last executing test programs:

5.647696977s ago: executing program 3 (id=2995):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7012fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a030200020000000000000200000009000200"], 0x80}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x78)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
r5 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r5, 0x0, 0x0, 0x1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd6000000000142c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa0600ffff"], 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x20, 0x3, &(0x7f0000000780)=ANY=[@ANYRES8], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r6, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff6, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x7000000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113380000000000bf1000000000000025000200091b00003d200000000000008701000000000000bc26000000000000bf67000000000000150300000ee600f0670200000300000015030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sk_msg}, 0x48)
msgsnd(r5, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x8, 0x0)
r8 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
setreuid(0x0, 0xee00)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)="390000fa461a6683ec19d3e48489bffa5602001300111200000f0000ff3f210000001700000000e0da89", 0x2a}], 0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f00000001c0)=ANY=[@ANYRES64=r8])
msgrcv(r5, &(0x7f0000000640)={0x0, ""/262}, 0x10e, 0x3, 0x0)

4.774145384s ago: executing program 3 (id=3003):
openat(0xffffffffffffff9c, 0x0, 0x289c2, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x6, 0x4, 0x1010, 0x89}, 0x50)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f00000000c0)={0x0, 0x8, 0x1, '2'}, 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f00000006c0)={0x0, 0x8, 0x1, 'q'}, 0x9)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$sock_timeval(r4, 0x1, 0x14, &(0x7f00000001c0)={0x77359400}, 0x10)
recvmsg$unix(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
sendmmsg$unix(r5, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}}], 0x1, 0x24048080)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000180)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xfffffffe}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4028055}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r6}, 0x10)
removexattr(0x0, 0x0)
ioctl$BTRFS_IOC_SUBVOL_CREATE(r7, 0x5000940e, &(0x7f00000002c0)={{r6}, "e152dd4c84d0fa2a8bf3178918edc17abd503f5d10b3438b420093ab93b74050662c340f67264c6afe5b57bb10437f4853d08f782b21b7c643a4645909fc0d1061f2c97a28428190e9aaf81b54755fa98a56c42faefcb7c38bd15d2053ff86e293fba634ff0e4db46a13c9479921eba283160a57b4d5e6586d07fc6820786c93ca07a8f2b11e2b1f2a13737184deb9f5587bec7a4f043f5b8efa1d26bee3385e68ede67275e76bb3a617a175064fe58c292db9bec14de42821c68f5ede0a7900ed42c7e82a7602c74a2e3e45cb665f94503432a68d4d5d013f71c3bf454bbde49bc009a921bf08102abafd570d1c3135284153e5a40cf54784f2c110fb3c29f14499c202050c393faa6180fe1d44ab3f9c23c3a512913e7e7a61897847ec7056c0e0e947a207a314ed1051b337cbdc873fba26a615434ad042ba6126e3ac014ae8857570a7027e7f44e5bba2cdd99808f6c33639b78c78b8b9ec341baa662a0633da53a0b0611f3226c6d03bbef6c8c0185fa429df0d216f33925af4a2e0712b7413e0ae08f179c978e3a8234380b499d03b2ca3912c0d37e393463cbe543da53d2ac5f2bf118c00d78a0325d29c817d0bc145deab8035e5bb3ac429996dbbf63fe51dc6a98c02672c62bb6f85c53b43dd35d72bef9630fb24817dce1fba1067066b9dc35ce5c70ff5c4aee24f30f074540a0e696d609cb06a2fb16e67f0425b2145c8ee930c043b73dca02bf262a6c546e6b7de3e97b5d11c81612f09aa2a2600db725146bdd5bf83bdaf52c4ab5c1c0e2e9ee69a82db873d75d44961d61aafb35a27c630f0e340318fbd59a78d54bd22d170e2175aa2c1b89642883227837a5bd30fba09b1b704acd1754d086be1e75772386353f3ec6132b97263f3fe462fec4c6e0c502b7820ca8b4e6b372228c4fb038c0bd0bfb8bc6ddc3db2205091168c9ab654e612bcf7e2dbae9bb11efdc7fc025973ee77d418d234ab5624587f1579b2f545edf9349ff985815e4b840f3f0d4a3cd19b90e46f6e28cbdce8f158064a8527894a1bb55a0e97f201acd9af68e3f2e6ecc79c40560912ea6dc6888e58623a7d8451d91343c80ca5b7be4c7c6b89da048a3b78342502033b7e356b6394070dcee255405f00ff5ac62c96693f7a5a3382ff9fa3bf1530467cf49d8190f7dd18d7c0a6a39306423acde265930c42f00640ccd225386832f3a0b996d17e9857e5d475ee50994d23399460ccde671f9e1f79224c483031653549bc3978c2a1c840b9da6bf708da72846ca92fd08686e913f384509afbbadb2cb23118386d104a7073340e4e3efda2297f0a8cb95988dac2d36de15ecb75e316f65801dc2530a24fa209d40ea9fbdea270694cec1897741ddcd5530e6868325379243ebcaf8453edf844c315595d53174c0e5d9d8b28427729b8b5585398ed54d3b155ea7eed92a8e4a6fe549c18e00c38bc0a47059a19a718280486bfce7d8c353e257943bb51a7a1ae163ddf6188be73c04371ae41cadf39be78853b83817c28e6e7a6d145e6f8f6dee566b2b5d9df29cb248ef6e402eb8244204353fd36f3a934d3a8ef2d88b9f5d3d9d760ac44d21f921b3d96c57e0ec4130da421b6cf84689e0bf60467fb1070bfdf2107b3ee14870e689595d1d06727545c467f454f46cdcd804a803ae011d9237533da2d4a988659be6cf68fe2ba528b8fb110f793e5b1b1320f33b55ce97ddd1f996377465863fec4e2c47ca2dab3f5fdc170dcb451066468931c05e4e32a2c00cb2f33f380bfb1466681aa88dff9c8047bd1c73a90c96c5feeb317c3f9cc10cb714f35749bf085cf52b17aefec1cd31ed36c6f4d8b625c15895c7f4d0fed06223826b853feea80c335b950068e783d3efbad4d89539a5bb29b78f9c6f16884d92ddf4a1b747ed5bf960eb438cde5be7a26bdbcc7c44def53b3e6581f7f6fd41d33861b09dbab67814f1378088d44304b0efc62af7f5154fd7ed19ed34df019546ca4211096b1fe074a715e9a7d1010639f3738fa6b09258ff98d72eaa727cdf7f04dc1801c2933608c8d704120deac48ad9c0c20ea511c2b3c044d74b73040dc28fe343028467e8f9a2fd2d4d50cc92650cac8ac90159c7786848cbd5cb51eed069be26120fa3534ef190518d7687ac6fc860a60a5b2d7eab377cc1bfc130717427874f1b99b5625b8768dda9767ad6f96e7324c6af4f161f48254ca92f6f1e2c8ce4b11bdf5af492d21d19d29e540158ba1580ccd23283c73b90c3efed23c5298580065d661f8f93dc4bb70f0aa1ddc2dc5cd9fee25d4bf3e84a15d1d73e313173e9dc800815837594d000038a8735adc0104a83f1ad1e0c40b6420a93c5a6e2b6f8421234094c6acbf9b7d0c0b689e8fef259d397c98a4d8905757915cf5771654111823372db385de8f5e6cec47114bed83b52951fcdb50ba162a36f4b783a959e1df3f7c6d59c202825b38ca3de4fedfceb999c6517593012ae24594ebeb2d03b9dd349e7e320d5854f3e4b012656c4beb292fee7b80b429fa17f1faddaea029d0a3e6ff7143e0435a876d87a3b8273a0b59a36ace65596ed27758748746d20d2d8baf69b8d42671252f7d87f4b252a5829c18215d42653305b5c755e60c44bf94d9cb7e698fbe1e41ec37c7d7b7246093912e43c0e6ac5588b43c01768f2b6239688f74f52771b9748d79f192b77f868b292a5c96e193d99b10ed3ecaac8195550393bfdd069a1411f299e67a561c78f9d7bb7ff2303fa5868de591e5967eda0a991c0e3c2fb38dc9243c4fd61b34d21cd565138be09adefd0ecd400a7a9867f75e6190d24cefc8c3a36e6740c57f0c096130947aec2b60d5cf4c521eaa891fef646a97ce9ce7f29ca8f355f88b2266fe25e6592e77bf8042fc1ab2a802b32ecc0853624f070d256a1bf59e428a4aad4abbf5022bae482eb811b7ae63ccb75b6b339f21f968942b42a783229ad7119ababea14ce13f58b22f81e49c75fa4e3506a3974e564d5c6b4bdd1d411ce2934f203a8ca3691d068a393d003ede192f98514c2d8469795d3a301f1cea700c765eaea45d80d6eaaac58306846ad35a86cb98481fdaa6c4036576c4f52e53564dd9a12326bbfc51bfa65310c5d53913af1dddcf39b37830f5fb157738036d125c4b79f9bff0cd7ab454ebe6982062ee5ad29a1c57bd4ae52e9ade35b7409be67c9c0f36793271965854e86ddfc9d66b35042d2ca1c55b26acc7dee2dbb5f1ae99aebc29e1033ca72c3e492d04e9cc0edf347e215c130db4554fdeaee861c4f4f036e3f5594f3e9fc2234fa00fad21ece42b8d8a37635cedb0ca89f1dcf59361ab851404faf0978c6abe0e873c6f0dc8dbcb77ee5c1f7fee97ada51432f702e145395f359112ce0a7656833dd7faefbd0c64f3063afde649616011a7c4a3f606543bf1f4b6fceac2e730b28994a330431aa4e95e0d1554fc5ccff5018e781d26ff0867b16a7c1d0cf7091a3e1adb3b9816e2b36da2904bba6f00938ad79c8c5d7342af0c13fa9a24867eb05279af93987595b4086db4173f3328e264d72ad7e274e5fbc579ee9fdebecaabcc7482ed1d7cd29fa2f656380bab6a4781545a20f2e42edce9ac93f69bcb3354c473c04b6f88a448d8371d33ef34f563857cda0501e1fb0ae435e7f4a792525dabeff2dc5c5be79545862b9b2d6885c7be085073a1f8ed8cbd1fb24f874d859ad643fa9f1c819bea7f9cc88d7e7f066702dd34fa302ed9f05e488b963e6ed9a9c0c7dbf9b50f1242b298e01adc30e07278db1a853a6a571fe80965ab2e771972c955286fae61bf6f9116b0647eee2ad836ab2e7a42ded5628aabee54adae8b51da9d03726b5b06acfeffc1ca797742e6378036becfe7361d3f100bad5245a83e93c8b6b6bcf5c48fdc917c73f85fb79dcc3ce9bc09f7233a1188439fc105b62e66cfaa855dad0d2d1a9f1fb2a343358ea0fbc7d83bf71df5c55ef2a7f8b2fe7a0d578d6ecf10c2fe159d24c4ec96e1ab8dc7e0d3a7bb019e08c90597e7441fdcfca5dfc85fd37b1761a27fcc2342718815ec8bd958f86b1e0e77f7c1f38150f2a688debca8a6251a2d827ad8fc4e2b67758c34a839ca3dc4cb83d96fb9bdc8336bebaa43da64acfb4c71553feb8d4c8792228bd0e9ebf3079b01d77fdcff7f818126fd066965f7e1574c65525bf9010a4ebee88a1a3376c46982ad3dce3dfcb115a6b9f6550d55c3bfa92addeb5a549f84d1a0e5b8a5bb3c3d11cecb40d0fa80bd326ff3cb33da3c573cf6550fb3564f0336bfbc0bf7e7b946d87b3f5b291140316f6d2dd6ade0814827dd40fb91fab8bddfecd1856615be9897bd2ba9ac5d73a87c365fee1daa8a9756aaad17f9458852aae3eae112bfce121037494a6a4634243c5a79483d70090bbce045ca0f2684b3267dc23d44ce41904f415e8aeded3dfd97daa8552a980e1465af036d5dc9d24601a8d1a0d7820ec6c17916a430a3efdb36d7a431de1316fce8b7c9a4af214eb045f1ab24d56e91303466fcd13eebf87785fee72bd180388dc79d04e761c63e89d2999ffe57f2b501099ceda0e193d84e485e040bb61df661320f2cbcd4a4ff8f49a1e9252ffeb30b4a40694bc50415665fca56f5cae76dd41e2baafb2142735cd7b7a95e2253c346bde725cc282520a52ca56d1ecb6779cff63dfa2d850148ec60e9b00bab106b2d377c8bee86e2d555c152582c8b1214be596137a3ec9295f3df3a0647243aea9aa303fcf2bf37d9510960a0e0a6a19c608e8330a8010713700ef964706c7882924f5ca24a813e8d545eacdb704b72e9e1b001e5a1c07b8e39c470159f731f5e6d070da7b66bd8d62ad36f78e162d698abeb8665ad85db31b7bb097f60327c1bdf02809e0dc38c1df38f0e507ea0edd033b000893f42c700e4035f56e097ef8fb08589908638546dc6688e4245247220387be1983bcc48086482f197cf497be97a3ba1c9ea850810ea398c7b4ed22a4a2561892cf7984d9737f22fb442e9d2836fac9d07aa7ba3c49959de210f5604aa10ac0f431ece3373de8eb6c0a19590d1fb7d340c382a3717eea5573fbd616fd015571468e5432667a6f6a60afee8c750258c25a2079e6d50c763d305392261922691f813af490f3a0f11c56c97c85fe775dccdde59ba423982de3bcf1251edc0a9708f57334539fc6c402f314185090b809edbab91fe34240b6f245e324afdb7b417b424a0fcf42a800dbe518aa131e8a8e334d0cff3b9006d123552bcd03c88d8c0474bae3448404471524c954ce17d1f750e8b762d80c498beabb58178a504f45f88f6ee500b9a6f6f392e19c83339e1b19286c9debc243f3b272376e35f77d1310445790bd3b855dce4b150bd635b7e8b5e5b6be290c41c35da5b85c3215f4a0cb0856970ba2c9633f9dd79010b05b3ac99b024b2a681bc3d93c177bf8cf1030baaf1e1dd29c6608f8f7c6ebc157b1a55c1602dea588dc6714c9cd5e6559c6e513721c34a11c9287f0d31288de6a84f0eb7c53bd469b566b57fe437ff412fdeb2d7fa645b022e9a6c8e467b22bc1bf726fb7ede161a8fbdbf995cbc549ac865e2d57f982494280446756c836d34985bb813a7e4d8d54633e1ad9ef72b3d92762c14ddd2d7072a0e6677a5be3452cfd8346392ccecc19c9ef04cc2970836c22d215ab04bf2bbb98908d44b28a1d6130b01073e62c626356edfe71b91f061df2468173f0ba40f74df49bb8756f2fe3f7a52d011090529c748642c62513d8d960b7f159d9d32e375c77c8cbaf37552d1"})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x550, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r10 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r9, &(0x7f0000000840)={@val={0x8, 0x800}, @val={0x6, 0x0, 0x6, 0x8, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0x2b, 0x66, 0x0, 0xb, 0x4, 0x0, @rand_addr=0x64010101, @broadcast}, "3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0dad"}}, 0x39)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

4.314549629s ago: executing program 3 (id=3008):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20)
sendmsg$tipc(r0, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x1, {{0x1}, 0x3}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe50}, {0x0}, {0x0}, {0x0}, {&(0x7f00000020c0)}], 0x5}, 0x0)

4.235061455s ago: executing program 3 (id=3009):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x3, 0x0, @vifc_lcl_addr=@local, @local}, 0x10)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r3, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0xfb, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x64, 0xd2}}}}}, 0x0)

4.061890148s ago: executing program 3 (id=3010):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000540)={0x1, &(0x7f0000000300)=[{0x200000000006, 0x3, 0x2, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x89, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xd6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@quota}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
llistxattr(&(0x7f00000003c0)='./file1\x00', 0x0, 0x0)

3.922964899s ago: executing program 3 (id=3012):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00'}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000020500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000002b0900020073797a310000000008000a40ff"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x3f, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0xffe5}, {0xe, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0xc020)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
pidfd_getfd(r1, r0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x10000000000000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300), r3)
sendmsg$IPVS_CMD_SET_CONFIG(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r4, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffffffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x880}, 0x1000)
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r5 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff)
keyctl$chown(0x4, r5, 0xee01, 0xee00)
keyctl$chown(0x4, r5, 0x0, 0xffffffffffffffff)
r6 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=@base={0x21, 0x0, 0x0, 0x100000, 0x41c04, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2000000, 0x0, 0x200000000000000}, 0x50)
readv(r6, &(0x7f0000000140)=[{&(0x7f0000000300)=""/253, 0xfd}, {0x0}], 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x64, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x34, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}, @NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x5}, @NFTA_LIMIT_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}]}}}]}, @NFT_MSG_NEWSETELEM={0x30, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xdc}}, 0x0)

2.874898589s ago: executing program 4 (id=3030):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]})
io_uring_enter(0xffffffffffffffff, 0x92, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, 0x0, {0xfffd, 0x2}, {0x10, 0x4}, {0xfff2, 0x6}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8000}, 0x840)
getgid()
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)=@can_newroute={0x4c, 0x18, 0x20, 0x70bd2a, 0x25dfdbfb, {0x1d, 0x1, 0x5}, [@CGW_DST_IF={0x8}, @CGW_MOD_XOR={0x15, 0x3, {{{0x3, 0x0, 0x0, 0x1}, 0x1, 0x1, 0x0, 0x0, "e312020940ea7423"}, 0x4}}, @CGW_FILTER={0xc, 0xb, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x0, 0x0, 0x1}}}, @CGW_FILTER={0xc, 0xb, {{0x3, 0x1, 0x0, 0x1}, {0x3, 0x1, 0x1}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8001}, 0x5)
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000580)={0x0, {0x2, 0x4e21, @local}, {0x2, 0x4e20, @local}, {0x2, 0x4e24, @multicast2}, 0x1, 0x0, 0x0, 0x0, 0x7f, &(0x7f00000000c0)='rose0\x00', 0x81, 0x10001, 0x4b46})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(0xffffffffffffffff, &(0x7f0000019480)={&(0x7f0000019200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000019440)={&(0x7f00000009c0)={0x13c, 0x0, 0x1, 0x70bd25, 0x25dfdbff, {}, [{@pci={{0x8}, {0x11}}, {0x8}}, {@pci={{0x8}, {0x11}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}}]}, 0x13c}, 0x1, 0x0, 0x0, 0x880}, 0x20000800)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0xf, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffc}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x88}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r3 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vlan0\x00', <r4=>0x0})
sendto$packet(r2, &(0x7f0000000140)="280320000a00140000007ef506be00000000000000000000000000143baa111f1f858ce632f47042195e", 0x2a, 0x400c010, &(0x7f0000000080)={0x11, 0x3, r4, 0x1, 0xe5, 0x6, @random="76caa646ae4c"}, 0x14)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r5 = gettid()
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r6, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r7=>0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042dbd7000ffdbdf250f0000000c009900090000001200000018005a8014000380050004000000000005fbffffffffffffff004600"], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x404c0d8)
timer_settime(r7, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

2.006981146s ago: executing program 4 (id=3042):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
unshare(0x22020400)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000880)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x7ff, r0, 0x0, 0x0, 0xd51c, 0x0, 0x1}])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_clone(0xa0000, &(0x7f0000000700)="ab39684d2a30d45887d829742dd82e2ac7524ea21d86ef2d7e3fee3cc4572afe4cac3c7fc203c554434b18b7a9af5d3fe969aa93b286fdbce4c1385982c4ed76309fdfab0a8dfe20400201ee966ee541766e59ea59bcee8bb1e838798c5c868c3144e48116d855bf", 0x68, 0x0, &(0x7f0000000600), &(0x7f000001c700)="224bd8ed26823b41b53256f0f622a52c8efee6ef1f83776675b94cc4bcf1412fdde3428392fcdefb83588087695780e75849e1130a38f0aca83fc25046cbaec477ff31cdedd8e100b7f20a94eb0c9417952903b5940dc763d00cb245b060e93086d592888efce1269be00762f43b4d8bffd71624da53e0d110bbf7cc474d07b1ea596ec154b977257449f4073e5c686aa7600a32ae07074e59b66eb7bcbc92c2785f16c4e662d03c381c2002f9e4c6502ca68feeee0be9d801478021aa6a09d31d80dd6ca5430088f369d9c6c3a8ce4c617e6665f668cc32add8cc9a77705a95eab448f4f020a1429820c5aac543483780e8f3a11e245602e929a311280d48f3b3318978c14dff87d7a576090d69861b95fd26f9430fd207a6aa17944d125413f7b504dd881bf7a83f09656fc9193141f91c0c8737114712ed8a45744e386466f3cdfdb2a47c557206d0f8d0c82bb77f1c9a9aac98a5545f57d972cda979cf4718bc939eb16c9b7ee170424e24057f82efaea2d6ac960667c2ae5af6105d8bffdd27a3008d66bdb6266d24c0ab17f9411a37849f96ad40742912e016feb5fb41941c8de361d8ce5a9cfbd4f5a7e93ad1b1b423dedc0df07d79b8df24c74e281268e3503e4b2df5528295fa061e674eca0c7602a15a1b749f689e7466c4e4e9d04e4f15d54b38de3b8b97318888032242ce6440a47b7d52e5271a379d00850a1dee89e7a8e06ecb7e6ea34063987f29e85887abcdf5fac9816d1282dca73ae467b19188c0f7b17d8bfda6729a40c8ff2cba96a7c017f46ed582da008a35746247c55c226cae2321e3c7350a4cd3a45850c50834dcf32a466de8cb44474fe4d0dacaf587c12ed4e60a91aec968ef4fa65d46feacb22228d310372d35ff3f65355d66323234d28b918ac04336c44d9145e349be3bae387d1366f5e8be6a8b5adb71404c04717778aef86634a6cc2293cd916a97d121f0283c9e664e408455911ac0a7433db1dabd348b5d801ad36014da27ea7f072b922cfe060e79624154261938237b38575ad140e8e95ca6b2c32d4e91315981c3dc528638f1fa4fed451bc69aa1e42827074cba8a02481c3181c7d536c37d77d5b4c946cdc6eec4ebcda252466935f35011f683bceb46d84585768746e618f67e28c3e42a64c940ea0b9a5deae0038b98e1b93707f64884c6cd7eabe230b9fd419005260b0d6a4733591b970c814e81f62af2b21e125ed551b1d60066d7f1efcbd001dc8db4a943177a44629d124adc34ce1ad1131a9c9dfe1971a62e7a72ba69451a9d7e1505b785fcb2f739b14770e02b8df01a37edb8869543d9f70bdbf89d16ccd706d2d9015045f2dbe54efe36838e8ca61d0fa99d6589d5130a6f4919e948e125f73ab8772a31eb14b74f8d7f949250e2257432390e584d683370a71ace059b456afbca73a468bf6fe2aebe3de29babad2333c5eff6d77fed774fc4c20534f7ca3343e16ce47fa9d93d1913bcc303a91cc862c0f5e3531c6c5fbd6cd74d6b8596eb5b5fad9d296f47d695fbed41b707fe70c19552c9ed2edd2b4f20a80616339e5e212de6854bd79b9a6b1861deaf5b8494ae4dcee0b28204ef932d1c76f1f4731f30943b7d8c963db2f760b1e67d4e8dd933264483df7a701d34ba0bf4293cf053ed1b26d3737bb96c8a9cdf688d66fe64b31f528a295503bd42e624630a72fad8e57b35086b661ea4ed939c2771fdd669b49b42f1a0eb4f21e4fbb159ab619dde4b45a9ddcabe327a3da17dec74d96be63a717cc5bb77cf5e768b3cb812a5b6d70e329cc56834bfa87f74199246b494ab9ea29696383551d97a80e02e0ad84a147274494487f24094bb8c769dc3698228b45db5cdf859d1c4bd213f4fef01b02a42c501490a6c558fdaf5c4321fac6e7f48011170cb7800782f16beca943e3ff06a108397e5b4c97f107747af53d0bda1a63e5f674c200e5e18e3ee15a8f5284a8373389b8205c86d25867e2d6d74b15e6509d9c1f314dc24caeddfdaaa6178f1a273104f1e3c655021bf53ecad6044e69b72e1f4511e5ee92688de6f6eb3710ccffb53aba5c161840cc3dd4e56bc900c36bbcce6df6bccf595dc5e6d294e8a8a12f7b3bc360289626bc0307f747c74b77ae844c24e71ecadedf70bc307115780ebf1f67977b3b080a5e76b674502bfedc5c7b83209412cca8478122f5e1dba66859ff2dc88131aa0d8b1036ebab1f55abd0fd9d3199bfcb0ded575bf7fe960bde02b88e7b80d1121513cb6d19fd127245c7bd35a97729fc537f5c3c9ce6416694abca679303a5aae376cf95a75426173b659075a17d22b1844d37d7ca71d0301831322de11255e2872d5a6f1bfc5be8b0a78578cb8ee6485d9fdd4eab203600cbd12a603303aea711fb82f96e2a9d13a86f53dfe7efc68b471c9c6691f4cbe661481f72cccecb8ca0287678dcaf24720599edb062daab1f5b2283ace43c9dcc1a17238597c1c1dc45647c3dcbbb627bdb1567b9237a620bd1c76b459bc64d061d2a1bcb73e07dd774acc60982905760ba03d7b20cf7b71f367ca4a76d940daa568facf239927e6195e21a0842c35866f02c79193c8d734ff9b890aaed0588f409f66eda4914c1539525cc1e998eacf9a2e5df0445e876c87ad8ef4c87656a93556f9413b8e561b1f3a5087097d6210b40be052deaf8114d52e179a0332c056d4e8009e8e4d5767e7a4bb7040e62a46b85e38e01b38e3e91c49b12496f370ef00500cc161f80d7d3f7b9d2ff3962083a80ecf83717b31b31a88de82c4d422993b4b098c22b2477b782cb9791a39dded65a473e9434dda4bd1adf09d1083f33dca9392395d0bf617d77c3055a742f42741ca7b332b6d5841e7b135226d3d34a8ca31c2a69acf9df7417d6f6262ba004a6cd4b4960ed69cf10300283bce4b9b114606f4e921e231ff7db64418a1336a4d116035e0ae8e661c7cf5bd8ec9d2b7bf9967b584c795513aa0bfcc097e2b440f0929e329")
sched_setaffinity(r2, 0x8, &(0x7f0000000800)=0xffffffff)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000580)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='kfree\x00', r3, 0x0, 0x3}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="020000000400000008000000010000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x2, &(0x7f0000000980)=[{0x6, 0x85, 0x7, 0x7ffc0000}, {0x4040, 0x3, 0x6, 0x8}]})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x204000, &(0x7f0000001600)={[{@debug}, {@min_batch_time={'min_batch_time', 0x3d, 0x4ab}}, {@data_err_ignore}, {@nobarrier}, {@inlinecrypt}, {@orlov}, {@nogrpid}, {@discard}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f0000000c40)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)=@newtaction={0x98, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x84, 0x1, [@m_sample={0x80, 0x1, 0x0, 0x0, {{0xb}, {0x54, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0xffffffffffffff7c, 0x2, {0xc2, 0x9, 0x0, 0xefffffbc}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x8, 0x80f5, 0x7, 0xffffff3a}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x3}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x8000}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xf}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x8}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x98}}, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_clone3(&(0x7f0000000540)={0x800100, &(0x7f0000000140), &(0x7f0000000300)=<r7=>0x0, &(0x7f0000000340), {0x3c}, &(0x7f00000003c0)=""/33, 0x21, &(0x7f0000000400)=""/194, &(0x7f0000000500)=[0x0], 0x1}, 0x58)
r8 = syz_open_procfs(r7, &(0x7f00000005c0)='environ\x00')
preadv(r8, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x0, 0x0)

1.82091129s ago: executing program 2 (id=3044):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000780)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000600)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x8, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x5, @perf_config_ext={0x4, 0x7}, 0x13748, 0x10000, 0x0, 0x5, 0xa, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = fsopen(&(0x7f0000000080)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000040)='ro\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f00000007c0)=ANY=[@ANYBLOB="aaaaaaaaaa230180c20000000800450000b00000000000119078000000000000000000004e20009c907801000000000d00007b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424dbcfd56f1375461caaa2f19935e6996c7096ffeeb03000000000000649a3bfbc1f39cb307b3472eb9cdb042d2643fcbb2c5a57df67d544af6e8dafe09a9b15ed28afb6369c2e0e4358f23c9780cf660d1c04495f84b6e0db3c23ae3acd5e2316d443f5e0c8c1777a941ef30174429019a16e9da3c1f975c3fa919cbc91973e918f2c41e6ab57c72ba8064d82dd36b0e0f1e71227d6ccdce06208372c9b0ed8cf1c52d64363f13f081431da003ba07afb88a09ea179ed523803bf4"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xc0}, 0x94)
recvmmsg(r2, &(0x7f0000003d40)=[{{0x0, 0x94, 0x0}, 0x5}], 0x1, 0x2, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = fsmount(r0, 0x0, 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
capset(0x0, 0x0)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000006c0)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="2800000009060103000000000003ffec9dd5aa9f00020073797a3000000000000009400000000018ea02b09d99e58333b19f9b2863d0c09f73b4ef148000"], 0x28}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0xd9a, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
bind$bt_hci(r4, &(0x7f0000000300)={0x1f, 0x3, 0x4}, 0x6)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000280)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v")
perf_event_open$cgroup(&(0x7f0000000380)={0x0, 0x80, 0xc, 0x9, 0xff, 0x5, 0x0, 0xc000000000, 0x10000, 0x1b, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1, @perf_bp={&(0x7f0000000340), 0x3}, 0x2000, 0x4, 0x980, 0x2, 0x1, 0xffffffe3, 0x3, 0x0, 0x7bf2, 0x0, 0xffffffff}, r4, 0x0, r4, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
quotactl_fd$Q_SYNC(r6, 0xffffffff80000100, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r7}, 0x10)
getresgid(&(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200))
geteuid()

1.450534079s ago: executing program 4 (id=3046):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20)
sendmsg$tipc(r0, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x1, {{0x1}, 0x3}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe50}, {0x0}, {0x0}, {0x0}, {&(0x7f00000020c0)}], 0x5}, 0x0)

1.390579953s ago: executing program 4 (id=3048):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd604dc58c00200600fe80000000000000000000000000001afe8000000000000000000000000000aafffe40", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="80e7"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
vmsplice(r1, &(0x7f0000000140)=[{&(0x7f0000000100)='\x00', 0x20000101}], 0x1000000000000044, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000240)={[{@noblock_validity}, {}, {@sysvgroups}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@grpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', 0x9001)
renameat2(r2, &(0x7f0000000140)='./file0\x00', r2, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4)

1.30202331s ago: executing program 1 (id=3050):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xe}, 0x0, 0xfff, 0x8, 0x1, 0x10000, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x44, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001900)=@newtaction={0x14, 0x30, 0x100, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x44811}, 0x20000051)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b000100627269646765000018000280050019"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.254838623s ago: executing program 1 (id=3051):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000010000004200000040"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setrlimit(0x8, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
setreuid(0xee01, 0x0)
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0)
ioctl$RTC_UIE_ON(r5, 0x7003)
ioctl$RTC_AIE_ON(r5, 0x7001)
ioctl$RTC_SET_TIME(r5, 0x4024700a, &(0x7f0000000040)={0x2b, 0x13, 0x0, 0x2, 0xb, 0xa9, 0x5, 0x2, 0x1})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400), &(0x7f0000000780), 0x3ff, r0}, 0x38)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

1.101278605s ago: executing program 4 (id=3052):
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x1ffffffffffffdf4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, 0x0)
r2 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="58000000020603f7ff000000000000000700000705000100070000000900020073797a31000000000c00078008001240000000050500050002000000050004000100000011000300686173683a69702c706f7274"], 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)

692.458517ms ago: executing program 4 (id=3054):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000080)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="080000fa"], 0xdc)

437.699156ms ago: executing program 2 (id=3056):
r0 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x2)
pwritev2(r0, 0x0, 0x0, 0x7c00, 0x0, 0x3)
dup(0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYRES16], 0x28}}, 0x0)
socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00'}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), 0x0}, 0x20)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d0800fe007c05e8fe50a10a000600014002020c600e41b0000900ac000a0501000000160012000a00ff120048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x814)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
sendmsg$inet6(r3, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000006c0)={0x0, @in={{0x2, 0x4e24, @local}}}, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10060, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x11c167, 0x0, 0xfffffffa, 0x4, 0x0, 0xfffffffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

406.028729ms ago: executing program 2 (id=3057):
munlockall()
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x12, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180900000000000000d8000000000000850000006d00006f1801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000c5000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r0}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20)
sendmsg$tipc(r1, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x1, {{0x1}, 0x3}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe50}, {0x0}, {0x0}, {0x0}, {&(0x7f00000020c0)}], 0x5}, 0x0)

327.980674ms ago: executing program 1 (id=3058):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x3, 0x0, @vifc_lcl_addr=@local, @local}, 0x10)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x4, 0xfd, 0x0, @vifc_lcl_addr=@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast}, 0x10)
setsockopt$inet_mreq(r4, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0xfb, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x64, 0xd2}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r5, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)
r6 = socket$inet6(0xa, 0x1, 0x0)
syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xf96d, 0x3010, 0x4, 0xe6}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000480)=<r9=>0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x8, 0xc, 0x3, 0x5, 0x0, 0xbd, 0x98005, 0x19, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0xb9, 0x1, @perf_bp={&(0x7f0000000300), 0x1}, 0x4, 0xfffffffffffffffe, 0x4, 0x4, 0x63, 0xfffffffe, 0xfff8, 0x0, 0x82, 0x0, 0x401}, r9, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="8000000000010104000000010100000002000000320001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c000280050001"], 0x80}}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000740)={0x0, 0x8, "a76743e5b38b472e"}, &(0x7f0000000840)=0x10)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x12, 0x0, r6, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=ANY=[], 0xe8}, 0x0, 0x24040092, 0x1})
pwritev(r2, &(0x7f0000000340)=[{&(0x7f0000000580)="e1", 0x1}], 0x1, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x208004, &(0x7f00000003c0)=ANY=[@ANYBLOB='\x00', @ANYRES64, @ANYRESOCT], 0x1, 0x2a2, &(0x7f0000000980)="$eJzs3VFrUmEYB/BnzW22G4W6il0c6KYr2fYNJBZEQrDwYl0pbaNQGTgQ6qK866MEfZw+Rl8gg8DQo6lrW4Rup/T3g8Oendc/PscL3yO8r9Z2Wo3+ekREr5+Kbnwf/H8nBqe/jc9GxNrw2Ixp3QAA/jeHh/XyFUOvc7fcCzej3S7XNyJi67eR6udMGgIAAAAAAAAAAGButZ1W4/js/PTo3tfI55PIRXSjF1Ecrf+P0br/GO4IWNT6//ycXQMA87hm/T9Lot0u17dH92+zrP8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAstPr9wv9a46s+wMAFu8P8/+nrPsDABbP538AWD29mbl+Lcz/ALD8Xhy9fFauVA4OkyQf0frYqXaq6d90vHwab6IZJ7EbhfgRg/uDkbR+8rRysJsMFWMrItL8h051fTa/F4UoXp7fS/NJ1Aa5cX4jtqfz+1GI+5fn96fz2+P8Zjx6OJUvRSG+vIqzaMZxDLKT/Pu9JHn8vHLh+beGjwMAAAAAAAAAAAAAAAAAAIDbUEp+Kc7uf0/375dKV42n+b/4foAL++tz8SCX7bUDAAAAAAAAAAAAAAAAAADAv+L87btGvdk8aSsWUNz1qiqWpMj4jQkAAAAAAAAAAAAAAAAAAFbQZNNv1p0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHYmv/9/c0XW1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACshp8BAAD//3Fj9No=")
sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a2c0000000c0a01010000000000000000020000050800044000000000080004400000a13f0800044000000001140000005a45e70f25c1f122e01211000100000000000000000002001f0a"], 0x54}, 0x1, 0x0, 0x0, 0x40800}, 0x4000050)

311.979416ms ago: executing program 2 (id=3059):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002120207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000700000085000000110000"], &(0x7f00000009c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
modify_ldt$write2(0x11, &(0x7f0000000400)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10)

282.862408ms ago: executing program 1 (id=3060):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000008c0)='kfree\x00', r0, 0x0, 0x68}, 0x18)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="a1ab00000000000000003200000008001701"], 0x1c}, 0x1, 0x0, 0x0, 0x20004004}, 0x0)
r3 = syz_open_dev$vcsn(&(0x7f0000000000), 0x5, 0x1213c2)
execveat(r3, &(0x7f0000000040)='./file0\x00', &(0x7f0000000440)={[&(0x7f00000000c0)='.,\x00', &(0x7f0000000140)='.&[\x00', &(0x7f0000000180)='GPL\x00', &(0x7f00000001c0)=',\x00', &(0x7f0000000300)='GPL\x00', &(0x7f0000000340)='\x00', &(0x7f0000000380)='@/.&^\'\x00', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='\x00']}, &(0x7f00000005c0)={[&(0x7f0000000500)='@]\'\x00', &(0x7f0000000540)='\x00']}, 0x1000)

252.707ms ago: executing program 2 (id=3061):
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="140100002900010000000000fcdbdf250401f2800c0018000bac0f0000000000140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0x1ffffffffffffdf4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
socket$inet6(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1002}]})
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000000)='.\x00', 0x5000408)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0d0f0000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000100b7080000000000007b8af8ff00000000bfa200000000000007020000f8ff0000b703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x20000000}, 0x2}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="8a450200000000002400128009000100626f6e640000000014000280050001000600000008000200", @ANYRES32], 0x44}}, 0x40)
semop(0x0, &(0x7f00000000c0)=[{0x1, 0xbbdd, 0x1000}, {0x1, 0x3}], 0x2)

206.601394ms ago: executing program 1 (id=3062):
r0 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x2)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x1cb041, 0x8)
r2 = dup(r1)
sendfile(r2, r0, 0x0, 0x8000fffffffc)
socket$key(0xf, 0x3, 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20)

201.232984ms ago: executing program 2 (id=3063):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000080)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="080000fa"], 0xdc)

194.469645ms ago: executing program 0 (id=3064):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x401, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc0189374, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0x29}}, './file0/file0\x00'})
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f00000000c0)={0x1ff, 0x1, 0x80000001, 0x7fffffff, 0x1b, "48b429d2ee13ed2ee2f41900"})
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f00000026c0)=0x3d)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
setsockopt$inet6_opts(r2, 0x29, 0x37, &(0x7f0000000440)=@srh={0x2c, 0x12, 0x4, 0x9, 0x81, 0x8, 0xfffd, [@private1={0xfc, 0x1, '\x00', 0x1}, @remote, @mcast2, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, @loopback, @mcast2, @empty]}, 0x98)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r4}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="640000001000370403000000ffffffff00000000", @ANYRES32=r6, @ANYBLOB="0b1b050000000000440012800b00010069703667726500003400028008000100", @ANYRES32, @ANYBLOB="14000600fe8000000000000000000000000000aa1400070000000000000000000000000000bb"], 0x64}, 0x1, 0x0, 0x0, 0x48810}, 0x4000010)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setpriority(0x0, 0xff, 0x9)

156.732148ms ago: executing program 0 (id=3065):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x0, 0x10)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
preadv2(r2, &(0x7f0000000040)=[{&(0x7f0000001b40)=""/4082, 0xff2}], 0x1, 0x1, 0x0, 0xb)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r3 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1={0xff, 0x4}}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000002c0)='rpm_return_int\x00', r5}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="a0"], 0xffd8}}, 0x4000000)

88.297093ms ago: executing program 0 (id=3066):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x401, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc0189374, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0x29}}, './file0/file0\x00'})
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f00000000c0)={0x1ff, 0x1, 0x80000001, 0x7fffffff, 0x1b, "48b429d2ee13ed2ee2f41900"})
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f00000026c0)=0x3d)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
setsockopt$inet6_opts(r2, 0x29, 0x37, &(0x7f0000000440)=@srh={0x2c, 0x12, 0x4, 0x9, 0x81, 0x8, 0xfffd, [@private1={0xfc, 0x1, '\x00', 0x1}, @remote, @mcast2, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, @loopback, @mcast2, @empty]}, 0x98)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r4}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="640000001000370403000000ffffffff00000000", @ANYRES32=r6, @ANYBLOB="0b1b050000000000440012800b00010069703667726500003400028008000100", @ANYRES32, @ANYBLOB="14000600fe8000000000000000000000000000aa1400070000000000000000000000000000bb"], 0x64}, 0x1, 0x0, 0x0, 0x48810}, 0x4000010)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

57.928695ms ago: executing program 0 (id=3067):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1, 0x0, 0x2}, 0x18)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x3, 0x0, @vifc_lcl_addr=@local, @local}, 0x10)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r3, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0xfb, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x64, 0xd2}}}}}, 0x0)

29.894927ms ago: executing program 0 (id=3068):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = accept4$llc(0xffffffffffffffff, &(0x7f0000000240)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000280)=0x10, 0x800)
accept4$llc(r1, &(0x7f00000002c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000300)=0x10, 0x800)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r2, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0xfffffe71, 0x1}}, 0x20)
r3 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r3, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)="9f", 0x1}], 0x1}, 0x3e8)

1.64982ms ago: executing program 0 (id=3069):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev(r2, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
capset(&(0x7f0000019340)={0x20071026}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff, 0xe})
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r4, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x28}, 0x7b)
rename(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='./file0\x00')
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x6, @private=0xa010102}, 0x2, 0x0, 0x1}}, 0x26)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000000)=0x8000006, 0x4)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='ext4_insert_range\x00', r3, 0x0, 0x5}, 0x18)

0s ago: executing program 1 (id=3070):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev(r2, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
capset(&(0x7f0000019340)={0x20071026}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff, 0xe})
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r4, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000) (fail_nth: 1)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x28}, 0x7b)
rename(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='./file0\x00')
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x6, @private=0xa010102}, 0x2, 0x0, 0x1}}, 0x26)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000000)=0x8000006, 0x4)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='ext4_insert_range\x00', r3, 0x0, 0x5}, 0x18)

kernel console output (not intermixed with test programs):

0.972365][T11755] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  200.985899][T11755] ext4 filesystem being mounted at /478/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.004126][T11758] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.017859][T11751] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  201.027739][T11751] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.053872][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.101049][ T8439] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  201.109318][ T8439] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.153780][ T8439] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  201.162099][ T8439] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.204448][ T8439] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  201.212737][ T8439] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.222428][ T3314] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  201.249514][ T8439] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  201.256597][T11772] siw: device registration error -23
[  201.257774][ T8439] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.480454][T11787] loop4: detected capacity change from 0 to 512
[  201.566663][T11796] loop1: detected capacity change from 0 to 128
[  201.603034][T11787] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.794264][T11805] loop2: detected capacity change from 0 to 128
[  201.817118][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.899736][T11816] siw: device registration error -23
[  201.922272][T11818] veth0: entered promiscuous mode
[  201.960108][T11822] syzkaller1: entered promiscuous mode
[  201.965753][T11822] syzkaller1: entered allmulticast mode
[  202.060780][T11826] loop1: detected capacity change from 0 to 512
[  202.186633][T11826] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.409613][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.636499][T11842] __nla_validate_parse: 6 callbacks suppressed
[  202.636514][T11842] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2482'.
[  202.656188][T11841] loop3: detected capacity change from 0 to 512
[  202.662901][T11841] EXT4-fs: Ignoring removed i_version option
[  202.669132][T11841] EXT4-fs: Ignoring removed bh option
[  202.674825][T11842] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2482'.
[  202.699898][T11841] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.714851][T11841] ext4 filesystem being mounted at /478/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  202.748174][T11852] EXT4-fs: Ignoring removed oldalloc option
[  202.756170][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.779143][T11852] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.779970][T11855] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  202.791881][T11852] ext4 filesystem being mounted at /486/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.804950][T11855] ext4 filesystem being mounted at /479/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.835177][T11852] EXT4-fs error (device loop2): ext4_map_blocks:825: inode #15: comm syz.2.2486: lblock 0 mapped to illegal pblock 0 (length 1)
[  202.835828][T11743] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set
[  202.863221][T11852] EXT4-fs (loop2): Remounting filesystem read-only
[  202.863238][T11743] EXT4-fs (loop2): Remounting filesystem read-only
[  202.890660][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  202.928879][T11863] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2489'.
[  202.938408][T11863] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2489'.
[  202.972324][T11865] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2491'.
[  202.981330][T11865] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2491'.
[  202.990911][T11865] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2491'.
[  202.999966][T11865] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2491'.
[  203.090232][T11872] syzkaller1: entered promiscuous mode
[  203.090787][T11869] EXT4-fs: inline encryption not supported
[  203.095793][T11872] syzkaller1: entered allmulticast mode
[  203.101636][T11869] EXT4-fs: Ignoring removed orlov option
[  203.113643][T11869] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  203.126982][T11869] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[  203.135170][T11869] System zones: 0-1, 3-12
[  203.142410][T11869] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2493'.
[  203.228770][T11883] netlink: 'syz.0.2498': attribute type 6 has an invalid length.
[  203.282644][T11885] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2499'.
[  203.298007][T11887] EXT4-fs: Ignoring removed oldalloc option
[  203.312553][T11885] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11885 comm=syz.0.2499
[  203.342982][T11887] ext4 filesystem being mounted at /483/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  203.354863][T11887] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: comm syz.3.2500: lblock 0 mapped to illegal pblock 0 (length 1)
[  203.368417][T11887] EXT4-fs (loop3): Remounting filesystem read-only
[  203.384789][T11888] netlink: 'syz.1.2497': attribute type 1 has an invalid length.
[  203.916235][T11914] netlink: 'syz.2.2509': attribute type 30 has an invalid length.
[  204.380625][T11943] netlink: 'syz.3.2529': attribute type 6 has an invalid length.
[  204.596056][T11949] netlink: 'syz.3.2521': attribute type 1 has an invalid length.
[  204.955272][T11972] syzkaller1: entered promiscuous mode
[  204.960881][T11972] syzkaller1: entered allmulticast mode
[  205.034559][T11976] set_capacity_and_notify: 6 callbacks suppressed
[  205.034574][T11976] loop1: detected capacity change from 0 to 128
[  205.223491][T11984] loop1: detected capacity change from 0 to 512
[  205.230261][T11984] EXT4-fs: Ignoring removed i_version option
[  205.236518][T11984] EXT4-fs: Ignoring removed bh option
[  205.247829][T11984] ext4 filesystem being mounted at /474/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  205.307391][T11988] loop1: detected capacity change from 0 to 1024
[  205.314170][T11988] EXT4-fs: inline encryption not supported
[  205.320059][T11988] EXT4-fs: Ignoring removed orlov option
[  205.328193][T11988] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  205.351589][T11991] loop3: detected capacity change from 0 to 512
[  205.358204][T11988] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[  205.366407][T11988] System zones: 0-1, 3-12
[  205.385228][T11995] netlink: 'syz.0.2534': attribute type 30 has an invalid length.
[  205.398439][T11997] loop3: detected capacity change from 0 to 1024
[  205.405525][T11997] EXT4-fs: Ignoring removed oldalloc option
[  205.417101][T11997] ext4 filesystem being mounted at /490/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  205.428557][T11997] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: comm syz.3.2535: lblock 0 mapped to illegal pblock 0 (length 1)
[  205.442202][T11997] EXT4-fs (loop3): Remounting filesystem read-only
[  205.474869][T12002] loop3: detected capacity change from 0 to 1024
[  205.482759][T12002] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  205.493717][T12002] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  205.506752][T12002] JBD2: no valid journal superblock found
[  205.512543][T12002] EXT4-fs (loop3): Could not load journal inode
[  205.535300][T12006] syzkaller1: entered promiscuous mode
[  205.540875][T12006] syzkaller1: entered allmulticast mode
[  205.550290][T12008] loop3: detected capacity change from 0 to 128
[  205.689279][T12013] loop1: detected capacity change from 0 to 512
[  205.723207][T12019] netlink: 'syz.3.2542': attribute type 1 has an invalid length.
[  205.765768][   T29] kauditd_printk_skb: 310 callbacks suppressed
[  205.765852][   T29] audit: type=1326 audit(1765903882.340:9887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12018 comm="syz.3.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  205.795603][   T29] audit: type=1326 audit(1765903882.340:9888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12018 comm="syz.3.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  205.819209][   T29] audit: type=1326 audit(1765903882.340:9889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12018 comm="syz.3.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  205.842745][   T29] audit: type=1326 audit(1765903882.340:9890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12018 comm="syz.3.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  205.866281][   T29] audit: type=1326 audit(1765903882.340:9891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12018 comm="syz.3.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  205.889881][   T29] audit: type=1326 audit(1765903882.340:9892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12018 comm="syz.3.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  205.913633][   T29] audit: type=1326 audit(1765903882.340:9893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12018 comm="syz.3.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  205.913671][   T29] audit: type=1326 audit(1765903882.340:9894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12018 comm="syz.3.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  205.913731][   T29] audit: type=1326 audit(1765903882.340:9895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12018 comm="syz.3.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  205.913793][   T29] audit: type=1326 audit(1765903882.340:9896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12018 comm="syz.3.2542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  205.970226][T12023] loop4: detected capacity change from 0 to 1024
[  205.970673][T12023] EXT4-fs: Ignoring removed nomblk_io_submit option
[  205.980031][T12025] syz_tun: entered allmulticast mode
[  206.009675][T12025] loop2: detected capacity change from 0 to 512
[  206.011518][T12027] netlink: 'syz.0.2543': attribute type 1 has an invalid length.
[  206.021893][T12029] netlink: 'syz.3.2546': attribute type 1 has an invalid length.
[  206.079445][T12024] syz_tun: left allmulticast mode
[  206.133263][T12034] EXT4-fs: inline encryption not supported
[  206.138501][T12036] netlink: 'syz.4.2547': attribute type 30 has an invalid length.
[  206.139247][T12034] EXT4-fs: Ignoring removed orlov option
[  206.153113][T12034] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  206.166624][T12034] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[  206.174777][T12034] System zones: 0-1, 3-12
[  206.196944][T12043] EXT4-fs: Ignoring removed i_version option
[  206.202996][T12043] EXT4-fs: Ignoring removed bh option
[  206.217856][T12043] ext4 filesystem being mounted at /496/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  206.404705][T12061] EXT4-fs: Ignoring removed i_version option
[  206.410848][T12061] EXT4-fs: Ignoring removed bh option
[  206.428316][T12061] ext4 filesystem being mounted at /499/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  206.573173][T12073] EXT4-fs: Ignoring removed nomblk_io_submit option
[  207.054543][T12099] EXT4-fs: Ignoring removed i_version option
[  207.060634][T12099] EXT4-fs: Ignoring removed bh option
[  207.100636][T12099] ext4 filesystem being mounted at /503/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  207.187335][T12111] netlink: 'syz.3.2570': attribute type 6 has an invalid length.
[  207.226721][T12114] EXT4-fs: Ignoring removed oldalloc option
[  207.277919][T12116] EXT4-fs: Ignoring removed orlov option
[  207.285070][T12116] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  207.305004][T12114] ext4 filesystem being mounted at /481/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  207.333152][T12114] EXT4-fs error (device loop1): ext4_map_blocks:825: inode #15: comm syz.1.2573: lblock 0 mapped to illegal pblock 0 (length 1)
[  207.346791][T12116] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #11: comm syz.2.2572: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  207.430569][T12116] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2572: couldn't read orphan inode 11 (err -117)
[  207.443006][T12114] EXT4-fs (loop1): Remounting filesystem read-only
[  207.469508][T12116] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.2572: Invalid block bitmap block 0 in block_group 0
[  207.484000][T12116] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.2572: Failed to acquire dquot type 0
[  207.510307][   T37] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:2: Failed to release dquot type 0
[  207.527815][T12129] netlink: 'syz.1.2576': attribute type 13 has an invalid length.
[  207.540981][T12129] gretap0: refused to change device tx_queue_len
[  207.554736][T12131] EXT4-fs: Ignoring removed i_version option
[  207.560958][T12131] EXT4-fs: Ignoring removed bh option
[  207.567421][T12129] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  207.588658][T12131] ext4 filesystem being mounted at /508/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  207.635473][T12137] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  207.646456][T12137] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  207.658173][T12137] JBD2: no valid journal superblock found
[  207.663934][T12137] EXT4-fs (loop2): Could not load journal inode
[  207.709867][T12141] netlink: 'syz.1.2579': attribute type 30 has an invalid length.
[  207.721061][T12144] __nla_validate_parse: 20 callbacks suppressed
[  207.721077][T12144] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2581'.
[  207.743246][T12145] syz_tun: entered allmulticast mode
[  207.755430][T12147] syz_tun: entered allmulticast mode
[  207.761848][T12146] syz_tun: left allmulticast mode
[  207.769117][T12142] syz_tun: left allmulticast mode
[  207.817487][T12155] FAULT_INJECTION: forcing a failure.
[  207.817487][T12155] name failslab, interval 1, probability 0, space 0, times 0
[  207.830205][T12155] CPU: 1 UID: 0 PID: 12155 Comm: syz.3.2586 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  207.830316][T12155] Tainted: [W]=WARN
[  207.830322][T12155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  207.830334][T12155] Call Trace:
[  207.830339][T12155]  <TASK>
[  207.830347][T12155]  __dump_stack+0x1d/0x30
[  207.830370][T12155]  dump_stack_lvl+0xe8/0x140
[  207.830398][T12155]  dump_stack+0x15/0x1b
[  207.830496][T12155]  should_fail_ex+0x265/0x280
[  207.830525][T12155]  should_failslab+0x8c/0xb0
[  207.830549][T12155]  kmem_cache_alloc_noprof+0x69/0x4b0
[  207.830572][T12155]  ? flock_lock_inode+0x135/0xf60
[  207.830668][T12155]  flock_lock_inode+0x135/0xf60
[  207.830702][T12155]  ? file_has_perm+0x359/0x3a0
[  207.830769][T12155]  locks_lock_inode_wait+0x6f/0x2a0
[  207.830792][T12155]  ? selinux_file_lock+0x38/0x50
[  207.830821][T12155]  __se_sys_flock+0x2f1/0x3b0
[  207.830913][T12155]  __x64_sys_flock+0x31/0x40
[  207.830941][T12155]  x64_sys_call+0x2155/0x3000
[  207.831036][T12155]  do_syscall_64+0xd8/0x2c0
[  207.831148][T12155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.831175][T12155] RIP: 0033:0x7fcf220ff749
[  207.831194][T12155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.831212][T12155] RSP: 002b:00007fcf20b5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000049
[  207.831242][T12155] RAX: ffffffffffffffda RBX: 00007fcf22355fa0 RCX: 00007fcf220ff749
[  207.831254][T12155] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000004
[  207.831267][T12155] RBP: 00007fcf20b5f090 R08: 0000000000000000 R09: 0000000000000000
[  207.831279][T12155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.831352][T12155] R13: 00007fcf22356038 R14: 00007fcf22355fa0 R15: 00007ffd04f40998
[  207.831374][T12155]  </TASK>
[  207.832997][T12150] 8021q: adding VLAN 0 to HW filter on device bond2
[  208.033670][T12157] ip6erspan0: entered promiscuous mode
[  208.059862][T12157] bond2: (slave ip6erspan0): making interface the new active one
[  208.070396][T12157] bond2: (slave ip6erspan0): Enslaving as an active interface with an up link
[  208.091315][T12150] macvlan2: entered promiscuous mode
[  208.097626][T12150] bond2: entered promiscuous mode
[  208.108675][T12150] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  208.116850][T12150] bond2: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  208.134050][T12150] bond2: left promiscuous mode
[  208.177039][T12171] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  208.188171][T12171] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  208.199804][T12171] JBD2: no valid journal superblock found
[  208.205593][T12171] EXT4-fs (loop4): Could not load journal inode
[  208.238189][T12177] syz_tun: entered allmulticast mode
[  208.257336][T12176] syz_tun: left allmulticast mode
[  208.276094][T12179] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[  208.278509][T12182] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2598'.
[  208.294112][T12182] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2598'.
[  208.306407][T12182] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2598'.
[  208.315511][T12182] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2598'.
[  208.334915][T12186] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[  208.356575][T12188] EXT4-fs: Ignoring removed oldalloc option
[  208.374593][T12188] ext4 filesystem being mounted at /497/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.445768][T12188] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: comm syz.4.2600: lblock 0 mapped to illegal pblock 0 (length 1)
[  208.446701][T12202] EXT4-fs: Ignoring removed i_version option
[  208.465244][T12202] EXT4-fs: Ignoring removed bh option
[  208.474369][T12188] EXT4-fs (loop4): Remounting filesystem read-only
[  208.490386][T12203] EXT4-fs warning (device loop3): ext4_xattr_inode_get:560: inode #11: comm syz.3.2601: EA inode hash validation failed
[  208.504208][T12203] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.2601: corrupted inode contents
[  208.520694][T12203] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #15: comm syz.3.2601: mark_inode_dirty error
[  208.522045][T12202] ext4 filesystem being mounted at /511/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  208.572885][T12203] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.2601: corrupted inode contents
[  208.585277][T12203] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3000: inode #15: comm syz.3.2601: mark_inode_dirty error
[  208.600222][T12203] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3003: inode #15: comm syz.3.2601: mark inode dirty (error -117)
[  208.625590][T12209] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  208.636579][T12209] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  208.664013][T12211] EXT4-fs: Ignoring removed nomblk_io_submit option
[  208.670201][T12203] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -117)
[  208.672141][T12209] JBD2: no valid journal superblock found
[  208.685495][T12209] EXT4-fs (loop4): Could not load journal inode
[  208.686417][T12203] EXT4-fs (loop3): 1 orphan inode deleted
[  208.712705][T12214] syzkaller1: entered promiscuous mode
[  208.718290][T12214] syzkaller1: entered allmulticast mode
[  208.840349][T12224] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2612'.
[  208.894639][T12230] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2615'.
[  208.912282][T12230] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2615'.
[  209.048941][T12240] EXT4-fs: Ignoring removed i_version option
[  209.054986][T12240] EXT4-fs: Ignoring removed bh option
[  209.070390][T12240] ext4 filesystem being mounted at /501/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  209.151307][T12244] EXT4-fs: Ignoring removed nomblk_io_submit option
[  209.200969][T12252] ext4 filesystem being mounted at /519/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.219623][T12255] syzkaller1: entered promiscuous mode
[  209.225162][T12255] syzkaller1: entered allmulticast mode
[  209.487217][ T8738] syz_tun (unregistering): left allmulticast mode
[  209.566758][T12289] ext4 filesystem being mounted at /519/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.598339][T12294] FAULT_INJECTION: forcing a failure.
[  209.598339][T12294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.609361][T12277] lo speed is unknown, defaulting to 1000
[  209.611792][T12294] CPU: 1 UID: 0 PID: 12294 Comm: syz.4.2638 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  209.611846][T12294] Tainted: [W]=WARN
[  209.611857][T12294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  209.611875][T12294] Call Trace:
[  209.611883][T12294]  <TASK>
[  209.611893][T12294]  __dump_stack+0x1d/0x30
[  209.611926][T12294]  dump_stack_lvl+0xe8/0x140
[  209.611998][T12294]  dump_stack+0x15/0x1b
[  209.612026][T12294]  should_fail_ex+0x265/0x280
[  209.612059][T12294]  should_fail+0xb/0x20
[  209.612087][T12294]  should_fail_usercopy+0x1a/0x20
[  209.612201][T12294]  _copy_from_user+0x1c/0xb0
[  209.612308][T12294]  __sys_bpf+0x183/0x7c0
[  209.612346][T12294]  __x64_sys_bpf+0x41/0x50
[  209.612465][T12294]  x64_sys_call+0x28e1/0x3000
[  209.612499][T12294]  do_syscall_64+0xd8/0x2c0
[  209.612580][T12294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.612610][T12294] RIP: 0033:0x7fb7c56af749
[  209.612631][T12294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.612656][T12294] RSP: 002b:00007fb7c410f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  209.612683][T12294] RAX: ffffffffffffffda RBX: 00007fb7c5905fa0 RCX: 00007fb7c56af749
[  209.612700][T12294] RDX: 0000000000000018 RSI: 0000200000000080 RDI: 0000000000000006
[  209.612787][T12294] RBP: 00007fb7c410f090 R08: 0000000000000000 R09: 0000000000000000
[  209.612801][T12294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.612816][T12294] R13: 00007fb7c5906038 R14: 00007fb7c5905fa0 R15: 00007ffdcf0a9d78
[  209.612895][T12294]  </TASK>
[  209.786747][ T3938] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  209.796671][ T3938] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.801469][T12296] EXT4-fs: Ignoring removed nomblk_io_submit option
[  209.839671][T12299] syzkaller1: entered promiscuous mode
[  209.845205][T12299] syzkaller1: entered allmulticast mode
[  209.885442][ T3938] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  209.895333][ T3938] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.944260][T12309] validate_nla: 3 callbacks suppressed
[  209.944275][T12309] netlink: 'syz.4.2644': attribute type 6 has an invalid length.
[  209.958073][ T3938] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  209.967896][ T3938] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.037594][ T3938] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  210.047423][ T3938] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.060456][T12277] chnl_net:caif_netlink_parms(): no params data found
[  210.112731][T12277] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.119924][T12277] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.127283][T12277] bridge_slave_0: entered allmulticast mode
[  210.133986][T12277] bridge_slave_0: entered promiscuous mode
[  210.144209][T12277] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.151405][T12277] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.162105][T12335] set_capacity_and_notify: 28 callbacks suppressed
[  210.162120][T12335] loop3: detected capacity change from 0 to 512
[  210.176438][T12335] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  210.184813][T12277] bridge_slave_1: entered allmulticast mode
[  210.191600][T12277] bridge_slave_1: entered promiscuous mode
[  210.193050][T12335] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2651: bg 0: block 255: padding at end of block bitmap is not set
[  210.212288][T12335] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  210.221297][T12335] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2651: invalid indirect mapped block 1 (level 1)
[  210.234878][T12335] EXT4-fs (loop3): 1 truncate cleaned up
[  210.241163][T12336] syz_tun: entered allmulticast mode
[  210.251003][T12336] FAULT_INJECTION: forcing a failure.
[  210.251003][T12336] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.264283][T12336] CPU: 0 UID: 0 PID: 12336 Comm: syz.2.2652 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  210.264398][T12336] Tainted: [W]=WARN
[  210.264408][T12336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  210.264425][T12336] Call Trace:
[  210.264489][T12336]  <TASK>
[  210.264506][T12336]  __dump_stack+0x1d/0x30
[  210.264536][T12336]  dump_stack_lvl+0xe8/0x140
[  210.264565][T12336]  dump_stack+0x15/0x1b
[  210.264591][T12336]  should_fail_ex+0x265/0x280
[  210.264656][T12336]  should_fail+0xb/0x20
[  210.264678][T12336]  should_fail_usercopy+0x1a/0x20
[  210.264705][T12336]  _copy_from_user+0x1c/0xb0
[  210.264774][T12336]  ___sys_sendmsg+0xc1/0x1d0
[  210.264843][T12336]  __x64_sys_sendmsg+0xd4/0x160
[  210.264884][T12336]  x64_sys_call+0x17ba/0x3000
[  210.264916][T12336]  do_syscall_64+0xd8/0x2c0
[  210.265040][T12336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.265067][T12336] RIP: 0033:0x7f6c1978f749
[  210.265086][T12336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.265108][T12336] RSP: 002b:00007f6c181f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  210.265164][T12336] RAX: ffffffffffffffda RBX: 00007f6c199e5fa0 RCX: 00007f6c1978f749
[  210.265181][T12336] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000007
[  210.265196][T12336] RBP: 00007f6c181f7090 R08: 0000000000000000 R09: 0000000000000000
[  210.265212][T12336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.265228][T12336] R13: 00007f6c199e6038 R14: 00007f6c199e5fa0 R15: 00007ffd0bd1ef18
[  210.265327][T12336]  </TASK>
[  210.267309][T12277] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.347584][T12342] loop2: detected capacity change from 0 to 512
[  210.362846][T12277] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.453321][ T3938] gretap0: left allmulticast mode
[  210.458470][ T3938] gretap0: left promiscuous mode
[  210.463578][ T3938] bridge0: port 3(gretap0) entered disabled state
[  210.471103][ T3938] bridge_slave_1: left allmulticast mode
[  210.476847][ T3938] bridge_slave_1: left promiscuous mode
[  210.482600][ T3938] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.490681][ T3938] bridge_slave_0: left allmulticast mode
[  210.496437][ T3938] bridge_slave_0: left promiscuous mode
[  210.502273][ T3938] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.757650][ T3938] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.767388][ T3938] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.776657][ T3938] .` (unregistering): Released all slaves
[  210.794315][T12345] syz_tun: entered allmulticast mode
[  210.800066][ T4709] syz0: Port: 1 Link DOWN
[  210.805757][T12334] syz_tun: left allmulticast mode
[  210.812272][T12277] team0: Port device team_slave_0 added
[  210.820668][T12343] syz_tun: left allmulticast mode
[  210.828314][ T3938] IPVS: stopping backup sync thread 8551 ...
[  210.853104][T12277] team0: Port device team_slave_1 added
[  210.875192][T12353] netlink: 'syz.4.2657': attribute type 30 has an invalid length.
[  210.905458][T12277] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.912489][T12277] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  210.938447][T12277] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.951843][ T3938] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.959427][ T3938] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.967097][ T3938] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.974508][ T3938] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.985205][ T3938] veth1_macvtap: left promiscuous mode
[  210.990918][ T3938] veth0_macvtap: left promiscuous mode
[  210.997825][ T3938] veth1_vlan: left promiscuous mode
[  211.003455][ T3938] veth0_vlan: left promiscuous mode
[  211.044886][ T3938] pimreg (unregistering): left allmulticast mode
[  211.080091][ T3938] team0 (unregistering): Port device team_slave_1 removed
[  211.090725][ T3938] team0 (unregistering): Port device team_slave_0 removed
[  211.102576][ T8434] smc: removing ib device syz0
[  211.126418][T12277] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.133409][T12277] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  211.159389][T12277] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.176862][T12369] loop2: detected capacity change from 0 to 512
[  211.245107][T12375] loop3: detected capacity change from 0 to 1024
[  211.259155][T12277] hsr_slave_0: entered promiscuous mode
[  211.275826][T12375] EXT4-fs: Ignoring removed nomblk_io_submit option
[  211.287951][T12277] hsr_slave_1: entered promiscuous mode
[  211.297189][T12277] debugfs: 'hsr0' already exists in 'hsr'
[  211.302939][T12277] Cannot create hsr debugfs directory
[  211.363190][T12381] loop2: detected capacity change from 0 to 128
[  211.394069][T12384] loop3: detected capacity change from 0 to 1024
[  211.408214][T12384] EXT4-fs: Ignoring removed oldalloc option
[  211.418457][T12384] ext4 filesystem being mounted at /527/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  211.446680][T12384] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: comm syz.3.2664: lblock 0 mapped to illegal pblock 0 (length 1)
[  211.460586][T12384] EXT4-fs (loop3): Remounting filesystem read-only
[  211.528743][   T29] kauditd_printk_skb: 559 callbacks suppressed
[  211.528759][   T29] audit: type=1326 audit(1765903888.110:10453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12387 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  211.569621][   T29] audit: type=1326 audit(1765903888.150:10454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12387 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  211.593726][   T29] audit: type=1326 audit(1765903888.150:10455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12387 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  211.617766][   T29] audit: type=1326 audit(1765903888.150:10456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12387 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  211.641449][   T29] audit: type=1326 audit(1765903888.150:10457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12387 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  211.665378][   T29] audit: type=1326 audit(1765903888.150:10458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12387 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  211.689061][   T29] audit: type=1326 audit(1765903888.150:10459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12387 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  211.712755][   T29] audit: type=1326 audit(1765903888.150:10460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12387 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  211.736617][   T29] audit: type=1326 audit(1765903888.150:10461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12387 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  211.760670][   T29] audit: type=1326 audit(1765903888.150:10462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12387 comm="syz.3.2665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fcf220ff749 code=0x7ffc0000
[  211.794792][T12394] netlink: 'syz.2.2667': attribute type 4 has an invalid length.
[  211.825107][T12398] netlink: 'syz.3.2678': attribute type 30 has an invalid length.
[  211.886257][T12399] loop4: detected capacity change from 0 to 512
[  211.893117][T12399] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  211.902849][T12399] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2668: bg 0: block 255: padding at end of block bitmap is not set
[  211.917550][T12399] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  211.926585][T12399] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2668: invalid indirect mapped block 1 (level 1)
[  211.940663][T12399] EXT4-fs (loop4): 1 truncate cleaned up
[  212.015483][T12277] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  212.024857][T12277] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  212.034243][T12277] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  212.043910][T12277] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  212.087318][T12277] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.100321][T12277] 8021q: adding VLAN 0 to HW filter on device team0
[  212.114638][ T8439] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.121875][ T8439] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.144309][ T8441] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.151560][ T8441] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.182443][T12439] netlink: 'syz.1.2673': attribute type 30 has an invalid length.
[  212.232103][T12277] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.277100][T12448] loop2: detected capacity change from 0 to 512
[  212.313124][T12277] veth0_vlan: entered promiscuous mode
[  212.328255][T12277] veth1_vlan: entered promiscuous mode
[  212.350018][T12277] veth0_macvtap: entered promiscuous mode
[  212.357376][T12277] veth1_macvtap: entered promiscuous mode
[  212.368804][T12277] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.381127][T12277] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.393201][ T8434] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.414708][ T8434] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.425929][ T8434] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.434775][ T8434] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.472850][T12459] tipc: Started in network mode
[  212.477814][T12459] tipc: Node identity ac14140f, cluster identity 4711
[  212.485207][T12459] tipc: New replicast peer: 255.255.255.255
[  212.491337][T12459] tipc: Enabled bearer <udp:syz2>, priority 10
[  212.500048][T12459] tipc: Disabling bearer <udp:syz2>
[  212.623770][T12471] loop2: detected capacity change from 0 to 128
[  212.762238][T12479] FAULT_INJECTION: forcing a failure.
[  212.762238][T12479] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.775366][T12479] CPU: 1 UID: 0 PID: 12479 Comm: syz.4.2682 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  212.775408][T12479] Tainted: [W]=WARN
[  212.775417][T12479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  212.775433][T12479] Call Trace:
[  212.775441][T12479]  <TASK>
[  212.775449][T12479]  __dump_stack+0x1d/0x30
[  212.775479][T12479]  dump_stack_lvl+0xe8/0x140
[  212.775580][T12479]  dump_stack+0x15/0x1b
[  212.775609][T12479]  should_fail_ex+0x265/0x280
[  212.775662][T12479]  should_fail+0xb/0x20
[  212.775681][T12479]  should_fail_usercopy+0x1a/0x20
[  212.775705][T12479]  _copy_from_user+0x1c/0xb0
[  212.775735][T12479]  ___sys_sendmsg+0xc1/0x1d0
[  212.775799][T12479]  __x64_sys_sendmsg+0xd4/0x160
[  212.775833][T12479]  x64_sys_call+0x17ba/0x3000
[  212.775857][T12479]  do_syscall_64+0xd8/0x2c0
[  212.775918][T12479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.775946][T12479] RIP: 0033:0x7fb7c56af749
[  212.775963][T12479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.775983][T12479] RSP: 002b:00007fb7c40ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  212.776010][T12479] RAX: ffffffffffffffda RBX: 00007fb7c5906090 RCX: 00007fb7c56af749
[  212.776026][T12479] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  212.776042][T12479] RBP: 00007fb7c40ee090 R08: 0000000000000000 R09: 0000000000000000
[  212.776057][T12479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.776072][T12479] R13: 00007fb7c5906128 R14: 00007fb7c5906090 R15: 00007ffdcf0a9d78
[  212.776143][T12479]  </TASK>
[  213.130318][T12487] __nla_validate_parse: 24 callbacks suppressed
[  213.130354][T12487] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2684'.
[  213.145735][T12487] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2684'.
[  213.167945][T12487] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2684'.
[  213.176883][T12487] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2684'.
[  213.206496][T12491] syzkaller1: entered promiscuous mode
[  213.212083][T12491] syzkaller1: entered allmulticast mode
[  213.259956][T12498] loop1: detected capacity change from 0 to 512
[  213.266781][T12498] EXT4-fs: Ignoring removed i_version option
[  213.272833][T12498] EXT4-fs: Ignoring removed bh option
[  213.291129][T12498] ext4 filesystem being mounted at /498/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  213.306118][T12509] syz_tun: entered allmulticast mode
[  213.329599][T12507] syz_tun: left allmulticast mode
[  213.395879][T12515] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2690'.
[  213.417363][T12517] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2691'.
[  213.465939][T12521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2689'.
[  213.511127][T12526] netlink: 'syz.1.2693': attribute type 30 has an invalid length.
[  213.552243][T12529] EXT4-fs: Ignoring removed oldalloc option
[  213.567431][T12529] ext4 filesystem being mounted at /536/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.579327][T12529] EXT4-fs error (device loop2): ext4_map_blocks:825: inode #15: comm syz.2.2694: lblock 0 mapped to illegal pblock 0 (length 1)
[  213.593343][T12529] EXT4-fs (loop2): Remounting filesystem read-only
[  213.593668][T12523] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2692'.
[  213.608975][T12523] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2692'.
[  213.637943][T12536] EXT4-fs: Ignoring removed orlov option
[  214.090467][T12543] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2697'.
[  214.107537][T12543] EXT4-fs: Ignoring removed nomblk_io_submit option
[  214.184347][T12551] syz_tun: entered allmulticast mode
[  214.199179][T12550] syz_tun: left allmulticast mode
[  214.715528][T12588] EXT4-fs: Ignoring removed nomblk_io_submit option
[  214.857440][T12592] EXT4-fs: Ignoring removed i_version option
[  214.863558][T12592] EXT4-fs: Ignoring removed bh option
[  214.899812][T12592] ext4 filesystem being mounted at /520/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  214.930445][T12602] EXT4-fs: Ignoring removed nomblk_io_submit option
[  215.010259][T12614] syzkaller1: entered promiscuous mode
[  215.015892][T12614] syzkaller1: entered allmulticast mode
[  215.271257][T12646] set_capacity_and_notify: 12 callbacks suppressed
[  215.271275][T12646] loop4: detected capacity change from 0 to 512
[  215.355281][T12652] loop1: detected capacity change from 0 to 512
[  215.462832][T12658] loop1: detected capacity change from 0 to 512
[  216.017468][T12667] loop3: detected capacity change from 0 to 1024
[  216.035250][T12667] EXT4-fs: Ignoring removed oldalloc option
[  216.063874][T12667] ext4 filesystem being mounted at /538/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  216.076065][T12667] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: comm syz.3.2728: lblock 0 mapped to illegal pblock 0 (length 1)
[  216.090159][T12667] EXT4-fs (loop3): Remounting filesystem read-only
[  216.117129][T12674] loop4: detected capacity change from 0 to 1024
[  216.124149][T12674] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  216.135066][T12674] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  216.145737][T12674] JBD2: no valid journal superblock found
[  216.151486][T12674] EXT4-fs (loop4): Could not load journal inode
[  216.267479][T12681] loop2: detected capacity change from 0 to 2048
[  216.383677][T12694] IPv6: sit1: Disabled Multicast RS
[  216.457721][T12704] netlink: 'syz.2.2741': attribute type 6 has an invalid length.
[  216.503878][T12708] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  216.523041][T12709] loop2: detected capacity change from 0 to 1024
[  216.532184][T12710] loop3: detected capacity change from 0 to 512
[  216.539283][T12709] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  216.550264][T12709] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  216.561886][T12709] JBD2: no valid journal superblock found
[  216.567685][T12709] EXT4-fs (loop2): Could not load journal inode
[  216.578476][T12708] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  216.611615][T12715] loop2: detected capacity change from 0 to 1024
[  216.636092][T12715] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  216.647051][T12715] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  216.658299][T12708] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  216.673122][T12715] JBD2: no valid journal superblock found
[  216.678924][T12715] EXT4-fs (loop2): Could not load journal inode
[  216.717685][T12708] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  216.784718][  T887] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  216.806443][   T29] kauditd_printk_skb: 112 callbacks suppressed
[  216.806459][   T29] audit: type=1326 audit(1765903893.390:10575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12706 comm="syz.1.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f36a9f749 code=0x7ffc0000
[  216.845853][  T887] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  216.855313][  T887] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  216.857753][   T29] audit: type=1326 audit(1765903893.420:10576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12706 comm="syz.1.2742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f36a9f749 code=0x7ffc0000
[  216.895699][  T887] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  216.979494][T12725] FAULT_INJECTION: forcing a failure.
[  216.979494][T12725] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.992705][T12725] CPU: 0 UID: 0 PID: 12725 Comm: syz.1.2749 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  216.992747][T12725] Tainted: [W]=WARN
[  216.992756][T12725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  216.992772][T12725] Call Trace:
[  216.992781][T12725]  <TASK>
[  216.992792][T12725]  __dump_stack+0x1d/0x30
[  216.992855][T12725]  dump_stack_lvl+0xe8/0x140
[  216.992951][T12725]  dump_stack+0x15/0x1b
[  216.992976][T12725]  should_fail_ex+0x265/0x280
[  216.993007][T12725]  should_fail+0xb/0x20
[  216.993112][T12725]  should_fail_usercopy+0x1a/0x20
[  216.993139][T12725]  _copy_to_user+0x20/0xa0
[  216.993175][T12725]  simple_read_from_buffer+0xb5/0x130
[  216.993196][T12725]  proc_fail_nth_read+0x10e/0x150
[  216.993371][T12725]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  216.993404][T12725]  vfs_read+0x1a8/0x770
[  216.993421][T12725]  ? __rcu_read_unlock+0x4f/0x70
[  216.993456][T12725]  ? __fget_files+0x184/0x1c0
[  216.993486][T12725]  ? mutex_lock+0x58/0x90
[  216.993641][T12725]  ksys_read+0xda/0x1a0
[  216.993660][T12725]  __x64_sys_read+0x40/0x50
[  216.993684][T12725]  x64_sys_call+0x2889/0x3000
[  216.993717][T12725]  do_syscall_64+0xd8/0x2c0
[  216.993771][T12725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.993792][T12725] RIP: 0033:0x7f6f36a9e15c
[  216.993806][T12725] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  216.993827][T12725] RSP: 002b:00007f6f354ff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  216.993900][T12725] RAX: ffffffffffffffda RBX: 00007f6f36cf5fa0 RCX: 00007f6f36a9e15c
[  216.993921][T12725] RDX: 000000000000000f RSI: 00007f6f354ff0a0 RDI: 0000000000000004
[  216.993938][T12725] RBP: 00007f6f354ff090 R08: 0000000000000000 R09: 0000000000000000
[  216.993955][T12725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.993971][T12725] R13: 00007f6f36cf6038 R14: 00007f6f36cf5fa0 R15: 00007ffdc49e89b8
[  216.993991][T12725]  </TASK>
[  217.227254][T12727] loop1: detected capacity change from 0 to 512
[  217.243207][T12727] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  217.263487][T12727] EXT4-fs (loop1): invalid journal inode
[  217.270124][T12727] EXT4-fs (loop1): can't get journal size
[  217.276649][T12727] EXT4-fs (loop1): 1 truncate cleaned up
[  217.350782][T12734] syz_tun: entered allmulticast mode
[  217.363264][T12733] syz_tun: left allmulticast mode
[  217.377499][   T29] audit: type=1400 audit(1765903893.920:10577): avc:  denied  { map } for  pid=12731 comm="syz.3.2752" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  217.378360][T12732] EXT4-fs error (device loop3): ext4_iget_extra_inode:5073: inode #15: comm syz.3.2752: corrupted in-inode xattr: invalid ea_ino
[  217.401583][   T29] audit: type=1400 audit(1765903893.920:10578): avc:  denied  { execute } for  pid=12731 comm="syz.3.2752" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  217.440206][T12732] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2752: couldn't read orphan inode 15 (err -117)
[  217.452924][   T29] audit: type=1326 audit(1765903894.030:10579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12737 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  217.476905][   T29] audit: type=1326 audit(1765903894.030:10580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12737 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  217.500640][   T29] audit: type=1326 audit(1765903894.030:10581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12737 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  217.524355][   T29] audit: type=1326 audit(1765903894.030:10582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12737 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  217.549002][   T29] audit: type=1326 audit(1765903894.030:10583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12737 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  217.572708][   T29] audit: type=1326 audit(1765903894.030:10584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12737 comm="syz.4.2754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  217.651726][T12736] netlink: 'syz.1.2750': attribute type 3 has an invalid length.
[  217.659603][T12736] netlink: 'syz.1.2750': attribute type 3 has an invalid length.
[  217.689959][T12742] EXT4-fs error (device loop3): ext4_lookup:1789: inode #2: comm syz.3.2752: deleted inode referenced: 15
[  217.948187][T12749] EXT4-fs: inline encryption not supported
[  217.954108][T12749] EXT4-fs: Ignoring removed orlov option
[  217.960563][T12749] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  217.987928][T12749] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[  217.996258][T12749] System zones: 0-1, 3-12
[  218.065398][T12755] FAULT_INJECTION: forcing a failure.
[  218.065398][T12755] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  218.078767][T12755] CPU: 0 UID: 0 PID: 12755 Comm: syz.3.2757 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  218.078805][T12755] Tainted: [W]=WARN
[  218.078835][T12755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  218.078848][T12755] Call Trace:
[  218.078853][T12755]  <TASK>
[  218.078861][T12755]  __dump_stack+0x1d/0x30
[  218.078892][T12755]  dump_stack_lvl+0xe8/0x140
[  218.078954][T12755]  dump_stack+0x15/0x1b
[  218.078973][T12755]  should_fail_ex+0x265/0x280
[  218.078996][T12755]  should_fail_alloc_page+0xf2/0x100
[  218.079025][T12755]  __alloc_frozen_pages_noprof+0x109/0x360
[  218.079110][T12755]  alloc_pages_mpol+0xb3/0x260
[  218.079159][T12755]  vma_alloc_folio_noprof+0x1aa/0x300
[  218.079195][T12755]  handle_mm_fault+0xef5/0x2c60
[  218.079304][T12755]  do_user_addr_fault+0x630/0x1080
[  218.079347][T12755]  exc_page_fault+0x62/0xa0
[  218.079373][T12755]  asm_exc_page_fault+0x26/0x30
[  218.079449][T12755] RIP: 0033:0x7fcf220acc5b
[  218.079526][T12755] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  218.079546][T12755] RSP: 002b:00007fcf20b5ce10 EFLAGS: 00010246
[  218.079560][T12755] RAX: 00007fcf20b5ef30 RBX: 00007fcf2232a640 RCX: 0000000000000000
[  218.079572][T12755] RDX: 00007fcf20b5ef78 RSI: 00007fcf22160df8 RDI: 00007fcf20b5ce30
[  218.079587][T12755] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  218.079601][T12755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.079616][T12755] R13: 00007fcf22356038 R14: 00007fcf22355fa0 R15: 00007ffd04f40998
[  218.079705][T12755]  </TASK>
[  218.079727][T12755] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  218.339577][T12767] netlink: 'syz.2.2765': attribute type 1 has an invalid length.
[  218.347427][T12767] __nla_validate_parse: 10 callbacks suppressed
[  218.347441][T12767] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2765'.
[  218.416532][T12761] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2762'.
[  218.425543][T12761] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2762'.
[  218.446190][ T8442] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  218.461180][ T8442] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  218.480119][T12778] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  218.491131][T12778] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  218.509663][ T8442] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  218.516704][T12778] JBD2: no valid journal superblock found
[  218.519278][ T8442] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  218.524262][T12778] EXT4-fs (loop3): Could not load journal inode
[  218.544309][T12782] EXT4-fs: Ignoring removed i_version option
[  218.550457][T12782] EXT4-fs: Ignoring removed bh option
[  218.568218][T12782] ext4 filesystem being mounted at /533/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  218.610445][T12788] syz_tun: entered allmulticast mode
[  218.618965][T12787] syz_tun: left allmulticast mode
[  218.666760][T12795] EXT4-fs: Ignoring removed oldalloc option
[  218.689318][T12795] ext4 filesystem being mounted at /536/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.701829][T12795] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: comm syz.4.2774: lblock 0 mapped to illegal pblock 0 (length 1)
[  218.719403][T12795] EXT4-fs (loop4): Remounting filesystem read-only
[  218.785168][T12803] EXT4-fs: inline encryption not supported
[  218.791094][T12803] EXT4-fs: Ignoring removed orlov option
[  218.797659][T12803] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  218.818615][T12803] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[  218.826796][T12803] System zones: 0-1, 3-12
[  218.832597][T12803] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2775'.
[  218.943121][T12811] syz_tun: entered allmulticast mode
[  218.955185][T12810] syz_tun: left allmulticast mode
[  218.979861][T12814] syzkaller1: entered promiscuous mode
[  218.985478][T12814] syzkaller1: entered allmulticast mode
[  219.167394][T12821] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  219.178339][T12821] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  219.189643][T12821] JBD2: no valid journal superblock found
[  219.195404][T12821] EXT4-fs (loop4): Could not load journal inode
[  219.211837][T12823] program syz.2.2781 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  219.257787][T12828] EXT4-fs: Ignoring removed i_version option
[  219.263849][T12828] EXT4-fs: Ignoring removed bh option
[  219.288348][T12828] ext4 filesystem being mounted at /558/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  219.324251][T12840] EXT4-fs: Ignoring removed i_version option
[  219.330594][T12840] EXT4-fs: Ignoring removed bh option
[  219.377011][T12840] ext4 filesystem being mounted at /553/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  219.392094][T12848] netlink: 'syz.0.2789': attribute type 6 has an invalid length.
[  219.443631][T12851] syzkaller1: entered promiscuous mode
[  219.449192][T12851] syzkaller1: entered allmulticast mode
[  219.512823][T12855] EXT4-fs: Ignoring removed nomblk_io_submit option
[  219.682569][T12875] syz_tun: entered allmulticast mode
[  219.793722][T12872] syz_tun: left allmulticast mode
[  220.042722][T12906] netlink: 'syz.0.2804': attribute type 6 has an invalid length.
[  220.144908][T12915] syzkaller1: entered promiscuous mode
[  220.150556][T12915] syzkaller1: entered allmulticast mode
[  220.170127][T12916] EXT4-fs: Ignoring removed nomblk_io_submit option
[  220.180944][T12918] syz_tun: entered allmulticast mode
[  220.188085][T12916] EXT4-fs mount: 119 callbacks suppressed
[  220.188102][T12916] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.206655][T12917] syz_tun: left allmulticast mode
[  220.236201][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.275490][T12926] EXT4-fs: Ignoring removed oldalloc option
[  220.298621][T12926] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.311444][T12926] ext4 filesystem being mounted at /563/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.326249][T12926] EXT4-fs error (device loop2): ext4_map_blocks:825: inode #15: comm syz.2.2810: lblock 0 mapped to illegal pblock 0 (length 1)
[  220.340108][T12926] EXT4-fs (loop2): Remounting filesystem read-only
[  220.363753][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  220.503573][T12939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2815'.
[  220.512733][T12939] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2815'.
[  220.569101][T12939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2815'.
[  220.578368][T12939] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2815'.
[  220.686426][T12955] set_capacity_and_notify: 22 callbacks suppressed
[  220.686446][T12955] loop4: detected capacity change from 0 to 128
[  220.864639][T12964] loop3: detected capacity change from 0 to 512
[  220.945376][T12969] loop1: detected capacity change from 0 to 1024
[  220.962437][T12969] EXT4-fs: Ignoring removed nomblk_io_submit option
[  220.978256][T12969] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.038016][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.066612][T12987] FAULT_INJECTION: forcing a failure.
[  221.066612][T12987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.079835][T12987] CPU: 0 UID: 0 PID: 12987 Comm: syz.1.2828 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  221.079890][T12987] Tainted: [W]=WARN
[  221.079896][T12987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  221.079908][T12987] Call Trace:
[  221.079914][T12987]  <TASK>
[  221.079922][T12987]  __dump_stack+0x1d/0x30
[  221.079944][T12987]  dump_stack_lvl+0xe8/0x140
[  221.079985][T12987]  dump_stack+0x15/0x1b
[  221.080003][T12987]  should_fail_ex+0x265/0x280
[  221.080024][T12987]  should_fail+0xb/0x20
[  221.080041][T12987]  should_fail_usercopy+0x1a/0x20
[  221.080062][T12987]  _copy_from_user+0x1c/0xb0
[  221.080105][T12987]  snd_seq_ioctl+0x125/0x300
[  221.080147][T12987]  ? __pfx_snd_seq_ioctl+0x10/0x10
[  221.080189][T12987]  __se_sys_ioctl+0xce/0x140
[  221.080219][T12987]  __x64_sys_ioctl+0x43/0x50
[  221.080251][T12987]  x64_sys_call+0x14b0/0x3000
[  221.080280][T12987]  do_syscall_64+0xd8/0x2c0
[  221.080346][T12987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.080370][T12987] RIP: 0033:0x7f6f36a9f749
[  221.080431][T12987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.080454][T12987] RSP: 002b:00007f6f354ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  221.080476][T12987] RAX: ffffffffffffffda RBX: 00007f6f36cf5fa0 RCX: 00007f6f36a9f749
[  221.080507][T12987] RDX: 00002000000007c0 RSI: 00000000c0a85320 RDI: 0000000000000006
[  221.080527][T12987] RBP: 00007f6f354ff090 R08: 0000000000000000 R09: 0000000000000000
[  221.080538][T12987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.080623][T12987] R13: 00007f6f36cf6038 R14: 00007f6f36cf5fa0 R15: 00007ffdc49e89b8
[  221.080697][T12987]  </TASK>
[  221.275013][T12983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2825'.
[  221.285019][T12983] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2825'.
[  221.304010][T12997] loop2: detected capacity change from 0 to 1024
[  221.312162][T12997] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  221.323163][T12997] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  221.342022][T13000] loop3: detected capacity change from 0 to 1024
[  221.349895][T13000] EXT4-fs: Ignoring removed nomblk_io_submit option
[  221.358352][T12997] JBD2: no valid journal superblock found
[  221.364105][T12997] EXT4-fs (loop2): Could not load journal inode
[  221.373005][T13000] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.403916][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.407549][T13006] loop2: detected capacity change from 0 to 512
[  221.419687][T13006] EXT4-fs: Ignoring removed i_version option
[  221.425724][T13006] EXT4-fs: Ignoring removed bh option
[  221.441541][T13006] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.465999][T13006] ext4 filesystem being mounted at /569/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  221.496708][T13016] loop1: detected capacity change from 0 to 128
[  221.591287][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.645349][T13018] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  221.655240][T13018] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.707612][T13018] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  221.717555][T13018] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.767811][T13018] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  221.777717][T13018] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.847775][T13018] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  221.857918][T13018] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.937471][  T887] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  221.945776][  T887] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.005548][   T29] kauditd_printk_skb: 693 callbacks suppressed
[  222.005563][   T29] audit: type=1326 audit(1765903898.580:11278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.2.2839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1978f749 code=0x7ffc0000
[  222.006239][  T887] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  222.011838][   T29] audit: type=1326 audit(1765903898.580:11279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.2.2839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1978f749 code=0x7ffc0000
[  222.035479][  T887] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.064050][  T887] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  222.083825][  T887] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.098730][T13030] syzkaller1: entered promiscuous mode
[  222.104381][T13030] syzkaller1: entered allmulticast mode
[  222.121383][  T887] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  222.129647][  T887] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.175251][T13034] loop2: detected capacity change from 0 to 1024
[  222.197089][T13034] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  222.208159][T13034] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  222.219579][T13034] JBD2: no valid journal superblock found
[  222.225479][T13034] EXT4-fs (loop2): Could not load journal inode
[  222.276139][T13041] syz_tun: entered allmulticast mode
[  222.288974][T13042] loop3: detected capacity change from 0 to 1024
[  222.299137][T13041] loop2: detected capacity change from 0 to 512
[  222.310393][T13038] syz_tun: left allmulticast mode
[  222.333016][T13042] EXT4-fs: Ignoring removed oldalloc option
[  222.364465][T13042] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.392143][T13042] ext4 filesystem being mounted at /564/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  222.430257][T13042] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: comm syz.3.2846: lblock 0 mapped to illegal pblock 0 (length 1)
[  222.471497][T13042] EXT4-fs (loop3): Remounting filesystem read-only
[  222.480616][T13057] syz_tun: entered allmulticast mode
[  222.487322][T13057] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[  222.495895][T13057] mroute: pending queue full, dropping entries
[  222.536012][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  222.572293][T13056] syz_tun: left allmulticast mode
[  222.605042][T13063] EXT4-fs: Ignoring removed i_version option
[  222.611219][T13063] EXT4-fs: Ignoring removed bh option
[  222.626298][T13066] syz_tun: entered allmulticast mode
[  222.632418][T13064] syz_tun: left allmulticast mode
[  222.649053][T13063] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.661821][T13063] ext4 filesystem being mounted at /24/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  222.693662][T12277] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.714130][T13070] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.856505][T13078] EXT4-fs: Ignoring removed nomblk_io_submit option
[  222.877064][   T29] audit: type=1400 audit(1765903899.450:11280): avc:  denied  { write } for  pid=13080 comm="syz.0.2859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  222.922580][T13078] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.962134][   T29] audit: type=1326 audit(1765903899.540:11281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13086 comm="syz.0.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7b64f749 code=0x7ffc0000
[  222.986133][   T29] audit: type=1326 audit(1765903899.540:11282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13086 comm="syz.0.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f1f7b64f749 code=0x7ffc0000
[  223.009770][   T29] audit: type=1326 audit(1765903899.540:11283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13086 comm="syz.0.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7b64f749 code=0x7ffc0000
[  223.033621][   T29] audit: type=1326 audit(1765903899.540:11284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13086 comm="syz.0.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1f7b64f749 code=0x7ffc0000
[  223.057133][   T29] audit: type=1326 audit(1765903899.540:11285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13086 comm="syz.0.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7b64f749 code=0x7ffc0000
[  223.080747][   T29] audit: type=1326 audit(1765903899.540:11286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13086 comm="syz.0.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f7b64f749 code=0x7ffc0000
[  223.104531][   T29] audit: type=1326 audit(1765903899.540:11287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13086 comm="syz.0.2863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f7b64f749 code=0x7ffc0000
[  223.134476][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.135964][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.185414][T13093] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  223.196600][T13093] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  223.316710][T13093] JBD2: no valid journal superblock found
[  223.322495][T13093] EXT4-fs (loop1): Could not load journal inode
[  223.588655][T13119] syz_tun: entered allmulticast mode
[  223.601142][T13118] syz_tun: left allmulticast mode
[  223.985594][T13142] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.194806][T12277] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.478767][T13151] __nla_validate_parse: 10 callbacks suppressed
[  224.478863][T13151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2881'.
[  224.557457][T13151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2881'.
[  224.558014][T13154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2882'.
[  224.575522][T13154] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2882'.
[  224.605867][T13154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2882'.
[  224.614814][T13154] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2882'.
[  224.851002][T13173] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  224.861374][T13173] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.970560][T13173] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  224.981055][T13173] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.062144][T13173] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  225.072500][T13173] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.102601][T13183] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2893'.
[  225.125035][T13183] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2893'.
[  225.150203][T13173] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  225.160651][T13173] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.267508][  T874] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  225.275822][  T874] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.291400][  T874] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  225.299778][  T874] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.407688][  T874] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  225.415999][  T874] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  225.426021][  T874] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  225.434270][  T874] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  225.521829][T13192] netlink: 'syz.0.2896': attribute type 6 has an invalid length.
[  225.731483][T13199] set_capacity_and_notify: 7 callbacks suppressed
[  225.731500][T13199] loop4: detected capacity change from 0 to 512
[  225.832977][T13203] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  225.842801][T13203] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.860685][T13199] EXT4-fs: Ignoring removed i_version option
[  225.866779][T13199] EXT4-fs: Ignoring removed bh option
[  225.962809][T13199] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.975537][T13199] ext4 filesystem being mounted at /562/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  225.987661][T13203] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  225.997497][T13203] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.022315][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.047620][T13203] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  226.057564][T13203] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.129072][T13203] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  226.138973][T13203] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.250946][T13222] netlink: 'syz.2.2908': attribute type 1 has an invalid length.
[  226.258848][T13222] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2908'.
[  226.427603][T13227] netlink: 'syz.3.2910': attribute type 1 has an invalid length.
[  226.435402][T13227] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2910'.
[  226.468343][T13229] loop1: detected capacity change from 0 to 128
[  226.519341][T13231] syzkaller1: entered promiscuous mode
[  226.524881][T13231] syzkaller1: entered allmulticast mode
[  227.006170][   T29] kauditd_printk_skb: 668 callbacks suppressed
[  227.006188][   T29] audit: type=1326 audit(1765903903.590:11956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13226 comm="syz.3.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf22132005 code=0x7ffc0000
[  227.036555][   T29] audit: type=1326 audit(1765903903.620:11957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13226 comm="syz.3.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf22132005 code=0x7ffc0000
[  227.061097][   T29] audit: type=1326 audit(1765903903.640:11958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13226 comm="syz.3.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf22132005 code=0x7ffc0000
[  227.085157][   T29] audit: type=1326 audit(1765903903.660:11959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13226 comm="syz.3.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf22132005 code=0x7ffc0000
[  227.109799][   T29] audit: type=1326 audit(1765903903.690:11960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13226 comm="syz.3.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf22132005 code=0x7ffc0000
[  227.134187][   T29] audit: type=1326 audit(1765903903.710:11961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13226 comm="syz.3.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf22132005 code=0x7ffc0000
[  227.177393][   T29] audit: type=1326 audit(1765903903.740:11962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13226 comm="syz.3.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf22132005 code=0x7ffc0000
[  227.201078][   T29] audit: type=1326 audit(1765903903.740:11963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13226 comm="syz.3.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf22132005 code=0x7ffc0000
[  227.224736][   T29] audit: type=1326 audit(1765903903.740:11964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13226 comm="syz.3.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf22132005 code=0x7ffc0000
[  227.248346][   T29] audit: type=1326 audit(1765903903.740:11965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13226 comm="syz.3.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcf22132005 code=0x7ffc0000
[  227.417507][T13246] loop2: detected capacity change from 0 to 512
[  227.441581][T13246] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.611276][T13253] loop1: detected capacity change from 0 to 512
[  227.685923][T13253] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.763298][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.804789][T13262] random: crng reseeded on system resumption
[  228.249950][T13266] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  228.259946][T13266] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.301932][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.343951][T13272] netlink: 'syz.4.2922': attribute type 6 has an invalid length.
[  228.364346][T13275] syz_tun: entered allmulticast mode
[  228.372316][T13266] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  228.382160][T13266] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.395010][T13274] syz_tun: left allmulticast mode
[  228.521171][T13266] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  228.531027][T13266] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.628038][T13266] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  228.638018][T13266] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.674594][T13299] netlink: 'syz.2.2924': attribute type 1 has an invalid length.
[  228.805522][ T8435] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  228.813817][ T8435] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.961602][ T8435] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  228.970121][ T8435] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  229.051493][ T8435] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  229.059798][ T8435] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.068146][ T8435] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  229.076404][ T8435] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.199611][T13315] loop3: detected capacity change from 0 to 512
[  229.232703][T13315] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.427029][T13323] loop4: detected capacity change from 0 to 512
[  229.441021][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.477930][T13323] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.597411][T13331] netlink: 'syz.2.2932': attribute type 1 has an invalid length.
[  229.732567][T13334] loop1: detected capacity change from 0 to 128
[  229.877495][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.957473][T13336] syz_tun: entered allmulticast mode
[  229.964085][T13335] syz_tun: left allmulticast mode
[  230.183223][T13359] loop1: detected capacity change from 0 to 512
[  230.248184][T13359] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.310350][T13368] loop4: detected capacity change from 0 to 736
[  230.337157][T13366] af_packet: tpacket_rcv: packet too big, clamped from 46 to 4294967286. macoff=82
[  230.353781][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.380315][T13373] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[  230.380315][T13373]    program syz.1.2941 not setting count and/or reply_len properly
[  230.450577][T13381] loop2: detected capacity change from 0 to 1024
[  230.458027][T13381] EXT4-fs: Ignoring removed nomblk_io_submit option
[  230.484286][T13381] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.507349][T13391] EXT4-fs: Ignoring removed i_version option
[  230.513618][T13391] EXT4-fs: Ignoring removed bh option
[  230.528092][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.539938][T13391] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.553166][T13391] ext4 filesystem being mounted at /590/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  230.579241][  T887] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  230.587557][  T887] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.611703][  T874] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  230.620131][  T874] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.625739][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.628506][  T874] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  230.645626][  T874] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.657833][ T8442] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  230.666198][ T8442] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.690900][T13401] EXT4-fs: Ignoring removed nomblk_io_submit option
[  230.717227][T13401] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.749922][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.772966][T13409] ip6gre1: entered promiscuous mode
[  230.778264][T13409] ip6gre1: entered allmulticast mode
[  230.803559][T13404] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.853408][T13415] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2956'.
[  230.912437][T13415] FAULT_INJECTION: forcing a failure.
[  230.912437][T13415] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.925656][T13415] CPU: 0 UID: 0 PID: 13415 Comm: wÞ£ÿ Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  230.925691][T13415] Tainted: [W]=WARN
[  230.925773][T13415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  230.925787][T13415] Call Trace:
[  230.925795][T13415]  <TASK>
[  230.925805][T13415]  __dump_stack+0x1d/0x30
[  230.925911][T13415]  dump_stack_lvl+0xe8/0x140
[  230.925937][T13415]  dump_stack+0x15/0x1b
[  230.925956][T13415]  should_fail_ex+0x265/0x280
[  230.925977][T13415]  should_fail+0xb/0x20
[  230.925994][T13415]  should_fail_usercopy+0x1a/0x20
[  230.926042][T13415]  _copy_from_iter+0xcf/0xe70
[  230.926078][T13415]  packet_sendmsg+0x2003/0x31f0
[  230.926098][T13415]  ? __rcu_read_unlock+0x4f/0x70
[  230.926116][T13415]  ? avc_has_perm_noaudit+0xab/0x130
[  230.926217][T13415]  ? avc_has_perm+0xf7/0x180
[  230.926237][T13415]  ? selinux_socket_sendmsg+0x175/0x1b0
[  230.926390][T13415]  ? __pfx_packet_sendmsg+0x10/0x10
[  230.926415][T13415]  __sock_sendmsg+0x145/0x180
[  230.926441][T13415]  __sys_sendto+0x268/0x330
[  230.926479][T13415]  __x64_sys_sendto+0x76/0x90
[  230.926570][T13415]  x64_sys_call+0x29a7/0x3000
[  230.926606][T13415]  do_syscall_64+0xd8/0x2c0
[  230.926640][T13415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.926736][T13415] RIP: 0033:0x7f1f7b64f749
[  230.926755][T13415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.926792][T13415] RSP: 002b:00007f1f7a0b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  230.926816][T13415] RAX: ffffffffffffffda RBX: 00007f1f7b8a5fa0 RCX: 00007f1f7b64f749
[  230.926832][T13415] RDX: 000000000000fc13 RSI: 0000200000000800 RDI: 0000000000000004
[  230.926847][T13415] RBP: 00007f1f7a0b7090 R08: 0000000000000000 R09: fffffffffffffef0
[  230.926862][T13415] R10: 0000000000000880 R11: 0000000000000246 R12: 0000000000000001
[  230.926945][T13415] R13: 00007f1f7b8a6038 R14: 00007f1f7b8a5fa0 R15: 00007ffcfbbf1218
[  230.926967][T13415]  </TASK>
[  231.146671][T13410] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2953'.
[  231.155648][T13410] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2953'.
[  231.183017][T13421] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2957'.
[  231.193515][ T3314] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.373239][T13436] set_capacity_and_notify: 4 callbacks suppressed
[  231.373253][T13436] loop3: detected capacity change from 0 to 512
[  231.384408][T13438] FAULT_INJECTION: forcing a failure.
[  231.384408][T13438] name failslab, interval 1, probability 0, space 0, times 0
[  231.386376][T13436] EXT4-fs: Ignoring removed i_version option
[  231.398953][T13438] CPU: 0 UID: 0 PID: 13438 Comm: syz.4.2963 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  231.399055][T13438] Tainted: [W]=WARN
[  231.399066][T13438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  231.399085][T13438] Call Trace:
[  231.399094][T13438]  <TASK>
[  231.399106][T13438]  __dump_stack+0x1d/0x30
[  231.399151][T13438]  dump_stack_lvl+0xe8/0x140
[  231.399185][T13438]  dump_stack+0x15/0x1b
[  231.399238][T13438]  should_fail_ex+0x265/0x280
[  231.399271][T13438]  should_failslab+0x8c/0xb0
[  231.399301][T13438]  __kmalloc_cache_noprof+0x65/0x4c0
[  231.399335][T13438]  ? fl_init+0x33/0x130
[  231.399406][T13438]  ? __pfx_fl_reoffload+0x10/0x10
[  231.399501][T13438]  fl_init+0x33/0x130
[  231.399560][T13438]  tcf_proto_create+0x130/0x1a0
[  231.399607][T13438]  tc_new_tfilter+0x95c/0x10a0
[  231.399655][T13438]  ? __rcu_read_unlock+0x4f/0x70
[  231.399809][T13438]  ? ns_capable+0x7d/0xb0
[  231.399849][T13438]  ? __pfx_tc_new_tfilter+0x10/0x10
[  231.399967][T13438]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  231.400020][T13438]  netlink_rcv_skb+0x123/0x220
[  231.400059][T13438]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  231.400124][T13438]  rtnetlink_rcv+0x1c/0x30
[  231.400236][T13438]  netlink_unicast+0x5c0/0x690
[  231.400279][T13438]  netlink_sendmsg+0x58b/0x6b0
[  231.400330][T13438]  ? __pfx_netlink_sendmsg+0x10/0x10
[  231.400376][T13438]  __sock_sendmsg+0x145/0x180
[  231.400404][T13438]  ____sys_sendmsg+0x31e/0x4a0
[  231.400498][T13438]  ___sys_sendmsg+0x17b/0x1d0
[  231.400562][T13438]  __x64_sys_sendmsg+0xd4/0x160
[  231.400631][T13438]  x64_sys_call+0x17ba/0x3000
[  231.400709][T13438]  do_syscall_64+0xd8/0x2c0
[  231.400784][T13438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.400813][T13438] RIP: 0033:0x7fb7c56af749
[  231.400835][T13438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.400860][T13438] RSP: 002b:00007fb7c410f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  231.400893][T13438] RAX: ffffffffffffffda RBX: 00007fb7c5905fa0 RCX: 00007fb7c56af749
[  231.400912][T13438] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004
[  231.400929][T13438] RBP: 00007fb7c410f090 R08: 0000000000000000 R09: 0000000000000000
[  231.400946][T13438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.400985][T13438] R13: 00007fb7c5906038 R14: 00007fb7c5905fa0 R15: 00007ffdcf0a9d78
[  231.401013][T13438]  </TASK>
[  231.646442][T13436] EXT4-fs: Ignoring removed bh option
[  231.668327][T13436] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.681276][T13436] ext4 filesystem being mounted at /595/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  231.726253][T13447] loop4: detected capacity change from 0 to 1024
[  231.727465][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.733125][T13447] EXT4-fs: Ignoring removed nomblk_io_submit option
[  231.756031][T13449] loop0: detected capacity change from 0 to 512
[  231.768299][T13449] EXT4-fs: Ignoring removed i_version option
[  231.774377][T13449] EXT4-fs: Ignoring removed bh option
[  231.781602][T13447] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.799149][T13449] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.816199][T13449] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  231.835033][T13461] FAULT_INJECTION: forcing a failure.
[  231.835033][T13461] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  231.848314][T13461] CPU: 0 UID: 0 PID: 13461 Comm: syz.1.2971 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  231.848421][T13461] Tainted: [W]=WARN
[  231.848428][T13461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  231.848442][T13461] Call Trace:
[  231.848448][T13461]  <TASK>
[  231.848455][T13461]  __dump_stack+0x1d/0x30
[  231.848492][T13461]  dump_stack_lvl+0xe8/0x140
[  231.848514][T13461]  dump_stack+0x15/0x1b
[  231.848560][T13461]  should_fail_ex+0x265/0x280
[  231.848584][T13461]  should_fail+0xb/0x20
[  231.848618][T13461]  should_fail_usercopy+0x1a/0x20
[  231.848642][T13461]  _copy_from_user+0x1c/0xb0
[  231.848669][T13461]  ___sys_sendmsg+0xc1/0x1d0
[  231.848766][T13461]  __x64_sys_sendmsg+0xd4/0x160
[  231.848811][T13461]  x64_sys_call+0x17ba/0x3000
[  231.848835][T13461]  do_syscall_64+0xd8/0x2c0
[  231.848869][T13461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.848978][T13461] RIP: 0033:0x7f6f36a9f749
[  231.848993][T13461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.849072][T13461] RSP: 002b:00007f6f354ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  231.849091][T13461] RAX: ffffffffffffffda RBX: 00007f6f36cf5fa0 RCX: 00007f6f36a9f749
[  231.849164][T13461] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  231.849176][T13461] RBP: 00007f6f354ff090 R08: 0000000000000000 R09: 0000000000000000
[  231.849188][T13461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.849215][T13461] R13: 00007f6f36cf6038 R14: 00007f6f36cf5fa0 R15: 00007ffdc49e89b8
[  231.849234][T13461]  </TASK>
[  231.850708][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.038606][T12277] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.051732][T13465] loop1: detected capacity change from 0 to 512
[  232.062574][   T29] kauditd_printk_skb: 152 callbacks suppressed
[  232.062592][   T29] audit: type=1400 audit(1765903908.650:12118): avc:  denied  { ioctl } for  pid=13468 comm="syz.3.2976" path="socket:[37527]" dev="sockfs" ino=37527 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  232.113112][T13470] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2972'.
[  232.155033][T13474] FAULT_INJECTION: forcing a failure.
[  232.155033][T13474] name failslab, interval 1, probability 0, space 0, times 0
[  232.167338][T13476] netlink: 'syz.0.2975': attribute type 6 has an invalid length.
[  232.167962][T13474] CPU: 0 UID: 0 PID: 13474 Comm: Ptp Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  232.168005][T13474] Tainted: [W]=WARN
[  232.168015][T13474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  232.168032][T13474] Call Trace:
[  232.168041][T13474]  <TASK>
[  232.168050][T13474]  __dump_stack+0x1d/0x30
[  232.168083][T13474]  dump_stack_lvl+0xe8/0x140
[  232.168159][T13474]  dump_stack+0x15/0x1b
[  232.168251][T13474]  should_fail_ex+0x265/0x280
[  232.168284][T13474]  should_failslab+0x8c/0xb0
[  232.168315][T13474]  kmem_cache_alloc_noprof+0x69/0x4b0
[  232.168418][T13474]  ? alloc_empty_file+0x76/0x200
[  232.168522][T13474]  alloc_empty_file+0x76/0x200
[  232.168558][T13474]  path_openat+0x63/0x23b0
[  232.168631][T13474]  ? selinux_file_open+0x2dc/0x330
[  232.168731][T13474]  ? try_charge_memcg+0x215/0xa10
[  232.168757][T13474]  ? __rcu_read_unlock+0x4f/0x70
[  232.168790][T13474]  ? css_rstat_updated+0xbb/0x280
[  232.168818][T13474]  do_filp_open+0x109/0x230
[  232.168885][T13474]  do_open_execat+0xd8/0x260
[  232.168928][T13474]  open_exec+0x3d/0x60
[  232.168965][T13474]  bm_register_write+0x8a5/0xb40
[  232.169059][T13474]  ? __pfx_bm_register_write+0x10/0x10
[  232.169097][T13474]  vfs_write+0x269/0x960
[  232.169121][T13474]  ? __rcu_read_unlock+0x4f/0x70
[  232.169147][T13474]  ? __fget_files+0x184/0x1c0
[  232.169223][T13474]  ? mutex_lock+0x58/0x90
[  232.169261][T13474]  ksys_write+0xda/0x1a0
[  232.169290][T13474]  __x64_sys_write+0x40/0x50
[  232.169316][T13474]  x64_sys_call+0x2847/0x3000
[  232.169405][T13474]  do_syscall_64+0xd8/0x2c0
[  232.169451][T13474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.169479][T13474] RIP: 0033:0x7f6c1978f749
[  232.169570][T13474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.169593][T13474] RSP: 002b:00007f6c181f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  232.169618][T13474] RAX: ffffffffffffffda RBX: 00007f6c199e5fa0 RCX: 00007f6c1978f749
[  232.169636][T13474] RDX: 0000000000000031 RSI: 0000200000000040 RDI: 0000000000000003
[  232.169652][T13474] RBP: 00007f6c181f7090 R08: 0000000000000000 R09: 0000000000000000
[  232.169669][T13474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.169685][T13474] R13: 00007f6c199e6038 R14: 00007f6c199e5fa0 R15: 00007ffd0bd1ef18
[  232.169804][T13474]  </TASK>
[  232.169817][T13474] binfmt_misc: register: failed to install interpreter file ./file0
[  232.194850][   T29] audit: type=1326 audit(1765903908.770:12119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13477 comm="syz.4.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  232.262663][T13482] loop1: detected capacity change from 0 to 512
[  232.264379][   T29] audit: type=1326 audit(1765903908.840:12120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13477 comm="syz.4.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb7c564b829 code=0x7ffc0000
[  232.269592][T13482] EXT4-fs: Ignoring removed i_version option
[  232.273402][   T29] audit: type=1326 audit(1765903908.840:12121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13477 comm="syz.4.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  232.278147][T13482] EXT4-fs: Ignoring removed bh option
[  232.282110][   T29] audit: type=1326 audit(1765903908.840:12122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13477 comm="syz.4.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  232.282146][   T29] audit: type=1326 audit(1765903908.840:12123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13477 comm="syz.4.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  232.447073][T13482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.482130][   T29] audit: type=1326 audit(1765903908.940:12124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13477 comm="syz.4.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  232.541002][T13482] ext4 filesystem being mounted at /555/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  232.554221][   T29] audit: type=1326 audit(1765903908.940:12125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13477 comm="syz.4.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  232.624187][   T29] audit: type=1326 audit(1765903908.940:12126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13477 comm="syz.4.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  232.643126][T13484] lo speed is unknown, defaulting to 1000
[  232.660902][T13495] loop0: detected capacity change from 0 to 1024
[  232.703383][T13495] EXT4-fs: Ignoring removed nomblk_io_submit option
[  232.727379][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.744271][T13495] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.773998][T13484] chnl_net:caif_netlink_parms(): no params data found
[  232.926849][T12277] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.938530][T13505] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2985'.
[  232.947538][T13505] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2985'.
[  232.993370][T13517] loop3: detected capacity change from 0 to 512
[  233.018875][T13522] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=13522 comm=syz.0.2987
[  233.088575][T13517] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.160732][T13484] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.167949][T13484] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.202706][T13484] bridge_slave_0: entered allmulticast mode
[  233.227849][T13484] bridge_slave_0: entered promiscuous mode
[  233.257757][T13484] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.264949][T13484] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.311939][T13484] bridge_slave_1: entered allmulticast mode
[  233.330075][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.340758][T13484] bridge_slave_1: entered promiscuous mode
[  233.386502][T13484] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  233.403269][T13530] loop3: detected capacity change from 0 to 512
[  233.412691][T13484] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  233.424424][T13530] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1)
[  233.483929][ T8442] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.493770][ T8442] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.496186][T13530] binfmt_misc: register: failed to install interpreter file ./file0
[  233.512712][T13484] team0: Port device team_slave_0 added
[  233.520006][T13484] team0: Port device team_slave_1 added
[  233.543614][T13484] batman_adv: batadv0: Adding interface: batadv_slave_0
[  233.550725][T13484] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  233.576976][T13484] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  233.590699][ T8442] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.600621][ T8442] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.612234][T13484] batman_adv: batadv0: Adding interface: batadv_slave_1
[  233.619325][T13484] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  233.645306][T13484] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.673950][T13536] netlink: 'syz.3.2991': attribute type 6 has an invalid length.
[  233.733036][T13538] loop0: detected capacity change from 0 to 1024
[  233.739868][T13538] EXT4-fs: inline encryption not supported
[  233.745720][T13538] EXT4-fs: Ignoring removed orlov option
[  233.752092][T13538] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  233.772007][T13538] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[  233.780387][T13538] System zones: 0-1, 3-12
[  233.785370][T13538] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.798959][T13538] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2992'.
[  233.810241][T13484] hsr_slave_0: entered promiscuous mode
[  233.818566][T13484] hsr_slave_1: entered promiscuous mode
[  233.831925][T13484] debugfs: 'hsr0' already exists in 'hsr'
[  233.837768][T13484] Cannot create hsr debugfs directory
[  233.843633][T13542] syz_tun: entered allmulticast mode
[  233.851257][ T8442] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.861114][ T8442] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.877607][T13542] loop4: detected capacity change from 0 to 512
[  233.886306][T13540] syz_tun: left allmulticast mode
[  233.921267][ T8442] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.931243][ T8442] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.960280][T13538] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.997337][T13555] netlink: 'syz.4.2997': attribute type 1 has an invalid length.
[  234.005144][T13555] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2997'.
[  234.027253][T13557] netlink: 'syz.0.2998': attribute type 30 has an invalid length.
[  234.053748][   T29] audit: type=1326 audit(1765903910.630:12127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13554 comm="syz.4.2997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  234.092690][ T8442] bridge_slave_1: left allmulticast mode
[  234.098401][ T8442] bridge_slave_1: left promiscuous mode
[  234.104199][ T8442] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.120370][T13563] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  234.133754][T13564] program syz.3.2995 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  234.143749][ T8442] bridge_slave_0: left allmulticast mode
[  234.149583][ T8442] bridge_slave_0: left promiscuous mode
[  234.155356][ T8442] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.169194][T13563] EXT4-fs (loop1): 1 truncate cleaned up
[  234.180039][T13563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.286358][ T8442] bond2 (unregistering): (slave ip6erspan0): Releasing active interface
[  234.325499][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.405136][T13574] netlink: 'syz.4.3001': attribute type 1 has an invalid length.
[  234.639712][ T8442] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  234.650918][ T8442] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  234.661080][ T8442] bond0 (unregistering): Released all slaves
[  234.672747][ T8442] bond1 (unregistering): Released all slaves
[  234.724722][ T8442] bond2 (unregistering): Released all slaves
[  234.765867][T13573] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3002'.
[  234.951041][T13579] syzkaller1: entered promiscuous mode
[  234.956601][T13579] syzkaller1: entered allmulticast mode
[  234.998958][T13582] netlink: 'syz.1.3004': attribute type 6 has an invalid length.
[  235.016349][T13584] syz_tun: entered allmulticast mode
[  235.064386][T13584] pimreg: entered allmulticast mode
[  235.081622][ T8442] tipc: Left network mode
[  235.087033][T13584] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[  235.095642][T13584] mroute: pending queue full, dropping entries
[  235.166164][T13588] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  235.179307][T13587] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  235.189168][T13587] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.205473][ T8442] hsr_slave_0: left promiscuous mode
[  235.212080][ T8442] hsr_slave_1: left promiscuous mode
[  235.218067][ T8442] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.225528][ T8442] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.233557][ T8442] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.241140][ T8442] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.251724][ T8442] veth1_macvtap: left promiscuous mode
[  235.257557][ T8442] veth0_macvtap: left promiscuous mode
[  235.263139][ T8442] veth1_vlan: left promiscuous mode
[  235.268510][ T8442] veth0_vlan: left promiscuous mode
[  235.306600][ T8442] pimreg (unregistering): left allmulticast mode
[  235.343344][ T8442] team0 (unregistering): Port device team_slave_0 removed
[  235.378413][T13588] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  235.390286][T13587] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  235.400115][T13587] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.410948][T13583] syz_tun: left allmulticast mode
[  235.444974][T13484] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  235.461166][T13588] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  235.469173][T13598] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.483725][T13598] ext4 filesystem being mounted at /608/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.494604][T13484] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  235.511979][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.512094][T13587] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  235.530849][T13587] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.542223][T13484] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  235.551183][T13605] netlink: 'syz.3.3012': attribute type 30 has an invalid length.
[  235.551413][T13484] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  235.575164][T13588] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  235.612722][T13484] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.624677][T13484] 8021q: adding VLAN 0 to HW filter on device team0
[  235.633162][T13587] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  235.643216][T13587] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.657427][ T7579] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.664544][ T7579] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.675553][  T874] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.682659][  T874] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.697068][  T874] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  235.714135][ T8441] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  235.729863][ T7579] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  235.743765][ T7579] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  235.761429][ T7579] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  235.769718][ T7579] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.794432][ T7579] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  235.802810][ T7579] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.812347][ T7579] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  235.820614][ T7579] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.836870][ T7579] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  235.845202][ T7579] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.872957][T13484] 8021q: adding VLAN 0 to HW filter on device batadv0
[  235.888388][T13620] geneve2: entered promiscuous mode
[  235.893701][T13620] geneve2: entered allmulticast mode
[  235.900611][  T176] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  235.923654][  T176] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  235.937589][  T176] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  235.954076][  T176] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  236.010963][T13484] veth0_vlan: entered promiscuous mode
[  236.037614][T13484] veth1_vlan: entered promiscuous mode
[  236.044040][T13643] netlink: 'syz.1.3016': attribute type 6 has an invalid length.
[  236.069865][T13484] veth0_macvtap: entered promiscuous mode
[  236.085476][T13484] veth1_macvtap: entered promiscuous mode
[  236.106846][T13484] batman_adv: batadv0: Interface activated: batadv_slave_0
[  236.126024][T13484] batman_adv: batadv0: Interface activated: batadv_slave_1
[  236.142585][ T8441] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  236.157703][ T8441] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  236.167034][ T7579] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  236.188767][ T7579] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  236.254440][T13663] EXT4-fs: Ignoring removed nomblk_io_submit option
[  236.289849][T13663] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.336851][T13665] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.353373][T13484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.448537][T13676] lo speed is unknown, defaulting to 1000
[  236.465737][T13676] lo speed is unknown, defaulting to 1000
[  236.471727][T13676] lo speed is unknown, defaulting to 1000
[  236.496390][T13676] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  236.536869][T13676] lo speed is unknown, defaulting to 1000
[  236.577206][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.584955][T13686] __nla_validate_parse: 2 callbacks suppressed
[  236.584975][T13686] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3027'.
[  236.602954][ T3320] syz_tun (unregistering): left allmulticast mode
[  236.616052][T13676] lo speed is unknown, defaulting to 1000
[  236.620106][T13686] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3027'.
[  236.642289][T13698] netlink: 'syz.1.3029': attribute type 30 has an invalid length.
[  236.656319][T13676] lo speed is unknown, defaulting to 1000
[  236.662272][T13697] set_capacity_and_notify: 8 callbacks suppressed
[  236.662307][T13697] loop2: detected capacity change from 0 to 1024
[  236.662471][T13676] lo speed is unknown, defaulting to 1000
[  236.673522][T13697] EXT4-fs: Ignoring removed nomblk_io_submit option
[  236.690495][T13676] lo speed is unknown, defaulting to 1000
[  236.710899][T13697] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.716364][T13686] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3027'.
[  236.764555][T13484] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.785892][ T8442] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  236.795871][ T8442] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.811448][T13718] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3032'.
[  236.823478][T13718] 9p: Bad value for 'wfdno'
[  236.844834][ T8442] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  236.854806][ T8442] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.878323][T13721] loop2: detected capacity change from 0 to 1024
[  236.892837][T13687] lo speed is unknown, defaulting to 1000
[  236.898301][T13721] EXT4-fs: Ignoring removed nomblk_io_submit option
[  236.920762][ T8442] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  236.930595][ T8442] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.981135][T13733] syz_tun: entered allmulticast mode
[  236.993192][T13687] chnl_net:caif_netlink_parms(): no params data found
[  237.000857][T13733] loop0: detected capacity change from 0 to 512
[  237.010137][ T8442] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  237.020054][ T8442] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.034907][T13731] syz_tun: left allmulticast mode
[  237.066329][   T29] kauditd_printk_skb: 398 callbacks suppressed
[  237.066348][   T29] audit: type=1326 audit(1765903913.650:12526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13690 comm="syz.4.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb7c56a65e7 code=0x7ffc0000
[  237.100556][T13739] loop2: detected capacity change from 0 to 512
[  237.108899][   T29] audit: type=1326 audit(1765903913.680:12527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13690 comm="syz.4.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb7c564b829 code=0x7ffc0000
[  237.132645][   T29] audit: type=1326 audit(1765903913.680:12528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13690 comm="syz.4.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb7c56a65e7 code=0x7ffc0000
[  237.138910][T13741] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3040'.
[  237.156185][   T29] audit: type=1326 audit(1765903913.680:12529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13690 comm="syz.4.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb7c564b829 code=0x7ffc0000
[  237.188921][   T29] audit: type=1326 audit(1765903913.680:12530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13690 comm="syz.4.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  237.212474][   T29] audit: type=1326 audit(1765903913.700:12531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13690 comm="syz.4.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb7c56a65e7 code=0x7ffc0000
[  237.228139][T13744] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3040'.
[  237.236199][   T29] audit: type=1326 audit(1765903913.700:12532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13690 comm="syz.4.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb7c564b829 code=0x7ffc0000
[  237.268544][   T29] audit: type=1326 audit(1765903913.700:12533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13690 comm="syz.4.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fb7c56af749 code=0x7ffc0000
[  237.295563][   T29] audit: type=1326 audit(1765903913.740:12534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13690 comm="syz.4.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb7c56a65e7 code=0x7ffc0000
[  237.319391][   T29] audit: type=1326 audit(1765903913.740:12535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13690 comm="syz.4.3030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb7c564b829 code=0x7ffc0000
[  237.357346][T13687] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.364616][T13687] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.372091][T13687] bridge_slave_0: entered allmulticast mode
[  237.379546][T13687] bridge_slave_0: entered promiscuous mode
[  237.387360][ T8442] bridge_slave_1: left allmulticast mode
[  237.393041][ T8442] bridge_slave_1: left promiscuous mode
[  237.398825][ T8442] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.406981][ T8442] bridge_slave_0: left allmulticast mode
[  237.412744][ T8442] bridge_slave_0: left promiscuous mode
[  237.418509][ T8442] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.470933][T13753] loop4: detected capacity change from 0 to 1024
[  237.477799][T13753] EXT4-fs: inline encryption not supported
[  237.483745][T13753] EXT4-fs: Ignoring removed orlov option
[  237.490692][T13753] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  237.526199][T13753] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[  237.534350][T13753] System zones: 0-1, 3-12
[  237.545854][ T8442] bond1 (unregistering): (slave gretap1): Releasing active interface
[  237.553999][ T8442] gretap1 (unregistering): left allmulticast mode
[  237.585372][T13765] loop1: detected capacity change from 0 to 1024
[  237.592183][T13765] EXT4-fs: inline encryption not supported
[  237.598083][T13765] EXT4-fs: Ignoring removed orlov option
[  237.604274][T13765] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  237.618329][T13765] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[  237.626674][T13765] System zones: 0-1, 3-12
[  237.778655][T13780] loop2: detected capacity change from 0 to 512
[  237.785578][T13780] EXT4-fs: Ignoring removed bh option
[  237.791654][T13780] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  237.801252][T13780] EXT4-fs (loop2): 1 truncate cleaned up
[  237.812319][ T8442] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  237.822432][ T8442] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  237.832252][ T8442] bond0 (unregistering): Released all slaves
[  237.842560][ T8442] bond1 (unregistering): Released all slaves
[  237.851304][ T8442] bond2 (unregistering): Released all slaves
[  237.860394][ T8442] bond3 (unregistering): left allmulticast mode
[  237.866860][ T8442] bond3 (unregistering): left promiscuous mode
[  237.874952][ T8442] team0: Port device macvlan2 removed
[  237.882970][ T8442] bond3 (unregistering): Released all slaves
[  237.891792][T13687] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.898987][T13687] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.906225][T13687] bridge_slave_1: entered allmulticast mode
[  237.912816][T13687] bridge_slave_1: entered promiscuous mode
[  237.919407][T13753] netlink: 80 bytes leftover after parsing attributes in process `syz.4.3042'.
[  237.928555][T13765] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3043'.
[  237.955819][T13687] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.968636][T13687] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.981143][ T8442] hsr_slave_0: left promiscuous mode
[  237.987822][ T8442] hsr_slave_1: left promiscuous mode
[  237.993570][ T8442] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  238.001169][ T8442] batman_adv: batadv0: Removing interface: batadv_slave_0
[  238.010806][T13783] loop0: detected capacity change from 0 to 1024
[  238.017939][T13783] EXT4-fs: Ignoring removed orlov option
[  238.024261][ T8442] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  238.031765][ T8442] batman_adv: batadv0: Removing interface: batadv_slave_1
[  238.064038][ T8442] veth1_macvtap: left promiscuous mode
[  238.069928][ T8442] veth0_macvtap: left promiscuous mode
[  238.075503][ T8442] veth1_vlan: left promiscuous mode
[  238.081098][ T8442] veth0_vlan: left promiscuous mode
[  238.146614][ T8442] pimreg (unregistering): left allmulticast mode
[  238.163306][T13791] loop1: detected capacity change from 0 to 512
[  238.173033][T13792] xt_CT: You must specify a L4 protocol and not use inversions on it
[  238.199130][T13795] loop4: detected capacity change from 0 to 1024
[  238.205074][T13798] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3045'.
[  238.206532][T13795] EXT4-fs: Ignoring removed nomblk_io_submit option
[  238.249603][ T8442] team0 (unregistering): Port device team_slave_1 removed
[  238.327265][ T8442] team0 (unregistering): Port device team_slave_0 removed
[  238.420713][T13687] team0: Port device team_slave_0 added
[  238.437067][T13687] team0: Port device team_slave_1 added
[  238.882125][T13687] batman_adv: batadv0: Adding interface: batadv_slave_0
[  238.889139][T13687] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  238.915259][T13687] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  238.927451][T13687] batman_adv: batadv0: Adding interface: batadv_slave_1
[  238.934413][T13687] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  238.960472][T13687] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.971950][T13809] syzkaller1: entered promiscuous mode
[  238.977475][T13809] syzkaller1: entered allmulticast mode
[  239.032853][T13816] netlink: 'syz.2.3056': attribute type 6 has an invalid length.
[  239.033851][T13687] hsr_slave_0: entered promiscuous mode
[  239.047349][T13687] hsr_slave_1: entered promiscuous mode
[  239.245430][T13829] netlink: 'syz.2.3061': attribute type 1 has an invalid length.
[  239.253237][T13829] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3061'.
[  239.298653][T13834] syzkaller1: entered promiscuous mode
[  239.304298][T13834] syzkaller1: entered allmulticast mode
[  239.362552][T13842] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.440034][T13858] syz_tun: entered allmulticast mode
[  239.446348][T13857] syz_tun: left allmulticast mode
[  239.483751][T13687] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  239.492796][ T3315] ==================================================================
[  239.500959][ T3315] BUG: KCSAN: data-race in avc_policy_seqno / avc_ss_reset
[  239.508283][ T3315] 
[  239.510623][ T3315] write to 0xffffffff88f04c28 of 4 bytes by task 13863 on cpu 1:
[  239.511444][T13687] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  239.518350][ T3315]  avc_ss_reset+0x20c/0x240
[  239.518395][ T3315]  security_set_bools+0x301/0x340
[  239.534678][ T3315]  sel_commit_bools_write+0x1ea/0x270
[  239.540064][ T3315]  vfs_writev+0x406/0x8b0
[  239.544405][ T3315]  do_writev+0xe7/0x210
[  239.548569][ T3315]  __x64_sys_writev+0x45/0x50
[  239.553343][ T3315]  x64_sys_call+0x1ba5/0x3000
[  239.558056][ T3315]  do_syscall_64+0xd8/0x2c0
[  239.562698][ T3315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.568614][ T3315] 
[  239.570951][ T3315] read to 0xffffffff88f04c28 of 4 bytes by task 3315 on cpu 0:
[  239.578521][ T3315]  avc_policy_seqno+0x15/0x30
[  239.583209][ T3315]  selinux_inode_permission+0x3bc/0x7c0
[  239.588769][ T3315]  security_inode_permission+0x6d/0xb0
[  239.594254][ T3315]  inode_permission+0x20e/0x3c0
[  239.599118][ T3315]  link_path_walk+0x899/0xe30
[  239.603818][ T3315]  __filename_parentat+0x15c/0x3f0
[  239.608945][ T3315]  do_unlinkat+0x94/0x4b0
[  239.613285][ T3315]  __x64_sys_unlink+0x2e/0x40
[  239.617993][ T3315]  x64_sys_call+0x2f48/0x3000
[  239.622688][ T3315]  do_syscall_64+0xd8/0x2c0
[  239.627211][ T3315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.633114][ T3315] 
[  239.635464][ T3315] value changed: 0x00000003 -> 0x00000004
[  239.641182][ T3315] 
[  239.643510][ T3315] Reported by Kernel Concurrency Sanitizer on:
[  239.649705][ T3315] CPU: 0 UID: 0 PID: 3315 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  239.661174][ T3315] Tainted: [W]=WARN
[  239.665004][ T3315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  239.675079][ T3315] ==================================================================
[  239.702427][T13687] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  239.718716][T13865] FAULT_INJECTION: forcing a failure.
[  239.718716][T13865] name failslab, interval 1, probability 0, space 0, times 0
[  239.731460][T13865] CPU: 1 UID: 0 PID: 13865 Comm: syz.1.3070 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  239.731561][T13865] Tainted: [W]=WARN
[  239.731568][T13865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  239.731581][T13865] Call Trace:
[  239.731588][T13865]  <TASK>
[  239.731598][T13865]  __dump_stack+0x1d/0x30
[  239.731629][T13865]  dump_stack_lvl+0xe8/0x140
[  239.731658][T13865]  dump_stack+0x15/0x1b
[  239.731719][T13865]  should_fail_ex+0x265/0x280
[  239.731745][T13865]  should_failslab+0x8c/0xb0
[  239.731766][T13865]  __kmalloc_cache_noprof+0x65/0x4c0
[  239.731804][T13865]  ? pagemap_read+0x184/0x5e0
[  239.731858][T13865]  pagemap_read+0x184/0x5e0
[  239.731885][T13865]  ? __pfx_pagemap_read+0x10/0x10
[  239.731997][T13865]  vfs_read+0x1a8/0x770
[  239.732018][T13865]  ? __fget_files+0x184/0x1c0
[  239.732084][T13865]  ? __rcu_read_unlock+0x4f/0x70
[  239.732152][T13865]  ? __fget_files+0x184/0x1c0
[  239.732175][T13865]  ? mutex_unlock+0x4f/0x90
[  239.732203][T13865]  __x64_sys_pread64+0xfd/0x150
[  239.732225][T13865]  x64_sys_call+0x281b/0x3000
[  239.732284][T13865]  do_syscall_64+0xd8/0x2c0
[  239.732319][T13865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.732364][T13865] RIP: 0033:0x7f6f36a9f749
[  239.732380][T13865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.732399][T13865] RSP: 002b:00007f6f354ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  239.732418][T13865] RAX: ffffffffffffffda RBX: 00007f6f36cf5fa0 RCX: 00007f6f36a9f749
[  239.732432][T13865] RDX: 0000000000019000 RSI: 0000200000000200 RDI: 0000000000000007
[  239.732444][T13865] RBP: 00007f6f354ff090 R08: 0000000000000000 R09: 0000000000000000
[  239.732457][T13865] R10: 0000001000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.732470][T13865] R13: 00007f6f36cf6038 R14: 00007f6f36cf5fa0 R15: 00007ffdc49e89b8
[  239.732550][T13865]  </TASK>
[  239.732635][T13687] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  239.960530][T13687] 8021q: adding VLAN 0 to HW filter on device bond0
[  239.972223][T13687] 8021q: adding VLAN 0 to HW filter on device team0
[  239.981661][ T8442] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.988782][ T8442] bridge0: port 1(bridge_slave_0) entered forwarding state
[  239.999866][ T8439] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.006942][ T8439] bridge0: port 2(bridge_slave_1) entered forwarding state
[  240.071865][T13687] 8021q: adding VLAN 0 to HW filter on device batadv0
[  240.134390][T13687] veth0_vlan: entered promiscuous mode
[  240.142260][T13687] veth1_vlan: entered promiscuous mode
[  240.157383][T13687] veth0_macvtap: entered promiscuous mode
[  240.164590][T13687] veth1_macvtap: entered promiscuous mode
[  240.175336][T13687] batman_adv: batadv0: Interface activated: batadv_slave_0
[  240.186705][T13687] batman_adv: batadv0: Interface activated: batadv_slave_1
[  240.197326][ T8435] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.206502][ T8435] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.215394][ T8435] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.228786][ T8435] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0