last executing test programs:

23.777732943s ago: executing program 1 (id=6334):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10208}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000800)=@urb_type_control={0x2, {}, 0x2000000b, 0xe0, &(0x7f0000000240)={0x80, 0x0, 0xfffa, 0x4360, 0x300}, 0x8, 0x6, 0x0, 0x0, 0x1, 0x101, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x100000001}, 0x18)
getsockopt(0xffffffffffffffff, 0x200000000114, 0x2716, 0x0, &(0x7f0000000000))
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet(0xa, 0x4, 0x9)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000880)=ANY=[@ANYBLOB="340011ad4cbfb8528e70112f38bc9b008061bae192075d4111ef45864a8ba97fd825cac00e791e0056d8aac4f3c12855a071cad8dcfd77bfd26ac669e853ee72a5f39f4e1ab5f013df9838ad2a19d4905a95299a6c702601ea09a95c2abb8b99005c9ba19b6c22ca42846a7acd45b5ab95fc3a9077ded4e7481d223f568a946e82e793df93dcf6f20a67f04ca9e622b64dc5ce74e5a390ff456fabc353110e193851711cd5da08130a1a5283", @ANYRES16=r6, @ANYBLOB="010000002000fbdbdf25250000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x40840d4}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000003c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@nouid32}]}, 0x1, 0x441, &(0x7f00000011c0)="$eJzs28tvG8UfAPDv2kn66zP5VeXRBxAoiIpH0qSl9MAFBBIHkJDgUI4hSatQt0FNkGgVQUCoHFEl7ogjEv8AnOCCgBMSV7ijShXKpYWT0dq7ie3aaZI62RR/PtK2M7tjzXw9O/bMThxAzxpO/0ki9kTE7xExWM82Fxiu/3draWHy76WFySSq1Tf/Smrlbi4tTOZF89ftzjN9EaVPkzjcpt65y1fOT1Qq05ey/Oj8hfdG5y5feXbmwsS56XPTF8dPnz55Yuz5U+PPdSXONK6bhz6cPXLw1bevvT555to7P3+T5PG3xNElw6tdfKJa7XJ1xdrbkE76CmwI61KuD9Por43/wSjHSucNxiufFNo4YFNVq9Xq/Z0vL1aB/7Akim4BUIz8iz5d/+bHFk09toUbL9YXQGnct7KjfqUvSlmZ/pb1bTcNR8SZxX++TI/YnOcQAABNvk/nP8+0m/+VovG50L5sD2UoIv4fEfsj4lREHIiI+yJqZR+IiAfXWX/rJsnt85/S9Q0Ftkbp/O+FbG+ref6Xz/5iqJzl9tbi70/OzlSmj2fvybHo35Hmx1ap44eXf/u807XG+V96pPXnc8GsHdf7djS/ZmpifuJuYm504+OIQ33t4k+WdwKSiDgYEYc2WMfMU18f6XTtzvGvogv7TNWvIp6s9/9itMSfS1bfnxz9X1Smj4/md8Xtfvn16hud6r+r+Lsg7f9dbe//5fiHksb92rn113H1j8/ar2n2bfz+H0jeajr3wcT8/KWxiIHktXqjG8+Pt5QbXymfxn/saPvxvz9W3onDEZHexA9FxMMR8UjWd49GxGMRcXSV+H966fF3O13bDv0/ta7+X0kMROuZ9ony+R+/a6p0aD3xp/1/spY6lp1Zy+ffWtq1sbsZAAAA7j2liNgTSWlkOV0qjYzU/4b/QOwqVWbn5p8+O/v+xan6bwSGor+UP+kabHgeOpYt6/P8eEv+RPbc+Ivyzlp+ZHK2MlV08NDjdncY/6k/y0W3Dth0fq8Fvcv4h95l/EPvMv6hd7UZ/zuLaAew9dp9/39UQDuArdcy/m37QQ+x/ofe1Tj+kwLbAWw93//Qk+Z2xp1/JN8DiYHt0Yx7KBGltRf+Nrvbim6zxNoTBX8wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMm/AQAA//8iOuPQ")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000080)=ANY=[], 0xfe37, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x5, 0x5, &(0x7f0000000480)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7056}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0xffffffffffffffff], 0x1}, 0x58)
r7 = socket(0xa, 0x5, 0x0)
listen(r7, 0x8)
copy_file_range(0xffffffffffffffff, 0x0, r3, &(0x7f0000000840)=0xa5, 0xfff, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000100)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@dioread_lock}, {@barrier}, {@bsdgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r8, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000f40)=ANY=[], 0x0)

22.811165958s ago: executing program 1 (id=6351):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0100000008000000010000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
close(r2)

22.810041939s ago: executing program 1 (id=6352):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095", @ANYRES16=r0], &(0x7f00000001c0)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCGETSGCNT_IN6(r5, 0x89e1, &(0x7f0000000280)={@mcast1, @ipv4={'\x00', '\xff\xff', @broadcast}})
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x2}, 0x2, r6}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x88, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0x3, 0x0, 0x3}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x1, 0x400, 0xfffffffb}, 0x2}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0900000004000000040000000c"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRESHEX=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r7}, &(0x7f0000000000), &(0x7f0000000200)=r8}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000003c0)=0x2)
readv(r9, &(0x7f0000000600)=[{&(0x7f00000002c0)=""/135, 0x87}], 0x1)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r10}, 0x4)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r11}, 0x18)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r12 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0x1, 0x89}, &(0x7f00000003c0)=<r13=>0x0, &(0x7f0000000200)=<r14=>0x0)
syz_io_uring_submit(r13, r14, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
io_uring_enter(r12, 0x3518, 0xaddf, 0x2, 0x0, 0x0)
ioctl$TIOCVHANGUP(r9, 0x5437, 0x2)
socket(0xa, 0x5, 0x0)

22.737243594s ago: executing program 1 (id=6354):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYRES16], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000b80)={'team_slave_0\x00', 0x2900})
r3 = perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x2, 0x510, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, @perf_bp={0x0}, 0x50, 0x10000, 0x0, 0x5, 0x8, 0x20205, 0x1, 0x0, 0x8023, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000b40)=ANY=[@ANYRESHEX=r1], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x4}, 0x18)
shmdt(0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x67, 0x52e, &(0x7f0000000480)="$eJzs3U9vI2cZAPBnHHvZ7GabFDhAJUqhRdkVrJ00tI04lCIhOFUCyr2ExImiOHEUO+0mqtis+ABICAESJ7hwQeIDIKFKXDgipEpwBgECIdjCgQN00NjjNJv4X7tOnE1+P2ky78y8M8/zOprxvJ7RTACX1lMR8VJEvJOm6a2ImM7nF/IhDtpDVu/t+28sZ0MSafrKP5JI8nmdbSX5+Hq+2tWI+NqXI76ZnIzb2NvfWKrVqjv5dKW5uV1p7O3fXt9cWquuVbcWFuafX3xh8bnFuZG080ZEvPjFv3z/Oz/90ou//Mzrf3z1bze/laU1lS8/2o73qNhvYbvppdZncXSFnfcZ7DwqtlqYm+xWY+LEnHunnBMAAN1l5/gfjIhPRsStmI6J/qezAAAAwCMo/fxU/DeJSLu70mM+AAAA8AgptO6BTQrl/F6AqSgUyuX2PbwfjmuFWr3R/PRqfXdrpX2v7EyUCqvrtepcfq/wTJSSbHq+VX53+tlj0wsR8XhEfG96sjVdXq7XVsb94wcAAABcEteP9f//Pd3u/3fcHWdyAAAAwOjMjDsBAAAA4NQN2/+/dsp5AAAAAKfH9X8AAAC40L7y8svZkHbef73y2t7uRv212yvVxkZ5c3e5vFzf2S6v1etrrWf2bQ7aXq1e3/5sbO3eqTSrjWalsXc1Nuu7W81X1x94BTYAAABwhh7/+Ju/TyLi4HOTrSFzZbhVh6wGnFfFw1KSj7vs1n94rD3+8xklBZyJiXEnAIxNcdwJAGNTGncCwNglA5b3vHnnN/n4E6PNBwAAGL3Zj/a+/l/ou+ZB/8XAuWcnhsvL9X+4vFrX/4e9k7fgbeBwkZQGnQH07SA4HsBF8NDX/wdK0/eUEAAAMHJTrSEplIud6UKhXI640XotQClZXa9V5yLisYj43XTpA9n0fKtmMrDPAAAAAAAAAAAAAAAAAAAAAAAAAAC0pWkSKQAAAHChRRT+mvyq/Sz/2elnpo7/PnAl+c905K8Iff1Hr/zgzlKzuTOfzf/n4fzmD/P5z47jFwwAAAC4FAa8wP9BnX56px8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP09v03ljvDWcb9+xciYqZb/GJcbY2vRikirv0rieKR9ZKImBhB/Mnsz0e6xU+ytA5Ddos/OYL4B/f6xo+D/FPoFv/6COLDZfZmdvx5qdv+V4inWuPu+18x4oHp96v38S8Oj38TPfb/G0PGeOKtn1d6xr8X8UTxRPy7WYRO/KRH/KeHjP+Nr+/v91qW/jhituv3T9Kpkh0ho9Lc3K409vZvr28urVXXqlsLC/PPL76w+NziXGV1vVbN/3aN8d2P/eKdfu2/1iP+zID2P3Nia1e6xvjfW3fuf6hdLHWLf/PpLvF//ZO8xsn4hfy771N5OVs+2ykftMtHPfmz3z7Zr/0rPdo/6P9/s9dGj7n11W//aciqAMAZaOztbyzVatWdC1vIeulDVs7Ozs5FzgpDFCYefjt3R5pYmqZptk89xHaSGPenelgY95EJAAAYtXdP+sedCQAAAAAAAAAAAAAAAAAAAFxeZ/E4seMxDw5LySgeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBL/DwAA//9t9tlI")
fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r5 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$binfmt_register(r5, &(0x7f0000000440)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[], 0x40}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000d80)=ANY=[@ANYRES8, @ANYRES64=r3], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0x7, &(0x7f0000000b00)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x94)
r7 = add_key$keyring(&(0x7f0000000a40), &(0x7f0000000ac0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffa)
add_key(&(0x7f00000009c0)='dns_resolver\x00', &(0x7f0000000a00)={'syz', 0x2}, 0x0, 0x0, r7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r8, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000d4ee000000000000000095694ab4f41e0000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = getpgid(0x0)
sched_getparam(r9, &(0x7f0000000200))
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)

22.578334356s ago: executing program 1 (id=6359):
r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)

22.13970325s ago: executing program 1 (id=6364):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000004c0)={0x2, 0x4e21, @remote}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c"], 0x50}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(0x0, 0xffffffffffffffff)
sendmsg$key(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)

22.117104722s ago: executing program 32 (id=6364):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000004c0)={0x2, 0x4e21, @remote}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c"], 0x50}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(0x0, 0xffffffffffffffff)
sendmsg$key(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)

8.779175578s ago: executing program 5 (id=6555):
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180), 0x40, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200080, &(0x7f0000000400)={[{@resuid}, {@delalloc}, {@bsdgroups}]}, 0x3, 0x56d, &(0x7f0000000c00)="$eJzs3c9vG1kdAPDvTOI4/bGbFvYAq4UWWCioqtOku9VqL9teQGi1EmLFAXHohsSNQp261M6yCZXI/g0ggeAEfwIHJA5Ie+LAjSMSB4S0HJAKVKAGAZLRjKep24xVt3bsTfL5SNP58ebN9z014/f8bM8L4Mg6GxHbETETEe9ExFxxPCmWuNJdsvPu37uzvHPvznISnc7bf0/y9OxY9OTJnCiuORsRX/9KxLeTvXFbm1s3lhqN+u1if769fmu+tbl1YW19abW+Wr+5uHh54fLF1y69ujiyup5Z/+XdL6+9+Y3f/PpTH/5++0vfz4p1skjrrccodate2Y2TmY6IN/cj2ARMFeuZPSkvlWe4sr/l4emkEfGxiPhsfv/PxVT+1wkAHGadzk+jM9e7DwAcdtn7/5OzSVqLiDQtOgG17hjeC3E8bTRb7fPXmxs3V7pjZaeikl5fa9Qvnq7+8bv5yZUk21/I0/L0fH/xsf1LEXE6In5UPZbv15abjZXJdHkA4Mg7kX8GVrT/EfGvaprWagNlLflUDwA4MGYnkBMAmKzeVrw6wXIAAOPjXTwAHD0DtP/Fh/3b+14WAGA8vP8HgKNH+w8AR8/Ttv++IwgAB9rX3norWzo7xfOvV97d3Kg0372wUm/dqK1vLNeWm7dv1VabzdX8mT3rj2Q+1rNd9AkazeathVdi4735dr3Vnm9tbl1bb27cbF/Ln+t9rV4Za+0AgDKnz3zwhyQitl8/li/RM5eDthoOt3TSBQAmZurhZv3E02bWQYAD7dlm+/rPyMsBjF9lkF/05Z2E3+1/YYCJKH2Y92zp5qN+8hRBfM8YPlLOfXLw8f+9czwDB5nxfzi6pp4p1xsjLwcwfs82/g8cBp1O8vic/zO7SQDAoTTEV/g6PxhVJwSYqCdN5j2Sz/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkDkZEd+JJK3lc4Gn2b9prRbxXEScikpyfa1RvxgRz8eZiKhUs/2FSRcaABhS+tekmP/r3NzLJx9PnUn+Xc3XEfG9n7394/eW2u3bC9nxf+wer5bMDjbEvIIAwGA61QFPzNvvxWLd80b+/r07yw+W/SpkmbtX43/FVMTLO/fu5Es3ZTqygxGzeV/i+D+TmC7yZL2NFyNiagTxt9+PiE+U1T/Jx0ZOFX2b3vhRxH5urPHTR+KneVp3nfXdPj6CssBR88HViLhSdv+lcTZfl9//s/kr1PDuXu1e7MFr307P6+90EWmqJH52z58dNMYrv/3qnoOduW7a+xEvTpfFT3bjJ33ivzxg/D+99OkfvtEnrfPziHNRHr831nx7/dZ8a3Prwtr60mp9dTYWFy8vXL742qVXF+fzMer5ByPVe/3t9fPP9ytbVv/jfeLPltZ/Zjfv5wes/y/++863PvNwt/p4/C9+rix+Gi+Uxu/K2sQvPBqm0y/+0vFf9Z2+O4u/0qf+T/r/Pz9I5SPiw79srQx4KgAwBq3NrRtLjUb99lAbaex0RnGdPRtZEQc7+UF3cbigf479qMUzblSGrs6kNqZ3+4qjvfI3syuOuTrpyGsx1Mb9ccWa3GsSMB4Pb/pJlwQAAAAAAAAAAAAAAOhnHD9dmnQdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOLz+HwAA//85T9KE")
r3 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
name_to_handle_at(r4, &(0x7f0000000240)='./mnt\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="1000000002000000091aa5448b245c4de7000000020000006bfd0e166d15d47c0f939e51684f67d823da72f52270521c8339a00718e037671b45b387dea8e738da03ff487f8482db3720c21f60ab4920261499143ffbd76367490ef0bed1a9fedae184d49a8f954863e2b09cc083b919bbef6fac"], &(0x7f00000002c0), 0x400)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='kmem_cache_free\x00', r6}, 0x18)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
r9 = syz_open_dev$evdev(&(0x7f00000000c0), 0x3, 0x40)
syz_usb_disconnect(r9)
fcntl$lock(r7, 0x5, &(0x7f00000001c0)={0x300, 0x0, 0x0, 0x200})
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f0000000280)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=r10], 0x9)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000001c0)={r10, 0x4, 0x8001, 0x9, 0x2}, &(0x7f0000000200)=0x14)
r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r11, 0x6, 0x1, 0x0, &(0x7f0000000040))
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)

7.59256312s ago: executing program 5 (id=6574):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB, @ANYRES32=0x0], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRES8=r0], 0x48) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000001c0)='mm_vmscan_lru_isolate\x00', r1, 0x0, 0x7fffffffffffffff}, 0xffffffffffffff50) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r2}, 0x10)
gettid()
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async, rerun: 64)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) (rerun: 64)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000580)={0x0, @phonet={0x23, 0x4, 0x2, 0x7}, @hci={0x1f, 0x1, 0x5}, @phonet={0x23, 0xfe, 0x10, 0x9}, 0x9, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000280)='wlan1\x00', 0xdf65, 0x4, 0xfffc}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18) (async)
unshare(0x62040200) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x2a, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000480), 0x10}, 0x8084, 0x14000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000009}, 0x0, 0xf, 0xffffffffffffffff, 0x2)
timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

6.973561619s ago: executing program 4 (id=6596):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYRES16=r0, @ANYRES16=0x0, @ANYBLOB="d5"], 0x24}}, 0x60)
recvmmsg$unix(r0, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000001600)=""/182, 0xb6}, {&(0x7f0000000480)=""/4096, 0x1000}, {&(0x7f0000001480)=""/83, 0x53}, {&(0x7f0000000140)=""/36, 0x24}], 0x4}}], 0x1, 0x0, 0x0)
write(r0, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000080000000000", 0x14)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r1, &(0x7f0000000040)="0200ffff", 0x4, 0x0, 0x0, 0x2}])

6.768024504s ago: executing program 5 (id=6599):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="0b000000050000000400000032a9000009"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000900000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000f9ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r2, 0x5)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
unlink(&(0x7f00000001c0)='./control/file0\x00')
unlinkat(0xffffffffffffffff, &(0x7f0000000140)='./control\x00', 0x200)
rmdir(&(0x7f0000000040)='./control\x00')

6.767690284s ago: executing program 4 (id=6600):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c00"], 0xf8}}, 0x0)

6.708732159s ago: executing program 5 (id=6601):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x10, &(0x7f0000000000)=0x1, 0x4)
r1 = socket(0x2b, 0x80801, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c45, 0x0)
flock(r2, 0x5)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x80)
flock(r3, 0x1)
flock(r3, 0x2)
dup3(r3, r2, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r4, 0x2285, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x0, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_bp={0x0, 0x1}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xc, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
getsockopt$sock_buf(r1, 0x1, 0x1c, 0x0, 0x0)
r5 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000000c0)={[{@delalloc}, {@errors_remount}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4005b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@orlov}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r7}, 0x18)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r5, 0x5386, &(0x7f00000001c0))
syz_clone(0x8000000, &(0x7f0000000300)="4fd1b584fe85e09ee51a85269a95a519497d013614f3f38174d54876fa09ad421e6292acfed2d3a2def08b9afcfd6c5218d8c9", 0x33, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)="f4e0e3c4f206c974b2162bb3cc51c54d3f3aef44818126b5995e97bcecf1aa7e1804997c3817aa20e757c0784ea8b8d71c2b12634136971c61a0549002dae42413a3e6dbeb8ce7480f31e768e9fddb11f6d1b9934fbcbe0045750cf02f9a071e5aeb6fbf511d0d14aa2ee8672fab19c4adcb629cde2375fbcbcba1678c42c40cf6df9dd391997b416b3a78e44a078e694dcd8b916febf193212fa321e419c1432bb138f512afc631a7f1d38e8a5067f8c1050028258fd3e04caf35ad2e91fb48f7144e3d71")
ioctl$EXT4_IOC_MOVE_EXT(r6, 0xc028660f, &(0x7f0000000040)={0xc, r8, 0x3, 0x1000000000, 0x2, 0x8})
r9 = socket$inet6(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r9, 0x4004f50d, &(0x7f00000002c0)=0x1)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000d40)=@filter={'filter\x00', 0x2, 0x4, 0x4a8, 0xffffffff, 0x0, 0xf0, 0xf0, 0xfeffffff, 0xffffffff, 0x3d8, 0x3d8, 0x3d8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, [0xff, 0xff, 0x0, 0xffffff00], [], 'pimreg0\x00', 'bond_slave_0\x00', {}, {}, 0x6, 0x0, 0x3}, 0x2f2, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@dev={0xac, 0x14, 0x14, 0x1d}, 'caif0\x00', {0x7}}}}, {{@ipv6={@mcast1, @loopback, [], [0x0, 0x0, 0xffffffff], 'netdevsim0\x00', 'geneve0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ddabf53d9b1435965491f6531877000001e770b689f173dfa40b58c10327e3121114449fd20ba2be6eb0cde72a972f25170163232ed996b4789b9d00"}}}, {{@uncond, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x602, 'system_u:object_r:boot_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x508)

6.678898501s ago: executing program 4 (id=6603):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
socket$packet(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000082aaaaaa"], 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xfffffffffffffd2e, &(0x7f0000000000)='e', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x48)

6.369562455s ago: executing program 5 (id=6611):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="0b000000050000000400000032a9000009"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000900000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000f9ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
unlink(&(0x7f00000001c0)='./control/file0\x00')
unlinkat(0xffffffffffffffff, &(0x7f0000000140)='./control\x00', 0x200)
rmdir(&(0x7f0000000040)='./control\x00')

6.341105257s ago: executing program 4 (id=6612):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0xfe8e, 0x12)

6.31236669s ago: executing program 4 (id=6613):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000600)={{{@in6=@ipv4={""/10, ""/2, @multicast2}, @in6=@private2}}, {{@in=@private}, 0x0, @in=@broadcast}}, &(0x7f0000000700)=0xe8)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
connect$l2tp(0xffffffffffffffff, &(0x7f0000000780)={0x2, 0x0, @local}, 0x10)
syz_read_part_table(0x5c2, &(0x7f0000000000)="$eJzs2z1oU2sYB/AnavCil+vi5GQdnFwURzOoJFFRCNEu4qCgiBi4EEGIECjoYDO0NEPp2KUUsvRjapqhw6Wlhc6ldOil0KHTpV0KXZpL6Xv39vYDhN8PDg/v+/7Pec4znPEEv7QL8U+3281ERPfy8e/ubeULT2+WHpZfRWTiTUT0/PXH1MFJJiX+e+qttF5P67HRK53+nSfZ1trL3dtv5xsX0nlfuq6Ot3tPPBxnbiK3cO37j2pxoJb7tFqsb/5cWX4xuZ0vt583mlPPso/fp9xiqpdS/RK1+Baf411UohIfonpK/UdaG3f3bxRbMx8f7BU6g3P3Uq50wjmP2v9rz9DrZv3Rnenrw/drs0vlrYuHucr/+LoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADh/E7mFa99/VIsDtdyn1WJ98+fK8ovJ7Xy5/bzRnHqWffw+5RZTvZTql6jFt/gc76ISlfgQ1VPqP9LauLt/o9ia+fhgr9AZnLuXcqUTznnU/l97hl4364/uTF8fvl+bXSpvXTzMVS6f0QsAAAAAAAAAAAAAAAAAAABAROQLT2+WHpZfRWTiTUT8+fvczMF+N/3vnkm5W6mup/2x0Sud/p0n2dbay93bb+cbf6f9vt8i+iLi6ni799yH4dj+DQAA///B9JXf")

6.17456285s ago: executing program 5 (id=6614):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c00"], 0xf8}}, 0x0)

5.995503224s ago: executing program 33 (id=6614):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c00"], 0xf8}}, 0x0)

2.879974026s ago: executing program 3 (id=6678):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000080)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2)

2.833693049s ago: executing program 3 (id=6680):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x86, &(0x7f0000000040)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0x78, 0x65, 0x0, 0x2, 0x1, 0x0, @rand_addr=0x64010101, @remote}, @dest_unreach={0x3, 0x3, 0x0, 0x0, 0x6, 0x1f, {0x17, 0x4, 0x3, 0x3a, 0x7ff, 0x68, 0x1ce2, 0xd9, 0x2f, 0xe5c, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x36}, {[@cipso={0x86, 0x11, 0x3, [{0x7, 0x9, "a88022eba18f92"}, {0x1, 0x2}]}, @timestamp_addr={0x44, 0x34, 0x4c, 0x1, 0x0, [{@multicast2, 0x9}, {@loopback, 0x5}, {@multicast1, 0x20005}, {@loopback}, {@remote, 0x329}, {@multicast2, 0x4}]}]}}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
getresuid(&(0x7f00000000c0), &(0x7f00000001c0), &(0x7f0000000200))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000200)={0x4, &(0x7f0000000080)=[{0x5, 0x84, 0x2, 0x5}, {0xd, 0x9, 0x3, 0x5}, {0xeff9, 0x5, 0x9, 0x4}, {0x8, 0x3, 0xfe, 0xffffffff}]})

2.733583928s ago: executing program 3 (id=6682):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[], 0x58}, 0x1, 0x0, 0x0, 0x4000850}, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b000100627269646765000018000280050019"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=<r0=>0x0, @ANYBLOB="1000000000000000280012800b000100627269646765000018000280050019"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRESHEX=r0, @ANYBLOB="0300000000000000280012800a00010076786c616e22c6f2f0cb6b6bc300"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRESHEX=r0, @ANYBLOB="0300000000000000280012800a00010076786c616e22c6f2f0cb6b6bc300"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x4000000, 0x1, 0x0, 'queue0\x00', 0x1c52})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") (async)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==")
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x82) (async)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x82)
writev(r6, &(0x7f00000004c0)=[{&(0x7f0000000000)="26eba9fdb4cbab48929e1af151000000000000000500000000000100", 0x1c}], 0x1) (async)
writev(r6, &(0x7f00000004c0)=[{&(0x7f0000000000)="26eba9fdb4cbab48929e1af151000000000000000500000000000100", 0x1c}], 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=@gettfilter={0x24, 0x2e, 0x800, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}, {0xa, 0xa}, {0xd, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=@gettfilter={0x24, 0x2e, 0x800, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}, {0xa, 0xa}, {0xd, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r7, &(0x7f0000000e00)=ANY=[@ANYBLOB="016f0800010027000000270000004600004c00000000e999cefc8007fd266f74f2c2783fffffffac1414aa000000000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="ba0000009078002809c400050200000000000007000002d58838000391000000"], 0xfd6c)
socket$netlink(0x10, 0x3, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000400)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff9ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcd0cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b24df41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b318e2ec0e1a00897a74a0091ff110026e6d2ef831ab7ea0c34f17efd36ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0cb82d2789cb132b8667c21476619f28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fbce841f8a97be6148ba532e6ea09c346dfebd31a08b32808b80200000000009dd27080e71113610e1019c12a73748b049604fa72c64ed858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a3462fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6e97180aabc18cae2ed4b4390af9a9ceafd07ed00b0000002cab154ad029a119ca3c972780870014601c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f4b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f19afc91b47683db01a469398685211bbae0e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bde792c88c5b8dcdcc22ee17476d738992533ac2a9b5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffffd7917f23837a6b24db0e067345560942fa629fbef2461c96a08707671315c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e48455b588b90dfae158b94f50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859ac8e3c177b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2498d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d4a3e1a9e90d76c1993e0799d4894ee7f8249dc1e342892129369ee1b85afa1a5be5f6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90501b0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355b17402a500587b603306a5af8d867d80a07f10b854b1c8c768c001496fa99ce5b5040be9194123e918914a71ad5a8521fb956dbc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c6775e19f0b7e70803000000b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989172a1bcd1e30280bc5867dd4e27b6ef206660090bb2164474cef378f97ca33fccf363361dcdba10c1547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f5874c24411d415b6b085fb73a2d7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aa0000000000000000532ff181c985f54b7ae20aa5e63055b4d6a36fa98a44e379d2bccf977c3e88538f406b598307c9912fb097601f3f88a2ea6fd1f9320cfe7f09aed4d1e72d26e5c7a93854c8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589ac5d8ad67a65e9a44c576dc24452eafeffffffffffffff000000070000000000000000000000005333c6199c12dcd92689192727a7267c47cf897853d160100b39b613faefe16bd91fc105dddd77ab929b95032d3717fa9fbdc2bdc0e98ae2c3f23a6131e2879f0484ee3bfe30b92dd493be66c2242f8184733b80ba28e824910844df31f3d4bb2f89049c5f6d63956995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99a40b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc1758763f0000009c927da38d83314480b15e23eb8c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab602000000000000000000113a3065a478d1de98be3a66f6fbf68f2f5693050fa56db62e2f99cf916059ee36cdad078fc88d17cbde37a2270f90a60afe8548d4c579b09c333382c6e7a316ac03aa23d379836b96173a5541fa96c27e7fb6d2585d828aa330f3438d8487912bb7742be1502e706644f7a937451beb7a5f6ca3ef21e8cb8f841af6d54334d82a8b816b6daccf0c66162f897623ee325d714f9f10636a7573582ff31c7f9c6f767c806ef4af486cc19a5355bdc814cb5557c6fa6404179c865980b0815b907a7f268e97828c196f5ac033d395a217b4e1e45663023a0292003c36a3b7461fc2c8566e0f3f693bfacae26aa2b7d17962989ccb943633c080aacc9b7d311c251686fc66aa80bf41a5bf6cd72d5aa995820fb318fad61a79a61d0a969fd6018ac9f131fe02fe31d565723cbf9b63841e21417fc29a3e7a03886d80566ae001861799a4aad91c72139e681ced8625b675dfbd6d458d4b2d9e6d565430248172ad942cdb41639f4113896827c8806e049218cd1eef89d6b9b14dd707da40705c07f878263ff9b71ccf28ec50178c7aac83bef7bd10459e2f2e267f82bafd5b4c7b481ea5e4bcb6cfe05e2ac3e17c1f8f12ddf5b6770ce0da8cb3aba3a935a6b737b6d3ebf2c715dcc11c5759bd0acdecf333f2b77c52fb2251336bbd92f73ad1a30bb9162bd9d699c49d824b827f3e7c1096354946e09922db25904c83262c6dcb87457e4abefa0e9dcb17d79c173895b74aae2ed4419662690a16494e7b27d0d2688c69b4be3d21b783195f6a5e5dc5c07c73f0d0f0670db10ac9ef5b8295ff88df734e3c6ab8555c0390f962cbf559bce9c42e1034dba78997b2877b485d9d4ae2fcd3e757b84319879d0337785773c940af6e57d162f4606d101def01199325c8676a32e26303560271b720216d95e0013265a45b02bd2414bebda89b7b5e71e70e0000000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)

2.57201542s ago: executing program 4 (id=6615):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x4, @loopback}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000400), 0x0, 0x8004}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000038c0), r4)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f00000039c0)={'wpan1\x00'})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file2\x00', 0x404, &(0x7f0000000080)={[{@nogrpid}, {@noinit_itable}, {@jqfmt_vfsold}, {@debug}, {@nodiscard}, {@quota}]}, 0x1, 0x43d, &(0x7f0000000700)="$eJzs28tvG0UYAPBv7SQlfZBQlUfTAoGCiHgkTVpKD1xAIHEACQkO5RiStAp1G9QEiVYRBITKEVXijjgi8RdwggsCTkhc4Y4qVSiXFk5Ga+8mtmOneThxW/9+0iYzu+PMfN4de2YnG0DXGk5/JBH7I+LPiBioZusLDFd/3VpenPp3eXEqiXL5nX+SSrmby4tTedH8dfvyTE9E4YskjjSpd/7ylfOTpdLMpSw/tnDhw7H5y1demL0weW7m3MzFidOnT54Yf+nUxIttiTON6+bQJ3NHD7/x3rW3ps5ce//X75M8/oY42mR4vYNPl8ttrq6zDtSkk54ONoRNKVa7afRW+v9AFGP15A3E65/n6b5ONRDYMeVyufxQ68NLZeAelkSnWwB0Rv5Fn85/822Xhh53hBuvVCdAady3sq16pCcKWZnehvltOw1HxJml/75Jt9iZ+xAAAHV+TMc/zzcb/xWi9r7Q/dkaymBEPBARByPiVEQciogHIyplH46IRzZZf+MiydrxT+H6lgLboHT893K2tlU//stHfzFYzHIHKvH3JmdnSzPHs/dkJHr3pPnxder46bU/vmp1rHb8l25p/flYMGvH9Z499a+ZnlyY3E7MtW58FjHU0yz+ZGUlIImIwxExtMU6Zp/97mirY7ePfx1tWGcqfxvxTPX8L0VD/LlktaZm65Nj90Vp5vhYflWs9dvvV99uVf+24m+D9PzvbXr9r8Q/mNSu185vvo6rf33Zck6z1eu/L3m3bt/HkwsLl8Yj+pI3q42u3T/RUG5itXwa/8ix5v3/YKy+E0ciIr2IH42IxyLi8aztT0TEkxFxbJ34f3n1qQ+2Hv/OSuOf3tT5X030ReOe5oni+Z9/qKt0cDPxp+f/ZCU1ku3ZyOffRtq1tasZAAAA7j6FiNgfSWF0JV0ojI5W/4f/UOwtlObmF547O/fRxenqMwKD0VvI73QN1NwPHc+m9Xl+oiF/Irtv/HWxv5IfnZorTXc6eOhy+1r0/9TfxU63DthxnteC7qX/Q/fS/6F76f/QvZr0//5OtAPYfc2+/z/tQDuA3dfQ/y37QRcx/4fupf9D99L/oSvN98ftH5KXkFiTiMId0Yx7J5EkEdv/O0m0qT2d/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoj/8DAAD//7Pm4aw=")
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='kfree\x00', r5, 0x0, 0x2144}, 0x18)
r6 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r6, 0x8008551c, &(0x7f0000000180)={0x1, 0x18, 0x0, 0x1, 0x0, 0x0, 0x0})
r7 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYRES64=r1], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2}, 0x94)
prctl$PR_SET_NAME(0xf, &(0x7f0000000200)='\x04\x00\x00\x00\x00\x00\x00\x00\x00\xbc:\a\xd94\x16\x03\x02+\xd20\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='mm_page_free\x00', r8, 0x0, 0x800000000000}, 0x18)
sendfile(r7, r7, 0x0, 0x800000009)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x200, {0x0, 0x0, 0x0, r10, {0xfff2, 0x9}, {0x10}, {0x9, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x400d0}, 0x0)

1.902015282s ago: executing program 0 (id=6685):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x19, 0x4, 0x8, 0x5}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r1}, 0x14)
syz_emit_ethernet(0x32, &(0x7f0000001940)={@random="dba1f19f77c5", @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x2, 0x4, 0x24, 0x64, 0x0, 0x71, 0x11, 0x0, @multicast2, @empty}, {0x4e22, 0x4e21, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x1, 0x0, @val=0x80}}}}}}}, 0x0)

1.885731493s ago: executing program 0 (id=6686):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r5, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r6 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r6, &(0x7f0000000000)={&(0x7f0000000140)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x30006041)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
close(r6)
setsockopt$sock_attach_bpf(r0, 0x1, 0x10, &(0x7f0000000040), 0x4)
sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)='f', 0x1}], 0x1}, 0x8004)
r9 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000140)='ext4_read_block_bitmap_load\x00', r9}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
lgetxattr(0x0, 0x0, 0x0, 0x0)

1.827908628s ago: executing program 6 (id=6687):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x10, 0x1407, 0x1, 0x70bd2c, 0x25dfdbfd}, 0x10}, 0x1, 0x0, 0x0, 0x8010}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000a80)=0x1, 0x4)
socket$inet6(0xa, 0x3, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000480)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1b000000000000000000000000000400000000006947020bf025b587a5375f9768d91990dd2c4b0cd568c38ce28116fcc53ef92fffee96b0e7d9cb7f4a09497762a457ba79202255b64bf771d129bdaafc963954ae57de4c1379641be70030fe54747621d1d690c2fc35b16c7f57e8a056f011a64733dc88ec43db46e56b48585affa8c6f534f9d491e3565745adc3d2b887a98d3e010e21879bf697081bb63bcc7158441324d7ede56a8cfe2edffb1118a93e82e3c4f81091ed523a972d4fbe432f1f23c350b99a4f7bd46d2c5c10e99eff8f1abd6c314ffa11c7571e001dcecd1a8cc00e35c1269c5a2e2ed8d94c414980588821d4ed63fa6190dd0eb74f5e", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000500"/28], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020051f2add4693e094f00000000008500007dd93714e03f5602e0f3ef114a0083000000bf0900000000000055090100000000009500000000000000bf8a000000000000b7020000000000008500000084000000b70000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x18)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r7)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x1004000, &(0x7f00000002c0)=ANY=[], 0xfd, 0x2c7, &(0x7f0000000480)="$eJzs3U1rE1sYwPGnadMmKW2yuFy4F6QPutHN0MZPEKQFMaDUpqgLYWonGjImJRMjEbHduXXndygu3QnWL9CNO/fipgiCmy6kI53JmGk7fTVp0vb/g3JO55wn58wL5Zmhc7Jx783TctEximZdYgmVmCRWZFMkIzEJLLfK7S0DMixhK3Jt9OeXS3fvP7iVy+enZ1VncnPXs6o6PvHx+ct3lz/VR+ffj38YkfXMw40f2a/r/67/t7E1F3x6ta6mLlSrdXPBtnSx5JQN1Tu2ZTqWliqOVdvRXrSrS0tNNSuLY6mlmuU4alaaWraaWq9qvdZU87FZqqhhGDqWkotm8KDGZNTGwursrJk71iCxY04KpynyLNdqOXMwsrGwehqTAgAA/WVv/i978v+BVtnJ/P9JydGSo5XD8v+YkP93j5f/b0UmjTgf4ts3ADkzFXnrRv4PAAAAAAAAAAAAAAAAAAAAAMBZsOm6add100EZ/IyISEK2En4vN93reaI7Dj7/IsHvoZCBHk4XHRZ6cS8hYr9uFBoFv/Tbc0UpiS2WTMZFfnnXQ4tfn7mZn55UT0bW7OVWvPeS4EgQH8hEx0/58RqKX24U4pIKj5+VtPwTHZ/dFR8XkUZhWK5eCcUbkpbPj6Qqtix613U7/tWU6o3b+V3jJ71+AAAAAACcB4b+kdl5/+uvJmkYGiwbsqvd39h+PiDpQ54PqKwNSzt+SP4f6t1+AwAAAABwkTjNF2XTtq3aySsT838V3geVpBw/qiOH7oxVjNa/gx3Y2XVd7wtjjvjJb5Mi+zTFZN+mble+i0gfHPBOV74980/gUTr38q8SAAAAgG5oJ/29ngkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfXURcPC/qfZO2x0HCDvdlLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoD/8DgAA//8uWRWa")
r9 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x101000, 0x26)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r9, 0xc0185879, &(0x7f0000000040)={@id={0x2, 0x0, @a}})

1.711597597s ago: executing program 3 (id=6690):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000080)=0x1, 0x4)
socket(0x10, 0x80002, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendto$inet6(r2, &(0x7f0000000100)="15", 0x1, 0x1, &(0x7f0000000140)={0xa, 0x4e23, 0x7ff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}, 0x1c)
sendmsg$inet6(r2, &(0x7f0000000380)={&(0x7f0000000180)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000480)='y', 0x1}], 0x1}, 0x0)
shutdown(r2, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}, 0x0, 0x0, 0x4}, &(0x7f0000000080)=0x9c)
socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000002140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0209000007"], 0x38}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000000206010700000000000000000000000014000300686173683a69702c706f72742c6970000900020073797a31000000000500010007000000050005000a0000000500040001000000c1590c9fe92c70409533a7acaf3d7072b144c5f5c963697b3ff9bea20eba159d251d57a146ac718289d253f3be698fed96dc6035adef29a07823dc76dea18307c0b1366c07f0"], 0x4c}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)
r9 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000300)={'bond0\x00'})
r10 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r11 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
modify_ldt$write2(0x11, &(0x7f0000000000)={0xffff, 0x0, 0x1000, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1}, 0x10)
sendmsg$SMC_PNETID_ADD(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010027bd7000fbd3df2502000000050004000100000005000400010000001400020076657468315f746f5f7465616d0000000900030073797a32000000000900010073797a"], 0x68}, 0x1, 0x0, 0x0, 0x4000145}, 0x0)

1.351479215s ago: executing program 0 (id=6693):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)={0x2c, r1, 0x1, 0x40f0bd28, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x2c}}, 0x18)
arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f0000000200))
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
prctl$PR_SET_THP_DISABLE(0x41, 0x802)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kmem_cache_free\x00', r4, 0x0, 0x8000}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffe, 0x2, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0x7}, 0x0, 0x4, 0x0, 0x9, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78}, 0x2160)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x25}, 0x94)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth1_virt_wifi\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8946, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)

1.076013606s ago: executing program 0 (id=6694):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="0b000000050000000400000032a9000009"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000900000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000f9ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
open$dir(&(0x7f00000002c0)='./control/file0\x00', 0x84042, 0x0)
unlink(&(0x7f00000001c0)='./control/file0\x00')

1.036780449s ago: executing program 0 (id=6695):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000080)=0x1, 0x4)
socket(0x10, 0x80002, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendto$inet6(r2, &(0x7f0000000100)="15", 0x1, 0x1, &(0x7f0000000140)={0xa, 0x4e23, 0x7ff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}, 0x1c)
sendmsg$inet6(r2, &(0x7f0000000380)={&(0x7f0000000180)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000480)='y', 0x1}], 0x1}, 0x0)
shutdown(r2, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}, 0x0, 0x0, 0x4}, &(0x7f0000000080)=0x9c)
socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000002140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0209000007"], 0x38}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000000206010700000000000000000000000014000300686173683a69702c706f72742c6970000900020073797a31000000000500010007000000050005000a0000000500040001000000c1590c9fe92c70409533a7acaf3d7072b144c5f5c963697b3ff9bea20eba159d251d57a146ac718289d253f3be698fed96dc6035adef29a07823dc76"], 0x4c}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)
r9 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000300)={'bond0\x00'})
r10 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r11 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
modify_ldt$write2(0x11, &(0x7f0000000000)={0xffff, 0x0, 0x1000, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1}, 0x10)
sendmsg$SMC_PNETID_ADD(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010027bd7000fbd3df2502000000050004000100000005000400010000001400020076657468315f746f5f7465616d0000000900030073797a32000000000900010073797a"], 0x68}, 0x1, 0x0, 0x0, 0x4000145}, 0x0)

908.569859ms ago: executing program 6 (id=6696):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x19, 0x4, 0x8, 0x5}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r1}, 0x14)
syz_emit_ethernet(0x32, &(0x7f0000001940)={@random="dba1f19f77c5", @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x2, 0x4, 0x24, 0x64, 0x0, 0x71, 0x11, 0x0, @multicast2, @empty}, {0x4e22, 0x4e21, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x1, 0x0, @val=0x80}}}}}}}, 0x0)

754.156201ms ago: executing program 3 (id=6699):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000080)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2)

744.633552ms ago: executing program 6 (id=6700):
r0 = getpid()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
mknod(0x0, 0x8001420, 0x0)
setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r0, 0x0) (fail_nth: 1)

671.732877ms ago: executing program 3 (id=6701):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000001fc0)=ANY=[@ANYBLOB="1800000000000000000000000000249f45c58f686ed7e49dd3a472514aee11298290af8ea14a7885d08cad2b04bdad16822f4b68534ebacab916deccf43aa7b64a7c454608cb0c9f8447ef17a76af90e7354af173a6e843b6e184bbe55c4a0019e8ae65176e3fa0e12ab587a66e71e89046894243ae586bee5cdb53b653964de3899285b38ebd10d2f0eb06f1a0d4fcda93fbf8c14f90e77b884ae2de29557e82af1025314d1412264869ad6f9324c8aec6cd1fbea282ed5b68f4f635bc1ebff7b31506848c20e79814fcf0aa5e64bf3717d39672a56c353159fd8c67e3c"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000240)='workqueue_queue_work\x00', r1}, 0x18)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000840)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
stat(&(0x7f0000000400)='./bus\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r4=>r2, {r3, 0xffffffffffffffff}}, './file1\x00'})
socket$nl_xfrm(0x10, 0x3, 0x6)
lstat(&(0x7f0000000800)='./bus\x00', &(0x7f0000000a80))
syz_clone3(&(0x7f0000000ec0)={0x200000400, &(0x7f0000000c00), &(0x7f0000000c40), &(0x7f0000000c80), {0x13}, &(0x7f0000000cc0)=""/231, 0xe7, &(0x7f0000000dc0)=""/165, &(0x7f0000000e80)=[0x0], 0x1}, 0x58)
pipe(&(0x7f0000000f40))
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000040)='bic', 0xff3d)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x9, 0x11, &(0x7f0000002800)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @alu={0x4, 0x0, 0xb, 0x9, 0x8, 0xfffffffffffffed4, 0x10}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2}], &(0x7f00000008c0)='syzkaller\x00', 0xa, 0x0, 0x0, 0x40f00, 0x13, '\x00', 0x0, @fallback=0x16, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000940)={0x2, 0x10, 0x9, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window], 0x5)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)})
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket(0x2, 0x80805, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r8, 0x84, 0x7a, &(0x7f0000000340)={<r9=>0x0, @in6={{0xa, 0x3, 0x4, @mcast1}}}, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r7, 0x84, 0x70, &(0x7f0000000540)={r9, @in6={{0xa, 0x4e20, 0xe, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x5}}, [0x80, 0x0, 0xb, 0x8, 0x4, 0x1, 0xfffffffffffffffe, 0x5568, 0x4000000000000, 0x9, 0x1, 0x4, 0x4, 0x65d6, 0x1ff]}, &(0x7f0000000280)=0x100)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge0\x00'})

671.288187ms ago: executing program 6 (id=6702):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000140)=@v3={0x3000000, [{0x4}, {0xfffffffe}]}, 0x18, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x5, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x19, 0x35}, [@call]}, &(0x7f0000000140)='GPL\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd0c}, 0x23)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)

614.870502ms ago: executing program 6 (id=6703):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
socket$packet(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000082aaaaaaaaaaaa88a80000"], 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xfffffffffffffd2e, &(0x7f0000000000)='e', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x48)

400.812129ms ago: executing program 2 (id=6705):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r0, 0x0, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="5c00000002060108000100000000000000004000050005000a000000050001000700000005000400000000000900020073797a310000000016000300686173683a6e65742c706f72742c6e65"], 0x5c}}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x7, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

397.703849ms ago: executing program 6 (id=6706):
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180), 0x40, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200080, &(0x7f0000000400)={[{@resuid}, {@delalloc}, {@bsdgroups}]}, 0x3, 0x56d, &(0x7f0000000c00)="$eJzs3c9vG1kdAPDvTOI4/bGbFvYAq4UWWCioqtOku9VqL9teQGi1EmLFAXHohsSNQp261M6yCZXI/g0ggeAEfwIHJA5Ie+LAjSMSB4S0HJAKVKAGAZLRjKep24xVt3bsTfL5SNP58ebN9z014/f8bM8L4Mg6GxHbETETEe9ExFxxPCmWuNJdsvPu37uzvHPvznISnc7bf0/y9OxY9OTJnCiuORsRX/9KxLeTvXFbm1s3lhqN+u1if769fmu+tbl1YW19abW+Wr+5uHh54fLF1y69ujiyup5Z/+XdL6+9+Y3f/PpTH/5++0vfz4p1skjrrccodate2Y2TmY6IN/cj2ARMFeuZPSkvlWe4sr/l4emkEfGxiPhsfv/PxVT+1wkAHGadzk+jM9e7DwAcdtn7/5OzSVqLiDQtOgG17hjeC3E8bTRb7fPXmxs3V7pjZaeikl5fa9Qvnq7+8bv5yZUk21/I0/L0fH/xsf1LEXE6In5UPZbv15abjZXJdHkA4Mg7kX8GVrT/EfGvaprWagNlLflUDwA4MGYnkBMAmKzeVrw6wXIAAOPjXTwAHD0DtP/Fh/3b+14WAGA8vP8HgKNH+w8AR8/Ttv++IwgAB9rX3norWzo7xfOvV97d3Kg0372wUm/dqK1vLNeWm7dv1VabzdX8mT3rj2Q+1rNd9AkazeathVdi4735dr3Vnm9tbl1bb27cbF/Ln+t9rV4Za+0AgDKnz3zwhyQitl8/li/RM5eDthoOt3TSBQAmZurhZv3E02bWQYAD7dlm+/rPyMsBjF9lkF/05Z2E3+1/YYCJKH2Y92zp5qN+8hRBfM8YPlLOfXLw8f+9czwDB5nxfzi6pp4p1xsjLwcwfs82/g8cBp1O8vic/zO7SQDAoTTEV/g6PxhVJwSYqCdN5j2Sz/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkDkZEd+JJK3lc4Gn2b9prRbxXEScikpyfa1RvxgRz8eZiKhUs/2FSRcaABhS+tekmP/r3NzLJx9PnUn+Xc3XEfG9n7394/eW2u3bC9nxf+wer5bMDjbEvIIAwGA61QFPzNvvxWLd80b+/r07yw+W/SpkmbtX43/FVMTLO/fu5Es3ZTqygxGzeV/i+D+TmC7yZL2NFyNiagTxt9+PiE+U1T/Jx0ZOFX2b3vhRxH5urPHTR+KneVp3nfXdPj6CssBR88HViLhSdv+lcTZfl9//s/kr1PDuXu1e7MFr307P6+90EWmqJH52z58dNMYrv/3qnoOduW7a+xEvTpfFT3bjJ33ivzxg/D+99OkfvtEnrfPziHNRHr831nx7/dZ8a3Prwtr60mp9dTYWFy8vXL742qVXF+fzMer5ByPVe/3t9fPP9ytbVv/jfeLPltZ/Zjfv5wes/y/++863PvNwt/p4/C9+rix+Gi+Uxu/K2sQvPBqm0y/+0vFf9Z2+O4u/0qf+T/r/Pz9I5SPiw79srQx4KgAwBq3NrRtLjUb99lAbaex0RnGdPRtZEQc7+UF3cbigf479qMUzblSGrs6kNqZ3+4qjvfI3syuOuTrpyGsx1Mb9ccWa3GsSMB4Pb/pJlwQAAAAAAAAAAAAAAOhnHD9dmnQdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOLz+HwAA//85T9KE")
r2 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
name_to_handle_at(r3, &(0x7f0000000240)='./mnt\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="1000000002000000091aa5448b245c4de7000000020000006bfd0e166d15d47c0f939e51684f67d823da72f52270521c8339a00718e037671b45b387dea8e738da03ff487f8482db3720c21f60ab4920261499143ffbd76367490ef0bed1a9fedae184d49a8f954863e2b09cc083b919bbef6fac"], &(0x7f00000002c0), 0x400)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='kmem_cache_free\x00', r5}, 0x18)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
r8 = syz_open_dev$evdev(&(0x7f00000000c0), 0x3, 0x40)
syz_usb_disconnect(r8)
fcntl$lock(r6, 0x5, &(0x7f00000001c0)={0x300, 0x0, 0x0, 0x200})
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r9=>0x0}, &(0x7f0000000280)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=r9], 0x9)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r10, 0x6, 0x1, 0x0, &(0x7f0000000040))
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)

261.28938ms ago: executing program 2 (id=6707):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000490000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f9cf02e, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x84)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000010850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073794f310000000008000440080000000900010073797a3000000000080003400000000114000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f5"], 0x34}, 0x1, 0x0, 0x0, 0x66df5cfbe53006d1}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x7, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="1800000007140100000032c83a110000050042"], 0x18}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f00000000c0)={[{@grpquota}, {@inlinecrypt}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r4 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, 0x0, 0x0)
write$RDMA_USER_CM_CMD_DESTROY_ID(r4, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000800, 0x0, 0x0, 0x0)
lchown(0x0, 0xee01, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r5 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x0, 0x79b})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x20}}, 0x0)
io_uring_enter(r5, 0x8ae, 0x6933, 0x17, 0x0, 0xeffd)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x11e)

172.721796ms ago: executing program 0 (id=6708):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_udp_int(r1, 0x11, 0xb, &(0x7f0000000200)=0x6, 0x4)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000300)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x68, 0x0, 0x0, 0x88, 0x0, @remote, @local}, {0xfffe, 0x4e24, 0x4d, 0x0, @wg=@initiation={0x1, 0x4, "497a1d08fd3d0ee007022798bb6374ed840b4f36f41fc4d035e9ebe414aa958d", "4bbef5e4007898221aa606d083cd59745493938f1e2de8fdadd3823fedd2c01b2aff03050a4ca5d10fd1b6b06f47ea42", "ef7c9d6a98e3943f6892078bb952854743fe4dddd2e7c0ce70a4ac7d", {"a851525b16af17fe87acbae2ab0b233d", "01422d01cd53c3abe94331d0b7918724"}}}}}}}, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x1)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)
msync(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x7)

137.858519ms ago: executing program 2 (id=6709):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000040)={'wg0\x00'})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0xac, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf], 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffb], [0x0, 0x0, 0x8]}}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xe, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x4}}]}]}, 0xac}}, 0x0)

111.985301ms ago: executing program 2 (id=6710):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}, {0x4, 0x300}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

95.166682ms ago: executing program 2 (id=6711):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x4, @loopback}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000400), 0x0, 0x8004}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000038c0), r3)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f00000039c0)={'wpan1\x00'})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file2\x00', 0x404, &(0x7f0000000080)={[{@nogrpid}, {@noinit_itable}, {@jqfmt_vfsold}, {@debug}, {@nodiscard}, {@quota}]}, 0x1, 0x43d, &(0x7f0000000700)="$eJzs28tvG0UYAPBv7SQlfZBQlUfTAoGCiHgkTVpKD1xAIHEACQkO5RiStAp1G9QEiVYRBITKEVXijjgi8RdwggsCTkhc4Y4qVSiXFk5Ga+8mtmOneThxW/9+0iYzu+PMfN4de2YnG0DXGk5/JBH7I+LPiBioZusLDFd/3VpenPp3eXEqiXL5nX+SSrmby4tTedH8dfvyTE9E4YskjjSpd/7ylfOTpdLMpSw/tnDhw7H5y1demL0weW7m3MzFidOnT54Yf+nUxIttiTON6+bQJ3NHD7/x3rW3ps5ce//X75M8/oY42mR4vYNPl8ttrq6zDtSkk54ONoRNKVa7afRW+v9AFGP15A3E65/n6b5ONRDYMeVyufxQ68NLZeAelkSnWwB0Rv5Fn85/822Xhh53hBuvVCdAady3sq16pCcKWZnehvltOw1HxJml/75Jt9iZ+xAAAHV+TMc/zzcb/xWi9r7Q/dkaymBEPBARByPiVEQciogHIyplH46IRzZZf+MiydrxT+H6lgLboHT893K2tlU//stHfzFYzHIHKvH3JmdnSzPHs/dkJHr3pPnxder46bU/vmp1rHb8l25p/flYMGvH9Z499a+ZnlyY3E7MtW58FjHU0yz+ZGUlIImIwxExtMU6Zp/97mirY7ePfx1tWGcqfxvxTPX8L0VD/LlktaZm65Nj90Vp5vhYflWs9dvvV99uVf+24m+D9PzvbXr9r8Q/mNSu185vvo6rf33Zck6z1eu/L3m3bt/HkwsLl8Yj+pI3q42u3T/RUG5itXwa/8ix5v3/YKy+E0ciIr2IH42IxyLi8aztT0TEkxFxbJ34f3n1qQ+2Hv/OSuOf3tT5X030ReOe5oni+Z9/qKt0cDPxp+f/ZCU1ku3ZyOffRtq1tasZAAAA7j6FiNgfSWF0JV0ojI5W/4f/UOwtlObmF547O/fRxenqMwKD0VvI73QN1NwPHc+m9Xl+oiF/Irtv/HWxv5IfnZorTXc6eOhy+1r0/9TfxU63DthxnteC7qX/Q/fS/6F76f/QvZr0//5OtAPYfc2+/z/tQDuA3dfQ/y37QRcx/4fupf9D99L/oSvN98ftH5KXkFiTiMId0Yx7J5EkEdv/O0m0qT2d/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoj/8DAAD//7Pm4aw=")
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='kfree\x00', r4, 0x0, 0x2144}, 0x18)
r5 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r5, 0x8008551c, &(0x7f0000000180)={0x1, 0x18, 0x0, 0x1, 0x0, 0x0, 0x0})
ftruncate(0xffffffffffffffff, 0x2007ffc)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)

0s ago: executing program 2 (id=6712):
write$P9_RUNLINKAT(0xffffffffffffffff, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x74120, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0x2}, 0x10000, 0x10003, 0x80000001, 0x3, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
mmap$perf(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x4000011, r0, 0x0)
mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000bb3000/0x1000)=nil)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f00000006c0)=ANY=[@ANYRES8, @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000680)='cdev_update\x00', r2, 0x0, 0x3}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffff"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="2100000000000000000000000000100000040000", @ANYRES32, @ANYBLOB="fdffffff03"], 0x50)

kernel console output (not intermixed with test programs):


[  331.836396][ T3642] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  331.837137][T20608] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.844633][ T3642] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  331.875617][T20593] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.924492][T20593] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  331.933337][T20621] netem: change failed
[  331.939933][T12187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.952352][T20600] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.6277: missing EA_INODE flag
[  331.966668][T20621] netlink: 'syz.0.6279': attribute type 10 has an invalid length.
[  331.975319][T18750] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.984812][T20600] EXT4-fs (loop3): Remounting filesystem read-only
[  331.989324][T20621] team0: Port device dummy0 added
[  332.011179][T20621] netlink: 'syz.0.6279': attribute type 10 has an invalid length.
[  332.022655][T20621] team0: Port device dummy0 removed
[  332.031534][T20621] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  332.050951][T20624] loop1: detected capacity change from 0 to 512
[  332.069775][T20624] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.083910][T20624] ext4 filesystem being mounted at /102/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  332.118441][T20624] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 3: comm syz.1.6281: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  332.119903][T18881] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.147952][T20624] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 12: comm syz.1.6281: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[  332.183111][T20624] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 13: comm syz.1.6281: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[  332.208323][T20624] EXT4-fs error (device loop1): ext4_map_blocks:783: inode #2: block 18: comm syz.1.6281: lblock 23 mapped to illegal pblock 18 (length 1)
[  332.214273][T20632] netem: change failed
[  332.241105][T20632] netlink: 'syz.3.6282': attribute type 10 has an invalid length.
[  332.251195][T20632] bond0: (slave dummy0): Releasing backup interface
[  332.261169][T20632] team0: Port device dummy0 added
[  332.268350][T20634] netlink: 'syz.0.6284': attribute type 4 has an invalid length.
[  332.272248][T20632] netlink: 'syz.3.6282': attribute type 10 has an invalid length.
[  332.278465][T20634] serio: Serial port ttyS3
[  332.289321][T20632] team0: Port device dummy0 removed
[  332.296861][T20632] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  332.315436][T20632] loop3: detected capacity change from 0 to 1024
[  332.337078][T20632] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.353209][T20632] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.6282: missing EA_INODE flag
[  332.365337][T20632] EXT4-fs (loop3): Remounting filesystem read-only
[  332.387426][T18881] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.429916][T20641] loop3: detected capacity change from 0 to 2048
[  332.439064][T20624] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #2: comm syz.1.6281: corrupted inode contents
[  332.451305][T20624] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #2: comm syz.1.6281: mark_inode_dirty error
[  332.463017][T20624] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #2: comm syz.1.6281: corrupted inode contents
[  332.507350][T19176] Alternate GPT is invalid, using primary GPT.
[  332.513605][T19176]  loop3: p1 p2 p3
[  332.517412][T19176] loop3: partition table partially beyond EOD, truncated
[  332.529405][T20641] Alternate GPT is invalid, using primary GPT.
[  332.535744][T20641]  loop3: p1 p2 p3
[  332.539468][T20641] loop3: partition table partially beyond EOD, truncated
[  332.597440][T19176] udevd[19176]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  332.599398][T19177] udevd[19177]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  332.624495][T19175] udevd[19175]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  332.652086][T20648] loop2: detected capacity change from 0 to 256
[  332.722475][T20650] loop3: detected capacity change from 0 to 512
[  332.738500][T20650] EXT4-fs: Ignoring removed mblk_io_submit option
[  332.746110][T20650] EXT4-fs: Ignoring removed bh option
[  332.752755][T20650] ext4: Unknown parameter 'obj_role'
[  332.761176][T20654] netem: change failed
[  332.768239][T20654] netlink: 'syz.2.6290': attribute type 10 has an invalid length.
[  332.779567][T20654] bond0: (slave dummy0): Releasing backup interface
[  332.795223][T20654] team0: Port device dummy0 added
[  332.802662][T20654] netlink: 'syz.2.6290': attribute type 10 has an invalid length.
[  332.813543][T20654] team0: Port device dummy0 removed
[  332.824143][T20654] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  332.839175][T20654] loop2: detected capacity change from 0 to 1024
[  332.858568][T20654] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.870880][T20660] FAULT_INJECTION: forcing a failure.
[  332.870880][T20660] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.884062][T20660] CPU: 0 UID: 0 PID: 20660 Comm: syz.3.6292 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  332.884181][T20660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  332.884195][T20660] Call Trace:
[  332.884204][T20660]  <TASK>
[  332.884213][T20660]  __dump_stack+0x1d/0x30
[  332.884239][T20660]  dump_stack_lvl+0xe8/0x140
[  332.884324][T20660]  dump_stack+0x15/0x1b
[  332.884349][T20660]  should_fail_ex+0x265/0x280
[  332.884377][T20660]  should_fail+0xb/0x20
[  332.884471][T20660]  should_fail_usercopy+0x1a/0x20
[  332.884496][T20660]  _copy_from_user+0x1c/0xb0
[  332.884604][T20660]  memdup_user+0x5e/0xd0
[  332.884623][T20660]  strndup_user+0x68/0xb0
[  332.884643][T20660]  __se_sys_mount+0x4d/0x2e0
[  332.884701][T20660]  ? fput+0x8f/0xc0
[  332.884730][T20660]  ? ksys_write+0x192/0x1a0
[  332.884751][T20660]  __x64_sys_mount+0x67/0x80
[  332.884781][T20660]  x64_sys_call+0x2cca/0x3000
[  332.884856][T20660]  do_syscall_64+0xd8/0x2c0
[  332.884892][T20660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.884915][T20660] RIP: 0033:0x7fcbc478f749
[  332.884931][T20660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.884982][T20660] RSP: 002b:00007fcbc31f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  332.885001][T20660] RAX: ffffffffffffffda RBX: 00007fcbc49e5fa0 RCX: 00007fcbc478f749
[  332.885015][T20660] RDX: 0000200000000140 RSI: 00002000000003c0 RDI: 0000200000000100
[  332.885028][T20660] RBP: 00007fcbc31f7090 R08: 0000000000000000 R09: 0000000000000000
[  332.885042][T20660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.885118][T20660] R13: 00007fcbc49e6038 R14: 00007fcbc49e5fa0 R15: 00007ffe53975c38
[  332.885139][T20660]  </TASK>
[  332.903171][T20654] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.6290: missing EA_INODE flag
[  332.937782][T20662] netlink: 'syz.3.6293': attribute type 4 has an invalid length.
[  332.950338][T20654] EXT4-fs (loop2): Remounting filesystem read-only
[  332.954482][T20662] serio: Serial port ttyS3
[  333.093483][T18750] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.102954][T19089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.133528][T20667] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=20667 comm=syz.4.6295
[  333.146518][T20667] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=20667 comm=syz.4.6295
[  333.336354][T19176] Alternate GPT is invalid, using primary GPT.
[  333.342635][T19176]  loop1: p1 p2 p3
[  333.346406][T19176] loop1: partition table partially beyond EOD, truncated
[  333.360241][T20689] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  333.378579][T20689] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  333.388644][T20689] System zones: 1-12
[  333.392934][T20689] EXT4-fs (loop2): 1 truncate cleaned up
[  333.400755][T20681] Alternate GPT is invalid, using primary GPT.
[  333.407107][T20681]  loop1: p1 p2 p3
[  333.410830][T20681] loop1: partition table partially beyond EOD, truncated
[  333.413622][T20689] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.444363][T20689] FAULT_INJECTION: forcing a failure.
[  333.444363][T20689] name failslab, interval 1, probability 0, space 0, times 0
[  333.457052][T20689] CPU: 0 UID: 0 PID: 20689 Comm:  Not tainted syzkaller #0 PREEMPT(voluntary) 
[  333.457079][T20689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  333.457093][T20689] Call Trace:
[  333.457100][T20689]  <TASK>
[  333.457109][T20689]  __dump_stack+0x1d/0x30
[  333.457136][T20689]  dump_stack_lvl+0xe8/0x140
[  333.457159][T20689]  dump_stack+0x15/0x1b
[  333.457204][T20689]  should_fail_ex+0x265/0x280
[  333.457231][T20689]  should_failslab+0x8c/0xb0
[  333.457256][T20689]  __kmalloc_noprof+0xb9/0x5a0
[  333.457342][T20689]  ? copy_splice_read+0xc2/0x660
[  333.457363][T20689]  copy_splice_read+0xc2/0x660
[  333.457390][T20689]  ? __pfx_ext4_file_splice_read+0x10/0x10
[  333.457414][T20689]  splice_direct_to_actor+0x290/0x680
[  333.457492][T20689]  ? __pfx_direct_splice_actor+0x10/0x10
[  333.457516][T20689]  do_splice_direct+0xda/0x150
[  333.457562][T20689]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  333.457589][T20689]  do_sendfile+0x380/0x650
[  333.457619][T20689]  __x64_sys_sendfile64+0x105/0x150
[  333.457651][T20689]  x64_sys_call+0x2db1/0x3000
[  333.457724][T20689]  do_syscall_64+0xd8/0x2c0
[  333.457835][T20689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.457861][T20689] RIP: 0033:0x7f441abff749
[  333.457878][T20689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.457899][T20689] RSP: 002b:00007f441965f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  333.457918][T20689] RAX: ffffffffffffffda RBX: 00007f441ae55fa0 RCX: 00007f441abff749
[  333.457932][T20689] RDX: 0000000000000000 RSI: 000000000000000a RDI: 000000000000000a
[  333.457944][T20689] RBP: 00007f441965f090 R08: 0000000000000000 R09: 0000000000000000
[  333.458001][T20689] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[  333.458015][T20689] R13: 00007f441ae56038 R14: 00007f441ae55fa0 R15: 00007ffe1b2d6288
[  333.458054][T20689]  </TASK>
[  333.668311][T19175] udevd[19175]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  333.680165][T19177] udevd[19177]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  333.691513][T19176] udevd[19176]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  333.707654][T20699] FAULT_INJECTION: forcing a failure.
[  333.707654][T20699] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.720861][T20699] CPU: 0 UID: 0 PID: 20699 Comm: syz.1.6307 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  333.720896][T20699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  333.720910][T20699] Call Trace:
[  333.720917][T20699]  <TASK>
[  333.720925][T20699]  __dump_stack+0x1d/0x30
[  333.720997][T20699]  dump_stack_lvl+0xe8/0x140
[  333.721022][T20699]  dump_stack+0x15/0x1b
[  333.721089][T20699]  should_fail_ex+0x265/0x280
[  333.721116][T20699]  should_fail+0xb/0x20
[  333.721136][T20699]  should_fail_usercopy+0x1a/0x20
[  333.721164][T20699]  _copy_from_user+0x1c/0xb0
[  333.721277][T20699]  tls_setsockopt+0x4e0/0xe70
[  333.721313][T20699]  sock_common_setsockopt+0x69/0x80
[  333.721339][T20699]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  333.721384][T20699]  __sys_setsockopt+0x184/0x200
[  333.721492][T20699]  __x64_sys_setsockopt+0x64/0x80
[  333.721590][T20699]  x64_sys_call+0x21d5/0x3000
[  333.721619][T20699]  do_syscall_64+0xd8/0x2c0
[  333.721656][T20699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.721682][T20699] RIP: 0033:0x7f072636f749
[  333.721711][T20699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.721730][T20699] RSP: 002b:00007f0724dd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  333.721749][T20699] RAX: ffffffffffffffda RBX: 00007f07265c5fa0 RCX: 00007f072636f749
[  333.721763][T20699] RDX: 0000000000000001 RSI: 000000000000011a RDI: 0000000000000005
[  333.721778][T20699] RBP: 00007f0724dd7090 R08: 0000000000000028 R09: 0000000000000000
[  333.721793][T20699] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  333.721807][T20699] R13: 00007f07265c6038 R14: 00007f07265c5fa0 R15: 00007ffe5724c818
[  333.721904][T20699]  </TASK>
[  333.722481][T19177] udevd[19177]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  333.743686][T19176] udevd[19176]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  333.778310][T20701] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=20701 comm=syz.1.6308
[  333.832579][T19175] udevd[19175]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  333.846098][T20701] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=20701 comm=syz.1.6308
[  334.072669][T19089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.184836][T20723] netem: change failed
[  334.197031][T20723] bond0: (slave dummy0): Releasing backup interface
[  334.219914][T20723] team0: Port device dummy0 added
[  334.238274][T20723] team0: Port device dummy0 removed
[  334.245963][T20723] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  334.269231][T19176] Alternate GPT is invalid, using primary GPT.
[  334.275836][T19176]  loop3: p2 p3 p7
[  334.290442][T20723] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  334.292295][T20733] netem: change failed
[  334.318426][T20707] Alternate GPT is invalid, using primary GPT.
[  334.324883][T20707]  loop3: p2 p3 p7
[  334.329231][T20733] bond0: (slave dummy0): Releasing backup interface
[  334.331765][T20729] xt_hashlimit: max too large, truncated to 1048576
[  334.363769][T20703] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  334.380089][T19176] udevd[19176]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  334.394247][T19089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.394797][T20733] team0: Port device dummy0 added
[  334.421346][T20734] team0: Port device dummy0 removed
[  334.489493][T20734] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  334.711633][T20745] 9p: Bad value for 'rfdno'
[  334.817844][T20757] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.830535][T20757] ext4 filesystem being mounted at /552/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  334.861523][T20761] xt_hashlimit: max too large, truncated to 1048576
[  334.919062][T12187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.947026][T20765] syzkaller0: entered promiscuous mode
[  334.952523][T20765] syzkaller0: entered allmulticast mode
[  334.978290][T20767] gretap0: entered promiscuous mode
[  334.995271][T20767] vlan2: entered promiscuous mode
[  335.168890][T20781] __nla_validate_parse: 18 callbacks suppressed
[  335.168905][T20781] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6336'.
[  335.184166][T20781] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6336'.
[  335.214557][T20781] vlan2: entered allmulticast mode
[  335.244957][T20776] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  335.267614][T20776] EXT4-fs (loop1): 1 truncate cleaned up
[  335.283793][T20776] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  335.326177][T20797] sd 0:0:1:0: device reset
[  335.422019][T20804] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  335.431490][T20804] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  335.431620][T19176] Alternate GPT is invalid, using primary GPT.
[  335.445666][T19176]  loop4: p1 p2 p3
[  335.449374][T19176] loop4: partition table partially beyond EOD, truncated
[  335.461987][T20803] Alternate GPT is invalid, using primary GPT.
[  335.468469][T20803]  loop4: p1 p2 p3
[  335.472184][T20803] loop4: partition table partially beyond EOD, truncated
[  335.531021][T20807] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  335.542309][T20807] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  335.551655][T20807] System zones: 1-12
[  335.556153][T20807] EXT4-fs (loop4): 1 truncate cleaned up
[  335.562229][T20807] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.608306][T20807] netlink: 4 bytes leftover after parsing attributes in process `'.
[  335.696973][T19176] Alternate GPT is invalid, using primary GPT.
[  335.703227][T19176]  loop2: p1 p2 p3
[  335.706971][T19176] loop2: partition table partially beyond EOD, truncated
[  335.719368][T20814] Alternate GPT is invalid, using primary GPT.
[  335.725716][T20814]  loop2: p1 p2 p3
[  335.729425][T20814] loop2: partition table partially beyond EOD, truncated
[  335.781686][T20818] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6348'.
[  335.793327][T20818] netem: change failed
[  335.811262][T20818] bond0: (slave dummy0): Releasing backup interface
[  335.821209][T20818] team0: Port device dummy0 added
[  335.840535][T20818] team0: Port device dummy0 removed
[  335.848085][T20818] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  335.877196][T20818] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  335.892244][T20818] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.6348: missing EA_INODE flag
[  335.904382][T20818] EXT4-fs (loop2): Remounting filesystem read-only
[  335.923652][T19089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.015348][T18750] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.054084][T20829] serio: Serial port ttyS3
[  336.127535][T20834] set_capacity_and_notify: 13 callbacks suppressed
[  336.127551][T20834] loop1: detected capacity change from 0 to 512
[  336.142253][T20834] EXT4-fs (loop1): orphan cleanup on readonly fs
[  336.149412][T20834] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.6354: bad orphan inode 13
[  336.181477][T20834] ext4_test_bit(bit=12, block=18) = 1
[  336.187019][T20834] is_bad_inode(inode)=0
[  336.191250][T20834] NEXT_ORPHAN(inode)=2130706432
[  336.196155][T20834] max_ino=32
[  336.199363][T20834] i_nlink=1
[  336.203788][T12187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.212236][T20834] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  336.278809][T18750] EXT4-fs error (device loop1): ext4_lookup:1789: inode #2: comm syz-executor: deleted inode referenced: 12
[  336.298839][T18750] EXT4-fs error (device loop1): ext4_lookup:1789: inode #2: comm syz-executor: deleted inode referenced: 12
[  336.338142][T20848] loop4: detected capacity change from 0 to 512
[  336.399655][   T29] kauditd_printk_skb: 510 callbacks suppressed
[  336.399670][   T29] audit: type=1326 audit(1765961898.286:21437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20847 comm="syz.4.6361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faec12865e7 code=0x7ffc0000
[  336.429519][   T29] audit: type=1326 audit(1765961898.286:21438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20847 comm="syz.4.6361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faec122b829 code=0x7ffc0000
[  336.453059][   T29] audit: type=1326 audit(1765961898.286:21439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20847 comm="syz.4.6361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faec12865e7 code=0x7ffc0000
[  336.476630][   T29] audit: type=1326 audit(1765961898.286:21440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20847 comm="syz.4.6361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faec122b829 code=0x7ffc0000
[  336.500168][   T29] audit: type=1326 audit(1765961898.286:21441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20847 comm="syz.4.6361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faec12865e7 code=0x7ffc0000
[  336.523795][   T29] audit: type=1326 audit(1765961898.286:21442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20847 comm="syz.4.6361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faec122b829 code=0x7ffc0000
[  336.547312][   T29] audit: type=1326 audit(1765961898.286:21443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20847 comm="syz.4.6361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faec12865e7 code=0x7ffc0000
[  336.570947][   T29] audit: type=1326 audit(1765961898.286:21444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20847 comm="syz.4.6361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faec122b829 code=0x7ffc0000
[  336.594560][   T29] audit: type=1326 audit(1765961898.286:21445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20847 comm="syz.4.6361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faec12865e7 code=0x7ffc0000
[  336.618294][   T29] audit: type=1326 audit(1765961898.286:21446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20847 comm="syz.4.6361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faec122b829 code=0x7ffc0000
[  336.642330][T19175] printk: udevd: 15 output lines suppressed due to ratelimiting
[  336.740152][  T862] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.888364][  T862] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.927914][T20866] syzkaller0: entered promiscuous mode
[  336.933432][T20866] syzkaller0: entered allmulticast mode
[  336.948973][  T862] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.014533][T20862] lo speed is unknown, defaulting to 1000
[  337.027381][  T862] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.106757][  T862] bridge_slave_1: left allmulticast mode
[  337.112444][  T862] bridge_slave_1: left promiscuous mode
[  337.118208][  T862] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.126877][  T862] bridge_slave_0: left allmulticast mode
[  337.132538][  T862] bridge_slave_0: left promiscuous mode
[  337.138289][  T862] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.327774][  T862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  337.338051][  T862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  337.357705][  T862] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  337.370363][  T862] bond0 (unregistering): Released all slaves
[  337.414298][T20860] lo speed is unknown, defaulting to 1000
[  337.423795][T20881] lo speed is unknown, defaulting to 1000
[  337.446520][  T862] tipc: Left network mode
[  337.508801][  T862] hsr_slave_0: left promiscuous mode
[  337.515303][  T862] hsr_slave_1: left promiscuous mode
[  337.535479][  T862] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  337.542859][  T862] batman_adv: batadv0: Removing interface: batadv_slave_0
[  337.565507][  T862] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  337.572974][  T862] batman_adv: batadv0: Removing interface: batadv_slave_1
[  337.597999][  T862] veth1_macvtap: left promiscuous mode
[  337.603491][  T862] veth0_macvtap: left promiscuous mode
[  337.618370][  T862] veth1_vlan: left promiscuous mode
[  337.623629][  T862] veth0_vlan: left promiscuous mode
[  337.779274][  T862] team0 (unregistering): Port device team_slave_1 removed
[  337.795311][  T862] team0 (unregistering): Port device team_slave_0 removed
[  337.915869][T20884] loop3: detected capacity change from 0 to 2048
[  337.925836][T20891] FAULT_INJECTION: forcing a failure.
[  337.925836][T20891] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  337.938924][T20891] CPU: 1 UID: 0 PID: 20891 Comm: syz.0.6374 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  337.938952][T20891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  337.938966][T20891] Call Trace:
[  337.938974][T20891]  <TASK>
[  337.938982][T20891]  __dump_stack+0x1d/0x30
[  337.939056][T20891]  dump_stack_lvl+0xe8/0x140
[  337.939079][T20891]  dump_stack+0x15/0x1b
[  337.939103][T20891]  should_fail_ex+0x265/0x280
[  337.939186][T20891]  should_fail+0xb/0x20
[  337.939206][T20891]  should_fail_usercopy+0x1a/0x20
[  337.939293][T20891]  _copy_from_iter+0xcf/0xe70
[  337.939412][T20891]  ? __alloc_skb+0x3bb/0x4d0
[  337.939437][T20891]  ? __alloc_skb+0x24d/0x4d0
[  337.939468][T20891]  netlink_sendmsg+0x471/0x6b0
[  337.939510][T20891]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.939615][T20891]  __sock_sendmsg+0x145/0x180
[  337.939637][T20891]  ____sys_sendmsg+0x31e/0x4a0
[  337.939691][T20891]  ___sys_sendmsg+0x17b/0x1d0
[  337.939731][T20891]  __x64_sys_sendmsg+0xd4/0x160
[  337.939843][T20891]  x64_sys_call+0x17ba/0x3000
[  337.939873][T20891]  do_syscall_64+0xd8/0x2c0
[  337.939912][T20891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.939936][T20891] RIP: 0033:0x7f75b48ff749
[  337.940032][T20891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.940054][T20891] RSP: 002b:00007f75b335f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.940075][T20891] RAX: ffffffffffffffda RBX: 00007f75b4b55fa0 RCX: 00007f75b48ff749
[  337.940088][T20891] RDX: 0000000004004804 RSI: 0000200000000140 RDI: 0000000000000006
[  337.940100][T20891] RBP: 00007f75b335f090 R08: 0000000000000000 R09: 0000000000000000
[  337.940150][T20891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.940224][T20891] R13: 00007f75b4b56038 R14: 00007f75b4b55fa0 R15: 00007ffd8348da08
[  337.940246][T20891]  </TASK>
[  338.090131][T20860] chnl_net:caif_netlink_parms(): no params data found
[  338.142203][T20884] Alternate GPT is invalid, using primary GPT.
[  338.148593][T20884]  loop3: p1 p2 p3
[  338.152303][T20884] loop3: partition table partially beyond EOD, truncated
[  338.194567][T20896] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6376'.
[  338.203990][T20896] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6376'.
[  338.215963][T20896] loop2: detected capacity change from 0 to 512
[  338.222800][T20896] EXT4-fs: inline encryption not supported
[  338.229315][T20896] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  338.264394][T20904] validate_nla: 8 callbacks suppressed
[  338.264409][T20904] netlink: 'syz.3.6377': attribute type 12 has an invalid length.
[  338.287417][T20860] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.294497][T20860] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.303388][T20860] bridge_slave_0: entered allmulticast mode
[  338.309896][T20860] bridge_slave_0: entered promiscuous mode
[  338.316886][T20860] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.323941][T20860] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.331219][T20860] bridge_slave_1: entered allmulticast mode
[  338.337943][T20860] bridge_slave_1: entered promiscuous mode
[  338.403240][T20860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  338.422614][T20860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  338.553668][T20860] team0: Port device team_slave_0 added
[  338.560748][T20860] team0: Port device team_slave_1 added
[  338.578480][T20860] batman_adv: batadv0: Adding interface: batadv_slave_0
[  338.585525][T20860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  338.611547][T20860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  338.631386][T20860] batman_adv: batadv0: Adding interface: batadv_slave_1
[  338.638397][T20860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  338.664415][T20860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  338.698886][T20860] hsr_slave_0: entered promiscuous mode
[  338.705857][T20860] hsr_slave_1: entered promiscuous mode
[  338.794315][T20860] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  338.803536][T20860] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  338.813102][T20860] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  338.822639][T20860] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  338.846288][T20860] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.853585][T20860] bridge0: port 2(bridge_slave_1) entered forwarding state
[  338.860942][T20860] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.868021][T20860] bridge0: port 1(bridge_slave_0) entered forwarding state
[  338.902271][T20860] 8021q: adding VLAN 0 to HW filter on device bond0
[  338.913688][T10175] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.921624][T10175] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.934035][T20860] 8021q: adding VLAN 0 to HW filter on device team0
[  338.944054][  T862] bridge0: port 1(bridge_slave_0) entered blocking state
[  338.951200][  T862] bridge0: port 1(bridge_slave_0) entered forwarding state
[  338.962013][T10175] bridge0: port 2(bridge_slave_1) entered blocking state
[  338.969171][T10175] bridge0: port 2(bridge_slave_1) entered forwarding state
[  339.030796][T20860] 8021q: adding VLAN 0 to HW filter on device batadv0
[  339.058869][T20935] netlink: 'syz.3.6384': attribute type 4 has an invalid length.
[  339.068903][T20935] serio: Serial port ttyS3
[  339.144754][T20860] veth0_vlan: entered promiscuous mode
[  339.154382][T20860] veth1_vlan: entered promiscuous mode
[  339.171849][T20860] veth0_macvtap: entered promiscuous mode
[  339.179586][T20860] veth1_macvtap: entered promiscuous mode
[  339.192492][T20860] batman_adv: batadv0: Interface activated: batadv_slave_0
[  339.215155][T20860] batman_adv: batadv0: Interface activated: batadv_slave_1
[  339.227106][T10175] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  339.248119][T10175] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  339.265811][T10175] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  339.276142][T10175] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  339.307096][T20957] loop3: detected capacity change from 0 to 512
[  339.324689][T20957] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  339.340235][T20965] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6390'.
[  339.347411][T20957] ext4 filesystem being mounted at /140/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  339.358550][T20965] netem: change failed
[  339.390906][T20957] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.6387: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  339.418175][T20957] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 12: comm syz.3.6387: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[  339.439256][T20957] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 13: comm syz.3.6387: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[  339.462493][T20957] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.6387: lblock 23 mapped to illegal pblock 18 (length 1)
[  339.463316][T20965] netlink: 'syz.4.6390': attribute type 10 has an invalid length.
[  339.490881][T20965] bond0: (slave dummy0): Releasing backup interface
[  339.506445][T20965] team0: Port device dummy0 added
[  339.517600][T20965] netlink: 'syz.4.6390': attribute type 10 has an invalid length.
[  339.528039][T20965] team0: Port device dummy0 removed
[  339.537023][T20965] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  339.553707][T20965] loop4: detected capacity change from 0 to 1024
[  339.561323][T20978] netlink: 'syz.2.6393': attribute type 12 has an invalid length.
[  339.576777][T20965] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  339.591213][T20965] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #11: comm syz.4.6390: missing EA_INODE flag
[  339.603815][T20965] EXT4-fs (loop4): Remounting filesystem read-only
[  339.606992][T20982] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6395'.
[  339.619605][T20982] netem: change failed
[  339.634930][T12187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.648322][T20984] netlink: 'syz.5.6397': attribute type 4 has an invalid length.
[  339.658222][T20984] serio: Serial port ttyS3
[  339.688221][T20957] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #2: comm syz.3.6387: corrupted inode contents
[  339.701259][T20957] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #2: comm syz.3.6387: mark_inode_dirty error
[  339.713188][T20957] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #2: comm syz.3.6387: corrupted inode contents
[  339.730880][T20957] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.6387: lblock 23 mapped to illegal pblock 18 (length 1)
[  339.759550][T20957] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 18: comm syz.3.6387: lblock 23 mapped to illegal pblock 18 (length 1)
[  339.860353][T20997] FAULT_INJECTION: forcing a failure.
[  339.860353][T20997] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.874230][T20997] CPU: 0 UID: 0 PID: 20997 Comm: syz.5.6400 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  339.874255][T20997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  339.874270][T20997] Call Trace:
[  339.874353][T20997]  <TASK>
[  339.874358][T20997]  __dump_stack+0x1d/0x30
[  339.874375][T20997]  dump_stack_lvl+0xe8/0x140
[  339.874389][T20997]  dump_stack+0x15/0x1b
[  339.874413][T20997]  should_fail_ex+0x265/0x280
[  339.874428][T20997]  should_fail+0xb/0x20
[  339.874440][T20997]  should_fail_usercopy+0x1a/0x20
[  339.874479][T20997]  _copy_from_user+0x1c/0xb0
[  339.874567][T20997]  __sys_bpf+0x183/0x7c0
[  339.874583][T20997]  __x64_sys_bpf+0x41/0x50
[  339.874671][T20997]  x64_sys_call+0x28e1/0x3000
[  339.874686][T20997]  do_syscall_64+0xd8/0x2c0
[  339.874707][T20997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.874770][T20997] RIP: 0033:0x7f1165c5f749
[  339.874781][T20997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.874793][T20997] RSP: 002b:00007f11646c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  339.874886][T20997] RAX: ffffffffffffffda RBX: 00007f1165eb5fa0 RCX: 00007f1165c5f749
[  339.874894][T20997] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  339.874902][T20997] RBP: 00007f11646c7090 R08: 0000000000000000 R09: 0000000000000000
[  339.874910][T20997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  339.874917][T20997] R13: 00007f1165eb6038 R14: 00007f1165eb5fa0 R15: 00007ffef032dce8
[  339.874991][T20997]  </TASK>
[  340.122750][T21010] netlink: 'syz.0.6406': attribute type 4 has an invalid length.
[  340.133160][T21010] serio: Serial port ttyS3
[  340.400344][T21023] netlink: 'syz.2.6410': attribute type 4 has an invalid length.
[  340.440078][T18881] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.471112][T21028] netlink: 'syz.3.6412': attribute type 4 has an invalid length.
[  340.587533][T21034] loop4: detected capacity change from 0 to 2048
[  340.656529][T21034] Alternate GPT is invalid, using primary GPT.
[  340.662925][T21034]  loop4: p1 p2 p3
[  340.666665][T21034] loop4: partition table partially beyond EOD, truncated
[  340.929462][T21043] lo speed is unknown, defaulting to 1000
[  340.955830][T21026] serio: Serial port ttyS3
[  341.030272][T21049] tipc: Started in network mode
[  341.035370][T21049] tipc: Node identity b258e0d3c3cd, cluster identity 4711
[  341.042578][T21049] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  341.068002][T21055] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6421'.
[  341.081621][T21055] netlink: 'syz.0.6421': attribute type 10 has an invalid length.
[  341.093553][T21049] tipc: Resetting bearer <eth:syzkaller0>
[  341.101387][T21055] bond0: (slave dummy0): Releasing backup interface
[  341.111893][T21055] team0: Port device dummy0 added
[  341.118809][T21048] tipc: Disabling bearer <eth:syzkaller0>
[  341.137744][T21059] loop2: detected capacity change from 0 to 512
[  341.146752][T21055] team0: Port device dummy0 removed
[  341.166336][T21055] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  341.176049][T21059] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.203897][T21065] netlink: 292 bytes leftover after parsing attributes in process `syz.3.6423'.
[  341.214435][T21064] loop5: detected capacity change from 0 to 2048
[  341.237130][T21059] ext4 filesystem being mounted at /116/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  341.305784][T21068] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6425'.
[  341.316783][T21064] Alternate GPT is invalid, using primary GPT.
[  341.323063][T21064]  loop5: p1 p2 p3
[  341.324939][T21068] netem: change failed
[  341.326895][T21064] loop5: partition table partially beyond EOD, truncated
[  341.376272][T21059] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.6422: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  341.396627][T21068] bond0: (slave dummy0): Releasing backup interface
[  341.415150][T21059] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.6422: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[  341.442621][T21059] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.6422: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[  341.466445][T21059] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.6422: lblock 23 mapped to illegal pblock 18 (length 1)
[  341.467850][T21068] team0: Port device dummy0 added
[  341.486013][T21070] loop5: detected capacity change from 0 to 2048
[  341.495328][   T29] kauditd_printk_skb: 179 callbacks suppressed
[  341.495355][   T29] audit: type=1326 audit(1765961903.396:21626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.3.6425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  341.525167][   T29] audit: type=1326 audit(1765961903.396:21627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.3.6425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  341.538347][T21075] serio: Serial port ttyS3
[  341.561114][T21071] team0: Port device dummy0 removed
[  341.568800][T21071] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  341.577471][   T29] audit: type=1326 audit(1765961903.456:21628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.3.6425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  341.601197][   T29] audit: type=1326 audit(1765961903.456:21629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.3.6425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcbc478f783 code=0x7ffc0000
[  341.602811][T21070] Alternate GPT is invalid, using primary GPT.
[  341.631114][T21070]  loop5: p2 p3 p7
[  341.636860][   T29] audit: type=1326 audit(1765961903.536:21630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.3.6425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcbc478e1ff code=0x7ffc0000
[  341.662808][   T29] audit: type=1326 audit(1765961903.536:21631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.3.6425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fcbc478f7d7 code=0x7ffc0000
[  341.698917][T21068] loop3: detected capacity change from 0 to 1024
[  341.735118][   T29] audit: type=1326 audit(1765961903.596:21632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.3.6425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcbc478df90 code=0x7ffc0000
[  341.758739][   T29] audit: type=1326 audit(1765961903.596:21633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.3.6425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcbc478f34b code=0x7ffc0000
[  341.782527][   T29] audit: type=1326 audit(1765961903.616:21634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.3.6425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcbc478e3aa code=0x7ffc0000
[  341.792118][T21059] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.6422: corrupted inode contents
[  341.806409][   T29] audit: type=1326 audit(1765961903.616:21635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21067 comm="syz.3.6425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcbc478e3aa code=0x7ffc0000
[  341.892127][T21068] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  341.895258][T21059] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #2: comm syz.2.6422: mark_inode_dirty error
[  341.933047][T18881] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.951882][T21059] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.6422: corrupted inode contents
[  341.964318][T21072] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.6422: lblock 23 mapped to illegal pblock 18 (length 1)
[  341.998442][T21083] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6429'.
[  342.012324][T21059] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.6422: lblock 23 mapped to illegal pblock 18 (length 1)
[  342.031402][T21083] netem: change failed
[  342.046544][T21083] bond0: (slave dummy0): Releasing backup interface
[  342.057923][T21083] team0: Port device dummy0 added
[  342.070882][T21083] team0: Port device dummy0 removed
[  342.078527][T21083] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  342.106890][T21083] loop3: detected capacity change from 0 to 1024
[  342.118082][T21083] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  342.136768][T21083] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.6429: missing EA_INODE flag
[  342.154776][T21083] EXT4-fs (loop3): Remounting filesystem read-only
[  342.164896][T21089] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6431'.
[  342.186870][T18881] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.203373][T21094] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  342.211780][T21094] tipc: Resetting bearer <eth:syzkaller0>
[  342.218929][T21093] tipc: Disabling bearer <eth:syzkaller0>
[  342.236173][T21099] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6435'.
[  342.286084][T21102] loop5: detected capacity change from 0 to 2048
[  342.320161][T21097] serio: Serial port ttyS3
[  342.338396][T21102] Alternate GPT is invalid, using primary GPT.
[  342.344937][T21102]  loop5: p1 p2 p3
[  342.348710][T21102] loop5: partition table partially beyond EOD, truncated
[  342.358273][T21105] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=21105 comm=syz.0.6437
[  342.370978][T21105] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=21105 comm=syz.0.6437
[  342.386448][T21105] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6437'.
[  342.395452][T21105] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6437'.
[  342.440925][T21107] serio: Serial port ttyS3
[  342.563241][T19089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.572558][T21119] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6440'.
[  342.605955][T21123] lo speed is unknown, defaulting to 1000
[  342.622030][T21124] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6442'.
[  343.227306][T21121] serio: Serial port ttyS3
[  343.307526][T21150] netem: change failed
[  343.324607][T21150] validate_nla: 11 callbacks suppressed
[  343.324620][T21150] netlink: 'syz.3.6449': attribute type 10 has an invalid length.
[  343.362224][T21150] bond0: (slave dummy0): Releasing backup interface
[  343.377951][T21154] netlink: 'syz.3.6449': attribute type 10 has an invalid length.
[  343.442070][T21150] team0: Port device dummy0 added
[  343.452901][T21158] loop3: detected capacity change from 0 to 1024
[  343.515671][T21158] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.535631][T21154] team0: Port device dummy0 removed
[  343.549960][T21154] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  343.569906][T21150] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.6449: missing EA_INODE flag
[  343.598974][T21156] batman_adv: batadv0: Adding interface: vlan2
[  343.605211][T21156] batman_adv: batadv0: The MTU of interface vlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  343.630443][T21156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.640992][T21156] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.650805][T21156] batman_adv: batadv0: Not using interface vlan2 (retrying later): interface not active
[  343.655329][T21150] EXT4-fs (loop3): Remounting filesystem read-only
[  343.727062][T18881] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.771805][T21169] loop3: detected capacity change from 0 to 512
[  343.779193][T21169] EXT4-fs: inline encryption not supported
[  343.786001][T21169] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  343.807659][T21172] loop4: detected capacity change from 0 to 512
[  343.814770][T21172] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  343.828260][T21172] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  343.836430][T21172] System zones: 1-12
[  343.840836][T21172] EXT4-fs (loop4): 1 truncate cleaned up
[  343.847436][T21172] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  343.912710][T12187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.009780][T21194] netlink: 'syz.0.6461': attribute type 4 has an invalid length.
[  344.019817][T21194] serio: Serial port ttyS3
[  344.152807][T21203] netem: change failed
[  344.169019][T21203] netlink: 'syz.2.6463': attribute type 10 has an invalid length.
[  344.197338][T21203] bond0: (slave dummy0): Releasing backup interface
[  344.207403][T21203] team0: Port device dummy0 added
[  344.213904][T21203] netlink: 'syz.2.6463': attribute type 10 has an invalid length.
[  344.228251][T21203] team0: Port device dummy0 removed
[  344.235993][T21203] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  344.251530][T21203] loop2: detected capacity change from 0 to 1024
[  344.260190][T21206] xt_hashlimit: max too large, truncated to 1048576
[  344.268964][T21203] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  344.283869][T21203] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.6463: missing EA_INODE flag
[  344.296014][T21203] EXT4-fs (loop2): Remounting filesystem read-only
[  344.318880][T19089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.367591][T21211] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  344.385334][T21211] ext4 filesystem being mounted at /122/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  344.419688][T21211] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.6465: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  344.440102][T21211] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.6465: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[  344.461492][T21211] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.6465: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[  344.484747][T21211] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.6465: lblock 23 mapped to illegal pblock 18 (length 1)
[  344.704837][T21211] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.6465: corrupted inode contents
[  344.739080][T21211] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #2: comm syz.2.6465: mark_inode_dirty error
[  344.754269][T21211] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.6465: corrupted inode contents
[  344.785147][T21224] lo speed is unknown, defaulting to 1000
[  344.828781][T21224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  344.884299][T21225] lo speed is unknown, defaulting to 1000
[  344.969256][T21224] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  345.350882][T19089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.383751][T21238] FAULT_INJECTION: forcing a failure.
[  345.383751][T21238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  345.396941][T21238] CPU: 1 UID: 0 PID: 21238 Comm: syz.0.6473 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  345.396961][T21238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  345.396969][T21238] Call Trace:
[  345.396975][T21238]  <TASK>
[  345.396980][T21238]  __dump_stack+0x1d/0x30
[  345.397021][T21238]  dump_stack_lvl+0xe8/0x140
[  345.397035][T21238]  dump_stack+0x15/0x1b
[  345.397085][T21238]  should_fail_ex+0x265/0x280
[  345.397100][T21238]  should_fail+0xb/0x20
[  345.397113][T21238]  should_fail_usercopy+0x1a/0x20
[  345.397127][T21238]  _copy_from_iter+0xcf/0xe70
[  345.397148][T21238]  ? __alloc_skb+0x3bb/0x4d0
[  345.397163][T21238]  ? __alloc_skb+0x24d/0x4d0
[  345.397178][T21238]  netlink_sendmsg+0x471/0x6b0
[  345.397313][T21238]  ? __pfx_netlink_sendmsg+0x10/0x10
[  345.397332][T21238]  __sock_sendmsg+0x145/0x180
[  345.397344][T21238]  ____sys_sendmsg+0x31e/0x4a0
[  345.397363][T21238]  ___sys_sendmsg+0x17b/0x1d0
[  345.397449][T21238]  __x64_sys_sendmsg+0xd4/0x160
[  345.397468][T21238]  x64_sys_call+0x17ba/0x3000
[  345.397559][T21238]  do_syscall_64+0xd8/0x2c0
[  345.397654][T21238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.397699][T21238] RIP: 0033:0x7f75b48ff749
[  345.397710][T21238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.397722][T21238] RSP: 002b:00007f75b335f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  345.397735][T21238] RAX: ffffffffffffffda RBX: 00007f75b4b55fa0 RCX: 00007f75b48ff749
[  345.397743][T21238] RDX: 0000000004004800 RSI: 0000200000000240 RDI: 0000000000000005
[  345.397751][T21238] RBP: 00007f75b335f090 R08: 0000000000000000 R09: 0000000000000000
[  345.397759][T21238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.397837][T21238] R13: 00007f75b4b56038 R14: 00007f75b4b55fa0 R15: 00007ffd8348da08
[  345.397848][T21238]  </TASK>
[  345.637934][T21242] syzkaller0: entered promiscuous mode
[  345.643438][T21242] syzkaller0: entered allmulticast mode
[  345.762710][T21254] netlink: 'syz.0.6478': attribute type 4 has an invalid length.
[  345.783631][T21254] serio: Serial port ttyS3
[  345.791652][T21234] Alternate GPT is invalid, using primary GPT.
[  345.798050][T21234]  loop3: p2 p3 p7
[  345.841728][T21256] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  345.887079][T21256] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  345.895058][T21256] System zones: 1-12
[  345.900031][T21256] EXT4-fs (loop2): 1 truncate cleaned up
[  345.920110][T21256] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.041177][T19089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.080691][T21270] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.083122][T21272] __nla_validate_parse: 11 callbacks suppressed
[  346.083161][T21272] netlink: 292 bytes leftover after parsing attributes in process `syz.3.6484'.
[  346.110512][T21270] ext4 filesystem being mounted at /127/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  346.144014][T21270] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.6483: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  346.183852][T21270] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.6483: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[  346.220827][T21270] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.6483: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[  346.270779][T21282] syzkaller0: entered promiscuous mode
[  346.276397][T21282] syzkaller0: entered allmulticast mode
[  346.281944][T21278] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.6483: lblock 23 mapped to illegal pblock 18 (length 1)
[  346.495150][T21294] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6492'.
[  346.504181][T21294] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6492'.
[  346.516304][T21270] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.6483: corrupted inode contents
[  346.528608][T21270] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #2: comm syz.2.6483: mark_inode_dirty error
[  346.540245][T21270] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.6483: corrupted inode contents
[  346.568213][T21298] set_capacity_and_notify: 5 callbacks suppressed
[  346.568225][T21298] loop5: detected capacity change from 0 to 512
[  346.582288][T21298] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  346.593499][T21298] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  346.601678][T21298] System zones: 1-12
[  346.606440][T21298] EXT4-fs (loop5): 1 truncate cleaned up
[  346.612703][T21298] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.660407][T21306] netlink: 292 bytes leftover after parsing attributes in process `syz.0.6496'.
[  346.670831][T20860] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.701718][T21312] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6499'.
[  346.714943][T21314] syzkaller0: entered promiscuous mode
[  346.720577][T21314] syzkaller0: entered allmulticast mode
[  346.741703][T21318] FAULT_INJECTION: forcing a failure.
[  346.741703][T21318] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.755019][T21318] CPU: 1 UID: 0 PID: 21318 Comm: syz.0.6502 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  346.755050][T21318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  346.755108][T21318] Call Trace:
[  346.755115][T21318]  <TASK>
[  346.755124][T21318]  __dump_stack+0x1d/0x30
[  346.755151][T21318]  dump_stack_lvl+0xe8/0x140
[  346.755177][T21318]  dump_stack+0x15/0x1b
[  346.755197][T21318]  should_fail_ex+0x265/0x280
[  346.755296][T21318]  should_fail+0xb/0x20
[  346.755309][T21318]  should_fail_usercopy+0x1a/0x20
[  346.755324][T21318]  strncpy_from_user+0x27/0x260
[  346.755344][T21318]  getname_flags+0xae/0x3b0
[  346.755411][T21318]  __se_sys_statx+0x5e/0x1b0
[  346.755428][T21318]  ? vfs_write+0x7e8/0x960
[  346.755440][T21318]  ? __rcu_read_unlock+0x4f/0x70
[  346.755626][T21318]  ? __fget_files+0x184/0x1c0
[  346.755653][T21318]  ? mutex_unlock+0x4f/0x90
[  346.755668][T21318]  ? fput+0x8f/0xc0
[  346.755684][T21318]  ? ksys_write+0x192/0x1a0
[  346.755713][T21318]  __x64_sys_statx+0x67/0x80
[  346.755729][T21318]  x64_sys_call+0x2d43/0x3000
[  346.755745][T21318]  do_syscall_64+0xd8/0x2c0
[  346.755765][T21318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.755850][T21318] RIP: 0033:0x7f75b48ff749
[  346.755890][T21318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.755903][T21318] RSP: 002b:00007f75b335f038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c
[  346.755995][T21318] RAX: ffffffffffffffda RBX: 00007f75b4b55fa0 RCX: 00007f75b48ff749
[  346.756003][T21318] RDX: 0000000000000400 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  346.756011][T21318] RBP: 00007f75b335f090 R08: 0000200000002540 R09: 0000000000000000
[  346.756019][T21318] R10: 00000000000007ff R11: 0000000000000246 R12: 0000000000000001
[  346.756027][T21318] R13: 00007f75b4b56038 R14: 00007f75b4b55fa0 R15: 00007ffd8348da08
[  346.756038][T21318]  </TASK>
[  346.987425][T21323] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6504'.
[  346.996402][T21323] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6504'.
[  347.019787][T21326] netlink: 'syz.5.6505': attribute type 4 has an invalid length.
[  347.029592][T21326] serio: Serial port ttyS3
[  347.064573][T19089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.079873][T21330] netlink: 4 bytes leftover after parsing attributes in process `'.
[  347.137529][T21338] netlink: 292 bytes leftover after parsing attributes in process `syz.2.6509'.
[  347.193151][T21345] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6512'.
[  347.217455][T21345] netem: change failed
[  347.381125][T21351] loop2: detected capacity change from 0 to 2048
[  347.427794][T21351] Alternate GPT is invalid, using primary GPT.
[  347.434111][T21351]  loop2: p2 p3 p7
[  347.530234][   T29] kauditd_printk_skb: 335 callbacks suppressed
[  347.530251][   T29] audit: type=1326 audit(1765961909.426:21971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21355 comm="syz.2.6518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f441abff749 code=0x7ffc0000
[  347.539029][T21358] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=21358 comm=syz.4.6517
[  347.560212][    C1] vcan0: j1939_tp_rxtimer: 0xffff888113ca5c00: rx timeout, send abort
[  347.560311][   T29] audit: type=1326 audit(1765961909.466:21972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21355 comm="syz.2.6518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f441abff749 code=0x7ffc0000
[  347.584735][T21358] loop4: detected capacity change from 0 to 1024
[  347.612849][   T29] audit: type=1326 audit(1765961909.506:21973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21355 comm="syz.2.6518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f441abff749 code=0x7ffc0000
[  347.625131][T21358] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  347.636792][   T29] audit: type=1326 audit(1765961909.506:21974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21355 comm="syz.2.6518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f441abff749 code=0x7ffc0000
[  347.646925][T21358] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  347.668614][   T29] audit: type=1326 audit(1765961909.506:21975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21355 comm="syz.2.6518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f441abff749 code=0x7ffc0000
[  347.683035][T21358] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #11: comm syz.4.6517: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  347.702504][   T29] audit: type=1326 audit(1765961909.506:21976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21355 comm="syz.2.6518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f441abff749 code=0x7ffc0000
[  347.729817][T21358] EXT4-fs (loop4): Remounting filesystem read-only
[  347.746497][   T29] audit: type=1326 audit(1765961909.516:21977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21355 comm="syz.2.6518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f441abff749 code=0x7ffc0000
[  347.746528][   T29] audit: type=1326 audit(1765961909.516:21978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21355 comm="syz.2.6518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f441abff749 code=0x7ffc0000
[  347.753590][T21358] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.776673][   T29] audit: type=1326 audit(1765961909.516:21979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21355 comm="syz.2.6518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f441abff749 code=0x7ffc0000
[  347.836359][   T29] audit: type=1326 audit(1765961909.516:21980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21355 comm="syz.2.6518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f441abff749 code=0x7ffc0000
[  347.880040][T12187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.900927][T21365] FAULT_INJECTION: forcing a failure.
[  347.900927][T21365] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  347.914158][T21365] CPU: 0 UID: 0 PID: 21365 Comm: syz.4.6520 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  347.914193][T21365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  347.914208][T21365] Call Trace:
[  347.914215][T21365]  <TASK>
[  347.914223][T21365]  __dump_stack+0x1d/0x30
[  347.914268][T21365]  dump_stack_lvl+0xe8/0x140
[  347.914291][T21365]  dump_stack+0x15/0x1b
[  347.914349][T21365]  should_fail_ex+0x265/0x280
[  347.914373][T21365]  should_fail+0xb/0x20
[  347.914442][T21365]  should_fail_usercopy+0x1a/0x20
[  347.914470][T21365]  _copy_to_user+0x20/0xa0
[  347.914505][T21365]  simple_read_from_buffer+0xb5/0x130
[  347.914532][T21365]  proc_fail_nth_read+0x10e/0x150
[  347.914632][T21365]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  347.914676][T21365]  vfs_read+0x1a8/0x770
[  347.914700][T21365]  ? __rcu_read_unlock+0x4f/0x70
[  347.914763][T21365]  ? __fget_files+0x184/0x1c0
[  347.914788][T21365]  ? ksys_read+0xa9/0x1a0
[  347.914806][T21365]  ksys_read+0xda/0x1a0
[  347.914826][T21365]  __x64_sys_read+0x40/0x50
[  347.914854][T21365]  x64_sys_call+0x2889/0x3000
[  347.914880][T21365]  do_syscall_64+0xd8/0x2c0
[  347.914925][T21365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.914948][T21365] RIP: 0033:0x7faec128e15c
[  347.915002][T21365] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  347.915025][T21365] RSP: 002b:00007faebfcef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  347.915048][T21365] RAX: ffffffffffffffda RBX: 00007faec14e5fa0 RCX: 00007faec128e15c
[  347.915067][T21365] RDX: 000000000000000f RSI: 00007faebfcef0a0 RDI: 0000000000000006
[  347.915081][T21365] RBP: 00007faebfcef090 R08: 0000000000000000 R09: 0000000000000000
[  347.915095][T21365] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000001
[  347.915108][T21365] R13: 00007faec14e6038 R14: 00007faec14e5fa0 R15: 00007ffc055acf98
[  347.915163][T21365]  </TASK>
[  348.060261][    C1] vcan0: j1939_tp_rxtimer: 0xffff888113ca5c00: abort rx timeout. Force session deactivation
[  348.304463][T21396] syzkaller0: entered promiscuous mode
[  348.310193][T21396] syzkaller0: entered allmulticast mode
[  348.316583][T21395] loop5: detected capacity change from 0 to 2048
[  348.365475][T21395]  loop5: p3 < > p4 < >
[  348.369665][T21395] loop5: partition table partially beyond EOD, truncated
[  348.376861][T21395] loop5: p3 start 4284289 is beyond EOD, truncated
[  348.400228][T21395] netlink: 'syz.5.6532': attribute type 13 has an invalid length.
[  348.424864][ T3474] hid_parser_main: 8 callbacks suppressed
[  348.424881][ T3474] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  348.438192][ T3474] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  348.445596][ T3474] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  348.453082][ T3474] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  348.460520][ T3474] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  348.467968][ T3474] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  348.475467][ T3474] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  348.475959][T21401] FAULT_INJECTION: forcing a failure.
[  348.475959][T21401] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.482915][ T3474] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  348.496437][T21401] CPU: 1 UID: 0 PID: 21401 Comm: syz.2.6533 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  348.496467][T21401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  348.496546][T21401] Call Trace:
[  348.496553][T21401]  <TASK>
[  348.496562][T21401]  __dump_stack+0x1d/0x30
[  348.496662][T21401]  dump_stack_lvl+0xe8/0x140
[  348.496749][T21401]  dump_stack+0x15/0x1b
[  348.496772][T21401]  should_fail_ex+0x265/0x280
[  348.496799][T21401]  should_fail+0xb/0x20
[  348.496856][T21401]  should_fail_usercopy+0x1a/0x20
[  348.496880][T21401]  _copy_from_user+0x1c/0xb0
[  348.496912][T21401]  uhid_char_write+0xef/0x650
[  348.496969][T21401]  ? __pfx_uhid_char_write+0x10/0x10
[  348.496990][T21401]  vfs_write+0x269/0x960
[  348.497011][T21401]  ? __rcu_read_unlock+0x4f/0x70
[  348.497098][T21401]  ? __fget_files+0x184/0x1c0
[  348.497127][T21401]  ksys_write+0xda/0x1a0
[  348.497219][T21401]  __x64_sys_write+0x40/0x50
[  348.497242][T21401]  x64_sys_call+0x2847/0x3000
[  348.497270][T21401]  do_syscall_64+0xd8/0x2c0
[  348.497385][T21401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.497415][T21401] RIP: 0033:0x7f441abff749
[  348.497433][T21401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.497470][T21401] RSP: 002b:00007f44195d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  348.497563][T21401] RAX: ffffffffffffffda RBX: 00007f441ae56090 RCX: 00007f441abff749
[  348.497578][T21401] RDX: 0000000000000004 RSI: 0000200000000340 RDI: 0000000000000003
[  348.497592][T21401] RBP: 00007f44195d9090 R08: 0000000000000000 R09: 0000000000000000
[  348.497607][T21401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.497620][T21401] R13: 00007f441ae56128 R14: 00007f441ae56090 R15: 00007ffe1b2d6288
[  348.497671][T21401]  </TASK>
[  348.684927][ T3474] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  348.692407][ T3474] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  348.740637][T21395] bridge0: port 2(bridge_slave_1) entered disabled state
[  348.747844][T21395] bridge0: port 1(bridge_slave_0) entered disabled state
[  348.785782][ T3474] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  348.846460][T21408] loop2: detected capacity change from 0 to 512
[  348.852534][T21395] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  348.879822][T21395] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  348.888805][T21408] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.903030][T21408] ext4 filesystem being mounted at /137/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  348.945616][T21408] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.6535: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  348.969699][T21408] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.6535: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[  349.001048][T21423] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.6535: lblock 23 mapped to illegal pblock 18 (length 1)
[  349.031400][T21408] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.6535: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[  349.062854][T21426] loop4: detected capacity change from 0 to 2048
[  349.080390][ T1003] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  349.089825][ T1003] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  349.105135][ T1003] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  349.106309][T21426] Alternate GPT is invalid, using primary GPT.
[  349.120352][T21426]  loop4: p1 p2 p3
[  349.124107][T21426] loop4: partition table partially beyond EOD, truncated
[  349.124364][ T1003] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  349.209872][T21435] loop4: detected capacity change from 0 to 512
[  349.237019][T21435] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.249912][T21435] ext4 filesystem being mounted at /583/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  349.285272][T21435] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.6543: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  349.308705][T21408] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.6535: corrupted inode contents
[  349.321248][T21408] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #2: comm syz.2.6535: mark_inode_dirty error
[  349.345951][T21435] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 12: comm syz.4.6543: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[  349.373401][T21408] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.6535: corrupted inode contents
[  349.408457][T21423] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.6535: lblock 23 mapped to illegal pblock 18 (length 1)
[  349.415585][T21435] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 13: comm syz.4.6543: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[  349.459571][T21435] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #2: block 18: comm syz.4.6543: lblock 23 mapped to illegal pblock 18 (length 1)
[  349.679508][T21435] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.6543: corrupted inode contents
[  349.691540][T21435] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #2: comm syz.4.6543: mark_inode_dirty error
[  349.703599][T21435] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.6543: corrupted inode contents
[  349.747405][T21449] loop3: detected capacity change from 0 to 2048
[  349.797518][T21449] Alternate GPT is invalid, using primary GPT.
[  349.803932][T21449]  loop3: p2 p3 p7
[  349.881694][T21456] loop3: detected capacity change from 0 to 2048
[  349.936574][T21456] Alternate GPT is invalid, using primary GPT.
[  349.942902][T21456]  loop3: p1 p2 p3
[  349.946687][T21456] loop3: partition table partially beyond EOD, truncated
[  349.990723][T19089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.013952][T21461] netem: change failed
[  350.036554][T21463] netem: change failed
[  350.090226][T21469] loop5: detected capacity change from 0 to 512
[  350.110282][T21469] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.123127][T21469] ext4 filesystem being mounted at /38/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  350.155895][T21469] EXT4-fs error (device loop5): ext4_readdir:264: inode #2: block 3: comm syz.5.6555: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  350.179009][T21469] EXT4-fs error (device loop5): ext4_readdir:264: inode #2: block 12: comm syz.5.6555: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[  350.205324][T21469] EXT4-fs error (device loop5): ext4_readdir:264: inode #2: block 13: comm syz.5.6555: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[  350.251746][T21476] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #2: block 18: comm syz.5.6555: lblock 23 mapped to illegal pblock 18 (length 1)
[  350.268718][T12187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.407029][T21481] netem: change failed
[  350.421115][T21481] netlink: 'syz.4.6558': attribute type 10 has an invalid length.
[  350.441839][T21481] bond0: (slave dummy0): Releasing backup interface
[  350.457110][T21481] team0: Port device dummy0 added
[  350.469434][T21481] netlink: 'syz.4.6558': attribute type 10 has an invalid length.
[  350.485772][T21481] team0: Port device dummy0 removed
[  350.494696][T21481] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  350.501349][T21469] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #2: comm syz.5.6555: corrupted inode contents
[  350.517591][T21469] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #2: comm syz.5.6555: mark_inode_dirty error
[  350.534538][T21469] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #2: comm syz.5.6555: corrupted inode contents
[  350.558736][T21481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.573503][T21481] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #11: comm syz.4.6558: missing EA_INODE flag
[  350.585928][T21481] EXT4-fs (loop4): Remounting filesystem read-only
[  350.616802][T21485] FAULT_INJECTION: forcing a failure.
[  350.616802][T21485] name failslab, interval 1, probability 0, space 0, times 0
[  350.629496][T21485] CPU: 0 UID: 0 PID: 21485 Comm: syz.4.6559 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  350.629524][T21485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  350.629537][T21485] Call Trace:
[  350.629544][T21485]  <TASK>
[  350.629552][T21485]  __dump_stack+0x1d/0x30
[  350.629655][T21485]  dump_stack_lvl+0xe8/0x140
[  350.629746][T21485]  dump_stack+0x15/0x1b
[  350.629766][T21485]  should_fail_ex+0x265/0x280
[  350.629791][T21485]  should_failslab+0x8c/0xb0
[  350.629815][T21485]  kmem_cache_alloc_node_noprof+0x6b/0x4c0
[  350.629898][T21485]  ? __alloc_skb+0x324/0x4d0
[  350.629924][T21485]  __alloc_skb+0x324/0x4d0
[  350.629994][T21485]  ? __alloc_skb+0x24d/0x4d0
[  350.630040][T21485]  netlink_alloc_large_skb+0xbf/0xf0
[  350.630071][T21485]  netlink_sendmsg+0x3cf/0x6b0
[  350.630165][T21485]  ? __pfx_netlink_sendmsg+0x10/0x10
[  350.630199][T21485]  __sock_sendmsg+0x145/0x180
[  350.630219][T21485]  ____sys_sendmsg+0x31e/0x4a0
[  350.630258][T21485]  ___sys_sendmsg+0x17b/0x1d0
[  350.630317][T21485]  __x64_sys_sendmsg+0xd4/0x160
[  350.630350][T21485]  x64_sys_call+0x17ba/0x3000
[  350.630376][T21485]  do_syscall_64+0xd8/0x2c0
[  350.630496][T21485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.630518][T21485] RIP: 0033:0x7faec128f749
[  350.630534][T21485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.630694][T21485] RSP: 002b:00007faebfcef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  350.630713][T21485] RAX: ffffffffffffffda RBX: 00007faec14e5fa0 RCX: 00007faec128f749
[  350.630727][T21485] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[  350.630740][T21485] RBP: 00007faebfcef090 R08: 0000000000000000 R09: 0000000000000000
[  350.630753][T21485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.630765][T21485] R13: 00007faec14e6038 R14: 00007faec14e5fa0 R15: 00007ffc055acf98
[  350.630785][T21485]  </TASK>
[  350.837311][T21487] netlink: 'syz.4.6560': attribute type 4 has an invalid length.
[  350.847910][T21487] serio: Serial port ttyS3
[  350.996369][T21493] netem: change failed
[  351.034306][T21497] netlink: 'syz.2.6564': attribute type 12 has an invalid length.
[  351.042231][T21497] netlink: 'syz.2.6564': attribute type 29 has an invalid length.
[  351.084984][T21503] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  351.106766][T21504] EXT4-fs: Ignoring removed i_version option
[  351.117210][T21504] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  351.129816][T21510] __nla_validate_parse: 15 callbacks suppressed
[  351.129835][T21510] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6569'.
[  351.140192][T21504] EXT4-fs (loop3): 1 truncate cleaned up
[  351.216938][T21514] syzkaller0: entered promiscuous mode
[  351.222459][T21514] syzkaller0: entered allmulticast mode
[  351.302332][T21527] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  351.315118][T21527] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  351.324685][T21527] System zones: 1-12
[  351.329488][T21527] EXT4-fs (loop2): 1 truncate cleaned up
[  351.389463][T21538] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6576'.
[  351.413037][T21534] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  351.430323][T21534] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  351.453896][T21534] System zones: 1-12
[  351.461620][T21534] EXT4-fs (loop4): 1 truncate cleaned up
[  351.503790][T21534] netlink: 4 bytes leftover after parsing attributes in process `'.
[  351.520749][T21554] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  351.536390][T21555] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6583'.
[  351.595464][T21563] set_capacity_and_notify: 6 callbacks suppressed
[  351.595482][T21563] loop2: detected capacity change from 0 to 512
[  351.635836][T21563] ext4 filesystem being mounted at /152/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  351.643299][T21568] pim6reg: entered allmulticast mode
[  351.696264][T21563] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.6585: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  351.717697][T21563] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.6585: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[  351.756052][T21563] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.6585: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[  351.802758][T21579] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #2: block 18: comm syz.2.6585: lblock 23 mapped to illegal pblock 18 (length 1)
[  351.822687][T21583] netlink: 'syz.0.6593': attribute type 4 has an invalid length.
[  351.849134][T21589] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6595'.
[  351.859183][T21589] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6595'.
[  351.870062][T21583] serio: Serial port ttyS3
[  351.886325][T21589] loop3: detected capacity change from 0 to 512
[  351.894606][T21589] EXT4-fs: inline encryption not supported
[  351.901578][T21589] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  352.038152][T21599] loop3: detected capacity change from 0 to 2048
[  352.048283][T21563] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.6585: corrupted inode contents
[  352.060849][T21563] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #2: comm syz.2.6585: mark_inode_dirty error
[  352.074153][T21602] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6600'.
[  352.083818][T21602] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6600'.
[  352.093762][T21599] Alternate GPT is invalid, using primary GPT.
[  352.100181][T21599]  loop3: p1 p2 p3
[  352.103899][T21599] loop3: partition table partially beyond EOD, truncated
[  352.111235][T21563] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.6585: corrupted inode contents
[  352.159703][T21608] FAULT_INJECTION: forcing a failure.
[  352.159703][T21608] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  352.172844][T21608] CPU: 0 UID: 0 PID: 21608 Comm: syz.3.6602 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  352.172954][T21608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  352.172968][T21608] Call Trace:
[  352.172974][T21608]  <TASK>
[  352.172982][T21608]  __dump_stack+0x1d/0x30
[  352.173026][T21608]  dump_stack_lvl+0xe8/0x140
[  352.173053][T21608]  dump_stack+0x15/0x1b
[  352.173115][T21608]  should_fail_ex+0x265/0x280
[  352.173233][T21608]  should_fail+0xb/0x20
[  352.173255][T21608]  should_fail_usercopy+0x1a/0x20
[  352.173287][T21608]  _copy_from_user+0x1c/0xb0
[  352.173319][T21608]  bpf_test_init+0xb9/0x140
[  352.173362][T21608]  bpf_prog_test_run_skb+0x2b6/0xf50
[  352.173444][T21608]  ? __rcu_read_unlock+0x4f/0x70
[  352.173469][T21608]  ? __fget_files+0x184/0x1c0
[  352.173502][T21608]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  352.173575][T21608]  bpf_prog_test_run+0x22a/0x390
[  352.173635][T21608]  __sys_bpf+0x4c0/0x7c0
[  352.173666][T21608]  __x64_sys_bpf+0x41/0x50
[  352.173778][T21608]  x64_sys_call+0x28e1/0x3000
[  352.173809][T21608]  do_syscall_64+0xd8/0x2c0
[  352.173852][T21608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.173889][T21608] RIP: 0033:0x7fcbc478f749
[  352.173904][T21608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.173926][T21608] RSP: 002b:00007fcbc31f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  352.173949][T21608] RAX: ffffffffffffffda RBX: 00007fcbc49e5fa0 RCX: 00007fcbc478f749
[  352.173965][T21608] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  352.174044][T21608] RBP: 00007fcbc31f7090 R08: 0000000000000000 R09: 0000000000000000
[  352.174059][T21608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.174071][T21608] R13: 00007fcbc49e6038 R14: 00007fcbc49e5fa0 R15: 00007ffe53975c38
[  352.174128][T21608]  </TASK>
[  352.394757][T21606] loop5: detected capacity change from 0 to 1024
[  352.403449][T21606] EXT4-fs: Ignoring removed nobh option
[  352.409076][T21606] EXT4-fs: Ignoring removed bh option
[  352.414478][T21606] EXT4-fs: Ignoring removed orlov option
[  352.423514][T21619] netlink: 48 bytes leftover after parsing attributes in process `syz.0.6607'.
[  352.448826][T21606] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  352.522725][T21630] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  352.556359][T21633] loop4: detected capacity change from 0 to 2048
[  352.596130][T21633] Alternate GPT is invalid, using primary GPT.
[  352.602433][T21633]  loop4: p1 p2 p3
[  352.606182][T21633] loop4: partition table partially beyond EOD, truncated
[  352.619316][   T29] kauditd_printk_skb: 386 callbacks suppressed
[  352.619329][   T29] audit: type=1326 audit(1765961914.516:22367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21627 comm="syz.3.6610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  352.702070][   T29] audit: type=1326 audit(1765961914.556:22368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21627 comm="syz.3.6610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  352.725602][   T29] audit: type=1326 audit(1765961914.556:22369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21627 comm="syz.3.6610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  352.749339][   T29] audit: type=1326 audit(1765961914.556:22370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21627 comm="syz.3.6610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  352.772955][   T29] audit: type=1326 audit(1765961914.556:22371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21627 comm="syz.3.6610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  352.796524][   T29] audit: type=1326 audit(1765961914.556:22372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21627 comm="syz.3.6610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  352.820163][   T29] audit: type=1326 audit(1765961914.556:22373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21627 comm="syz.3.6610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  352.843743][   T29] audit: type=1326 audit(1765961914.556:22374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21627 comm="syz.3.6610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  352.867667][   T29] audit: type=1326 audit(1765961914.556:22375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21627 comm="syz.3.6610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  352.891352][   T29] audit: type=1326 audit(1765961914.556:22376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21627 comm="syz.3.6610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbc478f749 code=0x7ffc0000
[  352.920642][T21635] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6610'.
[  353.024622][T21645] FAULT_INJECTION: forcing a failure.
[  353.024622][T21645] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  353.037784][T21645] CPU: 0 UID: 0 PID: 21645 Comm: syz.2.6617 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  353.037812][T21645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  353.037828][T21645] Call Trace:
[  353.037837][T21645]  <TASK>
[  353.037894][T21645]  __dump_stack+0x1d/0x30
[  353.037923][T21645]  dump_stack_lvl+0xe8/0x140
[  353.037950][T21645]  dump_stack+0x15/0x1b
[  353.038065][T21645]  should_fail_ex+0x265/0x280
[  353.038092][T21645]  should_fail+0xb/0x20
[  353.038113][T21645]  should_fail_usercopy+0x1a/0x20
[  353.038144][T21645]  _copy_from_user+0x1c/0xb0
[  353.038189][T21645]  memdup_user+0x5e/0xd0
[  353.038207][T21645]  ucma_set_option+0xcc/0x6e0
[  353.038356][T21645]  ? _parse_integer+0x27/0x40
[  353.038439][T21645]  ? kstrtoull+0x111/0x140
[  353.038461][T21645]  ? kstrtouint+0x76/0xc0
[  353.038537][T21645]  ? kstrtouint_from_user+0x9f/0xf0
[  353.038562][T21645]  ? should_fail_ex+0xdb/0x280
[  353.038641][T21645]  ucma_write+0x1b3/0x250
[  353.038672][T21645]  ? __pfx_ucma_write+0x10/0x10
[  353.038701][T21645]  vfs_write+0x269/0x960
[  353.038724][T21645]  ? __rcu_read_unlock+0x4f/0x70
[  353.038813][T21645]  ? __fget_files+0x184/0x1c0
[  353.038924][T21645]  ksys_write+0xda/0x1a0
[  353.038948][T21645]  __x64_sys_write+0x40/0x50
[  353.038973][T21645]  x64_sys_call+0x2847/0x3000
[  353.039006][T21645]  do_syscall_64+0xd8/0x2c0
[  353.039106][T21645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.039133][T21645] RIP: 0033:0x7f441abff749
[  353.039210][T21645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.039231][T21645] RSP: 002b:00007f441965f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  353.039252][T21645] RAX: ffffffffffffffda RBX: 00007f441ae55fa0 RCX: 00007f441abff749
[  353.039276][T21645] RDX: 0000000000000020 RSI: 0000200000000580 RDI: 0000000000000003
[  353.039288][T21645] RBP: 00007f441965f090 R08: 0000000000000000 R09: 0000000000000000
[  353.039326][T21645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.039395][T21645] R13: 00007f441ae56038 R14: 00007f441ae55fa0 R15: 00007ffe1b2d6288
[  353.039417][T21645]  </TASK>
[  353.122360][T21638] lo speed is unknown, defaulting to 1000
[  353.334022][T21640] lo speed is unknown, defaulting to 1000
[  353.404093][T21638] chnl_net:caif_netlink_parms(): no params data found
[  353.460787][  T875] bridge_slave_1: left allmulticast mode
[  353.466475][  T875] bridge_slave_1: left promiscuous mode
[  353.472168][  T875] bridge0: port 2(bridge_slave_1) entered disabled state
[  353.498069][T21679] loop3: detected capacity change from 0 to 512
[  353.504539][T21679] EXT4-fs: inline encryption not supported
[  353.511029][T21679] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  353.526552][  T875] bridge_slave_0: left allmulticast mode
[  353.532294][  T875] bridge_slave_0: left promiscuous mode
[  353.538453][  T875] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.588640][  T875] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  353.598344][  T875] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  353.610045][  T875] bond0 (unregistering): Released all slaves
[  353.619664][  T875] bond1 (unregistering): Released all slaves
[  353.648281][T21691] loop3: detected capacity change from 0 to 2048
[  353.676235][T21691] Alternate GPT is invalid, using primary GPT.
[  353.682510][T21691]  loop3: p1 p2 p3
[  353.686241][T21691] loop3: partition table partially beyond EOD, truncated
[  353.693958][  T875] tipc: Left network mode
[  353.710562][T21640] chnl_net:caif_netlink_parms(): no params data found
[  353.720356][T21638] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.727506][T21638] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.735654][T21638] bridge_slave_0: entered allmulticast mode
[  353.742139][T21638] bridge_slave_0: entered promiscuous mode
[  353.759358][  T875] hsr_slave_0: left promiscuous mode
[  353.769152][  T875] hsr_slave_1: left promiscuous mode
[  353.780485][  T875] batman_adv: batadv0: Removing interface: batadv_slave_0
[  353.789359][T21701] loop3: detected capacity change from 0 to 2048
[  353.797160][  T875] batman_adv: batadv0: Removing interface: batadv_slave_1
[  353.834909][  T875] team0 (unregistering): Port device team_slave_1 removed
[  353.846208][T21701] Alternate GPT is invalid, using primary GPT.
[  353.852516][T21701]  loop3: p1 p2 p3
[  353.856113][  T875] team0 (unregistering): Port device team_slave_0 removed
[  353.856341][T21701] loop3: partition table partially beyond EOD, truncated
[  353.893786][T21638] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.900929][T21638] bridge0: port 2(bridge_slave_1) entered disabled state
[  353.908364][T21638] bridge_slave_1: entered allmulticast mode
[  353.915013][T21638] bridge_slave_1: entered promiscuous mode
[  353.960744][T21715] loop3: detected capacity change from 0 to 512
[  353.967679][T21715] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  353.974131][T21638] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  353.985874][T21715] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  353.994526][T21715] System zones: 1-12
[  353.999101][T21715] EXT4-fs (loop3): 1 truncate cleaned up
[  354.006835][T21638] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  354.030967][T21640] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.038121][T21640] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.054969][T21640] bridge_slave_0: entered allmulticast mode
[  354.061575][T21640] bridge_slave_0: entered promiscuous mode
[  354.076840][T21640] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.083909][T21640] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.091537][T21640] bridge_slave_1: entered allmulticast mode
[  354.098584][T21640] bridge_slave_1: entered promiscuous mode
[  354.105789][T21638] team0: Port device team_slave_0 added
[  354.111397][T21727] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  354.124386][T21638] team0: Port device team_slave_1 added
[  354.142321][T21640] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  354.159008][T21640] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  354.170738][T21727] tipc: Resetting bearer <eth:syzkaller0>
[  354.177029][T21638] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.183973][T21638] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  354.210096][T21638] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.229478][T21726] tipc: Disabling bearer <eth:syzkaller0>
[  354.236998][T21638] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.243960][T21638] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  354.270142][T21638] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  354.294237][T21640] team0: Port device team_slave_0 added
[  354.311436][T21640] team0: Port device team_slave_1 added
[  354.331550][T21638] hsr_slave_0: entered promiscuous mode
[  354.334678][T21739] netlink: 'syz.0.6644': attribute type 10 has an invalid length.
[  354.337803][T21638] hsr_slave_1: entered promiscuous mode
[  354.358074][T21739] bond0: (slave dummy0): Releasing backup interface
[  354.368087][T21739] team0: Port device dummy0 added
[  354.394315][T21640] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.394430][T21739] netlink: 'syz.0.6644': attribute type 10 has an invalid length.
[  354.401339][T21640] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  354.435316][T21640] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.458936][T21739] team0: Port device dummy0 removed
[  354.473667][T21739] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  354.487296][T21640] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.494272][T21640] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  354.520310][T21640] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  354.563275][T21640] hsr_slave_0: entered promiscuous mode
[  354.568944][T21741] loop3: detected capacity change from 0 to 2048
[  354.576417][T21640] hsr_slave_1: entered promiscuous mode
[  354.582418][T21640] debugfs: 'hsr0' already exists in 'hsr'
[  354.588193][T21640] Cannot create hsr debugfs directory
[  354.607718][T21741] Alternate GPT is invalid, using primary GPT.
[  354.614037][T21741]  loop3: p2 p3 p7
[  354.627283][T21638] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.680213][T21638] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.736705][T21756] SELinux:  Context system_u:object_r:pam_console_exec_t:s0 is not valid (left unmapped).
[  354.737170][T21638] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.798981][T21638] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.818077][T21764] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  354.827091][T21764] tipc: Resetting bearer <eth:syzkaller0>
[  354.834620][T21763] tipc: Disabling bearer <eth:syzkaller0>
[  354.865769][T21638] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  354.880442][T21638] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  354.893805][T21638] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  354.909956][T21638] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  354.940856][T21640] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  354.955827][T21640] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  354.966157][T21640] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  354.978713][T21779] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  354.987051][T21640] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  355.003650][T21779] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  355.011912][T21779] System zones: 1-12
[  355.017134][T21779] EXT4-fs (loop3): 1 truncate cleaned up
[  355.044572][T21638] 8021q: adding VLAN 0 to HW filter on device bond0
[  355.076925][T21638] 8021q: adding VLAN 0 to HW filter on device team0
[  355.092359][  T875] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.097140][T21798] Alternate GPT is invalid, using primary GPT.
[  355.099429][  T875] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.105789][T21798]  loop3: p1 p2 p3
[  355.116451][T21798] loop3: partition table partially beyond EOD, truncated
[  355.126010][T21802] netem: change failed
[  355.133600][  T875] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.134301][T21802] netlink: 'syz.2.6661': attribute type 10 has an invalid length.
[  355.140671][  T875] bridge0: port 2(bridge_slave_1) entered forwarding state
[  355.162497][T21804] siw: device registration error -23
[  355.186502][T21806] netlink: 'syz.2.6661': attribute type 10 has an invalid length.
[  355.226422][T21638] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  355.250860][T21640] 8021q: adding VLAN 0 to HW filter on device bond0
[  355.263478][T21802] bond0: (slave dummy0): Releasing backup interface
[  355.278425][T21806] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.6661: missing EA_INODE flag
[  355.294246][T21802] team0: Port device dummy0 added
[  355.300825][T21813] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  355.308064][T21806] EXT4-fs (loop2): Remounting filesystem read-only
[  355.320812][T21640] 8021q: adding VLAN 0 to HW filter on device team0
[  355.333652][T21813] tipc: Resetting bearer <eth:syzkaller0>
[  355.354359][T10175] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.361617][T10175] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.371175][T21812] tipc: Disabling bearer <eth:syzkaller0>
[  355.384269][T10175] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.391339][T10175] bridge0: port 2(bridge_slave_1) entered forwarding state
[  355.417121][T21638] 8021q: adding VLAN 0 to HW filter on device batadv0
[  355.451910][T21829] netlink: 'syz.0.6669': attribute type 4 has an invalid length.
[  355.466233][T21824] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  355.488052][T21832] netem: change failed
[  355.497496][T21824] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  355.527210][T21824] System zones: 1-12
[  355.543982][T21824] EXT4-fs (loop2): 1 truncate cleaned up
[  355.570928][T21640] 8021q: adding VLAN 0 to HW filter on device batadv0
[  355.666753][T21851] Alternate GPT is invalid, using primary GPT.
[  355.673112][T21851]  loop2: p1 p2 p3
[  355.676941][T21851] loop2: partition table partially beyond EOD, truncated
[  355.752469][T21864] ªªªªªª: renamed from vlan0 (while UP)
[  355.765786][T21638] veth0_vlan: entered promiscuous mode
[  355.791116][T21638] veth1_vlan: entered promiscuous mode
[  355.822909][T21638] veth0_macvtap: entered promiscuous mode
[  355.829127][T21876] FAULT_INJECTION: forcing a failure.
[  355.829127][T21876] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.834365][T21638] veth1_macvtap: entered promiscuous mode
[  355.842474][T21876] CPU: 1 UID: 0 PID: 21876 Comm: syz.3.6676 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  355.842555][T21876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  355.842642][T21876] Call Trace:
[  355.842649][T21876]  <TASK>
[  355.842657][T21876]  __dump_stack+0x1d/0x30
[  355.842683][T21876]  dump_stack_lvl+0xe8/0x140
[  355.842709][T21876]  dump_stack+0x15/0x1b
[  355.842732][T21876]  should_fail_ex+0x265/0x280
[  355.842790][T21876]  should_fail+0xb/0x20
[  355.842813][T21876]  should_fail_usercopy+0x1a/0x20
[  355.842846][T21876]  _copy_from_user+0x1c/0xb0
[  355.842885][T21876]  ___sys_sendmsg+0xc1/0x1d0
[  355.842930][T21876]  __x64_sys_sendmsg+0xd4/0x160
[  355.843008][T21876]  x64_sys_call+0x17ba/0x3000
[  355.843083][T21876]  do_syscall_64+0xd8/0x2c0
[  355.843121][T21876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.843192][T21876] RIP: 0033:0x7fcbc478f749
[  355.843209][T21876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.843230][T21876] RSP: 002b:00007fcbc31f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  355.843251][T21876] RAX: ffffffffffffffda RBX: 00007fcbc49e5fa0 RCX: 00007fcbc478f749
[  355.843279][T21876] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000006
[  355.843344][T21876] RBP: 00007fcbc31f7090 R08: 0000000000000000 R09: 0000000000000000
[  355.843358][T21876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  355.843397][T21876] R13: 00007fcbc49e6038 R14: 00007fcbc49e5fa0 R15: 00007ffe53975c38
[  355.843418][T21876]  </TASK>
[  356.023982][T21880] EXT4-fs: inline encryption not supported
[  356.025888][T21638] batman_adv: batadv0: Interface activated: batadv_slave_0
[  356.038034][T21880] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  356.062174][T21638] batman_adv: batadv0: Interface activated: batadv_slave_1
[  356.085594][T21640] veth0_vlan: entered promiscuous mode
[  356.099772][   T93] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  356.114421][T21640] veth1_vlan: entered promiscuous mode
[  356.139328][   T93] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  356.169654][T21640] veth0_macvtap: entered promiscuous mode
[  356.177903][   T41] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  356.188885][T21640] veth1_macvtap: entered promiscuous mode
[  356.196156][   T41] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  356.211400][T21640] batman_adv: batadv0: Interface activated: batadv_slave_0
[  356.224808][T21640] batman_adv: batadv0: Interface activated: batadv_slave_1
[  356.238017][   T93] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  356.284415][   T93] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  356.298828][   T93] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  356.316935][T21889] ------------[ cut here ]------------
[  356.322424][T21889] EA inode 11 i_nlink=2
[  356.322450][T21889] WARNING: fs/ext4/xattr.c:1058 at ext4_xattr_inode_update_ref+0x2e6/0x320, CPU#0: syz.3.6682/21889
[  356.337457][T21889] Modules linked in:
[  356.341358][T21889] CPU: 0 UID: 0 PID: 21889 Comm: syz.3.6682 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  356.351203][T21889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  356.361352][T21889] RIP: 0010:ext4_xattr_inode_update_ref+0x305/0x320
[  356.368060][T21889] Code: 31 ce 9c ff 4c 8d 2d ea ba 20 05 49 8d 7e 40 e8 91 63 b8 ff 49 8b 6e 40 4c 89 e7 e8 a5 5e b8 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 2b ff ff ff e8 2c f9 ba 03 66 66 66 2e 0f 1f 84
[  356.387709][T21889] RSP: 0018:ffffc90004b4f5a0 EFLAGS: 00010246
[  356.393862][T21889] RAX: ffff888102624c90 RBX: ffff88811a6264e8 RCX: ffffffff81bb526b
[  356.402008][T21889] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff86dc0d40
[  356.410005][T21889] RBP: 000000000000000b R08: 000188811a62649b R09: 0000000000000000
[  356.418062][T21889] R10: ffffc90004b4f4d0 R11: 0001c90004b4f4d0 R12: ffff88811a626498
[  356.426051][T21889] R13: ffffffff86dc0d40 R14: ffff88811a626450 R15: 0000000000000001
[  356.434017][T21889] FS:  00007fcbc31d66c0(0000) GS:ffff8882aedc2000(0000) knlGS:0000000000000000
[  356.442961][T21889] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  356.449618][T21889] CR2: 0000001b2d621ff8 CR3: 000000010a294000 CR4: 00000000003506f0
[  356.457654][T21889] Call Trace:
[  356.460975][T21889]  <TASK>
[  356.463903][T21889]  ext4_xattr_set_entry+0x77f/0x1020
[  356.469304][T21889]  ext4_xattr_ibody_set+0x184/0x3c0
[  356.474525][T21889]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[  356.480421][T21889]  __ext4_expand_extra_isize+0x246/0x280
[  356.486108][T21889]  __ext4_mark_inode_dirty+0x29d/0x3f0
[  356.491608][T21889]  ext4_evict_inode+0x7c4/0xd40
[  356.496789][T21889]  ? __pfx_ext4_evict_inode+0x10/0x10
[  356.502167][T21889]  evict+0x2af/0x510
[  356.506207][T21889]  ? __dquot_initialize+0x146/0x7c0
[  356.511410][T21889]  iput+0x4bd/0x650
[  356.515313][T21889]  ext4_process_orphan+0x1a9/0x1c0
[  356.520505][T21889]  ext4_orphan_cleanup+0x6a8/0xa00
[  356.525702][T21889]  ext4_fill_super+0x3411/0x37a0
[  356.530639][T21889]  ? set_blocksize+0x1a8/0x310
[  356.535501][T21889]  ? sb_set_blocksize+0xfc/0x170
[  356.540487][T21889]  ? setup_bdev_super+0x30e/0x370
[  356.545558][T21889]  ? __pfx_ext4_fill_super+0x10/0x10
[  356.550877][T21889]  get_tree_bdev_flags+0x291/0x300
[  356.556008][T21889]  ? __pfx_ext4_fill_super+0x10/0x10
[  356.561317][T21889]  get_tree_bdev+0x1f/0x30
[  356.565779][T21889]  ext4_get_tree+0x1c/0x30
[  356.570265][T21889]  vfs_get_tree+0x57/0x1d0
[  356.574814][T21889]  do_new_mount+0x24d/0x6a0
[  356.579416][T21889]  path_mount+0x4ab/0xb80
[  356.583780][T21889]  ? user_path_at+0xbf/0x130
[  356.588509][T21889]  __se_sys_mount+0x28c/0x2e0
[  356.593185][T21889]  __x64_sys_mount+0x67/0x80
[  356.597788][T21889]  x64_sys_call+0x2cca/0x3000
[  356.602504][T21889]  do_syscall_64+0xd8/0x2c0
[  356.607111][T21889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.613008][T21889] RIP: 0033:0x7fcbc4790eea
[  356.617452][T21889] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.623820][   T93] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  356.637149][T21889] RSP: 002b:00007fcbc31d5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  356.654262][T21889] RAX: ffffffffffffffda RBX: 00007fcbc31d5ef0 RCX: 00007fcbc4790eea
[  356.662358][T21889] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fcbc31d5eb0
[  356.670384][T21889] RBP: 0000200000000180 R08: 00007fcbc31d5ef0 R09: 0000000000800700
[  356.678454][T21889] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  356.686475][T21889] R13: 00007fcbc31d5eb0 R14: 000000000000046f R15: 000000000000002c
[  356.694476][T21889]  </TASK>
[  356.697732][T21889] ---[ end trace 0000000000000000 ]---
[  356.713277][T21902] netlink: 'syz.0.6684': attribute type 1 has an invalid length.
[  356.730575][T21889] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #18: comm syz.3.6682: iget: bad extra_isize 90 (inode size 256)
[  356.730666][T21902] 8021q: adding VLAN 0 to HW filter on device bond1
[  356.763690][T21889] EXT4-fs (loop3): Remounting filesystem read-only
[  356.770689][T21889] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -30)
[  356.774737][T21902] bond1: (slave veth3): Enslaving as an active interface with a down link
[  356.779978][T21889] EXT4-fs (loop3): 1 orphan inode deleted
[  356.807541][T21897] set_capacity_and_notify: 7 callbacks suppressed
[  356.807617][T21897] loop4: detected capacity change from 0 to 512
[  356.819832][T21902] vlan3: entered allmulticast mode
[  356.825604][T21902] veth1: entered allmulticast mode
[  356.830173][T21897] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  356.831334][T21902] veth1: entered promiscuous mode
[  356.849259][T21902] veth1: left promiscuous mode
[  356.854503][T21897] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  356.857182][T21907] __nla_validate_parse: 24 callbacks suppressed
[  356.857196][T21907] netlink: 256 bytes leftover after parsing attributes in process `syz.6.6616'.
[  356.870197][T21897] System zones: 1-12
[  356.878256][T21902] bond1: (slave vlan3): making interface the new active one
[  356.889512][T21897] EXT4-fs (loop4): 1 truncate cleaned up
[  356.890507][T21902] veth1: entered promiscuous mode
[  356.907251][T21902] vlan3: entered promiscuous mode
[  356.912831][T21902] bond1: (slave vlan3): Enslaving as an active interface with an up link
[  356.929573][T21897] netlink: 4 bytes leftover after parsing attributes in process `'.
[  356.986848][T21893] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  356.994937][T21893] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  356.998544][T21919] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.106499][T21926] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6689'.
[  357.122631][T21926] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6689'.
[  357.139479][T21926] loop2: detected capacity change from 0 to 512
[  357.146463][T21926] EXT4-fs: inline encryption not supported
[  357.152630][T21926] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  357.171386][T21919] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.256409][T21932] loop6: detected capacity change from 0 to 128
[  357.266125][T21919] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.287870][T21932] FAT-fs (loop6): Directory bread(block 414) failed
[  357.289990][T21928] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6690'.
[  357.297506][T21934] syzkaller0: entered promiscuous mode
[  357.308953][T21934] syzkaller0: entered allmulticast mode
[  357.314987][T21932] FAT-fs (loop6): Directory bread(block 415) failed
[  357.326360][T21932] FAT-fs (loop6): Directory bread(block 416) failed
[  357.327386][T21919] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.333030][T21932] FAT-fs (loop6): Directory bread(block 417) failed
[  357.351167][T21932] FAT-fs (loop6): Directory bread(block 418) failed
[  357.374525][T21932] FAT-fs (loop6): Directory bread(block 419) failed
[  357.381420][T21932] FAT-fs (loop6): Directory bread(block 420) failed
[  357.388299][T21932] FAT-fs (loop6): Directory bread(block 421) failed
[  357.403041][ T1600] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  357.407760][T21932] FAT-fs (loop6): FAT read failed (blocknr 128)
[  357.417528][ T1600] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  357.434528][ T1600] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  357.443564][ T1600] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  357.689534][T21936] loop2: detected capacity change from 0 to 2048
[  357.741744][T21936] Alternate GPT is invalid, using primary GPT.
[  357.748671][T21936]  loop2: p2 p3 p7
[  357.822901][   T29] kauditd_printk_skb: 271 callbacks suppressed
[  357.822916][   T29] audit: type=1326 audit(1765961919.716:22646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21942 comm="syz.0.6695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b48ff749 code=0x7ffc0000
[  357.852730][   T29] audit: type=1326 audit(1765961919.716:22647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21942 comm="syz.0.6695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f75b48ff749 code=0x7ffc0000
[  357.881328][   T29] audit: type=1326 audit(1765961919.776:22648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21942 comm="syz.0.6695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b48ff749 code=0x7ffc0000
[  357.904988][   T29] audit: type=1326 audit(1765961919.776:22649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21942 comm="syz.0.6695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b48ff749 code=0x7ffc0000
[  357.929046][   T29] audit: type=1326 audit(1765961919.776:22650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21942 comm="syz.0.6695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f75b48ff749 code=0x7ffc0000
[  357.952816][   T29] audit: type=1326 audit(1765961919.776:22651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21942 comm="syz.0.6695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b48ff749 code=0x7ffc0000
[  357.976998][   T29] audit: type=1326 audit(1765961919.776:22652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21942 comm="syz.0.6695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b48ff749 code=0x7ffc0000
[  358.000942][   T29] audit: type=1326 audit(1765961919.776:22653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21942 comm="syz.0.6695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f75b48ff749 code=0x7ffc0000
[  358.024543][T21948] loop2: detected capacity change from 0 to 2048
[  358.024626][   T29] audit: type=1326 audit(1765961919.776:22654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21942 comm="syz.0.6695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75b48ff749 code=0x7ffc0000
[  358.054539][   T29] audit: type=1326 audit(1765961919.776:22655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21942 comm="syz.0.6695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f75b48ff749 code=0x7ffc0000
[  358.117611][T21948] Alternate GPT is invalid, using primary GPT.
[  358.117831][T21956] FAULT_INJECTION: forcing a failure.
[  358.117831][T21956] name failslab, interval 1, probability 0, space 0, times 0
[  358.123857][T21948]  loop2: p1 p2 p3
[  358.136514][T21956] CPU: 1 UID: 0 PID: 21956 Comm: syz.6.6700 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  358.136556][T21956] Tainted: [W]=WARN
[  358.136637][T21956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  358.136667][T21956] Call Trace:
[  358.136674][T21956]  <TASK>
[  358.136745][T21956]  __dump_stack+0x1d/0x30
[  358.136772][T21956]  dump_stack_lvl+0xe8/0x140
[  358.136858][T21956]  dump_stack+0x15/0x1b
[  358.136881][T21956]  should_fail_ex+0x265/0x280
[  358.136907][T21956]  should_failslab+0x8c/0xb0
[  358.136959][T21956]  kmem_cache_alloc_noprof+0x69/0x4b0
[  358.136985][T21956]  ? audit_log_start+0x342/0x720
[  358.137034][T21956]  audit_log_start+0x342/0x720
[  358.137058][T21956]  ? kstrtouint+0x76/0xc0
[  358.137103][T21956]  audit_seccomp+0x48/0x100
[  358.137142][T21956]  ? __seccomp_filter+0x832/0x1260
[  358.137174][T21956]  __seccomp_filter+0x843/0x1260
[  358.137208][T21956]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  358.137242][T21956]  ? vfs_write+0x7e8/0x960
[  358.137263][T21956]  ? __rcu_read_unlock+0x4f/0x70
[  358.137285][T21956]  ? __fget_files+0x184/0x1c0
[  358.137331][T21956]  __secure_computing+0x82/0x150
[  358.137362][T21956]  syscall_trace_enter+0xcf/0x1e0
[  358.137404][T21956]  do_syscall_64+0xb2/0x2c0
[  358.137439][T21956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.137509][T21956] RIP: 0033:0x7f074977f749
[  358.137526][T21956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.137605][T21956] RSP: 002b:00007f07481df028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2
[  358.137625][T21956] RAX: ffffffffffffffda RBX: 00007f07499d5fa0 RCX: 00007f074977f749
[  358.137644][T21956] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000c
[  358.137658][T21956] RBP: 00007f07481df090 R08: 0000000000000000 R09: 0000000000000000
[  358.137744][T21956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  358.137757][T21956] R13: 00007f07499d6038 R14: 00007f07499d5fa0 R15: 00007fff5fd2cd98
[  358.137777][T21956]  </TASK>
[  358.212601][T21962] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6695'.
[  358.213650][T21948] loop2: partition table partially beyond EOD, truncated
[  358.463975][T21969] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6705'.
[  358.477073][T21970] loop6: detected capacity change from 0 to 512
[  358.487594][T21970] EXT4-fs mount: 25 callbacks suppressed
[  358.487611][T21970] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.506537][T21970] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  358.540921][T21970] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 3: comm syz.6.6706: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  358.561525][T21970] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 12: comm syz.6.6706: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0
[  358.583165][T21970] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 13: comm syz.6.6706: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=3653246737, rec_len=65536, size=2048 fake=0
[  358.607606][T21970] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #2: block 18: comm syz.6.6706: lblock 23 mapped to illegal pblock 18 (length 1)
[  358.608235][T21976] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6707'.
[  358.634853][T21976] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6707'.
[  358.646473][T21976] loop2: detected capacity change from 0 to 512
[  358.652840][T21976] EXT4-fs: inline encryption not supported
[  358.659571][T21976] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  358.752427][T21985] loop2: detected capacity change from 0 to 512
[  358.759643][T21985] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  358.770619][T21985] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002]
[  358.778931][T21985] System zones: 1-12
[  358.783209][T21985] EXT4-fs (loop2): 1 truncate cleaned up
[  358.789396][T21985] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.814611][T19089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.827979][T19089] ==================================================================
[  358.836063][T19089] BUG: KCSAN: data-race in mlock_new_folio / need_mlock_drain
[  358.843526][T19089] 
[  358.845846][T19089] read-write to 0xffff888237d27010 of 1 bytes by task 21983 on cpu 1:
[  358.854006][T19089]  mlock_new_folio+0x143/0x240
[  358.858771][T19089]  folio_add_lru_vma+0x5f/0x70
[  358.863554][T19089]  handle_mm_fault+0x2858/0x2c60
[  358.868604][T19089]  __get_user_pages+0x1024/0x1ed0
[  358.873633][T19089]  __mm_populate+0x243/0x3a0
[  358.878235][T19089]  __se_sys_mremap+0xad4/0xb30
[  358.883002][T19089]  __x64_sys_mremap+0x67/0x80
[  358.887679][T19089]  x64_sys_call+0x2944/0x3000
[  358.892357][T19089]  do_syscall_64+0xd8/0x2c0
[  358.896874][T19089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.902766][T19089] 
[  358.905087][T19089] read to 0xffff888237d27010 of 1 bytes by task 19089 on cpu 0:
[  358.912707][T19089]  need_mlock_drain+0x30/0x50
[  358.917409][T19089]  __lru_add_drain_all+0x273/0x450
[  358.922549][T19089]  lru_add_drain_all+0x10/0x20
[  358.927320][T19089]  invalidate_bdev+0x47/0x70
[  358.931909][T19089]  ext4_put_super+0x624/0x7d0
[  358.936587][T19089]  generic_shutdown_super+0xe6/0x210
[  358.941888][T19089]  kill_block_super+0x2a/0x70
[  358.946569][T19089]  ext4_kill_sb+0x42/0x80
[  358.950901][T19089]  deactivate_locked_super+0x75/0x1c0
[  358.956295][T19089]  deactivate_super+0x97/0xa0
[  358.960984][T19089]  cleanup_mnt+0x2a9/0x320
[  358.965410][T19089]  __cleanup_mnt+0x19/0x20
[  358.969833][T19089]  task_work_run+0x131/0x1a0
[  358.974424][T19089]  exit_to_user_mode_loop+0x1fe/0x740
[  358.979795][T19089]  do_syscall_64+0x1ef/0x2c0
[  358.984401][T19089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.990300][T19089] 
[  358.992612][T19089] value changed: 0x12 -> 0x15
[  358.997273][T19089] 
[  358.999585][T19089] Reported by Kernel Concurrency Sanitizer on:
[  359.005730][T19089] CPU: 0 UID: 0 PID: 19089 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  359.017287][T19089] Tainted: [W]=WARN
[  359.021089][T19089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  359.031144][T19089] ==================================================================
[  359.052503][T21975] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.6706: corrupted inode contents
[  359.068720][T21975] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #2: comm syz.6.6706: mark_inode_dirty error
[  359.080558][T21975] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.6706: corrupted inode contents
[  359.343621][T21638] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.602751][T21640] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.155135][   T41] vlan3: left promiscuous mode