last executing test programs:

23.760750245s ago: executing program 0 (id=1):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x410c84, &(0x7f00000003c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = inotify_init()
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r6 = inotify_add_watch(r4, &(0x7f0000000240)='./file0\x00', 0x8c7)
write$binfmt_elf32(r5, &(0x7f0000000040)=ANY=[@ANYRES64=r6], 0x69)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYBLOB="0000000000000000b7"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close(r5)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, &(0x7f0000000680)=ANY=[@ANYRESOCT=r7, @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r9 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r9, &(0x7f0000000000)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file2', 0x3a, [0x46, 0x43, 0x43]}, 0x32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

22.651953779s ago: executing program 0 (id=7):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x410c84, &(0x7f00000003c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = inotify_init()
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r6 = inotify_add_watch(r4, &(0x7f0000000240)='./file0\x00', 0x8c7)
write$binfmt_elf32(r5, &(0x7f0000000040)=ANY=[@ANYRES64=r6], 0x69)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYBLOB="0000000000000000b7"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
close(r5)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, &(0x7f0000000680)=ANY=[@ANYRESOCT=r7, @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r9}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r10 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r10, &(0x7f0000000000)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file2', 0x3a, [0x46, 0x43, 0x43]}, 0x32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

22.009916617s ago: executing program 0 (id=13):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = dup(r0)
fsetxattr$security_selinux(r3, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

21.983991737s ago: executing program 32 (id=13):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = dup(r0)
fsetxattr$security_selinux(r3, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

1.842972066s ago: executing program 4 (id=367):
syz_mount_image$ext4(&(0x7f00000004c0)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x2210010, &(0x7f0000000d00)={[], [{@fowner_gt}]}, 0xff, 0x4b5, &(0x7f0000000580)="$eJzs3ctrXNUfAPDvzDRpkub360ORtoItVKgPmskDaaJuXKmLglhwo1BjMo01k0zITGoTukh114ULURTEhXv/Ajd2ZRHEte7FhVS0RnyAMDJ3ZtK8Jg01yZTczwdu59x7Z+Z7TofvyZn7mBNAap2s/ZOJ6I2IbyPiYH119RNO1h+Wbl8dqy2ZqFbP/5JJnldbbz61+boDEbEYEV0R8fLzEW9k1sctzy9MjhaLhdnGer4yNZMvzy+cuTQ1OlGYKEwPDJ8dGRnuHxoc2ba2Xn/vrevnvnix8/M/37118/2vvqxVq7exb2U7tlO96R1xeMW2fRHx7E4Ea4Ncoz3d7a4I96T2+T0QEaeS/D8YueTTBNKgWq1W/6nub7V7sQrsWdlkDJzJ9kVEvZzN9vXVx/APRk+2WCpXnrxYmpser4+VD0VH9uKlYqG/8V3hUHRkausDSfnO+uCa9aGIZAz8Qa47We8bKxXHd7erA9Y4sCb/f8/V8x9ICV/5Ib3kP6SX/If0kv+QXivzv/W5QGAv8vcf0kv+Q3rJf0gv+Q/pJf8hveQ/pNJL587Vlmrz/vfxy/Nzk6XLZ8YL5cm+qbmxvrHS7EzfRKk0kdyzM3W39yuWSjMDT8XclXylUK7ky/MLF6ZKc9OVC8l9/RcKHbvSKmArDp+48X0mIhaf7k6Wms7GPrkKe1u1mol234MMtEeu3R0Q0DZbH+Nf29F6ALvPd3xgg5/oXaWr1Y6ZTV/2x73WB9h52XZXAGib08ec/4O0cvwf0sulv5BexvjADh3/B+5jjv9DevW2mP/rfyvm7uqPiP9HxHe5jv3Nub6AvSD7U6Yx/j998NHetXs7M38lpwg6I+LtT85/dGW0UpkdqG3/dXl75ePG9sF21B/YqmaeNvMYAEivpdtXx5rLbsb9+bn6RQjr4+9rHJvsSs5R9ixlVl2rkNmmaxcWr0XE0Y3iZxrzndfPfPQs5dbFP9J4zNTfIqnvvmTe9N2Jf2xF/EdWxD/+n/9XIB1u1Pqf/o3yL5vkdCzn3+r+p3ebrp1o3f9ll/u/XIv+78QWY7z56Ts/tox/LeL4hvGb8bqSWGvj1+p2eovxb732ykOt9lU/q7/PRvGbaqV8ZWomX55fOJP8jtxEYXpg+OzIyHD/0OBIPjlGnW8eqV7vmaPf3Nys/T0t4m/W/tq2x+/a8vpcWn8//PWrJzeJ/9ipjT//I5vE746IJ+4av+63wR9eb7WvFn+8Rfuzm8SvbRvaYvzyhy+YVAwA7iPl+YXJ0WKxMKugoKCwXGh3zwTstDtJ3+6aAAAAAAAAAAAAAFu1G5cTt7uNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7wb8BAAD//1yQ2OA=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)

1.837200936s ago: executing program 3 (id=368):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa1000000000000070100"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f00000000c0)='.\x00', 0xa4000061)
read(r1, &(0x7f0000000140)=""/47, 0x2f) (fail_nth: 2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)

1.731102627s ago: executing program 4 (id=370):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r2)
syz_usb_connect(0x4, 0x24, &(0x7f00000000c0)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r2, 0x40095505, 0x0)

1.473145171s ago: executing program 3 (id=376):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0xffffffff, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94) (async)
personality(0xf)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) (async)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000780)={0xfffffffe, 0x0, 0x0, 'queue0\x00', 0x48}) (async)
close_range(r4, 0xffffffffffffffff, 0x200000000000000) (async)
syz_emit_ethernet(0x66, &(0x7f0000000300)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000086dd6000000000303a00fc010000000000000200000000000001ff020000000000000000000000b29500003a00fe80020000000000000000000000001dff010000000000000000000000000001"], 0x0) (async)
recvmmsg(0xffffffffffffffff, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}, 0x101}], 0x1, 0x140, 0x0) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000080)='page_pool_state_release\x00', r6}, 0x18) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="16000d000000003f039c556d15b89f5700043100000100000000000000e2b8f1caefc3fe72383bbf43f0a620a4554083ae0000fb8f341256bde4683308d7a4f34962ecc6d35c872afb9e2cecd688565d1d467f97", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
syz_extract_tcp_res(&(0x7f0000000180), 0x10000, 0x10000)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, &(0x7f0000000540)={{{@in6=@ipv4={""/10, ""/2, @initdev}, @in6=@initdev}}, {{@in=@broadcast}, 0x0, @in=@multicast2}}, &(0x7f0000000680)=0xe8) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f00000001c0)='netlink_extack\x00', r2, 0x0, 0x6}, 0x18) (async)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=ANY=[@ANYBLOB="340000001d00210000000000000000000700000005000010000000000a00020077a9e200000000000c0005000200000000000000"], 0x34}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020692500000000002020207b0af8ff00000000bfa100000000000017010000f6ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000300)='GPL\x00', 0xd, 0xff8, &(0x7f0000001e00)=""/4088, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000440)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200, @void, @value}, 0x94)

1.414906532s ago: executing program 3 (id=381):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x410c84, &(0x7f00000003c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = inotify_init()
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r6 = inotify_add_watch(r4, &(0x7f0000000240)='./file0\x00', 0x8c7)
write$binfmt_elf32(r5, &(0x7f0000000040)=ANY=[@ANYRES64=r6], 0x69)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYBLOB="0000000000000000b7"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
close(r5)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, &(0x7f0000000680)=ANY=[@ANYRESOCT=r7, @ANYRES32=r9], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r9}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r10 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r10, &(0x7f0000000000)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file2', 0x3a, [0x46, 0x43, 0x43]}, 0x32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

1.316793203s ago: executing program 2 (id=383):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000d00)={0x2, 0x80, 0x6d, 0x1, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffc, 0x4}, 0x1843, 0x0, 0x0, 0x9, 0x1000, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c000780080012400500"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x8d0)

1.242056624s ago: executing program 2 (id=384):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x410c84, &(0x7f00000003c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = inotify_init()
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r6 = inotify_add_watch(r4, &(0x7f0000000240)='./file0\x00', 0x8c7)
write$binfmt_elf32(r5, &(0x7f0000000040)=ANY=[@ANYRES64=r6], 0x69)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007000000181100", @ANYBLOB="0000000000000000b7"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
close(r5)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, &(0x7f0000000680)=ANY=[@ANYRESOCT=r7, @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r9}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r10 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r10, &(0x7f0000000000)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file2', 0x3a, [0x46, 0x43, 0x43]}, 0x32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

1.162843815s ago: executing program 5 (id=385):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
clock_adjtime(0x6, &(0x7f0000000280)={0x8, 0x6, 0x7, 0x6, 0xfffffffffffff800, 0xd, 0x60000000, 0x4, 0x7fffffff, 0x8000, 0xa5b8, 0xfffffffffffffffb, 0xa2d, 0x3, 0x8, 0x8, 0x5, 0x5, 0x9, 0x6, 0x9, 0x10001, 0x12b, 0x9, 0x679d2a31, 0x101})

1.100558546s ago: executing program 5 (id=386):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_io_uring_setup(0xec5, &(0x7f0000000c00)={0x0, 0x0, 0x2}, &(0x7f0000000500), &(0x7f0000000600))
fcntl$setsig(0xffffffffffffffff, 0xa, 0x13)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94) (fail_nth: 2)

1.100050746s ago: executing program 1 (id=387):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa0, 0xa0, 0xc, [@type_tag={0xc, 0x0, 0x0, 0x12, 0x5}, @int={0xa, 0x0, 0x0, 0x1, 0x0, 0x3e, 0x0, 0x69, 0x1}, @fwd={0x10}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x5, 0xff}}, @enum={0x5, 0x1, 0x0, 0x6, 0x4, [{0x10, 0xc0}]}, @enum64={0xe, 0x4, 0x0, 0x13, 0x0, 0x5, [{0xa, 0xce28, 0x8}, {0x4, 0x1, 0x1}, {0x10, 0x3}, {0xb, 0x9, 0x8}]}, @int={0x1, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x2f, 0x1}]}, {0x0, [0x61, 0x2e, 0x5f, 0x30, 0x30, 0x5f, 0x30, 0x369a9bc46abe5c2a, 0x2e, 0x61]}}, &(0x7f0000000300)=""/248, 0xc4, 0xf8, 0x0, 0x2, 0x0, @void, @value}, 0x28)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000040000000000000000000100000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021800000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000005400038050000080080003400000000244000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000030c000240000000000000001014000180090001"], 0x104}}, 0x40000)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$sock(r3, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000280)="2899562c4012d0c058e53d42c8549c31e794664566cbca23c508e0b21e8084eb7e39728c906a8466fa965762aa99663819be5cd7d64b719f85069d82af1573ea291b21d03d18bf728b89fc414ed8d4d06389dbdb2cf8b1ee9a9e4d71275e24926a1b691139e38828da181a73978f1ddbb54449f2aea6be4f46572e42acb9bb2c027d1a1407fb25570dc6883a92e3a6f58430768cab51ad324900ff334044bff6ca6fc9c7ca9eac9459a4c11b73f1ec6af3810282d5cf032b77d84bdae2972c694be014c3474a704f82947f84b1df2d0860467a30ec86e8e33a2627f0bdbcbc34fc9121f33d5c9508fac94694e6b7c601c327", 0xf2}, {&(0x7f0000000380)="64734daac304ecf046ab5b8976be01dea64d5f4540496699b5a0c04afdd200e0291cc25b2703c0827cc4cb0e2f114dfb406f823a40f749c35b748f57c20309f845ef", 0x42}, {&(0x7f0000000480)="caa396c66909dda224586bf3508f8630ce09d7bc2a8987ec4eea675522ab03a3e9e8e081481eecfde47b29df31baba5311ea539e63fe3425569a1492123034d7ffe4dc4a7e281c44bc5adda03e043223b309477862c330dc8ef488e66a", 0x5d}], 0x3, &(0x7f0000000400)=[@timestamping={{0xffffffa3, 0x1, 0x25, 0x6}}, @mark={{0x14, 0x1, 0x24, 0x5}}], 0x30}}, {{&(0x7f0000000680)=@qipcrtr={0x2a, 0xffffffff, 0x8000}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000500)="360676f6c41e", 0x6}, {&(0x7f00000007c0)="597ac451466ac3194635b5a6163f49a7ce0f3d45c9b29217921f831efa38c1c0f043d6b3508ba7e1ed14f469c4f78f807283d68930f727279385c20248d21b6aad9745eff73008748c01d0bf76df45d8b549b89780f29d43d49405b05acbe295a370a9c191add313b7db4eac17ad8bfb67bc66e0a0e6e5429fbf45771fb0f2d4634ccbbfa44b0e189ea5c389213c676ddebd616289d5adc8bf7d3b4ca24501588baf5223", 0xa4}, {&(0x7f0000000880)="fc37157a9140e5b23c7cb230b353434b47f302f6c39a052f6bd889e238a7b1e60498f90cc78c3aaa7e438297e7791c93a64e40c30bcfa5621fbb628bde51accb0c4859f6984a798849261e2c77c8b53e7df8fd7064afdd551ef3f93e31205c75eabe2f510fde91be49c23430099b39186ad7957c0dd558ec0363fa11ba60ddba8d3ce92c49a635caa466e5c70729dd", 0x8f}, {&(0x7f0000000940)}], 0x4, &(0x7f0000000f80)=[@mark={{0x7, 0x1, 0x24, 0x2}}, @mark={{0x14, 0x1, 0x24, 0x6}}, @txtime], 0xff7b}}], 0x2, 0x4012)
fcntl$setpipe(r3, 0x407, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000540)={'\x00', 0x9, 0xa00f, 0x2, 0x2, 0x0, 0xffffffffffffffff})

437.417114ms ago: executing program 4 (id=388):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, 0x0)
sendmmsg(r2, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x8, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x1}], 0x1}}], 0x1, 0x0)

337.295526ms ago: executing program 1 (id=389):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r2, 0x40047451, &(0x7f0000000180))
close_range(r1, 0xffffffffffffffff, 0x0)

336.576046ms ago: executing program 3 (id=390):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x80000000000000}, 0x18)
r1 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101b01)
ioctl$USBDEVFS_IOCTL(r1, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect) (fail_nth: 4)

324.399276ms ago: executing program 5 (id=391):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe2}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000180)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6fc40b5d175e86ac0b7a9fd7f1748af98902340eb3de6f89a6272ddc63ce532e270bc6cba3d229a96e108026bf64d48efc0435d52b40c578d3deb33677cf2ec5fadf9a784f2b2bdc8d978e9e1a788494631d094", 0xe3}, {&(0x7f0000000f00)="397d5f2edc82d0337ae5ab9ee47dc3e798cf69cfebf169e77257f308227094d569a4326954e50ea185bc6fff0507c5dfd26676de9ddac4fe6db927cd4d03965f42d9c7513eff1631baa83e3daf514c600450374f6d76b8fcf2bc3eca29ce7538f85aa34b2bdcc17ecd080f0850377f771a4e8693703da4e347e0165f00872a21845e17030de0ff47bc869de32ee24ca05e6f805ec0a1d0", 0x97}], 0x2}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000003c0)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff6bb306c7f77c8a00000000000000d037280699ca67e7143e46e0267c", 0x45}, {&(0x7f0000002700)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635af71dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e661725b5e437323385b88c36", 0x7f}], 0x2}}], 0x2, 0x0)

300.149476ms ago: executing program 4 (id=392):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000dc0)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x3, @private2, 0x6}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000240)='Z', 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r0, 0x1)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="800000", @ANYRES16, @ANYBLOB="00042bbd7000fbdbdf25030000001c00058007000100696200000800006574fa695f44b2986a680024000380080002008e00000008000200de00000008000300030000000800020002000000100002800400040008000200080000001c0002800400040014000380080001008000000008000200faffffff"], 0x80}, 0x1, 0x0, 0x0, 0x20000001}, 0x14)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000080), &(0x7f00000000c0)=0x8)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x494816459c341ca6}, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b0014000000000000000000000007"], 0x38}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
semtimedop(0x0, &(0x7f0000000340)=[{0x0, 0x3}, {0x4, 0x5}, {0x1, 0x7f, 0x800}], 0x3, 0x0)
dup2(r0, r3)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB='@\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000200010014000200626f6e6430002bca124d4290d53500000900010073"], 0x40}}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x494816459c341ca6}, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000002c0)={&(0x7f0000000000)=""/74, 0x32a000, 0x800}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r6=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x6, r6, 0xf}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000022020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)

299.630186ms ago: executing program 2 (id=393):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000040000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = dup(r0)
fsetxattr$security_selinux(r3, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

261.116406ms ago: executing program 3 (id=394):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000d00)={0x2, 0x80, 0x6d, 0x1, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffc, 0x4}, 0x1843, 0x0, 0x0, 0x9, 0x1000, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c000780080012400500"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x8d0)

260.482337ms ago: executing program 1 (id=395):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
rt_tgsigqueueinfo(0x0, 0x0, 0x8, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f0000000240), &(0x7f0000000280)=ANY=[@ANYBLOB], 0x58, 0x3)
syz_emit_ethernet(0x46, &(0x7f0000000340)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x88}}}}}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r5}, 0x9)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x22, 0xe1d9, 0x1101, 0xff})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x40505330, &(0x7f00000004c0)={0x800100, 0xfffffffd, 0x7, 0x8, 0x9, 0x6})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r6=>0x0})
sendto$packet(r3, &(0x7f0000000740)="565ad2bd2ad96a4be42a4522", 0xc, 0x0, &(0x7f0000000000)={0x11, 0x7, r6, 0x1, 0x40, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1e}}, 0x14)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000000000002", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r6, @ANYBLOB="1400350064756d6d7930"], 0x3c}}, 0x0)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r8, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

259.171586ms ago: executing program 5 (id=396):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
clock_adjtime(0x6, &(0x7f0000000280)={0x8, 0x6, 0x7, 0x6, 0xfffffffffffff800, 0xd, 0x60000000, 0x4, 0x7fffffff, 0x8000, 0xa5b8, 0xfffffffffffffffb, 0xa2d, 0x3, 0x8, 0x8, 0x5, 0x5, 0x9, 0x6, 0x9, 0x10001, 0x12b, 0x9, 0x679d2a31, 0x101})

222.463307ms ago: executing program 5 (id=397):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x20000000000002ba, &(0x7f0000000180)=ANY=[@ANYRESDEC], &(0x7f0000000040)='GPL\x00', 0x0, 0x64, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x64, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0xfffffffc}]}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x64}}, 0x20000000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x18)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e24, 0xab5, @remote, 0x8}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000780)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="1800001900000000020000000000000018400000020000000000000000000000950000000000000095"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x14, &(0x7f0000000600), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
timer_settime(0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x12141, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
r5 = socket(0x400000000010, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa3)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd29, 0x2, {0x0, 0x0, 0x0, r8, {0xffff, 0xf}, {}, {0xfff3}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)

222.029387ms ago: executing program 2 (id=398):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r2}, &(0x7f0000000400), &(0x7f00000004c0)=r3}, 0x20)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd9e3fe3dceb48aa31086b8703110000001fa1ff0000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x4)

217.462977ms ago: executing program 4 (id=399):
syz_emit_ethernet(0x7e, &(0x7f00000002c0)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f4b906", 0x48, 0x3a, 0x1, @private1, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '\x00', 0x4000, 0x33, 0x0, @loopback, @empty, [@srh={0x33, 0x2, 0x4, 0x1, 0x6, 0x70, 0xff, [@local]}]}}}}}}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001"], 0x118}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000240)=0xffffffff, 0x0, 0x4)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000007c0)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfc8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84d23c44d09305222fd3a0ec4be3e563112f0b39bd87afe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6ee82a73b787046b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f0800000000000000af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b4000000000000072c57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced91180604b6dd2499d16d7d9158ffffffff00000000d6069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c1c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed210d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e170000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000022000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69f865ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9c42b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5c97947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd878e0b3bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fadb85c8086e4b7f1fd568042ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a37870000000000000000000000000000000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58ff43be997e357e0cbed29faef19c0082e26fb867bf0ff0099d71bb0d2f443e77a44e8c4b0455d95b19c73ef4c98f775aad9e1b317b3cc48f7ad1d82ea6ad6c3c7d943fb0157c2ed8a8e1538560f2be7d4cca6539277505826bd61bad2bcd4914344d4a27b29d2eb89bdc7a702e485d68c04e8f6b05336bf8d8e116605eaf375a592fe2382763c3cba76a0e4029dad5d37dd77abb1b7d2e2de23a4131e45ed81123ad6fa4f8b92c47e00000000000000000000000000000002928efeae918fc0a8169a3c965af4a789e5d8f5a51d00d9deb18086071556a0a4d1c562f721450807b770449f6affc91e7f9dbe0ec29c1bf00632ec723262c665af7c56a8538bb99a5b9733a34ef2bb36a2cb72c7bc7052f89809a375825cc4cb42837e07df102dc16a4e422ab0f8865a26cdd4597aca429d7f1ae655de15ad84ff77589ea56ca53190dc65c9ea21c375c2659c854ae12d16ccbd84753230dc8ed63ef4e245ef42884485811f26dcd1c40a193bbbf39931afa4d8c6b9202b4bc15d20cf20608fb81b70180e6c754b4f771b0a3bdf5c22d8d15bd518bbf4ee73a54786cb6d353a360677ac"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000a40000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = io_uring_setup(0x7fc9, &(0x7f0000000380)={0x0, 0xfffffffd, 0x0, 0x2, 0x4})
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
ioctl$USBDEVFS_REAPURB(r5, 0x4004550c, 0x0)
ioctl$USBDEVFS_CLAIM_PORT(r5, 0x80045518, &(0x7f0000000000)=0x8)
close_range(r4, 0xffffffffffffffff, 0x0)

198.803478ms ago: executing program 1 (id=400):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r0}, &(0x7f0000004000), &(0x7f0000004040)}, 0x3b) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r1, 0x0, 0x8000000000000}, 0x18) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005"], 0x60}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="020000000400000008"], 0x48) (async)
r3 = socket$packet(0x11, 0x3, 0x300) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001440)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42646d25dfd73d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f40f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b74039fffd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f152fdf6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e2900000000000000000000000000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a5121e941b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2251bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2edc7e3901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877fb319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b528c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae34bbf4a0e27828b0c7cb9d7a7455db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b42388bd69fe341a925e8cdc5d7b2d6ddb7331a081bd0672bf4d02255de095a179e51bf5492d4e89c3cbad59db725c0dd7e35cbd9887175286a37d7621a361eb830cc5b842b11b5d040ccceb254d6a0c9c43718d0816bb2465928e236101b8cd46b5ef9cb930378a9249cbb41b92fe3caef70845cde9bb78d71c512153d2f1d765b56d2e5ef3e3d34975787646630051074c9706747fda873ccfdb394fc269c8cfadc0a52c3402f3920001ddd312969ecc08a99f5a3be58de34149af8360a7db3f301e656c5485d5de03be99b04e3593e8e18d7b635ca24a915c82122ac7a5bf6d011ee91573d66fc9522a76fa00211d62dc123fd51d1cb2ce1d4f3a62f99e2d93b2d34324a962a3762b6e8d7d3a7f73af6eb264b44822d8847442c3df4771df9a5d79443174b191878fe586facc18035f09fd70a137809ce970e31c4e6a8e48ce2fc30316087caaa2ed0bda52e969fda35236ac9aedb241a114a8cf1c49b8bd3f73c1c67d7968db4f71202d63bb0963cf128d"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='kmem_cache_free\x00', r5, 0x0, 0x8}, 0x18) (async)
sendmsg$nl_generic(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00') (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r7}, 0x10)
tgkill(0x0, 0x0, 0x23)
setrlimit(0x7, &(0x7f0000000200)={0x5, 0xb}) (async)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000003680)='sched_switch\x00', r8}, 0x10) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'veth0_to_bond\x00', <r9=>0x0}) (async)
r10 = socket$nl_route(0x10, 0x3, 0x0) (async)
socket$igmp(0x2, 0x3, 0x2)
sendmsg$nl_route_sched(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {0xc}, {0x2}}}, 0x24}}, 0x0)

198.401258ms ago: executing program 3 (id=401):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x410c84, &(0x7f00000003c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = inotify_init()
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r6 = inotify_add_watch(r4, &(0x7f0000000240)='./file0\x00', 0x8c7)
write$binfmt_elf32(r5, &(0x7f0000000040)=ANY=[@ANYRES64=r6], 0x69)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYBLOB="0000000000000000b7"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
close(r5)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, &(0x7f0000000680)=ANY=[@ANYRESOCT=r7, @ANYRES32=r9], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r9}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r10 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r10, &(0x7f0000000000)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file2', 0x3a, [0x46, 0x43, 0x43]}, 0x32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

133.556288ms ago: executing program 2 (id=402):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0xa, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r2, 0x0, 0x0, 0x0)

73.419669ms ago: executing program 1 (id=403):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000780)={'dummy0\x00'})
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000840)={0x0, 0x300, &(0x7f0000000800)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010026bd6000000000002d"], 0x20}, 0x1, 0x0, 0x0, 0xd4}, 0x24008000)

63.522679ms ago: executing program 2 (id=404):
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
fchmodat(0xffffffffffffffff, 0x0, 0xd2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r2)
syz_usb_connect(0x4, 0x24, &(0x7f00000000c0)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r2, 0x40095505, 0x0)

60.104879ms ago: executing program 1 (id=405):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000400)='./file0\x00', 0x410c84, &(0x7f00000003c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = inotify_init()
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r6 = inotify_add_watch(r4, &(0x7f0000000240)='./file0\x00', 0x8c7)
write$binfmt_elf32(r5, &(0x7f0000000040)=ANY=[@ANYRES64=r6], 0x69)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007000000181100", @ANYBLOB="0000000000000000b7"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
close(r5)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r9 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r9, &(0x7f0000000000)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x6, 0x3a, 'E', 0x3a, '@{@$\x9a$^', 0x3a, './file2', 0x3a, [0x46, 0x43, 0x43]}, 0x32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

32.401129ms ago: executing program 4 (id=406):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe2}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000180)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6fc40b5d175e86ac0b7a9fd7f1748af98902340eb3de6f89a6272ddc63ce532e270bc6cba3d229a96e108026bf64d48efc0435d52b40c578d3deb33677cf2ec5fadf9a784f2b2bdc8d978e9e1a788494631d094", 0xe3}, {&(0x7f0000000f00)="397d5f2edc82d0337ae5ab9ee47dc3e798cf69cfebf169e77257f308227094d569a4326954e50ea185bc6fff0507c5dfd26676de9ddac4fe6db927cd4d03965f42d9c7513eff1631baa83e3daf514c600450374f6d76b8fcf2bc3eca29ce7538f85aa34b2bdcc17ecd080f0850377f771a4e8693703da4e347e0165f00872a21845e17030de0ff47bc869de32ee24ca05e6f805ec0a1d0", 0x97}], 0x2}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000003c0)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff6bb306c7f77c8a00000000000000d037280699ca67e7143e46e0267c", 0x45}, {&(0x7f0000002700)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635af71dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e661725b5e437323385b88c36", 0x7f}], 0x2}}], 0x2, 0x0)

0s ago: executing program 5 (id=407):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r2, 0x40047451, &(0x7f0000000180))
close_range(r1, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

uous mode
[   32.294958][ T3303] veth1_macvtap: entered promiscuous mode
[   32.307846][ T3307] veth0_macvtap: entered promiscuous mode
[   32.319044][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.341648][ T3307] veth1_macvtap: entered promiscuous mode
[   32.352080][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.369113][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.379708][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.392043][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.404825][ T3308] veth0_vlan: entered promiscuous mode
[   32.410895][ T3303] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.419650][ T3303] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.428508][ T3303] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.437373][ T3303] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.452968][ T3307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.463681][ T3307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.474185][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.489306][ T3307] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.498108][ T3307] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.506910][ T3307] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.515699][ T3307] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.528483][ T3309] veth0_vlan: entered promiscuous mode
[   32.538692][ T3308] veth1_vlan: entered promiscuous mode
[   32.572770][ T3309] veth1_vlan: entered promiscuous mode
[   32.593785][ T3303] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   32.626969][ T3308] veth0_macvtap: entered promiscuous mode
[   32.642141][ T3309] veth0_macvtap: entered promiscuous mode
[   32.654639][ T3309] veth1_macvtap: entered promiscuous mode
[   32.674081][ T3309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.684653][ T3309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.694526][ T3309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.705063][ T3309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.715930][ T3446] loop0: detected capacity change from 0 to 2048
[   32.716818][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.734986][ T3308] veth1_macvtap: entered promiscuous mode
[   32.753236][ T3448] loop1: detected capacity change from 0 to 2048
[   32.756280][ T3302] veth0_vlan: entered promiscuous mode
[   32.773168][ T3446] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.779252][ T3309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.795930][ T3309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.804052][ T3448] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.805824][ T3309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   32.828273][ T3309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.844485][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.854742][    C0] hrtimer: interrupt took 47471 ns
[   32.866473][ T3302] veth1_vlan: entered promiscuous mode
[   32.881833][ T3309] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.890580][ T3309] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.899488][ T3309] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.908409][ T3309] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.936908][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.947445][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.957315][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.967950][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   32.977838][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   32.988298][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.011391][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.036617][ T3302] veth0_macvtap: entered promiscuous mode
[   33.059825][ T3302] veth1_macvtap: entered promiscuous mode
[   33.075424][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.086062][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.095929][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.106405][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.116311][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.126810][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.146130][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.166718][ T3308] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.175652][ T3308] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.184480][ T3308] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.193379][ T3308] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.226480][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   33.237111][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.247070][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   33.257548][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.267457][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   33.278017][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.287911][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   33.298472][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.313956][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.315409][   T29] kauditd_printk_skb: 45 callbacks suppressed
[   33.315469][   T29] audit: type=1400 audit(1746279976.280:137): avc:  denied  { create } for  pid=3457 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   33.322722][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.358018][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.367940][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.378423][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.388319][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.390719][   T29] audit: type=1400 audit(1746279976.320:138): avc:  denied  { write } for  pid=3457 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   33.398829][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.418899][   T29] audit: type=1400 audit(1746279976.320:139): avc:  denied  { create } for  pid=3457 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   33.428796][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   33.448072][   T29] audit: type=1400 audit(1746279976.320:140): avc:  denied  { ioctl } for  pid=3457 comm="syz.2.3" path="socket:[3832]" dev="sockfs" ino=3832 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   33.458517][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   33.482964][   T29] audit: type=1400 audit(1746279976.320:141): avc:  denied  { write } for  pid=3457 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   33.498253][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.531122][ T3302] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.539934][ T3302] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.548776][ T3302] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.557610][ T3302] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.567136][ T3448] syz.1.2 (3448) used greatest stack depth: 10440 bytes left
[   33.576946][   T29] audit: type=1400 audit(1746279976.540:142): avc:  denied  { create } for  pid=3457 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   33.596472][   T29] audit: type=1400 audit(1746279976.540:143): avc:  denied  { ioctl } for  pid=3457 comm="syz.2.3" path="socket:[4472]" dev="sockfs" ino=4472 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   33.624181][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.628606][ T3458] batman_adv: batadv0: Adding interface: dummy0
[   33.639591][ T3458] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   33.668255][ T3458] batman_adv: batadv0: Interface activated: dummy0
[   33.691948][ T3461] loop1: detected capacity change from 0 to 2048
[   33.701407][ T3459] batadv0: mtu less than device minimum
[   33.707415][ T3459] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   33.718308][ T3459] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   33.729231][ T3459] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   33.740081][ T3459] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   33.750864][ T3459] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   33.754011][   T29] audit: type=1400 audit(1746279976.710:144): avc:  denied  { remove_name } for  pid=3303 comm="syz-executor" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   33.761779][ T3459] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   33.784530][   T29] audit: type=1400 audit(1746279976.710:145): avc:  denied  { rmdir } for  pid=3303 comm="syz-executor" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   33.795521][ T3459] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   33.817429][   T29] audit: type=1400 audit(1746279976.710:146): avc:  denied  { unlink } for  pid=3303 comm="syz-executor" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   33.828232][ T3459] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   33.861338][ T3459] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   33.874130][ T3461] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.990300][ T3470] loop2: detected capacity change from 0 to 512
[   33.997361][ T3470] ext2: Unknown parameter 'fowner>00000000000000000000'
[   34.100888][ T3471] loop4: detected capacity change from 0 to 512
[   34.113232][ T3475] netlink: 'syz.3.9': attribute type 10 has an invalid length.
[   34.121081][ T3475] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9'.
[   34.142676][ T3475] dummy0: entered promiscuous mode
[   34.149342][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.159665][ T3471] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   34.169595][ T3471] EXT4-fs (loop4): orphan cleanup on readonly fs
[   34.177329][ T3475] bridge0: port 3(dummy0) entered blocking state
[   34.183982][ T3475] bridge0: port 3(dummy0) entered disabled state
[   34.191159][ T3471] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   34.193427][ T3475] dummy0: entered allmulticast mode
[   34.214984][ T3475] bridge0: port 3(dummy0) entered blocking state
[   34.216523][ T3471] EXT4-fs (loop4): Cannot turn on quotas: error -117
[   34.221403][ T3475] bridge0: port 3(dummy0) entered forwarding state
[   34.234867][ T3483] loop2: detected capacity change from 0 to 2048
[   34.236849][ T3471] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #16: comm syz.4.5: casefold flag without casefold feature
[   34.254126][ T3471] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5: couldn't read orphan inode 16 (err -117)
[   34.269395][ T3483] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.310051][ T3471] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   34.341563][   T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   34.376271][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.404908][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.435751][ T3493] loop2: detected capacity change from 0 to 2048
[   34.475793][ T3493] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.534289][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.567067][ T3508] loop1: detected capacity change from 0 to 2048
[   34.590767][ T3512] loop2: detected capacity change from 0 to 512
[   34.601314][ T3512] ext2: Unknown parameter 'fowner>00000000000000000000'
[   34.642792][ T3508] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.651634][ T3496] chnl_net:caif_netlink_parms(): no params data found
[   34.661916][ T3518] loop2: detected capacity change from 0 to 2048
[   34.695306][ T3518] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.695987][ T3524] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   34.727663][ T3520] lo speed is unknown, defaulting to 1000
[   34.753420][ T3520] lo speed is unknown, defaulting to 1000
[   34.759259][ T3496] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.766527][ T3496] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.774147][ T3496] bridge_slave_0: entered allmulticast mode
[   34.782553][ T3496] bridge_slave_0: entered promiscuous mode
[   34.789330][ T3520] lo speed is unknown, defaulting to 1000
[   34.795543][ T3520] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   34.803621][ T3496] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.810859][ T3496] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.819294][ T3520] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   34.829400][ T3496] bridge_slave_1: entered allmulticast mode
[   34.836291][ T3496] bridge_slave_1: entered promiscuous mode
[   34.843594][ T3520] lo speed is unknown, defaulting to 1000
[   34.866051][ T3520] lo speed is unknown, defaulting to 1000
[   34.867768][ T3496] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   34.892941][ T3520] lo speed is unknown, defaulting to 1000
[   34.907032][ T3520] lo speed is unknown, defaulting to 1000
[   34.914913][ T3496] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   34.941937][ T3520] lo speed is unknown, defaulting to 1000
[   34.948538][ T3496] team0: Port device team_slave_0 added
[   34.963060][ T3520] lo speed is unknown, defaulting to 1000
[   34.983891][ T3496] team0: Port device team_slave_1 added
[   35.035179][ T3496] batman_adv: batadv0: Adding interface: batadv_slave_0
[   35.042215][ T3496] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.068383][ T3496] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   35.091617][ T3531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   35.103463][ T3496] batman_adv: batadv0: Adding interface: batadv_slave_1
[   35.110554][ T3496] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.136739][ T3496] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   35.152300][ T3531] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   35.167334][ T3531] loop4: detected capacity change from 0 to 1024
[   35.174246][ T3531] =======================================================
[   35.174246][ T3531] WARNING: The mand mount option has been deprecated and
[   35.174246][ T3531]          and is ignored by this kernel. Remove the mand
[   35.174246][ T3531]          option from the mount to silence this warning.
[   35.174246][ T3531] =======================================================
[   35.210472][ T3531] ext4: Unknown parameter 'uid'
[   35.215674][ T3533] loop3: detected capacity change from 0 to 2048
[   35.270596][ T3496] hsr_slave_0: entered promiscuous mode
[   35.277095][ T3496] hsr_slave_1: entered promiscuous mode
[   35.283132][ T3496] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   35.292356][ T3496] Cannot create hsr debugfs directory
[   35.325292][ T3533] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.492207][ T3496] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   35.506107][ T3496] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   35.518189][ T3496] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   35.566858][ T3518] syz.2.21 (3518) used greatest stack depth: 9992 bytes left
[   35.572497][ T3496] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   35.623942][ T3496] 8021q: adding VLAN 0 to HW filter on device bond0
[   35.639660][ T3496] 8021q: adding VLAN 0 to HW filter on device team0
[   35.658411][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.670464][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.677656][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   35.714067][ T3408] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.721200][ T3408] bridge0: port 2(bridge_slave_1) entered forwarding state
[   35.742114][ T3496] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   35.752713][ T3496] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   35.783239][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.827664][ T3544] loop2: detected capacity change from 0 to 512
[   35.838519][ T3496] 8021q: adding VLAN 0 to HW filter on device batadv0
[   35.894433][ T3544] nfs: Unknown parameter '18446744073709551615'
[   35.895420][ T3551] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   35.923487][ T3544] syz.2.27 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   35.938423][ T3544] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   35.955064][   T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   36.075024][   T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   36.137961][   T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   36.172594][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.202769][ T3496] veth0_vlan: entered promiscuous mode
[   36.212403][   T51] bridge_slave_1: left allmulticast mode
[   36.218110][   T51] bridge_slave_1: left promiscuous mode
[   36.224118][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.233819][ T3575] loop2: detected capacity change from 0 to 2048
[   36.243657][   T51] bridge_slave_0: left allmulticast mode
[   36.249342][   T51] bridge_slave_0: left promiscuous mode
[   36.255085][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.272631][ T3575] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.279333][ T3579] FAULT_INJECTION: forcing a failure.
[   36.279333][ T3579] name failslab, interval 1, probability 0, space 0, times 1
[   36.297564][ T3579] CPU: 1 UID: 0 PID: 3579 Comm: syz.1.36 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   36.297624][ T3579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   36.297640][ T3579] Call Trace:
[   36.297645][ T3579]  <TASK>
[   36.297654][ T3579]  __dump_stack+0x1d/0x30
[   36.297680][ T3579]  dump_stack_lvl+0xe8/0x140
[   36.297706][ T3579]  dump_stack+0x15/0x1b
[   36.297722][ T3579]  should_fail_ex+0x265/0x280
[   36.297752][ T3579]  should_failslab+0x8c/0xb0
[   36.297821][ T3579]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   36.297842][ T3579]  ? security_context_to_sid_core+0x69/0x3b0
[   36.297925][ T3579]  kmemdup_nul+0x36/0xc0
[   36.297943][ T3579]  security_context_to_sid_core+0x69/0x3b0
[   36.297969][ T3579]  ? avc_has_perm_noaudit+0x1b1/0x200
[   36.298082][ T3579]  security_context_to_sid+0x2e/0x40
[   36.298175][ T3579]  selinux_lsm_setattr+0x2dc/0x660
[   36.298205][ T3579]  selinux_setprocattr+0x4f/0x70
[   36.298223][ T3579]  security_setprocattr+0x1a4/0x1d0
[   36.298296][ T3579]  proc_pid_attr_write+0x1eb/0x220
[   36.298326][ T3579]  ? __pfx_proc_pid_attr_write+0x10/0x10
[   36.298350][ T3579]  vfs_write+0x266/0x8d0
[   36.298372][ T3579]  ? __rcu_read_unlock+0x4f/0x70
[   36.298404][ T3579]  ? __fget_files+0x184/0x1c0
[   36.298490][ T3579]  ksys_write+0xda/0x1a0
[   36.298517][ T3579]  __x64_sys_write+0x40/0x50
[   36.298554][ T3579]  x64_sys_call+0x2cdd/0x2fb0
[   36.298574][ T3579]  do_syscall_64+0xd0/0x1a0
[   36.298617][ T3579]  ? clear_bhb_loop+0x25/0x80
[   36.298643][ T3579]  ? clear_bhb_loop+0x25/0x80
[   36.298663][ T3579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.298686][ T3579] RIP: 0033:0x7f748c03e969
[   36.298710][ T3579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.298802][ T3579] RSP: 002b:00007f748a6a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   36.298824][ T3579] RAX: ffffffffffffffda RBX: 00007f748c265fa0 RCX: 00007f748c03e969
[   36.298835][ T3579] RDX: 000000000000001d RSI: 0000200000000100 RDI: 0000000000000003
[   36.298848][ T3579] RBP: 00007f748a6a7090 R08: 0000000000000000 R09: 0000000000000000
[   36.298862][ T3579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.298878][ T3579] R13: 0000000000000000 R14: 00007f748c265fa0 R15: 00007ffc07a53748
[   36.298961][ T3579]  </TASK>
[   36.393885][ T3586] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   36.560769][ T3586] xt_HMARK: spi-set and port-set can't be combined
[   36.612959][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   36.619702][ T3582] netlink: 24 bytes leftover after parsing attributes in process `syz.3.34'.
[   36.632787][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   36.659054][ T3582] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   36.672760][   T51] bond0 (unregistering): Released all slaves
[   36.684646][ T3496] veth1_vlan: entered promiscuous mode
[   36.693606][ T3590] netlink: 40 bytes leftover after parsing attributes in process `syz.1.38'.
[   36.712433][ T3584] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   36.720774][ T3584] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   36.722267][ T3496] veth0_macvtap: entered promiscuous mode
[   36.740442][ T3496] veth1_macvtap: entered promiscuous mode
[   36.769215][   T51] hsr_slave_0: left promiscuous mode
[   36.794314][   T51] hsr_slave_1: left promiscuous mode
[   36.800070][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   36.807563][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[   36.869478][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   36.877133][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[   36.889330][   T51] veth1_macvtap: left promiscuous mode
[   36.894916][   T51] veth0_macvtap: left promiscuous mode
[   36.900472][   T51] veth1_vlan: left promiscuous mode
[   36.905795][   T51] veth0_vlan: left promiscuous mode
[   36.913009][ T3606] FAULT_INJECTION: forcing a failure.
[   36.913009][ T3606] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   36.926168][ T3606] CPU: 0 UID: 0 PID: 3606 Comm: syz.1.44 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   36.926214][ T3606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   36.926227][ T3606] Call Trace:
[   36.926233][ T3606]  <TASK>
[   36.926240][ T3606]  __dump_stack+0x1d/0x30
[   36.926331][ T3606]  dump_stack_lvl+0xe8/0x140
[   36.926354][ T3606]  dump_stack+0x15/0x1b
[   36.926431][ T3606]  should_fail_ex+0x265/0x280
[   36.926472][ T3606]  should_fail+0xb/0x20
[   36.926506][ T3606]  should_fail_usercopy+0x1a/0x20
[   36.926529][ T3606]  _copy_from_user+0x1c/0xb0
[   36.926587][ T3606]  __x64_sys_setrlimit+0x5e/0xc0
[   36.926665][ T3606]  x64_sys_call+0x2249/0x2fb0
[   36.926699][ T3606]  do_syscall_64+0xd0/0x1a0
[   36.926725][ T3606]  ? clear_bhb_loop+0x25/0x80
[   36.926790][ T3606]  ? clear_bhb_loop+0x25/0x80
[   36.926810][ T3606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.926888][ T3606] RIP: 0033:0x7f748c03e969
[   36.926907][ T3606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.926927][ T3606] RSP: 002b:00007f748a6a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a0
[   36.926945][ T3606] RAX: ffffffffffffffda RBX: 00007f748c265fa0 RCX: 00007f748c03e969
[   36.926956][ T3606] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[   36.926970][ T3606] RBP: 00007f748a6a7090 R08: 0000000000000000 R09: 0000000000000000
[   36.927027][ T3606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.927146][ T3606] R13: 0000000000000000 R14: 00007f748c265fa0 R15: 00007ffc07a53748
[   36.927231][ T3606]  </TASK>
[   37.177287][ T3613] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=258 sclass=netlink_route_socket pid=3613 comm=syz.1.46
[   37.190000][ T3612] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=258 sclass=netlink_route_socket pid=3612 comm=syz.1.46
[   37.208799][   T51] team0 (unregistering): Port device team_slave_1 removed
[   37.223097][   T51] team0 (unregistering): Port device team_slave_0 removed
[   37.246789][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.287703][ T3496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   37.298301][ T3496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   37.308306][ T3496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   37.318851][ T3496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   37.328811][ T3496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   37.339279][ T3496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   37.349141][ T3496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   37.359640][ T3496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   37.377213][ T3496] batman_adv: batadv0: Interface activated: batadv_slave_0
[   37.390662][ T3496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   37.401274][ T3496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   37.411142][ T3496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   37.421706][ T3496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   37.431618][ T3496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   37.442080][ T3496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   37.451992][ T3496] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   37.462547][ T3496] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   37.473377][ T3496] batman_adv: batadv0: Interface activated: batadv_slave_1
[   37.481277][ T3620] netlink: 24 bytes leftover after parsing attributes in process `syz.3.49'.
[   37.486546][ T3496] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   37.498971][ T3496] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   37.507801][ T3496] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   37.516554][ T3496] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   37.575109][ T3626] loop5: detected capacity change from 0 to 2048
[   37.602730][ T3626] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.724709][ T3636] netlink: 8 bytes leftover after parsing attributes in process `syz.1.53'.
[   37.733514][ T3636] netlink: 8 bytes leftover after parsing attributes in process `syz.1.53'.
[   38.268571][ T3648] process 'syz.2.57' launched '/dev/fd/3' with NULL argv: empty string added
[   38.326114][   T29] kauditd_printk_skb: 742 callbacks suppressed
[   38.326131][   T29] audit: type=1326 audit(1746279981.290:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3635 comm="syz.1.53" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f748c035927 code=0x7ffc0000
[   38.355586][   T29] audit: type=1326 audit(1746279981.290:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3635 comm="syz.1.53" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f748bfdab39 code=0x7ffc0000
[   38.378659][   T29] audit: type=1326 audit(1746279981.290:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3635 comm="syz.1.53" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f748c03e969 code=0x7ffc0000
[   38.411572][   T29] audit: type=1326 audit(1746279981.380:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3635 comm="syz.1.53" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f748c035927 code=0x7ffc0000
[   38.435029][   T29] audit: type=1326 audit(1746279981.380:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3635 comm="syz.1.53" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f748bfdab39 code=0x7ffc0000
[   38.458306][   T29] audit: type=1326 audit(1746279981.380:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3635 comm="syz.1.53" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f748c03e969 code=0x7ffc0000
[   38.520766][   T29] audit: type=1326 audit(1746279981.450:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3635 comm="syz.1.53" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f748c035927 code=0x7ffc0000
[   38.544306][   T29] audit: type=1326 audit(1746279981.450:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3635 comm="syz.1.53" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f748bfdab39 code=0x7ffc0000
[   38.567688][   T29] audit: type=1326 audit(1746279981.450:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3635 comm="syz.1.53" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f748c03e969 code=0x7ffc0000
[   38.590902][   T29] audit: type=1326 audit(1746279981.450:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3635 comm="syz.1.53" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f748c035927 code=0x7ffc0000
[   38.629433][ T3649] cgroup: fork rejected by pids controller in /syz2
[   38.712107][ T3496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.733917][ T3682] FAULT_INJECTION: forcing a failure.
[   38.733917][ T3682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   38.747137][ T3682] CPU: 0 UID: 0 PID: 3682 Comm: syz.1.60 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   38.747179][ T3682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   38.747196][ T3682] Call Trace:
[   38.747204][ T3682]  <TASK>
[   38.747214][ T3682]  __dump_stack+0x1d/0x30
[   38.747314][ T3682]  dump_stack_lvl+0xe8/0x140
[   38.747332][ T3682]  dump_stack+0x15/0x1b
[   38.747432][ T3682]  should_fail_ex+0x265/0x280
[   38.747541][ T3682]  should_fail+0xb/0x20
[   38.747571][ T3682]  should_fail_usercopy+0x1a/0x20
[   38.747651][ T3682]  _copy_to_user+0x20/0xa0
[   38.747677][ T3682]  simple_read_from_buffer+0xb5/0x130
[   38.747707][ T3682]  proc_fail_nth_read+0x100/0x140
[   38.747738][ T3682]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   38.747763][ T3682]  vfs_read+0x19d/0x6f0
[   38.747825][ T3682]  ? __rcu_read_unlock+0x4f/0x70
[   38.747844][ T3682]  ? __fget_files+0x184/0x1c0
[   38.747876][ T3682]  ksys_read+0xda/0x1a0
[   38.747900][ T3682]  __x64_sys_read+0x40/0x50
[   38.747970][ T3682]  x64_sys_call+0x2d77/0x2fb0
[   38.747993][ T3682]  do_syscall_64+0xd0/0x1a0
[   38.748013][ T3682]  ? clear_bhb_loop+0x25/0x80
[   38.748064][ T3682]  ? clear_bhb_loop+0x25/0x80
[   38.748150][ T3682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.748169][ T3682] RIP: 0033:0x7f748c03d37c
[   38.748186][ T3682] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   38.748207][ T3682] RSP: 002b:00007f748a6a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   38.748230][ T3682] RAX: ffffffffffffffda RBX: 00007f748c265fa0 RCX: 00007f748c03d37c
[   38.748273][ T3682] RDX: 000000000000000f RSI: 00007f748a6a70a0 RDI: 0000000000000006
[   38.748286][ T3682] RBP: 00007f748a6a7090 R08: 0000000000000000 R09: 0000000000000000
[   38.748297][ T3682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   38.748307][ T3682] R13: 0000000000000000 R14: 00007f748c265fa0 R15: 00007ffc07a53748
[   38.748335][ T3682]  </TASK>
[   38.994957][ T3686] netlink: 24 bytes leftover after parsing attributes in process `syz.5.61'.
[   39.038973][ T3688] rdma_op ffff8881185aad80 conn xmit_rdma 0000000000000000
[   39.182007][ T3706] loop1: detected capacity change from 0 to 512
[   39.189114][ T3706] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)!
[   39.199382][ T3706] EXT4-fs (loop1): group descriptors corrupted!
[   39.213313][ T3708] netlink: 'syz.5.70': attribute type 4 has an invalid length.
[   39.222276][ T3708] Zero length message leads to an empty skb
[   39.228593][ T3708] netlink: 12 bytes leftover after parsing attributes in process `syz.5.70'.
[   39.305046][ T3717] netlink: 24 bytes leftover after parsing attributes in process `syz.1.73'.
[   39.475453][ T3722] loop1: detected capacity change from 0 to 2048
[   39.526717][ T3722] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.556492][ T3724] lo speed is unknown, defaulting to 1000
[   40.281805][ T3713] net_ratelimit: 10 callbacks suppressed
[   40.281823][ T3713] Set syz1 is full, maxelem 65536 reached
[   40.378486][ T3755] loop5: detected capacity change from 0 to 2048
[   40.403144][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.421280][ T3742] netlink: 16 bytes leftover after parsing attributes in process `syz.3.80'.
[   40.432485][ T3755] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.483108][ T3762] loop1: detected capacity change from 0 to 2048
[   40.528448][ T3760] netlink: 12 bytes leftover after parsing attributes in process `syz.4.86'.
[   40.563361][ T3762] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.655395][ T3769] netlink: 8 bytes leftover after parsing attributes in process `syz.3.88'.
[   40.782278][ T3776] FAULT_INJECTION: forcing a failure.
[   40.782278][ T3776] name failslab, interval 1, probability 0, space 0, times 0
[   40.795189][ T3776] CPU: 1 UID: 0 PID: 3776 Comm: syz.4.91 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   40.795224][ T3776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   40.795240][ T3776] Call Trace:
[   40.795247][ T3776]  <TASK>
[   40.795257][ T3776]  __dump_stack+0x1d/0x30
[   40.795340][ T3776]  dump_stack_lvl+0xe8/0x140
[   40.795395][ T3776]  dump_stack+0x15/0x1b
[   40.795416][ T3776]  should_fail_ex+0x265/0x280
[   40.795456][ T3776]  ? __pfx_cond_bools_destroy+0x10/0x10
[   40.795543][ T3776]  should_failslab+0x8c/0xb0
[   40.795598][ T3776]  kmem_cache_alloc_noprof+0x50/0x310
[   40.795712][ T3776]  ? hashtab_duplicate+0xfe/0x360
[   40.795740][ T3776]  ? __pfx_cond_bools_destroy+0x10/0x10
[   40.795762][ T3776]  hashtab_duplicate+0xfe/0x360
[   40.795797][ T3776]  ? __pfx_cond_bools_copy+0x10/0x10
[   40.795818][ T3776]  cond_policydb_dup+0xd2/0x4e0
[   40.795841][ T3776]  security_set_bools+0xa0/0x340
[   40.795884][ T3776]  sel_commit_bools_write+0x1ea/0x270
[   40.795940][ T3776]  vfs_writev+0x3eb/0x870
[   40.795979][ T3776]  ? __pfx_sel_commit_bools_write+0x10/0x10
[   40.796016][ T3776]  ? mutex_lock+0xd/0x30
[   40.796104][ T3776]  do_writev+0xe7/0x210
[   40.796151][ T3776]  __x64_sys_writev+0x45/0x50
[   40.796255][ T3776]  x64_sys_call+0x2006/0x2fb0
[   40.796282][ T3776]  do_syscall_64+0xd0/0x1a0
[   40.796303][ T3776]  ? clear_bhb_loop+0x25/0x80
[   40.796373][ T3776]  ? clear_bhb_loop+0x25/0x80
[   40.796401][ T3776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.796428][ T3776] RIP: 0033:0x7fe854c2e969
[   40.796448][ T3776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.796537][ T3776] RSP: 002b:00007fe853297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   40.796562][ T3776] RAX: ffffffffffffffda RBX: 00007fe854e55fa0 RCX: 00007fe854c2e969
[   40.796575][ T3776] RDX: 0000000000000001 RSI: 00002000000025c0 RDI: 0000000000000005
[   40.796661][ T3776] RBP: 00007fe853297090 R08: 0000000000000000 R09: 0000000000000000
[   40.796724][ T3776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.796739][ T3776] R13: 0000000000000000 R14: 00007fe854e55fa0 R15: 00007ffff290fac8
[   40.796763][ T3776]  </TASK>
[   41.050091][ T3778] loop4: detected capacity change from 0 to 512
[   41.056766][ T3778] EXT4-fs: Ignoring removed orlov option
[   41.063126][ T3778] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   41.075071][ T3778] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[   41.103882][ T3778] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.93: corrupted in-inode xattr: e_value size too large
[   41.118537][ T3778] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.93: couldn't read orphan inode 15 (err -117)
[   41.136126][ T3778] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.157018][ T3778] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=63846 sclass=netlink_xfrm_socket pid=3778 comm=syz.4.93
[   41.170469][ T3778] netlink: 12 bytes leftover after parsing attributes in process `syz.4.93'.
[   41.180746][ T3778] netlink: 'syz.4.93': attribute type 3 has an invalid length.
[   41.210437][ T3785] loop2: detected capacity change from 0 to 512
[   41.217602][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.232047][ T3785] loop2: detected capacity change from 0 to 512
[   41.248827][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.258552][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.292143][ T3785] loop2: detected capacity change from 0 to 512
[   41.305647][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.305728][ T3496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.328475][ T3785] loop2: detected capacity change from 0 to 512
[   41.335843][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.336265][ T3770] syz.1.85 (3770) used greatest stack depth: 9696 bytes left
[   41.352369][ T3785] loop2: detected capacity change from 0 to 512
[   41.353966][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.359475][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.382501][ T3785] loop2: detected capacity change from 0 to 512
[   41.397240][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.399932][ T3792] netlink: 12 bytes leftover after parsing attributes in process `syz.5.97'.
[   41.418493][ T3785] loop2: detected capacity change from 0 to 512
[   41.427114][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.439958][ T3785] loop2: detected capacity change from 0 to 512
[   41.447222][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.459009][ T3785] loop2: detected capacity change from 0 to 512
[   41.467412][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.479038][ T3785] loop2: detected capacity change from 0 to 512
[   41.486177][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.498537][ T3785] loop2: detected capacity change from 0 to 512
[   41.512539][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.525197][ T3785] loop2: detected capacity change from 0 to 512
[   41.532280][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.546023][ T3785] loop2: detected capacity change from 0 to 512
[   41.553794][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.567325][ T3785] loop2: detected capacity change from 0 to 512
[   41.575941][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.592570][ T3802] FAULT_INJECTION: forcing a failure.
[   41.592570][ T3802] name failslab, interval 1, probability 0, space 0, times 0
[   41.593819][ T3785] loop2: detected capacity change from 0 to 512
[   41.605374][ T3802] CPU: 0 UID: 0 PID: 3802 Comm: syz.5.101 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   41.605436][ T3802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   41.605453][ T3802] Call Trace:
[   41.605462][ T3802]  <TASK>
[   41.605473][ T3802]  __dump_stack+0x1d/0x30
[   41.605502][ T3802]  dump_stack_lvl+0xe8/0x140
[   41.605527][ T3802]  dump_stack+0x15/0x1b
[   41.605548][ T3802]  should_fail_ex+0x265/0x280
[   41.605616][ T3802]  should_failslab+0x8c/0xb0
[   41.605653][ T3802]  kmem_cache_alloc_node_noprof+0x57/0x320
[   41.605739][ T3802]  ? __alloc_skb+0x101/0x320
[   41.605778][ T3802]  __alloc_skb+0x101/0x320
[   41.605835][ T3802]  ? audit_log_start+0x365/0x6c0
[   41.605873][ T3802]  audit_log_start+0x380/0x6c0
[   41.605911][ T3802]  ? exc_page_fault+0x54/0xc0
[   41.606009][ T3802]  audit_seccomp+0x48/0x100
[   41.606040][ T3802]  ? __seccomp_filter+0x68c/0x10d0
[   41.606074][ T3802]  __seccomp_filter+0x69d/0x10d0
[   41.606167][ T3802]  ? do_io_getevents+0x36d/0x400
[   41.606205][ T3802]  ? __fget_files+0x184/0x1c0
[   41.606243][ T3802]  __secure_computing+0x82/0x150
[   41.606316][ T3802]  syscall_trace_enter+0xcf/0x1e0
[   41.606347][ T3802]  do_syscall_64+0xaa/0x1a0
[   41.606419][ T3802]  ? clear_bhb_loop+0x25/0x80
[   41.606447][ T3802]  ? clear_bhb_loop+0x25/0x80
[   41.606500][ T3802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.606527][ T3802] RIP: 0033:0x7fe052f9d37c
[   41.606547][ T3802] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   41.606569][ T3802] RSP: 002b:00007fe051607030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   41.606593][ T3802] RAX: ffffffffffffffda RBX: 00007fe0531c5fa0 RCX: 00007fe052f9d37c
[   41.606608][ T3802] RDX: 000000000000000f RSI: 00007fe0516070a0 RDI: 0000000000000003
[   41.606632][ T3802] RBP: 00007fe051607090 R08: 0000000000000000 R09: 0000000000000000
[   41.606647][ T3802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.606663][ T3802] R13: 0000000000000000 R14: 00007fe0531c5fa0 R15: 00007ffd7f24fbc8
[   41.606686][ T3802]  </TASK>
[   41.629383][ T3805] netlink: 96 bytes leftover after parsing attributes in process `syz.5.103'.
[   41.637766][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.844755][ T3785] loop2: detected capacity change from 0 to 512
[   41.851784][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.865492][ T3785] loop2: detected capacity change from 0 to 512
[   41.873458][ T3785] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   41.874394][ T3808] FAULT_INJECTION: forcing a failure.
[   41.874394][ T3808] name failslab, interval 1, probability 0, space 0, times 0
[   41.894963][ T3808] CPU: 1 UID: 0 PID: 3808 Comm: syz.5.104 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   41.895028][ T3808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   41.895039][ T3808] Call Trace:
[   41.895043][ T3808]  <TASK>
[   41.895050][ T3808]  __dump_stack+0x1d/0x30
[   41.895070][ T3808]  dump_stack_lvl+0xe8/0x140
[   41.895087][ T3808]  dump_stack+0x15/0x1b
[   41.895107][ T3808]  should_fail_ex+0x265/0x280
[   41.895134][ T3808]  ? sctp_auth_asoc_copy_shkeys+0xfa/0x330
[   41.895157][ T3808]  should_failslab+0x8c/0xb0
[   41.895182][ T3808]  __kmalloc_cache_noprof+0x4c/0x320
[   41.895200][ T3808]  sctp_auth_asoc_copy_shkeys+0xfa/0x330
[   41.895294][ T3808]  sctp_association_new+0xde5/0x1200
[   41.895332][ T3808]  sctp_connect_new_asoc+0x1a8/0x3a0
[   41.895366][ T3808]  __sctp_connect+0x424/0x7a0
[   41.895394][ T3808]  ? selinux_sctp_bind_connect+0x20d/0x250
[   41.895471][ T3808]  sctp_getsockopt_connectx3+0x220/0x300
[   41.895496][ T3808]  sctp_getsockopt+0x910/0xaa0
[   41.895553][ T3808]  sock_common_getsockopt+0x5d/0x70
[   41.895577][ T3808]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   41.895677][ T3808]  do_sock_getsockopt+0x1fd/0x240
[   41.895782][ T3808]  __x64_sys_getsockopt+0x11e/0x1a0
[   41.895870][ T3808]  x64_sys_call+0x12aa/0x2fb0
[   41.895889][ T3808]  do_syscall_64+0xd0/0x1a0
[   41.895908][ T3808]  ? clear_bhb_loop+0x25/0x80
[   41.895930][ T3808]  ? clear_bhb_loop+0x25/0x80
[   41.896007][ T3808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.896063][ T3808] RIP: 0033:0x7fe052f9e969
[   41.896077][ T3808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.896110][ T3808] RSP: 002b:00007fe051607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   41.896126][ T3808] RAX: ffffffffffffffda RBX: 00007fe0531c5fa0 RCX: 00007fe052f9e969
[   41.896136][ T3808] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000005
[   41.896179][ T3808] RBP: 00007fe051607090 R08: 0000200000000180 R09: 0000000000000000
[   41.896189][ T3808] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002
[   41.896199][ T3808] R13: 0000000000000000 R14: 00007fe0531c5fa0 R15: 00007ffd7f24fbc8
[   41.896215][ T3808]  </TASK>
[   41.900199][ T3785] loop2: detected capacity change from 0 to 512
[   42.183147][ T3814] loop2: detected capacity change from 0 to 512
[   42.189801][ T3814] EXT4-fs: Ignoring removed nobh option
[   42.197106][ T3814] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   42.218449][ T3824] netlink: 12 bytes leftover after parsing attributes in process `syz.5.110'.
[   42.238669][ T3814] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #16: comm syz.2.107: corrupted inode contents
[   42.256355][ T3814] EXT4-fs (loop2): Remounting filesystem read-only
[   42.263711][ T3814] EXT4-fs (loop2): 1 truncate cleaned up
[   42.269934][ T3814] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.284063][ T3814] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.284063][ T1471] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   42.284114][ T1471] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   42.316011][ T1471] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   42.345269][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.542116][ T3849] netlink: 8 bytes leftover after parsing attributes in process `syz.3.119'.
[   42.552579][ T3849] FAULT_INJECTION: forcing a failure.
[   42.552579][ T3849] name failslab, interval 1, probability 0, space 0, times 0
[   42.565374][ T3849] CPU: 1 UID: 0 PID: 3849 Comm: syz.3.119 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   42.565407][ T3849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   42.565421][ T3849] Call Trace:
[   42.565429][ T3849]  <TASK>
[   42.565437][ T3849]  __dump_stack+0x1d/0x30
[   42.565494][ T3849]  dump_stack_lvl+0xe8/0x140
[   42.565516][ T3849]  dump_stack+0x15/0x1b
[   42.565534][ T3849]  should_fail_ex+0x265/0x280
[   42.565569][ T3849]  should_failslab+0x8c/0xb0
[   42.565601][ T3849]  __kvmalloc_node_noprof+0x126/0x4d0
[   42.565689][ T3849]  ? alloc_netdev_mqs+0xa1/0xab0
[   42.565710][ T3849]  ? cgroup_rstat_updated+0xa3/0x510
[   42.565853][ T3849]  alloc_netdev_mqs+0xa1/0xab0
[   42.565959][ T3849]  ? __pfx_ipvlan_link_setup+0x10/0x10
[   42.565990][ T3849]  ? xfd_validate_state+0x45/0xf0
[   42.566033][ T3849]  rtnl_create_link+0x239/0x710
[   42.566071][ T3849]  rtnl_newlink_create+0x151/0x630
[   42.566101][ T3849]  ? __schedule+0x6a2/0xb20
[   42.566204][ T3849]  rtnl_newlink+0xf29/0x12d0
[   42.566347][ T3849]  ? __memcg_slab_free_hook+0xb7/0x1c0
[   42.566391][ T3849]  ? __kfree_skb+0x109/0x150
[   42.566423][ T3849]  ? __rcu_read_unlock+0x4f/0x70
[   42.566447][ T3849]  ? avc_has_perm_noaudit+0x1b1/0x200
[   42.566502][ T3849]  ? selinux_capable+0x1f9/0x270
[   42.566525][ T3849]  ? security_capable+0x83/0x90
[   42.566589][ T3849]  ? ns_capable+0x7d/0xb0
[   42.566623][ T3849]  ? __pfx_rtnl_newlink+0x10/0x10
[   42.566700][ T3849]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   42.566751][ T3849]  netlink_rcv_skb+0x120/0x220
[   42.566788][ T3849]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   42.566890][ T3849]  rtnetlink_rcv+0x1c/0x30
[   42.566910][ T3849]  netlink_unicast+0x59e/0x670
[   42.566947][ T3849]  netlink_sendmsg+0x58b/0x6b0
[   42.567057][ T3849]  ? __pfx_netlink_sendmsg+0x10/0x10
[   42.567147][ T3849]  __sock_sendmsg+0x142/0x180
[   42.567190][ T3849]  ____sys_sendmsg+0x31e/0x4e0
[   42.567275][ T3849]  ___sys_sendmsg+0x17b/0x1d0
[   42.567314][ T3849]  __x64_sys_sendmsg+0xd4/0x160
[   42.567343][ T3849]  x64_sys_call+0x2999/0x2fb0
[   42.567365][ T3849]  do_syscall_64+0xd0/0x1a0
[   42.567478][ T3849]  ? clear_bhb_loop+0x25/0x80
[   42.567504][ T3849]  ? clear_bhb_loop+0x25/0x80
[   42.567529][ T3849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.567581][ T3849] RIP: 0033:0x7efc3f18e969
[   42.567598][ T3849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.567614][ T3849] RSP: 002b:00007efc3d7d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   42.567631][ T3849] RAX: ffffffffffffffda RBX: 00007efc3f3b6080 RCX: 00007efc3f18e969
[   42.567718][ T3849] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   42.567733][ T3849] RBP: 00007efc3d7d6090 R08: 0000000000000000 R09: 0000000000000000
[   42.567748][ T3849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.567762][ T3849] R13: 0000000000000000 R14: 00007efc3f3b6080 R15: 00007ffdefb4ecf8
[   42.567784][ T3849]  </TASK>
[   42.865556][ T3853] loop5: detected capacity change from 0 to 2048
[   42.901879][ T3853] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.980863][ T3865] mmap: syz.2.125 (3865) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   43.269917][ T3886] FAULT_INJECTION: forcing a failure.
[   43.269917][ T3886] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   43.283287][ T3886] CPU: 1 UID: 0 PID: 3886 Comm: syz.1.132 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   43.283322][ T3886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   43.283338][ T3886] Call Trace:
[   43.283345][ T3886]  <TASK>
[   43.283353][ T3886]  __dump_stack+0x1d/0x30
[   43.283441][ T3886]  dump_stack_lvl+0xe8/0x140
[   43.283466][ T3886]  dump_stack+0x15/0x1b
[   43.283487][ T3886]  should_fail_ex+0x265/0x280
[   43.283564][ T3886]  should_fail+0xb/0x20
[   43.283627][ T3886]  should_fail_usercopy+0x1a/0x20
[   43.283649][ T3886]  _copy_from_user+0x1c/0xb0
[   43.283674][ T3886]  __sys_bpf+0x178/0x790
[   43.283718][ T3886]  __x64_sys_bpf+0x41/0x50
[   43.283781][ T3886]  x64_sys_call+0x2478/0x2fb0
[   43.283807][ T3886]  do_syscall_64+0xd0/0x1a0
[   43.283833][ T3886]  ? clear_bhb_loop+0x25/0x80
[   43.283857][ T3886]  ? clear_bhb_loop+0x25/0x80
[   43.283931][ T3886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.283954][ T3886] RIP: 0033:0x7f748c03e969
[   43.283972][ T3886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.283994][ T3886] RSP: 002b:00007f748a6a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   43.284016][ T3886] RAX: ffffffffffffffda RBX: 00007f748c265fa0 RCX: 00007f748c03e969
[   43.284032][ T3886] RDX: 0000000000000050 RSI: 0000200000000100 RDI: 0000000000000000
[   43.284047][ T3886] RBP: 00007f748a6a7090 R08: 0000000000000000 R09: 0000000000000000
[   43.284064][ T3886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.284078][ T3886] R13: 0000000000000000 R14: 00007f748c265fa0 R15: 00007ffc07a53748
[   43.284101][ T3886]  </TASK>
[   43.285077][ T3888] rdma_op ffff888117185d80 conn xmit_rdma 0000000000000000
[   43.336351][ T3890] loop2: detected capacity change from 0 to 2048
[   43.468713][   T29] kauditd_printk_skb: 92 callbacks suppressed
[   43.468728][   T29] audit: type=1326 audit(1746279986.310:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3883 comm="syz.2.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc27ac8e969 code=0x7ffc0000
[   43.498183][   T29] audit: type=1326 audit(1746279986.310:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3883 comm="syz.2.131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc27ac8e969 code=0x7ffc0000
[   43.521829][   T29] audit: type=1326 audit(1746279986.400:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3877 comm="syz.4.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe854c2e969 code=0x7ffc0000
[   43.545080][   T29] audit: type=1326 audit(1746279986.400:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3877 comm="syz.4.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe854c2e969 code=0x7ffc0000
[   43.568411][   T29] audit: type=1326 audit(1746279986.400:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3877 comm="syz.4.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe854c2e969 code=0x7ffc0000
[   43.591715][   T29] audit: type=1326 audit(1746279986.400:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3877 comm="syz.4.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe854c2e969 code=0x7ffc0000
[   43.615007][   T29] audit: type=1326 audit(1746279986.400:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3877 comm="syz.4.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe854c2e969 code=0x7ffc0000
[   43.638276][   T29] audit: type=1326 audit(1746279986.400:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3877 comm="syz.4.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe854c2e969 code=0x7ffc0000
[   43.661574][   T29] audit: type=1326 audit(1746279986.400:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3877 comm="syz.4.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe854c2e969 code=0x7ffc0000
[   43.684862][   T29] audit: type=1326 audit(1746279986.400:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3877 comm="syz.4.130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe854c2e969 code=0x7ffc0000
[   43.725563][ T3896] FAULT_INJECTION: forcing a failure.
[   43.725563][ T3896] name failslab, interval 1, probability 0, space 0, times 0
[   43.738276][ T3896] CPU: 1 UID: 0 PID: 3896 Comm: syz.3.135 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   43.738310][ T3896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   43.738344][ T3896] Call Trace:
[   43.738352][ T3896]  <TASK>
[   43.738362][ T3896]  __dump_stack+0x1d/0x30
[   43.738387][ T3896]  dump_stack_lvl+0xe8/0x140
[   43.738410][ T3896]  dump_stack+0x15/0x1b
[   43.738448][ T3896]  should_fail_ex+0x265/0x280
[   43.738560][ T3896]  should_failslab+0x8c/0xb0
[   43.738592][ T3896]  __kmalloc_noprof+0xa5/0x3e0
[   43.738614][ T3896]  ? security_prepare_creds+0x52/0x120
[   43.738649][ T3896]  security_prepare_creds+0x52/0x120
[   43.738757][ T3896]  prepare_creds+0x34a/0x4c0
[   43.738778][ T3896]  selinux_lsm_setattr+0x1a4/0x660
[   43.738875][ T3896]  selinux_setprocattr+0x4f/0x70
[   43.738900][ T3896]  security_setprocattr+0x1a4/0x1d0
[   43.738924][ T3896]  proc_pid_attr_write+0x1eb/0x220
[   43.738953][ T3896]  ? __pfx_proc_pid_attr_write+0x10/0x10
[   43.738982][ T3896]  vfs_write+0x266/0x8d0
[   43.739070][ T3896]  ? __rcu_read_unlock+0x4f/0x70
[   43.739102][ T3896]  ? __fget_files+0x184/0x1c0
[   43.739138][ T3896]  ksys_write+0xda/0x1a0
[   43.739214][ T3896]  __x64_sys_write+0x40/0x50
[   43.739245][ T3896]  x64_sys_call+0x2cdd/0x2fb0
[   43.739271][ T3896]  do_syscall_64+0xd0/0x1a0
[   43.739297][ T3896]  ? clear_bhb_loop+0x25/0x80
[   43.739339][ T3896]  ? clear_bhb_loop+0x25/0x80
[   43.739437][ T3896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.739459][ T3896] RIP: 0033:0x7efc3f18e969
[   43.739476][ T3896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.739496][ T3896] RSP: 002b:00007efc3d7f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   43.739534][ T3896] RAX: ffffffffffffffda RBX: 00007efc3f3b5fa0 RCX: 00007efc3f18e969
[   43.739549][ T3896] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   43.739564][ T3896] RBP: 00007efc3d7f7090 R08: 0000000000000000 R09: 0000000000000000
[   43.739577][ T3896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.739642][ T3896] R13: 0000000000000000 R14: 00007efc3f3b5fa0 R15: 00007ffdefb4ecf8
[   43.739662][ T3896]  </TASK>
[   43.739872][ T3496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.741549][ T3884]  loop2: p1 < > p4
[   43.812791][ T3898] lo speed is unknown, defaulting to 1000
[   43.877135][ T3884] loop2: p4 size 8388608 extends beyond EOD, truncated
[   43.997521][ T3890]  loop2: p1 < > p4
[   44.007489][ T3890] loop2: p4 size 8388608 extends beyond EOD, truncated
[   44.049785][ T3906] loop1: detected capacity change from 0 to 164
[   44.079168][ T3906] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   44.158451][ T3916] lo speed is unknown, defaulting to 1000
[   44.433525][ T3955] loop2: detected capacity change from 0 to 2048
[   44.452215][ T3955] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.605660][ T3966] __nla_validate_parse: 3 callbacks suppressed
[   44.605765][ T3966] netlink: 12 bytes leftover after parsing attributes in process `syz.5.149'.
[   44.709823][ T3971] FAULT_INJECTION: forcing a failure.
[   44.709823][ T3971] name failslab, interval 1, probability 0, space 0, times 0
[   44.722542][ T3971] CPU: 0 UID: 0 PID: 3971 Comm: syz.5.151 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   44.722577][ T3971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   44.722589][ T3971] Call Trace:
[   44.722596][ T3971]  <TASK>
[   44.722605][ T3971]  __dump_stack+0x1d/0x30
[   44.722631][ T3971]  dump_stack_lvl+0xe8/0x140
[   44.722661][ T3971]  dump_stack+0x15/0x1b
[   44.722682][ T3971]  should_fail_ex+0x265/0x280
[   44.722771][ T3971]  should_failslab+0x8c/0xb0
[   44.722807][ T3971]  kmem_cache_alloc_noprof+0x50/0x310
[   44.722848][ T3971]  ? radix_tree_node_alloc+0x8a/0x1f0
[   44.722875][ T3971]  radix_tree_node_alloc+0x8a/0x1f0
[   44.722983][ T3971]  idr_get_free+0x1fa/0x550
[   44.723018][ T3971]  idr_alloc_u32+0xca/0x180
[   44.723107][ T3971]  idr_alloc+0x6e/0xd0
[   44.723128][ T3971]  tipc_conn_alloc+0x158/0x240
[   44.723156][ T3971]  tipc_topsrv_kern_subscr+0xbd/0x1b0
[   44.723196][ T3971]  tipc_group_create+0x24d/0x290
[   44.723262][ T3971]  tipc_sk_join+0x130/0x2e0
[   44.723289][ T3971]  tipc_setsockopt+0x598/0x620
[   44.723316][ T3971]  ? __pfx_tipc_setsockopt+0x10/0x10
[   44.723347][ T3971]  __sys_setsockopt+0x181/0x200
[   44.723413][ T3971]  __x64_sys_setsockopt+0x64/0x80
[   44.723452][ T3971]  x64_sys_call+0x2bd5/0x2fb0
[   44.723481][ T3971]  do_syscall_64+0xd0/0x1a0
[   44.723508][ T3971]  ? clear_bhb_loop+0x25/0x80
[   44.723535][ T3971]  ? clear_bhb_loop+0x25/0x80
[   44.723562][ T3971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.723639][ T3971] RIP: 0033:0x7fe052f9e969
[   44.723669][ T3971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.723685][ T3971] RSP: 002b:00007fe051607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   44.723706][ T3971] RAX: ffffffffffffffda RBX: 00007fe0531c5fa0 RCX: 00007fe052f9e969
[   44.723722][ T3971] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000005
[   44.723737][ T3971] RBP: 00007fe051607090 R08: 0000000000000010 R09: 0000000000000000
[   44.723752][ T3971] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[   44.723797][ T3971] R13: 0000000000000000 R14: 00007fe0531c5fa0 R15: 00007ffd7f24fbc8
[   44.723820][ T3971]  </TASK>
[   45.017976][ T3977] loop1: detected capacity change from 0 to 512
[   45.038009][ T3977] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[   45.115352][ T3986] FAULT_INJECTION: forcing a failure.
[   45.115352][ T3986] name failslab, interval 1, probability 0, space 0, times 0
[   45.128055][ T3986] CPU: 0 UID: 0 PID: 3986 Comm: syz.1.158 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   45.128158][ T3986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   45.128170][ T3986] Call Trace:
[   45.128175][ T3986]  <TASK>
[   45.128183][ T3986]  __dump_stack+0x1d/0x30
[   45.128208][ T3986]  dump_stack_lvl+0xe8/0x140
[   45.128232][ T3986]  dump_stack+0x15/0x1b
[   45.128323][ T3986]  should_fail_ex+0x265/0x280
[   45.128360][ T3986]  should_failslab+0x8c/0xb0
[   45.128390][ T3986]  kmem_cache_alloc_noprof+0x50/0x310
[   45.128476][ T3986]  ? copy_fs_struct+0x31/0x110
[   45.128506][ T3986]  copy_fs_struct+0x31/0x110
[   45.128548][ T3986]  __se_sys_setns+0x342/0xf10
[   45.128590][ T3986]  __x64_sys_setns+0x31/0x40
[   45.128625][ T3986]  x64_sys_call+0x2e95/0x2fb0
[   45.128649][ T3986]  do_syscall_64+0xd0/0x1a0
[   45.128721][ T3986]  ? clear_bhb_loop+0x25/0x80
[   45.128746][ T3986]  ? clear_bhb_loop+0x25/0x80
[   45.128773][ T3986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.128798][ T3986] RIP: 0033:0x7f748c03e969
[   45.128863][ T3986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.128879][ T3986] RSP: 002b:00007f748a6a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
[   45.128916][ T3986] RAX: ffffffffffffffda RBX: 00007f748c265fa0 RCX: 00007f748c03e969
[   45.128931][ T3986] RDX: 0000000000000000 RSI: 0000000024020000 RDI: 0000000000000004
[   45.128946][ T3986] RBP: 00007f748a6a7090 R08: 0000000000000000 R09: 0000000000000000
[   45.128962][ T3986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.129026][ T3986] R13: 0000000000000000 R14: 00007f748c265fa0 R15: 00007ffc07a53748
[   45.129043][ T3986]  </TASK>
[   45.379790][ T3993] loop5: detected capacity change from 0 to 512
[   45.387842][ T3991] FAULT_INJECTION: forcing a failure.
[   45.387842][ T3991] name failslab, interval 1, probability 0, space 0, times 0
[   45.388891][ T3989] netlink: 12 bytes leftover after parsing attributes in process `syz.1.160'.
[   45.400503][ T3991] CPU: 0 UID: 0 PID: 3991 Comm: syz.3.159 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   45.400536][ T3991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   45.400552][ T3991] Call Trace:
[   45.400560][ T3991]  <TASK>
[   45.400569][ T3991]  __dump_stack+0x1d/0x30
[   45.400602][ T3991]  dump_stack_lvl+0xe8/0x140
[   45.400628][ T3991]  dump_stack+0x15/0x1b
[   45.400703][ T3991]  should_fail_ex+0x265/0x280
[   45.400743][ T3991]  ? audit_log_d_path+0x8d/0x150
[   45.400780][ T3991]  should_failslab+0x8c/0xb0
[   45.400818][ T3991]  __kmalloc_cache_noprof+0x4c/0x320
[   45.400922][ T3991]  audit_log_d_path+0x8d/0x150
[   45.400960][ T3991]  audit_log_d_path_exe+0x42/0x70
[   45.400988][ T3991]  audit_log_task+0x1e9/0x250
[   45.401078][ T3991]  audit_seccomp+0x61/0x100
[   45.401108][ T3991]  ? __seccomp_filter+0x68c/0x10d0
[   45.401135][ T3991]  __seccomp_filter+0x69d/0x10d0
[   45.401163][ T3991]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   45.401220][ T3991]  ? vfs_write+0x75e/0x8d0
[   45.401251][ T3991]  ? __rcu_read_unlock+0x4f/0x70
[   45.401355][ T3991]  ? __fget_files+0x184/0x1c0
[   45.401393][ T3991]  __secure_computing+0x82/0x150
[   45.401419][ T3991]  syscall_trace_enter+0xcf/0x1e0
[   45.401450][ T3991]  do_syscall_64+0xaa/0x1a0
[   45.401496][ T3991]  ? clear_bhb_loop+0x25/0x80
[   45.401581][ T3991]  ? clear_bhb_loop+0x25/0x80
[   45.401609][ T3991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.401635][ T3991] RIP: 0033:0x7efc3f18e969
[   45.401656][ T3991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.401678][ T3991] RSP: 002b:00007efc3d7f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   45.401782][ T3991] RAX: ffffffffffffffda RBX: 00007efc3f3b5fa0 RCX: 00007efc3f18e969
[   45.401798][ T3991] RDX: 0000000000000000 RSI: 0000000000143c62 RDI: 0000200000000080
[   45.401813][ T3991] RBP: 00007efc3d7f7090 R08: 0000000000000000 R09: 0000000000000000
[   45.401829][ T3991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.401844][ T3991] R13: 0000000000000000 R14: 00007efc3f3b5fa0 R15: 00007ffdefb4ecf8
[   45.401920][ T3991]  </TASK>
[   45.599631][ T3993] EXT4-fs (loop5): 1 orphan inode deleted
[   45.631883][   T37] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1
[   45.644225][ T3993] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.658009][ T3993] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.673447][ T3999] serio: Serial port ptm0
[   45.680930][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.723386][ T3496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.732653][ T4006] loop1: detected capacity change from 0 to 512
[   45.739367][ T4006] EXT4-fs: Ignoring removed i_version option
[   45.746768][ T4006] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   45.765082][ T4006] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   45.779742][ T4006] EXT4-fs (loop1): 1 truncate cleaned up
[   45.786044][ T4006] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.820733][ T4016] SELinux:  Context system_u:object_r: is not valid (left unmapped).
[   45.840149][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.885258][ T4020] loop4: detected capacity change from 0 to 512
[   45.896409][ T4020] EXT4-fs (loop4): external journal device major/minor numbers have changed
[   45.925466][ T4020] EXT4-fs (loop4): failed to open journal device unknown-block(0,3) -6
[   45.937856][ T4035] netlink: 36 bytes leftover after parsing attributes in process `syz.3.175'.
[   45.946866][ T4035] netlink: 36 bytes leftover after parsing attributes in process `syz.3.175'.
[   45.956247][ T4035] netlink: 36 bytes leftover after parsing attributes in process `syz.3.175'.
[   45.973413][ T4035] netlink: 36 bytes leftover after parsing attributes in process `syz.3.175'.
[   45.982719][ T4035] netlink: 36 bytes leftover after parsing attributes in process `syz.3.175'.
[   45.992264][ T4035] netlink: 36 bytes leftover after parsing attributes in process `syz.3.175'.
[   46.004719][ T4040] batman_adv: batadv0: Adding interface: dummy0
[   46.011168][ T4040] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.049066][ T4040] batman_adv: batadv0: Interface activated: dummy0
[   46.049182][ T4035] netlink: 36 bytes leftover after parsing attributes in process `syz.3.175'.
[   46.059497][ T4040] batadv0: mtu less than device minimum
[   46.064721][ T4035] netlink: 36 bytes leftover after parsing attributes in process `syz.3.175'.
[   46.079920][ T4040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   46.090816][ T4040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   46.101565][ T4040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   46.111440][ T4048] usb usb8: usbfs: process 4048 (syz.2.179) did not claim interface 0 before use
[   46.112226][ T4040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   46.132038][ T4040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   46.142883][ T4040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   46.153756][ T4040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   46.164507][ T4040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   46.175330][ T4040] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   46.206974][ T4052] loop2: detected capacity change from 0 to 512
[   46.215410][ T4052] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   46.223584][ T4054] loop4: detected capacity change from 0 to 512
[   46.223617][ T4052] EXT4-fs (loop2): orphan cleanup on readonly fs
[   46.230700][ T4054] ext2: Unknown parameter 'fowner>00000000000000000000'
[   46.239698][ T4052] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   46.260408][ T4052] EXT4-fs (loop2): Cannot turn on quotas: error -117
[   46.267670][ T4052] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #16: comm syz.2.180: casefold flag without casefold feature
[   46.269434][ T4057] FAULT_INJECTION: forcing a failure.
[   46.269434][ T4057] name failslab, interval 1, probability 0, space 0, times 0
[   46.282035][ T4052] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.180: couldn't read orphan inode 16 (err -117)
[   46.292994][ T4057] CPU: 0 UID: 0 PID: 4057 Comm: syz.4.182 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   46.293028][ T4057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   46.293046][ T4057] Call Trace:
[   46.293054][ T4057]  <TASK>
[   46.293066][ T4057]  __dump_stack+0x1d/0x30
[   46.293168][ T4057]  dump_stack_lvl+0xe8/0x140
[   46.293193][ T4057]  dump_stack+0x15/0x1b
[   46.293214][ T4057]  should_fail_ex+0x265/0x280
[   46.293295][ T4057]  should_failslab+0x8c/0xb0
[   46.293409][ T4057]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   46.293453][ T4057]  ? __d_alloc+0x3d/0x350
[   46.293491][ T4057]  ? irq_work_queue+0x93/0x100
[   46.293592][ T4057]  __d_alloc+0x3d/0x350
[   46.293634][ T4057]  d_alloc_parallel+0x53/0xc40
[   46.293657][ T4057]  ? __rcu_read_unlock+0x34/0x70
[   46.293730][ T4057]  ? __rcu_read_unlock+0x34/0x70
[   46.293757][ T4057]  ? lockref_get_not_dead+0x120/0x1c0
[   46.293785][ T4057]  ? __rcu_read_unlock+0x4f/0x70
[   46.293812][ T4057]  __lookup_slow+0x8c/0x250
[   46.293839][ T4057]  lookup_slow+0x3c/0x60
[   46.293907][ T4057]  link_path_walk+0x71d/0x8b0
[   46.293951][ T4057]  path_openat+0x1de/0x2170
[   46.294022][ T4057]  ? should_fail_ex+0x30/0x280
[   46.294059][ T4057]  ? _parse_integer_limit+0x170/0x190
[   46.294107][ T4057]  do_filp_open+0x109/0x230
[   46.294138][ T4057]  ? __pfx_kfree_link+0x10/0x10
[   46.294235][ T4057]  do_sys_openat2+0xa6/0x110
[   46.294262][ T4057]  __x64_sys_openat+0xf2/0x120
[   46.294289][ T4057]  x64_sys_call+0x1af/0x2fb0
[   46.294388][ T4057]  do_syscall_64+0xd0/0x1a0
[   46.294417][ T4057]  ? clear_bhb_loop+0x25/0x80
[   46.294445][ T4057]  ? clear_bhb_loop+0x25/0x80
[   46.294475][ T4057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.294503][ T4057] RIP: 0033:0x7fe854c2d2d0
[   46.294561][ T4057] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[   46.294584][ T4057] RSP: 002b:00007fe853296f70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   46.294608][ T4057] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe854c2d2d0
[   46.294623][ T4057] RDX: 0000000000000000 RSI: 00007fe854cb0bc9 RDI: 00000000ffffff9c
[   46.294639][ T4057] RBP: 00007fe854cb0bc9 R08: 0000000000000000 R09: 0000000000000000
[   46.294723][ T4057] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   46.294738][ T4057] R13: 0000000000000001 R14: 00007fe854e55fa0 R15: 00007ffff290fac8
[   46.294828][ T4057]  </TASK>
[   46.551022][ T4052] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   46.584207][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.786405][ T4082] loop1: detected capacity change from 0 to 2048
[   46.810912][ T4089] loop3: detected capacity change from 0 to 2048
[   46.818803][ T4082] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.844124][ T4089] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.860567][ T4095] loop4: detected capacity change from 0 to 512
[   46.870391][ T4095] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   46.878614][ T4095] EXT4-fs (loop4): orphan cleanup on readonly fs
[   46.886477][ T4095] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   46.902322][ T4095] EXT4-fs (loop4): Cannot turn on quotas: error -117
[   46.909240][ T4095] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #16: comm syz.4.195: casefold flag without casefold feature
[   46.922743][ T4095] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.195: couldn't read orphan inode 16 (err -117)
[   46.936293][ T4095] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   46.994649][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.995095][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.014016][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.070451][ T4100] netlink: 'syz.4.201': attribute type 10 has an invalid length.
[   47.084781][ T4100] dummy0: entered promiscuous mode
[   47.090062][ T4100] batman_adv: batadv0: Interface deactivated: dummy0
[   47.097038][ T4100] batman_adv: batadv0: Removing interface: dummy0
[   47.128064][ T4100] bridge0: port 3(dummy0) entered blocking state
[   47.134728][ T4100] bridge0: port 3(dummy0) entered disabled state
[   47.145385][ T4100] dummy0: entered allmulticast mode
[   47.151807][ T4100] bridge0: port 3(dummy0) entered blocking state
[   47.158265][ T4100] bridge0: port 3(dummy0) entered forwarding state
[   47.182045][ T4118] dummy0: left allmulticast mode
[   47.187285][ T4118] bridge0: port 3(dummy0) entered disabled state
[   47.207804][ T4118] batman_adv: batadv0: Adding interface: dummy0
[   47.214230][ T4118] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.254091][ T4118] batman_adv: batadv0: Interface activated: dummy0
[   47.319410][ T4131] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[   47.333845][ T4131] loop3: detected capacity change from 0 to 1024
[   47.346857][ T4135] loop4: detected capacity change from 0 to 2048
[   47.357012][ T4131] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   47.366190][ T4131] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   47.369364][ T4137] FAULT_INJECTION: forcing a failure.
[   47.369364][ T4137] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   47.378823][ T4131] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   47.389813][ T4137] CPU: 1 UID: 0 PID: 4137 Comm: syz.2.211 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   47.389842][ T4137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   47.389857][ T4137] Call Trace:
[   47.389865][ T4137]  <TASK>
[   47.389875][ T4137]  __dump_stack+0x1d/0x30
[   47.389906][ T4137]  dump_stack_lvl+0xe8/0x140
[   47.389933][ T4137]  dump_stack+0x15/0x1b
[   47.389955][ T4137]  should_fail_ex+0x265/0x280
[   47.390007][ T4137]  should_fail+0xb/0x20
[   47.390107][ T4137]  should_fail_usercopy+0x1a/0x20
[   47.390131][ T4137]  _copy_from_user+0x1c/0xb0
[   47.390158][ T4137]  memdup_user+0x5e/0xd0
[   47.390182][ T4137]  strndup_user+0x68/0xb0
[   47.390205][ T4137]  __se_sys_mount+0x8e/0x2e0
[   47.390258][ T4137]  ? fput+0x8f/0xc0
[   47.390280][ T4137]  ? ksys_write+0x16e/0x1a0
[   47.390322][ T4137]  __x64_sys_mount+0x67/0x80
[   47.390355][ T4137]  x64_sys_call+0xd36/0x2fb0
[   47.390383][ T4137]  do_syscall_64+0xd0/0x1a0
[   47.390451][ T4137]  ? clear_bhb_loop+0x25/0x80
[   47.390471][ T4137]  ? clear_bhb_loop+0x25/0x80
[   47.390494][ T4137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.390522][ T4137] RIP: 0033:0x7fc27ac8e969
[   47.390540][ T4137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.390625][ T4137] RSP: 002b:00007fc2792f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   47.390649][ T4137] RAX: ffffffffffffffda RBX: 00007fc27aeb5fa0 RCX: 00007fc27ac8e969
[   47.390667][ T4137] RDX: 0000200000000600 RSI: 00002000000005c0 RDI: 0000200000000580
[   47.390683][ T4137] RBP: 00007fc2792f7090 R08: 0000200000000640 R09: 0000000000000000
[   47.390698][ T4137] R10: 0000000002800004 R11: 0000000000000246 R12: 0000000000000001
[   47.390713][ T4137] R13: 0000000000000000 R14: 00007fc27aeb5fa0 R15: 00007ffd29c90458
[   47.390737][ T4137]  </TASK>
[   47.438153][ T4135] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.440645][ T4131] EXT4-fs (loop3): orphan cleanup on readonly fs
[   47.605002][ T4131] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5899: Corrupt filesystem
[   47.614656][ T4131] EXT4-fs (loop3): Remounting filesystem read-only
[   47.621525][ T4131] EXT4-fs (loop3): 1 orphan inode deleted
[   47.631374][ T4131] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   47.658387][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.668672][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.714191][ T4149] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.214' sets config #0
[   47.870471][ T4168] loop3: detected capacity change from 0 to 512
[   47.877664][ T4168] ext2: Unknown parameter 'fowner>00000000000000000000'
[   47.946679][ T4179] loop2: detected capacity change from 0 to 512
[   47.953406][ T4179] ext2: Unknown parameter 'fowner>00000000000000000000'
[   47.983811][ T4182] loop4: detected capacity change from 0 to 512
[   47.998438][ T4182] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   48.014082][ T4182] EXT4-fs (loop4): orphan cleanup on readonly fs
[   48.023139][ T4185] netlink: 'syz.2.230': attribute type 10 has an invalid length.
[   48.031613][ T4185] dummy0: entered promiscuous mode
[   48.037486][ T4182] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   48.043685][ T4185] batman_adv: batadv0: Interface deactivated: dummy0
[   48.058968][ T4185] batman_adv: batadv0: Removing interface: dummy0
[   48.066392][ T4185] bridge0: port 3(dummy0) entered blocking state
[   48.072942][ T4182] EXT4-fs (loop4): Cannot turn on quotas: error -117
[   48.073008][ T4185] bridge0: port 3(dummy0) entered disabled state
[   48.086359][ T4182] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #16: comm syz.4.226: casefold flag without casefold feature
[   48.088083][ T4185] dummy0: entered allmulticast mode
[   48.100504][ T4182] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.226: couldn't read orphan inode 16 (err -117)
[   48.118335][ T4182] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   48.138552][ T4185] bridge0: port 3(dummy0) entered blocking state
[   48.145101][ T4185] bridge0: port 3(dummy0) entered forwarding state
[   48.193825][ T4197] loop5: detected capacity change from 0 to 2048
[   48.201336][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.240771][ T4197] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.294408][ T4210] syzkaller0: entered allmulticast mode
[   48.302069][ T4210] syzkaller0 (unregistering): left allmulticast mode
[   48.363844][ T4216] loop3: detected capacity change from 0 to 512
[   48.382520][ T4216] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   48.402873][ T4216] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended
[   48.415947][ T4216] EXT4-fs error (device loop3): ext4_orphan_get:1391: comm syz.3.237: inode #15: comm syz.3.237: iget: illegal inode #
[   48.428769][ T4216] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.237: couldn't read orphan inode 15 (err -117)
[   48.443221][ T4220] loop2: detected capacity change from 0 to 512
[   48.449940][ T4220] ext2: Unknown parameter 'fowner>00000000000000000000'
[   48.455593][ T4216] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.475419][   T29] kauditd_printk_skb: 501 callbacks suppressed
[   48.475437][   T29] audit: type=1326 audit(1746279991.440:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4200 comm="syz.3.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efc3f18d2d0 code=0x7ffc0000
[   48.506801][   T29] audit: type=1326 audit(1746279991.450:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4200 comm="syz.3.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7efc3f18d6b7 code=0x7ffc0000
[   48.530210][   T29] audit: type=1326 audit(1746279991.450:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4200 comm="syz.3.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efc3f18d2d0 code=0x7ffc0000
[   48.530838][ T4210] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.237: bg 0: block 19: invalid block bitmap
[   48.553580][   T29] audit: type=1326 audit(1746279991.450:1486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4200 comm="syz.3.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc3f18e969 code=0x7ffc0000
[   48.589286][   T29] audit: type=1326 audit(1746279991.450:1487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4200 comm="syz.3.237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc3f18e969 code=0x7ffc0000
[   48.747048][ T4231] loop2: detected capacity change from 0 to 512
[   48.756185][ T4231] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   48.764380][ T4231] EXT4-fs (loop2): orphan cleanup on readonly fs
[   48.771046][ T4231] Quota error (device loop2): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[   48.781929][ T4231] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   48.797964][ T4231] EXT4-fs (loop2): Cannot turn on quotas: error -117
[   48.804953][ T4231] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #16: comm syz.2.245: casefold flag without casefold feature
[   48.817962][ T4231] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.245: couldn't read orphan inode 16 (err -117)
[   48.832645][ T4231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   48.854431][ T3496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.865003][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.068785][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.080698][ T4247] netlink: 'syz.2.252': attribute type 10 has an invalid length.
[   49.108899][ T4254] loop3: detected capacity change from 0 to 512
[   49.116743][ T4254] ext2: Unknown parameter 'fowner>00000000000000000000'
[   49.251108][ T4262] loop4: detected capacity change from 0 to 128
[   49.258616][   T29] audit: type=1400 audit(1746279992.220:1488): avc:  denied  { mount } for  pid=4261 comm="syz.4.257" name="/" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   49.347775][   T29] audit: type=1326 audit(1746279992.310:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="syz.4.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe854c2e969 code=0x7ffc0000
[   49.371608][   T29] audit: type=1326 audit(1746279992.310:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="syz.4.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe854c2e969 code=0x7ffc0000
[   49.395080][   T29] audit: type=1326 audit(1746279992.310:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4261 comm="syz.4.257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7fe854c2e969 code=0x7ffc0000
[   49.563025][ T4267] loop1: detected capacity change from 0 to 512
[   49.571103][ T4267] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   49.579293][ T4267] EXT4-fs (loop1): orphan cleanup on readonly fs
[   49.586154][ T4267] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   49.601784][ T4267] EXT4-fs (loop1): Cannot turn on quotas: error -117
[   49.608657][ T4267] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #16: comm syz.1.258: casefold flag without casefold feature
[   49.621454][ T4267] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.258: couldn't read orphan inode 16 (err -117)
[   49.634152][ T4267] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   49.658889][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.692498][ T4272] __nla_validate_parse: 4 callbacks suppressed
[   49.692516][ T4272] netlink: 40 bytes leftover after parsing attributes in process `syz.1.260'.
[   49.731508][ T4274] FAULT_INJECTION: forcing a failure.
[   49.731508][ T4274] name failslab, interval 1, probability 0, space 0, times 0
[   49.744336][ T4274] CPU: 1 UID: 0 PID: 4274 Comm: syz.5.261 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   49.744399][ T4274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   49.744413][ T4274] Call Trace:
[   49.744421][ T4274]  <TASK>
[   49.744429][ T4274]  __dump_stack+0x1d/0x30
[   49.744475][ T4274]  dump_stack_lvl+0xe8/0x140
[   49.744504][ T4274]  dump_stack+0x15/0x1b
[   49.744522][ T4274]  should_fail_ex+0x265/0x280
[   49.744592][ T4274]  should_failslab+0x8c/0xb0
[   49.744620][ T4274]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   49.744641][ T4274]  ? simple_xattr_set+0xa3/0x2b0
[   49.744773][ T4274]  kstrdup+0x3e/0xd0
[   49.744812][ T4274]  simple_xattr_set+0xa3/0x2b0
[   49.744874][ T4274]  ? strlen+0x19/0x40
[   49.744904][ T4274]  shmem_xattr_handler_set+0x12b/0x220
[   49.744944][ T4274]  ? __pfx_shmem_xattr_handler_set+0x10/0x10
[   49.745046][ T4274]  __vfs_setxattr+0x2e3/0x310
[   49.745141][ T4274]  __vfs_setxattr_noperm+0xe8/0x410
[   49.745173][ T4274]  __vfs_setxattr_locked+0x1af/0x1d0
[   49.745249][ T4274]  vfs_setxattr+0x132/0x270
[   49.745274][ T4274]  file_setxattr+0x139/0x1b0
[   49.745306][ T4274]  path_setxattrat+0x290/0x310
[   49.745356][ T4274]  __x64_sys_fsetxattr+0x6b/0x80
[   49.745424][ T4274]  x64_sys_call+0x2f7c/0x2fb0
[   49.745451][ T4274]  do_syscall_64+0xd0/0x1a0
[   49.745541][ T4274]  ? clear_bhb_loop+0x25/0x80
[   49.745569][ T4274]  ? clear_bhb_loop+0x25/0x80
[   49.745596][ T4274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.745642][ T4274] RIP: 0033:0x7fe052f9e969
[   49.745655][ T4274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.745672][ T4274] RSP: 002b:00007fe051607038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[   49.745691][ T4274] RAX: ffffffffffffffda RBX: 00007fe0531c5fa0 RCX: 00007fe052f9e969
[   49.745706][ T4274] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[   49.745717][ T4274] RBP: 00007fe051607090 R08: 0000000000000000 R09: 0000000000000000
[   49.745806][ T4274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.745820][ T4274] R13: 0000000000000000 R14: 00007fe0531c5fa0 R15: 00007ffd7f24fbc8
[   49.745842][ T4274]  </TASK>
[   50.030231][ T4284] loop2: detected capacity change from 0 to 512
[   50.037978][ T4284] ext2: Unknown parameter 'fowner>00000000000000000000'
[   50.195119][ T4296] loop3: detected capacity change from 0 to 512
[   50.204281][ T4296] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   50.212475][ T4296] EXT4-fs (loop3): orphan cleanup on readonly fs
[   50.219267][ T4296] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   50.234723][ T4296] EXT4-fs (loop3): Cannot turn on quotas: error -117
[   50.241878][ T4296] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #16: comm syz.3.269: casefold flag without casefold feature
[   50.256345][ T4296] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.269: couldn't read orphan inode 16 (err -117)
[   50.269055][ T4296] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   50.294327][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.354564][ T4308] netlink: 40 bytes leftover after parsing attributes in process `syz.3.274'.
[   50.428441][ T4314] loop3: detected capacity change from 0 to 512
[   50.435300][ T4314] ext2: Unknown parameter 'fowner>00000000000000000000'
[   50.661719][ T4326] loop3: detected capacity change from 0 to 512
[   50.669771][ T4326] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   50.677994][ T4326] EXT4-fs (loop3): orphan cleanup on readonly fs
[   50.684625][ T4326] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   50.699523][ T4326] EXT4-fs (loop3): Cannot turn on quotas: error -117
[   50.706792][ T4326] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #16: comm syz.3.282: casefold flag without casefold feature
[   50.719785][ T4326] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.282: couldn't read orphan inode 16 (err -117)
[   50.732202][ T4326] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   50.756784][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.899124][ T4337] netlink: 'syz.1.287': attribute type 10 has an invalid length.
[   50.906984][ T4337] netlink: 40 bytes leftover after parsing attributes in process `syz.1.287'.
[   50.915906][ T4337] dummy0: entered promiscuous mode
[   50.921695][ T4337] bridge0: port 3(dummy0) entered blocking state
[   50.928071][ T4337] bridge0: port 3(dummy0) entered disabled state
[   50.934830][ T4337] dummy0: entered allmulticast mode
[   50.940848][ T4337] bridge0: port 3(dummy0) entered blocking state
[   50.947226][ T4337] bridge0: port 3(dummy0) entered forwarding state
[   50.966901][ T4345] loop5: detected capacity change from 0 to 512
[   50.974122][ T4345] ext2: Unknown parameter 'fowner>00000000000000000000'
[   50.994774][ T4348] loop1: detected capacity change from 0 to 2048
[   51.025164][ T4348] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.056742][ T4355] FAULT_INJECTION: forcing a failure.
[   51.056742][ T4355] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.070021][ T4355] CPU: 1 UID: 0 PID: 4355 Comm: syz.3.292 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   51.070130][ T4355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   51.070142][ T4355] Call Trace:
[   51.070147][ T4355]  <TASK>
[   51.070153][ T4355]  __dump_stack+0x1d/0x30
[   51.070244][ T4355]  dump_stack_lvl+0xe8/0x140
[   51.070269][ T4355]  dump_stack+0x15/0x1b
[   51.070290][ T4355]  should_fail_ex+0x265/0x280
[   51.070330][ T4355]  should_fail+0xb/0x20
[   51.070365][ T4355]  should_fail_usercopy+0x1a/0x20
[   51.070415][ T4355]  _copy_to_user+0x20/0xa0
[   51.070441][ T4355]  simple_read_from_buffer+0xb5/0x130
[   51.070470][ T4355]  proc_fail_nth_read+0x100/0x140
[   51.070565][ T4355]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   51.070600][ T4355]  vfs_read+0x19d/0x6f0
[   51.070629][ T4355]  ? __rcu_read_unlock+0x4f/0x70
[   51.070656][ T4355]  ? __fget_files+0x184/0x1c0
[   51.070692][ T4355]  ? __pfx_br_ioctl_stub+0x10/0x10
[   51.070732][ T4355]  ksys_read+0xda/0x1a0
[   51.070763][ T4355]  __x64_sys_read+0x40/0x50
[   51.070793][ T4355]  x64_sys_call+0x2d77/0x2fb0
[   51.070821][ T4355]  do_syscall_64+0xd0/0x1a0
[   51.070855][ T4355]  ? clear_bhb_loop+0x25/0x80
[   51.070886][ T4355]  ? clear_bhb_loop+0x25/0x80
[   51.070955][ T4355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.070979][ T4355] RIP: 0033:0x7efc3f18d37c
[   51.070996][ T4355] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   51.071015][ T4355] RSP: 002b:00007efc3d7f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   51.071053][ T4355] RAX: ffffffffffffffda RBX: 00007efc3f3b5fa0 RCX: 00007efc3f18d37c
[   51.071066][ T4355] RDX: 000000000000000f RSI: 00007efc3d7f70a0 RDI: 0000000000000004
[   51.071080][ T4355] RBP: 00007efc3d7f7090 R08: 0000000000000000 R09: 0000000000000000
[   51.071093][ T4355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.071106][ T4355] R13: 0000000000000000 R14: 00007efc3f3b5fa0 R15: 00007ffdefb4ecf8
[   51.071126][ T4355]  </TASK>
[   51.312655][ T4360] loop2: detected capacity change from 0 to 128
[   51.332224][ T4360] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   51.345416][ T4360] ext4 filesystem being mounted at /72/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   51.356787][ T4360] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:376: inode #2: comm syz.2.294: No space for directory leaf checksum. Please run e2fsck -D.
[   51.372217][ T4360] EXT4-fs error (device loop2): htree_dirblock_to_tree:1053: inode #2: comm syz.2.294: Directory block failed checksum
[   51.384806][ T4358] Falling back ldisc for ttyS3.
[   51.414169][ T4366] loop5: detected capacity change from 0 to 512
[   51.438923][ T4359] rtc_cmos 00:00: Alarms can be up to one day in the future
[   51.439056][ T4366] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   51.460005][ T4366] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.493593][ T3496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   51.807787][ T4378] loop4: detected capacity change from 0 to 512
[   51.816043][ T4378] ext2: Unknown parameter 'fowner>00000000000000000000'
[   51.869402][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.936127][ T4387] netlink: 36 bytes leftover after parsing attributes in process `syz.1.305'.
[   51.945220][ T4387] netlink: 36 bytes leftover after parsing attributes in process `syz.1.305'.
[   51.954322][ T4387] netlink: 36 bytes leftover after parsing attributes in process `syz.1.305'.
[   51.966439][ T3309] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   51.971438][ T4387] netlink: 36 bytes leftover after parsing attributes in process `syz.1.305'.
[   51.984428][ T4387] netlink: 36 bytes leftover after parsing attributes in process `syz.1.305'.
[   51.993522][ T4387] netlink: 36 bytes leftover after parsing attributes in process `syz.1.305'.
[   52.003381][ T3380] rtc_cmos 00:00: Alarms can be up to one day in the future
[   52.011050][ T3380] rtc_cmos 00:00: Alarms can be up to one day in the future
[   52.018686][ T3380] rtc_cmos 00:00: Alarms can be up to one day in the future
[   52.026560][ T3380] rtc_cmos 00:00: Alarms can be up to one day in the future
[   52.033966][ T3380] rtc rtc0: __rtc_set_alarm: err=-22
[   52.045835][ T4394] loop3: detected capacity change from 0 to 2048
[   52.061245][ T4387] netlink: 36 bytes leftover after parsing attributes in process `syz.1.305'.
[   52.061836][ T4396] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   52.083309][ T4394] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.160021][ T4406] loop2: detected capacity change from 0 to 512
[   52.168588][ T4406] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   52.176909][ T4406] EXT4-fs (loop2): orphan cleanup on readonly fs
[   52.184795][ T4406] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   52.199779][ T4406] EXT4-fs (loop2): Cannot turn on quotas: error -117
[   52.207860][ T4406] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #16: comm syz.2.308: casefold flag without casefold feature
[   52.224417][ T4406] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.308: couldn't read orphan inode 16 (err -117)
[   52.237956][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.251294][ T4406] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   52.281671][ T4416] loop1: detected capacity change from 0 to 512
[   52.289618][ T4416] ext2: Unknown parameter 'fowner>00000000000000000000'
[   52.324160][ T4420] loop3: detected capacity change from 0 to 2048
[   52.332045][ T3309] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.343310][ T4420] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.464354][ T4437] veth0_to_bond: entered allmulticast mode
[   52.721120][ T4453] loop5: detected capacity change from 0 to 512
[   52.729189][ T4454] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[   52.735811][ T4454] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   52.743623][ T4454] vhci_hcd vhci_hcd.0: Device attached
[   52.751303][ T4453] ext2: Unknown parameter 'fowner>00000000000000000000'
[   52.787278][ T4454] usb usb6: usbfs: process 4454 (syz.4.328) did not claim interface 0 before use
[   52.809119][ T4454] loop4: detected capacity change from 0 to 512
[   52.827268][ T4454] EXT4-fs: Ignoring removed oldalloc option
[   52.843010][ T4454] EXT4-fs error (device loop4): ext4_quota_enable:7126: inode #4: comm syz.4.328: unexpected EA_INODE flag
[   52.855888][ T4454] EXT4-fs error (device loop4): ext4_quota_enable:7129: comm syz.4.328: Bad quota inode: 4, type: 1
[   52.876461][ T4454] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   52.896909][ T4454] EXT4-fs (loop4): mount failed
[   52.920727][   T36] vhci_hcd: vhci_device speed not set
[   52.981764][   T36] usb 9-1: new full-speed USB device number 2 using vhci_hcd
[   52.996775][ T4455] vhci_hcd: connection closed
[   52.997007][   T51] vhci_hcd: stop threads
[   53.006305][   T51] vhci_hcd: release socket
[   53.010766][   T51] vhci_hcd: disconnect device
[   53.016561][   T36] usb 9-1: enqueue for inactive port 0
[   53.022465][   T36] usb 9-1: enqueue for inactive port 0
[   53.028193][   T36] usb 9-1: enqueue for inactive port 0
[   53.101408][   T36] vhci_hcd: vhci_device speed not set
[   53.132101][ T4481] netlink: 'syz.5.336': attribute type 10 has an invalid length.
[   53.139991][ T4481] dummy0: entered promiscuous mode
[   53.146062][ T4481] bridge0: port 3(dummy0) entered blocking state
[   53.152620][ T4481] bridge0: port 3(dummy0) entered disabled state
[   53.159270][ T4481] dummy0: entered allmulticast mode
[   53.165366][ T4481] bridge0: port 3(dummy0) entered blocking state
[   53.171862][ T4481] bridge0: port 3(dummy0) entered forwarding state
[   53.238114][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.334460][ T4507] loop3: detected capacity change from 0 to 512
[   53.352604][ T4507] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   53.366859][ T4507] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.380025][ T4507] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2306 sclass=netlink_route_socket pid=4507 comm=syz.3.345
[   53.422727][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   53.429477][ T4514] dummy0: left allmulticast mode
[   53.436846][ T4514] bridge0: port 3(dummy0) entered disabled state
[   53.444429][ T4514] batman_adv: batadv0: Adding interface: dummy0
[   53.450734][ T4514] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.476227][ T4514] batman_adv: batadv0: Interface activated: dummy0
[   53.486811][ T4514] net_ratelimit: 30 callbacks suppressed
[   53.486828][ T4514] batadv0: mtu less than device minimum
[   53.498492][ T4514] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   53.509283][ T4514] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   53.513257][ T4517] netlink: 'syz.3.348': attribute type 10 has an invalid length.
[   53.520219][ T4514] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   53.538312][ T4514] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   53.549186][ T4514] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   53.560304][ T4514] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   53.570987][ T4514] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   53.581690][ T4514] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   53.592357][ T4514] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   53.607327][ T4517] batman_adv: batadv0: Interface deactivated: dummy0
[   53.614110][ T4517] batman_adv: batadv0: Removing interface: dummy0
[   53.622562][ T4517] bridge0: port 3(dummy0) entered blocking state
[   53.628984][ T4517] bridge0: port 3(dummy0) entered disabled state
[   53.635812][ T4517] dummy0: entered allmulticast mode
[   53.643412][ T4517] bridge0: port 3(dummy0) entered blocking state
[   53.649931][ T4517] bridge0: port 3(dummy0) entered forwarding state
[   53.683457][ T4527] loop1: detected capacity change from 0 to 2048
[   53.703944][ T4527] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.984609][   T29] kauditd_printk_skb: 114 callbacks suppressed
[   53.984629][   T29] audit: type=1400 audit(1746279996.950:1602): avc:  denied  { allowed } for  pid=4545 comm="syz.3.358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   54.019025][ T4546] FAULT_INJECTION: forcing a failure.
[   54.019025][ T4546] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.032325][ T4546] CPU: 1 UID: 0 PID: 4546 Comm: syz.3.358 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   54.032360][ T4546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   54.032381][ T4546] Call Trace:
[   54.032448][ T4546]  <TASK>
[   54.032456][ T4546]  __dump_stack+0x1d/0x30
[   54.032482][ T4546]  dump_stack_lvl+0xe8/0x140
[   54.032504][ T4546]  dump_stack+0x15/0x1b
[   54.032526][ T4546]  should_fail_ex+0x265/0x280
[   54.032560][ T4546]  should_fail+0xb/0x20
[   54.032630][ T4546]  should_fail_usercopy+0x1a/0x20
[   54.032682][ T4546]  _copy_from_iter+0x386/0xdd0
[   54.032707][ T4546]  ? avc_has_perm+0xd3/0x150
[   54.032748][ T4546]  copy_page_from_iter+0x15a/0x290
[   54.032821][ T4546]  ? anon_pipe_write+0x71/0xaa0
[   54.032874][ T4546]  anon_pipe_write+0x514/0xaa0
[   54.032900][ T4546]  ? anon_pipe_write+0x71/0xaa0
[   54.032934][ T4546]  ? security_file_permission+0x22/0x80
[   54.032965][ T4546]  ? __pfx_anon_pipe_write+0x10/0x10
[   54.033045][ T4546]  io_write+0x60f/0xd30
[   54.033078][ T4546]  ? io_file_get_normal+0x4a/0x180
[   54.033181][ T4546]  ? io_assign_file+0x1b9/0x200
[   54.033270][ T4546]  io_issue_sqe+0x15d/0xb70
[   54.033307][ T4546]  io_submit_sqes+0x64c/0x1000
[   54.033349][ T4546]  __se_sys_io_uring_enter+0x1c1/0x1b70
[   54.033408][ T4546]  ? __rcu_read_unlock+0x4f/0x70
[   54.033430][ T4546]  ? get_pid_task+0x96/0xd0
[   54.033452][ T4546]  ? proc_fail_nth_write+0x12d/0x160
[   54.033561][ T4546]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   54.033591][ T4546]  ? vfs_write+0x75e/0x8d0
[   54.033640][ T4546]  ? __rcu_read_unlock+0x4f/0x70
[   54.033664][ T4546]  ? __fget_files+0x184/0x1c0
[   54.033722][ T4546]  ? fput+0x8f/0xc0
[   54.033744][ T4546]  __x64_sys_io_uring_enter+0x78/0x90
[   54.033830][ T4546]  x64_sys_call+0x28c8/0x2fb0
[   54.033852][ T4546]  do_syscall_64+0xd0/0x1a0
[   54.033878][ T4546]  ? clear_bhb_loop+0x25/0x80
[   54.033957][ T4546]  ? clear_bhb_loop+0x25/0x80
[   54.033979][ T4546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.034015][ T4546] RIP: 0033:0x7efc3f18e969
[   54.034033][ T4546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.034054][ T4546] RSP: 002b:00007efc3d7f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   54.034076][ T4546] RAX: ffffffffffffffda RBX: 00007efc3f3b5fa0 RCX: 00007efc3f18e969
[   54.034091][ T4546] RDX: 0000000000000000 RSI: 00000000000047f8 RDI: 0000000000000004
[   54.034107][ T4546] RBP: 00007efc3d7f7090 R08: 0000000000000000 R09: 0000000000000000
[   54.034122][ T4546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.034134][ T4546] R13: 0000000000000000 R14: 00007efc3f3b5fa0 R15: 00007ffdefb4ecf8
[   54.034154][ T4546]  </TASK>
[   54.392772][   T29] audit: type=1400 audit(1746279997.360:1603): avc:  denied  { unmount } for  pid=3308 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   54.488774][ T4563] netlink: 'syz.2.365': attribute type 10 has an invalid length.
[   54.555783][ T4568] loop4: detected capacity change from 0 to 512
[   54.566602][ T4568] ext2: Unknown parameter 'fowner>00000000000000000000'
[   54.606074][ T4570] FAULT_INJECTION: forcing a failure.
[   54.606074][ T4570] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.619317][ T4570] CPU: 0 UID: 0 PID: 4570 Comm: syz.3.368 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   54.619354][ T4570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   54.619391][ T4570] Call Trace:
[   54.619398][ T4570]  <TASK>
[   54.619407][ T4570]  __dump_stack+0x1d/0x30
[   54.619436][ T4570]  dump_stack_lvl+0xe8/0x140
[   54.619459][ T4570]  dump_stack+0x15/0x1b
[   54.619479][ T4570]  should_fail_ex+0x265/0x280
[   54.619518][ T4570]  should_fail+0xb/0x20
[   54.619569][ T4570]  should_fail_usercopy+0x1a/0x20
[   54.619590][ T4570]  _copy_to_user+0x20/0xa0
[   54.619658][ T4570]  inotify_read+0x23c/0x600
[   54.619686][ T4570]  ? __pfx_woken_wake_function+0x10/0x10
[   54.619715][ T4570]  ? __pfx_inotify_read+0x10/0x10
[   54.619739][ T4570]  vfs_read+0x19d/0x6f0
[   54.619841][ T4570]  ? __rcu_read_unlock+0x4f/0x70
[   54.619866][ T4570]  ? __fget_files+0x184/0x1c0
[   54.619893][ T4570]  ksys_read+0xda/0x1a0
[   54.619917][ T4570]  __x64_sys_read+0x40/0x50
[   54.619999][ T4570]  x64_sys_call+0x2d77/0x2fb0
[   54.620048][ T4570]  do_syscall_64+0xd0/0x1a0
[   54.620068][ T4570]  ? clear_bhb_loop+0x25/0x80
[   54.620095][ T4570]  ? clear_bhb_loop+0x25/0x80
[   54.620118][ T4570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.620182][ T4570] RIP: 0033:0x7efc3f18e969
[   54.620201][ T4570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.620293][ T4570] RSP: 002b:00007efc3d7f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   54.620310][ T4570] RAX: ffffffffffffffda RBX: 00007efc3f3b5fa0 RCX: 00007efc3f18e969
[   54.620400][ T4570] RDX: 000000000000002f RSI: 0000200000000140 RDI: 0000000000000003
[   54.620411][ T4570] RBP: 00007efc3d7f7090 R08: 0000000000000000 R09: 0000000000000000
[   54.620451][ T4570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.620466][ T4570] R13: 0000000000000000 R14: 00007efc3f3b5fa0 R15: 00007ffdefb4ecf8
[   54.620488][ T4570]  </TASK>
[   54.824265][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.886962][   T29] audit: type=1400 audit(1746279997.850:1604): avc:  denied  { sqpoll } for  pid=4582 comm="syz.1.372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   54.937647][ T4600] __nla_validate_parse: 37 callbacks suppressed
[   54.937662][ T4600] netlink: 36 bytes leftover after parsing attributes in process `syz.5.378'.
[   54.952952][ T4600] netlink: 36 bytes leftover after parsing attributes in process `syz.5.378'.
[   54.968883][ T4600] netlink: 36 bytes leftover after parsing attributes in process `syz.5.378'.
[   54.984503][ T4606] loop2: detected capacity change from 0 to 512
[   54.996858][ T4600] netlink: 36 bytes leftover after parsing attributes in process `syz.5.378'.
[   54.997067][ T4606] ext2: Unknown parameter 'fowner>00000000000000000000'
[   55.005789][ T4600] netlink: 36 bytes leftover after parsing attributes in process `syz.5.378'.
[   55.022758][ T4603] loop3: detected capacity change from 0 to 2048
[   55.030521][ T4600] netlink: 36 bytes leftover after parsing attributes in process `syz.5.378'.
[   55.050714][ T4603] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.072528][ T4616] netlink: 8 bytes leftover after parsing attributes in process `syz.2.383'.
[   55.089948][ T4600] netlink: 36 bytes leftover after parsing attributes in process `syz.5.378'.
[   55.099060][ T4600] netlink: 36 bytes leftover after parsing attributes in process `syz.5.378'.
[   55.113356][ T4600] netlink: 36 bytes leftover after parsing attributes in process `syz.5.378'.
[   55.190583][ T4620] loop2: detected capacity change from 0 to 2048
[   55.260044][ T4630] FAULT_INJECTION: forcing a failure.
[   55.260044][ T4630] name failslab, interval 1, probability 0, space 0, times 0
[   55.272777][ T4630] CPU: 1 UID: 0 PID: 4630 Comm: syz.5.386 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   55.272803][ T4630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   55.272818][ T4630] Call Trace:
[   55.272844][ T4630]  <TASK>
[   55.272854][ T4630]  __dump_stack+0x1d/0x30
[   55.272879][ T4630]  dump_stack_lvl+0xe8/0x140
[   55.272898][ T4630]  dump_stack+0x15/0x1b
[   55.272913][ T4630]  should_fail_ex+0x265/0x280
[   55.273030][ T4630]  should_failslab+0x8c/0xb0
[   55.273127][ T4630]  __kmalloc_cache_node_noprof+0x54/0x320
[   55.273148][ T4630]  ? __get_vm_area_node+0x106/0x1c0
[   55.273170][ T4630]  __get_vm_area_node+0x106/0x1c0
[   55.273194][ T4630]  __vmalloc_node_range_noprof+0x26a/0xdf0
[   55.273235][ T4630]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   55.273275][ T4630]  ? avc_has_perm_noaudit+0x1b1/0x200
[   55.273309][ T4630]  ? selinux_capable+0x1f9/0x270
[   55.273359][ T4630]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   55.273393][ T4630]  __vmalloc_noprof+0x5f/0x70
[   55.273420][ T4630]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   55.273508][ T4630]  bpf_prog_alloc_no_stats+0x47/0x390
[   55.273542][ T4630]  ? bpf_prog_alloc+0x2a/0x150
[   55.273571][ T4630]  bpf_prog_alloc+0x3c/0x150
[   55.273671][ T4630]  bpf_prog_load+0x514/0x1070
[   55.273706][ T4630]  ? security_bpf+0x2b/0x90
[   55.273730][ T4630]  __sys_bpf+0x51d/0x790
[   55.273766][ T4630]  __x64_sys_bpf+0x41/0x50
[   55.273789][ T4630]  x64_sys_call+0x2478/0x2fb0
[   55.273817][ T4630]  do_syscall_64+0xd0/0x1a0
[   55.273920][ T4630]  ? clear_bhb_loop+0x25/0x80
[   55.273941][ T4630]  ? clear_bhb_loop+0x25/0x80
[   55.273962][ T4630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.274046][ T4630] RIP: 0033:0x7fe052f9e969
[   55.274061][ T4630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.274077][ T4630] RSP: 002b:00007fe051607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   55.274096][ T4630] RAX: ffffffffffffffda RBX: 00007fe0531c5fa0 RCX: 00007fe052f9e969
[   55.274112][ T4630] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[   55.274127][ T4630] RBP: 00007fe051607090 R08: 0000000000000000 R09: 0000000000000000
[   55.274216][ T4630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.274227][ T4630] R13: 0000000000000000 R14: 00007fe0531c5fa0 R15: 00007ffd7f24fbc8
[   55.274302][ T4630]  </TASK>
[   55.274309][ T4630] syz.5.386: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[   55.529781][ T4630] CPU: 1 UID: 0 PID: 4630 Comm: syz.5.386 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   55.529870][ T4630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   55.529885][ T4630] Call Trace:
[   55.529892][ T4630]  <TASK>
[   55.529901][ T4630]  __dump_stack+0x1d/0x30
[   55.529998][ T4630]  dump_stack_lvl+0xe8/0x140
[   55.530023][ T4630]  dump_stack+0x15/0x1b
[   55.530045][ T4630]  warn_alloc+0x12b/0x1a0
[   55.530125][ T4630]  ? __get_vm_area_node+0x106/0x1c0
[   55.530151][ T4630]  __vmalloc_node_range_noprof+0x28e/0xdf0
[   55.530184][ T4630]  ? avc_has_perm_noaudit+0x1b1/0x200
[   55.530226][ T4630]  ? selinux_capable+0x1f9/0x270
[   55.530266][ T4630]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   55.530298][ T4630]  __vmalloc_noprof+0x5f/0x70
[   55.530408][ T4630]  ? bpf_prog_alloc_no_stats+0x47/0x390
[   55.530441][ T4630]  bpf_prog_alloc_no_stats+0x47/0x390
[   55.530475][ T4630]  ? bpf_prog_alloc+0x2a/0x150
[   55.530583][ T4630]  bpf_prog_alloc+0x3c/0x150
[   55.530614][ T4630]  bpf_prog_load+0x514/0x1070
[   55.530731][ T4630]  ? security_bpf+0x2b/0x90
[   55.530764][ T4630]  __sys_bpf+0x51d/0x790
[   55.530807][ T4630]  __x64_sys_bpf+0x41/0x50
[   55.530838][ T4630]  x64_sys_call+0x2478/0x2fb0
[   55.530925][ T4630]  do_syscall_64+0xd0/0x1a0
[   55.531009][ T4630]  ? clear_bhb_loop+0x25/0x80
[   55.531037][ T4630]  ? clear_bhb_loop+0x25/0x80
[   55.531103][ T4630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.531126][ T4630] RIP: 0033:0x7fe052f9e969
[   55.531143][ T4630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.531162][ T4630] RSP: 002b:00007fe051607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   55.531221][ T4630] RAX: ffffffffffffffda RBX: 00007fe0531c5fa0 RCX: 00007fe052f9e969
[   55.531234][ T4630] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[   55.531250][ T4630] RBP: 00007fe051607090 R08: 0000000000000000 R09: 0000000000000000
[   55.531261][ T4630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.531272][ T4630] R13: 0000000000000000 R14: 00007fe0531c5fa0 R15: 00007ffd7f24fbc8
[   55.531357][ T4630]  </TASK>
[   55.747098][ T4630] Mem-Info:
[   55.750237][ T4630] active_anon:4285 inactive_anon:0 isolated_anon:17
[   55.750237][ T4630]  active_file:5015 inactive_file:2107 isolated_file:0
[   55.750237][ T4630]  unevictable:0 dirty:406 writeback:0
[   55.750237][ T4630]  slab_reclaimable:2956 slab_unreclaimable:14957
[   55.750237][ T4630]  mapped:28599 shmem:975 pagetables:834
[   55.750237][ T4630]  sec_pagetables:0 bounce:0
[   55.750237][ T4630]  kernel_misc_reclaimable:0
[   55.750237][ T4630]  free:1903657 free_pcp:7389 free_cma:0
[   55.795100][ T4630] Node 0 active_anon:17140kB inactive_anon:0kB active_file:20060kB inactive_file:8428kB unevictable:0kB isolated(anon):68kB isolated(file):0kB mapped:114396kB dirty:1624kB writeback:0kB shmem:3900kB writeback_tmp:0kB kernel_stack:2896kB pagetables:3220kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   55.824159][ T4630] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   55.851106][ T4630] lowmem_reserve[]: 0 2884 7863 7863
[   55.856449][ T4630] Node 0 DMA32 free:2949936kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953568kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3532kB free_cma:0kB
[   55.885093][ T4630] lowmem_reserve[]: 0 0 4978 4978
[   55.890214][ T4630] Node 0 Normal free:4649332kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:17140kB inactive_anon:0kB active_file:20060kB inactive_file:8428kB unevictable:0kB writepending:1620kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:26084kB local_pcp:6748kB free_cma:0kB
[   55.920748][ T4630] lowmem_reserve[]: 0 0 0 0
[   55.925411][ T4630] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   55.938343][ T4630] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 1*16kB (M) 4*32kB (M) 2*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949936kB
[   55.954667][ T4630] Node 0 Normal: 1*4kB (M) 2*8kB (UM) 20*16kB (UME) 7*32kB (UME) 13*64kB (UE) 10*128kB (UME) 39*256kB (UME) 28*512kB (UME) 18*1024kB (UME) 2*2048kB (UM) 1123*4096kB (UM) = 4649332kB
[   55.972976][ T4630] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   55.982411][ T4630] 8126 total pagecache pages
[   55.987045][ T4630] 0 pages in swap cache
[   55.991266][ T4630] Free swap  = 124996kB
[   55.995440][ T4630] Total swap = 124996kB
[   55.999615][ T4630] 2097051 pages RAM
[   56.003468][ T4630] 0 pages HighMem/MovableOnly
[   56.008159][ T4630] 80258 pages reserved
[   56.081007][ T4645] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.390' sets config #0
[   56.184770][ T4660] netlink: 'syz.2.398': attribute type 10 has an invalid length.
[   56.222839][ T4672] netlink: 'syz.1.400': attribute type 1 has an invalid length.
[   56.240929][ T4667] loop3: detected capacity change from 0 to 2048
[   56.358056][ T4688] loop1: detected capacity change from 0 to 2048
[   56.405534][ T4667] ==================================================================
[   56.413685][ T4667] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode
[   56.421732][ T4667] 
[   56.424078][ T4667] write to 0xffff88810b5529a8 of 4 bytes by task 4689 on cpu 0:
[   56.431732][ T4667]  writeback_single_inode+0x14a/0x3e0
[   56.437167][ T4667]  sync_inode_metadata+0x5b/0x90
[   56.442150][ T4667]  generic_buffers_fsync_noflush+0xd9/0x120
[   56.448125][ T4667]  ext4_sync_file+0x1ab/0x690
[   56.452857][ T4667]  vfs_fsync_range+0x10a/0x130
[   56.457653][ T4667]  ext4_buffered_write_iter+0x34f/0x3c0
[   56.463239][ T4667]  ext4_file_write_iter+0x383/0xf00
[   56.468484][ T4667]  iter_file_splice_write+0x5ef/0x970
[   56.473882][ T4667]  direct_splice_actor+0x153/0x2a0
[   56.479047][ T4667]  splice_direct_to_actor+0x30f/0x680
[   56.484459][ T4667]  do_splice_direct+0xda/0x150
[   56.489267][ T4667]  do_sendfile+0x380/0x640
[   56.493714][ T4667]  __x64_sys_sendfile64+0x105/0x150
[   56.498961][ T4667]  x64_sys_call+0xb39/0x2fb0
[   56.503584][ T4667]  do_syscall_64+0xd0/0x1a0
[   56.508138][ T4667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.514081][ T4667] 
[   56.516429][ T4667] read to 0xffff88810b5529a8 of 4 bytes by task 4667 on cpu 1:
[   56.524012][ T4667]  vfs_fsync_range+0x9b/0x130
[   56.528733][ T4667]  ext4_buffered_write_iter+0x34f/0x3c0
[   56.534324][ T4667]  ext4_file_write_iter+0x383/0xf00
[   56.539661][ T4667]  iter_file_splice_write+0x5ef/0x970
[   56.545251][ T4667]  direct_splice_actor+0x153/0x2a0
[   56.550400][ T4667]  splice_direct_to_actor+0x30f/0x680
[   56.555817][ T4667]  do_splice_direct+0xda/0x150
[   56.560634][ T4667]  do_sendfile+0x380/0x640
[   56.565113][ T4667]  __x64_sys_sendfile64+0x105/0x150
[   56.570661][ T4667]  x64_sys_call+0xb39/0x2fb0
[   56.575305][ T4667]  do_syscall_64+0xd0/0x1a0
[   56.579880][ T4667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.585808][ T4667] 
[   56.588167][ T4667] value changed: 0x00000038 -> 0x00000002
[   56.593899][ T4667] 
[   56.596252][ T4667] Reported by Kernel Concurrency Sanitizer on:
[   56.602426][ T4667] CPU: 1 UID: 0 PID: 4667 Comm: syz.3.401 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(voluntary) 
[   56.614795][ T4667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   56.624882][ T4667] ==================================================================