last executing test programs:

1m43.643325359s ago: executing program 1 (id=2974):
syz_mount_image$vfat(&(0x7f0000001800), &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b2620df1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da017677835a94bb61da8cfaefd4175f2cd82df769aa2ee7bfe3640554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e900000100000149e6d308cbe315789f4baffe39bbced9b1d421d2e290e9fc561a62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8e916f873c102b78c833218500b7242c6131ea886f7d8c2cb5774b4c6225f818c023d81a4d21f1019c70d6a9587ba01ac5b3e61ee121158e8a65ecf02ba84daafd7c3685ad4d72cf8fbe3155c3daba02ec565a2f4a91bad20ce47a5a600480ac49aed88ec4679bbbf28c46967d4e2de"], 0x4, 0x286, &(0x7f00000009c0)="$eJzs289OE1EUx/EfLYiC0CqKgjGe6EY3E6hP0BBIjE00SI1/EpNBptp0aEmnwdSYwM6tD+GKuHRnYnwBNj6BC3dsXLIwjmFaa4slYoyMhe9n0TnN7Znem3OmuYverXuvlkuFwCm4NSX6TP3SuraltBJKqqGveU1E8TG1W9e1sdyni3fuP7iZzeVm583msgvXM2Y2eun9sxdvLn+oDd99O/puUJvpR1tfMp83xzcntr4tPC0GVgysXKmZa4uVSs1d9D1bKgYlx+y277mBZ8Vy4FU7xgt+ZWWlbm55aWRopeoFgbnlupW8utUqVqvWzX3iFsvmOI6NDAm/k9+Yn3ezcc8C/8rr6LVazbozkiZ/Gc9vxDApAAAQM/b/Rxn7/6NgZ///sPn8dmL/DwAAAAAAAAAAAAAAAAAAAABAL9gOw1QYhqkf1wEpOuETNt+fkDQkaVjSSUkjkkYlpSSlNdC6z5ikM5LOShqXdE7SeUkTbfeKdaHoaq/6J/dVf+mUpNPUv2f93fNP/Xsd9T/a2g7uHpeWX67mV/ONa2M8W1BRvjxNKaWvUS2bGvHcjdzslEXSurC81sxfW80nO/OnldppmG75041868wfjPqulZ9RaqfBuuVnOvNbxxyvXmnLd5TSx8eqyNdS1JPN/EFJ02Yzt3K7vn8y+txh51hL1/o5zl7jjfx99Ec41bW+/Zrsj3ftkIL685Lr+16194PE/zENgj2C5GFqtsMfxP3LhIPws+hxzwQAAAAAAAAAAAAAAAAA8CcO4u+Eca8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdvgcAAP//Hd1b8A==")
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2200c10, &(0x7f0000002880)={[{@resgid}]}, 0xff, 0x24b, &(0x7f0000002440)="$eJzs3U1oFGcYB/BnZnebJllK2l4KpR9QSmkDob0VekkvLQRKCKUU2kJKKV6URIgJ3hJPXjzoWSUnL0G8GT1KLsGLIniKmkO8KBo8GDzoYWV2NhLzQdSNO5L5/WCSnd2Zed5h3v+zcxk2gNLqi4jBiKhERH9E1CIi2bjBl/nS11qd7V4cjWg0fn+UNLfL13Pr+/VGxExE/BgRC2kSB6sRU/N/rzxZ+vWbE5O1r8/N/9Xd0ZNsWV1Z/m3t7PDxi0M/TF2/+WA4icGov3Reey/Z5r1qEvHR2yj2jkiqRY+AVzFy9MKtLPcfR8RXzfzXIo384p2ceG+hFt+d2WnfUw9vfNrJsQJ7r9GoZd+BMw2gdNKIqEeSDrTu/euRpgMD+T387UpPemh84kj/gfHJsf+L7lTAXqlHLP9yuetS74b8Z73gXiXPP7B/Zfn/Y2TuTvZ6rVL0aICO+Cz/l+W//9/pb0P+oXTkH8pL/qG85B/KS/6hvOQf9q/GLpmWfygv+Yfykn8oL/mH8tqYfwCgXBpdRT+BDBSl6P4DAAAAAAAAAAAAAAAAAABsNdu9OLq+dKrm1dMRqz9HRHW7+pXm7xFHvN/82/M4yTZ7Icl3a8s/X7R5gDadL/jp6w/uFlv/2ufF1p8ei5g51ppMW+Zf0pp/b+7DXT6v/ddmgdeUbFr/6c/O1t/s2Vyx9YeWIq5k/ef77fpPGp/E/R37Tz27fm3WP/y0zQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQMc8DAAD//ynbbl8=")
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00'}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xffffbfff, 0x0, 0xfffffffffffffffd, 0x1)
pipe2$9p(0x0, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f00000001c0)='GPL\x00'}, 0x94)
fallocate(r0, 0x0, 0x9, 0x2000406)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000200)={0x0, 0x2, 0x8, 0x7f})

1m43.281837886s ago: executing program 1 (id=2978):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
inotify_init1(0x80000)

1m43.083884759s ago: executing program 1 (id=2981):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYRES16], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
pipe2(&(0x7f0000000040), 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fdf7ffff18110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket(0x10, 0x803, 0x0)
recvmmsg(r3, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

1m43.02595377s ago: executing program 1 (id=2982):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x3, 0x84)
r1 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r1, &(0x7f0000001040)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000400)='\b', 0x1}, {&(0x7f0000000180)='-\x00', 0x2}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000024)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000080)={0x2, 'xfrm0\x00', {0x10}, 0x8000})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[], &(0x7f0000000040)=""/249, 0x46, 0xf9, 0x6}, 0x28)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'vlan0\x00', 0x1})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8924, &(0x7f0000000080))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000700)='notify_on_release\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f00000003c0)=0xfffffffffffff2a6, 0x12)
mkdirat$cgroup(r3, &(0x7f0000000040)='syz0\x00', 0x1ff)
sendmsg$inet(r0, &(0x7f0000000a00)={&(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10, &(0x7f00000001c0)=[{&(0x7f00000003c0)="c1090a000000000000001d1e01", 0xd}], 0x1}, 0x0)

1m43.02562867s ago: executing program 1 (id=2983):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001800", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xae, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x2, 0x4, 0x7ffc1ffb}]})
semget$private(0x0, 0x1, 0x0)
semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x1000, 0x1000}], 0x1, 0x0)

1m42.982850542s ago: executing program 1 (id=2985):
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4092}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r4, {0x10, 0xb}, {0x0, 0x4}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x18)
r9 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r9, 0x6, 0x0, 0x0, 0x0)
r10 = fsmount(r9, 0x0, 0x0)
r11 = openat$cgroup_subtree(r10, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r11, &(0x7f0000000040)={[{0x2d, 'cpu'}]}, 0x5)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

1m27.936287939s ago: executing program 32 (id=2985):
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4092}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r4, {0x10, 0xb}, {0x0, 0x4}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x18)
r9 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r9, 0x6, 0x0, 0x0, 0x0)
r10 = fsmount(r9, 0x0, 0x0)
r11 = openat$cgroup_subtree(r10, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r11, &(0x7f0000000040)={[{0x2d, 'cpu'}]}, 0x5)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

2.931692686s ago: executing program 3 (id=4703):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="3400000010001fff684fa02277d97d2478040000040000000000000000", @ANYRES32, @ANYRES16], 0x34}}, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = io_uring_setup(0x2754, &(0x7f0000000080)={0x0, 0xffffdffc, 0x100, 0xfffffffc, 0x145})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYRES64=r0], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f00000001c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = io_uring_setup(0x7cac, &(0x7f00000000c0)={0x0, 0x753a, 0x8, 0x3, 0x1fd})
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0xa0683, 0x0)
r4 = open(&(0x7f0000000140)='./bus\x00', 0x143bc2, 0x1c0)
timer_create(0x3, &(0x7f0000000200)={0x0, 0x21, 0x1, @thr={&(0x7f0000000c00)="3564fcfa2c3e57b887735c6ef5ec23e51846dd6567c35cf758a2dda6fb0e74c28f496b92ce0127c9f9fd9ddee782c8a995047c83a51c3c31c49db4bf78eb5b2e18991f094512367eda807a657d4bcfbbbe4b2d9d6ccc82eb2a81b4157b7ca25165f210319ae3a2324b665cc18aebb7edda7142366ecf2232a42fabe677a6e45b3341d04fd436bf6925aee24a6fb425b7aeba6ac95c856530ffea307bdea6b61d2879f144078829d289d8020000000000000015ce248ce7e2ffe8093a75c688363c65111f83d60ccc33fe28e6edb2c710e99a646f76a0ef57836a5afa79b1f77c43774faa3888b4e70dc60900d9cc9aec7fe8f1c2cccd467f000000b5c448a5d068b029b1f0bc2bd50af01bda555917198ed1408a4b245858db343aa4ae510800bebc795a2929ce42ca3cc84e7faf615da6fc423420a1595b27e183a3f84e8507c279d5b909349db4286001c16015546b9224cadbdcc6721862258279931f437b5b9bb6212664d527f18ce25e92b36ca272b0ff44bdf8a315eb3c90a0374004effcf3730321", &(0x7f0000000500)="ae34e5d8a3707b23d631258d17dfa81be82d31d55f7ac9a61666f8d9a19a6d76d4aa87a1a7eaf6335fcbb64591435b2465154818902f79b45e662a1f102579f8aa8c6d5afa48a50ba75a1da41162c5e3294397267677149c63cbaf7433ae6d8ab02ad0594537f74bbca083567b8964f081e916a7d84d468107506dc39fccc74fe2a6178adcd78b828966d4c30b3d80048b2980604caaa42a58702a7d60bde01ecc36c10e7bb1b2cb744831a846b15dccc0781465e665a9bc95af602c8bef5bfde79ec7a180"}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
fcntl$setlease(r4, 0x400, 0x1)
setreuid(0xee01, 0x0)
r5 = syz_pidfd_open(0x0, 0x0)
setns(r5, 0x24020000)
syz_clone(0x120e111f, 0x0, 0x13, 0x0, 0x0, 0x0)
open(&(0x7f0000000240)='./bus\x00', 0x100, 0x2)
open$dir(&(0x7f0000000000)='./bus\x00', 0x80000, 0x4c)
close(r4)
close_range(r3, 0xffffffffffffffff, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
chmod(&(0x7f00000001c0)='./bus\x00', 0x30)

2.69345469s ago: executing program 3 (id=4708):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r4}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$kcm(0x21, 0x2, 0x2)
recvmsg$kcm(r5, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000800)='kfree_skb\x00', r2}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r6}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000003a00)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x9}}, 0x10, 0x0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r7}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000200)={[0xffffffff]}, 0x0, 0x8)

2.660240061s ago: executing program 2 (id=4709):
r0 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r0, 0x1, 0xea, 0xa6ff, {{}, {0x0, 0x3}, {0x14, 0x19, {0x0, 0x8}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4058}, 0x0)

2.613637722s ago: executing program 3 (id=4710):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="3400000010001fff684fa02277d97d2478040000040000000000000000", @ANYRES32, @ANYRES16], 0x34}}, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = io_uring_setup(0x2754, &(0x7f0000000080)={0x0, 0xffffdffc, 0x100, 0xfffffffc, 0x145})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000200)={0x2, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000100)=""/34, 0x22}], &(0x7f0000000a80)=[0xb], 0x1}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYRES64=r0], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f00000001c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = io_uring_setup(0x7cac, &(0x7f00000000c0)={0x0, 0x753a, 0x8, 0x3, 0x1fd})
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0xa0683, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
open(&(0x7f0000000240)='./bus\x00', 0x100, 0x2)
open$dir(&(0x7f0000000000)='./bus\x00', 0x80000, 0x4c)
close_range(r3, 0xffffffffffffffff, 0x0)

2.612857982s ago: executing program 0 (id=4711):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014800000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bridge0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0), 0x60101, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xe, 0x0, &(0x7f0000000300)="0101000071a78326c799dbe888a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ff9}]})
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="fb4e8403aa2e08ae02b69b9b95e2aaf61d0700000000000000000000d86ff0f8396088e403adc534dc25", @ANYRES32, @ANYBLOB="1000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1}, 0x20)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')

2.410274245s ago: executing program 2 (id=4715):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fdf7ffff181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[])

2.389678586s ago: executing program 3 (id=4717):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r4}, 0x10)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd9e3fe3dceb48aa31086b8703110000001fa1ff0000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r7}, 0x10)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r9, &(0x7f0000000300)={0x12, 0x10, 0xfa00, {0x0}}, 0x18)
r10 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$NL80211_CMD_SET_KEY(0xffffffffffffffff, 0x0, 0x80)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
r12 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@o_path={&(0x7f00000002c0)='./file0\x00', 0x0, 0x0, r8}, 0x18)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x4032}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x0, 0x12, &(0x7f0000000e40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r10}}, {}, [@exit, @map_val={0x18, 0x8, 0x2, 0x0, r12, 0x0, 0x0, 0x0, 0xc}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000100)='syzkaller\x00', 0x2d83c067, 0x25, &(0x7f0000000180)=""/37, 0x41000, 0x8, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x5, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, r7, 0x4, &(0x7f0000000680), &(0x7f00000006c0)=[{0x4, 0x5, 0xf}, {0x1, 0x4, 0x7, 0x5}, {0x0, 0x2, 0xe, 0x2}, {0x5, 0x4, 0x10, 0xb}], 0x10, 0x400}, 0x94)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0082b9689459820311c72c83e80000", @ANYRES16=r11, @ANYBLOB="796100000000000000007e00000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x4000054)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)

2.276897268s ago: executing program 2 (id=4718):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="3400000010001fff684fa02277d97d2478040000040000000000000000", @ANYRES32, @ANYRES16], 0x34}}, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = io_uring_setup(0x2754, &(0x7f0000000080)={0x0, 0xffffdffc, 0x100, 0xfffffffc, 0x145})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYRES64=r0], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f00000001c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = io_uring_setup(0x7cac, &(0x7f00000000c0)={0x0, 0x753a, 0x8, 0x3, 0x1fd})
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0xa0683, 0x0)
r4 = open(&(0x7f0000000140)='./bus\x00', 0x143bc2, 0x1c0)
timer_create(0x3, &(0x7f0000000200)={0x0, 0x21, 0x1, @thr={&(0x7f0000000c00)="3564fcfa2c3e57b887735c6ef5ec23e51846dd6567c35cf758a2dda6fb0e74c28f496b92ce0127c9f9fd9ddee782c8a995047c83a51c3c31c49db4bf78eb5b2e18991f094512367eda807a657d4bcfbbbe4b2d9d6ccc82eb2a81b4157b7ca25165f210319ae3a2324b665cc18aebb7edda7142366ecf2232a42fabe677a6e45b3341d04fd436bf6925aee24a6fb425b7aeba6ac95c856530ffea307bdea6b61d2879f144078829d289d8020000000000000015ce248ce7e2ffe8093a75c688363c65111f83d60ccc33fe28e6edb2c710e99a646f76a0ef57836a5afa79b1f77c43774faa3888b4e70dc60900d9cc9aec7fe8f1c2cccd467f000000b5c448a5d068b029b1f0bc2bd50af01bda555917198ed1408a4b245858db343aa4ae510800bebc795a2929ce42ca3cc84e7faf615da6fc423420a1595b27e183a3f84e8507c279d5b909349db4286001c16015546b9224cadbdcc6721862258279931f437b5b9bb6212664d527f18ce25e92b36ca272b0ff44bdf8a315eb3c90a0374004effcf3730321", &(0x7f0000000500)="ae34e5d8a3707b23d631258d17dfa81be82d31d55f7ac9a61666f8d9a19a6d76d4aa87a1a7eaf6335fcbb64591435b2465154818902f79b45e662a1f102579f8aa8c6d5afa48a50ba75a1da41162c5e3294397267677149c63cbaf7433ae6d8ab02ad0594537f74bbca083567b8964f081e916a7d84d468107506dc39fccc74fe2a6178adcd78b828966d4c30b3d80048b2980604caaa42a58702a7d60bde01ecc36c10e7bb1b2cb744831a846b15dccc0781465e665a9bc95af602c8bef5bfde79ec7a180"}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
fcntl$setlease(r4, 0x400, 0x1)
setreuid(0xee01, 0x0)
r5 = syz_pidfd_open(0x0, 0x0)
setns(r5, 0x24020000)
syz_clone(0x120e111f, 0x0, 0x13, 0x0, 0x0, 0x0)
open(&(0x7f0000000240)='./bus\x00', 0x100, 0x2)
open$dir(&(0x7f0000000000)='./bus\x00', 0x80000, 0x4c)
close(r4)
close_range(r3, 0xffffffffffffffff, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
chmod(&(0x7f00000001c0)='./bus\x00', 0x30)

1.847419716s ago: executing program 3 (id=4724):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x14, &(0x7f0000000140)={<r2=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a80)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xc, 0x4}, {}, {0xb, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x24, 0x2, [@TCA_U32_POLICE={0x18, 0x6, [@TCA_POLICE_RESULT={0x8, 0x5, 0x200}, @TCA_POLICE_RATE64={0xc, 0x8, 0x3d}]}, @TCA_U32_CLASSID={0x8, 0x1, {0xfff1, 0x1}}]}}]}, 0x50}}, 0x20040054)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8000003, 0x0, 0x0, 0x41000, 0x4, '\x00', r6, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e24, 0x40003, @mcast1}, {0x2, 0xfff9, 0xc00, @remote, 0xffffffff}, r2, 0x9dffffff}}, 0x48)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r8, 0x40505330, &(0x7f0000000e80)={0x800100, 0xffffffff, 0x22, 0xe1d9, 0x1101, 0xff})
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB="e7ff56fbffffffffffff0000006ddb0106491af96300", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00'}, 0x10)
syz_io_uring_setup(0x75f1, &(0x7f0000000340)={0x0, 0x7bc3, 0x1000, 0x3, 0x1e9, 0x0, r0}, &(0x7f0000000280)=<r9=>0x0, &(0x7f00000003c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x104, &(0x7f0000000400)=0x5, 0x0, 0x4)
sendmsg$inet(r0, &(0x7f0000000e40)={&(0x7f0000000640)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000bc0), 0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="14000000000000000000000002000000cb0a00000000000044000000000000000000000007000000860a000000030704764689275464010102ac1414aa6401010064010102ac1414aaffffffff64010102ac1414bb0a010101000000000000001c000000000000000000000008000000", @ANYRES32=r6, @ANYBLOB="ac14140ce00000010000000004010000000000000000000007000000001105fd88fac48d16455f2c414326c3542bbf420a00000102010f18f2fb0a086caa21c33d75a730010b141dd86a5a2abf7a8e050f47978c4504e0e8ba4cbb93a0940111b63476d1162bd823f68d76f50ab34e0012894584f2bcb1fa2b2a7265b3a0aae8b2441cdd53000000c0000000807f000001007d13e0c660a981df000057443c26310a01010000000002e000000100000008e000000100000000ffffffff000099deac1414aa00008000ac1414aaffffffff64010102ffffffff4434a0b300000000000000007f00000100000006ac1414bb00000b64ffffffff00000236e000000100000003e0000002fffffff7000000000000001100000000000000000000000100000009000000000000001400000000000000000000000200000000000000000000001100000000000000000000000100000054000000000000001400000000000000000000000200000080040000000000001c00000000000000000000000800000031891ee47039e0d8772ee83ab4f3abb0241a2ccf17463dd87ab42b6b8a60d15bb03b899c10e87b72bebbc69ef8ac23695983f41ff62080b5f0e9de67fffbae1e95c233df9ec94cd6bd491948f943af92c4da9ff60b801749cae61963e3fd5b99de624daab2ee10c041e5738aa3c4cf251016b3e54c38861315c3d6cea9e757094aed9c3d68f7692fc2dc424a17f2c7", @ANYRES32=r6, @ANYBLOB="64010102e000000100000000"], 0x208}, 0x4004)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r0, 0x5)

1.824983206s ago: executing program 2 (id=4725):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@debug}, {@norecovery}]}, 0x9, 0x458, &(0x7f0000002240)="$eJzs28tvG8UfAPDvbuz2lz5+MVV59AEECqLikTRpKT1wAAQSB5CQ4FCOIUmrUrdBTZBoVUFBqBxRJe6IIxJ/ASe4IOCExBU4o0oV6qUtJ6O1dxvbtdPW2HWoPx9p45ndsWa+nh17dicbwMiazP4kEVsi4reImGhkWwtMNl6uXj47f+3y2fkkarU3/0rq5a5cPjtfFC3et7nIlCLST5PY1aHe5dNnjs9Vq4un8vz0yon3ppfHzzxz7MTc0cWjiydnDx06sH/muYOzz/YlziyuKzs/XNq949W3L7w+f/jCOz99kxTxt8XRJ5Md95YaL4/Xan2ubri2NqWT0hAbwm0Zy0/Jcn38T8RYrHbeRLzyyVAbBwxUrVar3df98LkacBdLYtgtAIaj+KHPrn+L7Q5NPdaFSy82LoCyuK/mW+NIKdK8TLnt+rafJiPi8Lm/v8y2aL8PMT6gSgGAkfZdNv95utP8L43m+0L/z9dQKhFxT0Rsi4iDEbE9Iu6NqJe9PyIeuGmNl1py7YskN84/04s9B3cLsvnf8/naVuv8r5j9RWUsz22tx19OjhyrLu7LP5O9Ud6Y5WfWqOP7l3/9vNux5vlftmX1F3PBvB0XSxtb37MwtzL3b2JudunjiJ2lTvEn11cCkojYEREv9FjHsSe/3t3tWJf4W9cgu+nDOlPtq4gnGv1/LtriLyTX1ydPd1qfnP5fVBf3TRdnxY1+/uX8G93qv3n/D1bW/5s6nv9F/H9Ukub12uXbr+P87591vabs9fzfkLzVsu+DuZWVUzMRG5LX6vlK8/7ZtnKzq+Wz+Pfu6Tz+t8XqJ7ErIrKT+MGIeCgiHs7b/khEPBoRe9aI/8eXHnu39/gHK4t/Yc3+j7b+X01siPY9nRNjx3/4tqXSyu3En/X/gXpqb77nVr7/bqVdvZ3NAAAA8N+TRsSWSNKp6+k0nZpq/A//9tiUVpeWV546svT+yYXGMwKVKKfFna6JpvuhM/llfZGfbcvvz+8bfzE2Xs9PzS9VF4YdPIy4zV3Gf+bPsWG3Dhg4z2vB6DL+YXQZ/zCarrU9CASMlg6//x49gxHRaf7/0RDaAdx5beN/zWU/EwO4u7j/B6PL+IfRZfzDSFoej5s/JH93JNKIWAfNaE2UI2IdNKOHRKTrohkSA0oM+5sJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgP/4JAAD//5nH7E0=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000008c0)="3bf58d7d45d32cfe1da7c797b82fee444b42785c24a868a4046cf670ba8f376c429a424fcc374c08887b", 0x2a)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000bc0)=@delchain={0x224, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0xffffffff}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x1d8, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x1c0, 0x1, [@m_simple={0x184, 0x1e, 0x0, 0x0, {{0xb}, {0xdc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x6, 0x3, '-\x00'}, @TCA_DEF_DATA={0x5, 0x3, '\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x8, 0x2, 0x20000000, 0x8, 0x13b}}, @TCA_DEF_PARMS={0x18, 0x2, {0x3304, 0x7, 0x10000000, 0xf65e, 0x1}}, @TCA_DEF_DATA={0x97, 0x3, 'K\xea\x19Q\xab\x1b\\7\xf0P\xfa\xc0\xa9\x1d|\xdbH\xb22%\xf7\x14x\xddD\x96.\x15\xfdA\xba\xb4\xc6\xbb\'\xe7+\x9c\x80\x1e\xafQ\xe5\xa4<*\xbc\xe3\xb8\xb0?\xdc\x7f\xcd\x99j\'\xfc\x99\xb3\x9a\x9c\xd1\xbeD\x12.!\xf7\xad|\x0f\xde\xf1lt7v\xc1}\x1e\v\xa4?\xc5K t\x8b\xbe\x1b|\x87K\xd2\x1a0-\xb0\xbf\xbbv\x91\xe2G\xab\x05J\xc0G\xcd\x8aI\xa0\x99\xb2k\xe60S\xb2\xe0\xaf\xd0\x10\xec\x1bS%>\x9aa\x95)M\xc3\xefK[PV\x91=\xe9\x8f<T'}]}, {0x7d, 0x6, "b83be43ce3f0453fdb55a3fbb55ce131cf300b92efaf853271bbac333e650817fc6029bf8265bde8d86f1542fce993992ec472fc2cf0229c29df9308275aa845e17dc1e479ef3bdaac2b22173aa0db0c5c17daa5d8bfdc1952fbe903567065fbecf72fa157c3aaac70e46ef54a9edbaa0fa0c723674743dac2"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_simple={0x38, 0x1e, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'bpf\x00'}]}, {0x4}, {0xc, 0x7, {0x0, 0x79d0f023c2b305dd}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}}, @filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x224}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000540)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0}, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0xc00, 0x0)
ioctl$RTC_IRQP_READ(r3, 0x8008700b, &(0x7f0000000080))
sendto(r2, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

1.717017048s ago: executing program 0 (id=4728):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
futimesat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)={{0x0, 0x2710}})
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
write$selinux_load(r4, &(0x7f0000000000)=ANY=[], 0x603f)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000c80)={'lo\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x0, 0x0, 0x7fffffff}}}}]}, 0x4c}}, 0x0)
connect$can_bcm(r5, &(0x7f00000002c0)={0x1d, r12}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r13 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r13, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x38, 0x1403, 0x1, 0x0, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'vxcan1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x200c08a5}, 0x8000)
socket$kcm(0x21, 0x2, 0x2)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x900, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xfffffffffffffe44}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

1.390786284s ago: executing program 4 (id=4733):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
futimesat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)={{0x0, 0x2710}})
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
write$selinux_load(r4, &(0x7f0000000000)=ANY=[], 0x603f)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000c80)={'lo\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x0, 0x0, 0x7fffffff}}}}]}, 0x4c}}, 0x0)
connect$can_bcm(r5, &(0x7f00000002c0)={0x1d, r12}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r13 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r13, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x38, 0x1403, 0x1, 0x0, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'vxcan1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x200c08a5}, 0x8000)
socket$kcm(0x21, 0x2, 0x2)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x900, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xfffffffffffffe44}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

1.375368305s ago: executing program 0 (id=4734):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r4}, 0x10)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd9e3fe3dceb48aa31086b8703110000001fa1ff0000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r7}, 0x10)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r9, &(0x7f0000000300)={0x12, 0x10, 0xfa00, {0x0}}, 0x18)
r10 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$NL80211_CMD_SET_KEY(0xffffffffffffffff, 0x0, 0x80)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
r12 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@o_path={&(0x7f00000002c0)='./file0\x00', 0x0, 0x0, r8}, 0x18)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x4032}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x0, 0x12, &(0x7f0000000e40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r10}}, {}, [@exit, @map_val={0x18, 0x8, 0x2, 0x0, r12, 0x0, 0x0, 0x0, 0xc}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000100)='syzkaller\x00', 0x2d83c067, 0x25, &(0x7f0000000180)=""/37, 0x41000, 0x8, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x5, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, r7, 0x4, &(0x7f0000000680), &(0x7f00000006c0)=[{0x4, 0x5, 0xf}, {0x1, 0x4, 0x7, 0x5}, {0x0, 0x2, 0xe, 0x2}, {0x5, 0x4, 0x10, 0xb}], 0x10, 0x400}, 0x94)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0082b9689459820311c72c83e80000", @ANYRES16=r11, @ANYBLOB="796100000000000000007e00000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x4000054)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)

1.358471655s ago: executing program 3 (id=4735):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x40000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x600, &(0x7f0000000580)={&(0x7f0000000540)={0x14, 0x0, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1, 0x0, 0x300}, 0x1f00)
r3 = socket(0x10, 0x3, 0x6)
r4 = socket(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r6}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000040)={'team0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
modify_ldt$write(0x1, &(0x7f0000000040)={0x401, 0x100000, 0x4000, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1}, 0x10)
modify_ldt$read(0x0, &(0x7f0000000f40)=""/4089, 0xff9)

1.147272419s ago: executing program 4 (id=4738):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014800000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bridge0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0), 0x60101, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xe, 0x0, &(0x7f0000000300)="0101000071a78326c799dbe888a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ff9}]})
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="fb4e8403aa2e08ae02b69b9b95e2aaf61d0700000000000000000000d86ff0f8396088e403adc534dc25", @ANYRES32, @ANYBLOB="1000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1}, 0x20)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')

1.027819821s ago: executing program 0 (id=4740):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8ab8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r5=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0xb, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r5, 0xffffffffffffffff, 0x0, 0x4002}, 0x50)
r6 = socket(0x10, 0x803, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$fou(&(0x7f0000000340), r6)
sendmsg$FOU_CMD_DEL(r8, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c7b00001ac48193f0bdd220267e3bd3ccc355a0a140ff481c257948c614283f5dc5b2b2f8d5f213461ad00afab2a7cddfea79986b22393acd0529496b1682282be529d4e056c74ece185fb0157926b6e2b8f6f15d", @ANYRES16=r9, @ANYBLOB="20002dbd7000ffdbdf250200000008000600e000000208000800ffffffff0500040000000000"], 0x2c}, 0x1, 0x0, 0x0, 0xb2a321ca430bcf74}, 0x1)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r10=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x74, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x48, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x1, 0x1, 0x3, 0x1, 0x4, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x6783, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}]}}]}, 0x74}}, 0x24040084)

980.844761ms ago: executing program 0 (id=4741):
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r0, 0x0, 0x8)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="b9eaf60e13ad2f757066dad0f6e96479714efafa3baa39855b5555583fcd9f66189d5d4de992650c5f5be98baa74cb42d6d2420ec2d87f59", @ANYRES64=r0, @ANYRES32=r0, @ANYRESDEC=r0, @ANYRES8=r1, @ANYRESOCT=r0, @ANYBLOB="44f9f0cb9d1040497ef0fd3007cadbaf4db10fd86e529755a68f4a4d57b625f665bc445d6b76"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x2b, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYRES64=r1], &(0x7f0000000280)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000340), 0x6}, 0x0, 0x7, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r4, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYRESHEX=r1, @ANYRES16=r3, @ANYRESOCT, @ANYRES32=r1, @ANYRES16], 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='kfree\x00', r3}, 0x10)
close(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0x4}, 0x18)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000980)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e000000000003000000000000004000000000000000980100000000000002000000000038000200000002000000000000600300000008000000000000000d00000000000000ed08000000000000f0ffffffffffffff0000000000000000080000000000000003000000cff5ffff800300000000000001000000000000000500000000000000ff"], 0x5b0)
close(0xffffffffffffffff)
ioctl$VT_ACTIVATE(r0, 0x5606, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10)

626.333878ms ago: executing program 5 (id=4744):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e27, 0x1, @mcast1, 0x22}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="10000000000000002900000037"], 0x18}}], 0x2, 0x4004844)

517.82428ms ago: executing program 5 (id=4745):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), 0x0}, 0x20)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000100), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000001300)=@gcm_256={{0x304}, "67c3f71b0f188109", "2c9e910757c2725dd5795f705ac44b9d43498e33fe93a0c9001c5c65f7107d0d", "ddfb00", "5a3e2c1b40238e79"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "54164ace030000f5", "faad50724acb18aba4e3bc654d684ad9c694f3e96ca4b72643dd3689727968e9", "5cb6d03a", "29a78ab9b0a4e8ae"}, 0x38)

402.717332ms ago: executing program 5 (id=4746):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=r0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003000f"], 0x48}}, 0x40000)

390.310442ms ago: executing program 2 (id=4747):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f0000000280)={0x0, 0x9dc5, 0x2, 0x0, 0x3})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x5, 0x8, 0x8, 0x0, 0x800, r0, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x1}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000140)=r4, 0x4)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)=ANY=[@ANYBLOB="44000000020605000000000000000000000000000c000300686173683a69700005000400000000000900020073797a31000000"], 0x44}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x20)
symlinkat(&(0x7f0000000000)='.\x00', r8, &(0x7f0000000140)='./file0\x00')
openat(r8, &(0x7f0000000200)='./file0\x00', 0x414f02, 0x52abe154ad664fa4)
r9 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000180)={'team0\x00', <r10=>0x0})
r11 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r12, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a80)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r12, {0xc, 0x4}, {}, {0xb, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x30, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0x3, 0xa, 0x1, 0xed8, 0x7, 0x8c, 0x40, 0x925e, [{0x101, 0x6, 0x200, 0x3}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0xfff1, 0xd}}]}}]}, 0x5c}}, 0x20040054)
sendmsg$TEAM_CMD_NOOP(r8, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000740)={0x198, r9, 0x800, 0x70bd27, 0x25dfdbfc, {}, [{{0x8, 0x1, r10}, {0x17c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r12}}}, {0x3c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0xc, 0x4, [{0x3, 0x2, 0x55, 0x8}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x100}}, {0x8}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}]}, 0x198}, 0x1, 0x0, 0x0, 0x800}, 0x8001)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x24000004)

349.192634ms ago: executing program 5 (id=4748):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9)

319.624174ms ago: executing program 5 (id=4749):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
futimesat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)={{0x0, 0x2710}})
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
write$selinux_load(r4, &(0x7f0000000000)=ANY=[], 0x603f)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000c80)={'lo\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x0, 0x0, 0x7fffffff}}}}]}, 0x4c}}, 0x0)
connect$can_bcm(r5, &(0x7f00000002c0)={0x1d, r12}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000280)={0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r13 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r13, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x38, 0x1403, 0x1, 0x0, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'vxcan1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x200c08a5}, 0x8000)
socket$kcm(0x21, 0x2, 0x2)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x900, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xfffffffffffffe44}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

319.146374ms ago: executing program 0 (id=4750):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="3400000010001fff684fa02277d97d2478040000040000000000000000", @ANYRES32, @ANYRES16], 0x34}}, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = io_uring_setup(0x2754, &(0x7f0000000080)={0x0, 0xffffdffc, 0x100, 0xfffffffc, 0x145})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000200)={0x2, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000100)=""/34, 0x22}], &(0x7f0000000a80)=[0xb], 0x1}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYRES64=r0], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f00000001c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x143bc2, 0x1c0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
fcntl$setlease(r3, 0x400, 0x1)
open(&(0x7f0000000240)='./bus\x00', 0x100, 0x2)
open$dir(&(0x7f0000000000)='./bus\x00', 0x80000, 0x4c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

252.201075ms ago: executing program 4 (id=4751):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8ab8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r5=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0xb, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r5, 0xffffffffffffffff, 0x0, 0x4002}, 0x50)
r6 = socket(0x10, 0x803, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$fou(&(0x7f0000000340), r6)
sendmsg$FOU_CMD_DEL(r8, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c7b00001ac48193f0bdd220267e3bd3ccc355a0a140ff481c257948c614283f5dc5b2b2f8d5f213461ad00afab2a7cddfea79986b22393acd0529496b1682282be529d4e056c74ece185fb0157926b6e2b8f6f15d", @ANYRES16=r9, @ANYBLOB="20002dbd7000ffdbdf250200000008000600e000000208000800ffffffff0500040000000000"], 0x2c}, 0x1, 0x0, 0x0, 0xb2a321ca430bcf74}, 0x1)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r10=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x74, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x48, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x1, 0x1, 0x3, 0x1, 0x4, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x6783, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}]}}]}, 0x74}}, 0x24040084)

247.409055ms ago: executing program 2 (id=4752):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@debug}, {@norecovery}]}, 0x9, 0x458, &(0x7f0000002240)="$eJzs28tvG8UfAPDvbuz2lz5+MVV59AEECqLikTRpKT1wAAQSB5CQ4FCOIUmrUrdBTZBoVUFBqBxRJe6IIxJ/ASe4IOCExBU4o0oV6qUtJ6O1dxvbtdPW2HWoPx9p45ndsWa+nh17dicbwMiazP4kEVsi4reImGhkWwtMNl6uXj47f+3y2fkkarU3/0rq5a5cPjtfFC3et7nIlCLST5PY1aHe5dNnjs9Vq4un8vz0yon3ppfHzzxz7MTc0cWjiydnDx06sH/muYOzz/YlziyuKzs/XNq949W3L7w+f/jCOz99kxTxt8XRJ5Md95YaL4/Xan2ubri2NqWT0hAbwm0Zy0/Jcn38T8RYrHbeRLzyyVAbBwxUrVar3df98LkacBdLYtgtAIaj+KHPrn+L7Q5NPdaFSy82LoCyuK/mW+NIKdK8TLnt+rafJiPi8Lm/v8y2aL8PMT6gSgGAkfZdNv95utP8L43m+0L/z9dQKhFxT0Rsi4iDEbE9Iu6NqJe9PyIeuGmNl1py7YskN84/04s9B3cLsvnf8/naVuv8r5j9RWUsz22tx19OjhyrLu7LP5O9Ud6Y5WfWqOP7l3/9vNux5vlftmX1F3PBvB0XSxtb37MwtzL3b2JudunjiJ2lTvEn11cCkojYEREv9FjHsSe/3t3tWJf4W9cgu+nDOlPtq4gnGv1/LtriLyTX1ydPd1qfnP5fVBf3TRdnxY1+/uX8G93qv3n/D1bW/5s6nv9F/H9Ukub12uXbr+P87591vabs9fzfkLzVsu+DuZWVUzMRG5LX6vlK8/7ZtnKzq+Wz+Pfu6Tz+t8XqJ7ErIrKT+MGIeCgiHs7b/khEPBoRe9aI/8eXHnu39/gHK4t/Yc3+j7b+X01siPY9nRNjx3/4tqXSyu3En/X/gXpqb77nVr7/bqVdvZ3NAAAA8N+TRsSWSNKp6+k0nZpq/A//9tiUVpeWV546svT+yYXGMwKVKKfFna6JpvuhM/llfZGfbcvvz+8bfzE2Xs9PzS9VF4YdPIy4zV3Gf+bPsWG3Dhg4z2vB6DL+YXQZ/zCarrU9CASMlg6//x49gxHRaf7/0RDaAdx5beN/zWU/EwO4u7j/B6PL+IfRZfzDSFoej5s/JH93JNKIWAfNaE2UI2IdNKOHRKTrohkSA0oM+5sJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgP/4JAAD//5nH7E0=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000008c0)="3bf58d7d45d32cfe1da7c797b82fee444b42785c24a868a4046cf670ba8f376c429a424fcc374c08887b", 0x2a)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000bc0)=@delchain={0x224, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0xffffffff}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x1d8, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x1c0, 0x1, [@m_simple={0x184, 0x1e, 0x0, 0x0, {{0xb}, {0xdc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x6, 0x3, '-\x00'}, @TCA_DEF_DATA={0x5, 0x3, '\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x8, 0x2, 0x20000000, 0x8, 0x13b}}, @TCA_DEF_PARMS={0x18, 0x2, {0x3304, 0x7, 0x10000000, 0xf65e, 0x1}}, @TCA_DEF_DATA={0x97, 0x3, 'K\xea\x19Q\xab\x1b\\7\xf0P\xfa\xc0\xa9\x1d|\xdbH\xb22%\xf7\x14x\xddD\x96.\x15\xfdA\xba\xb4\xc6\xbb\'\xe7+\x9c\x80\x1e\xafQ\xe5\xa4<*\xbc\xe3\xb8\xb0?\xdc\x7f\xcd\x99j\'\xfc\x99\xb3\x9a\x9c\xd1\xbeD\x12.!\xf7\xad|\x0f\xde\xf1lt7v\xc1}\x1e\v\xa4?\xc5K t\x8b\xbe\x1b|\x87K\xd2\x1a0-\xb0\xbf\xbbv\x91\xe2G\xab\x05J\xc0G\xcd\x8aI\xa0\x99\xb2k\xe60S\xb2\xe0\xaf\xd0\x10\xec\x1bS%>\x9aa\x95)M\xc3\xefK[PV\x91=\xe9\x8f<T'}]}, {0x7d, 0x6, "b83be43ce3f0453fdb55a3fbb55ce131cf300b92efaf853271bbac333e650817fc6029bf8265bde8d86f1542fce993992ec472fc2cf0229c29df9308275aa845e17dc1e479ef3bdaac2b22173aa0db0c5c17daa5d8bfdc1952fbe903567065fbecf72fa157c3aaac70e46ef54a9edbaa0fa0c723674743dac2"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_simple={0x38, 0x1e, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'bpf\x00'}]}, {0x4}, {0xc, 0x7, {0x0, 0x79d0f023c2b305dd}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}}, @filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x224}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000540)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0}, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0xc00, 0x0)
ioctl$RTC_IRQP_READ(r3, 0x8008700b, &(0x7f0000000080))
sendto(r2, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

104.441558ms ago: executing program 4 (id=4753):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
lsetxattr$trusted_overlay_nlink(0x0, &(0x7f0000000140), 0x0, 0x0, 0x3)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x102)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000580)='./file0\x00', 0x3)

80.886818ms ago: executing program 5 (id=4754):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='rss_stat\x00', r0}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x800000, &(0x7f0000000500)=ANY=[@ANYRES8=0x0, @ANYRESHEX, @ANYRESOCT, @ANYRES32, @ANYRESHEX=0x0, @ANYBLOB="a1fffd2e4c38a7b17fef1a78ad1943012e7b7711a1517cd8b4288a2fbb7d202d8c4a1809add074e6dde0703158125f2f114c49f5ee5f249d63ac0d851c212ccd8d82b7c694ead23c417021e8bc78d646d07e3513568bb81d2179a012dcdcb845b0a58b6d5e46a177de56e3e77ed573967e4eea299078019693ca486edbaa44e947802c7f46f1de18cf7f0e1af02964d04cc84d979855e8d3a3fda262f6a7d2b4b4849fd880c9b9af9be818ba05386754a3505e833ca0b9770f63e91f3a9a04e9fca51d88273d5491ed", @ANYRES8=0x0], 0x3, 0x7f0, &(0x7f0000001d80)="$eJzs3U9sHFcZAPBvXbsJLoqqUqUhStNJWqRUSt31unWxemi367Ezrb1r7a5RIkBt1DhVFKetWiqoD6S5tICKECeOhWtvXBAICSQOwAmJHrhwq9QTKggkBEJIRjO76/jPru00cRLa38+K53n2m/e+N57Mt2N7ZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiFJtulweL8VcVl88nWwxFBHJvd3Y+S0Pr66urnZavf5+vWGxzbgRpfxf7N8fhzqrDt179eGD+afjcaTz1ZHYny/2x8pdB+9+8gvDQ73ttyZ83Y7tMq4U8Vae1MWzy8tLr+1BIjfR93653aPD/Vb+u/i+z6b1rNXI5quzaZK1GsnU5GT50VMzrWQmm0tbZ1rtdD6pNdNqu9FMTtQeTsanpiaSdOxMY7E+O12dS3srn3ikUi5PJs+OXY6IVqP+6LNjrdqpbG4uq88WMZXyNyOPeSKpTTefy9pJO63OJ8n5C8tLEzvNLg8a37J2JD+yC0ceuvujNz78x4Wl/IAc1Empe2BWxscrlfHJx6cef6JcHq6UKxtXlDeJtYgYisgj9uSg5fYxFIOPosKNOXHDDTDUrf8xF1nUYzFOR9LnYyRqMR3NaMR8/vWfRrZEdPXq/5ce/esftht3ff3vVflDVx8+HEX9P9r56uig+t831xv5MdTNZ9Djr8ebsRIX42wsx3IsxWt7ntF1fgztOvLY53cRNRtp1COLVjQii/moFmuS7pokpmIyJqMcz8epmIlWJDETWcxFGq04E61oR1ocUbVoRhrVaEcjmpHEiajFw5HEeEzFVExEEmmMxZloxGLUYzamo1r0cj4uFPt9YlNeB7/9wi9e+uNH7+XttaDxbSZSyp/M5UF/3yZoS7nfff1fjW6E+v9Zd4PP4PDJrfbqPwAAAPCpVSp++p5f/4/E/UVrJptLv3qr0wIAAABuoOI3/0fyxUjeuj9K+fV/uU/kBzc9NwAAAODGKBWvsStFxGg80Gn1Xi7V74cAAAAAwP+h4vf/R/PFaMTlYoXrfwAAAPiU+c6ge+x/2LvHbmthX+lXf4tmc6R0ZeH0Q6VL1TyueumOznbdxVfWemzPHC7tj04nRV+Twyt3lSJiuJYeKfXufvnffZ3lx8Xnw8Nrmw+6139pUwJrW9yxeUp5AgdWNiVwsBj43TjWiTl2rrMc7ibavSPx6EwWb0U05p4sbomY/2u/8fKFb0Ux/e/W5w+U4vyF5aWxF19ZPlfkciXv5cql7g0Ut9xHsX8uxYir3T0Q9/ef8UjxQozuuKOdccvrvwFDTxebD20/Zmn9mG/H8U7M8dHOcnRlw/z352OOjz05HtXqgaF2err9xuq62XezGL/Omb8dD3ZiHjzxYGfRJ4vKhixe3ppFZX0W3Z2ww77YMYuR7oH13rHLp//520Ypndgpi4lNWey/xiwAbpXzxV1/rlahzxVV6D+rHXn9v1p3k05AV/csd99aV/lZrlcGNp3lzsfaI73t19W64dhS3Tc/vYhNoww4o5/oxJzoPJ8YPtynrpT7nNFfvfDq77pn9Mfe/9GPv3709z/95NXt/Xi4E9NdxD2/GVBj8zl/vz4/2uv09FPdxk8Gjtuaq5RiJOKOb1x6NQ6+/ubKIxcunX1p6aWllyuVicnyY+Xy45UYKZ4qdBdqDwB97PweOztGlB7bfFV9bmPdvWftTwrG4sV4JZbjXJwsXm0QEQ/073V03Z8hnIzjUVwsD7hqHV33Di8nd7i2HFmLrWyNLcWAfifW7bH7flgs/rWH3xQA2GPHd6jDu6n/J3e47t5YyzddHcfgWt7Pl/d0bwDAZ0Pa/Lg02n6n1GxmC8+PT02NV9un0qTZqD2XNLPp2TTJ6u20WTtVrc+myUKz0W7Uej84nk5bSWtxYaHRbCczjWay0Ghlp4t3fk+6b/3eSuer9XZWay3MpdVWmtQa9Xa11k6ms1YtWbjzmbmsdSptFhu3FtJaNpPVqu2sUU9ajcVmLR1LklaaJguLvcBsOq23s5ksb9aThWY2X21eiYi5xfk0mU5btWa20G40v5h3WGtEMVZWn2k054tux7ZO/y83e38DwO3g9TdXLp5dXl56bWPjQGxes6kxHEXjz9vF9Bq3eo4AwEaqNAAAAAAAAAAAAAAA3P62vlwvX7vjS/r6NfbFtW+1L65piOts5FPrrnn3Z197cdBM74yIm5LP3jby6d0GaexBo7T7eb3w1FMXB8U8c/nQqd310/9/Sr+Xur5zIOLOn/+gs+bpm7VbPrh6YF/L5qulbWJu7XkJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPr5XwAAAP//1fJR+w==")
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
rt_sigpending(0x0, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000000))
sendmsg$NFT_BATCH(r1, 0x0, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = mq_open(&(0x7f0000000000)='!selinu\xff\x7f\x00\x00inux\x00T\x8b\xb5\xf3\xcb\xdd\xe3\xbf2\x86\x01\x84\xdd\x8a\x8f_l\xa1L\xb1\xef\xb2\xc9\xf7+C\xb2\x8e9\xb8\xec\x1a\xe5\xaeq\x8fZ\xff\xbcY+\xaf0<\xa3\xb8\"Zm\x1c\x18\x11\x93\xb5z \xc2\x8b\xa9\xc5\x9es\t\xfe\x002\xa0-\xaf\xcdP\x9f\xe5Iv\xce*\xa8\xa3\x14i\x05\x8f\x9b\x1eB\x9f\x9d#E\x19\xdc\xfe\xc7\xeb\xb5\xcd\xc8\xe2U\xce\x00\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3})
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x82)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
mq_timedreceive(r3, &(0x7f0000000340)=""/200, 0xc8, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x51857000)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0)

65.318109ms ago: executing program 4 (id=4755):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
epoll_create1(0x80000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r3}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0x1b)
writev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f00000020c0)="bbf73d0c1e2044a11659f21eff48036983349dc43874210e104912bffb8f598101112dcc8dcf8700a489490d63834f650565c06a604a6ee660b0b214d783319103131be66a34144db07a78eaaa009fefbb25094f1ceba90273858299d3dda778adbb7b37fd136e9747c4ccb9df1fd662ace5e9259f77f09efbb37f4651ec04f6da53da0d528b5dadd15826590686f5a763d4b073d8cad495d83438f215bcbe9f4970cfdb81fd37712948b01600cc11f67e0eb74afa602b7aef28a12ae089162e9abc1aead3538531650e756e33549a3d42c2f6980ccddb13038638d477255ec481ec1b851b7f2edb3810a73496b1644a178314e07ce6658431db612cb5d57e69779dd8b4dc8fd42f96b23124dc7d6f5cc21115594f406a13768b29484d6d6ee760817e016a9a0fd0f5809b8579dd3b8780070f5c8f15d4caa7b266917f82a33a142851371c68e43098334b1a1a1d81c5c4ea0b43dcc7f4f4602f4bc1b8d9f88a31bcd240bcef59406d2003648cfc51d1531d85eb0a9cdee5c909c280a076546976cabd6d9187e0e8e1befde4ef082c0ac509eb49683d6248646487841bc7483bc8974d1d77b6129f80d301d1022217a1f75eae20edc20312fd40dffc32fd34ff0afe9681703c1533fa35eed19fc88dc81506a8f776ec6bc0722d071170f3e23a58cb6e612deecc63e19219f6b45e7b29595b046250f1072ec1cec596c3724325c313e952ef9b3c2c2234775462016b02a03dece1507be5bb565a9c0e074c68c5791c1d8881d134265157148a8cb9316e8c20687336e62516aa4bb17b81f8a9c35b1c7f7180093cf34ccdf5939cd3884af88ea9715728491a4c19eb0617d7763dbc02f6296421690a4d534e4a09bb437bbece800ab4ddfd698980dffef3e57d52e281e913bb929d826e13162503efdc59cf36341eb7006d419993d2d468209a301de1ef557e7d8b12c3dd4e3184bbb70360d2e66a0921b98624026dd5aea99bc45c7395ac345c594bd6cafabe1b0860e1e4f42436f860db11e77a7b3fbea4bf681bef14fa82d3993c1999870d98669a460e083e462b0283a5971a842eb372fec499283786608862317672e4c563d568c2337a5de4b31b152c55c45e58de782f06bebb28bf34d6ac4acacbc9cf62a289ab8770b42a565de537ad8a2c8cafea7eb35ba7a584f265c15e26527f482de543c0476ffdfb57e58e6dcfaef9aa691a3dffe8d04286012b57e0cd7e3ec8848633384ed25b466ace34df96779b9cb878a2a3fd3dcfeba5c4adf3ea240558dc2f6cfe5af2dd7928905d4535d5a495a7a72af182206e50869c300674e5adecf2e9e55f1b2824cb1d7271ec420e9e060b7c45e8bf3312a259626126a62866f9d1007beee2e25f9f4813412354984a9b357072d6aba261b6bdd849bccfe55e6a48ebae857107397c38e41cfea0a11da3d4e0a162dd5c26b6fc3ea1047999eb8751cb14f62348492548649a6072556e16c398d472c0c9fcce21c94e10614395fe216c40440c66b29eac9f961f78d1dd39c344dce276f5d1e21823c0c6c9c780e1eb2b13d70e5f0af676fa93832cece843ba710b06d430c1ec969412b1a247025cacd41dde3cd4b29201e6e7ad3a698c4514ec4bad556c5bdd189ef58637aa012855eae62ec366b006d1cbda583e9ca0865186f3c71bd9635d836584aa122b69406930f1227f2b92c578d0b67d1f5febc5c46826a261125288ec867dbf3f9059a8c14ef804b6403ec68057cceba786265ade4f525d6fcbf61b32e695b0366bbe4e8b11ca410de0c019b62a1ae250a1b9c78be31bcc66615db8f9c4f7dfdbeed3a25e8be30234c3c730d8b5c4c606e66f9a31ed90706ab8f47d81a1af712b6d138a1f2379b866e500f42ffcda368add8253a2e1d45c342161347245dcb0b9ffdf759f5d8aebebb53bfce59cc858e14ef63454e9efadff46e66a7ed82c09f510b24c1923333e8131147407acc1677500a0e1d4dbdbdc996593e668ae31b2790439eee89d97d31d0a96b13afdd5a2106437b112d39d41d668eba36b932901aabee4ce6c94463a3618d5bb4312d254580cd5d25ba72fd9f3c1b293f1d0b083fc5d286f4cf8a17574bc59bd5721661336db2c122064f2f641862be38b2d4ab610acdf03894b4dad4f4d451eab8f2ccb86db0066f5b5034c627b3047b5e7308ec7fe8eacb1714236f58b2d7a2a6bb039ee7af5df1fa373a3354666209239dc6bef6de0409aacdb7252c9583d90c3c4040a760848fb91fa255ac79bbdcd78b8aa1be947cb3f516646646e9e9a198e447c52d7a3b35640bf6848126b383b87a041f2ccd548ff68e013f6496b2ecf19399e5f642676e4ed95f4087dff363e56bc23aa0bffc14d1520e8434b033f86ffcea983573dfc33c47f0dc9eeedafd4fbc49f69914522dc26abaca1e05f619efe1756ee93029f40789b1a6af8056b5055c3759b5b6882a779856caea554b479d97eebed89a33c5c98a5f6e2cf9a715b4ca79dbe380382fc0692b55cf18cfcaf65868953b13330897d136887b3aac9832f393ff7f01c6a96e7d78278f441a9176c6450eeb3c35215d813a34848131a01a72af0ca4722b72e17a72ae3730de6785e2584f115c7be8fed0a4b3e48e48a242674fb6fc8c4935ac6d308051be151e8e75b084bd5b0d3ae5a1ecda8c126975e106e206b257a013f3943f42c0f4244ee004ea728616606358fd84acbeac7edd07e8a640c72ee46995ea6fcda08722e32188c47002d5fa2a321715509a580758562af88a962cddd5abeb06bc305ebd24b9d53a5ee60c5990cccd3abf2874bdd39ca080c66a0df1bc374b61c4c7f6d0d1811bd39763b3c3d5d82551fd1418cbc63aa8bf7ef27778bd9f46bc2007881d56e31efb802f5ea16569948691e", 0x801}, {0x0}], 0x2)
r4 = epoll_create(0xa262)
epoll_pwait(r4, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}], 0x6, 0x8, &(0x7f00000000c0)={[0xfa]}, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x25dfdbfc, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {}]}, [{}, {}, {}, {0x3}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, {}, {}, {}, {}, {0x2}, {}, {}, {0x0, 0x20000000, 0x0, 0xffffffff, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0x0, 0x0, 0x0, 0x503}, {}, {}, {0xfffffffc, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0xfffffffd}, {0x0, 0x0, 0x10000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x9}, {}, {}, {0x0, 0x9}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xd5}, {}, {}, {0x9}, {0x4}, {0x0, 0x0, 0x0, 0xfffffff4}, {0x0, 0x0, 0x0, 0x0, 0x284}, {}, {0x0, 0x0, 0x0, 0xfffff2ba}, {}, {0x0, 0x10}, {0x80000000}, {0x8eb9, 0x0, 0x800}, {0x5, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x4, 0x0, 0x7ee}, {0x800}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x9}, {}, {}, {}, {}, {0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {}, {0x0, 0x9, 0xfffffffc, 0x0, 0x6, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x2}, {}, {}, {}, {}, {}, {0x10000}, {0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x7}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x2}, {0x2}, {}, {}, {}, {}, {0x4}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}], 0xfe}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)

0s ago: executing program 4 (id=4756):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x14, &(0x7f0000000140)={<r2=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a80)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xc, 0x4}, {}, {0xb, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x24, 0x2, [@TCA_U32_POLICE={0x18, 0x6, [@TCA_POLICE_RESULT={0x8, 0x5, 0x200}, @TCA_POLICE_RATE64={0xc, 0x8, 0x3d}]}, @TCA_U32_CLASSID={0x8, 0x1, {0xfff1, 0x1}}]}}]}, 0x50}}, 0x20040054)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8000003, 0x0, 0x0, 0x41000, 0x4, '\x00', r6, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e24, 0x40003, @mcast1}, {0x2, 0xfff9, 0xc00, @remote, 0xffffffff}, r2, 0x9dffffff}}, 0x48)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r8, 0x40505330, &(0x7f0000000e80)={0x800100, 0xffffffff, 0x22, 0xe1d9, 0x1101, 0xff})
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB="e7ff56fbffffffffffff0000006ddb0106491af96300", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00'}, 0x10)
syz_io_uring_setup(0x75f1, &(0x7f0000000340)={0x0, 0x7bc3, 0x1000, 0x3, 0x1e9, 0x0, r0}, &(0x7f0000000280)=<r9=>0x0, &(0x7f00000003c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x104, &(0x7f0000000400)=0x5, 0x0, 0x4)
sendmsg$inet(r0, &(0x7f0000000e40)={&(0x7f0000000640)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000bc0), 0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="14000000000000000000000002000000cb0a00000000000044000000000000000000000007000000860a000000030704764689275464010102ac1414aa6401010064010102ac1414aaffffffff64010102ac1414bb0a010101000000000000001c000000000000000000000008000000", @ANYRES32=r6, @ANYBLOB="ac14140ce00000010000000004010000000000000000000007000000001105fd88fac48d16455f2c414326c3542bbf420a00000102010f18f2fb0a086caa21c33d75a730010b141dd86a5a2abf7a8e050f47978c4504e0e8ba4cbb93a0940111b63476d1162bd823f68d76f50ab34e0012894584f2bcb1fa2b2a7265b3a0aae8b2441cdd53000000c0000000807f000001007d13e0c660a981df000057443c26310a01010000000002e000000100000008e000000100000000ffffffff000099deac1414aa00008000ac1414aaffffffff64010102ffffffff4434a0b300000000000000007f00000100000006ac1414bb00000b64ffffffff00000236e000000100000003e0000002fffffff7000000000000001100000000000000000000000100000009000000000000001400000000000000000000000200000000000000000000001100000000000000000000000100000054000000000000001400000000000000000000000200000080040000000000001c00000000000000000000000800000031891ee47039e0d8772ee83ab4f3abb0241a2ccf17463dd87ab42b6b8a60d15bb03b899c10e87b72bebbc69ef8ac23695983f41ff62080b5f0e9de67fffbae1e95c233df9ec94cd6bd491948f943af92c4da9ff60b801749cae61963e3fd5b99de624daab2ee10c041e5738aa3c4cf251016b3e54c38861315c3d6cea9e757094aed9c3d68f7692fc2dc424a17f2c7", @ANYRES32=r6, @ANYBLOB="64010102e000000100000000"], 0x208}, 0x4004)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r0, 0x5)

kernel console output (not intermixed with test programs):

o load policy
[  231.056622][T14069] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3996'.
[  231.067556][T14065] netlink: zone id is out of range
[  231.069741][T14069] bridge0: entered promiscuous mode
[  231.072763][T14065] netlink: zone id is out of range
[  231.072833][T14065] netlink: zone id is out of range
[  231.078305][T14069] macsec1: entered allmulticast mode
[  231.090127][T14065] netlink: zone id is out of range
[  231.093974][T14069] bridge0: entered allmulticast mode
[  231.105390][T14069] bridge0: port 1(macsec1) entered blocking state
[  231.111932][T14069] bridge0: port 1(macsec1) entered disabled state
[  231.120939][T14069] bridge0: left allmulticast mode
[  231.126192][T14069] bridge0: left promiscuous mode
[  231.136297][T14074] rdma_rxe: rxe_newlink: failed to add vxcan1
[  231.143732][T14071] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3997'.
[  231.159543][T14071] bridge0: entered promiscuous mode
[  231.165010][T14071] macsec1: entered allmulticast mode
[  231.170592][T14071] bridge0: entered allmulticast mode
[  231.171860][T14077] program syz.5.3999 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  231.184759][T14071] bridge0: port 1(macsec1) entered blocking state
[  231.192228][T14071] bridge0: port 1(macsec1) entered disabled state
[  231.307411][T14071] bridge0: left allmulticast mode
[  231.312497][T14071] bridge0: left promiscuous mode
[  231.491324][T14105] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  231.498633][T14105] IPv6: NLM_F_CREATE should be set when creating new route
[  231.540154][T14108] SELinux: failed to load policy
[  231.548768][T14108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4012'.
[  231.561932][T14108] bridge0: entered promiscuous mode
[  231.567631][T14108] macsec1: entered allmulticast mode
[  231.573083][T14108] bridge0: entered allmulticast mode
[  231.579880][T14113] loop4: detected capacity change from 0 to 128
[  231.587141][T14108] bridge0: port 1(macsec1) entered blocking state
[  231.593700][T14108] bridge0: port 1(macsec1) entered disabled state
[  231.594426][T14111] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  231.607415][T14111] IPv6: NLM_F_CREATE should be set when creating new route
[  231.610675][T14116] SELinux:  policydb magic number 0x6572666b does not match expected magic number 0xf97cff8c
[  231.628979][T14108] bridge0: left allmulticast mode
[  231.634090][T14108] bridge0: left promiscuous mode
[  231.655034][T14114] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.4014'.
[  231.670673][T14122] loop3: detected capacity change from 0 to 512
[  231.678582][T14122] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  231.688543][T14122] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  231.697177][T14116] SELinux: failed to load policy
[  231.723478][T14116] rdma_rxe: rxe_newlink: failed to add vxcan1
[  231.743683][T14116] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4016'.
[  231.765184][T14116] bridge0: entered promiscuous mode
[  231.771338][T14116] macsec1: entered allmulticast mode
[  231.776703][T14116] bridge0: entered allmulticast mode
[  231.786621][T14116] bridge0: port 2(macsec1) entered blocking state
[  231.793297][T14116] bridge0: port 2(macsec1) entered disabled state
[  231.801286][T14130] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  231.810915][T14116] bridge0: left allmulticast mode
[  231.816097][T14116] bridge0: left promiscuous mode
[  232.282448][T14168] loop0: detected capacity change from 0 to 512
[  232.290978][T14168] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  232.301168][T14168] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  232.333934][T14176] program syz.2.4040 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  232.461627][T14184] loop0: detected capacity change from 0 to 512
[  232.469445][T14184] EXT4-fs: Ignoring removed mblk_io_submit option
[  232.498389][T14184] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  232.549724][T14184] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  232.593060][T14184] System zones: 1-12
[  232.612281][T14187] vxcan1 speed is unknown, defaulting to 1000
[  232.631345][T14184] EXT4-fs (loop0): 1 truncate cleaned up
[  232.655832][T14184] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.690622][T14187] lo speed is unknown, defaulting to 1000
[  232.818738][T14208] loop4: detected capacity change from 0 to 1024
[  232.842373][T14208] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  232.859400][T14208] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  232.883613][T14208] EXT4-fs (loop4): orphan cleanup on readonly fs
[  232.938048][T14208] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  232.952589][T14208] EXT4-fs (loop4): Cannot turn on quotas: error -5
[  233.051670][T14208] EXT4-fs (loop4): 1 truncate cleaned up
[  233.058059][T14208] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  233.147401][T11298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.198284][T14220] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.4057'.
[  233.374224][T11427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.696263][T14232] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14232 comm=syz.0.4059
[  234.374706][T14252] program syz.5.4069 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  234.392940][T14254] loop0: detected capacity change from 0 to 128
[  234.555609][T14261] SELinux: failed to load policy
[  234.562420][T14261] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4072'.
[  234.584079][T14266] random: crng reseeded on system resumption
[  234.592927][T14261] bridge0: entered promiscuous mode
[  234.602424][T14261] macsec1: entered allmulticast mode
[  234.607857][T14261] bridge0: entered allmulticast mode
[  234.628873][T14261] bridge0: port 1(macsec1) entered blocking state
[  234.635648][T14261] bridge0: port 1(macsec1) entered disabled state
[  234.647777][T14261] bridge0: left allmulticast mode
[  234.652977][T14261] bridge0: left promiscuous mode
[  235.085408][T14302] program syz.0.4089 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  235.138288][T14304] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.4090'.
[  235.579749][T14314] SELinux: failed to load policy
[  235.586671][T14314] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4092'.
[  235.598837][T14314] bridge0: entered promiscuous mode
[  235.604248][T14314] macsec1: entered allmulticast mode
[  235.609605][T14314] bridge0: entered allmulticast mode
[  235.617090][T14314] bridge0: port 1(macsec1) entered blocking state
[  235.623644][T14314] bridge0: port 1(macsec1) entered disabled state
[  235.631167][T14314] bridge0: left allmulticast mode
[  235.636298][T14314] bridge0: left promiscuous mode
[  235.645179][T14318] veth0_vlan: left promiscuous mode
[  235.736220][T14320] vxcan1 speed is unknown, defaulting to 1000
[  235.782282][T14324] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4095'.
[  235.801707][T14320] lo speed is unknown, defaulting to 1000
[  235.802830][   T29] kauditd_printk_skb: 216 callbacks suppressed
[  235.802849][   T29] audit: type=1326 audit(1757273312.947:21678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14325 comm="syz.5.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3614ebe9 code=0x7ffc0000
[  235.894300][T14334] program syz.0.4100 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  235.904034][   T29] audit: type=1326 audit(1757273312.987:21679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14325 comm="syz.5.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3614ebe9 code=0x7ffc0000
[  235.927779][   T29] audit: type=1326 audit(1757273312.987:21680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14325 comm="syz.5.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca3614ebe9 code=0x7ffc0000
[  235.951606][   T29] audit: type=1326 audit(1757273312.987:21681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14325 comm="syz.5.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3614ebe9 code=0x7ffc0000
[  235.975262][   T29] audit: type=1326 audit(1757273312.987:21682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14325 comm="syz.5.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3614ebe9 code=0x7ffc0000
[  235.980570][T14337] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  235.998902][   T29] audit: type=1326 audit(1757273312.987:21683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14325 comm="syz.5.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca3614ebe9 code=0x7ffc0000
[  236.006184][T14337] IPv6: NLM_F_CREATE should be set when creating new route
[  236.029741][   T29] audit: type=1326 audit(1757273312.987:21684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14325 comm="syz.5.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3614ebe9 code=0x7ffc0000
[  236.060535][   T29] audit: type=1326 audit(1757273312.987:21685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14325 comm="syz.5.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3614ebe9 code=0x7ffc0000
[  236.085822][   T29] audit: type=1326 audit(1757273312.987:21686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14325 comm="syz.5.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca3614ebe9 code=0x7ffc0000
[  236.109405][   T29] audit: type=1326 audit(1757273312.987:21687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14325 comm="syz.5.4097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3614ebe9 code=0x7ffc0000
[  236.228053][T14343] loop0: detected capacity change from 0 to 512
[  236.235238][T14343] EXT4-fs: Ignoring removed mblk_io_submit option
[  236.244577][T14343] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  236.257514][T14343] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  236.265694][T14343] System zones: 1-12
[  236.275210][T14343] EXT4-fs (loop0): 1 truncate cleaned up
[  236.281363][T14343] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.450265][T14354] vxcan1 speed is unknown, defaulting to 1000
[  236.997080][T14359] loop3: detected capacity change from 0 to 1024
[  237.006108][T14354] lo speed is unknown, defaulting to 1000
[  237.024881][T14359] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  237.037819][T14345] vxcan1 speed is unknown, defaulting to 1000
[  237.144206][T14359] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  237.164281][T14359] EXT4-fs (loop3): orphan cleanup on readonly fs
[  237.164680][T11427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.181025][T14359] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  237.195762][T14359] EXT4-fs (loop3): Cannot turn on quotas: error -5
[  237.221224][T14345] lo speed is unknown, defaulting to 1000
[  237.228737][T14359] EXT4-fs (loop3): 1 truncate cleaned up
[  237.243786][T14359] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  237.280866][T14367] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  237.293801][T10982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.368360][T14371] program syz.3.4113 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  237.437269][T14377] netlink: 5 bytes leftover after parsing attributes in process `syz.3.4116'.
[  237.474872][T14377] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  237.503550][T14377] net_ratelimit: 236 callbacks suppressed
[  237.503565][T14377] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  237.624401][T14384] random: crng reseeded on system resumption
[  237.874885][T14400] loop5: detected capacity change from 0 to 512
[  237.882340][T14400] EXT4-fs: Ignoring removed mblk_io_submit option
[  237.889226][T14400] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  237.927692][T14400] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  237.935749][T14400] System zones: 1-12
[  237.940513][T14400] EXT4-fs (loop5): 1 truncate cleaned up
[  237.946626][T14400] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.956373][T14398] SELinux: failed to load policy
[  238.000642][T14398] rdma_rxe: rxe_newlink: failed to add vxcan1
[  238.019828][T14398] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4123'.
[  238.041580][T14398] bridge0: entered promiscuous mode
[  238.046957][T14398] macsec1: entered allmulticast mode
[  238.052449][T14398] bridge0: entered allmulticast mode
[  238.059208][T14398] bridge0: port 1(macsec1) entered blocking state
[  238.065846][T14398] bridge0: port 1(macsec1) entered disabled state
[  238.074228][T14398] bridge0: left allmulticast mode
[  238.079393][T14398] bridge0: left promiscuous mode
[  238.185333][T14422] netlink: 5 bytes leftover after parsing attributes in process `syz.0.4131'.
[  238.221319][T14422] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  238.253790][T14422] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  238.382596][T14430] program syz.0.4134 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  238.903032][T14445] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4140'.
[  238.950087][T11741] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.963325][T14443] random: crng reseeded on system resumption
[  239.003985][T14451] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14451 comm=syz.5.4142
[  239.074891][T14457] SELinux: failed to load policy
[  239.103275][T14457] rdma_rxe: rxe_newlink: failed to add vxcan1
[  239.112726][T14457] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4145'.
[  239.135295][T14462] program syz.2.4146 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  239.136386][T14457] bridge0: entered promiscuous mode
[  239.151224][T14457] macsec1: entered allmulticast mode
[  239.156594][T14457] bridge0: entered allmulticast mode
[  239.163138][T14457] bridge0: port 1(macsec1) entered blocking state
[  239.169724][T14457] bridge0: port 1(macsec1) entered disabled state
[  239.204178][T14457] bridge0: left allmulticast mode
[  239.209315][T14457] bridge0: left promiscuous mode
[  239.250114][T14467] tipc: Started in network mode
[  239.255105][T14467] tipc: Node identity , cluster identity 4711
[  239.261231][T14467] tipc: Failed to set node id, please configure manually
[  239.268391][T14467] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  239.737973][T14478] SELinux: failed to load policy
[  239.765219][T14478] rdma_rxe: rxe_newlink: failed to add vxcan1
[  239.792121][T14478] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4152'.
[  239.876608][T14478] bridge0: entered promiscuous mode
[  239.891893][T14478] macsec1: entered allmulticast mode
[  239.897446][T14478] bridge0: entered allmulticast mode
[  239.903762][T14478] bridge0: port 1(macsec1) entered blocking state
[  239.910820][T14478] bridge0: port 1(macsec1) entered disabled state
[  239.920470][T14478] bridge0: left allmulticast mode
[  239.925829][T14478] bridge0: left promiscuous mode
[  239.945031][T14489] FAULT_INJECTION: forcing a failure.
[  239.945031][T14489] name failslab, interval 1, probability 0, space 0, times 0
[  239.957956][T14489] CPU: 1 UID: 0 PID: 14489 Comm: syz.0.4156 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  239.957993][T14489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  239.958009][T14489] Call Trace:
[  239.958015][T14489]  <TASK>
[  239.958025][T14489]  __dump_stack+0x1d/0x30
[  239.958051][T14489]  dump_stack_lvl+0xe8/0x140
[  239.958075][T14489]  dump_stack+0x15/0x1b
[  239.958123][T14489]  should_fail_ex+0x265/0x280
[  239.958202][T14489]  should_failslab+0x8c/0xb0
[  239.958232][T14489]  kmem_cache_alloc_node_noprof+0x57/0x320
[  239.958333][T14489]  ? __alloc_skb+0x101/0x320
[  239.958356][T14489]  __alloc_skb+0x101/0x320
[  239.958377][T14489]  netlink_ack+0xfd/0x500
[  239.958409][T14489]  netlink_rcv_skb+0x192/0x220
[  239.958449][T14489]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  239.958544][T14489]  rtnetlink_rcv+0x1c/0x30
[  239.958621][T14489]  netlink_unicast+0x5bd/0x690
[  239.958650][T14489]  netlink_sendmsg+0x58b/0x6b0
[  239.958680][T14489]  ? __pfx_netlink_sendmsg+0x10/0x10
[  239.958756][T14489]  __sock_sendmsg+0x142/0x180
[  239.958836][T14489]  ____sys_sendmsg+0x31e/0x4e0
[  239.958901][T14489]  ___sys_sendmsg+0x17b/0x1d0
[  239.958992][T14489]  __x64_sys_sendmsg+0xd4/0x160
[  239.959025][T14489]  x64_sys_call+0x191e/0x2ff0
[  239.959053][T14489]  do_syscall_64+0xd2/0x200
[  239.959164][T14489]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  239.959195][T14489]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  239.959238][T14489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.959264][T14489] RIP: 0033:0x7fbe9fdfebe9
[  239.959289][T14489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.959307][T14489] RSP: 002b:00007fbe9e867038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  239.959325][T14489] RAX: ffffffffffffffda RBX: 00007fbea0035fa0 RCX: 00007fbe9fdfebe9
[  239.959339][T14489] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[  239.959390][T14489] RBP: 00007fbe9e867090 R08: 0000000000000000 R09: 0000000000000000
[  239.959402][T14489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.959414][T14489] R13: 00007fbea0036038 R14: 00007fbea0035fa0 R15: 00007ffd87509808
[  239.959458][T14489]  </TASK>
[  240.191969][T14493] loop2: detected capacity change from 0 to 764
[  240.222177][T14493] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  240.248793][T14497] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  240.462793][T14510] loop4: detected capacity change from 0 to 2048
[  240.483876][T14510] FAT-fs (loop4): bogus logical sector size 0
[  240.490018][T14510] FAT-fs (loop4): Can't find a valid FAT filesystem
[  240.519295][T14508] random: crng reseeded on system resumption
[  240.685476][T14521] loop3: detected capacity change from 0 to 512
[  240.697378][T14521] EXT4-fs: Ignoring removed mblk_io_submit option
[  240.704450][T14521] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  240.717286][T14521] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  240.719270][T14524] loop4: detected capacity change from 0 to 128
[  240.726012][T14521] System zones: 1-12
[  240.740618][T14521] EXT4-fs (loop3): 1 truncate cleaned up
[  240.743997][T14524] program syz.4.4168 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  240.756102][T14521] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  240.835757][T14527] SELinux: failed to load policy
[  240.856332][T14527] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4169'.
[  240.875127][T14536] loop4: detected capacity change from 0 to 512
[  240.898119][T14527] bridge0: entered promiscuous mode
[  240.904641][T14536] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  240.914807][T14536] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  240.923711][T14527] macsec1: entered allmulticast mode
[  240.929355][T14527] bridge0: entered allmulticast mode
[  240.935877][T14527] bridge0: port 1(macsec1) entered blocking state
[  240.942481][T14527] bridge0: port 1(macsec1) entered disabled state
[  240.952683][T14536] netlink: zone id is out of range
[  240.958011][T14536] netlink: zone id is out of range
[  240.963546][T14536] netlink: zone id is out of range
[  240.968850][T14536] netlink: zone id is out of range
[  240.974345][T14536] netlink: zone id is out of range
[  240.979627][T14527] bridge0: left allmulticast mode
[  240.979650][T14536] netlink: zone id is out of range
[  240.979660][T14536] netlink: zone id is out of range
[  240.985055][T14527] bridge0: left promiscuous mode
[  240.991898][T14536] netlink: zone id is out of range
[  241.034868][T14541] loop4: detected capacity change from 0 to 512
[  241.041620][T14541] EXT4-fs: Ignoring removed mblk_io_submit option
[  241.051805][T14541] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  241.064559][T14541] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  241.089543][T14541] System zones: 1-12
[  241.095052][T14544] loop0: detected capacity change from 0 to 512
[  241.101824][T14541] EXT4-fs (loop4): 1 truncate cleaned up
[  241.108253][T14544] EXT4-fs: Ignoring removed mblk_io_submit option
[  241.117031][T14541] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.130313][T14544] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  241.145160][T14544] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  241.153759][T14544] System zones: 1-12
[  241.160496][T14544] EXT4-fs (loop0): 1 truncate cleaned up
[  241.167869][T14544] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.203556][T14548] random: crng reseeded on system resumption
[  241.281692][T14553] random: crng reseeded on system resumption
[  241.488533][T14558] loop5: detected capacity change from 0 to 512
[  241.506539][T14558] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  241.546108][T14558] EXT4-fs (loop5): 1 truncate cleaned up
[  241.557588][T14558] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.649149][T14558] netlink: 'syz.5.4180': attribute type 10 has an invalid length.
[  241.657094][T14558] netlink: 55 bytes leftover after parsing attributes in process `syz.5.4180'.
[  241.902821][T10982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.939787][T11298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.961514][T11741] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.016830][T14567] $Hÿ: renamed from bond0 (while UP)
[  242.030800][T14567] $Hÿ: entered promiscuous mode
[  242.041293][T14574] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4187'.
[  242.050858][T14574] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4187'.
[  242.111694][   T29] kauditd_printk_skb: 344 callbacks suppressed
[  242.111742][   T29] audit: type=1326 audit(1757273319.257:22031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14577 comm="syz.2.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  242.167062][T14582] program syz.4.4190 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  242.177975][   T29] audit: type=1326 audit(1757273319.297:22032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14577 comm="syz.2.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  242.202828][   T29] audit: type=1326 audit(1757273319.297:22033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14577 comm="syz.2.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  242.226731][   T29] audit: type=1326 audit(1757273319.307:22034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14577 comm="syz.2.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  242.250708][   T29] audit: type=1326 audit(1757273319.307:22035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14577 comm="syz.2.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  242.274334][   T29] audit: type=1326 audit(1757273319.307:22036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14577 comm="syz.2.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  242.298007][   T29] audit: type=1326 audit(1757273319.307:22037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14577 comm="syz.2.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  242.321722][   T29] audit: type=1326 audit(1757273319.307:22038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14577 comm="syz.2.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  242.345818][   T29] audit: type=1326 audit(1757273319.307:22039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14577 comm="syz.2.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  242.369508][   T29] audit: type=1326 audit(1757273319.307:22040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14577 comm="syz.2.4189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  242.398537][T14588] loop4: detected capacity change from 0 to 512
[  242.405347][T14588] EXT4-fs: Ignoring removed mblk_io_submit option
[  242.412213][T14588] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  242.423316][T11427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.424162][T14588] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  242.440520][T14588] System zones: 1-12
[  242.444850][T14588] EXT4-fs (loop4): 1 truncate cleaned up
[  242.450926][T14588] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.526303][T14596] netlink: 5 bytes leftover after parsing attributes in process `syz.0.4193'.
[  242.540372][T14596] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  242.589824][T14596] net_ratelimit: 74 callbacks suppressed
[  242.589842][T14596] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  242.670686][T14608] loop2: detected capacity change from 0 to 1024
[  242.697965][T14608] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  242.714692][T14609] SELinux: failed to load policy
[  242.720721][T14608] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  242.734492][T14609] rdma_rxe: rxe_newlink: failed to add vxcan1
[  242.743793][T14608] EXT4-fs (loop2): orphan cleanup on readonly fs
[  242.751283][T14609] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4200'.
[  242.762582][T14608] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  242.776584][T14609] bridge0: entered promiscuous mode
[  242.777291][T14608] EXT4-fs (loop2): Cannot turn on quotas: error -5
[  242.782612][T14609] macsec1: entered allmulticast mode
[  242.791344][T14608] EXT4-fs (loop2): 1 truncate cleaned up
[  242.794590][T14609] bridge0: entered allmulticast mode
[  242.800928][T14608] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  242.806462][T14609] bridge0: port 1(macsec1) entered blocking state
[  242.825033][T14609] bridge0: port 1(macsec1) entered disabled state
[  242.833025][T14609] bridge0: left allmulticast mode
[  242.838238][T14609] bridge0: left promiscuous mode
[  242.904779][T14619] loop5: detected capacity change from 0 to 764
[  242.912361][T14619] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  242.932046][T10785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.051555][T14626] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4207'.
[  243.062830][T14634] loop3: detected capacity change from 0 to 512
[  243.071172][T14626] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4207'.
[  243.087456][T14634] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  243.102417][T14626] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4207'.
[  243.109330][T14634] ext4 filesystem being mounted at /223/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  243.205237][T14626] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4207'.
[  243.273353][T10982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.413586][T11298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.507184][T14661] loop5: detected capacity change from 0 to 512
[  243.515398][T14661] EXT4-fs: Ignoring removed orlov option
[  243.521530][T14661] EXT4-fs (loop5): unsupported inode size: 4096
[  243.527854][T14661] EXT4-fs (loop5): blocksize: 2048
[  243.548413][T14661] loop5: detected capacity change from 0 to 512
[  243.555638][T14661] EXT4-fs: Ignoring removed mblk_io_submit option
[  243.562367][T14661] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  243.574281][T14661] EXT4-fs (loop5): 1 truncate cleaned up
[  243.580318][T14661] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.599128][T14668] loop3: detected capacity change from 0 to 512
[  243.606155][T14668] EXT4-fs: Ignoring removed mblk_io_submit option
[  243.614819][T14668] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  243.638562][T14668] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  243.652412][T14668] System zones: 1-12
[  243.658725][T14668] EXT4-fs (loop3): 1 truncate cleaned up
[  243.681115][T14668] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.707521][T11741] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.724778][T14677] loop0: detected capacity change from 0 to 764
[  243.750799][T14677] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  243.791574][T14686] program syz.2.4229 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  244.283274][T14713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  244.291762][T14713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  244.321983][T14716] vxcan1 speed is unknown, defaulting to 1000
[  244.369559][T14720] program syz.2.4242 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  244.429223][T14716] lo speed is unknown, defaulting to 1000
[  244.543312][T10982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.777674][T14749] 9pnet_fd: Insufficient options for proto=fd
[  244.797567][T14753] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  244.806644][T14751] loop4: detected capacity change from 0 to 512
[  244.813938][T14751] EXT4-fs: Ignoring removed mblk_io_submit option
[  244.821190][T14751] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  244.833940][T14751] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  244.842435][T14751] System zones: 1-12
[  244.850793][T14751] EXT4-fs (loop4): 1 truncate cleaned up
[  244.858821][T14751] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.948568][T14762] tipc: Started in network mode
[  244.953520][T14762] tipc: Node identity , cluster identity 4711
[  244.959696][T14762] tipc: Failed to set node id, please configure manually
[  244.966912][T14762] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  245.052437][T14760] random: crng reseeded on system resumption
[  245.403237][T14767] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14767 comm=syz.3.4260
[  245.503410][T14773] SELinux: failed to load policy
[  245.511722][T14773] rdma_rxe: rxe_newlink: failed to add vxcan1
[  245.525919][T14773] bridge0: entered promiscuous mode
[  245.531521][T14773] macsec1: entered allmulticast mode
[  245.536922][T14773] bridge0: entered allmulticast mode
[  245.543362][T14773] bridge0: port 1(macsec1) entered blocking state
[  245.549922][T14773] bridge0: port 1(macsec1) entered disabled state
[  245.557891][T14773] bridge0: left allmulticast mode
[  245.563045][T14773] bridge0: left promiscuous mode
[  245.645864][T14779] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  245.673243][T14783] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  245.684378][T14779] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  245.718330][T14785] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  245.725652][T14785] IPv6: NLM_F_CREATE should be set when creating new route
[  245.738235][T14792] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14792 comm=syz.2.4272
[  245.752929][T14792] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  245.766755][T11298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.777160][T14788] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  245.797565][T14794] loop2: detected capacity change from 0 to 128
[  245.849098][T14794] bio_check_eod: 75 callbacks suppressed
[  245.849115][T14794] syz.2.4274: attempt to access beyond end of device
[  245.849115][T14794] loop2: rw=2049, sector=154, nr_sectors = 8 limit=128
[  245.870908][T14800] vxcan1 speed is unknown, defaulting to 1000
[  245.873178][T14794] syz.2.4274: attempt to access beyond end of device
[  245.873178][T14794] loop2: rw=2049, sector=160, nr_sectors = 2 limit=128
[  245.890695][T14794] buffer_io_error: 30 callbacks suppressed
[  245.890712][T14794] Buffer I/O error on dev loop2, logical block 80, lost async page write
[  245.907337][T14794] syz.2.4274: attempt to access beyond end of device
[  245.907337][T14794] loop2: rw=2049, sector=162, nr_sectors = 8 limit=128
[  245.910211][T14805] __nla_validate_parse: 6 callbacks suppressed
[  245.910229][T14805] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4276'.
[  245.922550][T14794] syz.2.4274: attempt to access beyond end of device
[  245.922550][T14794] loop2: rw=2049, sector=168, nr_sectors = 2 limit=128
[  245.933131][T14796] random: crng reseeded on system resumption
[  245.936402][T14794] Buffer I/O error on dev loop2, logical block 84, lost async page write
[  245.966652][T14794] syz.2.4274: attempt to access beyond end of device
[  245.966652][T14794] loop2: rw=2049, sector=186, nr_sectors = 8 limit=128
[  245.986468][T14794] syz.2.4274: attempt to access beyond end of device
[  245.986468][T14794] loop2: rw=2049, sector=192, nr_sectors = 2 limit=128
[  245.990893][T14800] lo speed is unknown, defaulting to 1000
[  246.000023][T14794] Buffer I/O error on dev loop2, logical block 96, lost async page write
[  246.015120][T14807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  246.024729][T14807] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.032962][T14794] syz.2.4274: attempt to access beyond end of device
[  246.032962][T14794] loop2: rw=2049, sector=194, nr_sectors = 8 limit=128
[  246.049209][T14794] syz.2.4274: attempt to access beyond end of device
[  246.049209][T14794] loop2: rw=2049, sector=200, nr_sectors = 2 limit=128
[  246.062832][T14794] Buffer I/O error on dev loop2, logical block 100, lost async page write
[  246.073801][T14794] syz.2.4274: attempt to access beyond end of device
[  246.073801][T14794] loop2: rw=2049, sector=218, nr_sectors = 8 limit=128
[  246.090304][T14794] syz.2.4274: attempt to access beyond end of device
[  246.090304][T14794] loop2: rw=2049, sector=224, nr_sectors = 2 limit=128
[  246.104226][T14794] Buffer I/O error on dev loop2, logical block 112, lost async page write
[  246.115180][T14794] Buffer I/O error on dev loop2, logical block 116, lost async page write
[  246.127242][T14794] Buffer I/O error on dev loop2, logical block 88, lost async page write
[  246.148341][T14794] Buffer I/O error on dev loop2, logical block 92, lost async page write
[  246.161920][T14794] Buffer I/O error on dev loop2, logical block 120, lost async page write
[  246.171244][T14794] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  246.187187][T14811] loop4: detected capacity change from 0 to 2048
[  246.209079][T14811] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.225383][T14811] ext4 filesystem being mounted at /282/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.262081][T11298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.334352][T14818] netlink: 84 bytes leftover after parsing attributes in process `syz.4.4280'.
[  246.621857][T14831] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  246.750730][T14834] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14834 comm=syz.3.4287
[  246.870660][T14840] random: crng reseeded on system resumption
[  247.040073][T14847] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4291'.
[  247.070499][T14850] program syz.4.4292 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  247.110551][T14853] loop0: detected capacity change from 0 to 512
[  247.136052][T14853] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  247.146347][T14853] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  247.158928][T14853] netlink: zone id is out of range
[  247.164466][T14853] netlink: zone id is out of range
[  247.170713][T14853] netlink: zone id is out of range
[  247.175991][T14853] netlink: zone id is out of range
[  247.183370][T14853] netlink: zone id is out of range
[  247.189329][T14853] netlink: zone id is out of range
[  247.196021][T14853] netlink: zone id is out of range
[  247.254497][   T29] kauditd_printk_skb: 284 callbacks suppressed
[  247.254517][   T29] audit: type=1326 audit(1757273324.407:22324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14862 comm="syz.3.4298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  247.300183][   T29] audit: type=1326 audit(1757273324.407:22325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14862 comm="syz.3.4298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  247.319094][T14869] loop2: detected capacity change from 0 to 512
[  247.324085][   T29] audit: type=1326 audit(1757273324.407:22326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14862 comm="syz.3.4298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  247.351759][T14869] EXT4-fs: Ignoring removed mblk_io_submit option
[  247.354036][   T29] audit: type=1326 audit(1757273324.407:22327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14862 comm="syz.3.4298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  247.368715][T14869] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  247.384076][   T29] audit: type=1326 audit(1757273324.407:22328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14862 comm="syz.3.4298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  247.384112][   T29] audit: type=1326 audit(1757273324.407:22329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14862 comm="syz.3.4298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  247.441694][   T29] audit: type=1326 audit(1757273324.407:22330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14862 comm="syz.3.4298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  247.458833][T14872] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4302'.
[  247.465516][   T29] audit: type=1326 audit(1757273324.407:22331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14862 comm="syz.3.4298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  247.498158][   T29] audit: type=1326 audit(1757273324.407:22332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14862 comm="syz.3.4298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  247.522033][   T29] audit: type=1326 audit(1757273324.407:22333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14862 comm="syz.3.4298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  247.524972][T14869] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  247.578309][T14878] loop0: detected capacity change from 0 to 512
[  247.583335][T14869] System zones: 1-12
[  247.586583][T14878] EXT4-fs: Ignoring removed mblk_io_submit option
[  247.595761][T14878] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  247.605665][T14869] EXT4-fs (loop2): 1 truncate cleaned up
[  247.612530][T14869] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.630925][T14878] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  247.639759][T14878] System zones: 1-12
[  247.644323][T14878] EXT4-fs (loop0): 1 truncate cleaned up
[  247.650362][T14878] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.671591][T10785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.704732][T11427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.771773][T14888] SELinux: failed to load policy
[  247.779214][T14888] rdma_rxe: rxe_newlink: failed to add vxcan1
[  247.786858][T14888] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4307'.
[  247.801051][T14888] bridge0: entered promiscuous mode
[  247.808937][T14888] macsec1: entered allmulticast mode
[  247.814391][T14888] bridge0: entered allmulticast mode
[  247.819453][T14884] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4306'.
[  247.820816][T14888] bridge0: port 1(macsec1) entered blocking state
[  247.835329][T14888] bridge0: port 1(macsec1) entered disabled state
[  247.850299][T14888] bridge0: left allmulticast mode
[  247.855462][T14888] bridge0: left promiscuous mode
[  247.898383][T14884] loop3: detected capacity change from 0 to 2048
[  247.951896][T14884] EXT4-fs: Ignoring removed orlov option
[  248.047447][T14884] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.125302][T14899] loop0: detected capacity change from 0 to 512
[  248.135248][T14899] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  248.145283][T14899] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  248.399053][T14897] net_ratelimit: 75 callbacks suppressed
[  248.399090][T14897] netlink: zone id is out of range
[  248.410734][T14897] netlink: zone id is out of range
[  248.416084][T14897] netlink: zone id is out of range
[  248.421425][T14897] netlink: zone id is out of range
[  248.427036][T14897] netlink: zone id is out of range
[  248.432274][T14897] netlink: zone id is out of range
[  248.437512][T14897] netlink: zone id is out of range
[  248.442737][T14897] netlink: zone id is out of range
[  248.448311][T14897] netlink: zone id is out of range
[  248.456136][T14897] netlink: zone id is out of range
[  248.457462][T14904] random: crng reseeded on system resumption
[  248.595312][T14914] loop0: detected capacity change from 0 to 512
[  248.610409][T14914] EXT4-fs: Ignoring removed mblk_io_submit option
[  248.619735][T14912] random: crng reseeded on system resumption
[  248.626089][T14914] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  248.642342][T14914] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  248.650564][T14914] System zones: 1-12
[  248.656045][T14914] EXT4-fs (loop0): 1 truncate cleaned up
[  248.662484][T14914] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.701032][T14922] SELinux: failed to load policy
[  248.705191][T11427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.708282][T14922] rdma_rxe: rxe_newlink: failed to add vxcan1
[  248.717647][T10982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.722913][T14922] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4318'.
[  248.745128][T14922] bridge0: entered promiscuous mode
[  248.750463][T14922] macsec1: entered allmulticast mode
[  248.755921][T14922] bridge0: entered allmulticast mode
[  248.775555][T14922] bridge0: port 1(macsec1) entered blocking state
[  248.782071][T14922] bridge0: port 1(macsec1) entered disabled state
[  248.812172][T14922] bridge0: left allmulticast mode
[  248.817394][T14922] bridge0: left promiscuous mode
[  248.834224][T14934] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=29487 sclass=netlink_route_socket pid=14934 comm=syz.0.4322
[  249.044537][T14952] FAULT_INJECTION: forcing a failure.
[  249.044537][T14952] name failslab, interval 1, probability 0, space 0, times 0
[  249.057365][T14952] CPU: 0 UID: 0 PID: 14952 Comm: syz.2.4328 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  249.057445][T14952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  249.057481][T14952] Call Trace:
[  249.057489][T14952]  <TASK>
[  249.057498][T14952]  __dump_stack+0x1d/0x30
[  249.057523][T14952]  dump_stack_lvl+0xe8/0x140
[  249.057545][T14952]  dump_stack+0x15/0x1b
[  249.057586][T14952]  should_fail_ex+0x265/0x280
[  249.057628][T14952]  ? __se_sys_mount+0xef/0x2e0
[  249.057653][T14952]  should_failslab+0x8c/0xb0
[  249.057683][T14952]  __kmalloc_cache_noprof+0x4c/0x320
[  249.057784][T14952]  ? memdup_user+0x99/0xd0
[  249.057813][T14952]  __se_sys_mount+0xef/0x2e0
[  249.057901][T14952]  ? fput+0x8f/0xc0
[  249.057938][T14952]  ? ksys_write+0x192/0x1a0
[  249.057995][T14952]  __x64_sys_mount+0x67/0x80
[  249.058065][T14952]  x64_sys_call+0x2b4d/0x2ff0
[  249.058085][T14952]  do_syscall_64+0xd2/0x200
[  249.058123][T14952]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  249.058154][T14952]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  249.058245][T14952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.058326][T14952] RIP: 0033:0x7f6d87edebe9
[  249.058362][T14952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.058463][T14952] RSP: 002b:00007f6d86947038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  249.058574][T14952] RAX: ffffffffffffffda RBX: 00007f6d88115fa0 RCX: 00007f6d87edebe9
[  249.058586][T14952] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[  249.058597][T14952] RBP: 00007f6d86947090 R08: 0000200000000300 R09: 0000000000000000
[  249.058609][T14952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.058623][T14952] R13: 00007f6d88116038 R14: 00007f6d88115fa0 R15: 00007ffd0baedb68
[  249.058648][T14952]  </TASK>
[  249.298623][T14961] loop3: detected capacity change from 0 to 1024
[  249.307856][T14964] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4334'.
[  249.311301][T14961] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  249.329285][T14961] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  249.329387][T14964] IPv6: Can't replace route, no match found
[  249.337546][T14961] EXT4-fs (loop3): orphan cleanup on readonly fs
[  249.347110][T14964] tipc: Enabled bearer <udp:syz1>, priority 10
[  249.350044][T14961] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  249.370611][T14961] EXT4-fs (loop3): Cannot turn on quotas: error -5
[  249.378368][T14969] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.378524][T14961] EXT4-fs (loop3): 1 truncate cleaned up
[  249.387157][T14969] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.394315][T14961] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  249.430521][T10982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.496860][T14980] loop3: detected capacity change from 0 to 512
[  249.503613][T14980] EXT4-fs: Ignoring removed mblk_io_submit option
[  249.503873][T14981] loop4: detected capacity change from 0 to 512
[  249.510651][T14980] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  249.527347][T14981] EXT4-fs: Ignoring removed mblk_io_submit option
[  249.532466][T14980] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  249.534157][T14981] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  249.542031][T14980] System zones: 1-12
[  249.553974][T14981] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  249.563964][T14981] System zones: 1-12
[  249.564960][T14980] EXT4-fs (loop3): 1 truncate cleaned up
[  249.577475][T14981] EXT4-fs (loop4): 1 truncate cleaned up
[  249.583699][T14981] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.590404][T14980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.643965][T14989] loop2: detected capacity change from 0 to 512
[  249.650751][T14989] EXT4-fs: Ignoring removed mblk_io_submit option
[  249.657742][T14989] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  249.669170][T14989] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  249.677734][T14989] System zones: 1-12
[  249.684021][T14989] EXT4-fs (loop2): 1 truncate cleaned up
[  249.691170][T14989] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.775212][T10785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.810597][T14996] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  249.834770][T14998] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  249.889363][T15000] loop5: detected capacity change from 0 to 1024
[  249.909756][T15000] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  249.929470][T15000] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  249.939968][T15000] EXT4-fs (loop5): orphan cleanup on readonly fs
[  249.955103][T15000] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  249.970025][T15000] EXT4-fs (loop5): Cannot turn on quotas: error -5
[  249.980733][T15000] EXT4-fs (loop5): 1 truncate cleaned up
[  249.993377][T15000] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  250.066954][T11741] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.086878][T15011] program syz.2.4352 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  250.188233][T15015] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  250.195668][T15015] IPv6: NLM_F_CREATE should be set when creating new route
[  250.361539][T15020] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4356'.
[  250.397515][T10982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.510466][T15025] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  250.696949][ T8118] tipc: Node number set to 3288433508
[  250.739978][T15030] SELinux:  policydb magic number 0x6572666b does not match expected magic number 0xf97cff8c
[  250.750550][T15030] SELinux: failed to load policy
[  250.763973][T15029] rdma_rxe: rxe_newlink: failed to add vxcan1
[  250.773139][T15029] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4361'.
[  250.794998][T15029] bridge0: entered promiscuous mode
[  250.806676][T15029] macsec1: entered allmulticast mode
[  250.812031][T15029] bridge0: entered allmulticast mode
[  250.854458][T15029] bridge0: port 2(macsec1) entered blocking state
[  250.854796][T15036] SELinux:  policydb magic number 0x6572666b does not match expected magic number 0xf97cff8c
[  250.861000][T15029] bridge0: port 2(macsec1) entered disabled state
[  250.875722][T15036] SELinux: failed to load policy
[  250.891186][T15029] bridge0: left allmulticast mode
[  250.896354][T15029] bridge0: left promiscuous mode
[  250.902761][T11298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.916372][T15036] rdma_rxe: rxe_newlink: failed to add vxcan1
[  250.925687][T15036] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4363'.
[  250.937855][T15036] bridge0: entered promiscuous mode
[  250.944346][T15036] macsec1: entered allmulticast mode
[  250.948340][T15040] loop4: detected capacity change from 0 to 128
[  250.949673][T15036] bridge0: entered allmulticast mode
[  250.950536][T15036] bridge0: port 1(macsec1) entered blocking state
[  250.967963][T15036] bridge0: port 1(macsec1) entered disabled state
[  250.978406][T15036] bridge0: left allmulticast mode
[  250.983671][T15036] bridge0: left promiscuous mode
[  250.994495][T15040] bio_check_eod: 19 callbacks suppressed
[  250.994517][T15040] syz.4.4365: attempt to access beyond end of device
[  250.994517][T15040] loop4: rw=2049, sector=154, nr_sectors = 8 limit=128
[  251.018133][T15040] syz.4.4365: attempt to access beyond end of device
[  251.018133][T15040] loop4: rw=2049, sector=160, nr_sectors = 2 limit=128
[  251.031643][T15040] buffer_io_error: 4 callbacks suppressed
[  251.031736][T15040] Buffer I/O error on dev loop4, logical block 80, lost async page write
[  251.050442][T15040] syz.4.4365: attempt to access beyond end of device
[  251.050442][T15040] loop4: rw=2049, sector=162, nr_sectors = 8 limit=128
[  251.066129][T15040] syz.4.4365: attempt to access beyond end of device
[  251.066129][T15040] loop4: rw=2049, sector=168, nr_sectors = 2 limit=128
[  251.079939][T15040] Buffer I/O error on dev loop4, logical block 84, lost async page write
[  251.090722][T15040] syz.4.4365: attempt to access beyond end of device
[  251.090722][T15040] loop4: rw=2049, sector=186, nr_sectors = 8 limit=128
[  251.124426][T15044] netlink: 5 bytes leftover after parsing attributes in process `syz.2.4366'.
[  251.144040][T15040] syz.4.4365: attempt to access beyond end of device
[  251.144040][T15040] loop4: rw=2049, sector=192, nr_sectors = 2 limit=128
[  251.151551][T15051] loop5: detected capacity change from 0 to 512
[  251.157696][T15040] Buffer I/O error on dev loop4, logical block 96, lost async page write
[  251.164756][T15051] EXT4-fs: Ignoring removed mblk_io_submit option
[  251.179190][T15044] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  251.192527][T15040] syz.4.4365: attempt to access beyond end of device
[  251.192527][T15040] loop4: rw=2049, sector=194, nr_sectors = 8 limit=128
[  251.207999][T15040] syz.4.4365: attempt to access beyond end of device
[  251.207999][T15040] loop4: rw=2049, sector=200, nr_sectors = 2 limit=128
[  251.221812][T15040] Buffer I/O error on dev loop4, logical block 100, lost async page write
[  251.230629][T15051] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  251.232760][T15040] syz.4.4365: attempt to access beyond end of device
[  251.232760][T15040] loop4: rw=2049, sector=218, nr_sectors = 8 limit=128
[  251.274742][T15051] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  251.278411][T15040] syz.4.4365: attempt to access beyond end of device
[  251.278411][T15040] loop4: rw=2049, sector=224, nr_sectors = 2 limit=128
[  251.283181][T15051] System zones: 
[  251.296233][T15040] Buffer I/O error on dev loop4, logical block 112, lost async page write
[  251.308424][T15051] 1-12
[  251.327761][T15040] Buffer I/O error on dev loop4, logical block 116, lost async page write
[  251.341263][T15051] EXT4-fs (loop5): 1 truncate cleaned up
[  251.349637][T15040] Buffer I/O error on dev loop4, logical block 88, lost async page write
[  251.360531][T15051] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.374987][T15040] Buffer I/O error on dev loop4, logical block 92, lost async page write
[  251.387620][T15040] Buffer I/O error on dev loop4, logical block 120, lost async page write
[  251.405477][T15040] Buffer I/O error on dev loop4, logical block 124, lost async page write
[  251.440327][T11741] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.497291][T15071] loop5: detected capacity change from 0 to 764
[  251.504811][T15071] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  251.517412][T15070] SELinux: failed to load policy
[  251.524473][T15070] rdma_rxe: rxe_newlink: failed to add vxcan1
[  251.531046][T15070] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4376'.
[  251.545215][T15070] bridge0: entered promiscuous mode
[  251.550614][T15070] macsec1: entered allmulticast mode
[  251.555976][T15070] bridge0: entered allmulticast mode
[  251.562629][T15070] bridge0: port 1(macsec1) entered blocking state
[  251.569360][T15070] bridge0: port 1(macsec1) entered disabled state
[  251.578334][T15070] bridge0: left allmulticast mode
[  251.583561][T15070] bridge0: left promiscuous mode
[  251.603819][T15079] program syz.2.4381 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  251.769948][T15087] loop2: detected capacity change from 0 to 512
[  251.785088][T15087] EXT4-fs (loop2): too many log groups per flexible block group
[  251.792843][T15087] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  251.799932][T15087] EXT4-fs (loop2): mount failed
[  251.856952][T15091] FAULT_INJECTION: forcing a failure.
[  251.856952][T15091] name failslab, interval 1, probability 0, space 0, times 0
[  251.869754][T15091] CPU: 0 UID: 0 PID: 15091 Comm: syz.3.4383 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  251.869788][T15091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  251.869801][T15091] Call Trace:
[  251.869808][T15091]  <TASK>
[  251.869816][T15091]  __dump_stack+0x1d/0x30
[  251.869838][T15091]  dump_stack_lvl+0xe8/0x140
[  251.869859][T15091]  dump_stack+0x15/0x1b
[  251.869920][T15091]  should_fail_ex+0x265/0x280
[  251.869949][T15091]  should_failslab+0x8c/0xb0
[  251.869976][T15091]  kmem_cache_alloc_noprof+0x50/0x310
[  251.870019][T15091]  ? security_file_alloc+0x32/0x100
[  251.870063][T15091]  security_file_alloc+0x32/0x100
[  251.870105][T15091]  init_file+0x5c/0x1d0
[  251.870217][T15091]  alloc_empty_file+0x8b/0x200
[  251.870254][T15091]  path_openat+0x68/0x2170
[  251.870274][T15091]  ? _parse_integer_limit+0x170/0x190
[  251.870362][T15091]  ? kstrtoull+0x111/0x140
[  251.870391][T15091]  ? kstrtouint+0x76/0xc0
[  251.870418][T15091]  do_filp_open+0x109/0x230
[  251.870446][T15091]  do_sys_openat2+0xa6/0x110
[  251.870570][T15091]  __x64_sys_openat+0xf2/0x120
[  251.870613][T15091]  x64_sys_call+0x2e9c/0x2ff0
[  251.870635][T15091]  do_syscall_64+0xd2/0x200
[  251.870704][T15091]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  251.870796][T15091]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  251.870833][T15091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.870895][T15091] RIP: 0033:0x7fb066eeebe9
[  251.870915][T15091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.870994][T15091] RSP: 002b:00007fb06590d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  251.871018][T15091] RAX: ffffffffffffffda RBX: 00007fb067126180 RCX: 00007fb066eeebe9
[  251.871034][T15091] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  251.871050][T15091] RBP: 00007fb06590d090 R08: 0000000000000000 R09: 0000000000000000
[  251.871063][T15091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.871075][T15091] R13: 00007fb067126218 R14: 00007fb067126180 R15: 00007fff6c7bfef8
[  251.871093][T15091]  </TASK>
[  252.275617][   T29] kauditd_printk_skb: 230 callbacks suppressed
[  252.275692][   T29] audit: type=1326 audit(1757273329.287:22562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15092 comm="syz.4.4385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  252.305729][   T29] audit: type=1326 audit(1757273329.287:22563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15092 comm="syz.4.4385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  252.329690][   T29] audit: type=1326 audit(1757273329.287:22564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15092 comm="syz.4.4385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  252.353822][   T29] audit: type=1326 audit(1757273329.287:22565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15092 comm="syz.4.4385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  252.377836][   T29] audit: type=1326 audit(1757273329.287:22566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15092 comm="syz.4.4385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  252.402374][   T29] audit: type=1326 audit(1757273329.287:22567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15092 comm="syz.4.4385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  252.425982][   T29] audit: type=1326 audit(1757273329.397:22568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15092 comm="syz.4.4385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  252.450025][   T29] audit: type=1326 audit(1757273329.397:22569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15092 comm="syz.4.4385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  252.473750][   T29] audit: type=1326 audit(1757273329.407:22570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15092 comm="syz.4.4385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  252.498075][   T29] audit: type=1326 audit(1757273329.407:22571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15092 comm="syz.4.4385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  252.569619][T15101] loop0: detected capacity change from 0 to 512
[  252.576623][T15101] EXT4-fs: Ignoring removed mblk_io_submit option
[  252.584484][T15101] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  252.624028][T15101] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  252.637728][T15098] SELinux: failed to load policy
[  252.645306][T15098] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4389'.
[  252.656846][T15101] System zones: 1-12
[  252.657087][T15098] bridge0: entered promiscuous mode
[  252.666254][T15098] macsec1: entered allmulticast mode
[  252.671601][T15098] bridge0: entered allmulticast mode
[  252.677932][T15098] bridge0: port 1(macsec1) entered blocking state
[  252.684567][T15098] bridge0: port 1(macsec1) entered disabled state
[  252.691087][T15101] EXT4-fs (loop0): 1 truncate cleaned up
[  252.705280][T15107] random: crng reseeded on system resumption
[  252.716731][T15098] bridge0: left allmulticast mode
[  252.721820][T15098] bridge0: left promiscuous mode
[  252.722336][T15101] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.751063][T15108] batadv1: entered promiscuous mode
[  252.793406][T15109] IPVS: length: 166 != 166408
[  252.831578][T11427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.891619][T15114] loop0: detected capacity change from 0 to 2048
[  252.892124][T15111] random: crng reseeded on system resumption
[  252.926691][T15116] SELinux: failed to load policy
[  252.926788][T15114] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.934599][T15116] rdma_rxe: rxe_newlink: failed to add vxcan1
[  252.951684][T15116] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4393'.
[  252.963485][T15116] bridge0: entered promiscuous mode
[  252.968918][T15116] macsec1: entered allmulticast mode
[  252.974286][T15116] bridge0: entered allmulticast mode
[  252.980917][T15116] bridge0: port 2(macsec1) entered blocking state
[  252.987530][T15116] bridge0: port 2(macsec1) entered disabled state
[  252.995514][T15116] bridge0: left allmulticast mode
[  253.000625][T15116] bridge0: left promiscuous mode
[  253.032554][T11427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.072552][T15128] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15128 comm=syz.0.4397
[  253.085291][T15128] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15128 comm=syz.0.4397
[  253.102946][T15128] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1538 sclass=netlink_audit_socket pid=15128 comm=syz.0.4397
[  253.142555][T15128] loop0: detected capacity change from 0 to 512
[  253.161602][T15128] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.177560][T15128] ext4 filesystem being mounted at /244/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.207239][T15138] FAULT_INJECTION: forcing a failure.
[  253.207239][T15138] name failslab, interval 1, probability 0, space 0, times 0
[  253.219953][T15138] CPU: 0 UID: 0 PID: 15138 Comm: syz.3.4401 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  253.219989][T15138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  253.220005][T15138] Call Trace:
[  253.220093][T15138]  <TASK>
[  253.220101][T15138]  __dump_stack+0x1d/0x30
[  253.220154][T15138]  dump_stack_lvl+0xe8/0x140
[  253.220178][T15138]  dump_stack+0x15/0x1b
[  253.220198][T15138]  should_fail_ex+0x265/0x280
[  253.220227][T15138]  should_failslab+0x8c/0xb0
[  253.220286][T15138]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  253.220422][T15138]  ? sidtab_sid2str_get+0xa0/0x130
[  253.220450][T15138]  kmemdup_noprof+0x2b/0x70
[  253.220477][T15138]  sidtab_sid2str_get+0xa0/0x130
[  253.220552][T15138]  security_sid_to_context_core+0x1eb/0x2e0
[  253.220575][T15138]  security_sid_to_context+0x27/0x40
[  253.220593][T15138]  selinux_lsmprop_to_secctx+0x67/0xf0
[  253.220619][T15138]  security_lsmprop_to_secctx+0x43/0x80
[  253.220724][T15138]  audit_log_task_context+0x77/0x190
[  253.220765][T15138]  audit_log_task+0xf4/0x250
[  253.220799][T15138]  audit_seccomp+0x61/0x100
[  253.220831][T15138]  ? __seccomp_filter+0x68c/0x10d0
[  253.220859][T15138]  __seccomp_filter+0x69d/0x10d0
[  253.220922][T15138]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  253.220951][T15138]  ? vfs_write+0x7e8/0x960
[  253.220987][T15138]  __secure_computing+0x82/0x150
[  253.221014][T15138]  syscall_trace_enter+0xcf/0x1e0
[  253.221059][T15138]  do_syscall_64+0xac/0x200
[  253.221125][T15138]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  253.221154][T15138]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  253.221189][T15138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.221240][T15138] RIP: 0033:0x7fb066eeebe9
[  253.221258][T15138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.221281][T15138] RSP: 002b:00007fb06594f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  253.221369][T15138] RAX: ffffffffffffffda RBX: 00007fb067125fa0 RCX: 00007fb066eeebe9
[  253.221383][T15138] RDX: 0000000000000002 RSI: ffffffffffffffff RDI: ffffffffffffffff
[  253.221399][T15138] RBP: 00007fb06594f090 R08: 0000000000000000 R09: 0000000000000000
[  253.221413][T15138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.221428][T15138] R13: 00007fb067126038 R14: 00007fb067125fa0 R15: 00007fff6c7bfef8
[  253.221449][T15138]  </TASK>
[  253.484712][ T3738] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  253.499606][ T3738] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1029 with error 28
[  253.512265][ T3738] EXT4-fs (loop0): This should not happen!! Data will be lost
[  253.512265][ T3738] 
[  253.522093][ T3738] EXT4-fs (loop0): Total free blocks count 0
[  253.528262][ T3738] EXT4-fs (loop0): Free/Dirty block details
[  253.534228][ T3738] EXT4-fs (loop0): free_blocks=65280
[  253.539676][ T3738] EXT4-fs (loop0): dirty_blocks=1029
[  253.545010][ T3738] EXT4-fs (loop0): Block reservation details
[  253.551018][ T3738] EXT4-fs (loop0): i_reserved_data_blocks=1029
[  253.628241][T11427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.638491][T15146] program syz.5.4405 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  253.687390][T15152] loop4: detected capacity change from 0 to 128
[  253.698274][T15152] FAULT_INJECTION: forcing a failure.
[  253.698274][T15152] name failslab, interval 1, probability 0, space 0, times 0
[  253.711051][T15152] CPU: 0 UID: 0 PID: 15152 Comm: syz.4.4407 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  253.711084][T15152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  253.711135][T15152] Call Trace:
[  253.711142][T15152]  <TASK>
[  253.711149][T15152]  __dump_stack+0x1d/0x30
[  253.711170][T15152]  dump_stack_lvl+0xe8/0x140
[  253.711193][T15152]  dump_stack+0x15/0x1b
[  253.711233][T15152]  should_fail_ex+0x265/0x280
[  253.711292][T15152]  should_failslab+0x8c/0xb0
[  253.711322][T15152]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  253.711359][T15152]  ? sidtab_sid2str_get+0xa0/0x130
[  253.711387][T15152]  kmemdup_noprof+0x2b/0x70
[  253.711428][T15152]  sidtab_sid2str_get+0xa0/0x130
[  253.711449][T15152]  security_sid_to_context_core+0x1eb/0x2e0
[  253.711475][T15152]  security_sid_to_context+0x27/0x40
[  253.711527][T15152]  selinux_lsmprop_to_secctx+0x67/0xf0
[  253.711549][T15152]  security_lsmprop_to_secctx+0x43/0x80
[  253.711586][T15152]  audit_log_task_context+0x77/0x190
[  253.711625][T15152]  audit_log_task+0xf4/0x250
[  253.711662][T15152]  audit_seccomp+0x61/0x100
[  253.711693][T15152]  ? __seccomp_filter+0x68c/0x10d0
[  253.711794][T15152]  __seccomp_filter+0x69d/0x10d0
[  253.711821][T15152]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  253.711887][T15152]  ? vfs_write+0x7e8/0x960
[  253.711965][T15152]  ? __rcu_read_unlock+0x4f/0x70
[  253.711988][T15152]  ? __fget_files+0x184/0x1c0
[  253.712018][T15152]  __secure_computing+0x82/0x150
[  253.712089][T15152]  syscall_trace_enter+0xcf/0x1e0
[  253.712117][T15152]  do_syscall_64+0xac/0x200
[  253.712156][T15152]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  253.712243][T15152]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  253.712289][T15152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.712309][T15152] RIP: 0033:0x7f0cb820ebe9
[  253.712324][T15152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.712341][T15152] RSP: 002b:00007f0cb6c6f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  253.712406][T15152] RAX: ffffffffffffffda RBX: 00007f0cb8445fa0 RCX: 00007f0cb820ebe9
[  253.712421][T15152] RDX: 0000200000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  253.712436][T15152] RBP: 00007f0cb6c6f090 R08: 0000000000000000 R09: 0000000000000000
[  253.712448][T15152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.712460][T15152] R13: 00007f0cb8446038 R14: 00007f0cb8445fa0 R15: 00007ffd5c10d5c8
[  253.712481][T15152]  </TASK>
[  254.021682][T15169] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.4414'.
[  254.067183][T15173] loop0: detected capacity change from 0 to 164
[  254.084254][T15173] rock: directory entry would overflow storage
[  254.090473][T15173] rock: sig=0x66, size=4, remaining=3
[  254.138158][T15180] netlink: 5 bytes leftover after parsing attributes in process `syz.4.4418'.
[  254.152967][T15182] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  254.155870][T15180] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  254.169877][T15180] net_ratelimit: 74 callbacks suppressed
[  254.169896][T15180] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  254.234952][T15187] loop5: detected capacity change from 0 to 128
[  254.300371][T15191] loop0: detected capacity change from 0 to 1024
[  254.364893][T15191] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.414632][T15191] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  254.438459][T15191] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  254.439645][T15201] netlink: 48 bytes leftover after parsing attributes in process `+}[@'.
[  254.470247][T15201] loop4: detected capacity change from 0 to 256
[  254.496450][T11427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.556413][T15212] random: crng reseeded on system resumption
[  254.568952][T15213] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.4429'.
[  254.583360][T15215] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  254.635616][T15220] netlink: 5 bytes leftover after parsing attributes in process `syz.3.4434'.
[  254.645342][T15220] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  254.746302][T15220] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  254.794922][T15229] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  254.802217][T15229] IPv6: NLM_F_CREATE should be set when creating new route
[  254.846303][T15238] program syz.0.4441 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  254.884103][T15246] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  254.893557][T15246] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=15246 comm=syz.5.4445
[  254.931447][T15252] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  254.943412][T15249] SELinux: failed to load policy
[  254.951836][T15252] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  254.970953][T15249] bridge0: entered promiscuous mode
[  254.976454][T15249] macsec1: entered allmulticast mode
[  254.981778][T15249] bridge0: entered allmulticast mode
[  254.988583][T15249] bridge0: port 1(macsec1) entered blocking state
[  254.995193][T15249] bridge0: port 1(macsec1) entered disabled state
[  255.003064][T15249] bridge0: left allmulticast mode
[  255.008148][T15249] bridge0: left promiscuous mode
[  255.168636][T15264] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  255.176063][T15264] IPv6: NLM_F_CREATE should be set when creating new route
[  255.300785][T15278] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  255.380379][T15282] dummy0: entered allmulticast mode
[  255.389604][T15282] dummy0: left allmulticast mode
[  255.402143][T15280] vxcan1 speed is unknown, defaulting to 1000
[  255.413224][T15287] loop3: detected capacity change from 0 to 128
[  255.476475][T15280] lo speed is unknown, defaulting to 1000
[  255.512833][T15291] FAULT_INJECTION: forcing a failure.
[  255.512833][T15291] name failslab, interval 1, probability 0, space 0, times 0
[  255.525595][T15291] CPU: 1 UID: 0 PID: 15291 Comm: syz.0.4462 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  255.525665][T15291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  255.525680][T15291] Call Trace:
[  255.525687][T15291]  <TASK>
[  255.525695][T15291]  __dump_stack+0x1d/0x30
[  255.525773][T15291]  dump_stack_lvl+0xe8/0x140
[  255.525796][T15291]  dump_stack+0x15/0x1b
[  255.525811][T15291]  should_fail_ex+0x265/0x280
[  255.525834][T15291]  should_failslab+0x8c/0xb0
[  255.525947][T15291]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  255.525981][T15291]  ? sidtab_sid2str_get+0xa0/0x130
[  255.526004][T15291]  kmemdup_noprof+0x2b/0x70
[  255.526104][T15291]  sidtab_sid2str_get+0xa0/0x130
[  255.526125][T15291]  security_sid_to_context_core+0x1eb/0x2e0
[  255.526173][T15291]  security_sid_to_context+0x27/0x40
[  255.526199][T15291]  selinux_lsmprop_to_secctx+0x67/0xf0
[  255.526226][T15291]  security_lsmprop_to_secctx+0x43/0x80
[  255.526315][T15291]  audit_log_task_context+0x77/0x190
[  255.526388][T15291]  audit_log_task+0xf4/0x250
[  255.526419][T15291]  audit_seccomp+0x61/0x100
[  255.526483][T15291]  ? __seccomp_filter+0x68c/0x10d0
[  255.526566][T15291]  __seccomp_filter+0x69d/0x10d0
[  255.526595][T15291]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  255.526636][T15291]  ? vfs_write+0x7e8/0x960
[  255.526705][T15291]  __secure_computing+0x82/0x150
[  255.526732][T15291]  syscall_trace_enter+0xcf/0x1e0
[  255.526909][T15291]  do_syscall_64+0xac/0x200
[  255.526948][T15291]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  255.526978][T15291]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  255.527080][T15291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.527106][T15291] RIP: 0033:0x7fbe9fdfebe9
[  255.527125][T15291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.527155][T15291] RSP: 002b:00007fbe9e867038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  255.527179][T15291] RAX: ffffffffffffffda RBX: 00007fbea0035fa0 RCX: 00007fbe9fdfebe9
[  255.527272][T15291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  255.527287][T15291] RBP: 00007fbe9e867090 R08: 0000000000000000 R09: 0000000000000000
[  255.527302][T15291] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000001
[  255.527317][T15291] R13: 00007fbea0036038 R14: 00007fbea0035fa0 R15: 00007ffd87509808
[  255.527394][T15291]  </TASK>
[  255.802321][T15299] loop0: detected capacity change from 0 to 2048
[  255.816806][T15301] loop3: detected capacity change from 0 to 2048
[  255.826419][T15299] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.848101][T15301] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.867218][T15301] FAULT_INJECTION: forcing a failure.
[  255.867218][T15301] name failslab, interval 1, probability 0, space 0, times 0
[  255.867534][T15307] program syz.5.4466 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  255.879992][T15301] CPU: 1 UID: 0 PID: 15301 Comm: syz.3.4465 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  255.880031][T15301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  255.880050][T15301] Call Trace:
[  255.880059][T15301]  <TASK>
[  255.880072][T15301]  __dump_stack+0x1d/0x30
[  255.880141][T15301]  dump_stack_lvl+0xe8/0x140
[  255.880168][T15301]  dump_stack+0x15/0x1b
[  255.880191][T15301]  should_fail_ex+0x265/0x280
[  255.880222][T15301]  ? alloc_pipe_info+0xae/0x350
[  255.880255][T15301]  should_failslab+0x8c/0xb0
[  255.880335][T15301]  __kmalloc_cache_noprof+0x4c/0x320
[  255.880392][T15301]  alloc_pipe_info+0xae/0x350
[  255.880466][T15301]  splice_direct_to_actor+0x592/0x680
[  255.880526][T15301]  ? kstrtouint_from_user+0x9f/0xf0
[  255.880598][T15301]  ? __pfx_direct_splice_actor+0x10/0x10
[  255.880625][T15301]  ? __rcu_read_unlock+0x4f/0x70
[  255.880654][T15301]  ? avc_policy_seqno+0x15/0x30
[  255.880713][T15301]  ? selinux_file_permission+0x1e4/0x320
[  255.880793][T15301]  do_splice_direct+0xda/0x150
[  255.880860][T15301]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  255.880973][T15301]  do_sendfile+0x380/0x650
[  255.881017][T15301]  __x64_sys_sendfile64+0x105/0x150
[  255.881056][T15301]  x64_sys_call+0x2bb0/0x2ff0
[  255.881085][T15301]  do_syscall_64+0xd2/0x200
[  255.881162][T15301]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  255.881196][T15301]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  255.881245][T15301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.881288][T15301] RIP: 0033:0x7fb066eeebe9
[  255.881379][T15301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.881404][T15301] RSP: 002b:00007fb06594f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  255.881429][T15301] RAX: ffffffffffffffda RBX: 00007fb067125fa0 RCX: 00007fb066eeebe9
[  255.881457][T15301] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000007
[  255.881546][T15301] RBP: 00007fb06594f090 R08: 0000000000000000 R09: 0000000000000000
[  255.881563][T15301] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000001
[  255.881580][T15301] R13: 00007fb067126038 R14: 00007fb067125fa0 R15: 00007fff6c7bfef8
[  255.881604][T15301]  </TASK>
[  256.114749][T11427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.126840][T10982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.300707][T15320] vxcan1 speed is unknown, defaulting to 1000
[  256.309696][T15329] __nla_validate_parse: 4 callbacks suppressed
[  256.309710][T15329] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.4476'.
[  256.335824][T15331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4472'.
[  256.362894][T15333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4477'.
[  256.371926][T15333] erspan0: entered promiscuous mode
[  256.390660][T15330] netlink: 100 bytes leftover after parsing attributes in process `syz.5.4474'.
[  256.401974][T15337] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  256.407262][T15320] lo speed is unknown, defaulting to 1000
[  256.701111][T15358] SELinux: failed to load policy
[  256.717186][T15358] rdma_rxe: rxe_newlink: failed to add vxcan1
[  256.725101][T15358] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4486'.
[  256.736938][T15358] bridge0: entered promiscuous mode
[  256.742307][T15358] macsec1: entered allmulticast mode
[  256.747662][T15358] bridge0: entered allmulticast mode
[  256.755140][T15358] bridge0: port 1(macsec1) entered blocking state
[  256.761768][T15358] bridge0: port 1(macsec1) entered disabled state
[  256.769962][T15358] bridge0: left allmulticast mode
[  256.775351][T15358] bridge0: left promiscuous mode
[  256.849726][T15340] Set syz1 is full, maxelem 65536 reached
[  256.936677][T15365] loop3: detected capacity change from 0 to 512
[  256.949175][T15365] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  256.959750][T15365] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  256.979142][T15370] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  256.979164][T15365] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #11: comm syz.3.4489: corrupted inode contents
[  257.000237][T15365] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #11: comm syz.3.4489: mark_inode_dirty error
[  257.011869][T15365] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.4489: invalid indirect mapped block 1 (level 1)
[  257.026567][T15365] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #11: comm syz.3.4489: corrupted inode contents
[  257.027462][T15373] IPVS: stopping master sync thread 15374 ...
[  257.038599][T15365] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  257.044757][T15374] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  257.054536][T15365] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #11: comm syz.3.4489: corrupted inode contents
[  257.077260][T15365] EXT4-fs error (device loop3): ext4_truncate:4666: inode #11: comm syz.3.4489: mark_inode_dirty error
[  257.091038][T15365] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  257.101969][T15365] EXT4-fs (loop3): 1 truncate cleaned up
[  257.108189][T15365] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.118550][T15376] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  257.159573][T15378] netlink: 'syz.0.4494': attribute type 10 has an invalid length.
[  257.160298][T10982] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.171117][T15378] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4494'.
[  257.196236][T15378] dummy0: entered promiscuous mode
[  257.228869][T15378] bridge0: port 1(dummy0) entered blocking state
[  257.237930][T15378] bridge0: port 1(dummy0) entered disabled state
[  257.264550][T15378] dummy0: entered allmulticast mode
[  257.265835][T15392] netlink: 5 bytes leftover after parsing attributes in process `syz.3.4500'.
[  257.292531][T15378] bridge0: port 1(dummy0) entered blocking state
[  257.299442][T15378] bridge0: port 1(dummy0) entered forwarding state
[  257.325528][T15395] SELinux: failed to load policy
[  257.338851][T15392] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  257.348612][T15392] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  257.369003][   T29] kauditd_printk_skb: 421 callbacks suppressed
[  257.369020][   T29] audit: type=1326 audit(1757273334.517:22990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15390 comm="syz.3.4500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  257.438587][T15404] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.4506'.
[  257.479351][T15402] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4505'.
[  257.481680][T15411] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  257.571346][   T29] audit: type=1326 audit(1757273334.717:22991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15424 comm="syz.3.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  257.587227][T15421] random: crng reseeded on system resumption
[  257.595087][   T29] audit: type=1326 audit(1757273334.717:22992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15424 comm="syz.3.4515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb066eeebe9 code=0x7ffc0000
[  257.707396][   T29] audit: type=1326 audit(1757273334.857:22993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15434 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9fdfebe9 code=0x7ffc0000
[  257.740427][   T29] audit: type=1326 audit(1757273334.887:22994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15434 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7fbe9fdfebe9 code=0x7ffc0000
[  257.764300][   T29] audit: type=1326 audit(1757273334.887:22995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15434 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9fdfebe9 code=0x7ffc0000
[  257.787945][   T29] audit: type=1326 audit(1757273334.887:22996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15434 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9fdfebe9 code=0x7ffc0000
[  257.811569][   T29] audit: type=1326 audit(1757273334.887:22997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15434 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe9fdfebe9 code=0x7ffc0000
[  257.835203][   T29] audit: type=1326 audit(1757273334.887:22998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15434 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9fdfebe9 code=0x7ffc0000
[  257.858956][   T29] audit: type=1326 audit(1757273334.887:22999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15434 comm="syz.0.4517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe9fdfebe9 code=0x7ffc0000
[  258.077960][T15446] loop0: detected capacity change from 0 to 764
[  258.095105][T15446] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  258.166324][T15448] vxcan1 speed is unknown, defaulting to 1000
[  258.279907][T15448] lo speed is unknown, defaulting to 1000
[  258.493945][T15466] random: crng reseeded on system resumption
[  258.758344][T15484] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.4536'.
[  258.885341][T15488] SELinux: failed to load policy
[  258.974813][ T3399] lo speed is unknown, defaulting to 1000
[  259.000986][T15495] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  259.007142][T15492] bridge0: port 1(dummy0) entered disabled state
[  259.081936][T15501] loop5: detected capacity change from 0 to 764
[  259.108981][T15501] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  259.263071][T15506] SELinux: failed to load policy
[  259.274419][T15506] rdma_rxe: rxe_newlink: failed to add vxcan1
[  259.276932][T15508] loop2: detected capacity change from 0 to 512
[  259.294466][T15506] bridge0: entered promiscuous mode
[  259.297941][T15508] EXT4-fs: Ignoring removed mblk_io_submit option
[  259.299815][T15506] macsec1: entered allmulticast mode
[  259.311751][T15506] bridge0: entered allmulticast mode
[  259.317928][T15508] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  259.319713][T15506] bridge0: port 2(macsec1) entered blocking state
[  259.334545][T15506] bridge0: port 2(macsec1) entered disabled state
[  259.343298][T15506] bridge0: left allmulticast mode
[  259.346007][T15508] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  259.348394][T15506] bridge0: left promiscuous mode
[  259.367810][T15508] System zones: 1-12
[  259.372295][T15508] EXT4-fs (loop2): 1 truncate cleaned up
[  259.378642][T15508] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.440753][T10785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.514650][T15524] SELinux: failed to load policy
[  259.538089][T15520] vxcan1 speed is unknown, defaulting to 1000
[  259.693075][T15522] vxcan1 speed is unknown, defaulting to 1000
[  259.699574][T15520] lo speed is unknown, defaulting to 1000
[  259.724555][T15536] loop3: detected capacity change from 0 to 128
[  259.785531][T15536] bio_check_eod: 75 callbacks suppressed
[  259.785549][T15536] syz.3.4555: attempt to access beyond end of device
[  259.785549][T15536] loop3: rw=2049, sector=154, nr_sectors = 8 limit=128
[  259.823540][T15536] syz.3.4555: attempt to access beyond end of device
[  259.823540][T15536] loop3: rw=2049, sector=160, nr_sectors = 2 limit=128
[  259.837087][T15536] buffer_io_error: 30 callbacks suppressed
[  259.837111][T15536] Buffer I/O error on dev loop3, logical block 80, lost async page write
[  259.909297][T15536] syz.3.4555: attempt to access beyond end of device
[  259.909297][T15536] loop3: rw=2049, sector=162, nr_sectors = 8 limit=128
[  259.913908][T15522] lo speed is unknown, defaulting to 1000
[  259.952560][T15542] loop0: detected capacity change from 0 to 1024
[  259.967019][T15536] syz.3.4555: attempt to access beyond end of device
[  259.967019][T15536] loop3: rw=2049, sector=168, nr_sectors = 2 limit=128
[  259.980623][T15536] Buffer I/O error on dev loop3, logical block 84, lost async page write
[  260.001032][T15542] EXT4-fs: Ignoring removed orlov option
[  260.006788][T15542] EXT4-fs: Ignoring removed nomblk_io_submit option
[  260.012728][T15536] syz.3.4555: attempt to access beyond end of device
[  260.012728][T15536] loop3: rw=2049, sector=186, nr_sectors = 8 limit=128
[  260.054667][T15536] syz.3.4555: attempt to access beyond end of device
[  260.054667][T15536] loop3: rw=2049, sector=192, nr_sectors = 2 limit=128
[  260.068582][T15536] Buffer I/O error on dev loop3, logical block 96, lost async page write
[  260.077735][T15536] syz.3.4555: attempt to access beyond end of device
[  260.077735][T15536] loop3: rw=2049, sector=194, nr_sectors = 8 limit=128
[  260.091629][T15536] syz.3.4555: attempt to access beyond end of device
[  260.091629][T15536] loop3: rw=2049, sector=200, nr_sectors = 2 limit=128
[  260.105407][T15536] Buffer I/O error on dev loop3, logical block 100, lost async page write
[  260.119464][T15536] syz.3.4555: attempt to access beyond end of device
[  260.119464][T15536] loop3: rw=2049, sector=218, nr_sectors = 8 limit=128
[  260.153374][T15536] syz.3.4555: attempt to access beyond end of device
[  260.153374][T15536] loop3: rw=2049, sector=224, nr_sectors = 2 limit=128
[  260.166907][T15536] Buffer I/O error on dev loop3, logical block 112, lost async page write
[  260.202442][T15536] Buffer I/O error on dev loop3, logical block 116, lost async page write
[  260.257346][T15536] Buffer I/O error on dev loop3, logical block 88, lost async page write
[  260.266537][T15536] Buffer I/O error on dev loop3, logical block 92, lost async page write
[  260.282223][T15536] Buffer I/O error on dev loop3, logical block 120, lost async page write
[  260.306163][T15536] Buffer I/O error on dev loop3, logical block 124, lost async page write
[  260.422717][T15559] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  260.429999][T15559] IPv6: NLM_F_CREATE should be set when creating new route
[  260.460098][T15562] program syz.5.4562 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  260.665096][T15573] vxcan1 speed is unknown, defaulting to 1000
[  260.686697][T15580] loop3: detected capacity change from 0 to 512
[  260.704798][T15580] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  260.715094][T15580] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  260.767756][T15580] netlink: zone id is out of range
[  260.779160][T15585] SELinux: failed to load policy
[  260.790714][T15580] netlink: zone id is out of range
[  260.791081][T15584] bond1: entered promiscuous mode
[  260.795913][T15580] netlink: zone id is out of range
[  260.801034][T15584] bond1: entered allmulticast mode
[  260.806183][T15580] netlink: zone id is out of range
[  260.806323][T15580] netlink: zone id is out of range
[  260.822140][T15580] netlink: zone id is out of range
[  260.827484][T15580] netlink: zone id is out of range
[  260.832865][T15580] netlink: zone id is out of range
[  260.838640][T15580] netlink: zone id is out of range
[  260.843980][T15580] netlink: zone id is out of range
[  260.850357][T15584] 8021q: adding VLAN 0 to HW filter on device bond1
[  260.925638][T15591] loop3: detected capacity change from 0 to 512
[  260.927324][T15585] bridge0: entered promiscuous mode
[  260.947084][T15591] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  260.951865][T15585] macsec1: entered allmulticast mode
[  260.957026][T15591] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  260.962341][T15585] bridge0: entered allmulticast mode
[  260.982957][T15585] bridge0: port 2(macsec1) entered blocking state
[  260.989558][T15585] bridge0: port 2(macsec1) entered disabled state
[  261.044347][T15593] loop3: detected capacity change from 0 to 128
[  261.051572][T15585] bridge0: left allmulticast mode
[  261.056779][T15585] bridge0: left promiscuous mode
[  261.084963][T15573] lo speed is unknown, defaulting to 1000
[  261.102896][T15589] rdma_rxe: rxe_newlink: failed to add vxcan1
[  261.116980][T15596] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  261.467263][T15606] random: crng reseeded on system resumption
[  261.551829][T15619] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  261.706761][T15623] __nla_validate_parse: 8 callbacks suppressed
[  261.706776][T15623] netlink: 5 bytes leftover after parsing attributes in process `syz.3.4584'.
[  261.754281][T15616] random: crng reseeded on system resumption
[  261.780423][T15623] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  261.828940][T15627] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  261.892794][T15630] program syz.5.4587 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  261.917254][T15633] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  262.007781][T15644] loop3: detected capacity change from 0 to 512
[  262.017102][T15644] EXT4-fs: Ignoring removed mblk_io_submit option
[  262.025032][T15648] SELinux:  policydb magic number 0x6572666b does not match expected magic number 0xf97cff8c
[  262.034172][T15644] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  262.035823][T15648] SELinux: failed to load policy
[  262.054241][T15648] rdma_rxe: rxe_newlink: failed to add vxcan1
[  262.060958][T15648] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4594'.
[  262.072951][T15648] bridge0: entered promiscuous mode
[  262.078363][T15648] macsec1: entered allmulticast mode
[  262.083697][T15648] bridge0: entered allmulticast mode
[  262.096250][T15642] SELinux: failed to load policy
[  262.114657][T15648] bridge0: port 2(macsec1) entered blocking state
[  262.121166][T15648] bridge0: port 2(macsec1) entered disabled state
[  262.139191][T15644] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  262.148464][T15644] System zones: 1-12
[  262.152488][T15648] bridge0: left allmulticast mode
[  262.157851][T15648] bridge0: left promiscuous mode
[  262.164685][T15644] EXT4-fs (loop3): 1 truncate cleaned up
[  262.213828][T15660] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  262.230763][T15661] FAULT_INJECTION: forcing a failure.
[  262.230763][T15661] name failslab, interval 1, probability 0, space 0, times 0
[  262.243850][T15661] CPU: 1 UID: 0 PID: 15661 Comm: syz.5.4598 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  262.243904][T15661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  262.243917][T15661] Call Trace:
[  262.243922][T15661]  <TASK>
[  262.243930][T15661]  __dump_stack+0x1d/0x30
[  262.243956][T15661]  dump_stack_lvl+0xe8/0x140
[  262.243981][T15661]  dump_stack+0x15/0x1b
[  262.244002][T15661]  should_fail_ex+0x265/0x280
[  262.244067][T15661]  should_failslab+0x8c/0xb0
[  262.244099][T15661]  kmem_cache_alloc_node_noprof+0x57/0x320
[  262.244133][T15661]  ? __alloc_skb+0x101/0x320
[  262.244235][T15661]  __alloc_skb+0x101/0x320
[  262.244260][T15661]  netlink_alloc_large_skb+0xba/0xf0
[  262.244316][T15661]  netlink_sendmsg+0x3cf/0x6b0
[  262.244349][T15661]  ? __pfx_netlink_sendmsg+0x10/0x10
[  262.244453][T15661]  __sock_sendmsg+0x142/0x180
[  262.244493][T15661]  ____sys_sendmsg+0x31e/0x4e0
[  262.244527][T15661]  ___sys_sendmsg+0x17b/0x1d0
[  262.244581][T15661]  __x64_sys_sendmsg+0xd4/0x160
[  262.244619][T15661]  x64_sys_call+0x191e/0x2ff0
[  262.244646][T15661]  do_syscall_64+0xd2/0x200
[  262.244723][T15661]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  262.244747][T15661]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  262.244785][T15661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.244833][T15661] RIP: 0033:0x7fca3614ebe9
[  262.244885][T15661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.244907][T15661] RSP: 002b:00007fca34b8e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  262.244930][T15661] RAX: ffffffffffffffda RBX: 00007fca36386090 RCX: 00007fca3614ebe9
[  262.244944][T15661] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 000000000000000e
[  262.244957][T15661] RBP: 00007fca34b8e090 R08: 0000000000000000 R09: 0000000000000000
[  262.244970][T15661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.244982][T15661] R13: 00007fca36386128 R14: 00007fca36386090 R15: 00007ffed47ace98
[  262.245055][T15661]  </TASK>
[  262.253554][T15659] random: crng reseeded on system resumption
[  262.504530][   T29] kauditd_printk_skb: 189 callbacks suppressed
[  262.504546][   T29] audit: type=1326 audit(1757273339.657:23187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.2.4606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  262.534492][   T29] audit: type=1326 audit(1757273339.657:23188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.2.4606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  262.558243][   T29] audit: type=1326 audit(1757273339.657:23189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.2.4606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  262.586041][T15683] loop3: detected capacity change from 0 to 512
[  262.592707][T15683] EXT4-fs: Ignoring removed mblk_io_submit option
[  262.613440][T15683] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  262.630186][   T29] audit: type=1326 audit(1757273339.657:23190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.2.4606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  262.654024][   T29] audit: type=1326 audit(1757273339.657:23191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.2.4606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  262.677804][   T29] audit: type=1326 audit(1757273339.657:23192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.2.4606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  262.701620][   T29] audit: type=1326 audit(1757273339.657:23193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.2.4606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  262.725583][   T29] audit: type=1326 audit(1757273339.657:23194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.2.4606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  262.748905][T15683] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  262.749445][   T29] audit: type=1326 audit(1757273339.657:23195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.2.4606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  262.757621][T15683] System zones: 
[  262.780972][   T29] audit: type=1326 audit(1757273339.657:23196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.2.4606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d87edebe9 code=0x7ffc0000
[  262.809296][T15683] 1-12
[  262.819527][T15683] EXT4-fs (loop3): 1 truncate cleaned up
[  262.837198][T15689] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  262.860061][T15698] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4615'.
[  262.869744][T15700] loop5: detected capacity change from 0 to 128
[  263.022521][T15710] loop0: detected capacity change from 0 to 128
[  263.260710][T15716] SELinux:  Context  is not valid (left unmapped).
[  263.437853][T15721] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4622'.
[  263.465961][T15721] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4622'.
[  263.539219][T15733] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.4627'.
[  263.568364][T15736] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  263.593926][T15742] program syz.2.4630 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  263.614083][T15744] loop3: detected capacity change from 0 to 512
[  263.622838][T15744] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  263.640658][T15744] EXT4-fs (loop3): Can't support bigalloc feature without extents feature
[  263.640658][T15744] 
[  263.647365][T15749] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.4633'.
[  263.651485][T15744] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  263.682939][T15746] random: crng reseeded on system resumption
[  263.705713][T15753] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4634'.
[  264.252591][T15776] vxcan1 speed is unknown, defaulting to 1000
[  264.488480][T15776] lo speed is unknown, defaulting to 1000
[  264.785009][T15794] random: crng reseeded on system resumption
[  264.824137][T15798] loop5: detected capacity change from 0 to 512
[  264.830814][T15798] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  264.999834][T15805] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4651'.
[  265.039935][T15810] loop2: detected capacity change from 0 to 512
[  265.062748][T15810] EXT4-fs: Ignoring removed nobh option
[  265.079668][T15810] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  265.098283][T15810] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[  265.204286][T15821] FAULT_INJECTION: forcing a failure.
[  265.204286][T15821] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  265.217651][T15821] CPU: 0 UID: 0 PID: 15821 Comm: syz.5.4658 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  265.217680][T15821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  265.217693][T15821] Call Trace:
[  265.217701][T15821]  <TASK>
[  265.217773][T15821]  __dump_stack+0x1d/0x30
[  265.217857][T15821]  dump_stack_lvl+0xe8/0x140
[  265.217877][T15821]  dump_stack+0x15/0x1b
[  265.217893][T15821]  should_fail_ex+0x265/0x280
[  265.217986][T15821]  should_fail+0xb/0x20
[  265.218006][T15821]  should_fail_usercopy+0x1a/0x20
[  265.218032][T15821]  _copy_to_user+0x20/0xa0
[  265.218122][T15821]  simple_read_from_buffer+0xb5/0x130
[  265.218145][T15821]  proc_fail_nth_read+0x10e/0x150
[  265.218174][T15821]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  265.218201][T15821]  vfs_read+0x1a5/0x770
[  265.218222][T15821]  ? __rcu_read_unlock+0x4f/0x70
[  265.218284][T15821]  ? __fget_files+0x184/0x1c0
[  265.218366][T15821]  ksys_read+0xda/0x1a0
[  265.218390][T15821]  __x64_sys_read+0x40/0x50
[  265.218412][T15821]  x64_sys_call+0x27bc/0x2ff0
[  265.218502][T15821]  do_syscall_64+0xd2/0x200
[  265.218553][T15821]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  265.218582][T15821]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  265.218612][T15821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.218634][T15821] RIP: 0033:0x7fca3614d5fc
[  265.218714][T15821] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  265.218733][T15821] RSP: 002b:00007fca34baf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  265.218752][T15821] RAX: ffffffffffffffda RBX: 00007fca36385fa0 RCX: 00007fca3614d5fc
[  265.218765][T15821] RDX: 000000000000000f RSI: 00007fca34baf0a0 RDI: 0000000000000003
[  265.218777][T15821] RBP: 00007fca34baf090 R08: 0000000000000000 R09: 0000000000000000
[  265.218868][T15821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.218880][T15821] R13: 00007fca36386038 R14: 00007fca36385fa0 R15: 00007ffed47ace98
[  265.218899][T15821]  </TASK>
[  265.448905][T15827] FAULT_INJECTION: forcing a failure.
[  265.448905][T15827] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  265.462053][T15827] CPU: 0 UID: 0 PID: 15827 Comm: syz.5.4660 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  265.462144][T15827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  265.462156][T15827] Call Trace:
[  265.462163][T15827]  <TASK>
[  265.462218][T15827]  __dump_stack+0x1d/0x30
[  265.462239][T15827]  dump_stack_lvl+0xe8/0x140
[  265.462279][T15827]  dump_stack+0x15/0x1b
[  265.462296][T15827]  should_fail_ex+0x265/0x280
[  265.462384][T15827]  should_fail+0xb/0x20
[  265.462403][T15827]  should_fail_usercopy+0x1a/0x20
[  265.462430][T15827]  _copy_to_user+0x20/0xa0
[  265.462470][T15827]  simple_read_from_buffer+0xb5/0x130
[  265.462530][T15827]  proc_fail_nth_read+0x10e/0x150
[  265.462558][T15827]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  265.462627][T15827]  vfs_read+0x1a5/0x770
[  265.462678][T15827]  ? __rcu_read_unlock+0x4f/0x70
[  265.462705][T15827]  ? __fget_files+0x184/0x1c0
[  265.462734][T15827]  ksys_read+0xda/0x1a0
[  265.462761][T15827]  __x64_sys_read+0x40/0x50
[  265.462856][T15827]  x64_sys_call+0x27bc/0x2ff0
[  265.462883][T15827]  do_syscall_64+0xd2/0x200
[  265.462915][T15827]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  265.462939][T15827]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  265.463045][T15827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.463071][T15827] RIP: 0033:0x7fca3614d5fc
[  265.463120][T15827] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  265.463138][T15827] RSP: 002b:00007fca34baf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  265.463158][T15827] RAX: ffffffffffffffda RBX: 00007fca36385fa0 RCX: 00007fca3614d5fc
[  265.463171][T15827] RDX: 000000000000000f RSI: 00007fca34baf0a0 RDI: 0000000000000005
[  265.463184][T15827] RBP: 00007fca34baf090 R08: 0000000000000000 R09: 0000000000000000
[  265.463199][T15827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.463219][T15827] R13: 00007fca36386038 R14: 00007fca36385fa0 R15: 00007ffed47ace98
[  265.463238][T15827]  </TASK>
[  265.477868][T15829] SELinux: failed to load policy
[  265.532478][T15832] rdma_rxe: rxe_newlink: failed to add vxcan1
[  265.589706][T15829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4661'.
[  265.670871][T15834] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  265.696829][T15829] bridge0: entered promiscuous mode
[  265.702106][T15829] macsec1: entered allmulticast mode
[  265.707581][T15829] bridge0: entered allmulticast mode
[  265.752604][T15829] bridge0: port 1(macsec1) entered blocking state
[  265.759209][T15829] bridge0: port 1(macsec1) entered disabled state
[  265.767274][T15829] bridge0: left allmulticast mode
[  265.772452][T15829] bridge0: left promiscuous mode
[  265.793288][T15840] loop5: detected capacity change from 0 to 1024
[  265.847910][T15849] net_ratelimit: 157 callbacks suppressed
[  265.848001][T15849] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  266.075021][T15860] netlink: 'syz.2.4674': attribute type 10 has an invalid length.
[  266.095015][T15864] loop3: detected capacity change from 0 to 764
[  266.101770][T15860] dummy0: entered promiscuous mode
[  266.109801][T15864] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  266.130840][T15860] bridge0: port 2(dummy0) entered blocking state
[  266.141103][T15867] loop4: detected capacity change from 0 to 128
[  266.148507][T15860] bridge0: port 2(dummy0) entered disabled state
[  266.175965][T15867] bio_check_eod: 103 callbacks suppressed
[  266.175996][T15867] syz.4.4676: attempt to access beyond end of device
[  266.175996][T15867] loop4: rw=2049, sector=154, nr_sectors = 8 limit=128
[  266.197554][T15867] syz.4.4676: attempt to access beyond end of device
[  266.197554][T15867] loop4: rw=2049, sector=160, nr_sectors = 2 limit=128
[  266.211418][T15867] buffer_io_error: 43 callbacks suppressed
[  266.211436][T15867] Buffer I/O error on dev loop4, logical block 80, lost async page write
[  266.228111][T15867] syz.4.4676: attempt to access beyond end of device
[  266.228111][T15867] loop4: rw=2049, sector=162, nr_sectors = 8 limit=128
[  266.228125][T15860] dummy0: entered allmulticast mode
[  266.244396][T15867] syz.4.4676: attempt to access beyond end of device
[  266.244396][T15867] loop4: rw=2049, sector=168, nr_sectors = 2 limit=128
[  266.260948][T15867] Buffer I/O error on dev loop4, logical block 84, lost async page write
[  266.271613][T15867] syz.4.4676: attempt to access beyond end of device
[  266.271613][T15867] loop4: rw=2049, sector=186, nr_sectors = 8 limit=128
[  266.286709][T15867] syz.4.4676: attempt to access beyond end of device
[  266.286709][T15867] loop4: rw=2049, sector=192, nr_sectors = 2 limit=128
[  266.300511][T15867] Buffer I/O error on dev loop4, logical block 96, lost async page write
[  266.310405][T15867] syz.4.4676: attempt to access beyond end of device
[  266.310405][T15867] loop4: rw=2049, sector=194, nr_sectors = 8 limit=128
[  266.331821][T15867] syz.4.4676: attempt to access beyond end of device
[  266.331821][T15867] loop4: rw=2049, sector=200, nr_sectors = 2 limit=128
[  266.345622][T15867] Buffer I/O error on dev loop4, logical block 100, lost async page write
[  266.355105][T15867] syz.4.4676: attempt to access beyond end of device
[  266.355105][T15867] loop4: rw=2049, sector=218, nr_sectors = 8 limit=128
[  266.360476][T15860] bridge0: port 2(dummy0) entered blocking state
[  266.369158][T15867] syz.4.4676: attempt to access beyond end of device
[  266.369158][T15867] loop4: rw=2049, sector=224, nr_sectors = 2 limit=128
[  266.376464][T15860] bridge0: port 2(dummy0) entered forwarding state
[  266.388842][T15867] Buffer I/O error on dev loop4, logical block 112, lost async page write
[  266.389827][T15867] Buffer I/O error on dev loop4, logical block 116, lost async page write
[  266.416913][T15867] Buffer I/O error on dev loop4, logical block 88, lost async page write
[  266.427193][T15867] Buffer I/O error on dev loop4, logical block 92, lost async page write
[  266.436643][T15867] Buffer I/O error on dev loop4, logical block 120, lost async page write
[  266.445675][T15867] Buffer I/O error on dev loop4, logical block 124, lost async page write
[  266.777512][T15899] RDS: rds_bind could not find a transport for fe80::28, load rds_tcp or rds_rdma?
[  266.874040][T15899] bridge0: entered allmulticast mode
[  267.158069][T15918] loop2: detected capacity change from 0 to 128
[  267.388716][T15915] SELinux: failed to load policy
[  267.400621][T15915] rdma_rxe: rxe_newlink: failed to add vxcan1
[  267.410144][T15915] __nla_validate_parse: 2 callbacks suppressed
[  267.410159][T15915] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4693'.
[  267.431210][T15915] bridge0: entered promiscuous mode
[  267.437303][T15915] macsec1: entered allmulticast mode
[  267.442801][T15915] bridge0: entered allmulticast mode
[  267.450596][T15915] bridge0: port 1(macsec1) entered blocking state
[  267.457199][T15915] bridge0: port 1(macsec1) entered disabled state
[  267.536333][   T29] kauditd_printk_skb: 1103 callbacks suppressed
[  267.536353][   T29] audit: type=1326 audit(1757273344.687:24300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15926 comm="syz.4.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  267.566854][   T29] audit: type=1326 audit(1757273344.687:24301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15926 comm="syz.4.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  267.590622][   T29] audit: type=1326 audit(1757273344.687:24302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15926 comm="syz.4.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  267.614343][   T29] audit: type=1326 audit(1757273344.687:24303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15926 comm="syz.4.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  267.638134][   T29] audit: type=1326 audit(1757273344.687:24304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15926 comm="syz.4.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  267.661895][   T29] audit: type=1326 audit(1757273344.687:24305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15926 comm="syz.4.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  267.685589][   T29] audit: type=1326 audit(1757273344.687:24306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15926 comm="syz.4.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  267.709405][   T29] audit: type=1326 audit(1757273344.687:24307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15926 comm="syz.4.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  267.733043][   T29] audit: type=1326 audit(1757273344.687:24308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15926 comm="syz.4.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  267.756894][   T29] audit: type=1326 audit(1757273344.687:24309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15926 comm="syz.4.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0cb820ebe9 code=0x7ffc0000
[  267.838400][T15915] bridge0: left allmulticast mode
[  267.843628][T15915] bridge0: left promiscuous mode
[  267.885304][T15940] random: crng reseeded on system resumption
[  267.912217][T15944] loop2: detected capacity change from 0 to 1024
[  267.925521][T15946] loop4: detected capacity change from 0 to 764
[  267.936047][T15946] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  267.943562][T15944] EXT4-fs mount: 10 callbacks suppressed
[  267.943583][T15944] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.001394][T15944] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  268.050211][T15955] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  268.125798][T10785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.331236][T15962] random: crng reseeded on system resumption
[  268.560496][T15980] netlink: 'syz.3.4717': attribute type 10 has an invalid length.
[  268.568965][T15980] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4717'.
[  268.713634][T15989] random: crng reseeded on system resumption
[  268.745823][T15980] dummy0: entered promiscuous mode
[  268.809570][T15980] bridge0: port 1(dummy0) entered blocking state
[  268.817502][T15980] bridge0: port 1(dummy0) entered disabled state
[  268.893841][T15980] dummy0: entered allmulticast mode
[  268.941141][T15996] netlink: 5 bytes leftover after parsing attributes in process `syz.4.4723'.
[  268.954016][T15998] loop3: detected capacity change from 0 to 128
[  268.968977][T16000] loop2: detected capacity change from 0 to 512
[  268.973261][T15996] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  268.982247][T16000] EXT4-fs: Ignoring removed mblk_io_submit option
[  268.983610][T15996] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  269.005546][T16000] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  269.077788][T16000] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  269.093044][T16000] System zones: 1-12
[  269.161787][T16009] SELinux: failed to load policy
[  269.170291][T16009] rdma_rxe: rxe_newlink: failed to add vxcan1
[  269.185117][T16000] EXT4-fs (loop2): 1 truncate cleaned up
[  269.220484][T16014] program syz.5.4729 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  269.239174][T16015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4728'.
[  269.243487][T16000] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.272263][T16015] bridge0: entered promiscuous mode
[  269.277868][T16015] macsec1: entered allmulticast mode
[  269.283321][T16015] bridge0: entered allmulticast mode
[  269.289613][T16015] bridge0: port 2(macsec1) entered blocking state
[  269.296202][T16015] bridge0: port 2(macsec1) entered disabled state
[  269.304148][T16015] bridge0: left allmulticast mode
[  269.309361][T16015] bridge0: left promiscuous mode
[  269.341899][T16020] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.4731'.
[  269.360798][T16020] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4731'.
[  269.372163][T16023] SELinux:  policydb magic number 0x6572666b does not match expected magic number 0xf97cff8c
[  269.403767][T16023] SELinux: failed to load policy
[  269.430248][T16023] rdma_rxe: rxe_newlink: failed to add vxcan1
[  269.437147][T16023] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4733'.
[  269.456638][T16023] macsec1: entered allmulticast mode
[  269.462011][T16023] bridge0: entered allmulticast mode
[  269.492452][T16023] bridge0: port 1(macsec1) entered blocking state
[  269.499130][T16023] bridge0: port 1(macsec1) entered disabled state
[  269.511394][T16023] bridge0: left allmulticast mode
[  269.525255][T16029] netlink: 'syz.0.4734': attribute type 10 has an invalid length.
[  269.533888][T16029] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4734'.
[  269.580256][T16035] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  269.587901][T16035] IPv6: NLM_F_CREATE should be set when creating new route
[  269.780932][T16040] netlink: 8 bytes leftover after parsing attributes in process `’'.
[  269.811891][T16040] ip6gre1: entered allmulticast mode
[  270.396764][T10785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.425663][T16060] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.4747'.
[  270.516110][T16068] SELinux: failed to load policy
[  270.526644][T16068] rdma_rxe: rxe_newlink: failed to add vxcan1
[  270.544945][T16068] bridge0: entered promiscuous mode
[  270.552795][T16073] loop2: detected capacity change from 0 to 512
[  270.559262][T16068] macsec1: entered allmulticast mode
[  270.564699][T16068] bridge0: entered allmulticast mode
[  270.570659][T16073] EXT4-fs: Ignoring removed mblk_io_submit option
[  270.577861][T16073] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  270.588559][T16068] bridge0: port 1(macsec1) entered blocking state
[  270.595094][T16068] bridge0: port 1(macsec1) entered disabled state
[  270.602782][T16073] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0082]
[  270.611251][T16073] System zones: 1-12
[  270.616442][T16068] bridge0: left allmulticast mode
[  270.621540][T16068] bridge0: left promiscuous mode
[  270.628747][T16073] EXT4-fs (loop2): 1 truncate cleaned up
[  270.636953][T16073] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.727543][T16081] loop5: detected capacity change from 0 to 764
[  270.744691][T16081] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  270.799673][T16086] loop4: detected capacity change from 0 to 128
[  270.903418][T16073] ==================================================================
[  270.911717][T16073] BUG: KCSAN: data-race in __filemap_add_folio / filemap_write_and_wait_range
[  270.920637][T16073] 
[  270.923027][T16073] read-write to 0xffff8881077e82d8 of 8 bytes by task 16084 on cpu 1:
[  270.931286][T16073]  __filemap_add_folio+0x5b9/0x7d0
[  270.936432][T16073]  filemap_add_folio+0x98/0x1b0
[  270.941312][T16073]  page_cache_ra_unbounded+0x1f3/0x380
[  270.946827][T16073]  page_cache_sync_ra+0x6ad/0x6c0
[  270.951899][T16073]  filemap_get_pages+0x2d0/0x1150
[  270.957038][T16073]  filemap_splice_read+0x3a9/0x740
[  270.962172][T16073]  ext4_file_splice_read+0x8f/0xb0
[  270.967361][T16073]  splice_direct_to_actor+0x26c/0x680
[  270.972763][T16073]  do_splice_direct+0xda/0x150
[  270.977641][T16073]  do_sendfile+0x380/0x650
[  270.982112][T16073]  __x64_sys_sendfile64+0x105/0x150
[  270.987555][T16073]  x64_sys_call+0x2bb0/0x2ff0
[  270.992394][T16073]  do_syscall_64+0xd2/0x200
[  270.996939][T16073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.002866][T16073] 
[  271.005238][T16073] read to 0xffff8881077e82d8 of 8 bytes by task 16073 on cpu 0:
[  271.012991][T16073]  filemap_write_and_wait_range+0x59/0x340
[  271.018851][T16073]  ext4_file_write_iter+0xe04/0xf00
[  271.024101][T16073]  iter_file_splice_write+0x666/0xa60
[  271.029509][T16073]  direct_splice_actor+0x156/0x2a0
[  271.034641][T16073]  splice_direct_to_actor+0x312/0x680
[  271.040027][T16073]  do_splice_direct+0xda/0x150
[  271.044802][T16073]  do_sendfile+0x380/0x650
[  271.049241][T16073]  __x64_sys_sendfile64+0x105/0x150
[  271.054463][T16073]  x64_sys_call+0x2bb0/0x2ff0
[  271.059153][T16073]  do_syscall_64+0xd2/0x200
[  271.063677][T16073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.069583][T16073] 
[  271.071916][T16073] value changed: 0x0000000000000000 -> 0x0000000000000001
[  271.079044][T16073] 
[  271.081406][T16073] Reported by Kernel Concurrency Sanitizer on:
[  271.087592][T16073] CPU: 0 UID: 0 PID: 16073 Comm: syz.2.4752 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  271.097418][T16073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  271.107487][T16073] ==================================================================
[  271.395795][T10785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.