x0, &(0x7f0000000280))

981.529766ms ago: executing program 3 (id=3098):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000540)={0x0, 0xa1ff, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

724.48164ms ago: executing program 5 (id=3102):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000040000000800000010"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)

678.43184ms ago: executing program 5 (id=3103):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4)
getsockname$tipc(0xffffffffffffffff, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x9, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x400}, [@jmp={0x5, 0x0, 0xc, 0xb, 0x0, 0xfffffffffffffffc}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @map_val={0x18, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, @map_idx={0x18, 0xd, 0x5, 0x0, 0x1}]}, &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x41, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x3, 0x3}, 0x8, 0x10, &(0x7f00000001c0)={0x0, 0xa, 0x95b, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000200)=[0x1], 0x0, 0x10, 0x9, @void, @value}, 0x94)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000300)={r0, r1}) (async)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000300)={r0, r1})
socket$xdp(0x2c, 0x3, 0x0) (async)
r2 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000006, 0x4000010, r2, 0x80000000) (async)
mmap$xdp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000006, 0x4000010, r2, 0x80000000)
kcmp(0x0, 0x0, 0x3, r1, r0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={0x1, <r3=>0xffffffffffffffff}, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r0, <r4=>0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{0x1, <r5=>0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f0000000400)=r1}, 0x20)
r6 = syz_open_procfs(0x0, &(0x7f0000000740)='net/ip_mr_vif\x00')
r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000800)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000008c0)={{0x1}, &(0x7f0000000840), &(0x7f0000000880)='%ps    \x00'}, 0x20) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000008c0)={{0x1, <r8=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000880)='%ps    \x00'}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000980)={{0xffffffffffffffff, <r9=>0xffffffffffffffff}, &(0x7f0000000900), &(0x7f0000000940)=r1}, 0x20)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xf3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xf3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r11 = dup2(r1, r2)
pidfd_getfd(0xffffffffffffffff, r1, 0x0) (async)
r12 = pidfd_getfd(0xffffffffffffffff, r1, 0x0)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0xd, 0x45, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @printk={@llx}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x79}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f00000006c0)='GPL\x00', 0x6, 0x3f, &(0x7f0000000700)=""/63, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, r6, 0x8, &(0x7f0000000780)={0x7, 0x3}, 0x8, 0x10, &(0x7f00000007c0)={0x1, 0xd, 0x2, 0xbe}, 0x10, 0x0, r7, 0x2, &(0x7f0000000a40)=[r8, r9, r10, 0xffffffffffffffff, r11, r12], &(0x7f0000000a80)=[{0x4, 0x4, 0x3}, {0x2, 0x3, 0xf, 0x9}], 0x10, 0x8, @void, @value}, 0x94)
setsockopt$MRT6_FLUSH(r12, 0x29, 0xd4, &(0x7f0000000b80)=0x4, 0x4) (async)
setsockopt$MRT6_FLUSH(r12, 0x29, 0xd4, &(0x7f0000000b80)=0x4, 0x4)
io_setup(0xffffffff, &(0x7f0000000bc0)) (async)
io_setup(0xffffffff, &(0x7f0000000bc0)=<r14=>0x0)
r15 = eventfd(0x1)
io_submit(r14, 0x4, &(0x7f0000001ec0)=[&(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x7, 0x3, r13, &(0x7f0000000c00)="231e7b3ce311e6c7e0908ee2f1776975d95f79643741ab5dcabb4b76a735501703348a4ba95415f430916a07fc0e2c5212ea47e42cabef86665389da410bae97c731ba507392b830d15be08e93debb245e0d30e78e99fe3db96cb861e619b541709d9c7fd82e9c8c9efc95cfd88a11a9d18fe272a152213a1bda1449a0e19e930dc4d1cd26648f7f62f78e0355b12cd4ea75715267a1a237fd8ed10033443490e08c10a0b7ae1af3985f7c038a837c906dd8764959f6adf868022f", 0xbb, 0x8, 0x0, 0x0, r7}, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x1, 0x81, r2, &(0x7f0000000d00)="42992c15f46ee2a646b3132ab878b81d0013549462b23227109fb382f1140cbf7fe5d7aff2e0", 0x26, 0x7, 0x0, 0x2, r15}, &(0x7f0000001d80)={0x0, 0x0, 0x0, 0x6, 0x1, r4, &(0x7f0000000d80)="5fb32b1a441f2c0a8c46dfab9a651af7abdd427bc4e728fa28533a336d00d3d04b7bc6647399728b345d69863e92c26d1ca97a0ab0d402ece9b2f4a86b43ee774d8a8981022a0e8748781bf33d84bf5b7edb5efb72227dccd3c8d951f443f331683a9c4aea240196c7971e855531b78e31625bc403649609f9eef47c40a42c1dcc6a4477d336acb2236f1f049196359c28a27a350e692889d8bf40fc1b75ad63e06580d23f0f87c46acc7d5152a432ab15e74544e40b9ab052946483abc789c43d3f6f61ce4fe9be4b9085c3c1ca5bed8127fffb6aa85b3164badd966479da44652ae2807b352110f9299a8d9bc1211efbe7f251a4cec1c6676cbb7f40a427df8a56b1ef16aace2e3a3908a590c0cd6503db4abef354dbfe519f2a23db308870ec50c8ca82fc77d1e3c814c7cf79ae304b53876071a7322daf52d9a6695078894dad375cfc273e78c6492b59e0acee4c4109d5ff29377a268b7d03679d919ab38b0f4665f7804fcfdebd0fbd7ea0327997bbc3778cf5d2985ef9526ef9e8eae85f8d42e957e21fba68071fdb0bdaa269d63923a65decebed23c10c9fddbf33c23b2537490d987bd25b67a1b39e6d96e77fba79c97320ad1ad12f9e4a78b633b10e0c75489a95386f9ac705b6ea4c6ac0c2cb11709412837a9fd8a0267a70e54f85e1a30285ed24ec9e3d3027f05b26d3ad6759910c5452f51ff98f47b9c3cb7809bfbddd922caf298f2090f8d4f43ed9f5c09922155944fb432fa8eb4bd773e090bc5402dcf3672f92b3515d4aebcf3bf2de64d48902e24e81d6a934edfb1d914c1257b220862441ab0c431a37d4bb42f1220b22677a29e005691bcbdb5f164dff6c231a1f5542066d6b289dccb7884591ce8a0a4d207b772218f07cbd51707ef55e1f3710fe8106f6c87f9101bc550791d998f3bd59cf096c5cb08a1efa51f0f35fbb25d06c7434663fb449249c1bb19e9921aa6b8b654e9a34b995f6919ffe221b0563ee75b775b2f0b4f37b2f44651469d079ac309e315e8e44465a1669372b0743e5a641c5a7e9bedc31bcb00c0ef10016b26bae77fdabdf3a4b9c9dbf07382d3999a19419bcc19c4be1ebeb6fe05f4e03a1e82ddc01bef3a33bbf5db87b1964216771ff188f8bc9f26ab6a7c4f5088fb7beab3824ccea704ab6d725303565d45edf09ab13db781b6345f60e1a18793f63fb80e14d8bad678c83be5eb44698a21122cc35a8641a0e0eac8ba8c41a284a2b166efa5493a6988e03ce5527759659980d07c4f25e4037dfbff66c81bcd17cbf91df432c3059cf6ee9e17a45a3b5c936941afbd1955398b690370c4693f9c95fe45d4a9200b169a652dbbe4fa7c0e4fe192abb5a440ba9f23735290b37b9e6929159c10e156f045faedc6617a3f35753275ccceb07397d6a5021fc8040704fada1d1922fe868f55eb9f1f07347342849244ae680d3654c92d8b933853ec2b2f7adb94fafebeb5fe7c3981f9d7decd5969e36209d77c8c4a98e882a1e7a472bd5b67af579b7672bf06ddb9cf64ad6ac913dacd024c3091a983a12fdf8dd9cbf666b345ba033d507631d08c18723d7361cf6282f0bdcac3e5f6077fd37a90631c5267b1030ec93c2f95a83ff8954d67d4d070ad62ae747f8f5d9ee9e901a53fa2d220fe9137334e96ccdbb14fdcece292fdf180384d83d9ce9a5be9cbc37c5c1eb9d0e44dcd7fe6f6391ef4d5a46ff1ce47f3a9f51006bda0773096404e0754bef4b39a6327d5cfc26b089a6a70095d91da390dbc804deee95606a326ea97c8b4a10812bd65764e907884b72ec73a02c757d0d46c695271d3f82550ca211e155d2b5b0b0351a071ee2896a5932a75ac716e52271c461db9f5363f3dc85b2e7bd4f43cfd552fb060d0a04a5f16149818a107cf7409c6276435dad1ee7abe74aed5efdeb23cdcfa3436634d7d104310bd65807ff4d1862d020e84e0977a2e772dbd805240530cad050791fbe2f78510d27993626949fbcb6852db00248f491e38d3bf83f2ea2145791aecdfe1fd3f6efb1da37ce23c48b8f982f62dcd52c770d3225afc1658f313fc91fa80472e254d9d6e3b8d3b7a8f6e50d1bef3ab46782912b33527a8f33f798f9ddd6c831d99b3a0d58f6102b0473b43cbc1d1c0a62797d546bfce6bc0b21d44cd777daafd52372b31f640c52c029f01a7a3f959105e63c0010d2c8a04678ffcd6f1a41a5b363f6df6efd700af441c4fa5618b27590ec8dec596fa7318634663b4e30c90b8078093ae4ac10badd8b79705d2b012532d2982e2be10e26280558d4fd4e9d912fdf109312a8e46bf6321b351c20685d10c6e303831256ae3903c2b7e4816ea7f58fbd09790e25c17cf98e7ade0249dcaac07ce3dd142b9f4b07e7a6f2084cf892cb3d75cae7c863f2ab2fefcbc1caf7fd70b5551d0e936f569992f2b6372463f904ad2a294edfcc423b6f9e2a96a53c1be9869efd5fc803a33cb9de689fefc3083effde323d28a4767aef8dd2cc74594c2d95683068df239f395d210a78311ad931a2ac3483006b9548bdbef2951396e69be45e502ea9e92abf9853ac698cefd80502207f4b7219a0b1520641797e468629aee52ba8a3a388513debaadfbe597525c6ab90e94a6f356422fb9bb86238b4fd03544b65d7e612417481f8a89eee99d2fe0dac3927d5bb50239757525b40a31135e348c2591986fe51febf86799a046a8ef9e9a6831b1014a3161bd85df459dd4c0c4c48e478bc8307997e84f4ab252c4b8c5fd554c802c24a445311f0f7e0dcb89b72b50b963395ef9624a392cf2808460e5d1c5cabd127ba7b41bfafc74a6cdf852f4d531096138be9bee8c61e8d291020d524f368c059c1e68e6ae8e354eccb3bd6726bcbb9cd0b9e5bd1eb484f3cdf709ffe8ba3ae2ed28c83e64d5e91e764c85cf6e9909dd412dd66f707f6ebc072c71623e552df0fcdb443e61ef47269303573f9daa51138aa30dd09ab58e1c03706db3cd4a8163d8efa09c7ea21d3f37a31a777a6569009b1fa737667385b27b023b957b89810025beec08e3aa4d4d6d20fe074da6e4ebb1e93b298f80fa39af1a3e1b9cd4d5a4af9a81671fb09879257e76990d70a4f7650f146e5e3de6c631731b85d03c10336f365c47fa9267dbe5b776e6dfc7dce5b964793f1a220d6f16fcb44562101c94fcb0bb78d00a2960b0cca20b4cb95af94df9efcaf66a55707755894550ed009258d6aeb08c470df090cee3500c33f70a700b4efdb637aaf926295239fd65e76e9bdd76025c8e9b80592fc7e336de23d412088c3a84a47623f118d163bc32ccb0d733c740c3323df725f6f27df27898e99ed355432a92732724763729c9e502001c67dfd5262f8857628676ebb5f73e2735e98723ae2c353769fafb4a8e23b9e4ec7a48f870d4ed3408600516241e258a85607584d7d13a9d6f7515a528e7a1fa1c25f0c30de7e38517f1d4c855c569e9836a388d4cb712f4d3de7d0b4ff0d6e7272eca9a91d97dc70b862979044150378b7eb0d636e43f87ccc07b09643b7cdf1f3ee9aee3146310cd5b88d9d6fa7001a4d8a923028050c2405f571a4cfdbaa52aafa765aa3c082a314c2a179cdcb5311be0cefdfb3ea9d2a966bc389c9c601baec53c5dfd24356672dd44b2e3509f3667fe27af2f5f0f1ff13ef18dbde3f0af7bd6247736f95b341c440db694b5a3f57f731243a2bc04cf09335931a48e7e3507f7c9f3c16fe14feae1ed5de67581e2ba0214fe99ab23464e7c866fa5f0ea2b4ffe27fc09974abb73efba59e388010b12b2e9b977df90f46089c2437b420f1255d99ed7642f07cda0c6a4b35f79fb3cad19f69b889bf3f6f575b59202e73932d923f6b72f69e64a97ee55e770b9017206ce56211e178bf8c9371ba4f2954175e66777a48074219ca8bac7c8a049173eb84a58693fdd4e022afb7725aebcaf2f9c363fb8d3aaf97640c6f8549ae1f51fa44f1df5a3910249ad5cd1fa43ad0014676838c990631a9f8a104d9bf06972198027f4468ffa935c633722b6c30fe58be72366f7a958bfcfdca34a3e4718ed4e996ba11ae18c69d289a5996e93a557fccc2e23ae9ab0aca58dec836575ab88fe3056f5702b6c5907693d1bdab3dde41db02004718d253b7c66066fbd3dd9c50c33cc38ac908fbb3bc45543668ca048d83ed9f3bceba5d6b6fb62f7c4bc143b9df5ab1cc979e7562c43d7f07ea8518a17948cef1cbb00e3668d6c616b99410e6f2c5047a4e3649140458338d41b3aadedfc5fc6c6f60b5b9458de5d4fb3281fd6d66bfc4f75bb119101ce6fe0a052433354b91d665123525603ffb3cceb18a62289d4b38c7ff69fcd54bdc2485561d91c3e6ed9afcf21581dcfd6c5e63b93d49b93283e6fadcfeae75ff529b1d77d38814869d6e76ae31b50a7fc0109b133119a64804679780a2b002f33bd873bf1be07fe30d15b56e9b6ab1eb3cd263b58e663dd8b1c2edd4483460c4a251ff1e5b737b37ca4e2a460d2dbe4bdffff3b53044c1be7df33c08c453cbb57941da13e8940e258437fa5fbb3d78fd20be82c2095c84b512da668f064effa4494ac532a493395cfaede295b27310e3135e6e43a444419b97b78c7de4731d313cc176c736c4e6d445c514c2e10153fffed2c6c1c35b0a0d6094e96870fbc1e2b11d891c23a65a07533607e7d88c257a681bf6aab8ee04d4b4495f2551a47dbb991c6b4244b7f46809be2e6663137bbaaa542f156d3dfea849ff7c75b1a1144db8bb87b7d19cb030accced3cf5c939217cdca0afebbf0dba0d316b4a8f5465c1f11bfb65062adc094492a1461706bc727884879210162470c2674ec692353f7f0ae00d34b7d4dcc0644bc81f7d40d6659d6258973ff376fb7b334ed47bd46030764b30f10eefb6f82df888c705c21dff595db268e7d12bc837324fc0fce4d7d2930af9d741d61e67effb8571595f2dc7dba1a47ec18898a8b4fda4a7262807e2a1bf9b4d85804741e2af8adf35abd4832d109f1218f901a95f0fcd0f759e46a836669cca4f4648aa492f4e47d4dfb1f05ffddfccd603010bd3ebd47c4a9ccaa58253a10e4b3236d3c680fa6d5bba7b44d252b07b28377cf9e357f5777a686baf48eb07d9f44d03fa14b960312ef72ffa21b3ee08b53e026ff5a4279f5505e6202086e2c4e2200a9e907243a070ef9361fec0cc85c72ec828410b910b43ec519996fddba424d4fd120bbe5963476f32abde6e9a4b7d700760a75f27c7cdf2402801bbda2c20547a1369f2e27f8a86532041125f610bb438bb60c4782a7708b559d8cd1dce4966b438ddeca1eb2aaecf14a4f6bf873d7fafd02addcfcea5ba23cf19dabf00f13dbf63f7de43b1d4e473e6e19474cc91473ec4341fb84e3200614dc5072487a7261f85e0596e884dee9b6667b929a626d4fc5a84afbf5595d484fb3b2430835f0f5ffcf9b58087ef5b80dd03f09645538dcece8b52fddfe179ebb8064819e7400f0cc2bef719d778ce6869810eadca34fe5a638efe22d02defd9e118aad011af0f4556a6fc8c002b7b804e3b17319ab2e7f5bfe8ef989545edab2c7d6902113cbc97d2e66f71f51ebfa7fbedc51349e2227d461287330b055cbcea6765266be82da1b42c949b1d900714bc05a16ac5eb2d0f8745d43c71d4ef48453c3c77658ce8be7d4d020a9031337a2ede5f602de56ed777a02cb334216a2ddaf5b22b765c1940141bf3fd4d0e7c20c1327171fff467393b9645b3bf853515ea31118683bc48406bbcbde7be1050ffbaab78700c58d2ee56b7301a6a6d24c0", 0x1000, 0x2, 0x0, 0x1, r7}, &(0x7f0000001e80)={0x0, 0x0, 0x0, 0x6, 0xd, r8, &(0x7f0000001dc0)="cfb07e1532338ab5fd18c9a55b32e141b96bd18b078f75bf769fd01ed9fc117ca8a393dd46f7b0dfe038dff777a615b11b18417b79d79df52003a2dc267dcde9babc3fe25df44fc1327d7e2ee52b48b9b67b29dbe7ec5d896ef0e7f49e0796e51d910072b962023557de9e556edbaaea9d96595434f12377283543e7654ce6f6cc9ffa8875ad616751470608c13f9454100089df0d4e7d82cc10", 0x9a, 0x9, 0x0, 0x0, r6}])
r16 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000001f00), r16)
recvmsg$kcm(r6, &(0x7f0000002200)={&(0x7f0000001f40)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x80, &(0x7f0000002180)=[{&(0x7f0000001fc0)=""/13, 0xd}, {&(0x7f0000002000)=""/67, 0x43}, {&(0x7f0000002080)=""/68, 0x44}, {&(0x7f0000002100)=""/57, 0x39}, {&(0x7f0000002140)=""/48, 0x30}], 0x5}, 0x10040) (async)
recvmsg$kcm(r6, &(0x7f0000002200)={&(0x7f0000001f40)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x80, &(0x7f0000002180)=[{&(0x7f0000001fc0)=""/13, 0xd}, {&(0x7f0000002000)=""/67, 0x43}, {&(0x7f0000002080)=""/68, 0x44}, {&(0x7f0000002100)=""/57, 0x39}, {&(0x7f0000002140)=""/48, 0x30}], 0x5}, 0x10040)
clock_gettime(0x0, &(0x7f00000022c0)={<r17=>0x0, <r18=>0x0})
mq_timedreceive(r7, &(0x7f0000002240)=""/94, 0x5e, 0x9d, &(0x7f0000002300)={r17, r18+10000000}) (async)
mq_timedreceive(r7, &(0x7f0000002240)=""/94, 0x5e, 0x9d, &(0x7f0000002300)={r17, r18+10000000})
renameat2(r12, &(0x7f0000002340)='./file0\x00', r6, &(0x7f0000002380)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_STOP_NAN(r12, &(0x7f00000024c0)={&(0x7f00000023c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000002480)={&(0x7f0000002440)={0x20, 0x0, 0x8, 0x70bd2c, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x7, 0x5d}}}}, ["", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x48002}, 0x0)

565.123082ms ago: executing program 5 (id=3104):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
unlink(0x0)

564.212972ms ago: executing program 5 (id=3105):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x440001, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x5e)
pwrite64(r0, 0x0, 0x0, 0xfecc)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, 0x0)
creat(0x0, 0x158)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x3800c8a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2bb, &(0x7f0000000f40)="$eJzs3b9ra3UUAPBz0/zSNySCkwhe0MHp8fpWlxTpg4eZlAzqoA/bgjRBaKXgD4ydXLs4uroIgpv/hIv/geAquFmwcOXe3NskNY1pbVp/fD5LT773nHvP9/a2pUNO3n1+tL+Txt7xpz9Fu51ErRe9OE2iG7XIfXgS8XnM6Z0EAPBvdppl8Ws2sTTxqfmXSUS019saALAmK//9r3y39pYAgDV74823Xtvq97dfT9N2PBp9cTTI/7PPv06Ob+3F+zGM3XgQnTiLyM5N4kdZlo3raa4bL43GR4O8cvTOD+X5t36JKOo3oxPdYmm+/nF/ezOdmKkf5308XV6/l9c/jE48u+D6j/vbDxfUx6AZL7840//96MSP78UHMYydoolJfdQiPttM01ezL3/75O28vbw+GR8NWkXeVLZxy98aAAAAAAAAAAAAAAAAAAAAAAD+w+6Xs3NaUczvyZfK+TsbZ/mLRqSV7vx8nkl9Up3ownygcRZfVfN5HqRpmpWJ0/p6PFeP+t3sGgAAAAAAAAAAAAAAAAAAAP5ZDj/6eP/JcLh7cCNBNQ2gelv/dc/Tm1l5IZYnt6bXqpXhkjPHRpWTRCxtI9/Eyj3/Xo49uN6te+aynr/5duXzfP3Xey+Dxgo5fzOonq79J8nie9iKaqVdPSTfz+Y0Y8VrNS87lF3p8WsuPNS58t6b94pgvCQnkmWNvfLz5M6VK8nFXTSLu7qwvFEGM+XzOe3Vn+f8J+VPkvNpHcnN/hICAAAAAAAAAAAAAAAAAAAK0zf9Ljh4vLS0lrXW1hYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Krp5/9fIRiXxflKo4wXJ99rxsHhHW4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/4k/AgAA//9nw2BY")
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x12)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x8200, 0x0)
socket(0x10, 0x3, 0x0)
r1 = add_key$user(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)="9cc4711680dac2b8dc", 0x9, 0xfffffffffffffffd)
r2 = add_key$keyring(&(0x7f0000000200), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r3 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r1, r2, r3, 0x1)

494.428903ms ago: executing program 5 (id=3106):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0xfdfe, 0x7, @remote, 0x4}, 0x1c)
connect$pppl2tp(r1, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
socket(0x10, 0x803, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r0)

356.061565ms ago: executing program 3 (id=3107):
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000001240)={0x2, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x36c, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x800000, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$nci(r0, 0x0, 0xfffffeea)

294.688126ms ago: executing program 3 (id=3108):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lstat(0x0, &(0x7f0000000280))

284.098436ms ago: executing program 6 (id=3109):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1600520000000000000400000001"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
ioctl$PPPIOCGMRU(0xffffffffffffffff, 0x80047453, &(0x7f0000000000))
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r1, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001780)={&(0x7f0000001080)='mm_page_free\x00'}, 0x18)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b0000009a210000000000000000040000000000f36e569fff13593537349dd9f1038e2524d07d348cd029d51de1ec542887a39612794c26e153270af555", @ANYRES32=0x0, @ANYBLOB="0000fd0000000000f8ffffffffffffff000000006416cdcf96c7952d2c21eca45da40c93788272f482fa3553f2bc4347e6698ec92c35f273773a74cf75acfdd395c0247cdb7d32a0b3f7b9fedbda9eb6f843709a3926d3abe87c8570eab3a66b3f7d29ab3b01a2bdae6b71f21fe4fc608a8d41e157ba0f96ec8fcb091d94b598e01d7f587a873bad02c3", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010007000100000001000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x800, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000040)={0x43, 0x0, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
sendmsg$tipc(r4, &(0x7f0000000400)={&(0x7f00000008c0)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4008030)

265.495927ms ago: executing program 3 (id=3110):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r2}, 0x10)
setitimer(0x2, 0x0, 0x0)

233.239797ms ago: executing program 6 (id=3111):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

208.500577ms ago: executing program 5 (id=3112):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0xfdfe, 0x7, @remote, 0x4}, 0x1c)
connect$pppl2tp(r1, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x78, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xc, 0x8}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x48, 0x2, [@TCA_FLOW_EMATCHES={0x44, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8e2}}, @TCA_EMATCH_TREE_LIST={0x38, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x20, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0x1e, 0x2}, {0x0, 0x7}}}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x4]}]}}]}]}]}}]}, 0x78}}, 0x200400d4)

208.061497ms ago: executing program 2 (id=3113):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_io_uring_setup(0xedb, &(0x7f0000000700)={0x0, 0x3b6f, 0x2, 0x1, 0x67}, &(0x7f0000000780), &(0x7f00000007c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="540000000207010100000000000000000a0000060c00034000000000000000053400078008000140000000cf080002"], 0x54}}, 0x40010)

207.755997ms ago: executing program 6 (id=3114):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
unlink(0x0)

156.230517ms ago: executing program 6 (id=3115):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x440001, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x5e)
pwrite64(r0, 0x0, 0x0, 0xfecc)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, 0x0)
creat(0x0, 0x158)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x3800c8a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2bb, &(0x7f0000000f40)="$eJzs3b9ra3UUAPBz0/zSNySCkwhe0MHp8fpWlxTpg4eZlAzqoA/bgjRBaKXgD4ydXLs4uroIgpv/hIv/geAquFmwcOXe3NskNY1pbVp/fD5LT773nHvP9/a2pUNO3n1+tL+Txt7xpz9Fu51ErRe9OE2iG7XIfXgS8XnM6Z0EAPBvdppl8Ws2sTTxqfmXSUS019saALAmK//9r3y39pYAgDV74823Xtvq97dfT9N2PBp9cTTI/7PPv06Ob+3F+zGM3XgQnTiLyM5N4kdZlo3raa4bL43GR4O8cvTOD+X5t36JKOo3oxPdYmm+/nF/ezOdmKkf5308XV6/l9c/jE48u+D6j/vbDxfUx6AZL7840//96MSP78UHMYydoolJfdQiPttM01ezL3/75O28vbw+GR8NWkXeVLZxy98aAAAAAAAAAAAAAAAAAAAAAAD+w+6Xs3NaUczvyZfK+TsbZ/mLRqSV7vx8nkl9Up3ownygcRZfVfN5HqRpmpWJ0/p6PFeP+t3sGgAAAAAAAAAAAAAAAAAAAP5ZDj/6eP/JcLh7cCNBNQ2gelv/dc/Tm1l5IZYnt6bXqpXhkjPHRpWTRCxtI9/Eyj3/Xo49uN6te+aynr/5duXzfP3Xey+Dxgo5fzOonq79J8nie9iKaqVdPSTfz+Y0Y8VrNS87lF3p8WsuPNS58t6b94pgvCQnkmWNvfLz5M6VK8nFXTSLu7qwvFEGM+XzOe3Vn+f8J+VPkvNpHcnN/hICAAAAAAAAAAAAAAAAAAAK0zf9Ljh4vLS0lrXW1hYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Krp5/9fIRiXxflKo4wXJ99rxsHhHW4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/4k/AgAA//9nw2BY")
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x12)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x8200, 0x0)
socket(0x10, 0x3, 0x0)
r1 = add_key$user(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000001c0)="9cc4711680dac2b8dc", 0x9, 0xfffffffffffffffd)
r2 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r3 = add_key$keyring(0x0, &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r1, r2, r3, 0x1)

155.821528ms ago: executing program 2 (id=3116):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r1 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x30)
fallocate(r1, 0x0, 0x0, 0x1001f0)
copy_file_range(r1, 0x0, r1, &(0x7f00000000c0)=0xc615, 0x7, 0x0)

135.905678ms ago: executing program 3 (id=3117):
r0 = socket(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0xfd, [0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x2]}})
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000a40)=[@in6={0xa, 0x4e23, 0x50, @dev={0xfe, 0x80, '\x00', 0x40}, 0x7f}, @in6={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2a}}, @in6={0xa, 0x4e20, 0x4, @local, 0x9}], 0x64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='dlm_recv\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000005c0)='kfree\x00', r2, 0x0, 0x8000}, 0x18)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x3140002, &(0x7f0000000280)={[{@dax_never}, {@barrier}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000340)=@filename='./bus\x00', 0x0, &(0x7f0000000180)={0x0, 0x1, 0x14, 0x2000000000000, 0xfffffffffffffffe, 0x2, 0x0, 0xfffffffffffffffd, 0x3f})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000300)}, 0xffffffffffffffbf)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffff000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r5)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x8, @local, 0x3}, 0x1c)

77.993769ms ago: executing program 6 (id=3118):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000540)={0x0, 0xa1ff, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

22.22098ms ago: executing program 2 (id=3119):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lstat(0x0, &(0x7f0000000280))

0s ago: executing program 2 (id=3120):
r0 = socket$inet(0x2, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@private1, 0x0, 0x4}]}]}, 0xfc}}, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='batadv_slave_0\x00', 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x600, @broadcast}, 0x10)

kernel console output (not intermixed with test programs):

[  178.614565][ T9881]  ? clear_bhb_loop+0x40/0x90
[  178.614589][ T9881]  ? clear_bhb_loop+0x40/0x90
[  178.614624][ T9881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.614646][ T9881] RIP: 0033:0x7f749098e969
[  178.614662][ T9881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.614682][ T9881] RSP: 002b:00007f748eff7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  178.614727][ T9881] RAX: ffffffffffffffda RBX: 00007f7490bb5fa0 RCX: 00007f749098e969
[  178.614740][ T9881] RDX: 0000200000000140 RSI: 0000000000000001 RDI: 0000000000000000
[  178.614752][ T9881] RBP: 00007f748eff7090 R08: 0000000000000000 R09: 0000000000000000
[  178.614764][ T9881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.614776][ T9881] R13: 0000000000000000 R14: 00007f7490bb5fa0 R15: 00007ffeca0d7a78
[  178.614795][ T9881]  </TASK>
[  178.614807][ T9881] kexec: Could not allocate swap buffer
[  178.616925][ T9877] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  178.818698][ T9876] tipc: Resetting bearer <eth:syzkaller0>
[  178.831070][ T9876] tipc: Disabling bearer <eth:syzkaller0>
[  178.911933][ T9908] netlink: 'syz.2.2144': attribute type 27 has an invalid length.
[  178.937074][ T9913] loop3: detected capacity change from 0 to 1024
[  178.943939][ T9913] ext4: Unknown parameter 'subj_user'
[  178.950828][ T9908] sctp: [Deprecated]: syz.2.2144 (pid 9908) Use of int in max_burst socket option.
[  178.950828][ T9908] Use struct sctp_assoc_value instead
[  179.087349][ T9929] loop2: detected capacity change from 0 to 256
[  179.116867][ T9933] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  179.171935][ T9939] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  179.179369][ T9938] tipc: Resetting bearer <eth:syzkaller0>
[  179.191314][ T9938] tipc: Disabling bearer <eth:syzkaller0>
[  179.263570][ T9944] netlink: 'syz.2.2158': attribute type 27 has an invalid length.
[  179.287915][ T9944] sctp: [Deprecated]: syz.2.2158 (pid 9944) Use of int in max_burst socket option.
[  179.287915][ T9944] Use struct sctp_assoc_value instead
[  179.333130][ T9946] loop2: detected capacity change from 0 to 512
[  179.347903][ T9946] EXT4-fs (loop2): 1 orphan inode deleted
[  179.354266][ T9946] ext4 filesystem being mounted at /459/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.365629][ T4947] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:9: Failed to release dquot type 1
[  179.518461][ T9965] loop2: detected capacity change from 0 to 256
[  179.550717][ T9967] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  179.578285][ T9969] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  179.594427][ T9968] tipc: Resetting bearer <eth:syzkaller0>
[  179.606674][ T9968] tipc: Disabling bearer <eth:syzkaller0>
[  179.701705][ T9971] netlink: 'syz.2.2169': attribute type 27 has an invalid length.
[  179.725870][ T9971] sctp: [Deprecated]: syz.2.2169 (pid 9971) Use of int in max_burst socket option.
[  179.725870][ T9971] Use struct sctp_assoc_value instead
[  179.823743][ T9989] loop2: detected capacity change from 0 to 512
[  179.839813][ T9989] loop2: detected capacity change from 0 to 512
[  179.848148][ T9989] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  179.857632][ T9989] EXT4-fs (loop2): failed to open journal device unknown-block(7,45) -6
[  179.869159][ T9993] loop3: detected capacity change from 0 to 256
[  179.950079][ T9996] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  179.957613][ T9995] tipc: Resetting bearer <eth:syzkaller0>
[  179.969513][ T9995] tipc: Disabling bearer <eth:syzkaller0>
[  179.980854][T10000] loop5: detected capacity change from 0 to 1024
[  179.987754][T10000] ext4: Unknown parameter 'subj_user'
[  180.057400][T10006] loop3: detected capacity change from 0 to 512
[  180.085285][T10006] EXT4-fs (loop3): 1 orphan inode deleted
[  180.097513][ T4947] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:9: Failed to release dquot type 1
[  180.111858][T10006] ext4 filesystem being mounted at /390/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.238695][T10027] loop3: detected capacity change from 0 to 256
[  180.309096][T10033] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  180.316385][T10032] tipc: Resetting bearer <eth:syzkaller0>
[  180.330452][T10032] tipc: Disabling bearer <eth:syzkaller0>
[  180.339548][T10037] loop3: detected capacity change from 0 to 2048
[  180.360522][T10037] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  180.375665][T10037] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 17 with error 28
[  180.388157][T10037] EXT4-fs (loop3): This should not happen!! Data will be lost
[  180.388157][T10037] 
[  180.397858][T10037] EXT4-fs (loop3): Total free blocks count 0
[  180.403871][T10037] EXT4-fs (loop3): Free/Dirty block details
[  180.409992][T10037] EXT4-fs (loop3): free_blocks=66060288
[  180.415625][T10037] EXT4-fs (loop3): dirty_blocks=32
[  180.420834][T10037] EXT4-fs (loop3): Block reservation details
[  180.426892][T10037] EXT4-fs (loop3): i_reserved_data_blocks=2
[  180.526882][T10054] loop3: detected capacity change from 0 to 256
[  180.626900][T10065] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  180.757730][T10067] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  180.778166][T10066] tipc: Resetting bearer <eth:syzkaller0>
[  180.792003][T10066] tipc: Disabling bearer <eth:syzkaller0>
[  180.823503][T10079] tmpfs: Bad value for 'mpol'
[  180.887784][T10089] loop3: detected capacity change from 0 to 512
[  180.910000][T10089] EXT4-fs (loop3): 1 orphan inode deleted
[  180.921445][T10089] ext4 filesystem being mounted at /410/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.942695][  T172] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1
[  181.001031][T10105] loop6: detected capacity change from 0 to 1024
[  181.010687][T10105] ext4: Unknown parameter 'subj_user'
[  181.135756][T10108] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  181.140842][T10113] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  181.152850][T10112] tipc: Resetting bearer <eth:syzkaller0>
[  181.163856][T10112] tipc: Disabling bearer <eth:syzkaller0>
[  181.211905][T10119] tmpfs: Bad value for 'mpol'
[  181.282329][T10127] loop2: detected capacity change from 0 to 2048
[  181.349017][T10135] loop2: detected capacity change from 0 to 2048
[  181.381836][T10139] netlink: 45 bytes leftover after parsing attributes in process `syz.5.2235'.
[  181.420514][T10147] tmpfs: Bad value for 'mpol'
[  181.446645][T10145] loop3: detected capacity change from 0 to 512
[  181.459395][T10145] loop3: detected capacity change from 0 to 512
[  181.467212][T10145] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  181.478284][T10145] EXT4-fs (loop3): failed to open journal device unknown-block(7,45) -6
[  181.489225][T10149] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  181.497368][T10148] tipc: Resetting bearer <eth:syzkaller0>
[  181.508415][T10148] tipc: Disabling bearer <eth:syzkaller0>
[  181.564451][T10156] FAULT_INJECTION: forcing a failure.
[  181.564451][T10156] name failslab, interval 1, probability 0, space 0, times 0
[  181.577154][T10156] CPU: 0 UID: 0 PID: 10156 Comm: syz.3.2242 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  181.577228][T10156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  181.577245][T10156] Call Trace:
[  181.577250][T10156]  <TASK>
[  181.577257][T10156]  __dump_stack+0x1d/0x30
[  181.577278][T10156]  dump_stack_lvl+0xe8/0x140
[  181.577310][T10156]  dump_stack+0x15/0x1b
[  181.577325][T10156]  should_fail_ex+0x265/0x280
[  181.577368][T10156]  should_failslab+0x8c/0xb0
[  181.577516][T10156]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  181.577617][T10156]  ? shmem_alloc_inode+0x34/0x50
[  181.577654][T10156]  ? avc_has_perm_noaudit+0x1b1/0x200
[  181.577680][T10156]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  181.577737][T10156]  shmem_alloc_inode+0x34/0x50
[  181.577766][T10156]  alloc_inode+0x40/0x170
[  181.577795][T10156]  new_inode+0x1d/0xe0
[  181.577830][T10156]  shmem_get_inode+0x244/0x750
[  181.577926][T10156]  shmem_symlink+0x8b/0x3c0
[  181.577966][T10156]  ? selinux_inode_symlink+0x22/0x30
[  181.577999][T10156]  vfs_symlink+0xd1/0x1e0
[  181.578030][T10156]  do_symlinkat+0xc7/0x3c0
[  181.578066][T10156]  __x64_sys_symlink+0x50/0x60
[  181.578092][T10156]  x64_sys_call+0x2d8d/0x2fb0
[  181.578180][T10156]  do_syscall_64+0xd0/0x1a0
[  181.578205][T10156]  ? clear_bhb_loop+0x40/0x90
[  181.578225][T10156]  ? clear_bhb_loop+0x40/0x90
[  181.578245][T10156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.578311][T10156] RIP: 0033:0x7fcea8aae969
[  181.578329][T10156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.578351][T10156] RSP: 002b:00007fcea7117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  181.578404][T10156] RAX: ffffffffffffffda RBX: 00007fcea8cd5fa0 RCX: 00007fcea8aae969
[  181.578417][T10156] RDX: 0000000000000000 RSI: 00002000000017c0 RDI: 0000200000001780
[  181.578428][T10156] RBP: 00007fcea7117090 R08: 0000000000000000 R09: 0000000000000000
[  181.578440][T10156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.578451][T10156] R13: 0000000000000000 R14: 00007fcea8cd5fa0 R15: 00007ffcac71a1b8
[  181.578469][T10156]  </TASK>
[  181.827147][T10159] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2243'.
[  181.849285][T10162] loop5: detected capacity change from 0 to 2048
[  181.863737][T10159] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  181.901711][T10172] loop3: detected capacity change from 0 to 2048
[  181.943439][T10179] loop1: detected capacity change from 0 to 512
[  181.979567][T10179] EXT4-fs (loop1): 1 orphan inode deleted
[  181.991236][T10179] ext4 filesystem being mounted at /439/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.007333][   T37] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1
[  182.031912][T10192] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  182.088741][T10201] loop1: detected capacity change from 0 to 1024
[  182.167944][T10214] loop5: detected capacity change from 0 to 2048
[  182.193005][T10219] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  182.259749][T10226] loop2: detected capacity change from 0 to 512
[  182.292881][T10229] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.2267'.
[  182.309744][T10226] EXT4-fs (loop2): 1 orphan inode deleted
[  182.316770][T10226] ext4 filesystem being mounted at /487/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.327698][ T4947] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:9: Failed to release dquot type 1
[  182.343714][T10232] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  182.431260][T10244] netlink: 324 bytes leftover after parsing attributes in process `syz.3.2272'.
[  182.464200][T10244] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  182.475650][T10244] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  182.531332][T10254] FAULT_INJECTION: forcing a failure.
[  182.531332][T10254] name failslab, interval 1, probability 0, space 0, times 0
[  182.544083][T10254] CPU: 0 UID: 0 PID: 10254 Comm: syz.5.2276 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  182.544119][T10254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  182.544152][T10254] Call Trace:
[  182.544160][T10254]  <TASK>
[  182.544170][T10254]  __dump_stack+0x1d/0x30
[  182.544203][T10254]  dump_stack_lvl+0xe8/0x140
[  182.544228][T10254]  dump_stack+0x15/0x1b
[  182.544323][T10254]  should_fail_ex+0x265/0x280
[  182.544372][T10254]  should_failslab+0x8c/0xb0
[  182.544407][T10254]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  182.544436][T10254]  ? ethnl_default_set_doit+0x2bc/0x5b0
[  182.544503][T10254]  kmemdup_noprof+0x2b/0x70
[  182.544596][T10254]  ethnl_default_set_doit+0x2bc/0x5b0
[  182.544627][T10254]  genl_family_rcv_msg_doit+0x140/0x1b0
[  182.544718][T10254]  genl_rcv_msg+0x422/0x460
[  182.544748][T10254]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  182.544769][T10254]  netlink_rcv_skb+0x120/0x220
[  182.544854][T10254]  ? __pfx_genl_rcv_msg+0x10/0x10
[  182.544971][T10254]  genl_rcv+0x28/0x40
[  182.544999][T10254]  netlink_unicast+0x5a1/0x670
[  182.545099][T10254]  netlink_sendmsg+0x58b/0x6b0
[  182.545127][T10254]  ? __pfx_netlink_sendmsg+0x10/0x10
[  182.545161][T10254]  __sock_sendmsg+0x142/0x180
[  182.545273][T10254]  ____sys_sendmsg+0x31e/0x4e0
[  182.545302][T10254]  ___sys_sendmsg+0x17b/0x1d0
[  182.545369][T10254]  __x64_sys_sendmsg+0xd4/0x160
[  182.545401][T10254]  x64_sys_call+0x2999/0x2fb0
[  182.545429][T10254]  do_syscall_64+0xd0/0x1a0
[  182.545499][T10254]  ? clear_bhb_loop+0x40/0x90
[  182.545523][T10254]  ? clear_bhb_loop+0x40/0x90
[  182.545554][T10254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.545598][T10254] RIP: 0033:0x7f17748de969
[  182.545623][T10254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.545645][T10254] RSP: 002b:00007f1772f47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  182.545673][T10254] RAX: ffffffffffffffda RBX: 00007f1774b05fa0 RCX: 00007f17748de969
[  182.545768][T10254] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000005
[  182.545781][T10254] RBP: 00007f1772f47090 R08: 0000000000000000 R09: 0000000000000000
[  182.545792][T10254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.545803][T10254] R13: 0000000000000000 R14: 00007f1774b05fa0 R15: 00007ffdbd86efa8
[  182.545827][T10254]  </TASK>
[  182.804666][T10260] tmpfs: Bad value for 'mpol'
[  182.849808][T10265] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  182.853025][T10269] loop5: detected capacity change from 0 to 2048
[  182.897279][T10275] FAULT_INJECTION: forcing a failure.
[  182.897279][T10275] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.910603][T10275] CPU: 0 UID: 0 PID: 10275 Comm: syz.2.2283 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  182.910638][T10275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  182.910668][T10275] Call Trace:
[  182.910676][T10275]  <TASK>
[  182.910685][T10275]  __dump_stack+0x1d/0x30
[  182.910788][T10275]  dump_stack_lvl+0xe8/0x140
[  182.910814][T10275]  dump_stack+0x15/0x1b
[  182.910877][T10275]  should_fail_ex+0x265/0x280
[  182.911022][T10275]  should_fail+0xb/0x20
[  182.911054][T10275]  should_fail_usercopy+0x1a/0x20
[  182.911073][T10275]  _copy_to_user+0x20/0xa0
[  182.911144][T10275]  simple_read_from_buffer+0xb5/0x130
[  182.911246][T10275]  proc_fail_nth_read+0x100/0x140
[  182.911346][T10275]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  182.911455][T10275]  vfs_read+0x1a0/0x6f0
[  182.911530][T10275]  ? __rcu_read_unlock+0x4f/0x70
[  182.911558][T10275]  ? __fget_files+0x184/0x1c0
[  182.911607][T10275]  ksys_read+0xda/0x1a0
[  182.911640][T10275]  __x64_sys_read+0x40/0x50
[  182.911672][T10275]  x64_sys_call+0x2d77/0x2fb0
[  182.911697][T10275]  do_syscall_64+0xd0/0x1a0
[  182.911783][T10275]  ? clear_bhb_loop+0x40/0x90
[  182.911810][T10275]  ? clear_bhb_loop+0x40/0x90
[  182.911837][T10275]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.911869][T10275] RIP: 0033:0x7f749098d37c
[  182.911957][T10275] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  182.912047][T10275] RSP: 002b:00007f748eff7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  182.912070][T10275] RAX: ffffffffffffffda RBX: 00007f7490bb5fa0 RCX: 00007f749098d37c
[  182.912082][T10275] RDX: 000000000000000f RSI: 00007f748eff70a0 RDI: 0000000000000014
[  182.912095][T10275] RBP: 00007f748eff7090 R08: 0000000000000000 R09: 0000000000000000
[  182.912111][T10275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.912126][T10275] R13: 0000000000000000 R14: 00007f7490bb5fa0 R15: 00007ffeca0d7a78
[  182.912232][T10275]  </TASK>
[  182.917526][T10277] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2284'.
[  183.126301][T10277] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2284'.
[  183.142736][T10288] loop2: detected capacity change from 0 to 512
[  183.177949][T10288] ext4 filesystem being mounted at /495/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  183.191915][T10284] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #2: comm syz.2.2286: corrupted inode contents
[  183.222376][T10284] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #2: comm syz.2.2286: mark_inode_dirty error
[  183.259021][T10284] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #2: comm syz.2.2286: corrupted inode contents
[  183.285039][T10284] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #2: comm syz.2.2286: mark_inode_dirty error
[  183.472508][T10303] loop6: detected capacity change from 0 to 512
[  183.488146][T10303] loop6: detected capacity change from 0 to 512
[  183.495338][T10303] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  183.503683][T10305] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  183.504417][T10303] EXT4-fs (loop6): failed to open journal device unknown-block(7,45) -6
[  183.536903][T10309] loop5: detected capacity change from 0 to 256
[  183.577853][T10315] loop5: detected capacity change from 0 to 512
[  183.589177][T10315] loop5: detected capacity change from 0 to 512
[  183.596954][T10315] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  183.606941][T10315] EXT4-fs (loop5): failed to open journal device unknown-block(7,45) -6
[  183.630376][T10318] FAULT_INJECTION: forcing a failure.
[  183.630376][T10318] name failslab, interval 1, probability 0, space 0, times 0
[  183.643267][T10318] CPU: 1 UID: 0 PID: 10318 Comm: syz.6.2299 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  183.643294][T10318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  183.643309][T10318] Call Trace:
[  183.643315][T10318]  <TASK>
[  183.643322][T10318]  __dump_stack+0x1d/0x30
[  183.643403][T10318]  dump_stack_lvl+0xe8/0x140
[  183.643428][T10318]  dump_stack+0x15/0x1b
[  183.643449][T10318]  should_fail_ex+0x265/0x280
[  183.643488][T10318]  should_failslab+0x8c/0xb0
[  183.643551][T10318]  kmem_cache_alloc_noprof+0x50/0x310
[  183.643612][T10318]  ? radix_tree_node_alloc+0x8a/0x1f0
[  183.643721][T10318]  radix_tree_node_alloc+0x8a/0x1f0
[  183.643743][T10318]  radix_tree_extend+0xcf/0x370
[  183.643765][T10318]  idr_get_free+0x12d/0x550
[  183.643792][T10318]  idr_alloc_u32+0xca/0x180
[  183.643850][T10318]  ? __pfx_loop_control_ioctl+0x10/0x10
[  183.643889][T10318]  idr_alloc+0x6e/0xd0
[  183.643918][T10318]  loop_add+0x145/0x590
[  183.643953][T10318]  ? ioctl_has_perm+0x289/0x2e0
[  183.644027][T10318]  ? __pfx_loop_control_ioctl+0x10/0x10
[  183.644063][T10318]  loop_control_ioctl+0xd0/0x3f0
[  183.644104][T10318]  ? __pfx_loop_control_ioctl+0x10/0x10
[  183.644143][T10318]  __se_sys_ioctl+0xce/0x140
[  183.644181][T10318]  __x64_sys_ioctl+0x43/0x50
[  183.644202][T10318]  x64_sys_call+0x19a8/0x2fb0
[  183.644235][T10318]  do_syscall_64+0xd0/0x1a0
[  183.644264][T10318]  ? clear_bhb_loop+0x40/0x90
[  183.644344][T10318]  ? clear_bhb_loop+0x40/0x90
[  183.644364][T10318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.644389][T10318] RIP: 0033:0x7fc0d0ebe969
[  183.644407][T10318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.644429][T10318] RSP: 002b:00007fc0cf527038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  183.644449][T10318] RAX: ffffffffffffffda RBX: 00007fc0d10e5fa0 RCX: 00007fc0d0ebe969
[  183.644465][T10318] RDX: 0000000007000000 RSI: 0000000000004c80 RDI: 0000000000000006
[  183.644477][T10318] RBP: 00007fc0cf527090 R08: 0000000000000000 R09: 0000000000000000
[  183.644488][T10318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.644501][T10318] R13: 0000000000000000 R14: 00007fc0d10e5fa0 R15: 00007ffe926b4278
[  183.644525][T10318]  </TASK>
[  183.990837][T10331] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  184.034038][T10337] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2303'.
[  184.040712][T10342] loop2: detected capacity change from 0 to 256
[  184.066137][T10337] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  184.084363][T10348] loop2: detected capacity change from 0 to 512
[  184.103916][T10348] EXT4-fs (loop2): 1 orphan inode deleted
[  184.113521][T10346] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  184.122595][ T2319] __quota_error: 266 callbacks suppressed
[  184.122610][ T2319] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  184.134801][T10353] loop6: detected capacity change from 0 to 2048
[  184.138174][ T2319] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:7: Failed to release dquot type 1
[  184.140500][T10348] ext4 filesystem being mounted at /501/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.190632][   T29] audit: type=1326 audit(1747141547.312:24467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10356 comm="syz.1.2311" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa056e2e969 code=0x0
[  184.324340][T10368] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  184.369314][T10374] loop2: detected capacity change from 0 to 1024
[  184.376464][T10374] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  184.386406][T10374] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42840!=20869)
[  184.396288][T10374] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  184.408159][T10374] EXT4-fs error (device loop2): ext4_get_journal_inode:5798: inode #5: comm syz.2.2319: casefold flag without casefold feature
[  184.421817][T10374] EXT4-fs (loop2): no journal found
[  184.479110][   T29] audit: type=1326 audit(1747141547.572:24468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10380 comm="syz.6.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  184.503149][   T29] audit: type=1326 audit(1747141547.572:24469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10380 comm="syz.6.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  184.526945][   T29] audit: type=1326 audit(1747141547.572:24470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10380 comm="syz.6.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  184.550865][   T29] audit: type=1326 audit(1747141547.572:24471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10380 comm="syz.6.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  184.574633][   T29] audit: type=1326 audit(1747141547.572:24472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10380 comm="syz.6.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  184.598548][   T29] audit: type=1326 audit(1747141547.572:24473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10380 comm="syz.6.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  184.622485][   T29] audit: type=1326 audit(1747141547.572:24474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10380 comm="syz.6.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  184.646208][   T29] audit: type=1326 audit(1747141547.572:24475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10380 comm="syz.6.2323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  184.749088][T10389] syzkaller0: entered promiscuous mode
[  184.754860][T10389] syzkaller0: entered allmulticast mode
[  185.071414][T10397] loop1: detected capacity change from 0 to 512
[  185.088219][T10397] EXT4-fs (loop1): 1 orphan inode deleted
[  185.094706][T10397] ext4 filesystem being mounted at /451/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.106023][   T37] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1
[  185.118316][T10402] loop2: detected capacity change from 0 to 2048
[  185.180240][T10408] loop2: detected capacity change from 0 to 512
[  185.197625][T10408] EXT4-fs (loop2): 1 orphan inode deleted
[  185.204039][T10408] ext4 filesystem being mounted at /509/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.214898][   T37] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1
[  185.343352][T10425] loop1: detected capacity change from 0 to 2048
[  185.407449][T10434] loop1: detected capacity change from 0 to 2048
[  185.446092][T10440] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2343'.
[  185.471438][T10438] SELinux: failed to load policy
[  185.529558][T10451] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  185.712716][T10456] loop5: detected capacity change from 0 to 2048
[  185.771643][T10462] loop3: detected capacity change from 0 to 2048
[  185.814324][T10470] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2355'.
[  185.844583][T10475] FAULT_INJECTION: forcing a failure.
[  185.844583][T10475] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  185.857940][T10475] CPU: 0 UID: 0 PID: 10475 Comm: syz.1.2357 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  185.857976][T10475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  185.857993][T10475] Call Trace:
[  185.858001][T10475]  <TASK>
[  185.858010][T10475]  __dump_stack+0x1d/0x30
[  185.858037][T10475]  dump_stack_lvl+0xe8/0x140
[  185.858141][T10475]  dump_stack+0x15/0x1b
[  185.858161][T10475]  should_fail_ex+0x265/0x280
[  185.858203][T10475]  should_fail_alloc_page+0xf2/0x100
[  185.858244][T10475]  __alloc_frozen_pages_noprof+0xff/0x360
[  185.858344][T10475]  alloc_pages_mpol+0xb3/0x250
[  185.858436][T10475]  vma_alloc_folio_noprof+0x1aa/0x300
[  185.858463][T10475]  do_wp_page+0x673/0x23e0
[  185.858496][T10475]  ? mr_rtm_dumproute+0x1c6/0x220
[  185.858581][T10475]  ? __rcu_read_lock+0x37/0x50
[  185.858612][T10475]  handle_mm_fault+0x6dc/0x2ae0
[  185.858646][T10475]  ? __rcu_read_unlock+0x4f/0x70
[  185.858684][T10475]  do_user_addr_fault+0x3fe/0x1090
[  185.858767][T10475]  ? __wake_up+0x88/0xb0
[  185.858857][T10475]  exc_page_fault+0x54/0xc0
[  185.858880][T10475]  asm_exc_page_fault+0x26/0x30
[  185.858914][T10475] RIP: 0010:__put_user_nocheck_4+0x3/0x10
[  185.858947][T10475] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca e9 d7 78 01 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[  185.859044][T10475] RSP: 0018:ffffc9000121bb90 EFLAGS: 00050202
[  185.859064][T10475] RAX: 0000000000000020 RBX: 0000000000000020 RCX: 0000200000002ef0
[  185.859080][T10475] RDX: ffff88810197e300 RSI: 0000000000000002 RDI: 00000000ffffffff
[  185.859095][T10475] RBP: 0000000000000002 R08: 0001c9000121be57 R09: 0000000000000000
[  185.859125][T10475] R10: 0001888104347100 R11: 00018881043471ef R12: 0000200000002ec0
[  185.859139][T10475] R13: 0000000000000000 R14: ffffc9000121be54 R15: 0000000000000000
[  185.859160][T10475]  ____sys_recvmsg+0x1a1/0x280
[  185.859196][T10475]  ___sys_recvmsg+0x11f/0x370
[  185.859291][T10475]  do_recvmmsg+0x1ef/0x540
[  185.859326][T10475]  ? get_timespec64+0xc9/0x100
[  185.859349][T10475]  __x64_sys_recvmmsg+0xfb/0x170
[  185.859425][T10475]  x64_sys_call+0x1c6a/0x2fb0
[  185.859452][T10475]  do_syscall_64+0xd0/0x1a0
[  185.859482][T10475]  ? clear_bhb_loop+0x40/0x90
[  185.859537][T10475]  ? clear_bhb_loop+0x40/0x90
[  185.859558][T10475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.859579][T10475] RIP: 0033:0x7fa056e2e969
[  185.859597][T10475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.859639][T10475] RSP: 002b:00007fa055497038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  185.859658][T10475] RAX: ffffffffffffffda RBX: 00007fa057055fa0 RCX: 00007fa056e2e969
[  185.859672][T10475] RDX: 0400000000000ec0 RSI: 0000200000002ec0 RDI: 0000000000000006
[  185.859687][T10475] RBP: 00007fa055497090 R08: 00002000000001c0 R09: 0000000000000000
[  185.859702][T10475] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  185.859715][T10475] R13: 0000000000000000 R14: 00007fa057055fa0 R15: 00007ffc199d94e8
[  185.859747][T10475]  </TASK>
[  186.201608][T10477] loop3: detected capacity change from 0 to 512
[  186.213840][T10477] loop3: detected capacity change from 0 to 512
[  186.230530][T10477] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  186.253653][T10477] EXT4-fs (loop3): failed to open journal device unknown-block(7,45) -6
[  186.290215][T10486] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  186.458814][T10492] netlink: 'syz.5.2364': attribute type 27 has an invalid length.
[  186.480021][T10492] sctp: [Deprecated]: syz.5.2364 (pid 10492) Use of int in max_burst socket option.
[  186.480021][T10492] Use struct sctp_assoc_value instead
[  186.532499][T10495] loop5: detected capacity change from 0 to 2048
[  186.664342][T10512] loop3: detected capacity change from 0 to 512
[  186.678107][T10509] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2371'.
[  186.705879][T10512] EXT4-fs (loop3): 1 orphan inode deleted
[  186.716478][T10512] ext4 filesystem being mounted at /436/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.730261][T10517] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2373'.
[  186.739707][ T1917] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1
[  186.777108][T10523] FAULT_INJECTION: forcing a failure.
[  186.777108][T10523] name failslab, interval 1, probability 0, space 0, times 0
[  186.789952][T10523] CPU: 1 UID: 0 PID: 10523 Comm: syz.5.2376 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  186.789984][T10523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  186.790000][T10523] Call Trace:
[  186.790007][T10523]  <TASK>
[  186.790060][T10523]  __dump_stack+0x1d/0x30
[  186.790083][T10523]  dump_stack_lvl+0xe8/0x140
[  186.790102][T10523]  dump_stack+0x15/0x1b
[  186.790117][T10523]  should_fail_ex+0x265/0x280
[  186.790159][T10523]  should_failslab+0x8c/0xb0
[  186.790289][T10523]  __kmalloc_noprof+0xa5/0x3e0
[  186.790312][T10523]  ? _ib_alloc_device+0x39/0x440
[  186.790400][T10523]  ? __rcu_read_unlock+0x4f/0x70
[  186.790424][T10523]  _ib_alloc_device+0x39/0x440
[  186.790461][T10523]  siw_newlink+0xcf/0x680
[  186.790493][T10523]  nldev_newlink+0x369/0x3f0
[  186.790577][T10523]  ? __pfx_nldev_newlink+0x10/0x10
[  186.790695][T10523]  rdma_nl_rcv+0x479/0x5a0
[  186.790721][T10523]  ? selinux_nlmsg_lookup+0x99/0x8b0
[  186.790760][T10523]  netlink_unicast+0x5a1/0x670
[  186.790826][T10523]  netlink_sendmsg+0x58b/0x6b0
[  186.790881][T10523]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.790964][T10523]  __sock_sendmsg+0x142/0x180
[  186.790995][T10523]  ____sys_sendmsg+0x31e/0x4e0
[  186.791098][T10523]  ___sys_sendmsg+0x17b/0x1d0
[  186.791142][T10523]  __x64_sys_sendmsg+0xd4/0x160
[  186.791167][T10523]  x64_sys_call+0x2999/0x2fb0
[  186.791194][T10523]  do_syscall_64+0xd0/0x1a0
[  186.791277][T10523]  ? clear_bhb_loop+0x40/0x90
[  186.791297][T10523]  ? clear_bhb_loop+0x40/0x90
[  186.791342][T10523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.791368][T10523] RIP: 0033:0x7f17748de969
[  186.791387][T10523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.791409][T10523] RSP: 002b:00007f1772f47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  186.791431][T10523] RAX: ffffffffffffffda RBX: 00007f1774b05fa0 RCX: 00007f17748de969
[  186.791493][T10523] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000006
[  186.791505][T10523] RBP: 00007f1772f47090 R08: 0000000000000000 R09: 0000000000000000
[  186.791518][T10523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.791600][T10523] R13: 0000000000000000 R14: 00007f1774b05fa0 R15: 00007ffdbd86efa8
[  186.791667][T10523]  </TASK>
[  187.033744][T10525] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  187.081290][T10528] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  187.089819][T10527] tipc: Disabling bearer <eth:syzkaller0>
[  187.131835][T10530] loop5: detected capacity change from 0 to 2048
[  187.222786][T10540] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2384'.
[  187.234010][T10540] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2384'.
[  187.325232][T10554] loop2: detected capacity change from 0 to 512
[  187.333776][T10546] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2386'.
[  187.342952][T10554] loop2: detected capacity change from 0 to 512
[  187.350333][T10554] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  187.359845][T10554] EXT4-fs (loop2): failed to open journal device unknown-block(7,45) -6
[  187.398436][T10556] loop3: detected capacity change from 0 to 2048
[  187.399587][T10558] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  187.414375][T10557] tipc: Disabling bearer <eth:syzkaller0>
[  187.422771][T10556] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  187.437919][T10556] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 17 with error 28
[  187.450364][T10556] EXT4-fs (loop3): This should not happen!! Data will be lost
[  187.450364][T10556] 
[  187.460057][T10556] EXT4-fs (loop3): Total free blocks count 0
[  187.466149][T10556] EXT4-fs (loop3): Free/Dirty block details
[  187.472073][T10556] EXT4-fs (loop3): free_blocks=66060288
[  187.477669][T10556] EXT4-fs (loop3): dirty_blocks=32
[  187.482825][T10556] EXT4-fs (loop3): Block reservation details
[  187.488986][T10556] EXT4-fs (loop3): i_reserved_data_blocks=2
[  187.496026][T10561] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  187.508519][T10561] EXT4-fs (loop3): This should not happen!! Data will be lost
[  187.508519][T10561] 
[  187.566491][T10565] loop2: detected capacity change from 0 to 2048
[  187.576187][T10567] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  187.601115][T10569] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  187.647764][T10579] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2396'.
[  187.665319][T10579] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2396'.
[  187.695030][T10583] loop1: detected capacity change from 0 to 128
[  187.708179][T10585] usb usb1: usbfs: process 10585 (syz.2.2400) did not claim interface 0 before use
[  187.730961][T10583] ext4 filesystem being mounted at /474/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  187.750198][T10588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2402'.
[  187.767855][T10588] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.776616][T10588] FAULT_INJECTION: forcing a failure.
[  187.776616][T10588] name failslab, interval 1, probability 0, space 0, times 0
[  187.789945][T10588] CPU: 0 UID: 0 PID: 10588 Comm: syz.2.2402 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  187.790004][T10588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  187.790019][T10588] Call Trace:
[  187.790026][T10588]  <TASK>
[  187.790035][T10588]  __dump_stack+0x1d/0x30
[  187.790059][T10588]  dump_stack_lvl+0xe8/0x140
[  187.790078][T10588]  dump_stack+0x15/0x1b
[  187.790093][T10588]  should_fail_ex+0x265/0x280
[  187.790147][T10588]  should_failslab+0x8c/0xb0
[  187.790255][T10588]  kmem_cache_alloc_node_noprof+0x57/0x320
[  187.790282][T10588]  ? __alloc_skb+0x101/0x320
[  187.790315][T10588]  __alloc_skb+0x101/0x320
[  187.790375][T10588]  rtmsg_ifinfo_build_skb+0x5f/0x1b0
[  187.790434][T10588]  ? kvfree_call_rcu+0x29a/0x320
[  187.790458][T10588]  ? __pfx_rtnetlink_event+0x10/0x10
[  187.790497][T10588]  rtnetlink_event+0x18c/0x200
[  187.790528][T10588]  raw_notifier_call_chain+0x6c/0x1b0
[  187.790554][T10588]  ? call_netdevice_notifiers_info+0x9c/0x100
[  187.790685][T10588]  call_netdevice_notifiers_info+0xae/0x100
[  187.790741][T10588]  __netdev_upper_dev_unlink+0x17f/0x760
[  187.790857][T10588]  ? ref_tracker_free+0x28d/0x3e0
[  187.790890][T10588]  ? kfree+0x187/0x310
[  187.790930][T10588]  ? batadv_hardif_disable_interface+0x56e/0xaa0
[  187.790960][T10588]  ? batadv_meshif_destroy_netlink+0x62/0x2e0
[  187.791063][T10588]  ? rtnl_dellink+0x3ba/0x550
[  187.791086][T10588]  ? rtnetlink_rcv_msg+0x5fb/0x6d0
[  187.791161][T10588]  ? netlink_rcv_skb+0x120/0x220
[  187.791199][T10588]  ? rtnetlink_rcv+0x1c/0x30
[  187.791225][T10588]  ? netlink_unicast+0x5a1/0x670
[  187.791267][T10588]  ? netlink_sendmsg+0x58b/0x6b0
[  187.791285][T10588]  ? __sock_sendmsg+0x142/0x180
[  187.791308][T10588]  ? ____sys_sendmsg+0x31e/0x4e0
[  187.791388][T10588]  ? ___sys_sendmsg+0x17b/0x1d0
[  187.791412][T10588]  ? __x64_sys_sendmsg+0xd4/0x160
[  187.791503][T10588]  ? do_syscall_64+0xd0/0x1a0
[  187.791590][T10588]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.791618][T10588]  netdev_upper_dev_unlink+0x1d/0x30
[  187.791667][T10588]  batadv_hardif_disable_interface+0x5c1/0xaa0
[  187.791751][T10588]  ? __pfx_batadv_meshif_destroy_netlink+0x10/0x10
[  187.791784][T10588]  batadv_meshif_destroy_netlink+0x62/0x2e0
[  187.791808][T10588]  ? __pfx_batadv_meshif_destroy_netlink+0x10/0x10
[  187.791844][T10588]  rtnl_dellink+0x3ba/0x550
[  187.791896][T10588]  ? security_capable+0x83/0x90
[  187.791938][T10588]  ? ns_capable+0x7d/0xb0
[  187.791992][T10588]  ? __pfx_rtnl_dellink+0x10/0x10
[  187.792057][T10588]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  187.792088][T10588]  ? avc_has_perm_noaudit+0x1b1/0x200
[  187.792114][T10588]  netlink_rcv_skb+0x120/0x220
[  187.792152][T10588]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  187.792198][T10588]  rtnetlink_rcv+0x1c/0x30
[  187.792219][T10588]  netlink_unicast+0x5a1/0x670
[  187.792251][T10588]  netlink_sendmsg+0x58b/0x6b0
[  187.792278][T10588]  ? __pfx_netlink_sendmsg+0x10/0x10
[  187.792338][T10588]  __sock_sendmsg+0x142/0x180
[  187.792372][T10588]  ____sys_sendmsg+0x31e/0x4e0
[  187.792399][T10588]  ___sys_sendmsg+0x17b/0x1d0
[  187.792437][T10588]  __x64_sys_sendmsg+0xd4/0x160
[  187.792464][T10588]  x64_sys_call+0x2999/0x2fb0
[  187.792498][T10588]  do_syscall_64+0xd0/0x1a0
[  187.792524][T10588]  ? clear_bhb_loop+0x40/0x90
[  187.792548][T10588]  ? clear_bhb_loop+0x40/0x90
[  187.792572][T10588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.792643][T10588] RIP: 0033:0x7f749098e969
[  187.792661][T10588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.792761][T10588] RSP: 002b:00007f748eff7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  187.792781][T10588] RAX: ffffffffffffffda RBX: 00007f7490bb5fa0 RCX: 00007f749098e969
[  187.792794][T10588] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000006
[  187.792807][T10588] RBP: 00007f748eff7090 R08: 0000000000000000 R09: 0000000000000000
[  187.792819][T10588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.792832][T10588] R13: 0000000000000000 R14: 00007f7490bb5fa0 R15: 00007ffeca0d7a78
[  187.792852][T10588]  </TASK>
[  187.793182][T10588] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.824945][T10594] loop6: detected capacity change from 0 to 512
[  188.216809][T10594] loop6: detected capacity change from 0 to 512
[  188.229499][T10594] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  188.243879][T10594] EXT4-fs (loop6): failed to open journal device unknown-block(7,45) -6
[  188.334291][T10601] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  188.342761][T10600] tipc: Disabling bearer <eth:syzkaller0>
[  188.398159][T10605] loop6: detected capacity change from 0 to 512
[  188.410492][T10605] loop6: detected capacity change from 0 to 1024
[  188.417366][T10605] EXT4-fs: Ignoring removed orlov option
[  188.491903][T10615] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2410'.
[  188.507907][T10615] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2410'.
[  188.749085][T10628] netlink: 'syz.5.2414': attribute type 27 has an invalid length.
[  188.792873][T10628] sctp: [Deprecated]: syz.5.2414 (pid 10628) Use of int in max_burst socket option.
[  188.792873][T10628] Use struct sctp_assoc_value instead
[  189.019480][T10633] bridge_slave_0: default FDB implementation only supports local addresses
[  189.365345][   T29] kauditd_printk_skb: 158 callbacks suppressed
[  189.365362][   T29] audit: type=1326 audit(1747141552.482:24631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10655 comm="syz.2.2426" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f749098e969 code=0x0
[  189.378585][T10657] ALSA: seq fatal error: cannot create timer (-22)
[  189.552073][T10668] loop6: detected capacity change from 0 to 256
[  189.660149][T10680] loop6: detected capacity change from 0 to 1024
[  189.689096][T10680] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  189.701647][T10680] EXT4-fs (loop6): This should not happen!! Data will be lost
[  189.701647][T10680] 
[  189.711549][T10680] EXT4-fs (loop6): Total free blocks count 0
[  189.717678][T10680] EXT4-fs (loop6): Free/Dirty block details
[  189.723602][T10680] EXT4-fs (loop6): free_blocks=0
[  189.728705][T10680] EXT4-fs (loop6): dirty_blocks=0
[  189.733780][T10680] EXT4-fs (loop6): Block reservation details
[  189.739868][T10680] EXT4-fs (loop6): i_reserved_data_blocks=0
[  189.782659][   T29] audit: type=1400 audit(1747141552.902:24632): avc:  denied  { watch watch_reads } for  pid=10687 comm="syz.3.2437" path="/457" dev="tmpfs" ino=2477 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  189.784045][T10688] FAULT_INJECTION: forcing a failure.
[  189.784045][T10688] name failslab, interval 1, probability 0, space 0, times 0
[  189.818837][T10688] CPU: 1 UID: 0 PID: 10688 Comm: syz.3.2437 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  189.818870][T10688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  189.818887][T10688] Call Trace:
[  189.818972][T10688]  <TASK>
[  189.818982][T10688]  __dump_stack+0x1d/0x30
[  189.819008][T10688]  dump_stack_lvl+0xe8/0x140
[  189.819031][T10688]  dump_stack+0x15/0x1b
[  189.819055][T10688]  should_fail_ex+0x265/0x280
[  189.819097][T10688]  should_failslab+0x8c/0xb0
[  189.819136][T10688]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  189.819281][T10688]  ? __d_alloc+0x3d/0x350
[  189.819299][T10688]  __d_alloc+0x3d/0x350
[  189.819316][T10688]  d_alloc_parallel+0x53/0xc40
[  189.819339][T10688]  ? __rcu_read_unlock+0x4f/0x70
[  189.819366][T10688]  ? __d_lookup+0x316/0x340
[  189.819396][T10688]  ? try_to_unlazy+0x25e/0x3a0
[  189.819432][T10688]  path_openat+0x6b5/0x2170
[  189.819539][T10688]  do_filp_open+0x109/0x230
[  189.819576][T10688]  do_sys_openat2+0xa6/0x110
[  189.819602][T10688]  __x64_sys_openat+0xf2/0x120
[  189.819634][T10688]  x64_sys_call+0x1af/0x2fb0
[  189.819694][T10688]  do_syscall_64+0xd0/0x1a0
[  189.819779][T10688]  ? clear_bhb_loop+0x40/0x90
[  189.819854][T10688]  ? clear_bhb_loop+0x40/0x90
[  189.819874][T10688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.819971][T10688] RIP: 0033:0x7fcea8aae969
[  189.819986][T10688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.820066][T10688] RSP: 002b:00007fcea7117038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  189.820089][T10688] RAX: ffffffffffffffda RBX: 00007fcea8cd5fa0 RCX: 00007fcea8aae969
[  189.820126][T10688] RDX: 000000000000275a RSI: 0000200000000100 RDI: ffffffffffffff9c
[  189.820197][T10688] RBP: 00007fcea7117090 R08: 0000000000000000 R09: 0000000000000000
[  189.820210][T10688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.820225][T10688] R13: 0000000000000000 R14: 00007fcea8cd5fa0 R15: 00007ffcac71a1b8
[  189.820248][T10688]  </TASK>
[  190.094835][T10700] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.103681][T10700] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.112333][   T29] audit: type=1326 audit(1747141553.242:24633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10693 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  190.136724][   T29] audit: type=1326 audit(1747141553.242:24634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcea8aae969 code=0x7ffc0000
[  190.160502][   T29] audit: type=1326 audit(1747141553.242:24635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fcea8aae969 code=0x7ffc0000
[  190.160805][T10700] loop3: detected capacity change from 0 to 256
[  190.184153][   T29] audit: type=1326 audit(1747141553.242:24636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcea8aae969 code=0x7ffc0000
[  190.214252][   T29] audit: type=1326 audit(1747141553.242:24637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fcea8aae969 code=0x7ffc0000
[  190.219125][T10702] netlink: 'syz.6.2440': attribute type 27 has an invalid length.
[  190.237922][   T29] audit: type=1326 audit(1747141553.242:24638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcea8aae9a3 code=0x7ffc0000
[  190.251911][T10700] IPVS: set_ctl: invalid protocol: 135 224.0.0.2:20004
[  190.269238][   T29] audit: type=1326 audit(1747141553.242:24639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcea8aad41f code=0x7ffc0000
[  190.299620][   T29] audit: type=1326 audit(1747141553.242:24640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10699 comm="syz.3.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fcea8aae9f7 code=0x7ffc0000
[  190.346664][T10701] sctp: [Deprecated]: syz.6.2440 (pid 10701) Use of int in max_burst socket option.
[  190.346664][T10701] Use struct sctp_assoc_value instead
[  190.348840][T10704] loop2: detected capacity change from 0 to 256
[  190.407474][T10708] loop2: detected capacity change from 0 to 512
[  190.443725][T10708] ext4 filesystem being mounted at /527/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.486739][T10718] loop1: detected capacity change from 0 to 512
[  190.500337][T10718] loop1: detected capacity change from 0 to 1024
[  190.522576][T10718] EXT4-fs: Ignoring removed orlov option
[  190.876004][T10738] loop3: detected capacity change from 0 to 256
[  191.047690][T10754] loop2: detected capacity change from 0 to 512
[  191.060351][T10754] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  191.090646][T10754] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.2465: Failed to acquire dquot type 0
[  191.135306][T10754] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  191.150783][T10754] EXT4-fs (loop2): 1 truncate cleaned up
[  191.163808][T10754] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.2465: Failed to acquire dquot type 0
[  191.236719][T10765] loop6: detected capacity change from 0 to 256
[  191.319731][T10770] ALSA: seq fatal error: cannot create timer (-22)
[  191.785794][ T3322] EXT4-fs unmount: 85 callbacks suppressed
[  191.785812][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.786786][T10773] loop5: detected capacity change from 0 to 1024
[  191.873796][T10795] loop2: detected capacity change from 0 to 1024
[  191.906856][T10795] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.937076][T10795] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  191.946762][T10773] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.949697][T10795] EXT4-fs (loop2): This should not happen!! Data will be lost
[  191.949697][T10795] 
[  191.949717][T10795] EXT4-fs (loop2): Total free blocks count 0
[  191.949733][T10795] EXT4-fs (loop2): Free/Dirty block details
[  191.949745][T10795] EXT4-fs (loop2): free_blocks=0
[  191.949760][T10795] EXT4-fs (loop2): dirty_blocks=0
[  191.949776][T10795] EXT4-fs (loop2): Block reservation details
[  191.949866][T10795] EXT4-fs (loop2): i_reserved_data_blocks=0
[  191.974597][T10807] loop6: detected capacity change from 0 to 512
[  191.983808][T10773] ext4 filesystem being mounted at /432/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.006947][T10807] loop6: detected capacity change from 0 to 1024
[  192.048424][T10807] EXT4-fs: Ignoring removed orlov option
[  192.061774][T10811] FAULT_INJECTION: forcing a failure.
[  192.061774][T10811] name failslab, interval 1, probability 0, space 0, times 0
[  192.074584][T10811] CPU: 1 UID: 0 PID: 10811 Comm: syz.1.2486 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  192.074660][T10811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  192.074672][T10811] Call Trace:
[  192.074678][T10811]  <TASK>
[  192.074686][T10811]  __dump_stack+0x1d/0x30
[  192.074713][T10811]  dump_stack_lvl+0xe8/0x140
[  192.074736][T10811]  dump_stack+0x15/0x1b
[  192.074752][T10811]  should_fail_ex+0x265/0x280
[  192.074849][T10811]  should_failslab+0x8c/0xb0
[  192.075015][T10811]  kmem_cache_alloc_node_noprof+0x57/0x320
[  192.075038][T10811]  ? __alloc_skb+0x101/0x320
[  192.075098][T10811]  __alloc_skb+0x101/0x320
[  192.075133][T10811]  pfkey_sendmsg+0xd7/0x900
[  192.075237][T10811]  ? avc_has_perm+0xd3/0x150
[  192.075339][T10811]  ? selinux_socket_sendmsg+0x175/0x1b0
[  192.075377][T10811]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  192.075463][T10811]  __sock_sendmsg+0x142/0x180
[  192.075497][T10811]  ____sys_sendmsg+0x31e/0x4e0
[  192.075522][T10811]  ___sys_sendmsg+0x17b/0x1d0
[  192.075595][T10811]  __x64_sys_sendmsg+0xd4/0x160
[  192.075620][T10811]  x64_sys_call+0x2999/0x2fb0
[  192.075641][T10811]  do_syscall_64+0xd0/0x1a0
[  192.075678][T10811]  ? clear_bhb_loop+0x40/0x90
[  192.075699][T10811]  ? clear_bhb_loop+0x40/0x90
[  192.075721][T10811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.075741][T10811] RIP: 0033:0x7fa056e2e969
[  192.075756][T10811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.075773][T10811] RSP: 002b:00007fa055497038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  192.075795][T10811] RAX: ffffffffffffffda RBX: 00007fa057055fa0 RCX: 00007fa056e2e969
[  192.075833][T10811] RDX: 000000001400c0d4 RSI: 0000200000000180 RDI: 0000000000000003
[  192.075994][T10811] RBP: 00007fa055497090 R08: 0000000000000000 R09: 0000000000000000
[  192.076005][T10811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.076017][T10811] R13: 0000000000000000 R14: 00007fa057055fa0 R15: 00007ffc199d94e8
[  192.076036][T10811]  </TASK>
[  192.079592][T10807] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.110358][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.309065][ T4525] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.340406][T10817] netlink: 'syz.3.2488': attribute type 27 has an invalid length.
[  192.348894][T10819] loop1: detected capacity change from 0 to 512
[  192.367207][T10817] sctp: [Deprecated]: syz.3.2488 (pid 10817) Use of int in max_burst socket option.
[  192.367207][T10817] Use struct sctp_assoc_value instead
[  192.388847][T10819] loop1: detected capacity change from 0 to 1024
[  192.401088][T10819] EXT4-fs: Ignoring removed orlov option
[  192.429451][T10819] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.499874][T10833] loop5: detected capacity change from 0 to 256
[  192.625381][T10839] loop5: detected capacity change from 0 to 512
[  192.642321][T10839] loop5: detected capacity change from 0 to 512
[  192.677478][T10839] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  192.686446][T10839] EXT4-fs (loop5): failed to open journal device unknown-block(7,45) -6
[  193.071670][ T7087] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.109334][T10857] loop3: detected capacity change from 0 to 1024
[  193.137234][T10857] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.162524][T10857] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  193.174887][T10857] EXT4-fs (loop3): This should not happen!! Data will be lost
[  193.174887][T10857] 
[  193.184632][T10857] EXT4-fs (loop3): Total free blocks count 0
[  193.190684][T10857] EXT4-fs (loop3): Free/Dirty block details
[  193.196695][T10857] EXT4-fs (loop3): free_blocks=0
[  193.201700][T10857] EXT4-fs (loop3): dirty_blocks=0
[  193.206791][T10857] EXT4-fs (loop3): Block reservation details
[  193.212811][T10857] EXT4-fs (loop3): i_reserved_data_blocks=0
[  193.233180][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.246622][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.264021][T10870] loop1: detected capacity change from 0 to 256
[  193.443357][T10895] loop1: detected capacity change from 0 to 1024
[  193.450989][T10891] 9pnet_fd: Insufficient options for proto=fd
[  193.482356][T10895] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.500418][T10895] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  193.512802][T10895] EXT4-fs (loop1): This should not happen!! Data will be lost
[  193.512802][T10895] 
[  193.522511][T10895] EXT4-fs (loop1): Total free blocks count 0
[  193.528614][T10895] EXT4-fs (loop1): Free/Dirty block details
[  193.534669][T10895] EXT4-fs (loop1): free_blocks=0
[  193.539726][T10895] EXT4-fs (loop1): dirty_blocks=0
[  193.544868][T10895] EXT4-fs (loop1): Block reservation details
[  193.550934][T10895] EXT4-fs (loop1): i_reserved_data_blocks=0
[  193.590451][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.602172][T10915] loop2: detected capacity change from 0 to 512
[  193.612882][T10915] loop2: detected capacity change from 0 to 512
[  193.627321][T10915] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  193.636817][T10915] EXT4-fs (loop2): failed to open journal device unknown-block(7,45) -6
[  193.810744][T10946] loop1: detected capacity change from 0 to 1024
[  193.839301][T10946] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.874382][T10946] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  193.886873][T10946] EXT4-fs (loop1): This should not happen!! Data will be lost
[  193.886873][T10946] 
[  193.896621][T10946] EXT4-fs (loop1): Total free blocks count 0
[  193.902896][T10946] EXT4-fs (loop1): Free/Dirty block details
[  193.908870][T10946] EXT4-fs (loop1): free_blocks=0
[  193.913840][T10946] EXT4-fs (loop1): dirty_blocks=0
[  193.919061][T10946] EXT4-fs (loop1): Block reservation details
[  193.925071][T10946] EXT4-fs (loop1): i_reserved_data_blocks=0
[  193.936942][T10962] loop6: detected capacity change from 0 to 512
[  193.955416][T10966] __nla_validate_parse: 5 callbacks suppressed
[  193.961687][T10966] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2552'.
[  193.972407][T10962] loop6: detected capacity change from 0 to 512
[  193.980605][T10962] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  193.989593][T10962] EXT4-fs (loop6): failed to open journal device unknown-block(7,45) -6
[  194.017900][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.172829][T10990] can0: slcan on ttyS3.
[  194.231236][T10998] netlink: 'syz.5.2562': attribute type 27 has an invalid length.
[  194.234746][T10999] capability: warning: `syz.6.2560' uses 32-bit capabilities (legacy support in use)
[  194.250546][T10990] can0 (unregistered): slcan off ttyS3.
[  194.260036][T10998] sctp: [Deprecated]: syz.5.2562 (pid 10998) Use of int in max_burst socket option.
[  194.260036][T10998] Use struct sctp_assoc_value instead
[  194.270078][T10990] can0: slcan on ttyS3.
[  194.294167][T11003] loop2: detected capacity change from 0 to 256
[  194.338297][T10990] can0 (unregistered): slcan off ttyS3.
[  194.367842][T11007] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2567'.
[  194.517140][T11024] loop3: detected capacity change from 0 to 1024
[  194.539879][T11024] ext4: Unknown parameter 'subj_user'
[  194.569478][T11028] loop6: detected capacity change from 0 to 256
[  194.766911][T11039] loop2: detected capacity change from 0 to 512
[  194.780908][T11039] loop2: detected capacity change from 0 to 1024
[  194.787698][T11039] EXT4-fs: Ignoring removed orlov option
[  194.796117][T11039] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.895609][   T29] kauditd_printk_skb: 246 callbacks suppressed
[  194.895625][   T29] audit: type=1400 audit(1747141558.012:24883): avc:  denied  { write } for  pid=11047 comm="syz.6.2591" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  194.930375][T11048] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2591'.
[  195.053699][T11053] can0: slcan on ttyS3.
[  195.096010][T11053] can0 (unregistered): slcan off ttyS3.
[  195.173223][T11061] loop1: detected capacity change from 0 to 256
[  195.298787][   T29] audit: type=1326 audit(1747141558.392:24884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11066 comm="syz.1.2592" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa056e2e969 code=0x0
[  195.336678][   T29] audit: type=1326 audit(1747141558.462:24885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11070 comm="syz.6.2594" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc0d0ebe969 code=0x0
[  195.361828][   T29] audit: type=1326 audit(1747141558.482:24886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.3.2595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcea8aae969 code=0x7ffc0000
[  195.387201][   T29] audit: type=1326 audit(1747141558.482:24887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.3.2595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcea8aae969 code=0x7ffc0000
[  195.411051][   T29] audit: type=1326 audit(1747141558.512:24888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.3.2595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fcea8aae969 code=0x7ffc0000
[  195.434742][   T29] audit: type=1326 audit(1747141558.512:24889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.3.2595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcea8aae969 code=0x7ffc0000
[  195.458416][   T29] audit: type=1326 audit(1747141558.512:24890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11074 comm="syz.3.2595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcea8aae969 code=0x7ffc0000
[  195.555380][T11088] loop3: detected capacity change from 0 to 256
[  195.698443][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.805650][T11102] loop3: detected capacity change from 0 to 1024
[  195.814506][T11102] ext4: Unknown parameter 'subj_user'
[  195.829023][   T29] audit: type=1326 audit(1747141558.952:24891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11105 comm="syz.2.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749098e969 code=0x7ffc0000
[  195.852799][   T29] audit: type=1326 audit(1747141558.952:24892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11105 comm="syz.2.2609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749098e969 code=0x7ffc0000
[  196.037685][T11118] loop5: detected capacity change from 0 to 512
[  196.047334][T11118] loop5: detected capacity change from 0 to 512
[  196.054545][T11118] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  196.063700][T11118] EXT4-fs (loop5): failed to open journal device unknown-block(7,45) -6
[  196.216094][T11134] loop6: detected capacity change from 0 to 256
[  196.256644][T11137] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  196.644116][T11157] loop3: detected capacity change from 0 to 1024
[  196.687288][T11157] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.755842][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.782569][T11170] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  196.851155][T11182] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  196.893547][T11183] loop2: detected capacity change from 0 to 1024
[  196.901185][T11183] ext4: Unknown parameter 'subj_user'
[  197.063073][T11200] loop6: detected capacity change from 0 to 1024
[  197.104024][T11200] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.128130][T11200] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  197.140655][T11200] EXT4-fs (loop6): This should not happen!! Data will be lost
[  197.140655][T11200] 
[  197.150470][T11200] EXT4-fs (loop6): Total free blocks count 0
[  197.156585][T11200] EXT4-fs (loop6): Free/Dirty block details
[  197.162556][T11200] EXT4-fs (loop6): free_blocks=0
[  197.167644][T11200] EXT4-fs (loop6): dirty_blocks=0
[  197.172703][T11200] EXT4-fs (loop6): Block reservation details
[  197.178797][T11200] EXT4-fs (loop6): i_reserved_data_blocks=0
[  197.204705][ T7087] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.235054][T11215] loop5: detected capacity change from 0 to 512
[  197.237127][T11214] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  197.250221][T11215] loop5: detected capacity change from 0 to 1024
[  197.257006][T11215] EXT4-fs: Ignoring removed orlov option
[  197.267035][T11215] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.607688][T11243] loop1: detected capacity change from 0 to 1024
[  197.640344][T11243] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.656282][T11242] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  197.718161][T11243] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  197.730605][T11243] EXT4-fs (loop1): This should not happen!! Data will be lost
[  197.730605][T11243] 
[  197.740314][T11243] EXT4-fs (loop1): Total free blocks count 0
[  197.746374][T11243] EXT4-fs (loop1): Free/Dirty block details
[  197.752345][T11243] EXT4-fs (loop1): free_blocks=0
[  197.757349][T11243] EXT4-fs (loop1): dirty_blocks=0
[  197.762408][T11243] EXT4-fs (loop1): Block reservation details
[  197.768765][T11254] loop3: detected capacity change from 0 to 512
[  197.769767][T11243] EXT4-fs (loop1): i_reserved_data_blocks=0
[  197.795086][T11254] loop3: detected capacity change from 0 to 512
[  197.803546][T11254] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  197.812951][T11254] EXT4-fs (loop3): failed to open journal device unknown-block(7,45) -6
[  197.822038][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.975222][T11272] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  198.014082][T11275] loop3: detected capacity change from 0 to 1024
[  198.036154][T11275] ext4: Unknown parameter 'subj_user'
[  198.169637][ T4525] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.309944][T11305] loop5: detected capacity change from 0 to 512
[  198.319987][T11305] loop5: detected capacity change from 0 to 512
[  198.327027][T11305] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  198.335791][T11305] EXT4-fs (loop5): failed to open journal device unknown-block(7,45) -6
[  198.586177][T11324] loop6: detected capacity change from 0 to 512
[  198.618786][T11324] EXT4-fs: Ignoring removed oldalloc option
[  198.655186][T11324] EXT4-fs (loop6): 1 truncate cleaned up
[  198.661407][T11324] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.675648][T11324] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.2696: invalid indirect mapped block 234881024 (level 0)
[  198.691968][T11324] EXT4-fs (loop6): Remounting filesystem read-only
[  198.709140][T11340] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  198.735947][T11341] loop1: detected capacity change from 0 to 8192
[  198.775894][T11341]  loop1: p1 p3 p4
[  198.779732][T11341] loop1: p1 size 8390912 extends beyond EOD, truncated
[  198.787299][T11341] loop1: p3 size 589824 extends beyond EOD, truncated
[  198.974706][T11357] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2711'.
[  199.078691][T11369] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  199.148182][T11371] netlink: 'syz.3.2716': attribute type 27 has an invalid length.
[  199.176316][T11371] sctp: [Deprecated]: syz.3.2716 (pid 11371) Use of int in max_burst socket option.
[  199.176316][T11371] Use struct sctp_assoc_value instead
[  199.228471][T11373] can0: slcan on ttyS3.
[  199.265628][T11373] can0 (unregistered): slcan off ttyS3.
[  199.342259][T11383] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2723'.
[  199.353602][ T7087] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.523489][T11396] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  199.692683][T11412] can0: slcan on ttyS3.
[  199.717723][T11392] chnl_net:caif_netlink_parms(): no params data found
[  199.735835][T11412] can0 (unregistered): slcan off ttyS3.
[  199.781946][T11420] loop6: detected capacity change from 0 to 512
[  199.788699][T11425] loop1: detected capacity change from 0 to 512
[  199.796093][T11392] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.802491][T11425] loop1: detected capacity change from 0 to 1024
[  199.803455][T11392] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.810036][T11425] EXT4-fs: Ignoring removed orlov option
[  199.820792][T11420] loop6: detected capacity change from 0 to 512
[  199.823142][T11392] bridge_slave_0: entered allmulticast mode
[  199.829675][T11420] EXT4-fs (loop6): external journal device major/minor numbers have changed
[  199.835617][T11392] bridge_slave_0: entered promiscuous mode
[  199.845366][T11420] EXT4-fs (loop6): failed to open journal device unknown-block(7,45) -6
[  199.850665][T11392] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.864873][T11392] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.868110][T11425] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.872257][T11392] bridge_slave_1: entered allmulticast mode
[  199.891165][T11392] bridge_slave_1: entered promiscuous mode
[  199.952165][T11392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  199.962851][T11392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  199.993620][T11392] team0: Port device team_slave_0 added
[  200.001055][T11430] can0: slcan on ttyS3.
[  200.012104][T11392] team0: Port device team_slave_1 added
[  200.042946][T11392] batman_adv: batadv0: Adding interface: batadv_slave_0
[  200.050010][T11392] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.076166][T11392] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  200.087755][T11430] can0 (unregistered): slcan off ttyS3.
[  200.094886][T11392] batman_adv: batadv0: Adding interface: batadv_slave_1
[  200.101967][T11392] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.128148][T11392] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  200.185629][T11392] hsr_slave_0: entered promiscuous mode
[  200.194369][T11392] hsr_slave_1: entered promiscuous mode
[  200.200956][T11392] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  200.209242][T11392] Cannot create hsr debugfs directory
[  200.274458][T11443] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  200.327308][T11445] netlink: 'syz.6.2743': attribute type 27 has an invalid length.
[  200.381312][T11445] sctp: [Deprecated]: syz.6.2743 (pid 11445) Use of int in max_burst socket option.
[  200.381312][T11445] Use struct sctp_assoc_value instead
[  200.454031][T11451] loop3: detected capacity change from 0 to 256
[  200.493697][T11453] loop3: detected capacity change from 0 to 512
[  200.510503][T11453] loop3: detected capacity change from 0 to 1024
[  200.517436][T11453] EXT4-fs: Ignoring removed orlov option
[  200.545213][T11456] loop5: detected capacity change from 0 to 512
[  200.565107][T11456] loop5: detected capacity change from 0 to 512
[  200.565842][T11453] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.583021][T11392] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  200.584626][T11456] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  200.603921][T11392] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  200.611229][T11456] EXT4-fs (loop5): failed to open journal device unknown-block(7,45) -6
[  200.626953][T11392] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  200.640635][T11392] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  200.680994][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.686056][T11392] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.725996][T11392] 8021q: adding VLAN 0 to HW filter on device team0
[  200.728047][T11461] 9pnet_fd: Insufficient options for proto=fd
[  200.737137][ T2319] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.745848][ T2319] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.818323][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.825586][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.835184][T11465] netlink: 'syz.1.2749': attribute type 27 has an invalid length.
[  200.884827][T11465] sctp: [Deprecated]: syz.1.2749 (pid 11465) Use of int in max_burst socket option.
[  200.884827][T11465] Use struct sctp_assoc_value instead
[  200.927764][T11473] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  200.999721][T11392] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.111556][T11392] veth0_vlan: entered promiscuous mode
[  201.140933][T11392] veth1_vlan: entered promiscuous mode
[  201.152794][T11491] loop5: detected capacity change from 0 to 1024
[  201.177615][T11491] ext4: Unknown parameter 'subj_user'
[  201.184898][T11392] veth0_macvtap: entered promiscuous mode
[  201.194796][T11392] veth1_macvtap: entered promiscuous mode
[  201.212598][T11392] batman_adv: batadv0: Interface activated: batadv_slave_0
[  201.228073][T11392] batman_adv: batadv0: Interface activated: batadv_slave_1
[  201.236957][T11392] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.245762][T11392] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.254510][T11392] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.263482][T11392] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.450943][T11498] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2758'.
[  201.528691][T11504] loop2: detected capacity change from 0 to 512
[  201.539782][T11504] loop2: detected capacity change from 0 to 512
[  201.547737][T11504] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  201.556741][T11504] EXT4-fs (loop2): failed to open journal device unknown-block(7,45) -6
[  201.558315][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.589946][T11508] 9pnet_fd: Insufficient options for proto=fd
[  201.602853][T11507] loop1: detected capacity change from 0 to 1024
[  201.652465][T11507] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.668834][T11507] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  201.681339][T11507] EXT4-fs (loop1): This should not happen!! Data will be lost
[  201.681339][T11507] 
[  201.691068][T11507] EXT4-fs (loop1): Total free blocks count 0
[  201.697225][T11507] EXT4-fs (loop1): Free/Dirty block details
[  201.703310][T11507] EXT4-fs (loop1): free_blocks=0
[  201.708337][T11507] EXT4-fs (loop1): dirty_blocks=0
[  201.712307][T11518] can0: slcan on ttyS3.
[  201.713363][T11507] EXT4-fs (loop1): Block reservation details
[  201.713380][T11507] EXT4-fs (loop1): i_reserved_data_blocks=0
[  201.715744][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  201.715760][   T29] audit: type=1326 audit(1747141564.832:24950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11514 comm="syz.2.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36eb9fe969 code=0x7ffc0000
[  201.754920][T11519] netlink: 'syz.2.2765': attribute type 27 has an invalid length.
[  201.764537][   T29] audit: type=1326 audit(1747141564.842:24951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11514 comm="syz.2.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f36eb9fe969 code=0x7ffc0000
[  201.791564][   T29] audit: type=1326 audit(1747141564.842:24952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11514 comm="syz.2.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36eb9fe969 code=0x7ffc0000
[  201.804649][T11522] sctp: [Deprecated]: syz.2.2765 (pid 11522) Use of int in max_burst socket option.
[  201.804649][T11522] Use struct sctp_assoc_value instead
[  201.815689][   T29] audit: type=1326 audit(1747141564.842:24953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11514 comm="syz.2.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36eb9fe969 code=0x7ffc0000
[  201.853994][   T29] audit: type=1326 audit(1747141564.842:24954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11514 comm="syz.2.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f36eb9fe969 code=0x7ffc0000
[  201.877899][   T29] audit: type=1326 audit(1747141564.842:24955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11514 comm="syz.2.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36eb9fe969 code=0x7ffc0000
[  201.901606][   T29] audit: type=1326 audit(1747141564.842:24956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11514 comm="syz.2.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36eb9fe969 code=0x7ffc0000
[  201.925287][   T29] audit: type=1326 audit(1747141564.842:24957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11514 comm="syz.2.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36eb9fe969 code=0x7ffc0000
[  201.948907][   T29] audit: type=1326 audit(1747141564.842:24958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11514 comm="syz.2.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36eb9fe969 code=0x7ffc0000
[  201.972628][   T29] audit: type=1326 audit(1747141564.842:24959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11514 comm="syz.2.2765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f36eb9fe969 code=0x7ffc0000
[  202.001903][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.026534][T11518] can0 (unregistered): slcan off ttyS3.
[  202.151916][T11519] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.159945][T11519] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.302691][T11519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  202.322378][T11519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  202.414478][T11519] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.428516][T11519] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.437839][T11519] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.447140][T11519] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.505835][T11531] can0: slcan on ttyS3.
[  202.541648][T11546] 9pnet_fd: Insufficient options for proto=fd
[  202.586611][T11531] can0 (unregistered): slcan off ttyS3.
[  202.595691][T11554] loop2: detected capacity change from 0 to 512
[  202.617100][T11554] loop2: detected capacity change from 0 to 512
[  202.626350][T11554] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  202.650078][T11559] loop3: detected capacity change from 0 to 512
[  202.657825][T11554] EXT4-fs (loop2): failed to open journal device unknown-block(7,45) -6
[  202.677865][T11559] loop3: detected capacity change from 0 to 1024
[  202.684506][T11559] EXT4-fs: Ignoring removed orlov option
[  202.693283][T11559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.706770][T11555] netlink: 'syz.6.2772': attribute type 27 has an invalid length.
[  202.729942][T11555] sctp: [Deprecated]: syz.6.2772 (pid 11555) Use of int in max_burst socket option.
[  202.729942][T11555] Use struct sctp_assoc_value instead
[  202.775509][T11562] loop1: detected capacity change from 0 to 512
[  202.793828][T11562] loop1: detected capacity change from 0 to 1024
[  202.800707][T11562] EXT4-fs: Ignoring removed orlov option
[  202.808989][T11565] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2780'.
[  202.832593][T11562] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.968772][T11582] netlink: 'syz.2.2784': attribute type 27 has an invalid length.
[  202.991193][T11582] sctp: [Deprecated]: syz.2.2784 (pid 11582) Use of int in max_burst socket option.
[  202.991193][T11582] Use struct sctp_assoc_value instead
[  203.278289][ T1917] bridge_slave_1: left allmulticast mode
[  203.284003][ T1917] bridge_slave_1: left promiscuous mode
[  203.289878][ T1917] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.299131][ T1917] bridge_slave_0: left allmulticast mode
[  203.304826][ T1917] bridge_slave_0: left promiscuous mode
[  203.310592][ T1917] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.376707][ T1917] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  203.386964][ T1917] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  203.396861][ T1917] bond0 (unregistering): Released all slaves
[  203.440460][ T1917] tipc: Left network mode
[  203.595057][ T1917] team0 (unregistering): Port device team_slave_1 removed
[  203.631840][ T1917] team0 (unregistering): Port device team_slave_0 removed
[  203.752850][T11604] can0: slcan on ttyS3.
[  203.804263][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.815123][T11608] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2793'.
[  203.885866][T11604] can0 (unregistered): slcan off ttyS3.
[  203.917232][T11622] can0: slcan on ttyS3.
[  203.933859][T11624] 9pnet_fd: Insufficient options for proto=fd
[  203.942101][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.976254][T11622] can0 (unregistered): slcan off ttyS3.
[  203.998164][T11622] can0: slcan on ttyS3.
[  204.075836][T11622] can0 (unregistered): slcan off ttyS3.
[  204.102495][T11643] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2805'.
[  204.122218][T11647] netlink: 'syz.6.2803': attribute type 27 has an invalid length.
[  204.170592][T11647] sctp: [Deprecated]: syz.6.2803 (pid 11647) Use of int in max_burst socket option.
[  204.170592][T11647] Use struct sctp_assoc_value instead
[  204.212647][T11652] can0: slcan on ttyS3.
[  204.222783][T11658] 9pnet_fd: Insufficient options for proto=fd
[  204.264249][T11660] loop1: detected capacity change from 0 to 512
[  204.284231][T11660] loop1: detected capacity change from 0 to 1024
[  204.290990][T11660] EXT4-fs: Ignoring removed orlov option
[  204.296826][T11652] can0 (unregistered): slcan off ttyS3.
[  204.308847][T11660] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.351029][T11670] FAULT_INJECTION: forcing a failure.
[  204.351029][T11670] name failslab, interval 1, probability 0, space 0, times 0
[  204.363953][T11670] CPU: 0 UID: 0 PID: 11670 Comm: syz.2.2814 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  204.364031][T11670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  204.364053][T11670] Call Trace:
[  204.364059][T11670]  <TASK>
[  204.364068][T11670]  __dump_stack+0x1d/0x30
[  204.364132][T11670]  dump_stack_lvl+0xe8/0x140
[  204.364157][T11670]  dump_stack+0x15/0x1b
[  204.364179][T11670]  should_fail_ex+0x265/0x280
[  204.364250][T11670]  ? audit_log_d_path+0x8d/0x150
[  204.364295][T11670]  should_failslab+0x8c/0xb0
[  204.364334][T11670]  __kmalloc_cache_noprof+0x4c/0x320
[  204.364363][T11670]  audit_log_d_path+0x8d/0x150
[  204.364444][T11670]  audit_log_d_path_exe+0x42/0x70
[  204.364474][T11670]  audit_log_task+0x1e9/0x250
[  204.364552][T11670]  audit_seccomp+0x61/0x100
[  204.364582][T11670]  ? __seccomp_filter+0x68c/0x10d0
[  204.364608][T11670]  __seccomp_filter+0x69d/0x10d0
[  204.364638][T11670]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  204.364667][T11670]  ? vfs_write+0x75e/0x8d0
[  204.364779][T11670]  __secure_computing+0x82/0x150
[  204.364816][T11670]  syscall_trace_enter+0xcf/0x1e0
[  204.364844][T11670]  do_syscall_64+0xaa/0x1a0
[  204.364928][T11670]  ? clear_bhb_loop+0x40/0x90
[  204.364955][T11670]  ? clear_bhb_loop+0x40/0x90
[  204.364976][T11670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.364997][T11670] RIP: 0033:0x7f36eb9fe969
[  204.365068][T11670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.365086][T11670] RSP: 002b:00007f36ea067038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  204.365104][T11670] RAX: ffffffffffffffda RBX: 00007f36ebc25fa0 RCX: 00007f36eb9fe969
[  204.365116][T11670] RDX: 0000000000000000 RSI: 0000000000004000 RDI: 0000200000ffb000
[  204.365130][T11670] RBP: 00007f36ea067090 R08: 0000000000000000 R09: 0000000000000000
[  204.365148][T11670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.365163][T11670] R13: 0000000000000000 R14: 00007f36ebc25fa0 R15: 00007fffa8e6b018
[  204.365189][T11670]  </TASK>
[  204.708939][T11679] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2817'.
[  204.818405][T11686] can0: slcan on ttyS3.
[  204.870004][T11693] 9pnet_fd: Insufficient options for proto=fd
[  204.876444][T11686] can0 (unregistered): slcan off ttyS3.
[  204.950997][T11703] loop3: detected capacity change from 0 to 512
[  204.965307][T11703] loop3: detected capacity change from 0 to 512
[  204.972368][T11702] loop2: detected capacity change from 0 to 512
[  204.979481][T11703] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  204.990069][T11703] EXT4-fs (loop3): failed to open journal device unknown-block(7,45) -6
[  205.005411][T11702] loop2: detected capacity change from 0 to 1024
[  205.012449][T11702] EXT4-fs: Ignoring removed orlov option
[  205.032318][T11702] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.180985][T11712] loop3: detected capacity change from 0 to 256
[  205.240378][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.323431][T11725] can0: slcan on ttyS3.
[  205.385715][T11725] can0 (unregistered): slcan off ttyS3.
[  205.455997][T11733] 9pnet_fd: Insufficient options for proto=fd
[  205.488393][T11735] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  205.490048][T11737] loop3: detected capacity change from 0 to 512
[  205.506544][T11737] loop3: detected capacity change from 0 to 512
[  205.515028][T11737] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  205.529268][T11737] EXT4-fs (loop3): failed to open journal device unknown-block(7,45) -6
[  205.600574][T11739] loop3: detected capacity change from 0 to 256
[  205.782118][T11759] 9pnet_fd: Insufficient options for proto=fd
[  205.810278][T11757] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  205.869391][T11392] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.934855][T11767] loop5: detected capacity change from 0 to 256
[  206.116801][T11788] loop5: detected capacity change from 0 to 512
[  206.131108][T11788] loop5: detected capacity change from 0 to 1024
[  206.138784][T11788] EXT4-fs: Ignoring removed orlov option
[  206.147696][T11788] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.394330][T11800] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2865'.
[  206.477544][T11805] loop6: detected capacity change from 0 to 256
[  206.808995][T11823] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2876'.
[  206.938387][T11836] loop1: detected capacity change from 0 to 256
[  206.951660][T11834] loop2: detected capacity change from 0 to 512
[  206.964663][T11834] loop2: detected capacity change from 0 to 1024
[  206.995063][T11834] EXT4-fs: Ignoring removed orlov option
[  207.032966][T11834] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.062412][T11843] loop6: detected capacity change from 0 to 512
[  207.082804][T11843] loop6: detected capacity change from 0 to 1024
[  207.090384][T11843] EXT4-fs: Ignoring removed orlov option
[  207.101637][ T4525] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.104991][T11846] can0: slcan on ttyS3.
[  207.117744][T11843] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.175958][T11846] can0 (unregistered): slcan off ttyS3.
[  207.190486][T11850] can0: slcan on ttyS3.
[  207.307699][T11849] can0 (unregistered): slcan off ttyS3.
[  207.360469][   T29] kauditd_printk_skb: 197 callbacks suppressed
[  207.360485][   T29] audit: type=1326 audit(1747141570.482:25157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11860 comm="syz.1.2891" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa056e2e969 code=0x0
[  207.476379][T11870] loop5: detected capacity change from 0 to 256
[  207.737805][T11878] loop3: detected capacity change from 0 to 512
[  207.751215][   T29] audit: type=1326 audit(1747141570.872:25158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11879 comm="syz.5.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17748de969 code=0x7ffc0000
[  207.757800][T11878] loop3: detected capacity change from 0 to 512
[  207.774945][   T29] audit: type=1326 audit(1747141570.872:25159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11879 comm="syz.5.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17748de969 code=0x7ffc0000
[  207.790497][T11878] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  207.814453][T11878] EXT4-fs (loop3): failed to open journal device unknown-block(7,45) -6
[  207.834208][   T29] audit: type=1326 audit(1747141570.932:25160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11879 comm="syz.5.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f17748de969 code=0x7ffc0000
[  207.857983][   T29] audit: type=1326 audit(1747141570.932:25161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11879 comm="syz.5.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17748de969 code=0x7ffc0000
[  207.881847][   T29] audit: type=1326 audit(1747141570.932:25162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11879 comm="syz.5.2900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17748de969 code=0x7ffc0000
[  207.945776][T11392] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.018332][T11887] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  208.056795][ T7087] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.058432][   T29] audit: type=1400 audit(1747141571.182:25163): avc:  denied  { write } for  pid=11890 comm="syz.5.2904" laddr=172.20.20.170 lport=56114 faddr=172.20.20.170 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  208.108375][T11898] loop3: detected capacity change from 0 to 1024
[  208.115151][T11898] ext4: Unknown parameter 'subj_user'
[  208.149252][T11900] loop2: detected capacity change from 0 to 256
[  208.156469][   T29] audit: type=1326 audit(1747141571.282:25164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11896 comm="syz.6.2906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  208.180153][   T29] audit: type=1326 audit(1747141571.282:25165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11896 comm="syz.6.2906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  208.214984][T11901] netlink: 'syz.6.2906': attribute type 27 has an invalid length.
[  208.242513][T11901] sctp: [Deprecated]: syz.6.2906 (pid 11901) Use of int in max_burst socket option.
[  208.242513][T11901] Use struct sctp_assoc_value instead
[  208.261155][   T29] audit: type=1326 audit(1747141571.322:25166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11896 comm="syz.6.2906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fc0d0ebe969 code=0x7ffc0000
[  208.376611][T11915] loop1: detected capacity change from 0 to 512
[  208.389768][T11915] loop1: detected capacity change from 0 to 1024
[  208.396781][T11915] EXT4-fs: Ignoring removed orlov option
[  208.405070][T11915] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.426870][T11918] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  208.435140][T11918] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  208.516889][T11924] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  208.632966][T11928] loop2: detected capacity change from 0 to 256
[  208.779684][T11934] can0: slcan on ttyS3.
[  208.825665][T11934] can0 (unregistered): slcan off ttyS3.
[  208.977281][T11949] loop6: detected capacity change from 0 to 1024
[  209.013314][T11952] loop5: detected capacity change from 0 to 1024
[  209.043486][T11949] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.062158][T11949] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  209.072141][T11954] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  209.074660][T11949] EXT4-fs (loop6): This should not happen!! Data will be lost
[  209.074660][T11949] 
[  209.091438][T11949] EXT4-fs (loop6): Total free blocks count 0
[  209.097481][T11949] EXT4-fs (loop6): Free/Dirty block details
[  209.103432][T11949] EXT4-fs (loop6): free_blocks=0
[  209.108499][T11949] EXT4-fs (loop6): dirty_blocks=0
[  209.113559][T11949] EXT4-fs (loop6): Block reservation details
[  209.119588][T11949] EXT4-fs (loop6): i_reserved_data_blocks=0
[  209.147863][T11952] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.173749][T11952] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  209.186206][T11952] EXT4-fs (loop5): This should not happen!! Data will be lost
[  209.186206][T11952] 
[  209.195971][T11952] EXT4-fs (loop5): Total free blocks count 0
[  209.201973][T11952] EXT4-fs (loop5): Free/Dirty block details
[  209.207937][T11952] EXT4-fs (loop5): free_blocks=0
[  209.212917][T11952] EXT4-fs (loop5): dirty_blocks=0
[  209.218142][T11952] EXT4-fs (loop5): Block reservation details
[  209.224294][T11952] EXT4-fs (loop5): i_reserved_data_blocks=0
[  209.231532][ T7087] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.247948][ T4525] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.288000][ T3323] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.359926][T11969] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  209.469344][T11972] can0: slcan on ttyS3.
[  209.536633][T11972] can0 (unregistered): slcan off ttyS3.
[  209.544786][T11980] can0: slcan on ttyS3.
[  209.588140][T11993] loop1: detected capacity change from 0 to 1024
[  209.596617][T11993] ext4: Unknown parameter 'subj_user'
[  209.615921][T11980] can0 (unregistered): slcan off ttyS3.
[  209.625789][T11991] can0: slcan on ttyS3.
[  209.665637][T11996] can0 (unregistered): slcan off ttyS3.
[  209.701588][T12000] loop3: detected capacity change from 0 to 1024
[  209.712777][T12000] EXT4-fs: Ignoring removed orlov option
[  209.721908][T12000] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.749983][T12005] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  209.766331][T12009] loop2: detected capacity change from 0 to 128
[  210.007639][T12026] raw_sendmsg: syz.6.2954 forgot to set AF_INET. Fix it!
[  210.028838][T12028] loop5: detected capacity change from 0 to 1024
[  210.061239][T12032] can0: slcan on ttyS3.
[  210.072469][T12028] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.091303][T12028] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  210.103748][T12028] EXT4-fs (loop5): This should not happen!! Data will be lost
[  210.103748][T12028] 
[  210.113494][T12028] EXT4-fs (loop5): Total free blocks count 0
[  210.119578][T12028] EXT4-fs (loop5): Free/Dirty block details
[  210.125532][T12028] EXT4-fs (loop5): free_blocks=0
[  210.130570][T12028] EXT4-fs (loop5): dirty_blocks=0
[  210.135711][T12028] EXT4-fs (loop5): Block reservation details
[  210.141760][T12028] EXT4-fs (loop5): i_reserved_data_blocks=0
[  210.156223][T12032] can0 (unregistered): slcan off ttyS3.
[  210.177645][ T4525] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.230284][T12035] can0: slcan on ttyS3.
[  210.276264][T12035] can0 (unregistered): slcan off ttyS3.
[  210.356917][T12039] IPVS: set_ctl: invalid protocol: 103 255.255.255.255:20002
[  210.405174][T12047] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  210.491228][T12056] loop5: detected capacity change from 0 to 128
[  210.546618][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.592558][T12069] loop3: detected capacity change from 0 to 1024
[  210.608393][T12069] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.624975][T12073] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2971'.
[  210.625903][T12069] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  210.646519][T12069] EXT4-fs (loop3): This should not happen!! Data will be lost
[  210.646519][T12069] 
[  210.656347][T12069] EXT4-fs (loop3): Total free blocks count 0
[  210.662534][T12069] EXT4-fs (loop3): Free/Dirty block details
[  210.668608][T12069] EXT4-fs (loop3): free_blocks=0
[  210.673589][T12069] EXT4-fs (loop3): dirty_blocks=0
[  210.678692][T12069] EXT4-fs (loop3): Block reservation details
[  210.684733][T12069] EXT4-fs (loop3): i_reserved_data_blocks=0
[  210.713211][T12079] netlink: 'syz.6.2973': attribute type 1 has an invalid length.
[  210.721070][T12079] netlink: 'syz.6.2973': attribute type 2 has an invalid length.
[  210.729071][T12079] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2973'.
[  210.739754][T12079] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2973'.
[  210.739860][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.748723][T12079] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2973'.
[  210.835357][T12089] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  210.867986][T12093] loop3: detected capacity change from 0 to 1024
[  210.889428][T12093] EXT4-fs: Ignoring removed orlov option
[  210.901415][T12099] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2982'.
[  210.912115][T12093] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.943153][T12103] loop5: detected capacity change from 0 to 128
[  210.953640][T12103] EXT4-fs: Ignoring removed nobh option
[  210.976907][T12105] loop1: detected capacity change from 0 to 1024
[  210.989336][T12108] loop6: detected capacity change from 0 to 1024
[  210.997979][T12103] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  211.010811][T12103] ext4 filesystem being mounted at /549/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  211.023486][T12108] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.038319][T12105] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.054110][T12105] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  211.066576][T12105] EXT4-fs (loop1): This should not happen!! Data will be lost
[  211.066576][T12105] 
[  211.076308][T12105] EXT4-fs (loop1): Total free blocks count 0
[  211.082540][T12105] EXT4-fs (loop1): Free/Dirty block details
[  211.088522][T12105] EXT4-fs (loop1): free_blocks=0
[  211.093531][T12105] EXT4-fs (loop1): dirty_blocks=0
[  211.098621][T12105] EXT4-fs (loop1): Block reservation details
[  211.104634][T12105] EXT4-fs (loop1): i_reserved_data_blocks=0
[  211.127155][ T4525] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  211.144055][T12108] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  211.156520][T12108] EXT4-fs (loop6): This should not happen!! Data will be lost
[  211.156520][T12108] 
[  211.166381][T12108] EXT4-fs (loop6): Total free blocks count 0
[  211.172516][T12108] EXT4-fs (loop6): Free/Dirty block details
[  211.178468][T12108] EXT4-fs (loop6): free_blocks=0
[  211.179082][T12116] FAULT_INJECTION: forcing a failure.
[  211.179082][T12116] name failslab, interval 1, probability 0, space 0, times 0
[  211.183413][T12108] EXT4-fs (loop6): dirty_blocks=0
[  211.196151][T12116] CPU: 1 UID: 0 PID: 12116 Comm: syz.5.2986 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  211.196216][T12116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  211.196234][T12116] Call Trace:
[  211.196243][T12116]  <TASK>
[  211.196255][T12116]  __dump_stack+0x1d/0x30
[  211.196283][T12116]  dump_stack_lvl+0xe8/0x140
[  211.196309][T12116]  dump_stack+0x15/0x1b
[  211.196360][T12116]  should_fail_ex+0x265/0x280
[  211.196408][T12116]  ? rtnl_newlink+0x5c/0x12d0
[  211.196547][T12116]  should_failslab+0x8c/0xb0
[  211.196586][T12116]  __kmalloc_cache_noprof+0x4c/0x320
[  211.196616][T12116]  rtnl_newlink+0x5c/0x12d0
[  211.196661][T12116]  ? rb_insert_color+0x277/0x2b0
[  211.196688][T12116]  ? x86_call_depth_emit_accounting+0x128/0x2e0
[  211.196824][T12116]  ? __list_add_valid_or_report+0x38/0xe0
[  211.196857][T12116]  ? xas_load+0x413/0x430
[  211.196884][T12116]  ? xas_load+0x413/0x430
[  211.196911][T12116]  ? __rcu_read_unlock+0x4f/0x70
[  211.196994][T12116]  ? avc_has_perm_noaudit+0xc3/0x200
[  211.197020][T12116]  ? __rcu_read_unlock+0x4f/0x70
[  211.197047][T12116]  ? avc_has_perm_noaudit+0x1b1/0x200
[  211.197099][T12116]  ? selinux_capable+0x1f9/0x270
[  211.197133][T12116]  ? security_capable+0x83/0x90
[  211.197175][T12116]  ? ns_capable+0x7d/0xb0
[  211.197202][T12116]  ? __pfx_rtnl_newlink+0x10/0x10
[  211.197281][T12116]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  211.197312][T12116]  ? avc_has_perm_noaudit+0x1b1/0x200
[  211.197379][T12116]  netlink_rcv_skb+0x120/0x220
[  211.197419][T12116]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  211.197471][T12116]  rtnetlink_rcv+0x1c/0x30
[  211.197564][T12116]  netlink_unicast+0x5a1/0x670
[  211.197656][T12116]  netlink_sendmsg+0x58b/0x6b0
[  211.197687][T12116]  ? __pfx_netlink_sendmsg+0x10/0x10
[  211.197712][T12116]  __sock_sendmsg+0x142/0x180
[  211.197748][T12116]  ____sys_sendmsg+0x31e/0x4e0
[  211.197780][T12116]  ___sys_sendmsg+0x17b/0x1d0
[  211.197872][T12116]  __x64_sys_sendmsg+0xd4/0x160
[  211.197905][T12116]  x64_sys_call+0x2999/0x2fb0
[  211.197933][T12116]  do_syscall_64+0xd0/0x1a0
[  211.197964][T12116]  ? clear_bhb_loop+0x40/0x90
[  211.198041][T12116]  ? clear_bhb_loop+0x40/0x90
[  211.198069][T12116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.198097][T12116] RIP: 0033:0x7f17748de969
[  211.198174][T12116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.198198][T12116] RSP: 002b:00007f1772f47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  211.198222][T12116] RAX: ffffffffffffffda RBX: 00007f1774b05fa0 RCX: 00007f17748de969
[  211.198238][T12116] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[  211.198254][T12116] RBP: 00007f1772f47090 R08: 0000000000000000 R09: 0000000000000000
[  211.198269][T12116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.198285][T12116] R13: 0000000000000000 R14: 00007f1774b05fa0 R15: 00007ffdbd86efa8
[  211.198373][T12116]  </TASK>
[  211.493133][T12108] EXT4-fs (loop6): Block reservation details
[  211.499240][T12108] EXT4-fs (loop6): i_reserved_data_blocks=0
[  211.614627][T12133] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2994'.
[  211.681363][T12140] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  211.750368][T12146] loop6: detected capacity change from 0 to 256
[  211.915754][ T3392] usb usb6-port1: attempt power cycle
[  211.929731][T12166] loop3: detected capacity change from 0 to 8192
[  212.061180][T12182] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  212.242644][T12203] netlink: 'syz.3.3019': attribute type 27 has an invalid length.
[  212.291731][T12203] sctp: [Deprecated]: syz.3.3019 (pid 12203) Use of int in max_burst socket option.
[  212.291731][T12203] Use struct sctp_assoc_value instead
[  212.342957][T12214] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3028'.
[  212.429089][T12223] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  212.532713][T12225] loop1: detected capacity change from 0 to 256
[  212.564977][T12227] can0: slcan on ttyS3.
[  212.586622][T12227] can0 (unregistered): slcan off ttyS3.
[  212.667096][T12235] FAULT_INJECTION: forcing a failure.
[  212.667096][T12235] name failslab, interval 1, probability 0, space 0, times 0
[  212.679983][T12235] CPU: 1 UID: 0 PID: 12235 Comm: syz.1.3037 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  212.680057][T12235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  212.680072][T12235] Call Trace:
[  212.680078][T12235]  <TASK>
[  212.680087][T12235]  __dump_stack+0x1d/0x30
[  212.680113][T12235]  dump_stack_lvl+0xe8/0x140
[  212.680137][T12235]  dump_stack+0x15/0x1b
[  212.680157][T12235]  should_fail_ex+0x265/0x280
[  212.680235][T12235]  ? __tcf_chain_get+0x91/0x280
[  212.680268][T12235]  should_failslab+0x8c/0xb0
[  212.680303][T12235]  __kmalloc_cache_noprof+0x4c/0x320
[  212.680328][T12235]  ? xas_load+0x413/0x430
[  212.680386][T12235]  __tcf_chain_get+0x91/0x280
[  212.680421][T12235]  ? __tcf_block_find+0x11a/0x1a0
[  212.680493][T12235]  tc_new_tfilter+0x5ac/0x10a0
[  212.680513][T12235]  ? __rcu_read_unlock+0x4f/0x70
[  212.680556][T12235]  ? ns_capable+0x7d/0xb0
[  212.680582][T12235]  ? __pfx_tc_new_tfilter+0x10/0x10
[  212.680607][T12235]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  212.680686][T12235]  ? avc_has_perm_noaudit+0x1b1/0x200
[  212.680716][T12235]  netlink_rcv_skb+0x120/0x220
[  212.680755][T12235]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  212.680823][T12235]  rtnetlink_rcv+0x1c/0x30
[  212.680850][T12235]  netlink_unicast+0x5a1/0x670
[  212.680916][T12235]  netlink_sendmsg+0x58b/0x6b0
[  212.680972][T12235]  ? __pfx_netlink_sendmsg+0x10/0x10
[  212.681036][T12235]  __sock_sendmsg+0x142/0x180
[  212.681062][T12235]  ____sys_sendmsg+0x31e/0x4e0
[  212.681088][T12235]  ___sys_sendmsg+0x17b/0x1d0
[  212.681133][T12235]  __x64_sys_sendmsg+0xd4/0x160
[  212.681165][T12235]  x64_sys_call+0x2999/0x2fb0
[  212.681248][T12235]  do_syscall_64+0xd0/0x1a0
[  212.681275][T12235]  ? clear_bhb_loop+0x40/0x90
[  212.681295][T12235]  ? clear_bhb_loop+0x40/0x90
[  212.681315][T12235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.681369][T12235] RIP: 0033:0x7fa056e2e969
[  212.681385][T12235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.681407][T12235] RSP: 002b:00007fa055497038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  212.681430][T12235] RAX: ffffffffffffffda RBX: 00007fa057055fa0 RCX: 00007fa056e2e969
[  212.681448][T12235] RDX: 0000000020000000 RSI: 0000200000006040 RDI: 0000000000000004
[  212.681465][T12235] RBP: 00007fa055497090 R08: 0000000000000000 R09: 0000000000000000
[  212.681479][T12235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.681493][T12235] R13: 0000000000000000 R14: 00007fa057055fa0 R15: 00007ffc199d94e8
[  212.681516][T12235]  </TASK>
[  212.685190][   T29] kauditd_printk_skb: 180 callbacks suppressed
[  212.685208][   T29] audit: type=1326 audit(1747141575.802:25347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12236 comm="syz.6.3038" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc0d0ebe969 code=0x0
[  212.748372][T12238] FAULT_INJECTION: forcing a failure.
[  212.748372][T12238] name failslab, interval 1, probability 0, space 0, times 0
[  212.982717][T12238] CPU: 1 UID: 0 PID: 12238 Comm: syz.6.3038 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  212.982807][T12238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  212.982826][T12238] Call Trace:
[  212.982833][T12238]  <TASK>
[  212.982840][T12238]  __dump_stack+0x1d/0x30
[  212.982903][T12238]  dump_stack_lvl+0xe8/0x140
[  212.982923][T12238]  dump_stack+0x15/0x1b
[  212.982938][T12238]  should_fail_ex+0x265/0x280
[  212.982972][T12238]  should_failslab+0x8c/0xb0
[  212.983097][T12238]  __kmalloc_noprof+0xa5/0x3e0
[  212.983113][T12238]  ? sock_kmalloc+0x85/0xc0
[  212.983195][T12238]  sock_kmalloc+0x85/0xc0
[  212.983213][T12238]  ____sys_sendmsg+0xf8/0x4e0
[  212.983234][T12238]  ___sys_sendmsg+0x17b/0x1d0
[  212.983359][T12238]  __sys_sendmmsg+0x178/0x300
[  212.983388][T12238]  __x64_sys_sendmmsg+0x57/0x70
[  212.983477][T12238]  x64_sys_call+0x2f2f/0x2fb0
[  212.983495][T12238]  do_syscall_64+0xd0/0x1a0
[  212.983517][T12238]  ? clear_bhb_loop+0x40/0x90
[  212.983536][T12238]  ? clear_bhb_loop+0x40/0x90
[  212.983616][T12238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.983634][T12238] RIP: 0033:0x7fc0d0ebe969
[  212.983651][T12238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.983666][T12238] RSP: 002b:00007fc0cf506038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  212.983689][T12238] RAX: ffffffffffffffda RBX: 00007fc0d10e6080 RCX: 00007fc0d0ebe969
[  212.983706][T12238] RDX: 0000000000000001 RSI: 0000200000000bc0 RDI: 0000000000000003
[  212.983721][T12238] RBP: 00007fc0cf506090 R08: 0000000000000000 R09: 0000000000000000
[  212.983775][T12238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.983786][T12238] R13: 0000000000000000 R14: 00007fc0d10e6080 R15: 00007ffe926b4278
[  212.983804][T12238]  </TASK>
[  213.192532][T12242] ALSA: seq fatal error: cannot create timer (-22)
[  213.267633][T12250] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3042'.
[  213.267704][T12249] loop1: detected capacity change from 0 to 256
[  213.325044][T12254] can0: slcan on ttyS3.
[  213.356827][T12254] can0 (unregistered): slcan off ttyS3.
[  213.412860][T12264] loop5: detected capacity change from 0 to 512
[  213.430143][T12264] loop5: detected capacity change from 0 to 1024
[  213.437112][T12264] EXT4-fs: Ignoring removed orlov option
[  213.508027][T12272] netlink: 'syz.1.3050': attribute type 27 has an invalid length.
[  213.536642][   T29] audit: type=1326 audit(1747141576.612:25348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12268 comm="syz.1.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa056e2e969 code=0x7ffc0000
[  213.560454][   T29] audit: type=1326 audit(1747141576.612:25349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12268 comm="syz.1.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa056e2e969 code=0x7ffc0000
[  213.584396][   T29] audit: type=1326 audit(1747141576.612:25350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12268 comm="syz.1.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fa056e2e969 code=0x7ffc0000
[  213.608361][   T29] audit: type=1326 audit(1747141576.612:25351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12268 comm="syz.1.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa056e2e969 code=0x7ffc0000
[  213.632352][   T29] audit: type=1326 audit(1747141576.612:25352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12268 comm="syz.1.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fa056e2e969 code=0x7ffc0000
[  213.656442][   T29] audit: type=1326 audit(1747141576.612:25353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12268 comm="syz.1.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa056e2e969 code=0x7ffc0000
[  213.673440][T12281] sctp: [Deprecated]: syz.1.3050 (pid 12281) Use of int in max_burst socket option.
[  213.673440][T12281] Use struct sctp_assoc_value instead
[  213.680126][   T29] audit: type=1326 audit(1747141576.612:25354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12268 comm="syz.1.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa056e2e969 code=0x7ffc0000
[  213.718307][   T29] audit: type=1326 audit(1747141576.612:25355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12268 comm="syz.1.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa056e2e969 code=0x7ffc0000
[  213.742096][   T29] audit: type=1326 audit(1747141576.612:25356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12268 comm="syz.1.3050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa056e2e969 code=0x7ffc0000
[  213.819364][ T3392] usb usb6-port1: unable to enumerate USB device
[  213.888412][T12288] loop2: detected capacity change from 0 to 256
[  214.013803][T12297] can0: slcan on ttyS3.
[  214.066264][T12297] can0 (unregistered): slcan off ttyS3.
[  214.074143][T12305] loop6: detected capacity change from 0 to 1024
[  214.104499][T12305] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  214.117009][T12305] EXT4-fs (loop6): This should not happen!! Data will be lost
[  214.117009][T12305] 
[  214.126948][T12305] EXT4-fs (loop6): Total free blocks count 0
[  214.133259][T12305] EXT4-fs (loop6): Free/Dirty block details
[  214.139276][T12305] EXT4-fs (loop6): free_blocks=0
[  214.144245][T12305] EXT4-fs (loop6): dirty_blocks=0
[  214.149422][T12305] EXT4-fs (loop6): Block reservation details
[  214.155805][T12305] EXT4-fs (loop6): i_reserved_data_blocks=0
[  214.190653][T12314] loop3: detected capacity change from 0 to 1024
[  214.247022][T12314] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  214.259476][T12314] EXT4-fs (loop3): This should not happen!! Data will be lost
[  214.259476][T12314] 
[  214.269408][T12314] EXT4-fs (loop3): Total free blocks count 0
[  214.275560][T12314] EXT4-fs (loop3): Free/Dirty block details
[  214.281489][T12314] EXT4-fs (loop3): free_blocks=0
[  214.286554][T12314] EXT4-fs (loop3): dirty_blocks=0
[  214.291623][T12314] EXT4-fs (loop3): Block reservation details
[  214.297736][T12314] EXT4-fs (loop3): i_reserved_data_blocks=0
[  214.326465][T12325] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3068'.
[  214.335606][T12325] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3068'.
[  214.361352][T12328] loop3: detected capacity change from 0 to 128
[  214.369446][T12328] EXT4-fs: Ignoring removed nobh option
[  214.372416][T12325] bond2: entered promiscuous mode
[  214.380232][T12325] bond2: entered allmulticast mode
[  214.386713][T12325] 8021q: adding VLAN 0 to HW filter on device bond2
[  214.388620][T12328] ext4 filesystem being mounted at /573/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  214.470391][T12337] can0: slcan on ttyS3.
[  214.546633][T12337] can0 (unregistered): slcan off ttyS3.
[  214.591431][T12348] loop5: detected capacity change from 0 to 1024
[  214.626809][T12348] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  214.639212][T12348] EXT4-fs (loop5): This should not happen!! Data will be lost
[  214.639212][T12348] 
[  214.648946][T12348] EXT4-fs (loop5): Total free blocks count 0
[  214.655091][T12348] EXT4-fs (loop5): Free/Dirty block details
[  214.661096][T12348] EXT4-fs (loop5): free_blocks=0
[  214.666190][T12348] EXT4-fs (loop5): dirty_blocks=0
[  214.671244][T12348] EXT4-fs (loop5): Block reservation details
[  214.677394][T12348] EXT4-fs (loop5): i_reserved_data_blocks=0
[  214.723990][T12362] loop6: detected capacity change from 0 to 1024
[  214.750078][T12366] 
@ÿ: renamed from bond_slave_0
[  214.761395][T12362] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  214.773762][T12362] EXT4-fs (loop6): This should not happen!! Data will be lost
[  214.773762][T12362] 
[  214.783451][T12362] EXT4-fs (loop6): Total free blocks count 0
[  214.785751][T12372] FAULT_INJECTION: forcing a failure.
[  214.785751][T12372] name failslab, interval 1, probability 0, space 0, times 0
[  214.789537][T12362] EXT4-fs (loop6): Free/Dirty block details
[  214.802241][T12372] CPU: 0 UID: 0 PID: 12372 Comm: syz.3.3082 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  214.802272][T12372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  214.802287][T12372] Call Trace:
[  214.802294][T12372]  <TASK>
[  214.802322][T12372]  __dump_stack+0x1d/0x30
[  214.802346][T12372]  dump_stack_lvl+0xe8/0x140
[  214.802366][T12372]  dump_stack+0x15/0x1b
[  214.802387][T12372]  should_fail_ex+0x265/0x280
[  214.802517][T12372]  ? inet_rtm_newaddr+0x32a/0xc30
[  214.802602][T12372]  should_failslab+0x8c/0xb0
[  214.802642][T12372]  __kmalloc_cache_noprof+0x4c/0x320
[  214.802672][T12372]  inet_rtm_newaddr+0x32a/0xc30
[  214.802762][T12372]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  214.802810][T12372]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  214.802844][T12372]  ? avc_has_perm_noaudit+0x1b1/0x200
[  214.802873][T12372]  netlink_rcv_skb+0x120/0x220
[  214.802915][T12372]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  214.803036][T12372]  rtnetlink_rcv+0x1c/0x30
[  214.803065][T12372]  netlink_unicast+0x5a1/0x670
[  214.803105][T12372]  netlink_sendmsg+0x58b/0x6b0
[  214.803156][T12372]  ? __pfx_netlink_sendmsg+0x10/0x10
[  214.803219][T12372]  __sock_sendmsg+0x142/0x180
[  214.803253][T12372]  ____sys_sendmsg+0x31e/0x4e0
[  214.803284][T12372]  ___sys_sendmsg+0x17b/0x1d0
[  214.803378][T12372]  __x64_sys_sendmsg+0xd4/0x160
[  214.803418][T12372]  x64_sys_call+0x2999/0x2fb0
[  214.803446][T12372]  do_syscall_64+0xd0/0x1a0
[  214.803558][T12372]  ? clear_bhb_loop+0x40/0x90
[  214.803586][T12372]  ? clear_bhb_loop+0x40/0x90
[  214.803614][T12372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.803687][T12372] RIP: 0033:0x7fcea8aae969
[  214.803708][T12372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.803775][T12372] RSP: 002b:00007fcea7117038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  214.803810][T12372] RAX: ffffffffffffffda RBX: 00007fcea8cd5fa0 RCX: 00007fcea8aae969
[  214.803827][T12372] RDX: 0000000000044080 RSI: 0000200000000100 RDI: 0000000000000003
[  214.803843][T12372] RBP: 00007fcea7117090 R08: 0000000000000000 R09: 0000000000000000
[  214.803860][T12372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.803890][T12372] R13: 0000000000000000 R14: 00007fcea8cd5fa0 R15: 00007ffcac71a1b8
[  214.803915][T12372]  </TASK>
[  214.956580][T12383] can0: slcan on ttyS3.
[  214.959636][T12362] EXT4-fs (loop6): free_blocks=0
[  214.959656][T12362] EXT4-fs (loop6): dirty_blocks=0
[  214.959667][T12362] EXT4-fs (loop6): Block reservation details
[  214.959678][T12362] EXT4-fs (loop6): i_reserved_data_blocks=0
[  214.973256][T12341] chnl_net:caif_netlink_parms(): no params data found
[  215.080234][T12388] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  215.088637][T12388] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  215.123273][T12390] loop6: detected capacity change from 0 to 1024
[  215.132930][T12390] EXT4-fs: Ignoring removed orlov option
[  215.146097][T12383] can0 (unregistered): slcan off ttyS3.
[  215.190467][T12400] netlink: 'syz.2.3092': attribute type 3 has an invalid length.
[  215.221232][T12341] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.228785][T12341] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.236648][T12341] bridge_slave_0: entered allmulticast mode
[  215.243358][T12341] bridge_slave_0: entered promiscuous mode
[  215.259157][T12341] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.266439][T12341] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.288865][T12341] bridge_slave_1: entered allmulticast mode
[  215.296386][T12341] bridge_slave_1: entered promiscuous mode
[  215.398363][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  215.408171][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  215.417659][   T12] bond0 (unregistering): Released all slaves
[  215.429056][   T12] bond1 (unregistering): Released all slaves
[  215.438630][   T12] bond2 (unregistering): Released all slaves
[  215.473834][T12341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.496637][T12341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  215.509696][   T12] tipc: Left network mode
[  215.548476][T12341] team0: Port device team_slave_0 added
[  215.573061][T12426] bond1: entered promiscuous mode
[  215.578264][T12426] bond1: entered allmulticast mode
[  215.583774][T12426] 8021q: adding VLAN 0 to HW filter on device bond1
[  215.598158][   T12] hsr_slave_0: left promiscuous mode
[  215.604042][   T12] hsr_slave_1: left promiscuous mode
[  215.658966][   T12] team0 (unregistering): Port device team_slave_1 removed
[  215.670637][   T12] team0 (unregistering): Port device team_slave_0 removed
[  215.710651][T12341] team0: Port device team_slave_1 added
[  215.740371][T12341] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.747431][T12341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.773515][T12341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.786347][T12341] batman_adv: batadv0: Adding interface: batadv_slave_1
[  215.793363][T12341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.819371][T12341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.829818][T12437] loop5: detected capacity change from 0 to 256
[  215.865325][T12341] hsr_slave_0: entered promiscuous mode
[  215.871828][T12341] hsr_slave_1: entered promiscuous mode
[  215.878405][T12341] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  215.887175][T12341] Cannot create hsr debugfs directory
[  216.037952][   T12] IPVS: stop unused estimator thread 0...
[  216.161046][T12459] __nla_validate_parse: 5 callbacks suppressed
[  216.161064][T12459] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3113'.
[  216.185098][T12462] loop6: detected capacity change from 0 to 256
[  216.217531][T12466] loop2: detected capacity change from 0 to 1024
[  216.236357][T12468] loop3: detected capacity change from 0 to 512
[  216.242107][T12466] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  216.249784][T12468] loop3: detected capacity change from 0 to 1024
[  216.255155][T12466] EXT4-fs (loop2): This should not happen!! Data will be lost
[  216.255155][T12466] 
[  216.261705][T12468] EXT4-fs: Ignoring removed orlov option
[  216.271130][T12466] EXT4-fs (loop2): Total free blocks count 0
[  216.271150][T12466] EXT4-fs (loop2): Free/Dirty block details
[  216.271165][T12466] EXT4-fs (loop2): free_blocks=0
[  216.271180][T12466] EXT4-fs (loop2): dirty_blocks=0
[  216.271229][T12466] EXT4-fs (loop2): Block reservation details
[  216.305001][T12466] EXT4-fs (loop2): i_reserved_data_blocks=0
[  216.352214][T12468] ==================================================================
[  216.360339][T12468] BUG: KCSAN: data-race in redirty_tail_locked / vfs_fsync_range
[  216.368086][T12468] 
[  216.370425][T12468] read-write to 0xffff8881071f41b8 of 4 bytes by task 12476 on cpu 0:
[  216.378597][T12468]  redirty_tail_locked+0x56/0x280
[  216.383643][T12468]  writeback_single_inode+0x21e/0x3e0
[  216.389068][T12468]  sync_inode_metadata+0x5b/0x90
[  216.394057][T12468]  generic_buffers_fsync_noflush+0xd9/0x120
[  216.399979][T12468]  ext4_sync_file+0x1ab/0x690
[  216.404691][T12468]  vfs_fsync_range+0x10d/0x130
[  216.409485][T12468]  ext4_buffered_write_iter+0x34f/0x3c0
[  216.415178][T12468]  ext4_file_write_iter+0x383/0xf00
[  216.420430][T12468]  iter_file_splice_write+0x5f2/0x970
[  216.425845][T12468]  direct_splice_actor+0x156/0x2a0
[  216.430994][T12468]  splice_direct_to_actor+0x312/0x680
[  216.436405][T12468]  do_splice_direct+0xda/0x150
[  216.441211][T12468]  do_sendfile+0x380/0x640
[  216.445658][T12468]  __x64_sys_sendfile64+0x105/0x150
[  216.450916][T12468]  x64_sys_call+0xb39/0x2fb0
[  216.455541][T12468]  do_syscall_64+0xd0/0x1a0
[  216.460080][T12468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.466000][T12468] 
[  216.468343][T12468] read to 0xffff8881071f41b8 of 4 bytes by task 12468 on cpu 1:
[  216.475997][T12468]  vfs_fsync_range+0x9b/0x130
[  216.480729][T12468]  ext4_buffered_write_iter+0x34f/0x3c0
[  216.486319][T12468]  ext4_file_write_iter+0x383/0xf00
[  216.491555][T12468]  iter_file_splice_write+0x5f2/0x970
[  216.496972][T12468]  direct_splice_actor+0x156/0x2a0
[  216.502128][T12468]  splice_direct_to_actor+0x312/0x680
[  216.507528][T12468]  do_splice_direct+0xda/0x150
[  216.512323][T12468]  do_sendfile+0x380/0x640
[  216.516770][T12468]  __x64_sys_sendfile64+0x105/0x150
[  216.522014][T12468]  x64_sys_call+0xb39/0x2fb0
[  216.526634][T12468]  do_syscall_64+0xd0/0x1a0
[  216.531164][T12468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.537085][T12468] 
[  216.539472][T12468] value changed: 0x0000003a -> 0x00000002
[  216.545217][T12468] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  216.547563][T12468] Reported by Kernel Concurrency Sanitizer on:
[  216.553744][T12468] CPU: 1 UID: 0 PID: 12468 Comm: syz.3.3117 Not tainted 6.15.0-rc6-syzkaller-00047-ge9565e23cd89 #0 PREEMPT(voluntary) 
[  216.566269][T12468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  216.576352][T12468] ==================================================================
[  217.126997][ T2319] bond0 (unregistering): Released all slaves
[  217.135529][ T2319] bond1 (unregistering): Released all slaves
[  217.197066][ T2319] tipc: Left network mode
[  217.219921][ T2319] hsr_slave_0: left promiscuous mode
[  217.225842][ T2319] hsr_slave_1: left promiscuous mode
[  217.530840][ T2319] IPVS: stop unused estimator thread 0...
[  218.008515][ T2319] bridge_slave_1: left allmulticast mode
[  218.014279][ T2319] bridge_slave_1: left promiscuous mode
[  218.020145][ T2319] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.027901][ T2319] bridge_slave_0: left allmulticast mode
[  218.033549][ T2319] bridge_slave_0: left promiscuous mode
[  218.039252][ T2319] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.047265][ T2319] bridge_slave_1: left allmulticast mode
[  218.052913][ T2319] bridge_slave_1: left promiscuous mode
[  218.058738][ T2319] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.066419][ T2319] bridge_slave_0: left allmulticast mode
[  218.072063][ T2319] bridge_slave_0: left promiscuous mode
[  218.077765][ T2319] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.246976][ T2319] bond0 (unregistering): Released all slaves
[  218.255412][ T2319] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  218.265083][ T2319] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  218.274379][ T2319] bond0 (unregistering): Released all slaves
[  218.283160][ T2319] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  218.292503][ T2319] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  218.301614][ T2319] bond0 (unregistering): Released all slaves
[  218.337691][ T2319] tipc: Left network mode
[  218.390979][ T2319] hsr_slave_0: left promiscuous mode
[  218.397705][ T2319] hsr_slave_1: left promiscuous mode
[  218.404951][ T2319] hsr_slave_0: left promiscuous mode
[  218.411031][ T2319] hsr_slave_1: left promiscuous mode
[  218.416903][ T2319] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.424564][ T2319] batman_adv: batadv0: Removing interface: batadv_slave_1
[  218.433972][ T2319] hsr_slave_0: left promiscuous mode
[  218.440170][ T2319] hsr_slave_1: left promiscuous mode
[  218.445855][ T2319] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.453379][ T2319] batman_adv: batadv0: Removing interface: batadv_slave_1
[  218.488578][  T172] smc: removing ib device syz!
[  218.533561][ T2319] team0 (unregistering): Port device team_slave_1 removed
[  218.543491][ T2319] team0 (unregistering): Port device team_slave_0 removed
[  218.596561][ T2319] team0 (unregistering): Port device team_slave_1 removed
[  218.606408][ T2319] team0 (unregistering): Port device team_slave_0 removed
[  219.153330][ T2319] IPVS: stop unused estimator thread 0...
[  219.398571][ T2319] bridge_slave_1: left allmulticast mode
[  219.404242][ T2319] bridge_slave_1: left promiscuous mode
[  219.409945][ T2319] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.417550][ T2319] bridge_slave_0: left allmulticast mode
[  219.423283][ T2319] bridge_slave_0: left promiscuous mode
[  219.428946][ T2319] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.478316][ T2319] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  219.487817][ T2319] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  219.496968][ T2319] bond0 (unregistering): (slave team0): Releasing backup interface
[  219.505363][ T2319] bond0 (unregistering): Released all slaves
[  219.556983][ T2319] tipc: Left network mode
[  219.563553][ T2319] hsr_slave_0: left promiscuous mode
[  219.569258][ T2319] hsr_slave_1: left promiscuous mode
[  219.574867][ T2319] batman_adv: batadv0: Removing interface: batadv_slave_0
[  219.582412][ T2319] batman_adv: batadv0: Removing interface: batadv_slave_1
[  219.613556][ T2319] team0 (unregistering): Port device team_slave_1 removed
[  219.623415][ T2319] team0 (unregistering): Port device team_slave_0 removed