last executing test programs:

2m7.94066034s ago: executing program 1 (id=172):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000, @void, @value}, 0x94)
r1 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(r1, &(0x7f00000001c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xfffa, 0xfff3}, {}, {0x10, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_IPV6_DST={0x14, 0x10, @ipv4={'\x00', '\xff\xff', @remote}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffeed)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x18)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
pwritev(r6, 0x0, 0x0, 0x10001, 0x3)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r8}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="18000000", @ANYRES16=r10, @ANYBLOB="090300ff0300000000400d00000004000180"], 0x18}}, 0x0)
mknod(&(0x7f0000002800)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8000, 0x10001)
ioctl$PIO_UNIMAPCLR(r6, 0x4b68, 0x0)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r11, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/211, 0xffffffffffffffca}], 0x1)
socket$kcm(0x2, 0xa, 0x2)

2m7.719635687s ago: executing program 1 (id=176):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000f8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b1"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x9135}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000780)=ANY=[@ANYBLOB="48000000100003050000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000300000100c28000050003"], 0x48}, 0x1, 0x0, 0x0, 0x8040}, 0x0)

2m7.649426082s ago: executing program 1 (id=178):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}}, 0x0) (async, rerun: 32)
r1 = socket(0x2, 0x80805, 0x0) (async, rerun: 32)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000040000000000000000000100000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021800000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000005400038050000080080003400000000244000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000030c00024000000000000000101400018009000100"], 0x104}}, 0x40000)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000280)='tlb_flush\x00', r5}, 0x10) (async)
syz_clone(0x0, 0x0, 0x4, 0x0, 0x0, 0x0) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r6, &(0x7f0000000400)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000003c0)={&(0x7f00000004c0)={0xfc, 0x17, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0xa4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'tunl0\x00'}, {0x14, 0x1, 'ip6gre0\x00'}, {0x14, 0x1, 'veth1_to_hsr\x00'}, {0x14, 0x1, 'vlan1\x00'}, {0x14, 0x1, 'tunl0\x00'}, {0x14, 0x1, 'macvtap0\x00'}, {0x14, 0x1, 'ipvlan1\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xf6ed}]}]}, 0xfc}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 64)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r7, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x8090) (async)
sendmmsg$inet(r1, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000040)='Q', 0x1}], 0x1, 0x0, 0x0, 0xf000000}, 0x20000000}, {{&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, 0x0}}], 0x2, 0x0)

2m7.594743486s ago: executing program 1 (id=180):
r0 = syz_clone(0x8200, &(0x7f0000000400)="ff6ac930f20a01101f42f0aee205209f2403f914ad3f56089e9e25d5bd167f3102d11c8d53511cb53c248818d7dab6748306d1dbf2dab3e58808bfb81a7ce8788e0e8fc4b7271a5373685b0fc42546ccdb2e99fd340be657b336be4c45dcaa212429bfef6ad7adfa49e6b06802db1f7cf37bce332e83e1c230c6ef121163057244a4fbe0216308b9dd0bb2a7362a823992ad89a91a5b8cd52e784511485156eb76163a8074212920b54d27e7cbd4f71fa983a2452f23d5ba18d2d37698e88f52a6e0fc6445", 0xc5, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)="06b9fa18763cc64a57ea188582e9d74afc2811d6068e848950954ef706e46070814789ca83948443387287241ac65d09d9dfe79a49d01a5ff12a421688eda0e4523f29e35366ed66cbaa8f592396e9d7b8a7944debe2e867e3c47d8701b3f405019ed5d754a4a463c1a49999dd1258b9d09f6d")
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0xb, &(0x7f0000000040)=0x14, 0x4)
sendmsg$netlink(r1, &(0x7f0000002b40)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000640)=ANY=[@ANYBLOB="14000000ac00230700b0ebe74563f200"/35], 0x14}], 0x1}, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000540)={0x0, r1}, 0x8)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX], &(0x7f0000000040)='GPL\x00', 0x8000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000240)='kfree\x00', r3}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
msgctl$IPC_SET(0x0, 0x1, 0x0)
mkdir(0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ff0000ff00000000000000000d0001007564703a73797e3200000000"], 0x54}}, 0x0)
r8 = syz_open_dev$vcsu(&(0x7f0000000500), 0x5d2f, 0x3d1000)
ioctl$MON_IOCH_MFLUSH(r8, 0x9208, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a8001600a40002400f000100035c0461c1d67f6f94007134cf6edb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x0, &(0x7f00000002c0)={[{@orlov}, {@noload}, {@noblock_validity}, {@norecovery}, {@block_validity}, {@nomblk_io_submit}]}, 0x1, 0x55a, &(0x7f0000001100)="$eJzs3dFrJHcdAPDvTHbvcnep2aoPtWAttnJX9TaXxmuDD1VB9KmgVnwSzphsQrhN9kg27SUcNsVXQRDRgi/65IvgH1CQvvjmgwiF+i4qitScPijUjszu7DXZ7CYRdzNt8vnA3MxvZna+3++G/e3MztxMAOfW4xFxLSImIuKpiJgu5qfFELvdIV/v/t69xXxIIsteeCuJpJjX29bFYnyleNlkRHztyxHfTg7H3dzeuV3Z155pryVvZ9nO9dW1hZXGSmN9bm72mfln52/O3xhJnbWIeO6Lf/7R93/+ped+9emX/nDrr9e+k6f17yx7OR7UMZpY+3VLr3bei5687o2RRypPpVNh182ScwEA4Gj5/v4HI+Ljnf3/6ZiIStkpAQAAACOWfW4q3k4iMgAAAODMSiNiKpK0XlzvO1VcsXolIj4cl9Nma7P9qeXW1vpSviyiFtV0ebXZuBGTnWsHalFN8vZscY1tr/10X3suIh6OiB9OX+q064ut5lLZP34AAADAOXGl7/j/n9NpWq8XC3dLTg4AAAAYnVrZCQAAAABj5/gfAAAAzr5aNuAJXYel488EAAAAGIOvPP98PmS953gvvbi9dbv14vWlxubt+trWYn2xtXGnvtJqrXTu2bd23Paardadz8T61t2ZdmOzPbO5vXNrrbW13r61euAR2AAAAMApevhjr/8+iYjdz17qDLkLxbJqRDaxf+VKGRkC4/I/XdPzp/HlAZy+/d/vl0rMAzh9dunh/KqWnQBQuuP+A9DQi3d+O/pcAACA8bj6keHn/99aLjU1YMyK8//JiW4AApwpE2UnAJSme/7vnayr7GyA01Q9ag/AQQGceelozv8fcylhokMBAICSTXWGJK0XxwFTkab1esRDnccCVpPl1WbjRkR8IF6LN6erF/P2bOeVib15AAAAAAAAAAAAAAAAAAAAAAAAADihLEsiAwAAAM60iPQvvSdzXZ1+cqr/94ELyb+mO+OIeOknL/z47kK7vTGbz//7g/ntV4v5T5fxCwYAAADQr3ec3juOBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBRur93b/F+lmXZ3r3F04z7ty9ERK2IXwzdJZWY7IwnoxoRl/+RRGXf65KImBhB/N1XIuKRTvw0IvbFT/K0olZkcSD+hYh85Uujih+D6j8ifnTjXxlBfDjPXs/7n88P+vyl8XhnPPjzVymG/9fw/i990P9NDOn/Hhq20erB5qNv/HJmaPxXIh6tDO5/evGTfHsD4j9xwhq/9fWdnWHLsp9FXB3U/yUHY8201+7MbG7vXF9dW1hprDTW5+Zmn5l/dv7m/I2Z5dVmo/h3YIwffPS1d95t/edQ/ZeP6H879Q95/588rvCLxfiNu3sf6k71/WWiGj/NsmtPDP77P5KPPnk4fu+77xPF90Dezt/D9NVvDEzjsV/87rFhKeb1Lw2pf7Kv/ot99V87rv7CU1/97h9PuCoAcAo2t3duLzSbjY3388RviiPx0W05au+Fut7DE/l+Z+lpJJFEPvHmgUUL5SfWnXi5+IwtNHufthO8qhLHr/Pr4uBonMmX0RkBAABj9e5Of9+CtKSEAAAAAAAAAAAAAAAAAAAA4Bw69jZgwxalB+63983vHXE3sv6Yu+WUCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwpP8GAAD//4Ydzk8=")
chroot(&(0x7f0000000000)='./file2\x00')
mount$9p_fd(0x0, &(0x7f0000000680)='./file2\x00', 0x0, 0x2214850, 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='flush,nocase,discard,dots,fmask=00000000000000000000177,dots,nodots,nodots,dots,\x00', @ANYRESHEX=r0, @ANYRES16=r0, @ANYRESOCT=0x0, @ANYRES32=0x0], 0x1, 0x140, &(0x7f00000002c0)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)

2m7.158324239s ago: executing program 1 (id=189):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x25, 0x801, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
rt_sigaction(0x2a, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x20075, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xed, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
acct(0x0)

2m4.036608689s ago: executing program 1 (id=253):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x5}, 0x18)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="e90c630faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x3, 0x2, 0x0, @val=0x80}}}}}}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0xffff, 0x8}}}}}, 0x0)

2m4.0269245s ago: executing program 32 (id=253):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x5}, 0x18)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="e90c630faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x3, 0x2, 0x0, @val=0x80}}}}}}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0xffff, 0x8}}}}}, 0x0)

1m56.964615752s ago: executing program 4 (id=370):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080006110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0be2566c43d72918a8a9323fd0723043c47c896ce0bce66a245ad99b817fd98cd824498949714ffaac8a6f77ef26dcca5d82054d54d53cd2b6db714e4b94bdae214fa68a0557eb2c5ca683a4b6fcfcffffffffffffffd442017cfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beac671e8e8fdecb035868a623fa71f871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae991e7f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef8a4fed5c9455640dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d76ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6e257343c1a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabba3c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f3878b1e11316d8ddae1c6c3b8faaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080021000000000090ee7ba4a70a084bd994ac5e00000000000000000000000000351a30cdf57a3d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd68a34e286991f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf6433f76d5af45155536a1a44bfcbfbfd232af000052f9002a5876ed24609d478b4d99ca8bf44b852fed1f3a7f00836d"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1, 0x1, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'team0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r3}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0)

1m56.911377796s ago: executing program 4 (id=372):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a320000000014000480080001400000000008000240000000002c000000030a03"], 0xb4}}, 0x0)

1m56.667106274s ago: executing program 4 (id=374):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000008178005dbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103700000000001d400200000000004704000001ed00000f030000000000001d440000000000006b0a02fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea01d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a07f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a126a1bdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0d5d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c2495bb315629ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d00b07862c4fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515dca8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815bc13b9fd336d204c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c30a0ee14afdf1435f6821d158359fefc3d555e840badcb0223bc13282abf31e5480af779b24f011bfdc802e8ca9f6ca38697c901fe115d7ad4e98a2df658c3867acb2f5b372fbbd84c095ead7da0b541364741e0bbaf9bb23147acf0284cb8ee6a535b934126287829a921c52bd78944a519335521b1d8bed758d48f185f122f143e834783e2690535110eb697a8c031c01becf5f2361bc6045fa2d7c569b3f5e5f320dabf519f186e41c058ef8b6afa478b1cce357c15f9f9a698d3d7fe6f92bd6acc54be14909a17980b4ff8fbe4c5961ec7ce2f19183a6cf42c4c64ad60329e89e8bdb285fb590f2c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x44858d35}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1m56.535911064s ago: executing program 4 (id=376):
socket$inet_udp(0x2, 0x2, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x0, 0x1}, 0x104000, 0x0, 0x0, 0x4}, 0x0, 0x6, 0xffffffffffffffff, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
socket$kcm(0x2, 0x2, 0x73)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/file0\x00', 0xd0939199c36b4d28)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x20081e, &(0x7f00000002c0)={[{@nodelalloc}, {@nobarrier}, {@auto_da_alloc}, {@nomblk_io_submit}, {@bsdgroups}]}, 0x1, 0x4f4, &(0x7f0000001180)="$eJzs3U1vG1sZAODXzpeTm3uTW7oABLSUQkFVncRto6oLKCuEUCVElyC1IXGjKHYcxU5pQhfpf0CiEitY8gNYd8WeDYIdm7JA4iMCNZVYGM14kpo0bkKT2CF+Hmk0c+Y4fs+pNefYr+s5AfStyxGxFRHDEfEoIiay87lsi3utLXnc6+1n8zvbz+Zz0Ww++HsurU/ORdvfJD7KnrMQET/4TsSPc+/GrW9sLs9VKuW1VnF0qlFdnapvbN5Yqs4tlhfLK6XS7Mzs9J2bt0sn1tdL1eHs6Iuvfrf1jZ8mzRrPzrT34yS1uj60FycxGBHfO41gPTCQ9We41w3hg+Qj4kJEXEmv/4kYSF9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXDuxhj+Uqt3rj+uLa+stDKlU3GUP7xUqU8neUKJ2Mol5Rn0uO35dK+8s2I+DQifjYympaL87XKQi/f+ABAH/to3/z/r5HW/A8AnHOFXjcAAOg68z8A9B/zPwD0H/M/APQf8z8A9B/zPwD0n8Pm/wPu3wkA/P/6/v37ydbcye5/vfBkY3259uTGQrm+XKyuzxfna2urxcVabTG9Z0/1sOer1GqrM7di/enkN1frjan6xubDam19pfEwva/3w/JQV3oFALzPp5de/jH5eL91dzTdom0tB3M1nG/5XjcA6JmBXjcA6BmrfUH/OsZnfOkBOCcO+y8+hYgY3X+y2Ww2T69JwCm79jn5f+hXbfl/vwKCPiP/D/1L/h/6V7OZO+qa/3HUBwIAZ5scP9Dh+/8L2f7X2ZcDP1rY/4gXp9kqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONt21/8tZmuBj0c+XyxGfBwRkzGUe7xUKU9HxCcR8YeRoZGkPNPjNgMAx5X/Sy5b/+vaxNXx/bXDuTcj6T4ifvKLBz9/OtdorP0+Of+PvfONF9n5Ui/aDwAcZneeTvdtH+Rfbz+b39262Z6/fjsiCq34O9vDsbMXfzAG030hhiJi7J+5rNySa8tdHMfW84j47EH9z8V4mgNprXy6P34S++Ouxs//V/x8WtfaJ/8WnzmBtkC/eZmMP/cOuv7ycTndH3z9F9IR6viy8S95qvmddAx8G393/BvoMP5dPmqMW7/9buto9N265xGfH4zYjb3TNv7sxs91iH/1iPH/9IUvXelU1/xlxLU4OH57rKlGdXWqvrF5Y6k6t1heLK+USrMzs9N3bt4uTaU56qnOs8Hf7l7/pFNd0v+xDvELh/T/q0fs/6/+/eiHX35P/K9/5aD4+bj4nvjJnPi1I8afG/tNoVNdEn+hQ/8Pe/2vHzH+qz9vvrNsOADQO/WNzeW5SqW81s2D3TcSXQ3q4BwctBIeibPRnvaDb3Ur1nD8T3/VbH5QrE4jxklk3YCzYO+ij4g3vW4MAAAAAAAAAAAAAABwoG78YqnXfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD8+k8AAAD//2CSzDE=")
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000092c0), 0x4ff, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000f4)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r4 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0xa, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "9300e6d6a89ef30bea2a0092000010000000aff571ec3199bde400"})
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$get_security(0x11, r5, &(0x7f0000006000)=""/29, 0x1d)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup(r6, &(0x7f0000001e40)='syz0\x00', 0x1ff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

1m56.060819159s ago: executing program 4 (id=380):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000f8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x9135}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000780)=ANY=[@ANYBLOB="48000000100003050000000000bbd72242000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000300000100c28000050003"], 0x48}, 0x1, 0x0, 0x0, 0x8040}, 0x0)

1m55.77776293s ago: executing program 4 (id=384):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a320000000014000480080001400000000008000240000000002c000000030a03"], 0xb4}}, 0x0)

1m55.753799182s ago: executing program 33 (id=384):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a320000000014000480080001400000000008000240000000002c000000030a03"], 0xb4}}, 0x0)

3.689732407s ago: executing program 5 (id=3107):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x845, &(0x7f0000000600)=ANY=[@ANYBLOB='discard,shortname=winnt,quiet,shortname=winnt,utf8=1,uni_xlate=0,shortname=win95\x00\x00mask=00000000000000000000006,allot_utime=00000000000000000000007,\x00'], 0x0, 0x274, &(0x7f0000000280)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff38, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')

3.64972292s ago: executing program 5 (id=3110):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

3.232590971s ago: executing program 2 (id=3122):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x25, 0x801, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
rt_sigaction(0x2a, 0x0, 0x0, 0x8, &(0x7f00000003c0))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x20075, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xed, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
acct(0x0)

3.161216316s ago: executing program 6 (id=3124):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f0000000380)={0xc, 0x8, 0xfa00, {0x0}}, 0x10)

2.226829195s ago: executing program 2 (id=3128):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0)

2.226485635s ago: executing program 3 (id=3129):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
clock_adjtime(0x4, &(0x7f0000000700)={0x100000000006500, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x240e, 0x0, 0x3, 0xfffffffffffffffe, 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x1})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f00000003c0)={0x0, "1d25eb7c7676a1fc56752dac83d9625071640ba1cf55777e6f646ce186c9e23b475ae5857448e9d5258fb9e86c05a87e0ec4254227171c3f46a677aef73b89d6", 0x1a}, 0x48, r2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x8, 0x3, 0x2e0, 0x100, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x210, 0xffffffff, 0xffffffff, 0x210, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev, [], [], 'batadv0\x00', 'wg1\x00', {}, {}, 0x6}, 0x0, 0xd8, 0x100, 0x0, {0x0, 0x4c00}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x340)
r3 = socket$inet(0x2, 0x80001, 0x84)
bind$inet(r3, &(0x7f0000000180)={0x2, 0x4e20, @loopback}, 0x10)
listen(r3, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x57, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000a40), 0x4}, 0x1206c, 0x80, 0x7, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000480)='pagemap\x00')
preadv(r5, &(0x7f0000000640)=[{&(0x7f0000000b00)=""/152, 0x98}], 0x1, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, 0x0, &(0x7f0000000a00)=0xfd86)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F', 0x0)
write$binfmt_misc(r6, &(0x7f0000000180)="e502", 0x2)
execveat(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
iopl(0xf9)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0x1}, &(0x7f00000001c0), &(0x7f0000000200)=r0}, 0x20)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000003c0)=@o_path={&(0x7f0000000380)='./file0\x00', 0x0, 0x0, r6}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{}, &(0x7f0000000340), &(0x7f00000009c0)=r0}, 0x20)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)=ANY=[@ANYBLOB="44000000020605000000000000000000000000000c000300686173683a69700005000400000000000900020073797a310000000005000500021100000500010006000000"], 0x44}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

2.226361925s ago: executing program 6 (id=3130):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0)

2.011163962s ago: executing program 6 (id=3131):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r3)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000000)={0x43}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000001540)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000180)={<r5=>0x0, 0x6}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000280)={r5, 0x100, 0x2, [0x40, 0x853f]}, &(0x7f00000002c0)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r6=>0x0})
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r8=>0x0})
r9 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r9, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r9, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r8, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r7, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0)
sendmsg$can_bcm(r9, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r6, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={r6, @broadcast, @loopback}, 0xc)
r10 = openat$cgroup_int(r1, &(0x7f0000000200)='cgroup.clone_children\x00', 0x2, 0x0)
r11 = openat$cgroup_ro(r1, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
sendfile(r10, r11, 0x0, 0x38)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r0}, 0x8)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018113c04", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000030000009500000000000000"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r13 = socket$can_j1939(0x1d, 0x2, 0x7)
fsetxattr$trusted_overlay_nlink(r13, &(0x7f0000000140), &(0x7f0000000400)={'U-', 0x3}, 0x16, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0x10)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[], 0x0)

2.010457851s ago: executing program 3 (id=3132):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x845, &(0x7f0000000600)=ANY=[@ANYBLOB='discard,shortname=winnt,quiet,shortname=winnt,utf8=1,uni_xlate=0,shortname=win95\x00\x00mask=00000000000000000000006,allot_utime=00000000000000000000007,\x00'], 0x0, 0x274, &(0x7f0000000280)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff38, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')

1.977369234s ago: executing program 2 (id=3133):
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1a, 0x0, 0x0)
lsm_get_self_attr(0x67, 0x0, 0x0, 0x0)
r0 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=<r2=>r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0x700, 0x12)
fcntl$setlease(r0, 0x400, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000700)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)

1.975863054s ago: executing program 3 (id=3134):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a011e00000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000025800000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000005400038050000080080003400000000244000b802c0001800a0001"], 0x104}}, 0x0)

1.954289166s ago: executing program 2 (id=3135):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b405000000000000611034000000000063092c00000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x52)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, 0x0, &(0x7f00000002c0))
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = gettid()
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r2 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r3}, 0x10)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f00000080c0)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = timerfd_create(0x0, 0x0)
read(r4, &(0x7f0000000380)=""/189, 0x8)
clock_gettime(0x0, &(0x7f0000000840))
epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x29})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f00000002c0)={[{@errors_continue}, {@usrquota}, {@noload}, {@dioread_lock}, {@nobarrier}, {@lazytime}]}, 0xfe, 0x479, &(0x7f00000004c0)="$eJzs3EtvG1UbAOB3HCdNeku/fuHS0EKgICIuSZNe6IINCCQWIJBgUcQqOGkV6jaoCRKtIggsghALVIk9YonEL2AFGwSskNjCH6iEUDYtrIzGnkkT1w65OHGKn0ea9pyZcc/7zsyxz5yxG0DHGkr/SCL2R8RvEdEfEcX6HYZqf91ami/9tTRfSqJSef3PJH1Z3FyaL2X/RHVJ7autqFSy+p4G7S6+FTFRLk9dyeqjc5feHZ29eu3p6UsTF6YuTF0eP3v21MljPWfGT7ckzzSvm4MfzBw98tKb118pnbv+9k/fpPHuz7bnebTSUO3oNvRYqxtrswMrykmxjYGwIQey/t5d7f/90RV9y9v648WP2xocsK0qlUql0edzZqEC/Icl0e4IgPbIP+jT+9982aGhx67wx3O1G6A071vZUttSjEK2T3fd/W0r9UbEuYW/v0yX2KZ5CACAlb5Lxz9PNRr/FeLeFfsdzJ6hHIqI/0XE4Yj4f0QMRMQ9EdV974uI+zfYfv0TkjvHP4Ubm0psndLx37PZs63V47989BeHurLagWr+3cn56fLUieyYDEf3nrQ+tuolq33/wq+f16/7LJtmH1ox/kuXtP18LJjFcaNYN0E3OTE30ZLk0/w/ihgsNso/WX4OmETEkYgY3GQb0098fbTZtn/Pfw0teM5U+Sri8dr5X4i6/HNJ0+eTY8+cGT892hvlqROj+VVxp59/WXytWftbyr8F0vO/t+H1X8s/vUdMeiNmr167WH1eO7vxNhZ//6SUNNk2sMnrvyd5o1ruyda9PzE3d2Usoid5Oa32rVo/fvu1eT3fP81/+Hjj/n+4dntWPRIPRER6ER+LiAcj4qHs3D0cEY9ExPE18v/x+Uffabat+flfY1a+hdL8J9c4/+lbXlq6ff43Xui6+MO3zdqvrOv8n6qWhrM163n/W2+AWzl2AAAAcLcoVL8DnxRGlsuFwshI7Tv8A7G3UJ6ZnXvy/Mx7lydr35U/FN2FfKarf8V86Fg2N5zXx+vqJ7N54y+6+qr1kdJMebLdyUOH29ek/0fEwb1d7Y4O2HZ+rwWdS/+HzqX/Q+fS/6Fzbb7/97U0DmCH9TRe/eFOxwG0xcY//3u3JQ5g57n/h86l/0Pn0v+hIzX9bXxhSz/5v1sLxd0RRsNC3+4IIy9EYVeE0brCq5/WusRuiScvFNf9n1lssrCn4aZ2vzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0xj8BAAD//wN/5bI=")

1.767738539s ago: executing program 3 (id=3136):
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1a, 0x0, 0x0)
lsm_get_self_attr(0x67, 0x0, 0x0, 0x0)
r0 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0x700, 0x12)
fcntl$setlease(r0, 0x400, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')

1.748308331s ago: executing program 3 (id=3138):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f0000000380)={0xc, 0x8, 0xfa00, {0x0}}, 0x10)

1.150954634s ago: executing program 6 (id=3139):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xe8}}, 0x0)

1.08000159s ago: executing program 6 (id=3140):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0)

1.07912132s ago: executing program 2 (id=3149):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b405000000000000611034000000000063092c00000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x52)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, 0x0, &(0x7f00000002c0))
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = gettid()
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r2 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r3}, 0x10)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f00000080c0)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = timerfd_create(0x0, 0x0)
read(r4, &(0x7f0000000380)=""/189, 0x8)
clock_gettime(0x0, &(0x7f0000000840))
epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x29})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f00000002c0)={[{@errors_continue}, {@usrquota}, {@noload}, {@dioread_lock}, {@nobarrier}, {@lazytime}]}, 0xfe, 0x479, &(0x7f00000004c0)="$eJzs3EtvG1UbAOB3HCdNeku/fuHS0EKgICIuSZNe6IINCCQWIJBgUcQqOGkV6jaoCRKtIggsghALVIk9YonEL2AFGwSskNjCH6iEUDYtrIzGnkkT1w65OHGKn0ea9pyZcc/7zsyxz5yxG0DHGkr/SCL2R8RvEdEfEcX6HYZqf91ami/9tTRfSqJSef3PJH1Z3FyaL2X/RHVJ7autqFSy+p4G7S6+FTFRLk9dyeqjc5feHZ29eu3p6UsTF6YuTF0eP3v21MljPWfGT7ckzzSvm4MfzBw98tKb118pnbv+9k/fpPHuz7bnebTSUO3oNvRYqxtrswMrykmxjYGwIQey/t5d7f/90RV9y9v648WP2xocsK0qlUql0edzZqEC/Icl0e4IgPbIP+jT+9982aGhx67wx3O1G6A071vZUttSjEK2T3fd/W0r9UbEuYW/v0yX2KZ5CACAlb5Lxz9PNRr/FeLeFfsdzJ6hHIqI/0XE4Yj4f0QMRMQ9EdV974uI+zfYfv0TkjvHP4Ubm0psndLx37PZs63V47989BeHurLagWr+3cn56fLUieyYDEf3nrQ+tuolq33/wq+f16/7LJtmH1ox/kuXtP18LJjFcaNYN0E3OTE30ZLk0/w/ihgsNso/WX4OmETEkYgY3GQb0098fbTZtn/Pfw0teM5U+Sri8dr5X4i6/HNJ0+eTY8+cGT892hvlqROj+VVxp59/WXytWftbyr8F0vO/t+H1X8s/vUdMeiNmr167WH1eO7vxNhZ//6SUNNk2sMnrvyd5o1ruyda9PzE3d2Usoid5Oa32rVo/fvu1eT3fP81/+Hjj/n+4dntWPRIPRER6ER+LiAcj4qHs3D0cEY9ExPE18v/x+Uffabat+flfY1a+hdL8J9c4/+lbXlq6ff43Xui6+MO3zdqvrOv8n6qWhrM163n/W2+AWzl2AAAAcLcoVL8DnxRGlsuFwshI7Tv8A7G3UJ6ZnXvy/Mx7lydr35U/FN2FfKarf8V86Fg2N5zXx+vqJ7N54y+6+qr1kdJMebLdyUOH29ek/0fEwb1d7Y4O2HZ+rwWdS/+HzqX/Q+fS/6Fzbb7/97U0DmCH9TRe/eFOxwG0xcY//3u3JQ5g57n/h86l/0Pn0v+hIzX9bXxhSz/5v1sLxd0RRsNC3+4IIy9EYVeE0brCq5/WusRuiScvFNf9n1lssrCn4aZ2vzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0xj8BAAD//wN/5bI=")

743.481785ms ago: executing program 5 (id=3116):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002f00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xb, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r3, 0x5, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r5}, 0x18)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

743.004615ms ago: executing program 3 (id=3151):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f0000000380)={0xc, 0x8, 0xfa00, {0x0}}, 0x10)

725.989256ms ago: executing program 6 (id=3153):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x25, 0x801, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
rt_sigaction(0x2a, 0x0, 0x0, 0x8, &(0x7f00000003c0))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x20075, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xed, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
acct(0x0)

219.786884ms ago: executing program 2 (id=3142):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f0000000380)={0xc, 0x8, 0xfa00, {0x0}}, 0x10)

218.540544ms ago: executing program 5 (id=3143):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0)

155.584838ms ago: executing program 0 (id=3144):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x845, &(0x7f0000000600)=ANY=[@ANYBLOB='discard,shortname=winnt,quiet,shortname=winnt,utf8=1,uni_xlate=0,shortname=win95\x00\x00mask=00000000000000000000006,allot_utime=00000000000000000000007,\x00'], 0x0, 0x274, &(0x7f0000000280)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff38, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0}, 0x0, &(0x7f00000006c0)='%-010d \x00'}, 0x20)
mq_unlink(&(0x7f0000000340)='eth0\x00')

125.66332ms ago: executing program 0 (id=3145):
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1a, 0x0, 0x0)
lsm_get_self_attr(0x67, 0x0, 0x0, 0x0)
r0 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=<r2=>r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0x700, 0x12)
fcntl$setlease(r0, 0x400, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000700)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)

103.925612ms ago: executing program 5 (id=3146):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a011e00000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000025800000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000005400038050000080080003400000000244000b802c0001800a0001"], 0x104}}, 0x0)

99.157613ms ago: executing program 0 (id=3147):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x0)

31.553238ms ago: executing program 0 (id=3148):
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1a, 0x0, 0x0)
lsm_get_self_attr(0x67, 0x0, 0x0, 0x0)
r0 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0x700, 0x12)
fcntl$setlease(r0, 0x400, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')

31.245427ms ago: executing program 0 (id=3150):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xe8}}, 0x0)

25.486858ms ago: executing program 5 (id=3152):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r3)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000000)={0x43}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000001540)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000180)={<r5=>0x0, 0x6}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000280)={r5, 0x100, 0x2, [0x40, 0x853f]}, &(0x7f00000002c0)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r6=>0x0})
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r8=>0x0})
r9 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r9, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r9, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r8, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r7, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0)
sendmsg$can_bcm(r9, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r6, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={r6, @broadcast, @loopback}, 0xc)
r10 = openat$cgroup_int(r1, &(0x7f0000000200)='cgroup.clone_children\x00', 0x2, 0x0)
r11 = openat$cgroup_ro(r1, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
sendfile(r10, r11, 0x0, 0x38)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r0}, 0x8)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018113c04", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000030000009500000000000000"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r13 = socket$can_j1939(0x1d, 0x2, 0x7)
fsetxattr$trusted_overlay_nlink(r13, &(0x7f0000000140), &(0x7f0000000400)={'U-', 0x3}, 0x16, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0x10)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[], 0x0)

0s ago: executing program 0 (id=3154):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x48}}, 0x0)

kernel console output (not intermixed with test programs):

[  135.264551][ T9669] R10: 00004000000004c0 R11: 0000000000000246 R12: 0000000000000001
[  135.264566][ T9669] R13: 0000000000000000 R14: 00007f0b499a5fa0 R15: 00007fffaf114e38
[  135.264588][ T9669]  </TASK>
[  135.476142][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.532745][ T9672] loop0: detected capacity change from 0 to 512
[  135.541315][ T9672] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  135.575895][   T29] kauditd_printk_skb: 230 callbacks suppressed
[  135.575911][   T29] audit: type=1326 audit(1739044558.904:20719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9673 comm="syz.2.2496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff608aecde9 code=0x7ffc0000
[  135.633208][   T29] audit: type=1326 audit(1739044558.934:20720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9673 comm="syz.2.2496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff608aecde9 code=0x7ffc0000
[  135.656854][   T29] audit: type=1326 audit(1739044558.934:20721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9673 comm="syz.2.2496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7ff608aecde9 code=0x7ffc0000
[  135.680460][   T29] audit: type=1326 audit(1739044558.934:20722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9673 comm="syz.2.2496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff608aecde9 code=0x7ffc0000
[  135.704036][   T29] audit: type=1326 audit(1739044558.934:20723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9673 comm="syz.2.2496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff608aecde9 code=0x7ffc0000
[  135.727669][   T29] audit: type=1326 audit(1739044558.934:20724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9673 comm="syz.2.2496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff608aecde9 code=0x7ffc0000
[  135.751259][   T29] audit: type=1326 audit(1739044558.934:20725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9673 comm="syz.2.2496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff608aecde9 code=0x7ffc0000
[  135.774786][   T29] audit: type=1326 audit(1739044558.934:20726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9673 comm="syz.2.2496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff608aecde9 code=0x7ffc0000
[  135.798404][   T29] audit: type=1326 audit(1739044558.934:20727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9673 comm="syz.2.2496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff608aecde9 code=0x7ffc0000
[  135.821923][   T29] audit: type=1326 audit(1739044558.934:20728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9673 comm="syz.2.2496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff608aecde9 code=0x7ffc0000
[  135.846552][ T9672] EXT4-fs (loop0): 1 truncate cleaned up
[  135.852817][ T9672] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.879817][ T9683] loop3: detected capacity change from 0 to 128
[  135.926101][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.971020][ T9691] loop6: detected capacity change from 0 to 164
[  135.990097][ T9691] syz.6.2506: attempt to access beyond end of device
[  135.990097][ T9691] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  136.016020][ T9693] loop2: detected capacity change from 0 to 512
[  136.039504][ T9693] EXT4-fs (loop2): orphan cleanup on readonly fs
[  136.045994][ T9697] loop3: detected capacity change from 0 to 2048
[  136.049048][ T9693] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2507: bg 0: block 248: padding at end of block bitmap is not set
[  136.052656][ T9697] EXT4-fs: Ignoring removed mblk_io_submit option
[  136.073795][ T9691] syz.6.2506: attempt to access beyond end of device
[  136.073795][ T9691] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  136.109354][ T9697] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.128496][ T9693] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.2507: Failed to acquire dquot type 1
[  136.160177][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.209745][ T9693] EXT4-fs (loop2): 1 truncate cleaned up
[  136.231366][ T9706] loop0: detected capacity change from 0 to 164
[  136.238256][ T9693] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  136.261743][ T9706] syz.0.2511: attempt to access beyond end of device
[  136.261743][ T9706] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  136.283177][ T9693] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  136.300704][ T9706] syz.0.2511: attempt to access beyond end of device
[  136.300704][ T9706] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[  136.327847][ T9693] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  136.399012][ T9717] loop6: detected capacity change from 0 to 512
[  136.412715][ T9715] wireguard0: entered promiscuous mode
[  136.418279][ T9715] wireguard0: entered allmulticast mode
[  136.428231][ T9717] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  136.441650][ T9717] EXT4-fs (loop6): 1 truncate cleaned up
[  136.451232][ T9717] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.488388][ T4661] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.507363][ T9721] loop6: detected capacity change from 0 to 128
[  136.620436][ T9727] xt_hashlimit: size too large, truncated to 1048576
[  136.808148][ T9741] loop5: detected capacity change from 0 to 512
[  136.828123][ T9741] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.858544][ T9748] loop6: detected capacity change from 0 to 128
[  136.878684][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.920815][ T4099] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.955503][ T9757] FAULT_INJECTION: forcing a failure.
[  136.955503][ T9757] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  136.968691][ T9757] CPU: 0 UID: 0 PID: 9757 Comm: syz.2.2530 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  136.968715][ T9757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  136.968726][ T9757] Call Trace:
[  136.968732][ T9757]  <TASK>
[  136.968738][ T9757]  dump_stack_lvl+0xf2/0x150
[  136.968771][ T9757]  dump_stack+0x15/0x1a
[  136.968846][ T9757]  should_fail_ex+0x24a/0x260
[  136.968887][ T9757]  should_fail+0xb/0x10
[  136.968921][ T9757]  should_fail_usercopy+0x1a/0x20
[  136.968938][ T9757]  _copy_from_user+0x1c/0xa0
[  136.968986][ T9757]  copy_msghdr_from_user+0x54/0x2a0
[  136.969010][ T9757]  ? __fget_files+0x17c/0x1c0
[  136.969047][ T9757]  __sys_sendmsg+0x13e/0x230
[  136.969090][ T9757]  __x64_sys_sendmsg+0x46/0x50
[  136.969117][ T9757]  x64_sys_call+0x2734/0x2dc0
[  136.969158][ T9757]  do_syscall_64+0xc9/0x1c0
[  136.969181][ T9757]  ? clear_bhb_loop+0x55/0xb0
[  136.969215][ T9757]  ? clear_bhb_loop+0x55/0xb0
[  136.969247][ T9757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.969383][ T9757] RIP: 0033:0x7ff608aecde9
[  136.969397][ T9757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.969416][ T9757] RSP: 002b:00007ff607157038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  136.969499][ T9757] RAX: ffffffffffffffda RBX: 00007ff608d05fa0 RCX: 00007ff608aecde9
[  136.969510][ T9757] RDX: 0000000000000000 RSI: 0000400000002ac0 RDI: 0000000000000003
[  136.969522][ T9757] RBP: 00007ff607157090 R08: 0000000000000000 R09: 0000000000000000
[  136.969536][ T9757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.969550][ T9757] R13: 0000000000000000 R14: 00007ff608d05fa0 R15: 00007ffd6b77f308
[  136.969605][ T9757]  </TASK>
[  137.265619][ T9768] netlink: 'syz.5.2537': attribute type 1 has an invalid length.
[  137.312218][ T9768] 8021q: adding VLAN 0 to HW filter on device bond1
[  137.372065][ T9777] loop6: detected capacity change from 0 to 512
[  137.388398][ T9777] EXT4-fs (loop6): orphan cleanup on readonly fs
[  137.425035][ T9777] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2540: bg 0: block 248: padding at end of block bitmap is not set
[  137.456963][ T9777] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.2540: Failed to acquire dquot type 1
[  137.508652][ T9777] EXT4-fs (loop6): 1 truncate cleaned up
[  137.535209][ T9777] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  137.556425][ T9788] loop2: detected capacity change from 0 to 128
[  137.583711][ T9777] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  137.639056][ T9777] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  137.767933][ T9802] loop2: detected capacity change from 0 to 2048
[  137.788357][ T9802] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.803181][ T9802] ext4 filesystem being mounted at /549/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.834211][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.201858][ T4661] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.288151][ T9826] loop6: detected capacity change from 0 to 128
[  138.481698][ T9841] loop0: detected capacity change from 0 to 512
[  138.508729][ T9841] EXT4-fs (loop0): orphan cleanup on readonly fs
[  138.532788][ T9841] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2569: bg 0: block 248: padding at end of block bitmap is not set
[  138.589112][ T9841] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.2569: Failed to acquire dquot type 1
[  138.618091][ T9841] EXT4-fs (loop0): 1 truncate cleaned up
[  138.637047][ T9841] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  138.653086][ T9855] loop5: detected capacity change from 0 to 128
[  138.704621][ T9841] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  138.749389][ T9841] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  139.197322][ T9871] FAULT_INJECTION: forcing a failure.
[  139.197322][ T9871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.210632][ T9871] CPU: 1 UID: 0 PID: 9871 Comm: syz.5.2579 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  139.210658][ T9871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  139.210685][ T9871] Call Trace:
[  139.210693][ T9871]  <TASK>
[  139.210702][ T9871]  dump_stack_lvl+0xf2/0x150
[  139.210731][ T9871]  dump_stack+0x15/0x1a
[  139.210751][ T9871]  should_fail_ex+0x24a/0x260
[  139.210790][ T9871]  should_fail+0xb/0x10
[  139.210878][ T9871]  should_fail_usercopy+0x1a/0x20
[  139.210953][ T9871]  _copy_from_user+0x1c/0xa0
[  139.210980][ T9871]  copy_msghdr_from_user+0x54/0x2a0
[  139.211004][ T9871]  ? __fget_files+0x17c/0x1c0
[  139.211041][ T9871]  __sys_sendmsg+0x13e/0x230
[  139.211111][ T9871]  __x64_sys_sendmsg+0x46/0x50
[  139.211219][ T9871]  x64_sys_call+0x2734/0x2dc0
[  139.211244][ T9871]  do_syscall_64+0xc9/0x1c0
[  139.211317][ T9871]  ? clear_bhb_loop+0x55/0xb0
[  139.211392][ T9871]  ? clear_bhb_loop+0x55/0xb0
[  139.211425][ T9871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.211452][ T9871] RIP: 0033:0x7f4345d3cde9
[  139.211466][ T9871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.211499][ T9871] RSP: 002b:00007f43443a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.211522][ T9871] RAX: ffffffffffffffda RBX: 00007f4345f55fa0 RCX: 00007f4345d3cde9
[  139.211537][ T9871] RDX: 0000000000000000 RSI: 0000400000000140 RDI: 0000000000000003
[  139.211552][ T9871] RBP: 00007f43443a7090 R08: 0000000000000000 R09: 0000000000000000
[  139.211567][ T9871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.211581][ T9871] R13: 0000000000000000 R14: 00007f4345f55fa0 R15: 00007ffc8278e508
[  139.211601][ T9871]  </TASK>
[  139.394788][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.417827][ T9873] loop5: detected capacity change from 0 to 512
[  139.520429][ T9886] loop5: detected capacity change from 0 to 128
[  139.585432][ T9892] loop0: detected capacity change from 0 to 164
[  139.602869][ T9892] FAULT_INJECTION: forcing a failure.
[  139.602869][ T9892] name failslab, interval 1, probability 0, space 0, times 0
[  139.615668][ T9892] CPU: 1 UID: 0 PID: 9892 Comm: syz.0.2590 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  139.615700][ T9892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  139.615715][ T9892] Call Trace:
[  139.615723][ T9892]  <TASK>
[  139.615732][ T9892]  dump_stack_lvl+0xf2/0x150
[  139.615766][ T9892]  dump_stack+0x15/0x1a
[  139.615792][ T9892]  should_fail_ex+0x24a/0x260
[  139.615890][ T9892]  should_failslab+0x8f/0xb0
[  139.615922][ T9892]  kmem_cache_alloc_noprof+0x52/0x320
[  139.615958][ T9892]  ? alloc_empty_file+0xd0/0x200
[  139.616026][ T9892]  ? selinux_file_open+0x34a/0x3b0
[  139.616087][ T9892]  alloc_empty_file+0xd0/0x200
[  139.616123][ T9892]  path_openat+0x6a/0x1fc0
[  139.616151][ T9892]  ? _parse_integer_limit+0x167/0x180
[  139.616192][ T9892]  do_filp_open+0x107/0x230
[  139.616278][ T9892]  do_open_execat+0xd0/0x280
[  139.616367][ T9892]  alloc_bprm+0x2a/0x680
[  139.616389][ T9892]  do_execveat_common+0x12b/0x7e0
[  139.616464][ T9892]  ? getname_flags+0x15a/0x3b0
[  139.616501][ T9892]  __x64_sys_execveat+0x75/0x90
[  139.616532][ T9892]  x64_sys_call+0x291e/0x2dc0
[  139.616575][ T9892]  do_syscall_64+0xc9/0x1c0
[  139.616603][ T9892]  ? clear_bhb_loop+0x55/0xb0
[  139.616637][ T9892]  ? clear_bhb_loop+0x55/0xb0
[  139.616713][ T9892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.616746][ T9892] RIP: 0033:0x7f0b4978cde9
[  139.616772][ T9892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.616790][ T9892] RSP: 002b:00007f0b47df7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  139.616811][ T9892] RAX: ffffffffffffffda RBX: 00007f0b499a5fa0 RCX: 00007f0b4978cde9
[  139.616826][ T9892] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[  139.616841][ T9892] RBP: 00007f0b47df7090 R08: 0000000000001000 R09: 0000000000000000
[  139.616856][ T9892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.616870][ T9892] R13: 0000000000000000 R14: 00007f0b499a5fa0 R15: 00007fffaf114e38
[  139.616893][ T9892]  </TASK>
[  139.877468][ T9899] lo speed is unknown, defaulting to 1000
[  139.880892][ T9901] loop0: detected capacity change from 0 to 512
[  139.904669][ T9901] EXT4-fs (loop0): orphan cleanup on readonly fs
[  139.955904][ T9906] xt_hashlimit: size too large, truncated to 1048576
[  139.969371][ T9901] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2593: bg 0: block 248: padding at end of block bitmap is not set
[  140.103959][ T9901] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.2593: Failed to acquire dquot type 1
[  140.131167][ T9901] EXT4-fs (loop0): 1 truncate cleaned up
[  140.142065][ T9901] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  140.159675][ T9901] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  140.205470][ T9901] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  140.366318][ T9926] loop5: detected capacity change from 0 to 128
[  140.408072][ T9929] 9pnet: p9_errstr2errno: server reported unknown error �@í΂Í(ááí«QÿNd
[  140.720082][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.900452][   T29] kauditd_printk_skb: 278 callbacks suppressed
[  140.900466][   T29] audit: type=1326 audit(1739044564.224:20995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  140.984438][   T29] audit: type=1326 audit(1739044564.264:20996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  141.008138][   T29] audit: type=1326 audit(1739044564.264:20997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  141.031707][   T29] audit: type=1326 audit(1739044564.264:20998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  141.055292][   T29] audit: type=1326 audit(1739044564.274:20999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  141.078793][   T29] audit: type=1326 audit(1739044564.274:21000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  141.102324][   T29] audit: type=1326 audit(1739044564.274:21001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  141.125920][   T29] audit: type=1326 audit(1739044564.274:21002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  141.149429][   T29] audit: type=1326 audit(1739044564.274:21003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  141.173125][   T29] audit: type=1326 audit(1739044564.274:21004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9936 comm="syz.0.2607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  141.198201][ T9950] loop0: detected capacity change from 0 to 128
[  141.244005][ T9956] loop3: detected capacity change from 0 to 512
[  141.255893][ T9956] EXT4-fs (loop3): orphan cleanup on readonly fs
[  141.265057][ T9956] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2617: bg 0: block 248: padding at end of block bitmap is not set
[  141.279207][ T9961] loop6: detected capacity change from 0 to 512
[  141.285585][ T9956] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2617: Failed to acquire dquot type 1
[  141.302415][ T9956] EXT4-fs (loop3): 1 truncate cleaned up
[  141.309377][ T9956] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  141.310263][ T9961] EXT4-fs warning (device loop6): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  141.340163][ T9956] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  141.351361][ T9965] loop2: detected capacity change from 0 to 512
[  141.363277][ T9961] EXT4-fs (loop6): mount failed
[  141.369068][ T9965] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  141.388734][ T9956] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  141.389548][ T9965] EXT4-fs (loop2): 1 truncate cleaned up
[  141.410951][ T9961] unsupported nla_type 60633
[  141.415814][ T9965] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.483365][ T9976] FAULT_INJECTION: forcing a failure.
[  141.483365][ T9976] name failslab, interval 1, probability 0, space 0, times 0
[  141.496128][ T9976] CPU: 1 UID: 0 PID: 9976 Comm: syz.5.2623 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  141.496156][ T9976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  141.496169][ T9976] Call Trace:
[  141.496193][ T9976]  <TASK>
[  141.496202][ T9976]  dump_stack_lvl+0xf2/0x150
[  141.496235][ T9976]  dump_stack+0x15/0x1a
[  141.496280][ T9976]  should_fail_ex+0x24a/0x260
[  141.496319][ T9976]  should_failslab+0x8f/0xb0
[  141.496350][ T9976]  kmem_cache_alloc_node_noprof+0x59/0x320
[  141.496466][ T9976]  ? __alloc_skb+0x10b/0x310
[  141.496497][ T9976]  __alloc_skb+0x10b/0x310
[  141.496580][ T9976]  ? avc_has_perm_noaudit+0x1cc/0x210
[  141.496621][ T9976]  alloc_skb_with_frags+0x80/0x450
[  141.496714][ T9976]  ? __rmqueue_pcplist+0xf7e/0x1110
[  141.496739][ T9976]  tcp_send_rcvq+0xec/0x2c0
[  141.496837][ T9976]  tcp_sendmsg_locked+0x25d8/0x26a0
[  141.496863][ T9976]  ? prep_new_page+0x52/0x1b0
[  141.496884][ T9976]  ? xas_load+0x3ae/0x3d0
[  141.496906][ T9976]  ? xas_find+0x24b/0x3f0
[  141.496934][ T9976]  ? __rcu_read_unlock+0x4e/0x70
[  141.496967][ T9976]  ? avc_has_perm_noaudit+0x1cc/0x210
[  141.497080][ T9976]  ? avc_has_perm+0xd4/0x160
[  141.497113][ T9976]  ? _raw_spin_unlock_bh+0x36/0x40
[  141.497155][ T9976]  ? __pfx_tcp_sendmsg+0x10/0x10
[  141.497182][ T9976]  tcp_sendmsg+0x30/0x50
[  141.497209][ T9976]  inet6_sendmsg+0x77/0xd0
[  141.497238][ T9976]  __sock_sendmsg+0x8b/0x180
[  141.497263][ T9976]  __sys_sendto+0x1a8/0x230
[  141.497328][ T9976]  __x64_sys_sendto+0x78/0x90
[  141.497368][ T9976]  x64_sys_call+0x29fa/0x2dc0
[  141.497398][ T9976]  do_syscall_64+0xc9/0x1c0
[  141.497421][ T9976]  ? clear_bhb_loop+0x55/0xb0
[  141.497447][ T9976]  ? clear_bhb_loop+0x55/0xb0
[  141.497492][ T9976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.497524][ T9976] RIP: 0033:0x7f4345d3ec7c
[  141.497546][ T9976] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  141.497568][ T9976] RSP: 002b:00007f43443a5ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  141.497590][ T9976] RAX: ffffffffffffffda RBX: 00007f43443a5fc0 RCX: 00007f4345d3ec7c
[  141.497604][ T9976] RDX: 0000000000000020 RSI: 00007f43443a6010 RDI: 0000000000000004
[  141.497673][ T9976] RBP: 0000000000000000 R08: 00007f43443a5f14 R09: 000000000000000c
[  141.497738][ T9976] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  141.497749][ T9976] R13: 00007f43443a5f68 R14: 00007f43443a6010 R15: 0000000000000000
[  141.497766][ T9976]  </TASK>
[  141.833199][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.863706][ T9984] loop6: detected capacity change from 0 to 128
[  142.079953][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.498874][T10015] loop0: detected capacity change from 0 to 128
[  142.555572][T10017] loop0: detected capacity change from 0 to 512
[  142.568338][T10017] EXT4-fs (loop0): orphan cleanup on readonly fs
[  142.575159][T10017] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2642: bg 0: block 248: padding at end of block bitmap is not set
[  142.593771][T10017] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.2642: Failed to acquire dquot type 1
[  142.627711][T10017] EXT4-fs (loop0): 1 truncate cleaned up
[  142.644186][T10017] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  142.689933][T10017] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  142.746689][T10017] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  142.982779][T10045] loop6: detected capacity change from 0 to 128
[  143.029845][T10047] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2653'.
[  143.072941][T10049] netlink: 4360 bytes leftover after parsing attributes in process `syz.3.2654'.
[  143.256152][T10065] netlink: 4360 bytes leftover after parsing attributes in process `syz.3.2662'.
[  143.312418][T10070] loop6: detected capacity change from 0 to 512
[  143.320831][T10070] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  143.332171][T10071] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[  143.352529][T10070] EXT4-fs (loop6): 1 truncate cleaned up
[  143.361380][T10071] netlink: 'syz.3.2664': attribute type 25 has an invalid length.
[  143.404116][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.441180][T10076] loop0: detected capacity change from 0 to 128
[  143.454762][T10070] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.549133][ T4661] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.608870][T10090] Process accounting resumed
[  143.701999][T10098] loop0: detected capacity change from 0 to 2048
[  143.718639][T10102] loop3: detected capacity change from 0 to 512
[  143.751527][T10102] EXT4-fs (loop3): orphan cleanup on readonly fs
[  143.763265][T10102] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2678: bg 0: block 248: padding at end of block bitmap is not set
[  143.765586][T10098]  loop0: p1 < > p4
[  143.788042][T10102] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2678: Failed to acquire dquot type 1
[  143.805750][T10098] loop0: p4 size 8388608 extends beyond EOD, truncated
[  143.815457][T10102] EXT4-fs (loop3): 1 truncate cleaned up
[  143.823300][T10102] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  143.837128][T10102] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  143.858025][T10102] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  143.911328][T10120] loop6: detected capacity change from 0 to 128
[  144.036696][T10158] loop6: detected capacity change from 0 to 512
[  144.076401][T10158] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  144.094496][T10158] EXT4-fs (loop6): 1 truncate cleaned up
[  144.111394][T10158] FAULT_INJECTION: forcing a failure.
[  144.111394][T10158] name failslab, interval 1, probability 0, space 0, times 0
[  144.124199][T10158] CPU: 1 UID: 0 PID: 10158 Comm: syz.6.2688 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  144.124226][T10158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  144.124238][T10158] Call Trace:
[  144.124244][T10158]  <TASK>
[  144.124252][T10158]  dump_stack_lvl+0xf2/0x150
[  144.124344][T10158]  dump_stack+0x15/0x1a
[  144.124367][T10158]  should_fail_ex+0x24a/0x260
[  144.124407][T10158]  ? ext4_expand_extra_isize_ea+0x780/0xf70
[  144.124433][T10158]  should_failslab+0x8f/0xb0
[  144.124546][T10158]  __kmalloc_cache_noprof+0x4e/0x320
[  144.124583][T10158]  ext4_expand_extra_isize_ea+0x780/0xf70
[  144.124614][T10158]  __ext4_expand_extra_isize+0x243/0x280
[  144.124725][T10158]  __ext4_mark_inode_dirty+0x2c5/0x440
[  144.124753][T10158]  __ext4_unlink+0x482/0x660
[  144.124862][T10158]  ext4_unlink+0xd6/0x2a0
[  144.124902][T10158]  vfs_unlink+0x275/0x430
[  144.124964][T10158]  do_unlinkat+0x237/0x4d0
[  144.125025][T10158]  __x64_sys_unlink+0x2e/0x40
[  144.125049][T10158]  x64_sys_call+0x2329/0x2dc0
[  144.125076][T10158]  do_syscall_64+0xc9/0x1c0
[  144.125101][T10158]  ? clear_bhb_loop+0x55/0xb0
[  144.125194][T10158]  ? clear_bhb_loop+0x55/0xb0
[  144.125304][T10158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.125398][T10158] RIP: 0033:0x7f69a648cde9
[  144.125416][T10158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.125437][T10158] RSP: 002b:00007f69a4af1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  144.125458][T10158] RAX: ffffffffffffffda RBX: 00007f69a66a5fa0 RCX: 00007f69a648cde9
[  144.125470][T10158] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000180
[  144.125481][T10158] RBP: 00007f69a4af1090 R08: 0000000000000000 R09: 0000000000000000
[  144.125567][T10158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.125582][T10158] R13: 0000000000000000 R14: 00007f69a66a5fa0 R15: 00007ffc57955f58
[  144.125604][T10158]  </TASK>
[  144.499247][T10208] loop2: detected capacity change from 0 to 128
[  144.564248][T10212] Process accounting resumed
[  144.623155][T10215] loop2: detected capacity change from 0 to 512
[  144.635618][T10212] loop2: detected capacity change from 0 to 128
[  144.642408][T10212] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1)
[  144.657955][T10212] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  144.720759][T10221] netlink: 4360 bytes leftover after parsing attributes in process `syz.2.2705'.
[  144.911615][T10234] loop3: detected capacity change from 0 to 128
[  144.973650][T10238] loop5: detected capacity change from 0 to 512
[  145.010935][T10238] EXT4-fs (loop5): orphan cleanup on readonly fs
[  145.027847][T10238] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2712: bg 0: block 248: padding at end of block bitmap is not set
[  145.075889][T10248] team0 (unregistering): Port device team_slave_0 removed
[  145.093709][T10238] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.2712: Failed to acquire dquot type 1
[  145.121456][T10248] team0 (unregistering): Port device team_slave_1 removed
[  145.134386][T10238] EXT4-fs (loop5): 1 truncate cleaned up
[  145.150811][T10238] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  145.167165][T10238] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  145.254327][T10260] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2720'.
[  145.264038][T10260] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2720'.
[  145.369478][T10270] loop3: detected capacity change from 0 to 128
[  145.420973][T10276] loop3: detected capacity change from 0 to 512
[  145.428033][T10276] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  145.440874][T10276] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.2728: corrupted in-inode xattr: e_name out of bounds
[  145.456251][T10276] EXT4-fs (loop3): Remounting filesystem read-only
[  145.473010][T10276] EXT4-fs (loop3): 1 truncate cleaned up
[  145.479176][T10276] SELinux: (dev loop3, type ext4) getxattr errno 5
[  145.555165][T10288] FAULT_INJECTION: forcing a failure.
[  145.555165][T10288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  145.568441][T10288] CPU: 0 UID: 0 PID: 10288 Comm: syz.0.2733 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  145.568472][T10288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  145.568487][T10288] Call Trace:
[  145.568494][T10288]  <TASK>
[  145.568502][T10288]  dump_stack_lvl+0xf2/0x150
[  145.568598][T10288]  dump_stack+0x15/0x1a
[  145.568682][T10288]  should_fail_ex+0x24a/0x260
[  145.568715][T10288]  should_fail+0xb/0x10
[  145.568747][T10288]  should_fail_usercopy+0x1a/0x20
[  145.568765][T10288]  strncpy_from_user+0x25/0x210
[  145.568867][T10288]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  145.568900][T10288]  ? getname_flags+0x81/0x3b0
[  145.569001][T10288]  getname_flags+0xb0/0x3b0
[  145.569031][T10288]  user_path_at+0x26/0x120
[  145.569048][T10288]  __se_sys_name_to_handle_at+0xfa/0x560
[  145.569077][T10288]  __x64_sys_name_to_handle_at+0x67/0x80
[  145.569173][T10288]  x64_sys_call+0xe82/0x2dc0
[  145.569198][T10288]  do_syscall_64+0xc9/0x1c0
[  145.569227][T10288]  ? clear_bhb_loop+0x55/0xb0
[  145.569305][T10288]  ? clear_bhb_loop+0x55/0xb0
[  145.569337][T10288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.569368][T10288] RIP: 0033:0x7f0b4978cde9
[  145.569382][T10288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.569399][T10288] RSP: 002b:00007f0b47df7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  145.569437][T10288] RAX: ffffffffffffffda RBX: 00007f0b499a5fa0 RCX: 00007f0b4978cde9
[  145.569452][T10288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  145.569534][T10288] RBP: 00007f0b47df7090 R08: 0000000000000200 R09: 0000000000000000
[  145.569548][T10288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.569585][T10288] R13: 0000000000000000 R14: 00007f0b499a5fa0 R15: 00007fffaf114e38
[  145.569608][T10288]  </TASK>
[  145.848851][T10298] loop0: detected capacity change from 0 to 128
[  145.905291][   T29] kauditd_printk_skb: 491 callbacks suppressed
[  145.905308][   T29] audit: type=1326 audit(1739044569.224:21482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  145.941880][   T29] audit: type=1326 audit(1739044569.264:21483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  145.965624][   T29] audit: type=1326 audit(1739044569.264:21484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10309 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f0b497bf6a5 code=0x7ffc0000
[  145.989339][   T29] audit: type=1326 audit(1739044569.264:21485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  146.021289][   T29] audit: type=1326 audit(1739044569.264:21486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  146.044980][   T29] audit: type=1326 audit(1739044569.264:21487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  146.068699][   T29] audit: type=1326 audit(1739044569.264:21488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  146.092470][   T29] audit: type=1326 audit(1739044569.264:21489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  146.116121][   T29] audit: type=1326 audit(1739044569.264:21490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  146.139814][   T29] audit: type=1326 audit(1739044569.264:21491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10304 comm="syz.0.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b4978cde9 code=0x7ffc0000
[  146.314530][T10321] loop0: detected capacity change from 0 to 512
[  146.331312][T10319] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  146.351469][T10321] EXT4-fs (loop0): orphan cleanup on readonly fs
[  146.378367][T10321] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2748: bg 0: block 248: padding at end of block bitmap is not set
[  146.410710][T10321] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.2748: Failed to acquire dquot type 1
[  146.491606][T10321] EXT4-fs (loop0): 1 truncate cleaned up
[  146.523907][T10321] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  146.542104][T10321] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  146.593716][T10330] FAULT_INJECTION: forcing a failure.
[  146.593716][T10330] name failslab, interval 1, probability 0, space 0, times 0
[  146.606597][T10330] CPU: 1 UID: 0 PID: 10330 Comm: syz.5.2752 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  146.606699][T10330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  146.606713][T10330] Call Trace:
[  146.606793][T10330]  <TASK>
[  146.606800][T10330]  dump_stack_lvl+0xf2/0x150
[  146.606827][T10330]  dump_stack+0x15/0x1a
[  146.606853][T10330]  should_fail_ex+0x24a/0x260
[  146.606888][T10330]  ? resv_map_alloc+0x32/0x190
[  146.606996][T10330]  should_failslab+0x8f/0xb0
[  146.607025][T10330]  __kmalloc_cache_noprof+0x4e/0x320
[  146.607131][T10330]  ? vfs_write+0x644/0x920
[  146.607218][T10330]  resv_map_alloc+0x32/0x190
[  146.607249][T10330]  hugetlbfs_get_inode+0x64/0x380
[  146.607332][T10330]  hugetlb_file_setup+0x188/0x3c0
[  146.607359][T10330]  ksys_mmap_pgoff+0x172/0x330
[  146.607383][T10330]  x64_sys_call+0x1940/0x2dc0
[  146.607504][T10330]  do_syscall_64+0xc9/0x1c0
[  146.607533][T10330]  ? clear_bhb_loop+0x55/0xb0
[  146.607642][T10330]  ? clear_bhb_loop+0x55/0xb0
[  146.607745][T10330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.607770][T10330] RIP: 0033:0x7f4345d3cde9
[  146.607783][T10330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.607858][T10330] RSP: 002b:00007f43443a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  146.607875][T10330] RAX: ffffffffffffffda RBX: 00007f4345f55fa0 RCX: 00007f4345d3cde9
[  146.607886][T10330] RDX: 0000000000000000 RSI: 0000000000ff5000 RDI: 0000400000000000
[  146.607897][T10330] RBP: 00007f43443a7090 R08: ffffffffffffffff R09: 00000000d85fd000
[  146.607909][T10330] R10: 000200000005c831 R11: 0000000000000246 R12: 0000000000000001
[  146.607919][T10330] R13: 0000000000000000 R14: 00007f4345f55fa0 R15: 00007ffc8278e508
[  146.608009][T10330]  </TASK>
[  146.829563][T10339] loop3: detected capacity change from 0 to 128
[  147.002089][T10352] lo speed is unknown, defaulting to 1000
[  147.395367][T10368] loop5: detected capacity change from 0 to 128
[  147.794370][T10373] netem: change failed
[  147.877419][T10383] FAULT_INJECTION: forcing a failure.
[  147.877419][T10383] name failslab, interval 1, probability 0, space 0, times 0
[  147.890162][T10383] CPU: 0 UID: 0 PID: 10383 Comm: syz.0.2772 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  147.890187][T10383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  147.890200][T10383] Call Trace:
[  147.890206][T10383]  <TASK>
[  147.890213][T10383]  dump_stack_lvl+0xf2/0x150
[  147.890242][T10383]  dump_stack+0x15/0x1a
[  147.890268][T10383]  should_fail_ex+0x24a/0x260
[  147.890420][T10383]  should_failslab+0x8f/0xb0
[  147.890451][T10383]  kmem_cache_alloc_node_noprof+0x59/0x320
[  147.890513][T10383]  ? __alloc_skb+0x10b/0x310
[  147.890543][T10383]  __alloc_skb+0x10b/0x310
[  147.890571][T10383]  netlink_alloc_large_skb+0xad/0xe0
[  147.890600][T10383]  netlink_sendmsg+0x3b4/0x6e0
[  147.890705][T10383]  ? __pfx_netlink_sendmsg+0x10/0x10
[  147.890762][T10383]  __sock_sendmsg+0x140/0x180
[  147.890831][T10383]  ____sys_sendmsg+0x312/0x410
[  147.890933][T10383]  __sys_sendmsg+0x19d/0x230
[  147.891024][T10383]  __x64_sys_sendmsg+0x46/0x50
[  147.891058][T10383]  x64_sys_call+0x2734/0x2dc0
[  147.891084][T10383]  do_syscall_64+0xc9/0x1c0
[  147.891172][T10383]  ? clear_bhb_loop+0x55/0xb0
[  147.891253][T10383]  ? clear_bhb_loop+0x55/0xb0
[  147.891279][T10383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.891309][T10383] RIP: 0033:0x7f0b4978cde9
[  147.891327][T10383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.891374][T10383] RSP: 002b:00007f0b47df7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  147.891391][T10383] RAX: ffffffffffffffda RBX: 00007f0b499a5fa0 RCX: 00007f0b4978cde9
[  147.891410][T10383] RDX: 0000000000000000 RSI: 0000400000001200 RDI: 0000000000000005
[  147.891421][T10383] RBP: 00007f0b47df7090 R08: 0000000000000000 R09: 0000000000000000
[  147.891432][T10383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.891444][T10383] R13: 0000000000000000 R14: 00007f0b499a5fa0 R15: 00007fffaf114e38
[  147.891465][T10383]  </TASK>
[  148.138961][T10390] loop2: detected capacity change from 0 to 512
[  148.167882][T10395] loop0: detected capacity change from 0 to 128
[  148.174559][T10390] EXT4-fs (loop2): orphan cleanup on readonly fs
[  148.200246][T10390] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2776: bg 0: block 248: padding at end of block bitmap is not set
[  148.247471][T10390] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.2776: Failed to acquire dquot type 1
[  148.286096][T10390] EXT4-fs (loop2): 1 truncate cleaned up
[  148.293244][T10390] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  148.326434][T10390] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  148.370924][T10398] lo speed is unknown, defaulting to 1000
[  148.578891][T10429] loop5: detected capacity change from 0 to 128
[  149.133174][T10451] loop2: detected capacity change from 0 to 256
[  149.143578][T10451] msdos: Unknown parameter 'gidN'
[  149.218782][T10452] lo speed is unknown, defaulting to 1000
[  149.284229][T10461] loop6: detected capacity change from 0 to 512
[  149.293937][T10463] loop0: detected capacity change from 0 to 128
[  149.301401][T10461] EXT4-fs (loop6): orphan cleanup on readonly fs
[  149.308341][T10461] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2805: bg 0: block 248: padding at end of block bitmap is not set
[  149.324114][T10461] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.2805: Failed to acquire dquot type 1
[  149.337924][T10461] EXT4-fs (loop6): 1 truncate cleaned up
[  149.346993][T10461] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  149.377886][T10461] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  149.449864][T10478] lo speed is unknown, defaulting to 1000
[  149.457086][T10478] lo speed is unknown, defaulting to 1000
[  149.466759][T10478] lo speed is unknown, defaulting to 1000
[  149.473320][T10478] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  149.489309][T10478] lo speed is unknown, defaulting to 1000
[  149.495877][T10478] lo speed is unknown, defaulting to 1000
[  149.501911][T10478] lo speed is unknown, defaulting to 1000
[  149.508378][T10478] lo speed is unknown, defaulting to 1000
[  149.514600][T10478] lo speed is unknown, defaulting to 1000
[  149.520874][T10478] lo speed is unknown, defaulting to 1000
[  149.674466][T10492] loop5: detected capacity change from 0 to 128
[  149.910374][T10511] siw: device registration error -23
[  149.993473][T10518] loop5: detected capacity change from 0 to 128
[  150.168487][T10528] loop6: detected capacity change from 0 to 8192
[  150.223239][T10531] FAULT_INJECTION: forcing a failure.
[  150.223239][T10531] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.236366][T10531] CPU: 0 UID: 0 PID: 10531 Comm: syz.0.2832 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  150.236398][T10531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  150.236419][T10531] Call Trace:
[  150.236426][T10531]  <TASK>
[  150.236434][T10531]  dump_stack_lvl+0xf2/0x150
[  150.236534][T10531]  dump_stack+0x15/0x1a
[  150.236561][T10531]  should_fail_ex+0x24a/0x260
[  150.236602][T10531]  should_fail+0xb/0x10
[  150.236638][T10531]  should_fail_usercopy+0x1a/0x20
[  150.236709][T10531]  _copy_from_iter+0xd5/0xd00
[  150.236729][T10531]  ? kmalloc_reserve+0x16e/0x190
[  150.236754][T10531]  ? __build_skb_around+0x196/0x1f0
[  150.236785][T10531]  ? __alloc_skb+0x21f/0x310
[  150.236810][T10531]  ? __virt_addr_valid+0x1ed/0x250
[  150.236908][T10531]  ? __check_object_size+0x364/0x520
[  150.236945][T10531]  netlink_sendmsg+0x460/0x6e0
[  150.236989][T10531]  ? __pfx_netlink_sendmsg+0x10/0x10
[  150.237030][T10531]  __sock_sendmsg+0x140/0x180
[  150.237131][T10531]  ____sys_sendmsg+0x312/0x410
[  150.237169][T10531]  __sys_sendmsg+0x19d/0x230
[  150.237227][T10531]  __x64_sys_sendmsg+0x46/0x50
[  150.237259][T10531]  x64_sys_call+0x2734/0x2dc0
[  150.237285][T10531]  do_syscall_64+0xc9/0x1c0
[  150.237315][T10531]  ? clear_bhb_loop+0x55/0xb0
[  150.237368][T10531]  ? clear_bhb_loop+0x55/0xb0
[  150.237441][T10531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.237473][T10531] RIP: 0033:0x7f0b4978cde9
[  150.237491][T10531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.237510][T10531] RSP: 002b:00007f0b47df7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  150.237550][T10531] RAX: ffffffffffffffda RBX: 00007f0b499a5fa0 RCX: 00007f0b4978cde9
[  150.237564][T10531] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000006
[  150.237578][T10531] RBP: 00007f0b47df7090 R08: 0000000000000000 R09: 0000000000000000
[  150.237592][T10531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.237606][T10531] R13: 0000000000000000 R14: 00007f0b499a5fa0 R15: 00007fffaf114e38
[  150.237624][T10531]  </TASK>
[  150.237965][T10528]  loop6: p1 p3 p4
[  150.278711][T10528] loop6: p1 start 51379968 is beyond EOD, truncated
[  150.458157][T10528] loop6: p3 size 100663552 extends beyond EOD, truncated
[  150.475360][T10528] loop6: p4 start 8139008 is beyond EOD, truncated
[  150.506218][T10540] loop2: detected capacity change from 0 to 1024
[  150.533260][T10547] loop3: detected capacity change from 0 to 128
[  150.581494][T10554] loop2: detected capacity change from 0 to 512
[  150.591712][T10554] EXT4-fs (loop2): orphan cleanup on readonly fs
[  150.599065][T10554] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2841: bg 0: block 248: padding at end of block bitmap is not set
[  150.599157][T10559] FAULT_INJECTION: forcing a failure.
[  150.599157][T10559] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.618933][T10554] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.2841: Failed to acquire dquot type 1
[  150.626648][T10559] CPU: 0 UID: 0 PID: 10559 Comm: syz.3.2843 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  150.626678][T10559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  150.626694][T10559] Call Trace:
[  150.626701][T10559]  <TASK>
[  150.626711][T10559]  dump_stack_lvl+0xf2/0x150
[  150.626745][T10559]  dump_stack+0x15/0x1a
[  150.626845][T10559]  should_fail_ex+0x24a/0x260
[  150.626902][T10559]  should_fail+0xb/0x10
[  150.626938][T10559]  should_fail_usercopy+0x1a/0x20
[  150.626961][T10559]  _copy_from_iter+0xd5/0xd00
[  150.626985][T10559]  ? kmalloc_reserve+0x16e/0x190
[  150.627031][T10559]  ? __build_skb_around+0x196/0x1f0
[  150.627061][T10559]  ? __alloc_skb+0x21f/0x310
[  150.627089][T10559]  ? __virt_addr_valid+0x1ed/0x250
[  150.627191][T10559]  ? __check_object_size+0x364/0x520
[  150.627235][T10559]  netlink_sendmsg+0x460/0x6e0
[  150.627351][T10559]  ? __pfx_netlink_sendmsg+0x10/0x10
[  150.627391][T10559]  __sock_sendmsg+0x140/0x180
[  150.627417][T10559]  ____sys_sendmsg+0x312/0x410
[  150.627463][T10559]  __sys_sendmsg+0x19d/0x230
[  150.627511][T10559]  ? native_tss_update_io_bitmap+0x17b/0x200
[  150.627548][T10559]  __x64_sys_sendmsg+0x46/0x50
[  150.627660][T10559]  x64_sys_call+0x2734/0x2dc0
[  150.627693][T10559]  do_syscall_64+0xc9/0x1c0
[  150.627722][T10559]  ? clear_bhb_loop+0x55/0xb0
[  150.627783][T10559]  ? clear_bhb_loop+0x55/0xb0
[  150.627817][T10559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.627929][T10559] RIP: 0033:0x7ff880dfcde9
[  150.627947][T10559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.627969][T10559] RSP: 002b:00007ff87f461038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  150.627992][T10559] RAX: ffffffffffffffda RBX: 00007ff881015fa0 RCX: 00007ff880dfcde9
[  150.628069][T10559] RDX: 0000000000000000 RSI: 0000400000000280 RDI: 0000000000000006
[  150.628083][T10559] RBP: 00007ff87f461090 R08: 0000000000000000 R09: 0000000000000000
[  150.628098][T10559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.628113][T10559] R13: 0000000000000000 R14: 00007ff881015fa0 R15: 00007ffe2ad9dcd8
[  150.628136][T10559]  </TASK>
[  150.749972][T10564] siw: device registration error -23
[  150.754391][T10554] EXT4-fs (loop2): 1 truncate cleaned up
[  150.875697][T10554] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  150.917190][T10554] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  150.927770][T10575] __quota_error: 260 callbacks suppressed
[  150.927784][T10575] Quota error (device loop2): do_check_range: Getting block 1536 out of range 0-5
[  151.038192][T10584] loop5: detected capacity change from 0 to 128
[  151.070690][T10587] gretap0: left allmulticast mode
[  151.075948][T10587] gretap0: left promiscuous mode
[  151.081176][T10587] bridge0: port 3(gretap0) entered disabled state
[  151.104084][T10587] bridge_slave_0: left allmulticast mode
[  151.109840][T10587] bridge_slave_0: left promiscuous mode
[  151.115580][T10587] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.131406][T10587] bridge_slave_1: left allmulticast mode
[  151.137230][T10587] bridge_slave_1: left promiscuous mode
[  151.142919][T10587] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.158283][T10587] bond0: (slave bond_slave_0): Releasing backup interface
[  151.171960][T10587] bond0: (slave bond_slave_1): Releasing backup interface
[  151.190939][T10587] team0: Failed to send options change via netlink (err -105)
[  151.198807][T10587] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[  151.212756][T10587] team0: Port device team_slave_0 removed
[  151.221466][T10587] team0: Failed to send options change via netlink (err -105)
[  151.233555][T10587] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  151.243281][T10587] team0: Port device team_slave_1 removed
[  151.273124][ T3355] lo speed is unknown, defaulting to 1000
[  151.362752][   T29] audit: type=1400 audit(1739044574.684:21741): avc:  denied  { bind } for  pid=10595 comm="syz.6.2858" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  151.398969][T10597] vhci_hcd: default hub control req: 4000 v0000 i0000 l0
[  151.421440][   T29] audit: type=1400 audit(1739044574.714:21742): avc:  denied  { setopt } for  pid=10595 comm="syz.6.2858" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  151.441249][   T29] audit: type=1400 audit(1739044574.724:21743): avc:  denied  { append } for  pid=10595 comm="syz.6.2858" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  151.699921][T10618] FAULT_INJECTION: forcing a failure.
[  151.699921][T10618] name failslab, interval 1, probability 0, space 0, times 0
[  151.712661][T10618] CPU: 1 UID: 0 PID: 10618 Comm: syz.5.2867 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  151.712686][T10618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  151.712699][T10618] Call Trace:
[  151.712706][T10618]  <TASK>
[  151.712714][T10618]  dump_stack_lvl+0xf2/0x150
[  151.712743][T10618]  dump_stack+0x15/0x1a
[  151.712764][T10618]  should_fail_ex+0x24a/0x260
[  151.712829][T10618]  ? alloc_bprm+0x64/0x680
[  151.712854][T10618]  should_failslab+0x8f/0xb0
[  151.712880][T10618]  __kmalloc_cache_noprof+0x4e/0x320
[  151.712917][T10618]  alloc_bprm+0x64/0x680
[  151.712939][T10618]  do_execveat_common+0x12b/0x7e0
[  151.712998][T10618]  ? getname_flags+0x15a/0x3b0
[  151.713030][T10618]  __x64_sys_execveat+0x75/0x90
[  151.713137][T10618]  x64_sys_call+0x291e/0x2dc0
[  151.713195][T10618]  do_syscall_64+0xc9/0x1c0
[  151.713219][T10618]  ? clear_bhb_loop+0x55/0xb0
[  151.713245][T10618]  ? clear_bhb_loop+0x55/0xb0
[  151.713308][T10618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.713342][T10618] RIP: 0033:0x7f4345d3cde9
[  151.713357][T10618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.713375][T10618] RSP: 002b:00007f43443a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  151.713433][T10618] RAX: ffffffffffffffda RBX: 00007f4345f55fa0 RCX: 00007f4345d3cde9
[  151.713448][T10618] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000003
[  151.713463][T10618] RBP: 00007f43443a7090 R08: 0000000000001000 R09: 0000000000000000
[  151.713477][T10618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.713492][T10618] R13: 0000000000000000 R14: 00007f4345f55fa0 R15: 00007ffc8278e508
[  151.713512][T10618]  </TASK>
[  151.945015][T10628] loop3: detected capacity change from 0 to 512
[  151.954668][T10628] EXT4-fs (loop3): orphan cleanup on readonly fs
[  151.963612][   T29] audit: type=1400 audit(1739044575.284:21744): avc:  denied  { read } for  pid=10630 comm="syz.5.2872" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  151.987594][   T29] audit: type=1400 audit(1739044575.284:21745): avc:  denied  { write } for  pid=10630 comm="syz.5.2872" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  151.989622][T10634] loop6: detected capacity change from 0 to 128
[  152.007126][   T29] audit: type=1400 audit(1739044575.284:21746): avc:  denied  { ioctl } for  pid=10630 comm="syz.5.2872" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  152.040049][T10628] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2870: bg 0: block 248: padding at end of block bitmap is not set
[  152.058567][T10628] Quota error (device loop3): write_blk: dquota write failed
[  152.066081][T10628] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  152.076064][T10628] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2870: Failed to acquire dquot type 1
[  152.097511][T10640] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2875'.
[  152.101685][T10628] EXT4-fs (loop3): 1 truncate cleaned up
[  152.121030][T10640] bond1: entered promiscuous mode
[  152.126155][T10640] bond1: entered allmulticast mode
[  152.131766][T10628] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  152.131850][T10640] 8021q: adding VLAN 0 to HW filter on device bond1
[  152.165317][T10628] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  152.190201][T10628] Quota error (device loop3): do_check_range: Getting block 1536 out of range 0-5
[  152.338742][T10660] loop6: detected capacity change from 0 to 128
[  152.349536][T10660] FAT-fs (loop6): bogus number of reserved sectors
[  152.356130][T10660] FAT-fs (loop6): Can't find a valid FAT filesystem
[  152.444950][T10663] lo speed is unknown, defaulting to 1000
[  152.451280][T10663] lo speed is unknown, defaulting to 1000
[  152.521152][T10663] chnl_net:caif_netlink_parms(): no params data found
[  152.557753][T10663] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.564937][T10663] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.572534][T10663] bridge_slave_0: entered allmulticast mode
[  152.578976][T10663] bridge_slave_0: entered promiscuous mode
[  152.588405][T10663] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.595608][T10663] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.602950][T10663] bridge_slave_1: entered allmulticast mode
[  152.609741][T10663] bridge_slave_1: entered promiscuous mode
[  152.617808][T10115] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.640807][T10663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  152.651670][T10663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  152.670950][T10115] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.692563][T10663] team0: Port device team_slave_0 added
[  152.699687][T10663] team0: Port device team_slave_1 added
[  152.724076][T10115] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.735489][T10663] batman_adv: batadv0: Adding interface: batadv_slave_0
[  152.742500][T10663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.768517][T10663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  152.807077][T10115] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.818453][T10663] batman_adv: batadv0: Adding interface: batadv_slave_1
[  152.825476][T10663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.851475][T10663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  152.899019][T10663] hsr_slave_0: entered promiscuous mode
[  152.905140][T10663] hsr_slave_1: entered promiscuous mode
[  152.915470][T10663] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  152.923043][T10663] Cannot create hsr debugfs directory
[  152.946663][T10686] loop6: detected capacity change from 0 to 128
[  152.956189][T10115] bridge_slave_1: left allmulticast mode
[  152.961882][T10115] bridge_slave_1: left promiscuous mode
[  152.967611][T10115] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.983123][T10115] bridge_slave_0: left promiscuous mode
[  152.988887][T10115] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.137447][T10115] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  153.146681][T10703] loop6: detected capacity change from 0 to 512
[  153.156281][T10703] EXT4-fs (loop6): orphan cleanup on readonly fs
[  153.159708][T10115] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  153.173197][T10115] bond0 (unregistering): Released all slaves
[  153.179484][T10703] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2896: bg 0: block 248: padding at end of block bitmap is not set
[  153.202470][T10115] bond1 (unregistering): (slave bond2): Releasing backup interface
[  153.211791][T10703] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.2896: Failed to acquire dquot type 1
[  153.227966][T10115] bond1 (unregistering): Released all slaves
[  153.237332][T10115] bond2 (unregistering): Released all slaves
[  153.243417][T10703] EXT4-fs (loop6): 1 truncate cleaned up
[  153.252501][T10703] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  153.270617][T10703] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  153.314439][T10115] hsr_slave_0: left promiscuous mode
[  153.322466][T10115] hsr_slave_1: left promiscuous mode
[  153.330544][T10115] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  153.338109][T10115] batman_adv: batadv0: Removing interface: batadv_slave_0
[  153.350602][T10115] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  153.358103][T10115] batman_adv: batadv0: Removing interface: batadv_slave_1
[  153.372258][T10115] bridge_slave_0: left allmulticast mode
[  153.378115][T10115] veth1_macvtap: left promiscuous mode
[  153.383782][T10115] veth0_macvtap: left promiscuous mode
[  153.403848][T10115] veth1_vlan: left promiscuous mode
[  153.409189][T10115] veth0_vlan: left promiscuous mode
[  153.433783][T10719] loop3: detected capacity change from 0 to 128
[  153.486055][T10115] team0 (unregistering): Port device batadv2 removed
[  153.546437][T10115] team0 (unregistering): Port device team_slave_1 removed
[  153.559324][T10731] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2907'.
[  153.569535][T10115] team0 (unregistering): Port device team_slave_0 removed
[  153.857571][T10663] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  153.876541][T10663] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  153.893368][T10663] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  153.906495][T10663] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  153.940480][T10747] loop3: detected capacity change from 0 to 128
[  153.983605][T10663] 8021q: adding VLAN 0 to HW filter on device bond0
[  154.018443][T10663] 8021q: adding VLAN 0 to HW filter on device team0
[  154.032679][T10127] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.040102][T10127] bridge0: port 1(bridge_slave_0) entered forwarding state
[  154.064291][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.071496][  T293] bridge0: port 2(bridge_slave_1) entered forwarding state
[  154.184189][T10663] 8021q: adding VLAN 0 to HW filter on device batadv0
[  154.219010][T10771] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  154.317531][T10663] veth0_vlan: entered promiscuous mode
[  154.333402][T10663] veth1_vlan: entered promiscuous mode
[  154.352644][T10663] veth0_macvtap: entered promiscuous mode
[  154.366159][T10784] loop3: detected capacity change from 0 to 512
[  154.374254][T10663] veth1_macvtap: entered promiscuous mode
[  154.386590][T10663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.397198][T10663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.407135][T10663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.417732][T10663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.431528][T10663] batman_adv: batadv0: Interface activated: batadv_slave_0
[  154.441230][T10784] EXT4-fs (loop3): orphan cleanup on readonly fs
[  154.441943][T10663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.448785][T10784] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2926: bg 0: block 248: padding at end of block bitmap is not set
[  154.458287][T10663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.482536][T10663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.493060][T10663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.504102][T10663] batman_adv: batadv0: Interface activated: batadv_slave_1
[  154.513419][T10663] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.522247][T10663] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.523985][T10784] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.2926: Failed to acquire dquot type 1
[  154.530992][T10663] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.550959][T10663] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.595079][T10788] bridge0: entered promiscuous mode
[  154.603037][T10784] EXT4-fs (loop3): 1 truncate cleaned up
[  154.603070][T10788] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2884'.
[  154.627238][T10788] bridge_slave_1: left allmulticast mode
[  154.632980][T10788] bridge_slave_1: left promiscuous mode
[  154.638709][T10788] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.651582][T10784] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  154.662749][T10788] bridge_slave_0: left allmulticast mode
[  154.668565][T10788] bridge_slave_0: left promiscuous mode
[  154.674243][T10788] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.681667][T10784] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  154.697500][T10788] bridge0 (unregistering): left promiscuous mode
[  154.785380][    T8] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  154.800961][T10794] loop5: detected capacity change from 0 to 128
[  154.848924][T10800] FAULT_INJECTION: forcing a failure.
[  154.848924][T10800] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.862162][T10800] CPU: 1 UID: 0 PID: 10800 Comm: syz.5.2930 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  154.862210][T10800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  154.862223][T10800] Call Trace:
[  154.862230][T10800]  <TASK>
[  154.862238][T10800]  dump_stack_lvl+0xf2/0x150
[  154.862340][T10800]  dump_stack+0x15/0x1a
[  154.862362][T10800]  should_fail_ex+0x24a/0x260
[  154.862397][T10800]  should_fail+0xb/0x10
[  154.862431][T10800]  should_fail_usercopy+0x1a/0x20
[  154.862485][T10800]  _copy_from_user+0x1c/0xa0
[  154.862508][T10800]  copy_msghdr_from_user+0x54/0x2a0
[  154.862527][T10800]  ? __fget_files+0x17c/0x1c0
[  154.862583][T10800]  __sys_sendmsg+0x13e/0x230
[  154.862633][T10800]  __x64_sys_sendmsg+0x46/0x50
[  154.862667][T10800]  x64_sys_call+0x2734/0x2dc0
[  154.862705][T10800]  do_syscall_64+0xc9/0x1c0
[  154.862728][T10800]  ? clear_bhb_loop+0x55/0xb0
[  154.862804][T10800]  ? clear_bhb_loop+0x55/0xb0
[  154.862841][T10800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.862915][T10115] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  154.862884][T10800] RIP: 0033:0x7f4345d3cde9
[  154.862982][T10800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.863006][T10800] RSP: 002b:00007f43443a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  154.863029][T10800] RAX: ffffffffffffffda RBX: 00007f4345f55fa0 RCX: 00007f4345d3cde9
[  154.863046][T10800] RDX: 0000000000000000 RSI: 0000400000000200 RDI: 0000000000000006
[  154.863061][T10800] RBP: 00007f43443a7090 R08: 0000000000000000 R09: 0000000000000000
[  154.863074][T10800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.863108][T10800] R13: 0000000000000000 R14: 00007f4345f55fa0 R15: 00007ffc8278e508
[  154.863130][T10800]  </TASK>
[  155.104709][T10821] loop5: detected capacity change from 0 to 128
[  155.160402][T10826] FAULT_INJECTION: forcing a failure.
[  155.160402][T10826] name failslab, interval 1, probability 0, space 0, times 0
[  155.173094][T10826] CPU: 1 UID: 0 PID: 10826 Comm: syz.5.2941 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  155.173199][T10826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  155.173213][T10826] Call Trace:
[  155.173220][T10826]  <TASK>
[  155.173228][T10826]  dump_stack_lvl+0xf2/0x150
[  155.173260][T10826]  dump_stack+0x15/0x1a
[  155.173285][T10826]  should_fail_ex+0x24a/0x260
[  155.173322][T10826]  should_failslab+0x8f/0xb0
[  155.173374][T10826]  kmem_cache_alloc_noprof+0x52/0x320
[  155.173408][T10826]  ? skb_clone+0x154/0x1f0
[  155.173495][T10826]  ? mod_objcg_state+0x2ea/0x4f0
[  155.173536][T10826]  skb_clone+0x154/0x1f0
[  155.173569][T10826]  dev_queue_xmit_nit+0x14b/0x680
[  155.173589][T10826]  ? cgroup_rstat_updated+0x9f/0x570
[  155.173696][T10826]  ? __rcu_read_unlock+0x4e/0x70
[  155.173771][T10826]  dev_hard_start_xmit+0xcc/0x3f0
[  155.173842][T10826]  ? validate_xmit_skb+0x645/0x830
[  155.173876][T10826]  __dev_queue_xmit+0x100a/0x2090
[  155.173910][T10826]  ? __dev_queue_xmit+0x186/0x2090
[  155.174015][T10826]  __netlink_deliver_tap+0x3be/0x4f0
[  155.174054][T10826]  netlink_unicast+0x64a/0x670
[  155.174091][T10826]  netlink_sendmsg+0x5cc/0x6e0
[  155.174134][T10826]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.174247][T10826]  __sock_sendmsg+0x140/0x180
[  155.174271][T10826]  ____sys_sendmsg+0x312/0x410
[  155.174309][T10826]  __sys_sendmsg+0x19d/0x230
[  155.174394][T10826]  __x64_sys_sendmsg+0x46/0x50
[  155.174428][T10826]  x64_sys_call+0x2734/0x2dc0
[  155.174464][T10826]  do_syscall_64+0xc9/0x1c0
[  155.174492][T10826]  ? clear_bhb_loop+0x55/0xb0
[  155.174529][T10826]  ? clear_bhb_loop+0x55/0xb0
[  155.174626][T10826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.174677][T10826] RIP: 0033:0x7f4345d3cde9
[  155.174758][T10826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.174780][T10826] RSP: 002b:00007f43443a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  155.174803][T10826] RAX: ffffffffffffffda RBX: 00007f4345f55fa0 RCX: 00007f4345d3cde9
[  155.174818][T10826] RDX: 0000000000000000 RSI: 0000400000000680 RDI: 0000000000000003
[  155.174831][T10826] RBP: 00007f43443a7090 R08: 0000000000000000 R09: 0000000000000000
[  155.174842][T10826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.174918][T10826] R13: 0000000000000000 R14: 00007f4345f55fa0 R15: 00007ffc8278e508
[  155.174939][T10826]  </TASK>
[  155.500055][T10832] loop5: detected capacity change from 0 to 512
[  155.507963][T10832] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  155.541587][T10832] EXT4-fs (loop5): 1 truncate cleaned up
[  155.772274][T10835] lo speed is unknown, defaulting to 1000
[  155.787750][T10835] lo speed is unknown, defaulting to 1000
[  155.878465][T10835] chnl_net:caif_netlink_parms(): no params data found
[  155.919067][T10835] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.926207][T10835] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.933567][T10835] bridge_slave_0: entered allmulticast mode
[  155.964924][T10835] bridge_slave_0: entered promiscuous mode
[  155.988927][T10835] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.996122][T10835] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.019016][T10835] bridge_slave_1: entered allmulticast mode
[  156.041178][T10835] bridge_slave_1: entered promiscuous mode
[  156.061999][T10191] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.099290][T10835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.112689][T10835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.138696][T10835] team0: Port device team_slave_0 added
[  156.160781][T10191] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.176206][T10835] team0: Port device team_slave_1 added
[  156.183910][T10860] FAULT_INJECTION: forcing a failure.
[  156.183910][T10860] name failslab, interval 1, probability 0, space 0, times 0
[  156.196757][T10860] CPU: 1 UID: 0 PID: 10860 Comm: syz.6.2950 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  156.196781][T10860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  156.196793][T10860] Call Trace:
[  156.196798][T10860]  <TASK>
[  156.196804][T10860]  dump_stack_lvl+0xf2/0x150
[  156.196832][T10860]  dump_stack+0x15/0x1a
[  156.196873][T10860]  should_fail_ex+0x24a/0x260
[  156.196913][T10860]  should_failslab+0x8f/0xb0
[  156.196943][T10860]  kmem_cache_alloc_noprof+0x52/0x320
[  156.196978][T10860]  ? security_file_alloc+0x32/0x100
[  156.197056][T10860]  security_file_alloc+0x32/0x100
[  156.197160][T10860]  init_file+0x5d/0x1b0
[  156.197271][T10860]  alloc_empty_file+0xea/0x200
[  156.197340][T10860]  alloc_file_pseudo+0xc9/0x160
[  156.197378][T10860]  sock_alloc_file+0x9b/0x1e0
[  156.197403][T10860]  do_accept+0x1e3/0x390
[  156.197434][T10860]  __sys_accept4+0xc3/0x150
[  156.197457][T10860]  __x64_sys_accept4+0x53/0x60
[  156.197485][T10860]  x64_sys_call+0x2824/0x2dc0
[  156.197561][T10860]  do_syscall_64+0xc9/0x1c0
[  156.197590][T10860]  ? clear_bhb_loop+0x55/0xb0
[  156.197624][T10860]  ? clear_bhb_loop+0x55/0xb0
[  156.197761][T10860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.197792][T10860] RIP: 0033:0x7f69a648cde9
[  156.197810][T10860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.197831][T10860] RSP: 002b:00007f69a4af1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  156.197862][T10860] RAX: ffffffffffffffda RBX: 00007f69a66a5fa0 RCX: 00007f69a648cde9
[  156.197874][T10860] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  156.197884][T10860] RBP: 00007f69a4af1090 R08: 0000000000000000 R09: 0000000000000000
[  156.197895][T10860] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  156.197907][T10860] R13: 0000000000000000 R14: 00007f69a66a5fa0 R15: 00007ffc57955f58
[  156.197927][T10860]  </TASK>
[  156.433470][T10835] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.440571][T10835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.443959][T10864] loop0: detected capacity change from 0 to 128
[  156.466613][T10835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.477433][T10835] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.490650][T10835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.516656][T10835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.537684][T10191] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.542818][T10867] loop6: detected capacity change from 0 to 512
[  156.560342][T10867] EXT4-fs (loop6): orphan cleanup on readonly fs
[  156.562770][T10870] loop5: detected capacity change from 0 to 128
[  156.579853][T10867] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2954: bg 0: block 248: padding at end of block bitmap is not set
[  156.599347][T10867] __quota_error: 123 callbacks suppressed
[  156.599365][T10867] Quota error (device loop6): write_blk: dquota write failed
[  156.612617][T10867] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  156.622698][T10867] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.2954: Failed to acquire dquot type 1
[  156.637443][T10835] hsr_slave_0: entered promiscuous mode
[  156.644017][T10835] hsr_slave_1: entered promiscuous mode
[  156.654768][T10867] EXT4-fs (loop6): 1 truncate cleaned up
[  156.664050][T10867] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  156.664815][T10191] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.685516][T10867] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  156.696835][T10867] Quota error (device loop6): do_check_range: Getting block 1536 out of range 0-5
[  156.735763][T10191] bridge_slave_1: left allmulticast mode
[  156.741506][T10191] bridge_slave_1: left promiscuous mode
[  156.747170][T10191] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.754982][T10191] bridge_slave_0: left promiscuous mode
[  156.760746][T10191] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.842355][T10880] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2966'.
[  156.853695][   T29] audit: type=1326 audit(1739044580.174:21864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10881 comm="syz.2.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6875d8cde9 code=0x7ffc0000
[  156.878037][   T29] audit: type=1326 audit(1739044580.174:21865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10881 comm="syz.2.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6875d8cde9 code=0x7ffc0000
[  156.901895][   T29] audit: type=1326 audit(1739044580.174:21866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10881 comm="syz.2.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f6875d8cde9 code=0x7ffc0000
[  156.925587][   T29] audit: type=1326 audit(1739044580.174:21867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10881 comm="syz.2.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6875d8cde9 code=0x7ffc0000
[  156.949396][   T29] audit: type=1326 audit(1739044580.174:21868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10881 comm="syz.2.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6875d8cde9 code=0x7ffc0000
[  156.973114][   T29] audit: type=1326 audit(1739044580.174:21869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10881 comm="syz.2.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6875d8cde9 code=0x7ffc0000
[  156.996765][   T29] audit: type=1326 audit(1739044580.174:21870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10881 comm="syz.2.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6875d8cde9 code=0x7ffc0000
[  157.026519][T10191] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  157.037484][T10191] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  157.047203][T10191] bond0 (unregistering): Released all slaves
[  157.055754][T10191] bond1 (unregistering): Released all slaves
[  157.088542][T10884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2958'.
[  157.117352][T10884] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  157.124862][T10884] batman_adv: batadv0: Removing interface: batadv_slave_0
[  157.137728][T10884] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  157.145180][T10884] batman_adv: batadv0: Removing interface: batadv_slave_1
[  157.163945][T10191] hsr_slave_0: left promiscuous mode
[  157.173049][T10191] hsr_slave_1: left promiscuous mode
[  157.179996][T10191] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  157.187661][T10191] batman_adv: batadv0: Removing interface: batadv_slave_0
[  157.199706][T10191] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  157.207156][T10191] batman_adv: batadv0: Removing interface: batadv_slave_1
[  157.216248][T10191] bridge_slave_0: left allmulticast mode
[  157.222069][T10191] veth1_vlan: left promiscuous mode
[  157.227495][T10191] veth0_vlan: left promiscuous mode
[  157.469988][T10897] loop6: detected capacity change from 0 to 128
[  157.535719][T10899] bridge0: entered promiscuous mode
[  157.555741][T10899] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2967'.
[  157.573212][T10899] bridge0 (unregistering): left promiscuous mode
[  157.616601][T10835] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  157.652231][T10835] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  157.662062][T10835] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  157.675407][T10835] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  157.797755][T10835] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.825393][T10835] 8021q: adding VLAN 0 to HW filter on device team0
[  157.842994][T10914] loop6: detected capacity change from 0 to 512
[  157.856044][T10115] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.863214][T10115] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.876163][T10914] EXT4-fs (loop6): orphan cleanup on readonly fs
[  157.883298][T10115] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.890462][T10115] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.903086][T10914] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2972: bg 0: block 248: padding at end of block bitmap is not set
[  157.947036][T10914] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.2972: Failed to acquire dquot type 1
[  157.963405][T10835] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  157.974059][T10835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  158.005994][T10914] EXT4-fs (loop6): 1 truncate cleaned up
[  158.020534][T10914] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  158.047482][T10914] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  158.107261][T10835] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.217737][T10835] veth0_vlan: entered promiscuous mode
[  158.228852][T10835] veth1_vlan: entered promiscuous mode
[  158.244409][T10941] loop5: detected capacity change from 0 to 128
[  158.245142][T10835] veth0_macvtap: entered promiscuous mode
[  158.259956][T10835] veth1_macvtap: entered promiscuous mode
[  158.269922][T10835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.280483][T10835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.291521][T10835] batman_adv: batadv0: Interface activated: batadv_slave_0
[  158.303089][T10835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.313605][T10835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.324540][T10835] batman_adv: batadv0: Interface activated: batadv_slave_1
[  158.337496][T10835] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  158.346439][T10835] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  158.355154][T10835] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  158.363994][T10835] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.402752][T10948] loop5: detected capacity change from 0 to 128
[  158.432465][T10951] bridge0: entered promiscuous mode
[  158.445620][T10951] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2980'.
[  158.457457][T10951] bridge_slave_1: left allmulticast mode
[  158.463290][T10951] bridge_slave_1: left promiscuous mode
[  158.469138][T10951] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.483428][T10951] bridge_slave_0: left allmulticast mode
[  158.489215][T10951] bridge_slave_0: left promiscuous mode
[  158.495090][T10951] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.519299][T10951] bridge0 (unregistering): left promiscuous mode
[  158.588868][ T1040] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  158.695458][T10127] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  158.710870][T10962] loop5: detected capacity change from 0 to 512
[  158.737130][T10962] EXT4-fs (loop5): orphan cleanup on readonly fs
[  158.748934][T10967] FAULT_INJECTION: forcing a failure.
[  158.748934][T10967] name failslab, interval 1, probability 0, space 0, times 0
[  158.761796][T10967] CPU: 0 UID: 0 PID: 10967 Comm: syz.6.2985 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  158.761821][T10967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  158.761915][T10967] Call Trace:
[  158.761922][T10967]  <TASK>
[  158.761931][T10967]  dump_stack_lvl+0xf2/0x150
[  158.761958][T10967]  dump_stack+0x15/0x1a
[  158.761979][T10967]  should_fail_ex+0x24a/0x260
[  158.762020][T10967]  should_failslab+0x8f/0xb0
[  158.762051][T10967]  __kmalloc_node_noprof+0xad/0x410
[  158.762138][T10967]  ? __kvmalloc_node_noprof+0x72/0x170
[  158.762161][T10967]  ? security_sid_to_context_core+0x2b8/0x2f0
[  158.762199][T10967]  __kvmalloc_node_noprof+0x72/0x170
[  158.762270][T10967]  simple_xattr_alloc+0x43/0x90
[  158.762306][T10967]  shmem_initxattrs+0x18a/0x2f0
[  158.762361][T10967]  ? __pfx_shmem_initxattrs+0x10/0x10
[  158.762463][T10967]  security_inode_init_security+0x257/0x330
[  158.762505][T10967]  shmem_mknod+0xa8/0x180
[  158.762530][T10967]  vfs_mknod+0x2d4/0x310
[  158.762623][T10967]  unix_bind+0x2de/0x870
[  158.762658][T10967]  __sys_bind+0x10c/0x190
[  158.762734][T10967]  __x64_sys_bind+0x41/0x50
[  158.762758][T10967]  x64_sys_call+0x20ab/0x2dc0
[  158.762852][T10967]  do_syscall_64+0xc9/0x1c0
[  158.762878][T10967]  ? clear_bhb_loop+0x55/0xb0
[  158.762975][T10967]  ? clear_bhb_loop+0x55/0xb0
[  158.763031][T10967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.763060][T10967] RIP: 0033:0x7f69a648cde9
[  158.763078][T10967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.763098][T10967] RSP: 002b:00007f69a4af1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  158.763116][T10967] RAX: ffffffffffffffda RBX: 00007f69a66a5fa0 RCX: 00007f69a648cde9
[  158.763150][T10967] RDX: 000000000000006e RSI: 00004000000000c0 RDI: 0000000000000006
[  158.763165][T10967] RBP: 00007f69a4af1090 R08: 0000000000000000 R09: 0000000000000000
[  158.763180][T10967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  158.763194][T10967] R13: 0000000000000000 R14: 00007f69a66a5fa0 R15: 00007ffc57955f58
[  158.763212][T10967]  </TASK>
[  158.925361][   T35] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  158.985598][T10962] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2996: bg 0: block 248: padding at end of block bitmap is not set
[  159.005120][T10962] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.2996: Failed to acquire dquot type 1
[  159.018822][T10962] EXT4-fs (loop5): 1 truncate cleaned up
[  159.042424][T10962] EXT4-fs mount: 29 callbacks suppressed
[  159.042441][T10962] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  159.088453][T10962] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  159.115788][T10962] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  159.255119][T10983] loop6: detected capacity change from 0 to 128
[  159.281328][T10981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2992'.
[  159.354455][T10988] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=48 sclass=netlink_audit_socket pid=10988 comm=syz.6.2995
[  159.367572][T10987] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=44 sclass=netlink_audit_socket pid=10987 comm=syz.6.2995
[  159.484198][T10994] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  159.546583][ T4099] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.622501][T11011] loop5: detected capacity change from 0 to 512
[  159.637626][T11011] EXT4-fs (loop5): orphan cleanup on readonly fs
[  159.644478][T11011] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3015: bg 0: block 248: padding at end of block bitmap is not set
[  159.669895][T11011] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3015: Failed to acquire dquot type 1
[  159.685131][T11011] EXT4-fs (loop5): 1 truncate cleaned up
[  159.692524][T11011] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  159.711414][T11011] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  159.728882][T11011] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  160.301938][T11023] loop6: detected capacity change from 0 to 128
[  160.419339][T11032] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3011'.
[  160.428418][T11032] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.436055][T11032] batman_adv: batadv0: Removing interface: batadv_slave_0
[  160.454277][T11032] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  160.463189][T11032] batman_adv: batadv0: Removing interface: batadv_slave_1
[  160.477070][ T4099] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.545621][T11043] lo speed is unknown, defaulting to 1000
[  160.594830][T11043] chnl_net:caif_netlink_parms(): no params data found
[  160.629342][T11043] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.636556][T11043] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.643744][T11043] bridge_slave_0: entered allmulticast mode
[  160.650334][T11043] bridge_slave_0: entered promiscuous mode
[  160.657512][T11043] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.664569][T11043] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.671888][T11043] bridge_slave_1: entered allmulticast mode
[  160.678453][T11043] bridge_slave_1: entered promiscuous mode
[  160.696994][T11043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  160.707441][T11043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  160.727231][T11043] team0: Port device team_slave_0 added
[  160.733731][T11043] team0: Port device team_slave_1 added
[  160.750016][T11043] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.757013][T11043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.783113][T11043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  160.794602][T11043] batman_adv: batadv0: Adding interface: batadv_slave_1
[  160.801599][T11043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.827647][T11043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  160.854546][T11043] hsr_slave_0: entered promiscuous mode
[  160.860707][T11043] hsr_slave_1: entered promiscuous mode
[  160.866892][T11043] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  160.874456][T11043] Cannot create hsr debugfs directory
[  161.038896][T11063] loop2: detected capacity change from 0 to 512
[  161.050670][T11063] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.3019: Invalid inode bitmap blk 4 in block_group 0
[  161.064240][T11063] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.079771][T11063] ------------[ cut here ]------------
[  161.085372][T11063] bad length passed for symlink [/tmp/syz-imagegen2884317625/] (got 39, expected 29)
[  161.085782][T11063] WARNING: CPU: 0 PID: 11063 at ./include/linux/fs.h:803 inode_set_cached_link+0xc4/0xd0
[  161.105379][T11063] Modules linked in:
[  161.109363][T11063] CPU: 0 UID: 0 PID: 11063 Comm: syz.2.3019 Not tainted 6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  161.120235][T11063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  161.130378][T11063] RIP: 0010:inode_set_cached_link+0xc4/0xd0
[  161.136364][T11063] Code: ff 48 c7 c7 5a f7 b2 86 e8 09 60 c4 ff c6 05 dc 4e 0b 05 01 90 48 c7 c7 04 92 1a 86 4c 89 f6 89 ea 44 89 f9 e8 0d 7e 8c ff 90 <0f> 0b 90 90 eb 84 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90
[  161.156115][T11063] RSP: 0018:ffffc90000e6fa58 EFLAGS: 00010246
[  161.162214][T11063] RAX: 2f2def665f671000 RBX: ffff8881162b6e28 RCX: 0000000000080000
[  161.170247][T11063] RDX: ffffc90014f8e000 RSI: 0000000000000c1a RDI: 0000000000000c1b
[  161.178313][T11063] RBP: 0000000000000027 R08: ffffffff81342807 R09: 0000000000000000
[  161.186333][T11063] R10: 0001ffffffffffff R11: ffff888101476300 R12: ffff8881162b6e28
[  161.194366][T11063] R13: ffff8881162b6e50 R14: ffff8881162b6d00 R15: 000000000000001d
[  161.202445][T11063] FS:  00007f68743f76c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[  161.211424][T11063] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  161.218068][T11063] CR2: 0000001b2e61fffc CR3: 000000010c3e8000 CR4: 00000000003506f0
[  161.226093][T11063] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  161.234131][T11063] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  161.242152][T11063] Call Trace:
[  161.245456][T11063]  <TASK>
[  161.248398][T11063]  ? __warn+0x141/0x350
[  161.252667][T11063]  ? report_bug+0x315/0x420
[  161.257226][T11063]  ? inode_set_cached_link+0xc4/0xd0
[  161.262600][T11063]  ? handle_bug+0x60/0x90
[  161.267053][T11063]  ? exc_invalid_op+0x1a/0x50
[  161.271766][T11063]  ? asm_exc_invalid_op+0x1a/0x20
[  161.276880][T11063]  ? __warn_printk+0x167/0x1b0
[  161.281676][T11063]  ? inode_set_cached_link+0xc4/0xd0
[  161.287100][T11063]  ? inode_set_cached_link+0xc3/0xd0
[  161.292439][T11063]  __ext4_iget+0x1bb5/0x1e20
[  161.297162][T11063]  ext4_lookup+0x15b/0x390
[  161.301643][T11063]  __lookup_slow+0x18a/0x250
[  161.306359][T11063]  lookup_slow+0x3c/0x60
[  161.310651][T11063]  walk_component+0x1f5/0x230
[  161.315493][T11063]  ? path_lookupat+0xfd/0x2b0
[  161.320300][T11063]  path_lookupat+0x10a/0x2b0
[  161.324936][T11063]  filename_lookup+0x150/0x340
[  161.329845][T11063]  user_path_at+0x3c/0x120
[  161.334286][T11063]  __se_sys_mount+0x24b/0x2d0
[  161.339056][T11063]  ? restore_fpregs_from_fpstate+0x64/0x130
[  161.345018][T11063]  __x64_sys_mount+0x67/0x80
[  161.349777][T11063]  x64_sys_call+0x2c84/0x2dc0
[  161.354498][T11063]  do_syscall_64+0xc9/0x1c0
[  161.359149][T11063]  ? clear_bhb_loop+0x55/0xb0
[  161.363863][T11063]  ? clear_bhb_loop+0x55/0xb0
[  161.368611][T11063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.374575][T11063] RIP: 0033:0x7f6875d8cde9
[  161.379035][T11063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.398699][T11063] RSP: 002b:00007f68743f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  161.407213][T11063] RAX: ffffffffffffffda RBX: 00007f6875fa5fa0 RCX: 00007f6875d8cde9
[  161.415204][T11063] RDX: 0000000000000000 RSI: 0000400000000080 RDI: 0000000000000000
[  161.423253][T11063] RBP: 00007f6875e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  161.431287][T11063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  161.439335][T11063] R13: 0000000000000000 R14: 00007f6875fa5fa0 R15: 00007ffc1c8d0e18
[  161.447443][T11063]  </TASK>
[  161.450488][T11063] ---[ end trace 0000000000000000 ]---
[  161.461860][T11068] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.3019: Invalid inode bitmap blk 4 in block_group 0
[  161.487848][T11068] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  161.529829][T10663] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.549546][T11043] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  161.563937][T11043] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  161.573366][T11043] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  161.599568][T11043] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  161.607973][T11074] loop6: detected capacity change from 0 to 128
[  161.707601][T11043] 8021q: adding VLAN 0 to HW filter on device bond0
[  161.724964][T11078] bridge0: entered promiscuous mode
[  161.742556][T11043] 8021q: adding VLAN 0 to HW filter on device team0
[  161.749809][T11078] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3023'.
[  161.753356][T10191] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.765806][T10191] bridge0: port 1(bridge_slave_0) entered forwarding state
[  161.781641][T11078] bridge0 (unregistering): left promiscuous mode
[  161.835753][T10191] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.842853][T10191] bridge0: port 2(bridge_slave_1) entered forwarding state
[  161.921653][T11043] 8021q: adding VLAN 0 to HW filter on device batadv0
[  161.974252][T11091] loop6: detected capacity change from 0 to 512
[  162.011264][T11091] EXT4-fs (loop6): orphan cleanup on readonly fs
[  162.026208][T11043] veth0_vlan: entered promiscuous mode
[  162.033866][T11091] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3027: bg 0: block 248: padding at end of block bitmap is not set
[  162.041046][T11043] veth1_vlan: entered promiscuous mode
[  162.062999][T11091] __quota_error: 104 callbacks suppressed
[  162.063017][T11091] Quota error (device loop6): write_blk: dquota write failed
[  162.070919][T11043] veth0_macvtap: entered promiscuous mode
[  162.076217][T11091] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  162.089441][T11043] veth1_macvtap: entered promiscuous mode
[  162.091886][T11091] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.3027: Failed to acquire dquot type 1
[  162.118337][T11091] EXT4-fs (loop6): 1 truncate cleaned up
[  162.128539][T11043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  162.139219][T11043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.154075][T11091] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  162.167679][T11043] batman_adv: batadv0: Interface activated: batadv_slave_0
[  162.180615][T11091] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  162.182596][T11043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  162.200709][T11043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.211184][T11091] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  162.211858][T11043] batman_adv: batadv0: Interface activated: batadv_slave_1
[  162.231009][T11091] Quota error (device loop6): do_check_range: Getting block 1536 out of range 0-5
[  162.232890][T11043] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  162.249299][T11043] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  162.258099][T11043] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  162.266942][T11043] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  162.311475][   T29] audit: type=1400 audit(1739044585.634:21966): avc:  denied  { connect } for  pid=11100 comm="syz.3.3039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  162.332890][   T29] audit: type=1400 audit(1739044585.654:21967): avc:  denied  { getopt } for  pid=11100 comm="syz.3.3039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  162.608242][T11112] sctp: [Deprecated]: syz.0.3041 (pid 11112) Use of int in max_burst socket option.
[  162.608242][T11112] Use struct sctp_assoc_value instead
[  162.626524][   T29] audit: type=1400 audit(1739044585.934:21968): avc:  denied  { write } for  pid=11107 comm="syz.0.3041" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  162.651348][T11112] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.697832][T11112] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.733992][T11114] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3041'.
[  162.743245][T11114] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3041'.
[  162.752293][T11114] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3041'.
[  162.770115][T11112] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.793081][T11114] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3041'.
[  162.802269][T11114] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3041'.
[  162.811352][T11114] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3041'.
[  162.829715][T11124] loop2: detected capacity change from 0 to 512
[  162.837993][T11124] EXT4-fs (loop2): orphan cleanup on readonly fs
[  162.845130][T11112] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.863914][T11124] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3032: bg 0: block 248: padding at end of block bitmap is not set
[  162.881972][ T4661] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.889790][T11114] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3041'.
[  162.900005][T11114] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3041'.
[  162.903608][T11124] Quota error (device loop2): write_blk: dquota write failed
[  162.908968][T11114] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3041'.
[  162.925790][T11124] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  162.935827][T11124] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.3032: Failed to acquire dquot type 1
[  162.959710][T11124] EXT4-fs (loop2): 1 truncate cleaned up
[  162.967966][T11129] loop6: detected capacity change from 0 to 128
[  162.975256][T11124] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  163.009016][T11124] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  163.030081][T11131] loop3: detected capacity change from 0 to 512
[  163.037655][T11124] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  163.052871][   T29] audit: type=1326 audit(1739044586.364:21969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.6.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69a648cde9 code=0x7ffc0000
[  163.054139][T11131] EXT4-fs (loop3): orphan cleanup on readonly fs
[  163.076771][   T29] audit: type=1326 audit(1739044586.364:21970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11133 comm="syz.6.3035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69a648cde9 code=0x7ffc0000
[  163.123311][T11131] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3049: bg 0: block 248: padding at end of block bitmap is not set
[  163.164764][T11131] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3049: Failed to acquire dquot type 1
[  163.192223][T11142] tmpfs: Bad value for 'mpol'
[  163.221826][T11131] EXT4-fs (loop3): 1 truncate cleaned up
[  163.234983][T11131] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  163.289527][T11131] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  163.307096][T11131] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  163.641423][T10663] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.869083][T10835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.911952][T11160] loop3: detected capacity change from 0 to 128
[  164.298232][T11179] loop3: detected capacity change from 0 to 512
[  164.311412][T11179] EXT4-fs (loop3): orphan cleanup on readonly fs
[  164.326995][T11179] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3058: bg 0: block 248: padding at end of block bitmap is not set
[  164.342711][T11179] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.3058: Failed to acquire dquot type 1
[  164.364490][T11186] loop5: detected capacity change from 0 to 512
[  164.374706][T11179] EXT4-fs (loop3): 1 truncate cleaned up
[  164.383101][T11186] EXT4-fs (loop5): orphan cleanup on readonly fs
[  164.383186][T11179] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  164.393182][T11186] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3060: bg 0: block 248: padding at end of block bitmap is not set
[  164.421243][T11186] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3060: Failed to acquire dquot type 1
[  164.432867][T11179] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  164.442819][T11186] EXT4-fs (loop5): 1 truncate cleaned up
[  164.449504][T11186] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  164.465792][T11179] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  164.476430][T11186] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  164.495924][T11186] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  165.133690][T10835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.206097][ T4099] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.220412][T11195] loop2: detected capacity change from 0 to 128
[  165.224148][T11196] loop6: detected capacity change from 0 to 512
[  165.244824][T11196] EXT4-fs (loop6): orphan cleanup on readonly fs
[  165.273401][T11196] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3074: bg 0: block 248: padding at end of block bitmap is not set
[  165.293119][T11196] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.3074: Failed to acquire dquot type 1
[  165.309785][T11196] EXT4-fs (loop6): 1 truncate cleaned up
[  165.316340][T11196] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  165.332374][T11196] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  165.358644][T11196] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  165.750866][T11112] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  165.762125][T11112] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  165.773451][T11112] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  165.785054][T11112] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.812841][T11228] loop5: detected capacity change from 0 to 128
[  165.829441][T11230] loop0: detected capacity change from 0 to 512
[  165.841069][T11230] EXT4-fs (loop0): orphan cleanup on readonly fs
[  165.868361][T11230] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3077: bg 0: block 248: padding at end of block bitmap is not set
[  165.892341][T11230] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.3077: Failed to acquire dquot type 1
[  165.904963][T11230] EXT4-fs (loop0): 1 truncate cleaned up
[  165.912923][T11230] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  165.932135][T11230] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  165.943191][T11233] xt_recent: Unsupported userspace flags (000000da)
[  165.955738][T11230] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  166.065183][ T4661] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.665354][T11043] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.709799][T11246] loop5: detected capacity change from 0 to 512
[  166.721245][T11246] EXT4-fs (loop5): orphan cleanup on readonly fs
[  166.743341][T11246] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3094: bg 0: block 248: padding at end of block bitmap is not set
[  166.825449][T11246] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.3094: Failed to acquire dquot type 1
[  166.883275][T11246] EXT4-fs (loop5): 1 truncate cleaned up
[  166.889687][T11246] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  166.903407][T11246] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  166.946594][T11246] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  166.951714][T11263] loop2: detected capacity change from 0 to 128
[  166.993711][T11269] sctp: [Deprecated]: syz.3.3092 (pid 11269) Use of int in max_burst socket option.
[  166.993711][T11269] Use struct sctp_assoc_value instead
[  167.020454][T11269] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.064820][T11269] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.084040][T11276] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3092'.
[  167.118987][T11269] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.198242][T11269] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.262951][T11269] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  167.274513][T11269] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.286207][T11269] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.297634][T11269] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  167.461893][T11286] FAULT_INJECTION: forcing a failure.
[  167.461893][T11286] name failslab, interval 1, probability 0, space 0, times 0
[  167.474649][T11286] CPU: 0 UID: 0 PID: 11286 Comm: syz.3.3101 Tainted: G        W          6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  167.474758][T11286] Tainted: [W]=WARN
[  167.474766][T11286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  167.474780][T11286] Call Trace:
[  167.474802][T11286]  <TASK>
[  167.474811][T11286]  dump_stack_lvl+0xf2/0x150
[  167.474838][T11286]  dump_stack+0x15/0x1a
[  167.474857][T11286]  should_fail_ex+0x24a/0x260
[  167.474895][T11286]  should_failslab+0x8f/0xb0
[  167.474933][T11286]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  167.474967][T11286]  ? create_local_trace_uprobe+0x103/0x2d0
[  167.475062][T11286]  kstrdup+0x38/0x80
[  167.475087][T11286]  create_local_trace_uprobe+0x103/0x2d0
[  167.475112][T11286]  ? perf_uprobe_init+0xac/0x140
[  167.475157][T11286]  perf_uprobe_init+0xc2/0x140
[  167.475192][T11286]  perf_uprobe_event_init+0xe2/0x140
[  167.475298][T11286]  perf_try_init_event+0xcb/0x4f0
[  167.475330][T11286]  ? perf_event_alloc+0xac6/0x12e0
[  167.475361][T11286]  perf_event_alloc+0xad1/0x12e0
[  167.475435][T11286]  __se_sys_perf_event_open+0x5ac/0x2230
[  167.475465][T11286]  ? proc_fail_nth_write+0x12a/0x150
[  167.475491][T11286]  ? vfs_write+0x551/0x920
[  167.475588][T11286]  ? putname+0xcf/0xf0
[  167.475678][T11286]  __x64_sys_perf_event_open+0x67/0x80
[  167.475708][T11286]  x64_sys_call+0x1deb/0x2dc0
[  167.475739][T11286]  do_syscall_64+0xc9/0x1c0
[  167.475768][T11286]  ? clear_bhb_loop+0x55/0xb0
[  167.475839][T11286]  ? clear_bhb_loop+0x55/0xb0
[  167.475923][T11286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.475948][T11286] RIP: 0033:0x7f12266dcde9
[  167.475964][T11286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.476023][T11286] RSP: 002b:00007f1224d41038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  167.476044][T11286] RAX: ffffffffffffffda RBX: 00007f12268f5fa0 RCX: 00007f12266dcde9
[  167.476066][T11286] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000400000000000
[  167.476080][T11286] RBP: 00007f1224d41090 R08: 0000000000000000 R09: 0000000000000000
[  167.476104][T11286] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[  167.476118][T11286] R13: 0000000000000000 R14: 00007f12268f5fa0 R15: 00007fff123e8b28
[  167.476154][T11286]  </TASK>
[  167.717792][ T4099] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.777991][T11290] __nla_validate_parse: 8 callbacks suppressed
[  167.778011][T11290] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3102'.
[  167.868735][T11299] loop5: detected capacity change from 0 to 128
[  167.948217][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3111'.
[  167.957302][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3111'.
[  167.966342][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3111'.
[  167.994039][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3111'.
[  168.003172][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3111'.
[  168.012217][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3111'.
[  168.034814][T11316] loop0: detected capacity change from 0 to 512
[  168.066431][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3111'.
[  168.075507][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3111'.
[  168.084539][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3111'.
[  168.117218][T11316] EXT4-fs (loop0): orphan cleanup on readonly fs
[  168.137761][T11316] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3114: bg 0: block 248: padding at end of block bitmap is not set
[  168.179801][T11316] __quota_error: 119 callbacks suppressed
[  168.179821][T11316] Quota error (device loop0): write_blk: dquota write failed
[  168.193094][T11316] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  168.203056][T11316] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.3114: Failed to acquire dquot type 1
[  168.222376][T11330] loop6: detected capacity change from 0 to 128
[  168.243935][   T29] audit: type=1400 audit(1739044591.564:22071): avc:  denied  { setopt } for  pid=11331 comm="syz.2.3121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  168.301990][T11316] EXT4-fs (loop0): 1 truncate cleaned up
[  168.309770][T11316] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  168.358288][T11316] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  168.385748][T11327] lo speed is unknown, defaulting to 1000
[  168.391819][T11316] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  168.419931][T11316] Quota error (device loop0): do_check_range: Getting block 1536 out of range 0-5
[  168.504347][T11327] chnl_net:caif_netlink_parms(): no params data found
[  168.550081][T11327] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.557319][T11327] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.565791][T11327] bridge_slave_0: entered allmulticast mode
[  168.572400][T11327] bridge_slave_0: entered promiscuous mode
[  168.588080][T10127] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.602664][T11327] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.609958][T11327] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.624345][T11327] bridge_slave_1: entered allmulticast mode
[  168.631026][T11327] bridge_slave_1: entered promiscuous mode
[  168.649542][T10127] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.671834][T11327] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.686499][T11327] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.703590][T10127] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.731033][T11327] team0: Port device team_slave_0 added
[  168.738451][T11327] team0: Port device team_slave_1 added
[  168.762933][T10127] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.774849][T11327] batman_adv: batadv0: Adding interface: batadv_slave_0
[  168.782055][T11327] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.808095][T11327] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  168.825957][T11327] batman_adv: batadv0: Adding interface: batadv_slave_1
[  168.832932][T11327] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.859041][T11327] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  168.874308][T11043] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.003817][T10127] bond0 (unregistering): Released all slaves
[  169.022129][T10127] bond1 (unregistering): Released all slaves
[  169.033894][T11327] hsr_slave_0: entered promiscuous mode
[  169.041430][T11327] hsr_slave_1: entered promiscuous mode
[  169.047450][T11327] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  169.055173][T11327] Cannot create hsr debugfs directory
[  169.085119][T10127] hsr_slave_0: left promiscuous mode
[  169.094400][T10127] hsr_slave_1: left promiscuous mode
[  169.102485][T10127] veth1_macvtap: left promiscuous mode
[  169.111470][T10127] veth0_macvtap: left promiscuous mode
[  169.119023][T10127] veth1_vlan: left promiscuous mode
[  169.124325][T10127] veth0_vlan: left promiscuous mode
[  169.181598][T10127] team0 (unregistering): Port device batadv3 removed
[  169.306522][T11365] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  169.318238][   T29] audit: type=1400 audit(1739044592.644:22072): avc:  denied  { bind } for  pid=11364 comm="syz.3.3129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  169.337893][   T29] audit: type=1400 audit(1739044592.644:22073): avc:  denied  { name_bind } for  pid=11364 comm="syz.3.3129" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  169.360422][   T29] audit: type=1400 audit(1739044592.644:22074): avc:  denied  { node_bind } for  pid=11364 comm="syz.3.3129" saddr=127.0.0.1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  169.384459][   T29] audit: type=1400 audit(1739044592.644:22075): avc:  denied  { listen } for  pid=11364 comm="syz.3.3129" laddr=127.0.0.1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  169.454637][   T29] audit: type=1326 audit(1739044592.774:22076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11368 comm="syz.0.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbfd06cde9 code=0x7ffc0000
[  169.478488][   T29] audit: type=1326 audit(1739044592.774:22077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11368 comm="syz.0.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbfd06cde9 code=0x7ffc0000
[  169.560608][T11373] loop3: detected capacity change from 0 to 128
[  169.624929][T11381] loop2: detected capacity change from 0 to 512
[  169.645849][T11381] EXT4-fs (loop2): orphan cleanup on readonly fs
[  169.687341][T11381] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3135: bg 0: block 248: padding at end of block bitmap is not set
[  169.775277][T11381] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.3135: Failed to acquire dquot type 1
[  169.828562][T11381] EXT4-fs (loop2): 1 truncate cleaned up
[  169.841784][T11381] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  169.893932][T11327] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  169.912569][T11381] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  169.924687][T11327] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  169.935517][T11381] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  169.949237][T11327] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  169.964150][T11327] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  170.088537][T11327] 8021q: adding VLAN 0 to HW filter on device bond0
[  170.124005][T11327] 8021q: adding VLAN 0 to HW filter on device team0
[  170.149684][T10132] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.156818][T10132] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.171329][T10132] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.178505][T10132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.237517][T11327] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  170.333911][T11327] 8021q: adding VLAN 0 to HW filter on device batadv0
[  170.466322][T10663] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.504795][T11408] loop2: detected capacity change from 0 to 512
[  170.519968][T11408] EXT4-fs (loop2): orphan cleanup on readonly fs
[  170.529322][T11408] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3149: bg 0: block 248: padding at end of block bitmap is not set
[  170.553511][T11327] veth0_vlan: entered promiscuous mode
[  170.568600][T11327] veth1_vlan: entered promiscuous mode
[  170.575483][T11408] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.3149: Failed to acquire dquot type 1
[  170.584808][T11327] veth0_macvtap: entered promiscuous mode
[  170.595181][T11327] veth1_macvtap: entered promiscuous mode
[  170.611828][T11327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.622358][T11327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.622805][T11408] EXT4-fs (loop2): 1 truncate cleaned up
[  170.632312][T11327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  170.648551][T11327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.659724][T11327] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.668301][T11327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.678822][T11327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.687717][T11408] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  170.688773][T11327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  170.711486][T11327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  170.722786][T11327] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.733954][T11327] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.742830][T11327] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.751620][T11327] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.760508][T11327] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.769318][T11408] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  170.787628][T11408] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  170.852120][T11426] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  171.348914][T10663] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.416563][T11435] loop0: detected capacity change from 0 to 128
[  171.636329][    C1] ==================================================================
[  171.644468][    C1] BUG: KCSAN: data-race in can_send / can_send
[  171.650665][    C1] 
[  171.653001][    C1] read-write to 0xffff88810cebe5f0 of 8 bytes by interrupt on cpu 0:
[  171.661083][    C1]  can_send+0x5b6/0x6d0
[  171.665267][    C1]  bcm_can_tx+0x314/0x420
[  171.669612][    C1]  bcm_tx_timeout_handler+0xdb/0x260
[  171.674902][    C1]  __hrtimer_run_queues+0x20d/0x5e0
[  171.680111][    C1]  hrtimer_run_softirq+0xe4/0x2c0
[  171.685139][    C1]  handle_softirqs+0xbf/0x280
[  171.689845][    C1]  run_ksoftirqd+0x1c/0x30
[  171.694271][    C1]  smpboot_thread_fn+0x31c/0x4c0
[  171.699221][    C1]  kthread+0x4ae/0x520
[  171.703314][    C1]  ret_from_fork+0x4b/0x60
[  171.707741][    C1]  ret_from_fork_asm+0x1a/0x30
[  171.712519][    C1] 
[  171.714841][    C1] read-write to 0xffff88810cebe5f0 of 8 bytes by interrupt on cpu 1:
[  171.722902][    C1]  can_send+0x5b6/0x6d0
[  171.727068][    C1]  bcm_can_tx+0x314/0x420
[  171.731399][    C1]  bcm_tx_timeout_handler+0xdb/0x260
[  171.736691][    C1]  __hrtimer_run_queues+0x20d/0x5e0
[  171.741996][    C1]  hrtimer_run_softirq+0xe4/0x2c0
[  171.747044][    C1]  handle_softirqs+0xbf/0x280
[  171.751731][    C1]  do_softirq+0x5e/0x90
[  171.755905][    C1]  __local_bh_enable_ip+0x6e/0x70
[  171.761107][    C1]  _raw_spin_unlock_bh+0x36/0x40
[  171.766075][    C1]  batadv_nc_purge_paths+0x220/0x270
[  171.771394][    C1]  batadv_nc_worker+0x3db/0xad0
[  171.776268][    C1]  process_scheduled_works+0x483/0x9a0
[  171.781777][    C1]  worker_thread+0x51d/0x6f0
[  171.786385][    C1]  kthread+0x4ae/0x520
[  171.790474][    C1]  ret_from_fork+0x4b/0x60
[  171.794905][    C1]  ret_from_fork_asm+0x1a/0x30
[  171.799681][    C1] 
[  171.801999][    C1] value changed: 0x00000000000006e3 -> 0x00000000000006e4
[  171.809102][    C1] 
[  171.811419][    C1] Reported by Kernel Concurrency Sanitizer on:
[  171.817563][    C1] CPU: 1 UID: 0 PID: 293 Comm: kworker/u8:5 Tainted: G        W          6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  171.829812][    C1] Tainted: [W]=WARN
[  171.833615][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  171.843676][    C1] Workqueue: bat_events batadv_nc_worker
[  171.849327][    C1] ==================================================================
[  171.863770][    C0] ==================================================================
[  171.871912][    C0] BUG: KCSAN: data-race in can_receive / can_receive
[  171.878636][    C0] 
[  171.880963][    C0] read-write to 0xffff88810cebe5e8 of 8 bytes by interrupt on cpu 1:
[  171.889043][    C0]  can_receive+0x62/0x1f0
[  171.893413][    C0]  canfd_rcv+0xe7/0x180
[  171.897601][    C0]  __netif_receive_skb+0x123/0x280
[  171.902788][    C0]  process_backlog+0x22e/0x440
[  171.907582][    C0]  __napi_poll+0x63/0x3c0
[  171.911935][    C0]  net_rx_action+0x3a1/0x7f0
[  171.916555][    C0]  handle_softirqs+0xbf/0x280
[  171.921258][    C0]  run_ksoftirqd+0x1c/0x30
[  171.925692][    C0]  smpboot_thread_fn+0x31c/0x4c0
[  171.930647][    C0]  kthread+0x4ae/0x520
[  171.934742][    C0]  ret_from_fork+0x4b/0x60
[  171.939201][    C0]  ret_from_fork_asm+0x1a/0x30
[  171.943991][    C0] 
[  171.946322][    C0] read-write to 0xffff88810cebe5e8 of 8 bytes by interrupt on cpu 0:
[  171.954408][    C0]  can_receive+0x62/0x1f0
[  171.958771][    C0]  canfd_rcv+0xe7/0x180
[  171.962950][    C0]  __netif_receive_skb+0x123/0x280
[  171.968090][    C0]  process_backlog+0x22e/0x440
[  171.972885][    C0]  __napi_poll+0x63/0x3c0
[  171.977243][    C0]  net_rx_action+0x3a1/0x7f0
[  171.981870][    C0]  handle_softirqs+0xbf/0x280
[  171.986573][    C0]  run_ksoftirqd+0x1c/0x30
[  171.991017][    C0]  smpboot_thread_fn+0x31c/0x4c0
[  171.995979][    C0]  kthread+0x4ae/0x520
[  172.000077][    C0]  ret_from_fork+0x4b/0x60
[  172.004518][    C0]  ret_from_fork_asm+0x1a/0x30
[  172.009311][    C0] 
[  172.011645][    C0] value changed: 0x00000000000016b6 -> 0x00000000000016b7
[  172.018756][    C0] 
[  172.021079][    C0] Reported by Kernel Concurrency Sanitizer on:
[  172.027229][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G        W          6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  172.039305][    C0] Tainted: [W]=WARN
[  172.043102][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  172.053158][    C0] ==================================================================
[  172.120327][    C1] ==================================================================
[  172.128464][    C1] BUG: KCSAN: data-race in can_receive / can_receive
[  172.135190][    C1] 
[  172.137523][    C1] read-write to 0xffff88810cebe588 of 8 bytes by interrupt on cpu 0:
[  172.145600][    C1]  can_receive+0x4e/0x1f0
[  172.149964][    C1]  canfd_rcv+0xe7/0x180
[  172.154148][    C1]  __netif_receive_skb+0x123/0x280
[  172.159280][    C1]  process_backlog+0x22e/0x440
[  172.164057][    C1]  __napi_poll+0x63/0x3c0
[  172.168397][    C1]  net_rx_action+0x3a1/0x7f0
[  172.173000][    C1]  handle_softirqs+0xbf/0x280
[  172.177685][    C1]  do_softirq+0x5e/0x90
[  172.181843][    C1]  __local_bh_enable_ip+0x6e/0x70
[  172.186875][    C1]  _raw_spin_unlock_bh+0x36/0x40
[  172.191826][    C1]  nsim_dev_trap_report_work+0x522/0x620
[  172.197466][    C1]  process_scheduled_works+0x483/0x9a0
[  172.202928][    C1]  worker_thread+0x51d/0x6f0
[  172.207521][    C1]  kthread+0x4ae/0x520
[  172.211598][    C1]  ret_from_fork+0x4b/0x60
[  172.216028][    C1]  ret_from_fork_asm+0x1a/0x30
[  172.220798][    C1] 
[  172.223116][    C1] read-write to 0xffff88810cebe588 of 8 bytes by interrupt on cpu 1:
[  172.231179][    C1]  can_receive+0x4e/0x1f0
[  172.235520][    C1]  canfd_rcv+0xe7/0x180
[  172.239684][    C1]  __netif_receive_skb+0x123/0x280
[  172.244825][    C1]  process_backlog+0x22e/0x440
[  172.249604][    C1]  __napi_poll+0x63/0x3c0
[  172.253950][    C1]  net_rx_action+0x3a1/0x7f0
[  172.258554][    C1]  handle_softirqs+0xbf/0x280
[  172.263237][    C1]  run_ksoftirqd+0x1c/0x30
[  172.267664][    C1]  smpboot_thread_fn+0x31c/0x4c0
[  172.272610][    C1]  kthread+0x4ae/0x520
[  172.276681][    C1]  ret_from_fork+0x4b/0x60
[  172.281103][    C1]  ret_from_fork_asm+0x1a/0x30
[  172.285903][    C1] 
[  172.288220][    C1] value changed: 0x0000000000003b76 -> 0x0000000000003b77
[  172.295326][    C1] 
[  172.297653][    C1] Reported by Kernel Concurrency Sanitizer on:
[  172.303810][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Tainted: G        W          6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  172.315879][    C1] Tainted: [W]=WARN
[  172.319685][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  172.329744][    C1] ==================================================================
[  172.350491][    C1] ==================================================================
[  172.358627][    C1] BUG: KCSAN: data-race in can_send / can_send
[  172.364821][    C1] 
[  172.367154][    C1] read-write to 0xffff88810cebe590 of 8 bytes by interrupt on cpu 0:
[  172.375229][    C1]  can_send+0x5a2/0x6d0
[  172.379419][    C1]  bcm_can_tx+0x314/0x420
[  172.383775][    C1]  bcm_tx_timeout_handler+0xdb/0x260
[  172.389095][    C1]  __hrtimer_run_queues+0x20d/0x5e0
[  172.394323][    C1]  hrtimer_run_softirq+0xe4/0x2c0
[  172.399365][    C1]  handle_softirqs+0xbf/0x280
[  172.404056][    C1]  do_softirq+0x5e/0x90
[  172.408222][    C1]  __local_bh_enable_ip+0x6e/0x70
[  172.413265][    C1]  _raw_spin_unlock_bh+0x36/0x40
[  172.418215][    C1]  nsim_dev_trap_report_work+0x522/0x620
[  172.423856][    C1]  process_scheduled_works+0x483/0x9a0
[  172.429316][    C1]  worker_thread+0x51d/0x6f0
[  172.433908][    C1]  kthread+0x4ae/0x520
[  172.437981][    C1]  ret_from_fork+0x4b/0x60
[  172.442405][    C1]  ret_from_fork_asm+0x1a/0x30
[  172.447182][    C1] 
[  172.449507][    C1] read-write to 0xffff88810cebe590 of 8 bytes by interrupt on cpu 1:
[  172.457605][    C1]  can_send+0x5a2/0x6d0
[  172.461784][    C1]  bcm_can_tx+0x314/0x420
[  172.466114][    C1]  bcm_tx_timeout_handler+0xdb/0x260
[  172.471401][    C1]  __hrtimer_run_queues+0x20d/0x5e0
[  172.476604][    C1]  hrtimer_run_softirq+0xe4/0x2c0
[  172.481635][    C1]  handle_softirqs+0xbf/0x280
[  172.486320][    C1]  do_softirq+0x5e/0x90
[  172.490483][    C1]  __local_bh_enable_ip+0x6e/0x70
[  172.495517][    C1]  _raw_spin_unlock_bh+0x36/0x40
[  172.500480][    C1]  ip6_ins_rt+0x7a/0xb0
[  172.504638][    C1]  __ipv6_ifa_notify+0x371/0x900
[  172.509583][    C1]  addrconf_dad_completed+0xd8/0x8a0
[  172.514873][    C1]  addrconf_dad_work+0x887/0xbd0
[  172.519824][    C1]  process_scheduled_works+0x483/0x9a0
[  172.525285][    C1]  worker_thread+0x51d/0x6f0
[  172.529996][    C1]  kthread+0x4ae/0x520
[  172.534082][    C1]  ret_from_fork+0x4b/0x60
[  172.538509][    C1]  ret_from_fork_asm+0x1a/0x30
[  172.543288][    C1] 
[  172.545611][    C1] value changed: 0x00000000000032dd -> 0x00000000000032de
[  172.552718][    C1] 
[  172.555040][    C1] Reported by Kernel Concurrency Sanitizer on:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  172.561187][    C1] CPU: 1 UID: 0 PID: 10191 Comm: kworker/u8:66 Tainted: G        W          6.14.0-rc1-syzkaller-00187-g8f6629c004b1 #0
[  172.573692][    C1] Tainted: [W]=WARN
[  172.577493][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  172.587551][    C1] Workqueue: ipv6_addrconf addrconf_dad_work
[  172.593552][    C1] ==================================================================
[  173.057829][  T293] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.116959][  T293] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.226508][  T293] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.286624][  T293] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.347532][  T293] bridge_slave_1: left allmulticast mode
[  173.353220][  T293] bridge_slave_1: left promiscuous mode
[  173.359002][  T293] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.366781][  T293] bridge_slave_0: left allmulticast mode
[  173.372415][  T293] bridge_slave_0: left promiscuous mode
[  173.378147][  T293] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.487737][  T293] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  173.497812][  T293] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  173.507838][  T293] bond0 (unregistering): Released all slaves
[  173.568837][  T293] hsr_slave_0: left promiscuous mode
[  173.574568][  T293] hsr_slave_1: left promiscuous mode
[  173.580397][  T293] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  173.587960][  T293] batman_adv: batadv0: Removing interface: batadv_slave_0
[  173.595603][  T293] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  173.602995][  T293] batman_adv: batadv0: Removing interface: batadv_slave_1
[  173.612610][  T293] veth1_macvtap: left promiscuous mode
[  173.618377][  T293] veth0_macvtap: left promiscuous mode
[  173.623923][  T293] veth1_vlan: left promiscuous mode
[  173.629285][  T293] veth0_vlan: left promiscuous mode
[  173.691252][  T293] team0 (unregistering): Port device team_slave_1 removed
[  173.702336][  T293] team0 (unregistering): Port device team_slave_0 removed
[  174.114293][  T293] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.927695][  T293] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.987726][  T293] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.057413][  T293] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.120513][  T293] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.168149][  T293] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.217671][  T293] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.277236][  T293] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.340818][  T293] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.417376][  T293] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.497629][  T293] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.557889][  T293] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.618849][  T293] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.676811][  T293] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.726558][  T293] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.796748][  T293] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.859433][  T293] bridge_slave_1: left allmulticast mode
[  175.865192][  T293] bridge_slave_1: left promiscuous mode
[  175.870930][  T293] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.878780][  T293] bridge_slave_0: left allmulticast mode
[  175.884438][  T293] bridge_slave_0: left promiscuous mode
[  175.890162][  T293] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.087151][  T293] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  176.097230][  T293] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.106960][  T293] bond0 (unregistering): Released all slaves
[  176.115589][  T293] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  176.125120][  T293] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.134789][  T293] bond0 (unregistering): Released all slaves
[  176.144052][  T293] bond0 (unregistering): Released all slaves
[  176.152795][  T293] bond1 (unregistering): Released all slaves
[  176.162114][  T293] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  176.172078][  T293] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.181628][  T293] bond0 (unregistering): Released all slaves
[  176.233997][  T293] hsr_slave_0: left promiscuous mode
[  176.239758][  T293] hsr_slave_1: left promiscuous mode
[  176.245459][  T293] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  176.252951][  T293] batman_adv: batadv0: Removing interface: batadv_slave_0
[  176.260616][  T293] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  176.268041][  T293] batman_adv: batadv0: Removing interface: batadv_slave_1
[  176.277891][  T293] hsr_slave_0: left promiscuous mode
[  176.283641][  T293] hsr_slave_1: left promiscuous mode
[  176.291057][  T293] hsr_slave_0: left promiscuous mode
[  176.296825][  T293] hsr_slave_1: left promiscuous mode
[  176.303971][  T293] hsr_slave_0: left promiscuous mode
[  176.309649][  T293] hsr_slave_1: left promiscuous mode
[  176.321024][  T293] veth1_macvtap: left promiscuous mode
[  176.326604][  T293] veth0_macvtap: left promiscuous mode
[  176.332116][  T293] veth1_vlan: left promiscuous mode
[  176.337403][  T293] veth0_vlan: left promiscuous mode
[  176.343218][  T293] veth1_macvtap: left promiscuous mode
[  176.348775][  T293] veth0_macvtap: left promiscuous mode
[  176.354382][  T293] veth1_vlan: left promiscuous mode
[  176.359668][  T293] veth0_vlan: left promiscuous mode
[  176.365577][  T293] veth1_macvtap: left promiscuous mode
[  176.371093][  T293] veth0_macvtap: left promiscuous mode
[  176.376624][  T293] veth1_vlan: left promiscuous mode
[  176.381846][  T293] veth0_vlan: left promiscuous mode
[  176.387481][  T293] veth1_macvtap: left promiscuous mode
[  176.393014][  T293] veth0_macvtap: left promiscuous mode
[  176.398613][  T293] veth1_vlan: left promiscuous mode
[  176.403840][  T293] veth0_vlan: left promiscuous mode
[  176.551483][  T293] team0 (unregistering): Port device team_slave_1 removed
[  176.562215][  T293] team0 (unregistering): Port device team_slave_0 removed
[  176.614336][  T293] team0 (unregistering): Port device team_slave_1 removed
[  176.623844][  T293] team0 (unregistering): Port device team_slave_0 removed
[  176.719053][  T293] team0 (unregistering): Port device team_slave_1 removed
[  176.728587][  T293] team0 (unregistering): Port device team_slave_0 removed
[  176.757961][ T1040] lo speed is unknown, defaulting to 1000
[  176.763734][ T1040] infiniband syz0: ib_query_port failed (-19)