last executing test programs:

2.192053793s ago: executing program 2 (id=384):
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x1ff, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xfffffffd, 0x0, 0x8}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0xa)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

2.144091877s ago: executing program 2 (id=385):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b\x00\x00\x00\b\x00\x00\x00'], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

2.082583852s ago: executing program 2 (id=387):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r2)
fcntl$setsig(r0, 0xa, 0x0)
sendmsg$NFC_CMD_DEP_LINK_UP(r2, &(0x7f0000000600)={0x0, 0xffffffffffffff24, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff})
fcntl$setlease(r4, 0x400, 0x0)

1.579951313s ago: executing program 3 (id=394):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socket(0xa, 0x3, 0x3a)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000110000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x91)
newfstatat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x4000)
setreuid(0x0, r4)
setrlimit(0x40000000000008, &(0x7f0000000000))
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f00000001c0)={0x200000000000001}, 0x8)
sendto$inet6(r5, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x66, &(0x7f00000068c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd6007000000303a00fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r7, &(0x7f0000000000)={0x1f, 0x5, @none, 0x0, 0x2}, 0xe)
listen(r7, 0xa1)
sendmsg$key(r6, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="020549020e000000000000000000000005000600ff0000000a004e230000000300000000000000000000ffff0a010100c4bb00000000000002000100ffffff7db00025000000000005000500ff0000000a000000fffffffffc0200000000000000000000000000800000000000000000"], 0x70}}, 0x84)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x6ba9bb92d89281a0)
lseek(0xffffffffffffffff, 0x80000000457, 0x0)

1.542905025s ago: executing program 3 (id=396):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b000000000000000000efffffff0300000043c633c2a49207d1322aad848563b58e5b00573db83e83c91334", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xe, 0x17, &(0x7f0000000cc0)=ANY=[@ANYRESHEX, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b703000000000000850000006d000000bf09000000000000b609040012000000650006000d0000001801000020646c259af8ff000000002d9a00000000090000f8ffffffb702000008000000080000000000000015000000060000003d93000000000000b5030000000000008500000076000000000000000000000066c7b50a0c00"/157, @ANYRESHEX=r0, @ANYRES16=r0, @ANYBLOB="1b8d99829559e2fe4fb64d2c51533f09201164ccb7ebdd5df18a5116df7cf64f526d84ff49e14ec124fc3bce1c1e01a64d5fe494b70770b11fb050dc70ad6337d484b10d22d09e37b11eae0e1af942665239a9cd3cb1e435fe67167b12d85c5df761d936c4ee6ba0954cc61ac5c03ff4d94591dd6cd76a409c4a0e36b072d3485d9bd4e3ce962f1dade13ca9f1053fdb9f886cc82d9df4d822f7bacda90cbbed6eeb2ce05ff046f1987c6e343b3226f82d66825e37b1eee85edfe9b88b045a49ac6dc3bb629aad8e739e269028076de6d87adb4c4d53e73ed549b5631d08dfd191cb5d253920256950de2a2718977de8331d5961bdafa65c09797fa1977378328b43a2c1e4621cd39e00ec7ab4c32970176ba37ba787b857e4aed93bece26e6d1120fcd6ada7708c050f5a37cf71ff8e360ff6f9f455335aa2aeed9d9ee5b8a8a28a0d1d66e9902a54b52cfdaba40530677b0c25cf450923b8f4fa11ae026d4cd510e04c65254b2090e227bb81aba2e19ded0b285bb812a7628cbfd28bc4cde5e53b4bb12c5665873800c92f190e2b2cab72cc511fc42fade4ba5156ca8594f75e88e2b86ef8018b042f1333267aa89f2ca9b048bf6c6a6d017ce5c78fa19fb8c3d95562c078e47a62790e39547a34f4fed153f4d4fa2df9d21c5751850076df537e1b59a4340a624b55c9d5df8e8b3cbea371cfb18744c1146c98dac6085574a8f878fa6f8c02853074e3f1355b286910f450f6d5ebffc5971cdfbbf8a6c5208e412f7c11012feff73ce272d0ca8064aedfc98041aa39ad486cc9d86c3454b22eb059583e2abcfb10adba6fc8d85aef109c8c247ad7af6fa256447b1e477920be00fda17eb24459d906214c64ee0b8d5d39dd973743823dabe2f8063778faf54e22ec550aa97936a49e5adcf08c6a1b45c9d002b99c08843789dc3add7c4500b15d80ee21bdfbe1cb93c86b4f0cece63107561e6a522dfff31aab250c82d8a00105df75372b0c00b9c797ab87cf9679fe55b7c23a2bb880c570b0bfab27c39290d3b4218a0318dbda0ec54957c5db1667c04649f6980c2d59062272e29b7bf927ea84d1bff879dc3d83a1d40ded0182da2a56afac5d756064192c6ff690a5d5d7d4afb390827a7363bdad07c3668c9e9b6a8e7dcff93f0539ada0007aaf9c122f0c0503a06714898b7394e270ea1d88cf88111707e487c5748f4f51e3410ae533b25d708697ab4d6f8fd1f83f48b7908c617ba52937092908b3410d2fd35c1cae5a108b3fa8d0884c0519c87837063004451be0ab3d041ce4913bf9c1a8350ca552e736ec49c75c3a638788dee3adad7bbd8250332be0b4d5c6a4776ebc58c1f71153bb44b573bee11ad62cd1af64758d0d2e3a2d49d36f8d7999226f55b57bb54906e319a0b2f0818fa0cacdd7536e045c24d4e5bab1fc952c6590cfebbc399e4978b441f724105d6c3948ec8b3ba8a2d832443d2a657a58234a3176aca5c45b2f8d172790d7d7da735380ea2b84a4a62ac884aebd7c4c8fbb0f32073945e01cb6c333b1da5b8b5a02837f8e05eb5ab5a1dbb68be52829f6244e5beac55ec580488280a4096ab739578184ad0bab1bda84a9335c865c426a4e4ac99f056946d2bbdd8da758270165ea2612d7af380afc78db5135785519f515de85fdccea35e05e9d590b673814ca9f0104d21c9846a93177610d9cb969b37edfa6cf57046cae795f01027884babaf6130966794ab6fbd4a98bffc6f21ea0da210da4cba4b2987a6239e4a77f770de7558aafda70fa44854cbf802125e97a5dca7d4613d805cc854a4692e19b7d8f5e97b49dbcd2ee41f468e2076ff7172b089246cbc42b3cae824d696f4a2b1e41f0ced1010c26a31912f2c742e0119c488a32fea7adbd14775b4b5388c699575b550567f7e250aca063ffbaccbe08b4917c74651a0aff134439729aaf04c166ac97f95b48ec4839f0d7f72ede196aced166c7781452e082ef8a3839b5d7f9c00017550d302ba304b06139ad86e65d60af06eba0c174c16716017b7bb94a01e18c89f84f6f1a55babdf275a53e922daca419f1e445dd01ccf907a2fef9b8ea28f985761fee86e890cd291f88390ca18c6efb0442ddc296f9110b5fe834cf4f3f24baa39945abfba8f8b35b0d76e8c4640949e11732e5e7154d2cbb3909477e5f4d01e6a861f4c054c24ed57e717395714434d60671f67eca0095b0ac987b2ed931013563f52f3ab849ddbd7ab342bab897db123e27b687dbed20f60b68f5d0922be854ffd6fb1cc2719c2f310d39c22f83c0e5d553b41ceff6191841b2f0ce6521cbc561f155b2a2eb777db0c5147f1a89f7c86f08edb1a4697dee1fbfb5f1444224e6b2a398f787acb80ee6f73223887c10495c47750cc0bb7494ea87e172b76232857aa6adce7708f1b80760e273f705dae4e315cee0d50240731aafa84a6704269d9ef0f0f8dc50a23afe8455fb5476434e162458cdba4cabb7c6e0600e0777940ddcf115cc9372ec5d956089e84454033fa1662fe1dc06950d6675affd8e030b4db333cb2b9047c48dc9d5c2b131dd2da7b60065606ece2250d7f6f52d4f68573d3c7fbcac799fa921b0738a9acfb4520fda2f99e2d233ab16a12132bac89fed65c21897b1cc603ae0762c8ddf4bf0f5669b12af00e847bbe2c213a9b7528d1b75829126a35ee45ffb20b1aa07fa6eb41191251c92602539e0edfaf033c00a57c8c97c2e91cbb65b4531ffd05239cf74238e5f60ad6ee2f80b96ac90897fde8277413f9822ad23bb2f61a88f960434d797a084a6c112b17b8c670b2248208fff362ccf5d08d0acfa6e513319771bcecc9eb1f1d173e86688dbf0d67d16fc6bcc517f42c75c7d1b85583dad3ec1bd0d6235cf50b37de294ed6717e0626b75ce4d52afbbbbea9ecf7c3b4bf9a35ba2a8f4ef929035982498eac28782bfebaab6544d963de8f62e98edaa89e398829c4b6c991bff16b6bd85ff915580c3c9bf8957ec54852a41da858eb98c8ae697c311800598a700adfef81c73e9bdaaec2d4dd79ec790d303c2371c3a5435a81afb866421e77810f0a3f3940c949ce08339fba31806c05fd5db3de2b39330b4a8cb9b1d96ef8004097febad67ad26d0637e222373f9897c231e0b122a19d06ebf0c40c357caf55c8719c63cfde15177f5b8cffa3888f63648ac8a2f2b517c8a3cd217576f3e1a8101724e9b1a2d07255db93fb47e424ae8581fa0746ed222f906920cb42899f44e8718f2b06fe01f1ff623ef93dcdb7d1e2a85d44df5c8f9545a7150b230677e9b91ecde4296eaf4440b60c94593e0838911e8c7d2e947dc7e1361ee056a71ee0aa342d94fb48be9f19ff93059488b30cba928a9e395f2df69071ec2c9f952846607487093f52f3b88749bce5e343863d390f5c386e649ac6edcc95af48d9f2df142d1e487f4314a63f88352c4a0a1a325898f4c1445801f36af388b0b7d47a0a33208875483d5c6ea7c48b801dfae8731d06abacc23933b051c547489bf86a889646adaedd43dc287c14d27b646e9f198ba6b78c25cae8b5971636ce18b5ea588976ee56a1c2541b04b4729e020eb6cac4cb8ce94cd1afe595e2c2e6242dea3f8573b18ab0b1b63ab79e41484f5683116fbabd321111870b5232bfb873460823e31dc0160b500eb4275e97086df00c4866c3ee74d93ca036c5fd92c67f784b1f6717771a3c2bfc4f37a7e2d4084ac394b87bec7328d61c9abaead5c6529993fadae3e1611fa75554aded56c1578b50e6e05d6c5abdfeed2972a1c8fbef0c46efcf828df860d69089719931da78bca88231fdabf8f10d7c9ccff44f0ecdf9fb759e20f8ede69c543e8f63990785f0372e27eb89640e00dbb5ead8dc9bd9986af3430c8872eb6e13e2733692b1251505aac4c9c8615420ae6dd8348b1499dbefae13cad008556f88f0f926d0784e84cbe7a64d55099fe4ddaea7be764bfd0a1ef762c38653542f3eb62d78150a25ccc5ac616624d42c4dc8923b8baa76c4febc4b930c2e7d102638f666df32534102a97cbebbb0b2cb1328b28148c40dfc4fa81c6f9bada017b9af061269f8dabaa426d0a1611ece076e4b9ca85873356d979fbc1647a6e3713ac81bfce9e403841a6b76a33828b0bdaf4caafbb2f889c7cf651a05be4195c96d332ddf7f362229e744e80e4bffbc8cdeae71cf9079988197ad42b66f92a741afac969c6309e3977106b60828cf223d1492e4b07b80289cbe469792bef4b8b701c9630f97cebfdf6fd5a3f29f44e6d7763501bf08d5eb9b27e419c7e31237a468c6edf60d50d52ea41e4837088c14605752f3f471e7884cc88f0f082eb29d36fc537573233e8436e57d2bfe0e60489c97df907b64b0a10280555bf30f150227f87634b70e070ee5640847e25a984447f8ebc01c9dad4b192b5b32f39d1262752f3e2d66f3e6d61cb31a7cd7ec74ea71b7af44e8e5401d0894d3ac4452ebdf8fbd99032ae9a0b29bf0b90f66c379b7f508362a4ebca257599c3e5e94634e2410cc6373f982cb5689c417dbdde4231ad279a4092b6245b5aa7506abff85662bd8792dd629b27481e3452c55cea2e2cb8d6e4a578162295c7d2b7bd199e989eed9926930d2173cd7b3ed9536f50f09b2a7a42b4c04d883adcc264f95268097b5cd780fa69ae0e35e9833ba260773ec0345210586e2350c1edf2a19ac793ff672b0b485e2578d797d8873e6a6ea8192c0ae12a23e5e5fbf081ca1d8c03886814bb6a08a42c70e25e5b6083b1a25bb706922c6664e69322290dac5021c02b252eda3c0f9e4f6ed05ebdfd50301704896b25742cdd5dbed3fe3d02baa7d305e4fc909b06dccbcfdff65e9ce4145127937182d485fc48ed56065b1583c5c0b854089ee2e0eacf9810fe359f318ed1a55160947397ee4bcbd90c7a621d077677b844ad4817fb663144cf069d145b81d1e437d8a2405c62e9cf7e21972f142ad659663f6457a47416575bd66e8a21f19c2aa379e163d54f3ca9104a718f7aae53694d31fead20abb4b0abd95110e5de1164d14846be9cf47148964f6358660859a2b2db2e1b7a1e9ec28939fd5d011d54852339743a9466de7b6162bcf1b8965df3a59c27785b1d61d1f9e77f245db6f7d7d58c1ebb2395bace9b11d9a21f30d37f324d1f9a45c5bca075134f91d49249ed6b334f6c4ee56ee6552b46ee40b3022e5ddaeaac841090a6176d95d57a87b90a6dc50e940e9317d9f01f63f2a3454378b5f10937d06d285d445d9b9901ea693d98882d9fe1b3a96dc290eb5360c7a2cb79b288566e5d8a383ad7ab0aea863dc65f60273c668aba33155954d7d9a1af8fdd32b232730bfcf4f83d2d2726816172d9b6c3c6fc8f3e3cccf49a547367257e6bb03f18a26e7cf212ac8cef4c58f1851774cb3e3fd7d00f0a532abcd0dd35742159da2420381cb966cba229b55136855a89c0d4949141348a5bf0bb77a0b5f272bc600848b5daacf69f3c0f610986f81d1fdfdb38a8a69baebb4c7876c6bf7233ad0c1825d2a3f0b71f4c7b02976e94b3845d780869157e8d67b5e9586792b119777cae91c7bd05bedd69b15ce8cc2f393f050e91690b8128e28b21d802efcec5d8cdb2c17e75753450a21594fffc490be1576e1e6490516bf1adbd5a2d0f9717d598cbef4f84082ac0e01b6a65500ef0eedf65b32c3188763d9152ddf06a3a57fa670408366ab191b13d682901342111b1b8af7a6061034f0ec0f3e8dfd56a10bb96ad9694a03d726c25282519b88613df472d646e47886c75ca9365c41135", @ANYRES32=r0], &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f0000000280), 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'veth1_to_batadv\x00', <r2=>0x0})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000010240), 0x5a)
write(r4, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f16713d1cb80b3fa1bda74e3977b40e7af46b4c60b70d7a79ed5d8c48f52a50185980", 0x30)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7fffeffd)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bind$packet(r1, &(0x7f0000000300)={0x11, 0x5, r2, 0x1, 0x0, 0x6, @random="0256e946884b"}, 0x14)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
dup(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x16, 0xc, 0x0, &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x7a, '\x00', r2, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r7}, 0x18)
syz_open_dev$tty1(0xc, 0x4, 0x4)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)

1.522910507s ago: executing program 0 (id=397):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0)

1.482215871s ago: executing program 0 (id=398):
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f0000000000), 0x0)
r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x0, 0x800)
fcntl$notify(0xffffffffffffffff, 0x402, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{}, 0x0, 0x0}, 0x20)
syslog(0x4, &(0x7f0000000000)=""/19, 0xb12288e90d7c8384)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000300)={0x3, 0x1000}, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

1.388168658s ago: executing program 1 (id=399):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}, 0x1, 0x0, 0x0, 0x1}, 0x8010)

1.341577192s ago: executing program 0 (id=400):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa2000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x80000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kfree\x00', r1, 0x0, 0xfffffffffffffbff}, 0x18)
ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000380)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@max_batch_time={'max_batch_time', 0x3d, 0x131}}, {@mblk_io_submit}, {@quota}]}, 0x3, 0x437, &(0x7f0000000d80)="$eJzs281vG0UbAPBn7aR9+/UmVOWjaYFAQUR8JE1aSg9cikDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTRzHdhPHiQP+/aRtZ3bHmnm8M/bMThxAzxpO/0kiDkbEbxExUM2uLTBc/e/u8uLUX8uLU0mUy2/+mVTK3VlenMqL5q87kGf6IgqfJnGsQb3z165fmiyVZq5m+bGFy++NzV+7/tzs5cmLMxdnrkycPXv61PgLZyae70icaVx3hj6cO3701bdvvj51/uY7P32T5PHXxdGmvrr8cKvCT5bLW6xudzlUk07q3wl2rWLWcfsr438gijXdeCBe+aSrjQO2VblcLj/Q/PJSGfgPS6LbLQC6I/+iT9e/+bFDU49d4fa56gIojftudlSv9EUhK9Nft77tpOGIOL/095fpEZ15DgEA0NJ36fzn2Ubzv0LUPhf6f7aHMhgR90XE4Yg4ExFHIuL+iErZByPioU3WX79Jsn7+U7jVVmAblM7/Xsz2ttbO//LZXwwWs9yhSvz9yYXZ0szJ7D0Zif69aX68RR3fv/zr582u1c7/0iOtP58LZu241bd37WumJxcmtxJzrdsfRwz1NYo/WdkJSCLiaEQMtVnH7NNfH2927d7xt9CBfabyVxFPVe//UtTFn0ta70+O/S9KMyfH8l6x3s+/3HijWf1bir8D0vu/v2H/X4l/MKndr53ffB03fv+s6Zqm3f6/J3lrzbkPJhcWro5H7Eleqza69vxEXbmJ1fJp/CMnGo//w7H6ThyLiLQTPxwRj0TEo1nbH4uIxyPiRIv4f3zpiXfbj397pfFPb+r+ryb2RP2ZxonipR++XVPp4GbiT+//6UpqJDuzkc+/jbSrvd4MAAAA/z6FiDgYSWF0JV0ojI5W/4b/SOwvlObmF565MPf+lenqbwQGo7+QP+kaqHkeOp4t6/P8RF3+VPbc+Ivivkp+dGquNN3t4KHHHWgy/lN/FLvdOmDb+b0W9C7jH3qX8Q+9y/iH3tVg/O/rRjuAndfo+/+jLrQD2Hl149+2H/QQ63/oXQ3G/7lutAPYeb7/oSfN74t7/0heQmJdIgq7ohkS25To9icTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wTAAD//+e45xo=")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0)
ftruncate(r3, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmmsg(r5, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x1000}], 0x1}}], 0x1, 0x700, 0x0)
sendfile(r4, r3, 0x0, 0x578410eb)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
write$binfmt_misc(r3, &(0x7f0000000480)="ddea613bc1978861e5c37e396a2fb889293fffede8b42c9ba248676f19a40c7f6b0bdf33f89ca57b7425066f6a6a448153442d640d86023908af8dd9d080d2ac25abab129930ddc58bbb030ad56d2eae23d72eb3f4fce5a1fb9a20eef8802c918862df85d613da6ffa0a238ca6e38c676985a26ad262b3c3cf855d14e193a2fade32196090739ad434c135990fc75d7010ddb79ca6f76d9c88154209f9a2db55f5302634cd02184efa3c2b17fc75c68e90c0f99cdde1", 0xb6)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x6, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r6}, &(0x7f0000000080), &(0x7f0000000240)=r7}, 0x20)

1.340890552s ago: executing program 1 (id=401):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x26}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
set_mempolicy(0x3, &(0x7f0000000580)=0xffff, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00'})
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
sendmsg$nl_route(r0, 0x0, 0x4008054)
clock_adjtime(0x4, &(0x7f0000000140)={0x29bbb111, 0x9, 0x5, 0x8, 0x7, 0x8, 0x4, 0x7fffffff, 0x80, 0x8b68, 0x2, 0x0, 0x5, 0x52, 0x3, 0xfffffffffffffff9, 0x8, 0x8, 0x100000, 0x1, 0x101, 0x1, 0x7, 0x6, 0x44fd, 0xe3})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x480, &(0x7f0000000100)="$eJzs3E9sFNUfAPDvTLflx58fXRH/gKgoGol/WlpQOHjRxMSDJiZ6wGMthSALNbQmQhpbDMGLiZJwNyZeTEy8e/JExJOJV7wbEmO4gHpZM93ZZbvdbbdl2y3s55MMnbf7uu/7nZm382Ye0wB61t7snyRiW0Rcj4jBiEjrK2yuLFm92zdnxv++OTOeRLn87l9J9mtx6+bMeLVqkv/cWikUsg9KLyZR3LS43alz50+NlUoTZ/Py8PTpj4anzp1/6eTpsRMTJybOjB45cujgyOFXRl/uSJ5ZTLd2fzq5Z9eb719+e/zo5Q+ufV+Jt1y+cvXAgjw6oz8iZmrbpNGznW2s6/5ft54UuhgIK5J1zUJ+tF6Pwei7uL323mC88VlXgwPWVLlcLo+2fnuuDNzHkuh2BEB3VE/02fVvdakfAPy7tsOPrvvztcoFUJb37XypvFOIC3md/obr207aGxFH5/75Olui4X4KAMBa+Ckb/7zYZPxXjHi4rt72fG6oGBEPRMSOiHgwInZGxENRqftIRDy6wvb3NpQXj3/SG6vLrD3Z+O/VfG5r4fgvjTh87YejUSvNjwGL0Z8cP1maOJBvk/3RvykrjzT99CRiLvv525et2q8f/2VL1n51LJhPqd0oNMyfHRubHutI8ln+FyJ2F5rln0ShLohdEbF7lW2cfP67PQtf6autLZP/0jowz1T+JuK5yv6fi4b8q5Kl5yeH/xeliQPD1aNisV9+vfROq/bvKv8OyPb/lqbHfy3/YlI/XzuVv3pnknhguTYu/f55y2ua5fNPmx7/A8l7Cxr/ZGx6+uxIxEDy1uLX625wV8vV+ln++/c17/874s6WeCwisoP48Yh4IiKezGN/KiKejoh9S+T/8+vPfLj6/NdWlv/sivb/0ivVPln/Vt+pqz+2ar+9/X+oWpgPqp3vv+UjXXA0AwAAwH0tjYhtkaRDtfU0HRqq/H/5nbElLU1OTb9wfPLjM8cqzwgUoz89PhDzd7oG6+6HjuT3hqvl0bw8m5cP5veNr/Rtni8PjU+WjnU7eehxW1v0/8wffd2ODlhznteC3qX/Q+9aff/3zQH3umV6cbpecQDrz1kcelez/j/bhTiA9ef8D72r1v+/aqNy3eNejQ9vAvce53/oXfo/9KR2n+vfsCvxbcTSdZKNEuqKVr64m18vrEOEkW6MDbWOK6N9EV0Mo9DuX7WIc+XZu260299MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfFfAAAA//8Nzuax")
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001500)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x4, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
r6 = getuid()
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000005e000100"/20, @ANYRES32, @ANYRES8=r7], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000980)={r4, 0xe0, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x4, 0x2, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0], 0x0, 0xb3, &(0x7f0000000340)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000380), &(0x7f00000004c0), 0x8, 0x95, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000009c0)={{{@in6=@empty, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@dev}, 0x0, @in6=@initdev}}, &(0x7f0000000ac0)=0xe8)
sendmsg$nl_xfrm(r5, &(0x7f0000000b40)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000b00)={&(0x7f00000010c0)=@polexpire={0x288, 0x1b, 0x400, 0x70bd2d, 0x25dfdbfb, {{{@in=@loopback, @in=@loopback, 0x4e24, 0x0, 0x4e22, 0x9, 0xa, 0x60, 0x0, 0x87, 0x0, r6}, {0xffffffffffffffff, 0x6, 0x1, 0x5, 0x3, 0x800, 0x8000000000000001, 0x8}, {0x5, 0x98, 0x100000001, 0x6}, 0x40, 0x6e6bb2}, 0x3}, [@address_filter={0x28, 0x1a, {@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@broadcast, 0x2, 0xe, 0x7}}, @etimer_thresh={0x8, 0xc, 0x6}, @offload={0xc}, @algo_auth={0x6d, 0x1, {{'sha512-avx2\x00'}, 0x128, "b0ac50ef2d974692768e6fa97e1f2f33a37b081c28dfbf796f3b9b9e6c5cae69fcfc5ec6e5"}}, @user_kmaddress={0x2c, 0x13, {@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@mcast2, 0x0, 0xa}}, @sa={0xe4, 0x6, {{@in=@rand_addr=0x64010100, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4e20, 0x6, 0x4e22, 0x5, 0x2, 0xa0, 0x20, 0x0, r8, r9}, {@in6=@local, 0x4d4, 0x3c}, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, {0x1000, 0x6f, 0x6, 0x7, 0x39, 0x6, 0x3, 0x6}, {0x4, 0x73d0, 0x3747, 0x6}, {0xfffff53f, 0xfffff6bd, 0x109}, 0x70bd2a, 0x0, 0xa, 0x4, 0x81, 0x4}}, @mark={0xc, 0x15, {0x8, 0x3}}]}, 0x288}, 0x1, 0x0, 0x0, 0x4004001}, 0x20004010)
quotactl_fd$Q_GETINFO(r1, 0xffffffff80000502, r9, &(0x7f0000000080))

1.253513129s ago: executing program 1 (id=402):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, 0x0, 0x10)

1.209896493s ago: executing program 4 (id=403):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r2, 0x0, 0x4ab}, 0x18)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[], 0x1c}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x14, r4, 0x6a98047402e98331}, 0x14}, 0x1, 0x0, 0x0, 0x8040}, 0x4886)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000440)={r2, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000000c0)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x9a, &(0x7f00000001c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000200), &(0x7f00000002c0), 0x8, 0x21, 0x8, 0x8, &(0x7f0000000300)}}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000c80)={'nat\x00', 0x0, [0x7, 0x0, 0x5, 0x0, 0x7fff]}, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000d40)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="000000000000000000000e000000e494dd7b5ee942939b6132a99fa51af167c7bd65dd32e52b35886e4c920a2bdab018f3e508fbc9d42a02ea75a9b7e6dab39e4b6f4f22b09a396647921e8ab570b222f69dfa84f43afc0f58ebab0656a1e1a36a3da5bc37cbe1f1dc520f751c02bb13f00b23d7827c79e172009645bce4ecef1403c82a0fd285a1cec052dede92678c167196eec62d2585bd6e81026967b9a9646f455dc23d18ae"], 0x14}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)=ANY=[@ANYRES32=0x0, @ANYBLOB, @ANYBLOB], 0x4c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000640)=0x14)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000006c0)={'wg1\x00'})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000700))
socket$packet(0x11, 0x3, 0x300)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'hsr0\x00', <r8=>0x0})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r8, {0x10}, {}, {0x3}}}, 0x24}}, 0x0)

1.139022968s ago: executing program 2 (id=404):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00'}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0)

1.138801238s ago: executing program 1 (id=405):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f16713d1cb80b3fa1bda74e3977b40e7af46b4c60b70d7a79ed5d8c48f52a50185980", 0x30)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

1.093951752s ago: executing program 2 (id=406):
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x84040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @perf_config_ext={0x5, 0x50}, 0xa002, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000001140012800c0001006d6163766c616e00dbff028008000500", @ANYRES32=r2, @ANYBLOB="080004007f0000000a000100aa"], 0x50}}, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd63"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.008870409s ago: executing program 4 (id=407):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0xa, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x80, 0x1}, 0x100004, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0xc, 0x80)
ioctl$USBDEVFS_REAPURB(r2, 0x4008550c, &(0x7f0000000080))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00'})
r5 = shmget$private(0x0, 0x3000, 0x54000000, &(0x7f0000ff8000/0x3000)=nil)
r6 = shmat(r5, &(0x7f0000ffd000/0x2000)=nil, 0x4000)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x2, 0x1)
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0xfffffffffffffffd, 0x1)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01ff400000009175ad00070000020900010073797a310000000014000000020a010000000000000000000000000420000000080a01020000000000000000070000000900010073"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
r9 = gettid()
ppoll(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
tkill(r9, 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYRESDEC=r6], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

672.175346ms ago: executing program 2 (id=408):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="1b000000000000000000efffffff0300000043c633c2a49207d1322aad848563b58e5b00573db83e83c91334", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xe, 0x17, &(0x7f0000000cc0)=ANY=[@ANYRESHEX, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b703000000000000850000006d000000bf09000000000000b609040012000000650006000d0000001801000020646c259af8ff000000002d9a00000000090000f8ffffffb702000008000000080000000000000015000000060000003d93000000000000b5030000000000008500000076000000000000000000000066c7b50a0c00"/157, @ANYRESHEX=r0, @ANYRES16=r0, @ANYBLOB="1b8d99829559e2fe4fb64d2c51533f09201164ccb7ebdd5df18a5116df7cf64f526d84ff49e14ec124fc3bce1c1e01a64d5fe494b70770b11fb050dc70ad6337d484b10d22d09e37b11eae0e1af942665239a9cd3cb1e435fe67167b12d85c5df761d936c4ee6ba0954cc61ac5c03ff4d94591dd6cd76a409c4a0e36b072d3485d9bd4e3ce962f1dade13ca9f1053fdb9f886cc82d9df4d822f7bacda90cbbed6eeb2ce05ff046f1987c6e343b3226f82d66825e37b1eee85edfe9b88b045a49ac6dc3bb629aad8e739e269028076de6d87adb4c4d53e73ed549b5631d08dfd191cb5d253920256950de2a2718977de8331d5961bdafa65c09797fa1977378328b43a2c1e4621cd39e00ec7ab4c32970176ba37ba787b857e4aed93bece26e6d1120fcd6ada7708c050f5a37cf71ff8e360ff6f9f455335aa2aeed9d9ee5b8a8a28a0d1d66e9902a54b52cfdaba40530677b0c25cf450923b8f4fa11ae026d4cd510e04c65254b2090e227bb81aba2e19ded0b285bb812a7628cbfd28bc4cde5e53b4bb12c5665873800c92f190e2b2cab72cc511fc42fade4ba5156ca8594f75e88e2b86ef8018b042f1333267aa89f2ca9b048bf6c6a6d017ce5c78fa19fb8c3d95562c078e47a62790e39547a34f4fed153f4d4fa2df9d21c5751850076df537e1b59a4340a624b55c9d5df8e8b3cbea371cfb18744c1146c98dac6085574a8f878fa6f8c02853074e3f1355b286910f450f6d5ebffc5971cdfbbf8a6c5208e412f7c11012feff73ce272d0ca8064aedfc98041aa39ad486cc9d86c3454b22eb059583e2abcfb10adba6fc8d85aef109c8c247ad7af6fa256447b1e477920be00fda17eb24459d906214c64ee0b8d5d39dd973743823dabe2f8063778faf54e22ec550aa97936a49e5adcf08c6a1b45c9d002b99c08843789dc3add7c4500b15d80ee21bdfbe1cb93c86b4f0cece63107561e6a522dfff31aab250c82d8a00105df75372b0c00b9c797ab87cf9679fe55b7c23a2bb880c570b0bfab27c39290d3b4218a0318dbda0ec54957c5db1667c04649f6980c2d59062272e29b7bf927ea84d1bff879dc3d83a1d40ded0182da2a56afac5d756064192c6ff690a5d5d7d4afb390827a7363bdad07c3668c9e9b6a8e7dcff93f0539ada0007aaf9c122f0c0503a06714898b7394e270ea1d88cf88111707e487c5748f4f51e3410ae533b25d708697ab4d6f8fd1f83f48b7908c617ba52937092908b3410d2fd35c1cae5a108b3fa8d0884c0519c87837063004451be0ab3d041ce4913bf9c1a8350ca552e736ec49c75c3a638788dee3adad7bbd8250332be0b4d5c6a4776ebc58c1f71153bb44b573bee11ad62cd1af64758d0d2e3a2d49d36f8d7999226f55b57bb54906e319a0b2f0818fa0cacdd7536e045c24d4e5bab1fc952c6590cfebbc399e4978b441f724105d6c3948ec8b3ba8a2d832443d2a657a58234a3176aca5c45b2f8d172790d7d7da735380ea2b84a4a62ac884aebd7c4c8fbb0f32073945e01cb6c333b1da5b8b5a02837f8e05eb5ab5a1dbb68be52829f6244e5beac55ec580488280a4096ab739578184ad0bab1bda84a9335c865c426a4e4ac99f056946d2bbdd8da758270165ea2612d7af380afc78db5135785519f515de85fdccea35e05e9d590b673814ca9f0104d21c9846a93177610d9cb969b37edfa6cf57046cae795f01027884babaf6130966794ab6fbd4a98bffc6f21ea0da210da4cba4b2987a6239e4a77f770de7558aafda70fa44854cbf802125e97a5dca7d4613d805cc854a4692e19b7d8f5e97b49dbcd2ee41f468e2076ff7172b089246cbc42b3cae824d696f4a2b1e41f0ced1010c26a31912f2c742e0119c488a32fea7adbd14775b4b5388c699575b550567f7e250aca063ffbaccbe08b4917c74651a0aff134439729aaf04c166ac97f95b48ec4839f0d7f72ede196aced166c7781452e082ef8a3839b5d7f9c00017550d302ba304b06139ad86e65d60af06eba0c174c16716017b7bb94a01e18c89f84f6f1a55babdf275a53e922daca419f1e445dd01ccf907a2fef9b8ea28f985761fee86e890cd291f88390ca18c6efb0442ddc296f9110b5fe834cf4f3f24baa39945abfba8f8b35b0d76e8c4640949e11732e5e7154d2cbb3909477e5f4d01e6a861f4c054c24ed57e717395714434d60671f67eca0095b0ac987b2ed931013563f52f3ab849ddbd7ab342bab897db123e27b687dbed20f60b68f5d0922be854ffd6fb1cc2719c2f310d39c22f83c0e5d553b41ceff6191841b2f0ce6521cbc561f155b2a2eb777db0c5147f1a89f7c86f08edb1a4697dee1fbfb5f1444224e6b2a398f787acb80ee6f73223887c10495c47750cc0bb7494ea87e172b76232857aa6adce7708f1b80760e273f705dae4e315cee0d50240731aafa84a6704269d9ef0f0f8dc50a23afe8455fb5476434e162458cdba4cabb7c6e0600e0777940ddcf115cc9372ec5d956089e84454033fa1662fe1dc06950d6675affd8e030b4db333cb2b9047c48dc9d5c2b131dd2da7b60065606ece2250d7f6f52d4f68573d3c7fbcac799fa921b0738a9acfb4520fda2f99e2d233ab16a12132bac89fed65c21897b1cc603ae0762c8ddf4bf0f5669b12af00e847bbe2c213a9b7528d1b75829126a35ee45ffb20b1aa07fa6eb41191251c92602539e0edfaf033c00a57c8c97c2e91cbb65b4531ffd05239cf74238e5f60ad6ee2f80b96ac90897fde8277413f9822ad23bb2f61a88f960434d797a084a6c112b17b8c670b2248208fff362ccf5d08d0acfa6e513319771bcecc9eb1f1d173e86688dbf0d67d16fc6bcc517f42c75c7d1b85583dad3ec1bd0d6235cf50b37de294ed6717e0626b75ce4d52afbbbbea9ecf7c3b4bf9a35ba2a8f4ef929035982498eac28782bfebaab6544d963de8f62e98edaa89e398829c4b6c991bff16b6bd85ff915580c3c9bf8957ec54852a41da858eb98c8ae697c311800598a700adfef81c73e9bdaaec2d4dd79ec790d303c2371c3a5435a81afb866421e77810f0a3f3940c949ce08339fba31806c05fd5db3de2b39330b4a8cb9b1d96ef8004097febad67ad26d0637e222373f9897c231e0b122a19d06ebf0c40c357caf55c8719c63cfde15177f5b8cffa3888f63648ac8a2f2b517c8a3cd217576f3e1a8101724e9b1a2d07255db93fb47e424ae8581fa0746ed222f906920cb42899f44e8718f2b06fe01f1ff623ef93dcdb7d1e2a85d44df5c8f9545a7150b230677e9b91ecde4296eaf4440b60c94593e0838911e8c7d2e947dc7e1361ee056a71ee0aa342d94fb48be9f19ff93059488b30cba928a9e395f2df69071ec2c9f952846607487093f52f3b88749bce5e343863d390f5c386e649ac6edcc95af48d9f2df142d1e487f4314a63f88352c4a0a1a325898f4c1445801f36af388b0b7d47a0a33208875483d5c6ea7c48b801dfae8731d06abacc23933b051c547489bf86a889646adaedd43dc287c14d27b646e9f198ba6b78c25cae8b5971636ce18b5ea588976ee56a1c2541b04b4729e020eb6cac4cb8ce94cd1afe595e2c2e6242dea3f8573b18ab0b1b63ab79e41484f5683116fbabd321111870b5232bfb873460823e31dc0160b500eb4275e97086df00c4866c3ee74d93ca036c5fd92c67f784b1f6717771a3c2bfc4f37a7e2d4084ac394b87bec7328d61c9abaead5c6529993fadae3e1611fa75554aded56c1578b50e6e05d6c5abdfeed2972a1c8fbef0c46efcf828df860d69089719931da78bca88231fdabf8f10d7c9ccff44f0ecdf9fb759e20f8ede69c543e8f63990785f0372e27eb89640e00dbb5ead8dc9bd9986af3430c8872eb6e13e2733692b1251505aac4c9c8615420ae6dd8348b1499dbefae13cad008556f88f0f926d0784e84cbe7a64d55099fe4ddaea7be764bfd0a1ef762c38653542f3eb62d78150a25ccc5ac616624d42c4dc8923b8baa76c4febc4b930c2e7d102638f666df32534102a97cbebbb0b2cb1328b28148c40dfc4fa81c6f9bada017b9af061269f8dabaa426d0a1611ece076e4b9ca85873356d979fbc1647a6e3713ac81bfce9e403841a6b76a33828b0bdaf4caafbb2f889c7cf651a05be4195c96d332ddf7f362229e744e80e4bffbc8cdeae71cf9079988197ad42b66f92a741afac969c6309e3977106b60828cf223d1492e4b07b80289cbe469792bef4b8b701c9630f97cebfdf6fd5a3f29f44e6d7763501bf08d5eb9b27e419c7e31237a468c6edf60d50d52ea41e4837088c14605752f3f471e7884cc88f0f082eb29d36fc537573233e8436e57d2bfe0e60489c97df907b64b0a10280555bf30f150227f87634b70e070ee5640847e25a984447f8ebc01c9dad4b192b5b32f39d1262752f3e2d66f3e6d61cb31a7cd7ec74ea71b7af44e8e5401d0894d3ac4452ebdf8fbd99032ae9a0b29bf0b90f66c379b7f508362a4ebca257599c3e5e94634e2410cc6373f982cb5689c417dbdde4231ad279a4092b6245b5aa7506abff85662bd8792dd629b27481e3452c55cea2e2cb8d6e4a578162295c7d2b7bd199e989eed9926930d2173cd7b3ed9536f50f09b2a7a42b4c04d883adcc264f95268097b5cd780fa69ae0e35e9833ba260773ec0345210586e2350c1edf2a19ac793ff672b0b485e2578d797d8873e6a6ea8192c0ae12a23e5e5fbf081ca1d8c03886814bb6a08a42c70e25e5b6083b1a25bb706922c6664e69322290dac5021c02b252eda3c0f9e4f6ed05ebdfd50301704896b25742cdd5dbed3fe3d02baa7d305e4fc909b06dccbcfdff65e9ce4145127937182d485fc48ed56065b1583c5c0b854089ee2e0eacf9810fe359f318ed1a55160947397ee4bcbd90c7a621d077677b844ad4817fb663144cf069d145b81d1e437d8a2405c62e9cf7e21972f142ad659663f6457a47416575bd66e8a21f19c2aa379e163d54f3ca9104a718f7aae53694d31fead20abb4b0abd95110e5de1164d14846be9cf47148964f6358660859a2b2db2e1b7a1e9ec28939fd5d011d54852339743a9466de7b6162bcf1b8965df3a59c27785b1d61d1f9e77f245db6f7d7d58c1ebb2395bace9b11d9a21f30d37f324d1f9a45c5bca075134f91d49249ed6b334f6c4ee56ee6552b46ee40b3022e5ddaeaac841090a6176d95d57a87b90a6dc50e940e9317d9f01f63f2a3454378b5f10937d06d285d445d9b9901ea693d98882d9fe1b3a96dc290eb5360c7a2cb79b288566e5d8a383ad7ab0aea863dc65f60273c668aba33155954d7d9a1af8fdd32b232730bfcf4f83d2d2726816172d9b6c3c6fc8f3e3cccf49a547367257e6bb03f18a26e7cf212ac8cef4c58f1851774cb3e3fd7d00f0a532abcd0dd35742159da2420381cb966cba229b55136855a89c0d4949141348a5bf0bb77a0b5f272bc600848b5daacf69f3c0f610986f81d1fdfdb38a8a69baebb4c7876c6bf7233ad0c1825d2a3f0b71f4c7b02976e94b3845d780869157e8d67b5e9586792b119777cae91c7bd05bedd69b15ce8cc2f393f050e91690b8128e28b21d802efcec5d8cdb2c17e75753450a21594fffc490be1576e1e6490516bf1adbd5a2d0f9717d598cbef4f84082ac0e01b6a65500ef0eedf65b32c3188763d9152ddf06a3a57fa670408366ab191b13d682901342111b1b8af7a6061034f0ec0f3e8dfd56a10bb96ad9694a03d726c25282519b88613df472d646e47886c75ca9365c41135", @ANYRES32=r0], &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f0000000280), 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'veth1_to_batadv\x00'})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000010240), 0x5a)
write(r3, &(0x7f00000009c0)="3bf58d7d45d32cfe1da7c797b82f16713d1cb80b3fa1bda74e3977b40e7af46b4c60b70d7a79ed5d8c48f52a50185980", 0x30)
sendfile(r3, r2, 0x0, 0x3ffff)
sendfile(r3, r2, 0x0, 0x7fffeffd)

628.18642ms ago: executing program 3 (id=409):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000007900)={0x0}}, 0xfeb11bdd49a3dcc5)
syz_io_uring_setup(0x2915, &(0x7f0000000240)={0x0, 0xf36c, 0x10100, 0x40000, 0x29f}, &(0x7f0000000100), &(0x7f0000000140))
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x1008014, &(0x7f0000000000)=ANY=[], 0x3, 0x7e4, &(0x7f0000001f80)="$eJzs3U2IG/fZAPBn1rv+2IAJeV/8BuM4YycvOOBstNpk8y4+JIp2dj2JVlok7YtNKWmI12HJOglJQxtfElNI2tJSempvaa659dZSaKGFpqdCc+ilt0BOJYV+kVAKW2YkrbXr/XD8mY/fT1j/0eiZ+T8zkufRaKW/AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIpD5bqUwm0cibS2fS7dVn262FHe4frO9XG5oNHt/Qb0RS/Iv9++Pjv/fm/ffluw8VV8fjSO/WkdhfNPvj4h2H7jz1X6Mjg+V3SOhaHbvKuCTix/1kV5df3nzvvhuf2E303V986kU+WSuu57Nm3ol8oTafpXmnlc5MT1ceOj3XSefyRtY52+lmC2m9ndW6rXZ6ov5AOjkzM5VmE2dbS8352VojG8x89MFqpTKdPjmxmNXanVbzoSejUz+dNxp5c76MqVa+EUXMo8UT8am8m3az2kKanl9ZXZ7aLdUiaHLjrD1x+To9cv+dH776wd9Wlosn5HYrSfqPdXVyslqdnH5k5pFHK5XRaqW6YcaeiKgMi/WIGIkoFrkpT1o+R27g0Ruuz0i//kcj8mjGUpyJdIvLWNRjNtrRioXi9h/HrojoG9T//33oL7/fqd/h+j+o8ndfvvtwlPX/aO/W0e3q/5a53srLK/FaXIzn45lYjdVYjpdve0a7XEaudw3JhlvzkUUz8uhEK/JYiFo5J+3PSWMmpmM6KvF0nI656EQac5FHI7LoxNnoRDey8hlVj3ZkUYtutKIdaZyIejwQaUzGTMzEVKSRxUScjVYsRTPmYzZq5VrOx0q536c2ZXnoQPz8uT98+HYxvR40udNmvVG8kIvl+OsOQZvL/RX1f3S49q+tFa8XNkeo/192N+EoDtdmbVD/AQAAgC+spHz3vTj/H4t7yqm5vJF9ZcdFPlkr3bokAQAAgOtS/uX/SNGMFVP3RFKc/1e2iHz/lucGAAAA3BhJ+R27JCLG497e1PlYiTdiObZ6EwAAAAD4HCr//n+0aMYjXi9nDIZLcf4PAAAAXxDf3m6M/Q8GY+x2FvclvxyLiLHk0uKZ+5MLtSKudmFPb7l+8//ra+zOHU4O9ldSNtOjF+9IImK0nh1JBqNf/ntfr/2ovD48ur74dmP9J+32jgnEzgmUt+J7cawXc+xc2dzRX2Q06fUyPpc3sol6q3GqHBKx+Nd99YWVb0YUvX+nuXAwifMrq8sTz764eq7M5VKx+KUL/QEUrxhHcYdc1vp7IO7ZeovHyi9i9Psd7/VbGd7+kd7iIzv3mQz3+WYc78UcH++144N7en3uL/qcnDg1GbXawZFudqb76trQ1vezmFzf8rFr2vI3475ezH0n7us1W2RR3ZDFC1dmUR3e/1e3LwbPsl2zePvY62f++dtWkk3tlsXUVlmMbp3F2p6IzfsC4HY5X476c7kKHSir0L/W+kP8JEn06m5RrGq9gL5djrXFUe4fl3tZf5VxYKw3NVTrRmNzdb98BL266r4WvSN634ne64nRw1vUlcoWR/SXVl56r39Ef/jdH/3kq0d/99Oy32uqbu/GA72YfhN3/XpTFqfeW9pbZFFs8/c3VdV3iiXe2bbfTqOaxKWIPV+/8FIceuW1iw+uXHjmueXnll+oVqemKw9XKo9U9256gLbNFIAvr91/Y2fbiEGdSR7edFYd5zbW3bvWP1IwEc/Gi7Ea5+Jk+W2DiLh3637Hhz6GcHKXs9bxoV94ObnLueXl2OqVsUlsEzs1tMf+54dl8/FNeTgA4JY4vkUd/k3/h213qf/r78yfjBO9iG3OuzfW8k1nx7F9Ld/K/928XQEAXxpZ+6NkvPtW0m7ni09PzsxM1rqns7Tdqj+VtvPZ+Szd2+xm7frpWnM+SxeLU/764I3j2ayTdpYWF1vtbjrXaqcx0snPlL/8nnb292MWas1uXu8sNrJaJ0vrrWa3Vu+ms3mnni4uPdHIO6ezdrlwZzGr53N5vdbNW82001pq17OJNO1k2VBgPps1u/lcXkw208V2vlBrX4qIxtJCls5mnXo7X+y2eisc9JU351rthXK1E1du/p9v5b4GgM+KV167+Pwzq6vLL1/bxJ+uJvh2byMAsJEqDQAAAAAAAAAAAAAAn33rn/+/czBRzL2ObwR+uol9cXXBY3Edfa31h9G9+ZvzmZq4YpP7Iy/H7U7sVk587bHHnh+ac2A45onX7z59deuJq/2mbLx1MGLvz37Qm/P49sHfuqGPxfsR1/IfZC3ZIWbDYWLvLTwkAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC2/hMAAP//oXlTQQ==")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xf, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0x3}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

557.950075ms ago: executing program 4 (id=410):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socket(0xa, 0x3, 0x3a)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000110000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x91)
newfstatat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x4000)
setreuid(0x0, r4)
setrlimit(0x40000000000008, &(0x7f0000000000))
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f00000001c0)={0x200000000000001}, 0x8)
sendto$inet6(r5, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x66, &(0x7f00000068c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd6007000000303a00fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)
socket$key(0xf, 0x3, 0x2)
lseek(0xffffffffffffffff, 0x80000000457, 0x0)

476.755372ms ago: executing program 3 (id=411):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}, 0x1, 0x0, 0x0, 0x1}, 0x8010)

441.596705ms ago: executing program 3 (id=412):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000e000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)

440.925775ms ago: executing program 0 (id=413):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000480)=ANY=[], 0x8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x2000, 0x0, @mcast2, 0x5}, 0x1c)
sendto$inet6(r1, &(0x7f0000000100)="40b033", 0x3, 0x20000880, 0x0, 0x0)

429.790056ms ago: executing program 4 (id=414):
syz_open_dev$loop(&(0x7f0000000040), 0x4000000000007, 0xc0041)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
mount_setattr(0xffffffffffffffff, 0x0, 0x8000, &(0x7f00000000c0)={0x1, 0x89, 0x100000}, 0x20)

374.69369ms ago: executing program 0 (id=415):
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x84040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @perf_config_ext={0x5, 0x50}, 0xa002, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd63"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (fail_nth: 3)

315.308615ms ago: executing program 4 (id=416):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, 0x0, 0x10)

126.79823ms ago: executing program 0 (id=417):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa2000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x80000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kfree\x00', r1, 0x0, 0xfffffffffffffbff}, 0x18)
ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000380)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@max_batch_time={'max_batch_time', 0x3d, 0x131}}, {@mblk_io_submit}, {@quota}]}, 0x3, 0x437, &(0x7f0000000d80)="$eJzs281vG0UbAPBn7aR9+/UmVOWjaYFAQUR8JE1aSg9cikDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xROIv4AQXBJyQuMIdVapQLi2cjNbeTRzHdhPHiQP+/aRtZ3bHmnm8M/bMThxAzxpO/0kiDkbEbxExUM2uLTBc/e/u8uLUX8uLU0mUy2/+mVTK3VlenMqL5q87kGf6IgqfJnGsQb3z165fmiyVZq5m+bGFy++NzV+7/tzs5cmLMxdnrkycPXv61PgLZyae70icaVx3hj6cO3701bdvvj51/uY7P32T5PHXxdGmvrr8cKvCT5bLW6xudzlUk07q3wl2rWLWcfsr438gijXdeCBe+aSrjQO2VblcLj/Q/PJSGfgPS6LbLQC6I/+iT9e/+bFDU49d4fa56gIojftudlSv9EUhK9Nft77tpOGIOL/095fpEZ15DgEA0NJ36fzn2Ubzv0LUPhf6f7aHMhgR90XE4Yg4ExFHIuL+iErZByPioU3WX79Jsn7+U7jVVmAblM7/Xsz2ttbO//LZXwwWs9yhSvz9yYXZ0szJ7D0Zif69aX68RR3fv/zr582u1c7/0iOtP58LZu241bd37WumJxcmtxJzrdsfRwz1NYo/WdkJSCLiaEQMtVnH7NNfH2927d7xt9CBfabyVxFPVe//UtTFn0ta70+O/S9KMyfH8l6x3s+/3HijWf1bir8D0vu/v2H/X4l/MKndr53ffB03fv+s6Zqm3f6/J3lrzbkPJhcWro5H7Eleqza69vxEXbmJ1fJp/CMnGo//w7H6ThyLiLQTPxwRj0TEo1nbH4uIxyPiRIv4f3zpiXfbj397pfFPb+r+ryb2RP2ZxonipR++XVPp4GbiT+//6UpqJDuzkc+/jbSrvd4MAAAA/z6FiDgYSWF0JV0ojI5W/4b/SOwvlObmF565MPf+lenqbwQGo7+QP+kaqHkeOp4t6/P8RF3+VPbc+Ivivkp+dGquNN3t4KHHHWgy/lN/FLvdOmDb+b0W9C7jH3qX8Q+9y/iH3tVg/O/rRjuAndfo+/+jLrQD2Hl149+2H/QQ63/oXQ3G/7lutAPYeb7/oSfN74t7/0heQmJdIgq7ohkS25To9icTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wTAAD//+e45xo=")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0)
ftruncate(r3, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmmsg(r5, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{0x0}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2}}], 0x1, 0x700, 0x0)
sendfile(r4, r3, 0x0, 0x578410eb)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
write$binfmt_misc(r3, &(0x7f0000000480)="ddea613bc1978861e5c37e396a2fb889293fffede8b42c9ba248676f19a40c7f6b0bdf33f89ca57b7425066f6a6a448153442d640d86023908af8dd9d080d2ac25abab129930ddc58bbb030ad56d2eae23d72eb3f4fce5a1fb9a20eef8802c918862df85d613da6ffa0a238ca6e38c676985a26ad262b3c3cf855d14e193a2fade32196090739ad434c135990fc75d7010ddb79ca6f76d9c88154209f9a2db55f5302634cd02184efa3c2b17fc75c68e90c0f99cdde1", 0xb6)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x6, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r6}, &(0x7f0000000080), &(0x7f0000000240)=r8}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r7, 0x18000000000002a0, 0xd50, 0x0, &(0x7f0000000580)='wvh', 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x33)

126.23046ms ago: executing program 3 (id=418):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/pm_wakeup_irq', 0x40, 0x101)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
removexattr(&(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f00000006c0)=@known='com.apple.FinderInfo\x00')
io_setup(0x8, &(0x7f00000001c0)=<r0=>0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/disk', 0x1, 0x20)
io_submit(r0, 0x1, &(0x7f0000000400)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000140)="2a22cab1fd28", 0x6}])
syz_emit_ethernet(0x2a, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0xffffffff, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xc, 0xffffffff, &(0x7f0000000280))
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x5f}, 0x18)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000200), 0x10)
sendmsg$can_bcm(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="050000000300"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB='\x00\x00\x00\x00\t'], 0x48}, 0x1, 0x0, 0x0, 0x4044084}, 0x8080)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x79ab, 0x8, 0x8000, 0x400250}, &(0x7f00000003c0)=<r6=>0x0, &(0x7f0000000400)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r2, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r5, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)

57.052396ms ago: executing program 4 (id=419):
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x1ff, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xfffffffd, 0x0, 0x8}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0xa)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

55.038316ms ago: executing program 1 (id=420):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000e00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
mount_setattr(0xffffffffffffffff, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000001dc0)={0x0, 0x0, 0x80000}, 0x20)

0s ago: executing program 1 (id=421):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="09030000000000fdff072000adce04000280"], 0x18}, 0x1, 0xf000000}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000280)=""/130, 0x82}], 0x1, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x3af4701e)
sendfile(r4, r2, 0x0, 0x10000a007)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, @fallback=0x2c, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r11}, 0x10)
pipe2(&(0x7f0000001cc0)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r12, @ANYBLOB=',wfdno=', @ANYRESHEX=r13, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=','])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r9, 0x0, 0xffffffffffffffff}, 0x18)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c094, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r14 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r14, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.152' (ED25519) to the list of known hosts.
[   28.467122][   T29] audit: type=1400 audit(1754684448.999:62): avc:  denied  { mounton } for  pid=3289 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   28.468394][ T3289] cgroup: Unknown subsys name 'net'
[   28.489976][   T29] audit: type=1400 audit(1754684448.999:63): avc:  denied  { mount } for  pid=3289 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   28.517404][   T29] audit: type=1400 audit(1754684449.039:64): avc:  denied  { unmount } for  pid=3289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   28.683828][ T3289] cgroup: Unknown subsys name 'cpuset'
[   28.690192][ T3289] cgroup: Unknown subsys name 'rlimit'
[   28.821557][   T29] audit: type=1400 audit(1754684449.349:65): avc:  denied  { setattr } for  pid=3289 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   28.844929][   T29] audit: type=1400 audit(1754684449.349:66): avc:  denied  { create } for  pid=3289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   28.865445][   T29] audit: type=1400 audit(1754684449.349:67): avc:  denied  { write } for  pid=3289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   28.885841][   T29] audit: type=1400 audit(1754684449.349:68): avc:  denied  { read } for  pid=3289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   28.890146][ T3292] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   28.906176][   T29] audit: type=1400 audit(1754684449.349:69): avc:  denied  { mounton } for  pid=3289 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   28.924565][ T3289] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   28.939656][   T29] audit: type=1400 audit(1754684449.349:70): avc:  denied  { mount } for  pid=3289 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   28.971736][   T29] audit: type=1400 audit(1754684449.459:71): avc:  denied  { relabelto } for  pid=3292 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   30.198304][ T3301] chnl_net:caif_netlink_parms(): no params data found
[   30.265476][ T3302] chnl_net:caif_netlink_parms(): no params data found
[   30.308230][ T3304] chnl_net:caif_netlink_parms(): no params data found
[   30.329704][ T3299] chnl_net:caif_netlink_parms(): no params data found
[   30.364503][ T3303] chnl_net:caif_netlink_parms(): no params data found
[   30.383418][ T3301] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.390607][ T3301] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.397880][ T3301] bridge_slave_0: entered allmulticast mode
[   30.404746][ T3301] bridge_slave_0: entered promiscuous mode
[   30.428716][ T3301] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.436070][ T3301] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.443841][ T3301] bridge_slave_1: entered allmulticast mode
[   30.450268][ T3301] bridge_slave_1: entered promiscuous mode
[   30.468807][ T3302] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.475909][ T3302] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.483198][ T3302] bridge_slave_0: entered allmulticast mode
[   30.489647][ T3302] bridge_slave_0: entered promiscuous mode
[   30.515901][ T3302] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.523033][ T3302] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.530255][ T3302] bridge_slave_1: entered allmulticast mode
[   30.536677][ T3302] bridge_slave_1: entered promiscuous mode
[   30.554290][ T3301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   30.582190][ T3301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   30.594248][ T3304] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.601340][ T3304] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.608973][ T3304] bridge_slave_0: entered allmulticast mode
[   30.615498][ T3304] bridge_slave_0: entered promiscuous mode
[   30.623362][ T3302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   30.632769][ T3299] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.639996][ T3299] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.647523][ T3299] bridge_slave_0: entered allmulticast mode
[   30.654119][ T3299] bridge_slave_0: entered promiscuous mode
[   30.668174][ T3304] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.675399][ T3304] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.682587][ T3304] bridge_slave_1: entered allmulticast mode
[   30.689144][ T3304] bridge_slave_1: entered promiscuous mode
[   30.696599][ T3302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   30.711476][ T3299] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.718625][ T3299] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.726029][ T3299] bridge_slave_1: entered allmulticast mode
[   30.732489][ T3299] bridge_slave_1: entered promiscuous mode
[   30.745094][ T3301] team0: Port device team_slave_0 added
[   30.771585][ T3301] team0: Port device team_slave_1 added
[   30.783899][ T3303] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.791093][ T3303] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.798294][ T3303] bridge_slave_0: entered allmulticast mode
[   30.804984][ T3303] bridge_slave_0: entered promiscuous mode
[   30.817260][ T3304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   30.827159][ T3302] team0: Port device team_slave_0 added
[   30.849200][ T3303] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.856403][ T3303] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.863852][ T3303] bridge_slave_1: entered allmulticast mode
[   30.870267][ T3303] bridge_slave_1: entered promiscuous mode
[   30.877496][ T3304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   30.887473][ T3302] team0: Port device team_slave_1 added
[   30.899605][ T3299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   30.909395][ T3301] batman_adv: batadv0: Adding interface: batadv_slave_0
[   30.916384][ T3301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   30.942339][ T3301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   30.954017][ T3301] batman_adv: batadv0: Adding interface: batadv_slave_1
[   30.961049][ T3301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   30.987037][ T3301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   31.013581][ T3299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   31.036312][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_0
[   31.043458][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   31.069511][ T3302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   31.081053][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_1
[   31.088068][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   31.114074][ T3302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   31.136500][ T3303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   31.146347][ T3304] team0: Port device team_slave_0 added
[   31.153115][ T3303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   31.175625][ T3299] team0: Port device team_slave_0 added
[   31.183008][ T3299] team0: Port device team_slave_1 added
[   31.194472][ T3304] team0: Port device team_slave_1 added
[   31.217943][ T3299] batman_adv: batadv0: Adding interface: batadv_slave_0
[   31.225035][ T3299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   31.250990][ T3299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   31.267478][ T3303] team0: Port device team_slave_0 added
[   31.275481][ T3301] hsr_slave_0: entered promiscuous mode
[   31.281554][ T3301] hsr_slave_1: entered promiscuous mode
[   31.300725][ T3299] batman_adv: batadv0: Adding interface: batadv_slave_1
[   31.307735][ T3299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   31.333808][ T3299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   31.350503][ T3303] team0: Port device team_slave_1 added
[   31.372610][ T3302] hsr_slave_0: entered promiscuous mode
[   31.378611][ T3302] hsr_slave_1: entered promiscuous mode
[   31.384509][ T3302] debugfs: 'hsr0' already exists in 'hsr'
[   31.390265][ T3302] Cannot create hsr debugfs directory
[   31.396108][ T3304] batman_adv: batadv0: Adding interface: batadv_slave_0
[   31.403369][ T3304] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   31.429299][ T3304] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   31.446665][ T3303] batman_adv: batadv0: Adding interface: batadv_slave_0
[   31.453700][ T3303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   31.479678][ T3303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   31.491228][ T3304] batman_adv: batadv0: Adding interface: batadv_slave_1
[   31.498519][ T3304] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   31.524613][ T3304] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   31.547670][ T3303] batman_adv: batadv0: Adding interface: batadv_slave_1
[   31.554843][ T3303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   31.580953][ T3303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   31.634335][ T3299] hsr_slave_0: entered promiscuous mode
[   31.640387][ T3299] hsr_slave_1: entered promiscuous mode
[   31.646365][ T3299] debugfs: 'hsr0' already exists in 'hsr'
[   31.652117][ T3299] Cannot create hsr debugfs directory
[   31.662334][ T3303] hsr_slave_0: entered promiscuous mode
[   31.668436][ T3303] hsr_slave_1: entered promiscuous mode
[   31.674479][ T3303] debugfs: 'hsr0' already exists in 'hsr'
[   31.680212][ T3303] Cannot create hsr debugfs directory
[   31.700637][ T3304] hsr_slave_0: entered promiscuous mode
[   31.706803][ T3304] hsr_slave_1: entered promiscuous mode
[   31.712681][ T3304] debugfs: 'hsr0' already exists in 'hsr'
[   31.718456][ T3304] Cannot create hsr debugfs directory
[   31.919124][ T3301] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   31.928163][ T3301] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   31.939719][ T3301] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   31.951111][ T3301] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   31.969959][ T3302] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   31.979123][ T3302] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   31.992550][ T3302] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   32.002220][ T3302] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   32.031306][ T3299] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   32.044314][ T3299] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   32.053696][ T3299] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   32.068479][ T3299] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   32.107635][ T3304] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   32.117305][ T3304] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   32.128796][ T3304] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   32.148303][ T3304] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   32.170262][ T3301] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.190719][ T3303] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   32.209077][ T3303] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   32.217898][ T3303] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   32.228386][ T3301] 8021q: adding VLAN 0 to HW filter on device team0
[   32.237497][ T3303] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   32.254684][ T1895] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.261844][ T1895] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.280892][ T3302] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.297923][ T3299] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.307169][  T270] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.314295][  T270] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.328248][ T3302] 8021q: adding VLAN 0 to HW filter on device team0
[   32.350065][  T270] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.357189][  T270] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.383065][ T3299] 8021q: adding VLAN 0 to HW filter on device team0
[   32.393098][  T270] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.400194][  T270] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.416286][  T270] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.423391][  T270] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.441909][  T270] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.449066][  T270] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.463109][ T3303] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.500088][ T3303] 8021q: adding VLAN 0 to HW filter on device team0
[   32.512499][ T3299] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   32.523076][ T3299] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   32.547519][ T3304] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.572698][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.579865][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.592826][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.600861][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.632017][ T3304] 8021q: adding VLAN 0 to HW filter on device team0
[   32.652365][ T3303] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   32.665958][ T3301] 8021q: adding VLAN 0 to HW filter on device batadv0
[   32.682336][ T3299] 8021q: adding VLAN 0 to HW filter on device batadv0
[   32.720407][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.727565][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.738835][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.746049][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.778860][ T3302] 8021q: adding VLAN 0 to HW filter on device batadv0
[   32.808557][ T3303] 8021q: adding VLAN 0 to HW filter on device batadv0
[   32.871250][ T3304] 8021q: adding VLAN 0 to HW filter on device batadv0
[   32.910930][ T3301] veth0_vlan: entered promiscuous mode
[   32.944435][ T3301] veth1_vlan: entered promiscuous mode
[   32.969306][ T3299] veth0_vlan: entered promiscuous mode
[   32.992535][ T3303] veth0_vlan: entered promiscuous mode
[   33.008664][ T3303] veth1_vlan: entered promiscuous mode
[   33.017397][ T3301] veth0_macvtap: entered promiscuous mode
[   33.035413][ T3299] veth1_vlan: entered promiscuous mode
[   33.045577][ T3301] veth1_macvtap: entered promiscuous mode
[   33.065380][ T3304] veth0_vlan: entered promiscuous mode
[   33.085505][ T3301] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.096009][ T3304] veth1_vlan: entered promiscuous mode
[   33.112008][ T3301] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.130297][   T37] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.139706][ T3303] veth0_macvtap: entered promiscuous mode
[   33.149815][ T3303] veth1_macvtap: entered promiscuous mode
[   33.156776][   T37] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.166047][   T37] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.175478][   T37] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.184427][ T3302] veth0_vlan: entered promiscuous mode
[   33.192277][ T3299] veth0_macvtap: entered promiscuous mode
[   33.199811][ T3299] veth1_macvtap: entered promiscuous mode
[   33.212283][ T3302] veth1_vlan: entered promiscuous mode
[   33.234211][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.254881][ T3299] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.264932][ T3299] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.275560][ T3301] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   33.287177][ T3302] veth0_macvtap: entered promiscuous mode
[   33.298770][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.317048][ T3302] veth1_macvtap: entered promiscuous mode
[   33.330964][ T3427] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.341340][ T3304] veth0_macvtap: entered promiscuous mode
[   33.363851][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.373538][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.386111][ T3427] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.403279][ T3304] veth1_macvtap: entered promiscuous mode
[   33.433913][ T3427] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.451487][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.471408][ T3427] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.488228][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.513686][ T3427] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.522664][  T270] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.534378][   T29] kauditd_printk_skb: 25 callbacks suppressed
[   33.534395][   T29] audit: type=1400 audit(1754684454.069:97): avc:  denied  { create } for  pid=3476 comm="syz.3.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   33.555927][ T3481] loop4: detected capacity change from 0 to 512
[   33.581932][ T3478] loop3: detected capacity change from 0 to 512
[   33.589203][ T3478] EXT4-fs: Ignoring removed mblk_io_submit option
[   33.603986][  T270] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.607646][ T3481] EXT4-fs: Ignoring removed mblk_io_submit option
[   33.614612][ T3478] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   33.632252][ T3478] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   33.653896][   T29] audit: type=1400 audit(1754684454.069:98): avc:  denied  { create } for  pid=3480 comm="syz.4.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.674077][   T29] audit: type=1400 audit(1754684454.099:99): avc:  denied  { ioctl } for  pid=3476 comm="syz.3.4" path="socket:[4568]" dev="sockfs" ino=4568 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   33.699293][  T270] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.714627][ T3484] loop0: detected capacity change from 0 to 512
[   33.718794][  T270] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.721605][ T3481] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   33.731878][  T270] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.750662][ T3484] EXT4-fs: Ignoring removed mblk_io_submit option
[   33.751412][  T270] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.769623][  T270] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.769642][ T3478] EXT4-fs (loop3): 1 truncate cleaned up
[   33.770058][ T3478] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.784565][  T270] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.805201][  T270] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.814413][  T270] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.823307][  T270] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.834890][   T29] audit: type=1400 audit(1754684454.369:100): avc:  denied  { mount } for  pid=3476 comm="syz.3.4" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   33.858970][ T3481] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   33.873682][   T29] audit: type=1400 audit(1754684454.409:101): avc:  denied  { add_name } for  pid=3476 comm="syz.3.4" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   33.894027][   T29] audit: type=1400 audit(1754684454.409:102): avc:  denied  { create } for  pid=3476 comm="syz.3.4" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   33.922385][   T29] audit: type=1400 audit(1754684454.459:103): avc:  denied  { read open } for  pid=3476 comm="syz.3.4" path="/0/bus/bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   33.929489][ T3491] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2'.
[   33.953974][ T3491] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2'.
[   33.956603][   T29] audit: type=1400 audit(1754684454.459:104): avc:  denied  { prog_run } for  pid=3476 comm="syz.3.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   33.974811][ T3484] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   33.981524][   T29] audit: type=1400 audit(1754684454.459:105): avc:  denied  { create } for  pid=3488 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   33.991694][ T3481] EXT4-fs (loop4): 1 truncate cleaned up
[   34.011567][   T29] audit: type=1400 audit(1754684454.459:106): avc:  denied  { write } for  pid=3476 comm="syz.3.4" name="bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   34.033211][ T3491] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2'.
[   34.040732][ T3481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.061424][ T3484] EXT4-fs (loop0): 1 truncate cleaned up
[   34.073457][ T3484] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.098113][    C0] hrtimer: interrupt took 47724 ns
[   34.128439][ T3491] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2'.
[   34.137301][ T3491] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2'.
[   34.157546][ T3491] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2'.
[   34.215826][ T3491] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2'.
[   34.215851][ T3491] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2'.
[   34.215893][ T3491] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2'.
[   34.406708][ T3509] loop1: detected capacity change from 0 to 1024
[   34.427623][ T3510] loop2: detected capacity change from 0 to 512
[   34.434410][ T3509] EXT4-fs: Ignoring removed orlov option
[   34.447419][ T3510] EXT4-fs warning (device loop2): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[   34.460928][ T3510] EXT4-fs (loop2): VFS: Found ext4 filesystem with unknown checksum algorithm.
[   34.478530][ T3293] udevd[3293]: incorrect ext4 checksum on /dev/loop2
[   34.502574][ T3509] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.515789][ T3293] udevd[3293]: incorrect ext4 checksum on /dev/loop2
[   34.594323][ T3507] lo speed is unknown, defaulting to 1000
[   34.606365][ T3507] lo speed is unknown, defaulting to 1000
[   34.615824][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.623545][ T3507] lo speed is unknown, defaulting to 1000
[   34.631202][ T3507] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   34.652821][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.667140][ T3507] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   34.700327][ T3513] 9pnet: Could not find request transport: "´ÞÒ” Ï¥=0xffffffffffffffff
[   34.704057][ T3507] lo speed is unknown, defaulting to 1000
[   34.742731][ T3517] loop1: detected capacity change from 0 to 512
[   34.751103][ T3507] lo speed is unknown, defaulting to 1000
[   34.764976][ T3507] lo speed is unknown, defaulting to 1000
[   34.784661][ T3507] lo speed is unknown, defaulting to 1000
[   34.790587][ T3517] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.12: casefold flag without casefold feature
[   34.804391][ T3507] lo speed is unknown, defaulting to 1000
[   34.812921][ T3517] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.12: couldn't read orphan inode 15 (err -117)
[   34.839176][ T3507] syz.2.9 (3507) used greatest stack depth: 10712 bytes left
[   34.854575][ T3517] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.875075][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.032167][ T3533] Driver unsupported XDP return value 0 on prog  (id 10) dev N/A, expect packet loss!
[   35.048908][ T3536] loop2: detected capacity change from 0 to 1024
[   35.067372][ T3536] =======================================================
[   35.067372][ T3536] WARNING: The mand mount option has been deprecated and
[   35.067372][ T3536]          and is ignored by this kernel. Remove the mand
[   35.067372][ T3536]          option from the mount to silence this warning.
[   35.067372][ T3536] =======================================================
[   35.150377][ T3536] EXT4-fs: Ignoring removed bh option
[   35.182928][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.230429][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.233688][ T3540] netlink: 24 bytes leftover after parsing attributes in process `syz.1.23'.
[   35.240713][ T3535] syz.3.20 (3535) used greatest stack depth: 10176 bytes left
[   35.284383][ T3536] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.380311][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.449603][ T3560] loop2: detected capacity change from 0 to 512
[   35.483287][ T3560] EXT4-fs: Ignoring removed mblk_io_submit option
[   35.511371][ T3560] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   35.553031][ T3560] EXT4-fs (loop2): 1 truncate cleaned up
[   35.559102][ T3560] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.797853][ T3569] netlink: 'syz.1.28': attribute type 1 has an invalid length.
[   36.087409][ T3589] loop1: detected capacity change from 0 to 512
[   36.124200][ T3589] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.33: casefold flag without casefold feature
[   36.181455][ T3596] loop0: detected capacity change from 0 to 512
[   36.200299][ T3589] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.33: couldn't read orphan inode 15 (err -117)
[   36.213203][ T3596] EXT4-fs: Ignoring removed mblk_io_submit option
[   36.239499][ T3596] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   36.265326][ T3589] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.286576][ T3600] loop4: detected capacity change from 0 to 512
[   36.310207][ T3596] EXT4-fs (loop0): 1 truncate cleaned up
[   36.316877][ T3600] EXT4-fs warning (device loop4): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[   36.330351][ T3600] EXT4-fs (loop4): VFS: Found ext4 filesystem with unknown checksum algorithm.
[   36.357989][ T3596] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.371372][ T3293] udevd[3293]: incorrect ext4 checksum on /dev/loop4
[   36.372666][ T3600] siw: device registration error -23
[   36.448459][ T3599] netlink: 'syz.3.37': attribute type 1 has an invalid length.
[   36.564898][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.645429][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.676124][ T3614] loop2: detected capacity change from 0 to 512
[   36.684779][ T3614] EXT4-fs: Ignoring removed mblk_io_submit option
[   36.692348][ T3615] loop1: detected capacity change from 0 to 2048
[   36.700417][ T3614] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   36.742223][ T3614] EXT4-fs (loop2): 1 truncate cleaned up
[   36.763257][ T3614] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.775376][ T2991] udevd[2991]: worker [3485] terminated by signal 33 (Unknown signal 33)
[   36.789742][ T3615] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.862725][ T3623] FAULT_INJECTION: forcing a failure.
[   36.862725][ T3623] name failslab, interval 1, probability 0, space 0, times 1
[   36.875538][ T3623] CPU: 0 UID: 0 PID: 3623 Comm: syz.3.44 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   36.875598][ T3623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   36.875621][ T3623] Call Trace:
[   36.875628][ T3623]  <TASK>
[   36.875637][ T3623]  __dump_stack+0x1d/0x30
[   36.875664][ T3623]  dump_stack_lvl+0xe8/0x140
[   36.875686][ T3623]  dump_stack+0x15/0x1b
[   36.875709][ T3623]  should_fail_ex+0x265/0x280
[   36.875796][ T3623]  should_failslab+0x8c/0xb0
[   36.875821][ T3623]  kmem_cache_alloc_noprof+0x50/0x310
[   36.875862][ T3623]  ? getname_flags+0x80/0x3b0
[   36.875901][ T3623]  getname_flags+0x80/0x3b0
[   36.875973][ T3623]  user_path_at+0x28/0x130
[   36.876011][ T3623]  __x64_sys_umount+0x85/0xe0
[   36.876054][ T3623]  x64_sys_call+0xdd2/0x2ff0
[   36.876128][ T3623]  do_syscall_64+0xd2/0x200
[   36.876160][ T3623]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   36.876192][ T3623]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   36.876222][ T3623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.876326][ T3623] RIP: 0033:0x7f152950ebe9
[   36.876349][ T3623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.876366][ T3623] RSP: 002b:00007f1527f77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   36.876388][ T3623] RAX: ffffffffffffffda RBX: 00007f1529735fa0 RCX: 00007f152950ebe9
[   36.876404][ T3623] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000200000000580
[   36.876447][ T3623] RBP: 00007f1527f77090 R08: 0000000000000000 R09: 0000000000000000
[   36.876462][ T3623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.876477][ T3623] R13: 00007f1529736038 R14: 00007f1529735fa0 R15: 00007ffd67df1948
[   36.876503][ T3623]  </TASK>
[   36.882241][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.073735][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.143223][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.152283][ T3626] loop3: detected capacity change from 0 to 512
[   37.155694][ T3626] EXT4-fs warning (device loop3): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[   37.172272][ T3626] EXT4-fs (loop3): VFS: Found ext4 filesystem with unknown checksum algorithm.
[   37.218273][ T3626] siw: device registration error -23
[   37.281542][ T3639] FAULT_INJECTION: forcing a failure.
[   37.281542][ T3639] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   37.294835][ T3639] CPU: 1 UID: 0 PID: 3639 Comm: syz.4.49 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   37.294872][ T3639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   37.294886][ T3639] Call Trace:
[   37.294893][ T3639]  <TASK>
[   37.294901][ T3639]  __dump_stack+0x1d/0x30
[   37.295059][ T3639]  dump_stack_lvl+0xe8/0x140
[   37.295093][ T3639]  dump_stack+0x15/0x1b
[   37.295114][ T3639]  should_fail_ex+0x265/0x280
[   37.295170][ T3639]  should_fail+0xb/0x20
[   37.295263][ T3639]  should_fail_usercopy+0x1a/0x20
[   37.295285][ T3639]  _copy_from_user+0x1c/0xb0
[   37.295314][ T3639]  ___sys_sendmsg+0xc1/0x1d0
[   37.295470][ T3639]  __x64_sys_sendmsg+0xd4/0x160
[   37.295514][ T3639]  x64_sys_call+0x191e/0x2ff0
[   37.295538][ T3639]  do_syscall_64+0xd2/0x200
[   37.295610][ T3639]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   37.295638][ T3639]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   37.295665][ T3639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.295689][ T3639] RIP: 0033:0x7eff1602ebe9
[   37.295724][ T3639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.295746][ T3639] RSP: 002b:00007eff14a66038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   37.295768][ T3639] RAX: ffffffffffffffda RBX: 00007eff16256090 RCX: 00007eff1602ebe9
[   37.295783][ T3639] RDX: 0000000000000030 RSI: 0000200000000100 RDI: 0000000000000006
[   37.295797][ T3639] RBP: 00007eff14a66090 R08: 0000000000000000 R09: 0000000000000000
[   37.295811][ T3639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.295881][ T3639] R13: 00007eff16256128 R14: 00007eff16256090 R15: 00007fff4bb19a38
[   37.295903][ T3639]  </TASK>
[   37.566103][ T3628] netlink: 'syz.1.45': attribute type 1 has an invalid length.
[   37.755950][ T3656] loop0: detected capacity change from 0 to 256
[   37.782862][ T3659] loop3: detected capacity change from 0 to 512
[   37.789948][ T3659] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   37.805200][ T3659] EXT4-fs (loop3): 1 truncate cleaned up
[   37.811273][ T3659] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.836883][ T3663] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3663 comm=syz.1.56
[   37.843393][ T3661] loop0: detected capacity change from 0 to 2048
[   37.851462][ T3643] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   37.873127][ T3643] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   37.886576][ T3663] hsr_slave_0: left promiscuous mode
[   37.905553][ T3663] hsr_slave_1: left promiscuous mode
[   37.912333][ T3661] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.957264][ T3643] loop2: detected capacity change from 0 to 8192
[   38.019020][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.019046][ T3670] FAULT_INJECTION: forcing a failure.
[   38.019046][ T3670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   38.041207][ T3670] CPU: 1 UID: 0 PID: 3670 Comm: syz.1.57 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   38.041332][ T3670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   38.041385][ T3670] Call Trace:
[   38.041392][ T3670]  <TASK>
[   38.041402][ T3670]  __dump_stack+0x1d/0x30
[   38.041430][ T3670]  dump_stack_lvl+0xe8/0x140
[   38.041453][ T3670]  dump_stack+0x15/0x1b
[   38.041472][ T3670]  should_fail_ex+0x265/0x280
[   38.041561][ T3670]  should_fail+0xb/0x20
[   38.041599][ T3670]  should_fail_usercopy+0x1a/0x20
[   38.041625][ T3670]  _copy_from_user+0x1c/0xb0
[   38.041703][ T3670]  __se_sys_io_uring_setup+0x11f/0x210
[   38.041758][ T3670]  __x64_sys_io_uring_setup+0x31/0x40
[   38.041804][ T3670]  x64_sys_call+0x2b21/0x2ff0
[   38.041826][ T3670]  do_syscall_64+0xd2/0x200
[   38.041857][ T3670]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   38.041881][ T3670]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   38.041909][ T3670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.041938][ T3670] RIP: 0033:0x7ff8b899ebe9
[   38.041958][ T3670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.042024][ T3670] RSP: 002b:00007ff8b73fefc8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9
[   38.042046][ T3670] RAX: ffffffffffffffda RBX: 00007ff8b8bc5fa0 RCX: 00007ff8b899ebe9
[   38.042063][ T3670] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000003c0c
[   38.042079][ T3670] RBP: 0000200000000400 R08: 0000000000000000 R09: 0000000000000000
[   38.042095][ T3670] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   38.042117][ T3670] R13: 0000000000000000 R14: 0000000000003c0c R15: 0000000000000000
[   38.042146][ T3670]  </TASK>
[   38.267649][ T3672] loop1: detected capacity change from 0 to 512
[   38.275718][ T3672] EXT4-fs: Ignoring removed mblk_io_submit option
[   38.282656][ T3672] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   38.362276][ T3672] EXT4-fs (loop1): 1 truncate cleaned up
[   38.368785][ T3672] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.520388][ T3678] Zero length message leads to an empty skb
[   38.531552][ T3678] loop4: detected capacity change from 0 to 1024
[   38.569313][ T3678] EXT4-fs: dax option not supported
[   38.624366][   T29] kauditd_printk_skb: 217 callbacks suppressed
[   38.624384][   T29] audit: type=1400 audit(1754684459.159:324): avc:  denied  { unmount } for  pid=3301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   38.651041][ T3676] hsr_slave_0 (unregistering): left promiscuous mode
[   38.683431][ T3685] loop2: detected capacity change from 0 to 512
[   38.693391][ T3685] EXT4-fs: Ignoring removed mblk_io_submit option
[   38.728209][ T3685] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   38.754614][ T3687] loop0: detected capacity change from 0 to 736
[   38.792599][ T3687] rock: directory entry would overflow storage
[   38.798848][ T3687] rock: sig=0x3b10, size=4, remaining=3
[   38.827823][ T3692] FAULT_INJECTION: forcing a failure.
[   38.827823][ T3692] name failslab, interval 1, probability 0, space 0, times 0
[   38.840577][ T3692] CPU: 0 UID: 0 PID: 3692 Comm: syz.4.65 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   38.840616][ T3692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   38.840633][ T3692] Call Trace:
[   38.840641][ T3692]  <TASK>
[   38.840650][ T3692]  __dump_stack+0x1d/0x30
[   38.840681][ T3692]  dump_stack_lvl+0xe8/0x140
[   38.840702][ T3692]  dump_stack+0x15/0x1b
[   38.840725][ T3692]  should_fail_ex+0x265/0x280
[   38.840780][ T3692]  ? alloc_pipe_info+0xae/0x350
[   38.840845][ T3692]  should_failslab+0x8c/0xb0
[   38.840878][ T3692]  __kmalloc_cache_noprof+0x4c/0x320
[   38.840922][ T3692]  alloc_pipe_info+0xae/0x350
[   38.840987][ T3692]  splice_direct_to_actor+0x592/0x680
[   38.841015][ T3692]  ? kstrtouint_from_user+0x9f/0xf0
[   38.841042][ T3692]  ? __pfx_direct_splice_actor+0x10/0x10
[   38.841069][ T3692]  ? __rcu_read_unlock+0x4f/0x70
[   38.841098][ T3692]  ? get_pid_task+0x96/0xd0
[   38.841125][ T3692]  ? avc_policy_seqno+0x15/0x30
[   38.841198][ T3692]  ? selinux_file_permission+0x1e4/0x320
[   38.841242][ T3692]  do_splice_direct+0xda/0x150
[   38.841267][ T3692]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   38.841302][ T3692]  do_sendfile+0x380/0x650
[   38.841349][ T3692]  __x64_sys_sendfile64+0x105/0x150
[   38.841384][ T3692]  x64_sys_call+0x2bb0/0x2ff0
[   38.841423][ T3692]  do_syscall_64+0xd2/0x200
[   38.841504][ T3692]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   38.841537][ T3692]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   38.841568][ T3692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.841634][ T3692] RIP: 0033:0x7eff1602ebe9
[   38.841654][ T3692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.841678][ T3692] RSP: 002b:00007eff14a8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   38.841703][ T3692] RAX: ffffffffffffffda RBX: 00007eff16255fa0 RCX: 00007eff1602ebe9
[   38.841718][ T3692] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[   38.841731][ T3692] RBP: 00007eff14a8f090 R08: 0000000000000000 R09: 0000000000000000
[   38.841759][ T3692] R10: 00000000003fffff R11: 0000000000000246 R12: 0000000000000001
[   38.841776][ T3692] R13: 00007eff16256038 R14: 00007eff16255fa0 R15: 00007fff4bb19a38
[   38.841802][ T3692]  </TASK>
[   38.842511][ T3685] EXT4-fs (loop2): 1 truncate cleaned up
[   39.063236][   T29] audit: type=1400 audit(1754684459.519:325): avc:  denied  { mount } for  pid=3686 comm="syz.0.63" name="/" dev="loop0" ino=1472 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   39.067170][ T3685] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.095217][ T3687] netlink: 'syz.0.63': attribute type 27 has an invalid length.
[   39.132024][   T29] audit: type=1326 audit(1754684459.659:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3693 comm="syz.4.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1602ebe9 code=0x7ffc0000
[   39.155358][   T29] audit: type=1326 audit(1754684459.659:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3693 comm="syz.4.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1602ebe9 code=0x7ffc0000
[   39.216080][ T3687] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.223363][ T3687] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.330927][   T29] audit: type=1326 audit(1754684459.659:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3693 comm="syz.4.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff1602ebe9 code=0x7ffc0000
[   39.354241][   T29] audit: type=1326 audit(1754684459.659:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3693 comm="syz.4.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1602ebe9 code=0x7ffc0000
[   39.377655][   T29] audit: type=1326 audit(1754684459.659:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3693 comm="syz.4.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1602ebe9 code=0x7ffc0000
[   39.384276][ T3687] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   39.401234][   T29] audit: type=1326 audit(1754684459.659:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3693 comm="syz.4.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7eff1602ebe9 code=0x7ffc0000
[   39.431568][   T29] audit: type=1326 audit(1754684459.659:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3693 comm="syz.4.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1602ebe9 code=0x7ffc0000
[   39.455320][   T29] audit: type=1326 audit(1754684459.659:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3693 comm="syz.4.66" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff1602ebe9 code=0x7ffc0000
[   39.475929][ T3687] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   39.499927][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.560025][  T270] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   39.571271][  T270] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   39.590500][  T270] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   39.610266][  T270] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   39.668109][ T3708] loop1: detected capacity change from 0 to 512
[   39.706997][ T3706] loop0: detected capacity change from 0 to 2048
[   39.724666][ T3706] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.738246][ T3708] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13
[   39.754251][ T3708] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #13: comm syz.1.69: iget: bad i_size value: 12154757448730
[   39.802033][ T3708] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.69: couldn't read orphan inode 13 (err -117)
[   39.817218][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.830425][ T3708] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.852418][ T3708] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   39.862661][ T3708] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   39.903139][ T3716] FAULT_INJECTION: forcing a failure.
[   39.903139][ T3716] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   39.916322][ T3716] CPU: 0 UID: 0 PID: 3716 Comm: syz.0.70 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   39.916355][ T3716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   39.916369][ T3716] Call Trace:
[   39.916378][ T3716]  <TASK>
[   39.916388][ T3716]  __dump_stack+0x1d/0x30
[   39.916416][ T3716]  dump_stack_lvl+0xe8/0x140
[   39.916460][ T3716]  dump_stack+0x15/0x1b
[   39.916481][ T3716]  should_fail_ex+0x265/0x280
[   39.916518][ T3716]  should_fail+0xb/0x20
[   39.916583][ T3716]  should_fail_usercopy+0x1a/0x20
[   39.916605][ T3716]  _copy_from_user+0x1c/0xb0
[   39.916661][ T3716]  ___sys_recvmsg+0xaa/0x370
[   39.916689][ T3716]  ? 0xffffffff81000000
[   39.916707][ T3716]  ? __rcu_read_unlock+0x4f/0x70
[   39.916747][ T3716]  __x64_sys_recvmsg+0xd1/0x160
[   39.916812][ T3716]  x64_sys_call+0x2b42/0x2ff0
[   39.916835][ T3716]  do_syscall_64+0xd2/0x200
[   39.916866][ T3716]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   39.916896][ T3716]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   39.916977][ T3716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.916998][ T3716] RIP: 0033:0x7fd5511debe9
[   39.917015][ T3716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.917038][ T3716] RSP: 002b:00007fd54fc26038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   39.917063][ T3716] RAX: ffffffffffffffda RBX: 00007fd551406090 RCX: 00007fd5511debe9
[   39.917079][ T3716] RDX: 0000000000010140 RSI: 0000200000000280 RDI: 0000000000000003
[   39.917149][ T3716] RBP: 00007fd54fc26090 R08: 0000000000000000 R09: 0000000000000000
[   39.917161][ T3716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.917175][ T3716] R13: 00007fd551406128 R14: 00007fd551406090 R15: 00007fff748b8638
[   39.917199][ T3716]  </TASK>
[   40.118380][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.130677][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.151115][ T3719] loop3: detected capacity change from 0 to 512
[   40.158092][ T3719] EXT4-fs: Ignoring removed mblk_io_submit option
[   40.171636][ T3719] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   40.181933][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.196396][ T3719] EXT4-fs (loop3): 1 truncate cleaned up
[   40.208538][ T3720] loop2: detected capacity change from 0 to 764
[   40.215469][ T3720] iso9660: Unknown parameter ''
[   40.230223][ T3719] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.251218][ T3727] loop1: detected capacity change from 0 to 512
[   40.268003][ T3727] EXT4-fs: Ignoring removed mblk_io_submit option
[   40.277803][ T3727] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   40.289930][ T3720] bond1: entered promiscuous mode
[   40.295125][ T3720] bond1: entered allmulticast mode
[   40.300979][ T3720] 8021q: adding VLAN 0 to HW filter on device bond1
[   40.310724][ T3727] EXT4-fs (loop1): 1 truncate cleaned up
[   40.317054][ T3727] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.320900][ T3720] bond1 (unregistering): Released all slaves
[   40.376901][ T3729] __nla_validate_parse: 16 callbacks suppressed
[   40.376920][ T3729] netlink: 12 bytes leftover after parsing attributes in process `syz.4.75'.
[   40.393396][ T3729] netlink: 4 bytes leftover after parsing attributes in process `syz.4.75'.
[   40.668638][ T3748] loop2: detected capacity change from 0 to 764
[   40.676680][ T3748] rock: directory entry would overflow storage
[   40.682999][ T3748] rock: sig=0x4654, size=5, remaining=4
[   40.709886][ T3750] netlink: 27 bytes leftover after parsing attributes in process `syz.0.79'.
[   40.740031][ T3748] FAULT_INJECTION: forcing a failure.
[   40.740031][ T3748] name failslab, interval 1, probability 0, space 0, times 0
[   40.752854][ T3748] CPU: 1 UID: 0 PID: 3748 Comm: syz.2.78 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   40.752886][ T3748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   40.752902][ T3748] Call Trace:
[   40.752911][ T3748]  <TASK>
[   40.752921][ T3748]  __dump_stack+0x1d/0x30
[   40.752952][ T3748]  dump_stack_lvl+0xe8/0x140
[   40.753056][ T3748]  dump_stack+0x15/0x1b
[   40.753077][ T3748]  should_fail_ex+0x265/0x280
[   40.753157][ T3748]  should_failslab+0x8c/0xb0
[   40.753213][ T3748]  kmem_cache_alloc_noprof+0x50/0x310
[   40.753249][ T3748]  ? alloc_empty_file+0x76/0x200
[   40.753354][ T3748]  ? mntput+0x4b/0x80
[   40.753393][ T3748]  alloc_empty_file+0x76/0x200
[   40.753432][ T3748]  path_openat+0x68/0x2170
[   40.753473][ T3748]  ? _parse_integer_limit+0x170/0x190
[   40.753516][ T3748]  ? kstrtoull+0x111/0x140
[   40.753559][ T3748]  ? kstrtouint+0x76/0xc0
[   40.753603][ T3748]  do_filp_open+0x109/0x230
[   40.753721][ T3748]  do_sys_openat2+0xa6/0x110
[   40.753796][ T3748]  __x64_sys_openat+0xf2/0x120
[   40.753841][ T3748]  x64_sys_call+0x2e9c/0x2ff0
[   40.753900][ T3748]  do_syscall_64+0xd2/0x200
[   40.753933][ T3748]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   40.754022][ T3748]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   40.754045][ T3748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.754126][ T3748] RIP: 0033:0x7f884c45ebe9
[   40.754143][ T3748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.754166][ T3748] RSP: 002b:00007f884aebf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   40.754191][ T3748] RAX: ffffffffffffffda RBX: 00007f884c685fa0 RCX: 00007f884c45ebe9
[   40.754207][ T3748] RDX: 0000000000000042 RSI: 0000200000000040 RDI: ffffffffffffff9c
[   40.754229][ T3748] RBP: 00007f884aebf090 R08: 0000000000000000 R09: 0000000000000000
[   40.754241][ T3748] R10: 00000000000001ff R11: 0000000000000246 R12: 0000000000000001
[   40.754253][ T3748] R13: 00007f884c686038 R14: 00007f884c685fa0 R15: 00007ffd201261c8
[   40.754273][ T3748]  </TASK>
[   40.960293][ T3751] loop0: detected capacity change from 0 to 512
[   41.020283][ T3751] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.79: corrupted inode contents
[   41.032510][ T3751] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.79: mark_inode_dirty error
[   41.045022][ T3751] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.79: corrupted inode contents
[   41.057557][ T3752] rock: directory entry would overflow storage
[   41.063811][ T3752] rock: sig=0x4f50, size=4, remaining=3
[   41.069441][ T3752] iso9660: Corrupted directory entry in block 4 of inode 1792
[   41.077403][ T3751] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.79: mark_inode_dirty error
[   41.102128][ T3751] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.79: corrupted inode contents
[   41.103339][ T3752] rock: directory entry would overflow storage
[   41.114967][ T3751] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[   41.120047][ T3752] rock: sig=0x4f50, size=4, remaining=3
[   41.130017][ T3751] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.79: corrupted inode contents
[   41.134197][ T3752] iso9660: Corrupted directory entry in block 4 of inode 1792
[   41.147300][ T3751] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.79: mark_inode_dirty error
[   41.191160][ T3751] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[   41.204958][ T3751] EXT4-fs (loop0): 1 truncate cleaned up
[   41.205324][  T270] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[   41.211861][ T3751] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.224476][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.236150][ T3751] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.261611][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.292145][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.318132][ T3762] loop0: detected capacity change from 0 to 512
[   41.327014][ T3762] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.82: casefold flag without casefold feature
[   41.356775][ T3762] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.82: couldn't read orphan inode 15 (err -117)
[   41.372121][ T3766] netlink: 60 bytes leftover after parsing attributes in process `syz.1.83'.
[   41.395724][ T3764] loop3: detected capacity change from 0 to 2048
[   41.404504][ T3762] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.411173][ T3770] loop4: detected capacity change from 0 to 512
[   41.426215][ T3762] 9pnet_fd: Insufficient options for proto=fd
[   41.434570][ T3770] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.85: casefold flag without casefold feature
[   41.435934][ T3764] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.460473][ T3770] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.85: couldn't read orphan inode 15 (err -117)
[   41.463898][ T3766] netlink: 4 bytes leftover after parsing attributes in process `syz.1.83'.
[   41.476169][ T3770] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.483295][ T3766] netlink: 4 bytes leftover after parsing attributes in process `syz.1.83'.
[   41.504404][ T3758] netlink: 76 bytes leftover after parsing attributes in process `syz.3.80'.
[   41.604946][ T3787] FAULT_INJECTION: forcing a failure.
[   41.604946][ T3787] name failslab, interval 1, probability 0, space 0, times 0
[   41.617679][ T3787] CPU: 1 UID: 0 PID: 3787 Comm: syz.1.86 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   41.617718][ T3787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   41.617735][ T3787] Call Trace:
[   41.617744][ T3787]  <TASK>
[   41.617753][ T3787]  __dump_stack+0x1d/0x30
[   41.617839][ T3787]  dump_stack_lvl+0xe8/0x140
[   41.617860][ T3787]  dump_stack+0x15/0x1b
[   41.617877][ T3787]  should_fail_ex+0x265/0x280
[   41.617915][ T3787]  should_failslab+0x8c/0xb0
[   41.617951][ T3787]  kmem_cache_alloc_node_noprof+0x57/0x320
[   41.617983][ T3787]  ? __alloc_skb+0x101/0x320
[   41.618015][ T3787]  __alloc_skb+0x101/0x320
[   41.618047][ T3787]  netlink_alloc_large_skb+0xba/0xf0
[   41.618152][ T3787]  netlink_sendmsg+0x3cf/0x6b0
[   41.618190][ T3787]  ? __pfx_netlink_sendmsg+0x10/0x10
[   41.618232][ T3787]  __sock_sendmsg+0x142/0x180
[   41.618259][ T3787]  ____sys_sendmsg+0x31e/0x4e0
[   41.618351][ T3787]  ___sys_sendmsg+0x17b/0x1d0
[   41.618540][ T3787]  __x64_sys_sendmsg+0xd4/0x160
[   41.618651][ T3787]  x64_sys_call+0x191e/0x2ff0
[   41.618673][ T3787]  do_syscall_64+0xd2/0x200
[   41.618760][ T3787]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   41.618785][ T3787]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   41.618809][ T3787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.618874][ T3787] RIP: 0033:0x7ff8b899ebe9
[   41.618915][ T3787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.618934][ T3787] RSP: 002b:00007ff8b73ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   41.619024][ T3787] RAX: ffffffffffffffda RBX: 00007ff8b8bc5fa0 RCX: 00007ff8b899ebe9
[   41.619037][ T3787] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[   41.619049][ T3787] RBP: 00007ff8b73ff090 R08: 0000000000000000 R09: 0000000000000000
[   41.619061][ T3787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.619073][ T3787] R13: 00007ff8b8bc6038 R14: 00007ff8b8bc5fa0 R15: 00007fff2de535d8
[   41.619093][ T3787]  </TASK>
[   41.833982][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.861993][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.875858][ T3792] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3792 comm=syz.2.89
[   41.888796][ T3793] loop0: detected capacity change from 0 to 512
[   41.896320][ T3795] loop1: detected capacity change from 0 to 512
[   41.904916][ T3795] EXT4-fs: Ignoring removed mblk_io_submit option
[   41.912239][ T3793] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.88: casefold flag without casefold feature
[   41.913226][ T3795] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   41.935881][ T3792] netlink: 20 bytes leftover after parsing attributes in process `syz.2.89'.
[   41.937205][ T3793] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.88: couldn't read orphan inode 15 (err -117)
[   41.957355][ T3795] EXT4-fs (loop1): 1 truncate cleaned up
[   41.963689][ T3795] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.976058][ T3793] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.995238][ T3793] 9pnet_fd: Insufficient options for proto=fd
[   42.005353][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.008010][ T3792] netlink: 4 bytes leftover after parsing attributes in process `syz.2.89'.
[   42.024185][ T3792] hsr_slave_0: left promiscuous mode
[   42.031496][ T3792] hsr_slave_1: left promiscuous mode
[   42.127055][ T3809] loop2: detected capacity change from 0 to 764
[   42.136022][ T3807] random: crng reseeded on system resumption
[   42.145793][ T3809] rock: directory entry would overflow storage
[   42.152108][ T3809] rock: sig=0x4f50, size=4, remaining=3
[   42.157799][ T3809] iso9660: Corrupted directory entry in block 6 of inode 1792
[   42.172259][ T3807] 9pnet_fd: Insufficient options for proto=fd
[   42.198378][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.243692][ T3813] macvtap1: entered allmulticast mode
[   42.249172][ T3813] bridge0: entered allmulticast mode
[   42.255127][ T3813] bridge0: port 3(macvtap1) entered blocking state
[   42.261768][ T3813] bridge0: port 3(macvtap1) entered disabled state
[   42.270850][ T3813] bridge0: left allmulticast mode
[   42.283459][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.307861][ T3818] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3818 comm=syz.3.98
[   42.308673][ T3820] loop1: detected capacity change from 0 to 1024
[   42.323574][ T3818] netlink: 20 bytes leftover after parsing attributes in process `syz.3.98'.
[   42.327308][ T3820] EXT4-fs: Ignoring removed bh option
[   42.344729][ T3820] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.360180][ T3818] hsr_slave_0: left promiscuous mode
[   42.365998][ T3818] hsr_slave_1: left promiscuous mode
[   42.382080][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.407980][ T3825] loop1: detected capacity change from 0 to 1024
[   42.416674][ T3825] EXT4-fs: Ignoring removed bh option
[   42.436893][ T3825] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.477250][ T3832] loop3: detected capacity change from 0 to 736
[   42.485738][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.500595][ T3832] rock: directory entry would overflow storage
[   42.506914][ T3832] rock: sig=0x3b10, size=4, remaining=3
[   42.516424][ T3832] netlink: 'syz.3.102': attribute type 27 has an invalid length.
[   42.557120][ T3832] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.564478][ T3832] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.620446][ T3832] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   42.634735][ T3832] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   42.691313][  T270] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.701665][  T270] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.711999][  T270] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.726347][  T270] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   42.852529][ T3853] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.859990][ T3853] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.928958][ T3856] loop4: detected capacity change from 0 to 512
[   42.936190][ T3857] loop1: detected capacity change from 0 to 512
[   42.942632][ T3853] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   42.951376][ T3856] EXT4-fs: Ignoring removed mblk_io_submit option
[   42.970330][ T3853] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   42.985927][ T3857] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.987101][ T3856] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   43.009047][ T3857] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.029478][ T3856] EXT4-fs (loop4): 1 truncate cleaned up
[   43.035995][ T3856] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.087137][ T3854] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   43.103885][   T12] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   43.134279][   T12] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   43.159015][   T12] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   43.168940][   T12] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   43.171226][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.227609][ T3869] tmpfs: Unexpected value for 'inode32'
[   43.278620][ T3870] loop1: detected capacity change from 0 to 128
[   43.307486][ T3870] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   43.315567][ T3870] FAT-fs (loop1): Filesystem has been set read-only
[   43.323822][ T3870] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[   43.331953][ T3870] syz.1.111: attempt to access beyond end of device
[   43.331953][ T3870] loop1: rw=2049, sector=2065, nr_sectors = 8 limit=128
[   43.467679][ T3876] loop0: detected capacity change from 0 to 736
[   43.500569][ T3876] rock: directory entry would overflow storage
[   43.506918][ T3876] rock: sig=0x3b10, size=4, remaining=3
[   43.530442][ T3876] netlink: 'syz.0.115': attribute type 27 has an invalid length.
[   43.755664][ T3884] loop0: detected capacity change from 0 to 2048
[   43.768678][ T3885] loop2: detected capacity change from 0 to 2048
[   43.793001][   T29] kauditd_printk_skb: 311 callbacks suppressed
[   43.793017][   T29] audit: type=1400 audit(1754684464.319:642): avc:  denied  { connect } for  pid=3886 comm="syz.3.119" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   43.819588][   T29] audit: type=1400 audit(1754684464.319:643): avc:  denied  { write } for  pid=3886 comm="syz.3.119" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   43.866151][ T3885] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.879407][ T3884] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.884946][   T29] audit: type=1400 audit(1754684464.389:644): avc:  denied  { create } for  pid=3890 comm="syz.3.120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   43.910924][   T29] audit: type=1400 audit(1754684464.409:645): avc:  denied  { getopt } for  pid=3890 comm="syz.3.120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   43.930426][   T29] audit: type=1400 audit(1754684464.409:646): avc:  denied  { connect } for  pid=3890 comm="syz.3.120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   43.949864][   T29] audit: type=1400 audit(1754684464.409:647): avc:  denied  { name_connect } for  pid=3890 comm="syz.3.120" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   43.970007][   T29] audit: type=1400 audit(1754684464.409:648): avc:  denied  { mount } for  pid=3882 comm="syz.2.118" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   44.005887][ T3897] netlink: 'syz.3.120': attribute type 1 has an invalid length.
[   44.037452][   T29] audit: type=1400 audit(1754684464.439:649): avc:  denied  { create } for  pid=3882 comm="syz.2.118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   44.057682][   T29] audit: type=1400 audit(1754684464.439:650): avc:  denied  { write } for  pid=3882 comm="syz.2.118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   44.077689][   T29] audit: type=1400 audit(1754684464.439:651): avc:  denied  { nlmsg_write } for  pid=3882 comm="syz.2.118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   44.213622][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.223046][ T3909] loop1: detected capacity change from 0 to 1024
[   44.230151][ T3909] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   44.244158][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.245949][ T3909] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #3: block 1: comm syz.1.122: lblock 1 mapped to illegal pblock 1 (length 1)
[   44.273572][ T3909] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.122: Failed to acquire dquot type 0
[   44.294457][ T3909] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.122: Freeing blocks not in datazone - block = 0, count = 4096
[   44.308948][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.312823][ T3909] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.122: Invalid inode bitmap blk 0 in block_group 0
[   44.332523][ T3427] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1)
[   44.332756][ T3909] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[   44.357021][ T3909] EXT4-fs (loop1): 1 orphan inode deleted
[   44.363705][ T3909] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.381389][ T3427] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 0
[   44.394185][ T3917] loop4: detected capacity change from 0 to 1024
[   44.409967][ T3917] EXT4-fs: Ignoring removed bh option
[   44.419482][ T3919] loop0: detected capacity change from 0 to 736
[   44.437801][ T3917] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.454727][ T3919] rock: directory entry would overflow storage
[   44.461006][ T3919] rock: sig=0x3b10, size=4, remaining=3
[   44.487682][ T3919] netlink: 'syz.0.126': attribute type 27 has an invalid length.
[   44.497141][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.564416][ T3930] netlink: 'syz.0.129': attribute type 39 has an invalid length.
[   44.603359][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.681690][ T3936] loop0: detected capacity change from 0 to 512
[   44.710498][ T3936] EXT4-fs: Ignoring removed mblk_io_submit option
[   44.718952][ T3936] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   44.732796][ T3936] EXT4-fs (loop0): 1 truncate cleaned up
[   44.748636][ T3936] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.803922][ T3942] loop1: detected capacity change from 0 to 2048
[   44.826003][ T3942] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.969607][ T3954] loop4: detected capacity change from 0 to 512
[   44.980686][ T3954] EXT4-fs warning (device loop4): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[   44.994242][ T3954] EXT4-fs (loop4): VFS: Found ext4 filesystem with unknown checksum algorithm.
[   45.018316][ T3954] siw: device registration error -23
[   45.036167][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.065573][ T3960] loop1: detected capacity change from 0 to 512
[   45.068018][ T3962] loop4: detected capacity change from 0 to 1024
[   45.073827][ T3960] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.136: casefold flag without casefold feature
[   45.079065][ T3962] EXT4-fs: Ignoring removed bh option
[   45.093230][ T3960] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.136: couldn't read orphan inode 15 (err -117)
[   45.108914][ T3960] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.123582][ T3960] 9pnet_fd: Insufficient options for proto=fd
[   45.131094][ T3962] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.182886][ T3967] netlink: 'syz.3.138': attribute type 39 has an invalid length.
[   45.191702][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.235663][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.245996][ T3972] loop4: detected capacity change from 0 to 736
[   45.280968][ T3972] rock: directory entry would overflow storage
[   45.287281][ T3972] rock: sig=0x3b10, size=4, remaining=3
[   45.309944][ T3977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11 sclass=netlink_route_socket pid=3977 comm=syz.2.140
[   45.340747][ T3972] netlink: 'syz.4.139': attribute type 27 has an invalid length.
[   45.349315][ T3977] loop2: detected capacity change from 0 to 512
[   45.358362][ T3977] EXT4-fs: Ignoring removed orlov option
[   45.365343][ T3977] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   45.377067][ T3977] EXT4-fs (loop2): orphan cleanup on readonly fs
[   45.384607][ T3980] loop3: detected capacity change from 0 to 512
[   45.384849][ T3981] random: crng reseeded on system resumption
[   45.394689][ T3980] EXT4-fs: Ignoring removed mblk_io_submit option
[   45.407674][ T3980] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   45.416889][ T3977] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.140: bg 0: block 248: padding at end of block bitmap is not set
[   45.421238][ T3980] EXT4-fs (loop3): 1 truncate cleaned up
[   45.433570][ T3977] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.140: Failed to acquire dquot type 1
[   45.439288][ T3972] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.455955][ T3972] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.463926][ T3980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.497140][ T3977] EXT4-fs (loop2): 1 truncate cleaned up
[   45.509771][ T3977] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   45.588317][ T3972] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   45.618611][ T3972] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   45.633281][ T3970] EXT4-fs: Ignoring removed orlov option
[   45.641954][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.655755][ T3970] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   45.665614][ T3970] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   45.694711][ T3970] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.140: Abort forced by user
[   45.695630][ T3970] EXT4-fs (loop2): Remounting filesystem read-only
[   45.695670][ T3970] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   45.695702][ T3970] ext4 filesystem being remounted at /22/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   45.734776][ T1895] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   45.761035][ T1895] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   45.782585][ T3977] syz.2.140 (3977) used greatest stack depth: 9208 bytes left
[   45.792678][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.812499][ T1895] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   45.825751][ T1895] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   45.856006][ T4003] loop2: detected capacity change from 0 to 512
[   45.868836][ T4003] EXT4-fs: Ignoring removed mblk_io_submit option
[   45.880017][ T4003] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   45.892918][ T4000] __nla_validate_parse: 7 callbacks suppressed
[   45.899246][ T4000] netlink: 48 bytes leftover after parsing attributes in process `gtp'.
[   45.911814][ T4003] EXT4-fs (loop2): 1 truncate cleaned up
[   45.924682][ T4003] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.266995][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.347456][ T4013] loop3: detected capacity change from 0 to 512
[   46.366632][ T4013] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.149: casefold flag without casefold feature
[   46.386316][ T4013] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.149: couldn't read orphan inode 15 (err -117)
[   46.411805][ T4013] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.424759][ T4020] loop0: detected capacity change from 0 to 512
[   46.427306][ T4020] EXT4-fs: Ignoring removed mblk_io_submit option
[   46.437950][ T4020] EXT4-fs: Ignoring removed bh option
[   46.440359][ T4013] 9pnet_fd: Insufficient options for proto=fd
[   46.452148][ T4020] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   46.467328][ T4020] EXT4-fs (loop0): 1 truncate cleaned up
[   46.484267][ T4020] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.506792][ T4026] netlink: 12 bytes leftover after parsing attributes in process `syz.0.152'.
[   46.556645][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.568955][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.703681][ T4032] loop0: detected capacity change from 0 to 512
[   46.739003][ T4032] EXT4-fs warning (device loop0): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[   46.752540][ T4032] EXT4-fs (loop0): VFS: Found ext4 filesystem with unknown checksum algorithm.
[   46.804598][ T4032] siw: device registration error -23
[   46.823738][ T4038] random: crng reseeded on system resumption
[   46.842485][ T4025] lo speed is unknown, defaulting to 1000
[   46.979586][ T4040] FAULT_INJECTION: forcing a failure.
[   46.979586][ T4040] name failslab, interval 1, probability 0, space 0, times 0
[   46.979970][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.992337][ T4040] CPU: 0 UID: 0 PID: 4040 Comm: syz.0.159 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   46.992398][ T4040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   46.992416][ T4040] Call Trace:
[   46.992425][ T4040]  <TASK>
[   46.992434][ T4040]  __dump_stack+0x1d/0x30
[   46.992467][ T4040]  dump_stack_lvl+0xe8/0x140
[   46.992497][ T4040]  dump_stack+0x15/0x1b
[   46.992523][ T4040]  should_fail_ex+0x265/0x280
[   46.992650][ T4040]  should_failslab+0x8c/0xb0
[   46.992686][ T4040]  kmem_cache_alloc_node_noprof+0x57/0x320
[   46.992730][ T4040]  ? __alloc_skb+0x101/0x320
[   46.992845][ T4040]  __alloc_skb+0x101/0x320
[   46.992883][ T4040]  ? audit_log_start+0x365/0x6c0
[   46.992932][ T4040]  audit_log_start+0x380/0x6c0
[   46.992995][ T4040]  audit_seccomp+0x48/0x100
[   46.993030][ T4040]  ? __seccomp_filter+0x68c/0x10d0
[   46.993061][ T4040]  __seccomp_filter+0x69d/0x10d0
[   46.993094][ T4040]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   46.993140][ T4040]  ? vfs_write+0x75e/0x8e0
[   46.993201][ T4040]  __secure_computing+0x82/0x150
[   46.993232][ T4040]  syscall_trace_enter+0xcf/0x1e0
[   46.993321][ T4040]  do_syscall_64+0xac/0x200
[   46.993355][ T4040]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   46.993409][ T4040]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   46.993446][ T4040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.993535][ T4040] RIP: 0033:0x7fd5511debe9
[   46.993556][ T4040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.993645][ T4040] RSP: 002b:00007fd54fc47038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   46.993670][ T4040] RAX: ffffffffffffffda RBX: 00007fd551405fa0 RCX: 00007fd5511debe9
[   46.993688][ T4040] RDX: 0000000000003900 RSI: 00000000000006e2 RDI: 0000000000000006
[   46.993705][ T4040] RBP: 00007fd54fc47090 R08: 0000000000000000 R09: 0000000000000e00
[   46.993721][ T4040] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[   46.993739][ T4040] R13: 00007fd551406038 R14: 00007fd551405fa0 R15: 00007fff748b8638
[   46.993820][ T4040]  </TASK>
[   47.425295][ T4057] random: crng reseeded on system resumption
[   47.456319][ T4059] random: crng reseeded on system resumption
[   47.518391][ T4064] netlink: 24 bytes leftover after parsing attributes in process `syz.4.169'.
[   47.577714][ T4064] netlink: 4 bytes leftover after parsing attributes in process `syz.4.169'.
[   47.614619][ T4070] loop2: detected capacity change from 0 to 512
[   47.625205][ T4070] EXT4-fs: Ignoring removed mblk_io_submit option
[   47.632210][ T4070] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   47.648072][ T4064] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   47.661989][ T4064] netlink: 76 bytes leftover after parsing attributes in process `syz.4.169'.
[   47.668017][ T4070] EXT4-fs (loop2): 1 truncate cleaned up
[   47.686138][ T4070] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.749185][ T4081] FAULT_INJECTION: forcing a failure.
[   47.749185][ T4081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   47.762553][ T4081] CPU: 0 UID: 0 PID: 4081 Comm: syz.1.172 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   47.762591][ T4081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   47.762662][ T4081] Call Trace:
[   47.762670][ T4081]  <TASK>
[   47.762679][ T4081]  __dump_stack+0x1d/0x30
[   47.762706][ T4081]  dump_stack_lvl+0xe8/0x140
[   47.762731][ T4081]  dump_stack+0x15/0x1b
[   47.762754][ T4081]  should_fail_ex+0x265/0x280
[   47.762829][ T4081]  should_fail+0xb/0x20
[   47.762859][ T4081]  should_fail_usercopy+0x1a/0x20
[   47.762904][ T4081]  _copy_from_user+0x1c/0xb0
[   47.763011][ T4081]  ___sys_sendmsg+0xc1/0x1d0
[   47.763133][ T4081]  __x64_sys_sendmsg+0xd4/0x160
[   47.763179][ T4081]  x64_sys_call+0x191e/0x2ff0
[   47.763201][ T4081]  do_syscall_64+0xd2/0x200
[   47.763269][ T4081]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   47.763298][ T4081]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   47.763384][ T4081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.763412][ T4081] RIP: 0033:0x7ff8b899ebe9
[   47.763429][ T4081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.763447][ T4081] RSP: 002b:00007ff8b73ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   47.763477][ T4081] RAX: ffffffffffffffda RBX: 00007ff8b8bc5fa0 RCX: 00007ff8b899ebe9
[   47.763490][ T4081] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000006
[   47.763502][ T4081] RBP: 00007ff8b73ff090 R08: 0000000000000000 R09: 0000000000000000
[   47.763551][ T4081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.763567][ T4081] R13: 00007ff8b8bc6038 R14: 00007ff8b8bc5fa0 R15: 00007fff2de535d8
[   47.763593][ T4081]  </TASK>
[   48.079286][ T4093] random: crng reseeded on system resumption
[   48.099062][ T4095] loop1: detected capacity change from 0 to 512
[   48.126376][ T4095] EXT4-fs: Ignoring removed mblk_io_submit option
[   48.164969][ T4095] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   48.187384][ T4095] EXT4-fs (loop1): 1 truncate cleaned up
[   48.207677][ T4095] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.465396][ T4109] loop3: detected capacity change from 0 to 512
[   48.479651][ T4109] EXT4-fs: Ignoring removed mblk_io_submit option
[   48.495587][ T4109] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   48.537108][ T4109] EXT4-fs (loop3): 1 truncate cleaned up
[   48.548809][ T4109] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.600629][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.665118][ T3301] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.719863][ T4118] random: crng reseeded on system resumption
[   48.739186][ T4121] random: crng reseeded on system resumption
[   48.899504][ T4130] netlink: 240 bytes leftover after parsing attributes in process `syz.2.190'.
[   48.927193][   T29] kauditd_printk_skb: 739 callbacks suppressed
[   48.927211][   T29] audit: type=1404 audit(1754684469.459:1384): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[   48.981759][   T29] audit: type=1400 audit(1754684469.469:1385): avc:  denied  { read write } for  pid=3301 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   49.006125][   T29] audit: type=1400 audit(1754684469.479:1386): avc:  denied  { prog_load } for  pid=4127 comm="syz.4.189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   49.025114][   T29] audit: type=1400 audit(1754684469.479:1387): avc:  denied  { execmem } for  pid=4127 comm="syz.4.189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[   49.037408][ T4139] netlink: 4 bytes leftover after parsing attributes in process `syz.1.194'.
[   49.044463][   T29] audit: type=1400 audit(1754684469.479:1388): avc:  denied  { map_create } for  pid=4127 comm="syz.4.189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   49.072560][   T29] audit: type=1404 audit(1754684469.489:1389): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[   49.087615][   T29] audit: type=1400 audit(1754684469.489:1390): avc:  denied  { prog_load } for  pid=4127 comm="syz.4.189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   49.106690][   T29] audit: type=1400 audit(1754684469.489:1391): avc:  denied  { bpf } for  pid=4127 comm="syz.4.189" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   49.127229][   T29] audit: type=1400 audit(1754684469.489:1392): avc:  denied  { perfmon } for  pid=4127 comm="syz.4.189" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   49.148057][   T29] audit: type=1400 audit(1754684469.499:1393): avc:  denied  { create } for  pid=4134 comm="syz.2.192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   49.154757][ T4139] netlink: 4 bytes leftover after parsing attributes in process `syz.1.194'.
[   49.195469][ T4138] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   49.230180][ T4138] netlink: 172 bytes leftover after parsing attributes in process `syz.4.193'.
[   49.239226][ T4138] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[   49.310748][ T4148] random: crng reseeded on system resumption
[   49.334559][ T4149] loop0: detected capacity change from 0 to 512
[   49.361695][ T4149] EXT4-fs warning (device loop0): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[   49.375295][ T4149] EXT4-fs (loop0): VFS: Found ext4 filesystem with unknown checksum algorithm.
[   49.424814][ T4146] siw: device registration error -23
[   49.508054][ T4155] random: crng reseeded on system resumption
[   49.523400][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.554288][ T4157] netlink: 240 bytes leftover after parsing attributes in process `syz.1.202'.
[   49.724905][ T4174] random: crng reseeded on system resumption
[   49.771670][ T4178] loop3: detected capacity change from 0 to 128
[   49.807306][ T4178] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   49.815342][ T4178] FAT-fs (loop3): Filesystem has been set read-only
[   49.835032][ T4180] loop1: detected capacity change from 0 to 512
[   49.841633][ T4180] EXT4-fs: Ignoring removed mblk_io_submit option
[   49.857336][ T4178] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[   49.865724][ T4178] syz.3.207: attempt to access beyond end of device
[   49.865724][ T4178] loop3: rw=2049, sector=2065, nr_sectors = 8 limit=128
[   49.898166][ T4180] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   49.911945][ T4180] EXT4-fs (loop1): 1 truncate cleaned up
[   50.031883][ T4195] loop0: detected capacity change from 0 to 764
[   50.080726][ T4195] rock: directory entry would overflow storage
[   50.086958][ T4195] rock: sig=0x4f50, size=4, remaining=3
[   50.092632][ T4195] iso9660: Corrupted directory entry in block 6 of inode 1792
[   50.182426][ T4196] netlink: 'syz.2.215': attribute type 1 has an invalid length.
[   50.257767][ T4201] loop0: detected capacity change from 0 to 2048
[   50.281359][ T4209] random: crng reseeded on system resumption
[   50.451374][ T4228] loop0: detected capacity change from 0 to 512
[   50.457825][ T4229] loop2: detected capacity change from 0 to 512
[   50.459479][ T4228] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.226: casefold flag without casefold feature
[   50.478086][ T4228] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.226: couldn't read orphan inode 15 (err -117)
[   50.480595][ T4229] EXT4-fs warning (device loop2): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[   50.503354][ T4229] EXT4-fs (loop2): VFS: Found ext4 filesystem with unknown checksum algorithm.
[   50.511837][ T4228] 9pnet_fd: Insufficient options for proto=fd
[   50.568757][ T4235] loop3: detected capacity change from 0 to 764
[   50.582481][ T4235] rock: directory entry would overflow storage
[   50.588809][ T4235] rock: sig=0x4f50, size=4, remaining=3
[   50.594485][ T4235] iso9660: Corrupted directory entry in block 6 of inode 1792
[   50.840057][ T4251] netlink: 'syz.0.231': attribute type 1 has an invalid length.
[   50.859710][ T4264] loop4: detected capacity change from 0 to 128
[   50.868150][ T4261] loop2: detected capacity change from 0 to 512
[   50.879793][ T4261] EXT4-fs: Ignoring removed mblk_io_submit option
[   50.934831][ T4264] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   50.942786][ T4264] FAT-fs (loop4): Filesystem has been set read-only
[   50.949744][ T4266] loop1: detected capacity change from 0 to 736
[   50.950199][ T4261] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   50.967932][ T4266] rock: directory entry would overflow storage
[   50.974341][ T4266] rock: sig=0x3b10, size=4, remaining=3
[   50.980126][ T4264] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   50.984375][ T4266] netlink: 'syz.1.241': attribute type 27 has an invalid length.
[   51.006739][ T4264] syz.4.238: attempt to access beyond end of device
[   51.006739][ T4264] loop4: rw=2049, sector=2065, nr_sectors = 8 limit=128
[   51.028467][ T4261] EXT4-fs (loop2): 1 truncate cleaned up
[   51.069109][ T4274] loop3: detected capacity change from 0 to 512
[   51.085976][ T4274] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.244: casefold flag without casefold feature
[   51.107225][ T4278] loop2: detected capacity change from 0 to 512
[   51.124807][ T4278] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.134294][ T4274] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.244: couldn't read orphan inode 15 (err -117)
[   51.163025][ T4278] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   51.203295][ T4274] 9pnet_fd: Insufficient options for proto=fd
[   51.211095][ T4278] EXT4-fs (loop2): 1 truncate cleaned up
[   51.617554][ T4304] loop1: detected capacity change from 0 to 512
[   51.631655][ T4304] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.638618][ T4304] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   51.659293][ T4304] EXT4-fs (loop1): 1 truncate cleaned up
[   51.669938][ T4306] loop0: detected capacity change from 0 to 736
[   51.684635][ T4298] netlink: 'syz.3.253': attribute type 1 has an invalid length.
[   51.692348][ T4298] __nla_validate_parse: 4 callbacks suppressed
[   51.692401][ T4298] netlink: 224 bytes leftover after parsing attributes in process `syz.3.253'.
[   51.694811][ T4306] rock: directory entry would overflow storage
[   51.713767][ T4306] rock: sig=0x3b10, size=4, remaining=3
[   51.723921][ T4306] netlink: 'syz.0.256': attribute type 27 has an invalid length.
[   51.743708][ T4312] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4312 comm=syz.1.258
[   51.765800][ T4312] netlink: 24 bytes leftover after parsing attributes in process `syz.1.258'.
[   51.803269][ T4312] netlink: 4 bytes leftover after parsing attributes in process `syz.1.258'.
[   51.876662][ T4325] random: crng reseeded on system resumption
[   51.972467][ T4333] loop3: detected capacity change from 0 to 2048
[   52.004079][ T4336] loop1: detected capacity change from 0 to 128
[   52.013672][ T4328] netlink: 76 bytes leftover after parsing attributes in process `syz.3.265'.
[   52.060702][ T4345] netlink: 240 bytes leftover after parsing attributes in process `syz.2.269'.
[   52.121419][ T4353] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4353 comm=syz.2.271
[   52.134323][ T4353] netlink: 44 bytes leftover after parsing attributes in process `syz.2.271'.
[   52.165535][ T4353] netlink: 4 bytes leftover after parsing attributes in process `syz.2.271'.
[   52.186919][ T4346] netlink: 'syz.1.270': attribute type 1 has an invalid length.
[   52.194642][ T4346] netlink: 224 bytes leftover after parsing attributes in process `syz.1.270'.
[   52.257833][ T4366] loop3: detected capacity change from 0 to 512
[   52.267358][ T4366] EXT4-fs: Ignoring removed mblk_io_submit option
[   52.274700][ T4366] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   52.290494][ T4366] EXT4-fs (loop3): 1 truncate cleaned up
[   52.506539][ T4386] loop0: detected capacity change from 0 to 2048
[   52.580419][ T4382] netlink: 76 bytes leftover after parsing attributes in process `syz.0.282'.
[   52.603342][ T4391] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4391 comm=syz.4.284
[   52.648504][ T4391] netlink: 44 bytes leftover after parsing attributes in process `syz.4.284'.
[   52.666325][ T4396] random: crng reseeded on system resumption
[   52.697084][ T4391] hsr_slave_1: left promiscuous mode
[   52.846873][ T4398] netlink: 'syz.1.286': attribute type 1 has an invalid length.
[   52.857503][ T4412] loop4: detected capacity change from 0 to 512
[   52.867986][ T4412] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.290: casefold flag without casefold feature
[   52.888289][ T4412] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.290: couldn't read orphan inode 15 (err -117)
[   52.902214][ T4412] 9pnet_fd: Insufficient options for proto=fd
[   52.951387][ T4419] loop0: detected capacity change from 0 to 512
[   52.965198][ T4419] EXT4-fs: Ignoring removed mblk_io_submit option
[   52.972138][ T4419] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   52.986953][ T4419] EXT4-fs (loop0): 1 truncate cleaned up
[   53.188175][ T4434] loop2: detected capacity change from 0 to 736
[   53.285159][ T4441] loop4: detected capacity change from 0 to 736
[   53.300528][ T4441] FAULT_INJECTION: forcing a failure.
[   53.300528][ T4441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.313671][ T4441] CPU: 1 UID: 0 PID: 4441 Comm: syz.4.302 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   53.313728][ T4441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   53.313744][ T4441] Call Trace:
[   53.313753][ T4441]  <TASK>
[   53.313762][ T4441]  __dump_stack+0x1d/0x30
[   53.313806][ T4441]  dump_stack_lvl+0xe8/0x140
[   53.313824][ T4441]  dump_stack+0x15/0x1b
[   53.313883][ T4441]  should_fail_ex+0x265/0x280
[   53.313913][ T4441]  should_fail+0xb/0x20
[   53.313938][ T4441]  should_fail_usercopy+0x1a/0x20
[   53.313955][ T4441]  strncpy_from_user+0x25/0x230
[   53.314037][ T4441]  ? kmem_cache_alloc_noprof+0x186/0x310
[   53.314124][ T4441]  ? getname_flags+0x80/0x3b0
[   53.314151][ T4441]  getname_flags+0xae/0x3b0
[   53.314177][ T4441]  __x64_sys_mkdirat+0x40/0x60
[   53.314210][ T4441]  x64_sys_call+0x2b7/0x2ff0
[   53.314229][ T4441]  do_syscall_64+0xd2/0x200
[   53.314288][ T4441]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   53.314310][ T4441]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   53.314330][ T4441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.314349][ T4441] RIP: 0033:0x7eff1602ebe9
[   53.314362][ T4441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.314378][ T4441] RSP: 002b:00007eff14a8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   53.314454][ T4441] RAX: ffffffffffffffda RBX: 00007eff16255fa0 RCX: 00007eff1602ebe9
[   53.314467][ T4441] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[   53.314478][ T4441] RBP: 00007eff14a8f090 R08: 0000000000000000 R09: 0000000000000000
[   53.314488][ T4441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.314538][ T4441] R13: 00007eff16256038 R14: 00007eff16255fa0 R15: 00007fff4bb19a38
[   53.314555][ T4441]  </TASK>
[   53.632747][ T4454] loop4: detected capacity change from 0 to 512
[   53.649432][ T4454] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.306: casefold flag without casefold feature
[   53.676884][ T4454] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.306: couldn't read orphan inode 15 (err -117)
[   53.697480][ T4454] 9pnet_fd: Insufficient options for proto=fd
[   53.736159][ T4449] netlink: 'syz.2.304': attribute type 1 has an invalid length.
[   53.862799][ T4472] loop1: detected capacity change from 0 to 512
[   53.892675][ T4472] EXT4-fs: Ignoring removed mblk_io_submit option
[   53.901570][ T4472] /dev/loop1: Can't open blockdev
[   53.930380][ T4476] loop4: detected capacity change from 0 to 128
[   53.966190][ T4476] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   53.966217][ T4476] FAT-fs (loop4): Filesystem has been set read-only
[   53.966392][ T4476] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   53.966493][ T4476] syz.4.311: attempt to access beyond end of device
[   53.966493][ T4476] loop4: rw=2049, sector=2065, nr_sectors = 8 limit=128
[   54.081534][ T4491] loop2: detected capacity change from 0 to 512
[   54.105991][ T4491] EXT4-fs: Ignoring removed mblk_io_submit option
[   54.113213][ T4491] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   54.121520][ T4493] loop0: detected capacity change from 0 to 512
[   54.139487][ T4491] EXT4-fs (loop2): 1 truncate cleaned up
[   54.142375][ T4493] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.322: casefold flag without casefold feature
[   54.158199][ T4493] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.322: couldn't read orphan inode 15 (err -117)
[   54.172126][ T4493] 9pnet_fd: Insufficient options for proto=fd
[   54.186504][ T4490] loop3: detected capacity change from 0 to 512
[   54.223122][ T4490] EXT4-fs warning (device loop3): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[   54.236653][ T4490] EXT4-fs (loop3): VFS: Found ext4 filesystem with unknown checksum algorithm.
[   54.250822][ T4490] siw: device registration error -23
[   54.335474][   T29] kauditd_printk_skb: 1006 callbacks suppressed
[   54.335492][   T29] audit: type=1326 audit(1754684474.869:2400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5511debe9 code=0x7ffc0000
[   54.366589][   T29] audit: type=1326 audit(1754684474.899:2401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5511debe9 code=0x7ffc0000
[   54.389981][   T29] audit: type=1326 audit(1754684474.899:2402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fd5511debe9 code=0x7ffc0000
[   54.413361][   T29] audit: type=1326 audit(1754684474.899:2403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5511debe9 code=0x7ffc0000
[   54.436788][   T29] audit: type=1326 audit(1754684474.899:2404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5511debe9 code=0x7ffc0000
[   54.461293][   T29] audit: type=1326 audit(1754684474.969:2405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd5511debe9 code=0x7ffc0000
[   54.484712][   T29] audit: type=1326 audit(1754684474.969:2406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5511debe9 code=0x7ffc0000
[   54.484744][   T29] audit: type=1326 audit(1754684474.969:2407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5511debe9 code=0x7ffc0000
[   54.484782][   T29] audit: type=1326 audit(1754684474.969:2408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fd5511debe9 code=0x7ffc0000
[   54.484817][   T29] audit: type=1326 audit(1754684474.969:2409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4504 comm="syz.0.325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5511debe9 code=0x7ffc0000
[   54.697487][ T4510] random: crng reseeded on system resumption
[   54.940298][ T4529] loop4: detected capacity change from 0 to 512
[   54.957820][ T4529] EXT4-fs: Ignoring removed mblk_io_submit option
[   54.961973][ T4530] loop3: detected capacity change from 0 to 764
[   54.974857][ T4529] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   55.013997][ T4530] rock: directory entry would overflow storage
[   55.020207][ T4530] rock: sig=0x4f50, size=4, remaining=3
[   55.025884][ T4530] iso9660: Corrupted directory entry in block 6 of inode 1792
[   55.040972][ T4529] EXT4-fs (loop4): 1 truncate cleaned up
[   55.130846][ T4539] loop0: detected capacity change from 0 to 764
[   55.149236][ T4539] rock: directory entry would overflow storage
[   55.155475][ T4539] rock: sig=0x4f50, size=4, remaining=3
[   55.161074][ T4539] iso9660: Corrupted directory entry in block 6 of inode 1792
[   55.217753][ T4550] random: crng reseeded on system resumption
[   55.554832][ T4573] loop1: detected capacity change from 0 to 512
[   55.561927][ T4573] EXT4-fs: Ignoring removed mblk_io_submit option
[   55.569880][ T4573] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   55.618849][ T4573] EXT4-fs (loop1): 1 truncate cleaned up
[   55.679492][ T4581] random: crng reseeded on system resumption
[   55.856846][ T4592] loop2: detected capacity change from 0 to 512
[   55.873671][ T4592] EXT4-fs warning (device loop2): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[   55.887225][ T4592] EXT4-fs (loop2): VFS: Found ext4 filesystem with unknown checksum algorithm.
[   55.890118][ T4594] loop4: detected capacity change from 0 to 736
[   55.940407][ T4594] rock: directory entry would overflow storage
[   55.946789][ T4594] rock: sig=0x3b10, size=4, remaining=3
[   55.957287][ T4594] netlink: 'syz.4.363': attribute type 27 has an invalid length.
[   56.002433][ T4601] loop2: detected capacity change from 0 to 512
[   56.010900][ T4601] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.366: casefold flag without casefold feature
[   56.023927][ T4601] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.366: couldn't read orphan inode 15 (err -117)
[   56.149984][ T4612] loop4: detected capacity change from 0 to 512
[   56.156771][ T4612] EXT4-fs: Ignoring removed mblk_io_submit option
[   56.165893][ T4612] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   56.179778][ T4612] EXT4-fs (loop4): 1 truncate cleaned up
[   56.265182][ T4623] loop0: detected capacity change from 0 to 764
[   56.277478][ T4623] rock: directory entry would overflow storage
[   56.283751][ T4623] rock: sig=0x4f50, size=4, remaining=3
[   56.289379][ T4623] iso9660: Corrupted directory entry in block 6 of inode 1792
[   56.322706][ T4626] loop2: detected capacity change from 0 to 736
[   56.357972][ T4626] rock: directory entry would overflow storage
[   56.357982][ T4626] rock: sig=0x3b10, size=4, remaining=3
[   56.365673][ T4626] netlink: 'syz.2.376': attribute type 27 has an invalid length.
[   56.469155][ T4626] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.476462][ T4626] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.508030][ T4637] loop0: detected capacity change from 0 to 128
[   56.530058][ T4637] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   56.530078][ T4637] FAT-fs (loop0): Filesystem has been set read-only
[   56.530200][ T4637] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   56.530352][ T4637] syz.0.378: attempt to access beyond end of device
[   56.530352][ T4637] loop0: rw=2049, sector=2065, nr_sectors = 8 limit=128
[   56.612075][ T4642] loop1: detected capacity change from 0 to 512
[   56.629877][ T4626] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.644678][ T4642] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.380: casefold flag without casefold feature
[   56.664923][ T4626] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.686859][ T4642] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.380: couldn't read orphan inode 15 (err -117)
[   56.822472][ T3408] lo speed is unknown, defaulting to 1000
[   56.828440][ T3408] syz0: Port: 1 Link DOWN
[   56.835669][   T60] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   56.854862][   T60] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   56.886900][   T60] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   56.901584][   T12] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   56.944995][ T4650] macvlan1: entered promiscuous mode
[   56.952431][ T4650] ipvlan0: entered promiscuous mode
[   56.958691][ T4650] ipvlan0: left promiscuous mode
[   56.964936][ T4650] macvlan1: left promiscuous mode
[   57.329329][ T4670] loop0: detected capacity change from 0 to 512
[   57.344772][ T4670] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.389: Failed to acquire dquot type 1
[   57.357659][ T4670] EXT4-fs (loop0): 1 truncate cleaned up
[   57.363888][ T4670] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.452266][ T4675] loop0: detected capacity change from 0 to 764
[   57.461045][ T4675] rock: directory entry would overflow storage
[   57.467294][ T4675] rock: sig=0x4f50, size=4, remaining=3
[   57.472885][ T4675] iso9660: Corrupted directory entry in block 6 of inode 1792
[   57.627979][ T4687] loop3: detected capacity change from 0 to 512
[   57.634871][ T4687] EXT4-fs: Ignoring removed mblk_io_submit option
[   57.642319][ T4687] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   57.645400][ T4689] random: crng reseeded on system resumption
[   57.661893][ T4687] EXT4-fs (loop3): 1 truncate cleaned up
[   57.809116][ T4699] loop0: detected capacity change from 0 to 512
[   57.809467][ T4699] EXT4-fs: Ignoring removed mblk_io_submit option
[   57.810200][ T4699] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   57.825869][ T4699] EXT4-fs (loop0): 1 truncate cleaned up
[   57.852895][ T4702] loop1: detected capacity change from 0 to 512
[   57.860685][ T4702] EXT4-fs warning (device loop1): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[   57.874202][ T4702] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm.
[   57.886964][ T4702] siw: device registration error -23
[   57.973326][ T4706] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4706 comm=syz.4.403
[   58.004937][ T4708] random: crng reseeded on system resumption
[   58.032437][ T4711] loop1: detected capacity change from 0 to 512
[   58.055294][ T4711] EXT4-fs: Ignoring removed mblk_io_submit option
[   58.072256][ T4713] __nla_validate_parse: 8 callbacks suppressed
[   58.072277][ T4713] netlink: 4 bytes leftover after parsing attributes in process `syz.4.403'.
[   58.096354][ T4711] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   58.117916][ T4715] netlink: 4 bytes leftover after parsing attributes in process `syz.2.406'.
[   58.128508][ T4711] EXT4-fs (loop1): 1 truncate cleaned up
[   58.167274][ T4715] netlink: 4 bytes leftover after parsing attributes in process `syz.2.406'.
[   58.507412][ T4724] loop2: detected capacity change from 0 to 512
[   58.514361][ T4724] EXT4-fs: Ignoring removed mblk_io_submit option
[   58.521327][ T4724] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   58.535948][ T4724] EXT4-fs (loop2): 1 truncate cleaned up
[   58.579788][ T4728] loop3: detected capacity change from 0 to 764
[   58.607920][ T4728] rock: directory entry would overflow storage
[   58.614337][ T4728] rock: sig=0x4f50, size=4, remaining=3
[   58.620003][ T4728] iso9660: Corrupted directory entry in block 6 of inode 1792
[   58.799794][ T4741] FAULT_INJECTION: forcing a failure.
[   58.799794][ T4741] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.812993][ T4741] CPU: 0 UID: 0 PID: 4741 Comm: syz.0.415 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   58.813031][ T4741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   58.813048][ T4741] Call Trace:
[   58.813055][ T4741]  <TASK>
[   58.813064][ T4741]  __dump_stack+0x1d/0x30
[   58.813143][ T4741]  dump_stack_lvl+0xe8/0x140
[   58.813164][ T4741]  dump_stack+0x15/0x1b
[   58.813297][ T4741]  should_fail_ex+0x265/0x280
[   58.813339][ T4741]  should_fail+0xb/0x20
[   58.813369][ T4741]  should_fail_usercopy+0x1a/0x20
[   58.813415][ T4741]  _copy_from_user+0x1c/0xb0
[   58.813449][ T4741]  bpf_test_init+0xdf/0x160
[   58.813491][ T4741]  bpf_prog_test_run_xdp+0x274/0x910
[   58.813532][ T4741]  ? kstrtouint+0x76/0xc0
[   58.813651][ T4741]  ? __rcu_read_unlock+0x4f/0x70
[   58.813685][ T4741]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   58.813777][ T4741]  bpf_prog_test_run+0x227/0x390
[   58.813819][ T4741]  __sys_bpf+0x4b9/0x7b0
[   58.813864][ T4741]  __x64_sys_bpf+0x41/0x50
[   58.813920][ T4741]  x64_sys_call+0x2aea/0x2ff0
[   58.813942][ T4741]  do_syscall_64+0xd2/0x200
[   58.813983][ T4741]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   58.814014][ T4741]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   58.814044][ T4741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.814073][ T4741] RIP: 0033:0x7fd5511debe9
[   58.814093][ T4741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.814147][ T4741] RSP: 002b:00007fd54fc47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   58.814169][ T4741] RAX: ffffffffffffffda RBX: 00007fd551405fa0 RCX: 00007fd5511debe9
[   58.814185][ T4741] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[   58.814201][ T4741] RBP: 00007fd54fc47090 R08: 0000000000000000 R09: 0000000000000000
[   58.814217][ T4741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.814232][ T4741] R13: 00007fd551406038 R14: 00007fd551405fa0 R15: 00007fff748b8638
[   58.814258][ T4741]  </TASK>
[   59.078502][ T4751] loop0: detected capacity change from 0 to 512
[   59.085208][ T4751] EXT4-fs: Ignoring removed mblk_io_submit option
[   59.093209][ T4751] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   59.106311][ T4751] EXT4-fs (loop0): 1 truncate cleaned up
[   59.226309][ T4729] ==================================================================
[   59.234470][ T4729] BUG: KCSAN: data-race in filemap_splice_read / page_cache_sync_ra
[   59.242508][ T4729] 
[   59.244861][ T4729] write to 0xffff888118807228 of 8 bytes by task 4724 on cpu 0:
[   59.252517][ T4729]  filemap_splice_read+0x47e/0x6b0
[   59.257668][ T4729]  ext4_file_splice_read+0x8f/0xb0
[   59.262845][ T4729]  splice_direct_to_actor+0x26f/0x680
[   59.268265][ T4729]  do_splice_direct+0xda/0x150
[   59.273067][ T4729]  do_sendfile+0x380/0x650
[   59.277530][ T4729]  __x64_sys_sendfile64+0x105/0x150
[   59.282767][ T4729]  x64_sys_call+0x2bb0/0x2ff0
[   59.287475][ T4729]  do_syscall_64+0xd2/0x200
[   59.292017][ T4729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.298115][ T4729] 
[   59.300465][ T4729] read to 0xffff888118807228 of 8 bytes by task 4729 on cpu 1:
[   59.308111][ T4729]  page_cache_sync_ra+0x326/0x6c0
[   59.313186][ T4729]  filemap_get_pages+0x2d0/0x1150
[   59.318251][ T4729]  filemap_splice_read+0x333/0x6b0
[   59.323408][ T4729]  ext4_file_splice_read+0x8f/0xb0
[   59.328580][ T4729]  splice_direct_to_actor+0x26f/0x680
[   59.333987][ T4729]  do_splice_direct+0xda/0x150
[   59.338790][ T4729]  do_sendfile+0x380/0x650
[   59.343278][ T4729]  __x64_sys_sendfile64+0x105/0x150
[   59.348529][ T4729]  x64_sys_call+0x2bb0/0x2ff0
[   59.353247][ T4729]  do_syscall_64+0xd2/0x200
[   59.357913][ T4729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.363840][ T4729] 
[   59.366190][ T4729] value changed: 0x0000000000007bc0 -> 0x0000000000007bf0
[   59.373323][ T4729] 
[   59.375724][ T4729] Reported by Kernel Concurrency Sanitizer on:
[   59.381992][ T4729] CPU: 1 UID: 0 PID: 4729 Comm: syz.2.408 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[   59.394005][ T4729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   59.404097][ T4729] ==================================================================
[   59.472974][   T29] kauditd_printk_skb: 852 callbacks suppressed
[   59.472993][   T29] audit: type=1326 audit(1754684479.989:3260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4746 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152950ebe9 code=0x7ffc0000
[   59.502636][   T29] audit: type=1326 audit(1754684479.989:3261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4746 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152950ebe9 code=0x7ffc0000
[   59.545049][ T4757] netlink: 'syz.1.421': attribute type 1 has an invalid length.
[   59.552808][ T4757] netlink: 224 bytes leftover after parsing attributes in process `syz.1.421'.
[   59.641255][   T29] audit: type=1326 audit(1754684480.169:3262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4746 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f152950ebe9 code=0x7ffc0000
[   59.664642][   T29] audit: type=1326 audit(1754684480.169:3263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4746 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152950ebe9 code=0x7ffc0000
[   59.687986][   T29] audit: type=1326 audit(1754684480.169:3264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4746 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152950ebe9 code=0x7ffc0000
[   59.728064][   T29] audit: type=1326 audit(1754684480.259:3265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4746 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f152950ebe9 code=0x7ffc0000
[   59.754652][   T29] audit: type=1326 audit(1754684480.259:3266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4746 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f152950ec23 code=0x7ffc0000
[   59.777863][   T29] audit: type=1326 audit(1754684480.259:3267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4746 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f152950ec23 code=0x7ffc0000
[   59.801480][   T29] audit: type=1326 audit(1754684480.259:3268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4746 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152950ebe9 code=0x7ffc0000
[   59.824936][   T29] audit: type=1326 audit(1754684480.259:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4746 comm="syz.3.418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152950ebe9 code=0x7ffc0000