last executing test programs:

30.22368988s ago: executing program 3 (id=360):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
getuid()
setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)={0x1c, r1, 0x1, 0x0, 0x25dfdbfc, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x4}]}, 0x1c}}, 0x2000c050)

29.582829643s ago: executing program 3 (id=373):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x80, 0x0, 0x8, 0x1, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={&(0x7f0000000100), 0xc}, 0x0, 0x0, 0x800000, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x9}]})
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x40}, 0x18)
r1 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCSFEATURE(r1, 0xc0404806, 0x0)

28.720176249s ago: executing program 3 (id=382):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x25c, &(0x7f0000000440)=@framed={{0x18, 0x2}, [@printk={@ld}, @call={0x85, 0x0, 0x0, 0x7}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc}, 0x94)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x73000000, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="0213f803030000002cbd7000fddbdf250100"], 0x18}}, 0x2000)

28.649644061s ago: executing program 3 (id=383):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80) (async)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200008, &(0x7f00000003c0), 0xff, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy6bXbzqxuzdT4fmPa9mdm8+e6b7+x7O7tsAIU1kv1Ting1Ir5JIg63bRuMfOPIyn5Lj29MZksSy8uf/ZlEkq9r7Z/k/x/MK69ExK9fRZwsrW23vrA4U6lW07m8PtqYvTpaX1g8dXm2Mp1Op1fGJybOvDMx/v577/Ys1jcv/P39p/c/OvP18aXvfn545G4S5+JQvq09judwq70yEiP5czIU557ZcawHjfWTZLcPgG0ZyPN8KLJrwOEYyLMe+P+7GRHLQEEl8h8KqjUOaM3tezQPfmE8+nBlArQ2/sGV90ZiX3NudGApeWpmlM13h3vQftbGL3/cu5stscH7EDd70B5Ay63bEXF6cHAnrv+nm28er2/kmXrRXn9gN93Pxj9vdRr/lFbHP9Fh/HOwQ+5ux8b5X3rYg2a6ysZ/H3Qc/65euoYH8tpLzTHfUHLpcjU9HREvR8SJGNqb1de7n3Nm6cFyt23t479sydpvjQXz43g4uPfpx0xVGpXnibndo9sRrz0Z/yaxGn+y2v9Jh/7Pno8Lm2zjWHrv9W7bNo6/Xe9HwMs/RbzRsf+f3NFK1r8/Odo8H0ZbZ8Vaf9059lu39rcWf+9l/X9g/fiHk/b7tfWtt/Hjvn/Sbtu2e/7vST5vlvfk665XGo25sYg9ySdr148/eWyr3to/i//E8fWvf53O//0R8cUm479z9E7XXfuh/6e21P9bLzz4+MsfurW/uf5/u1k6ka/ZzPVvswf4PM8dAAAAAAAA9JtSRByKpFReLZdK5fLK5zuOxoFStVZvnLxUm78yFc3vyg7HUKl1p/tw2+chxvLPw7bq48/UJyLiSER8O7C/WS9P1qpTux08AAAAAAAAAAAAAAAAAAAA9ImDXb7/n/l9YLePDthxfvIbimvD/O/FLz0BfcnrPxSX/Ifikv9QXPIfikv+Q3HJfygu+Q/FJf8BAAAAAAAAAAAAAAAAAAAAAAAAAACgpy6cP58ty0uPb0xm9alrC/MztWunptL6THl2frI8WZu7Wp6u1aaraXmyNrvR36vWalfHxmP++mgjrTdG6wuLF2dr81caFy/PVqbTi+nQfxIVAAAAAAAAAAAAAAAAAAAAvFjqC4szlWo1nVPoWjgbfXEY2y4kG/Xy2fxk2FYTg7sfoMIOFHb5wgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbf4NAAD//y2HM6Y=")
syz_io_uring_setup(0x7393, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000380)={0x2})
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$getregset(0x4205, r1, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28}) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000300)=ANY=[@ANYRES64=r2, @ANYRESDEC=0x0, @ANYRESHEX=r0], 0x0}, 0x94) (async, rerun: 32)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 32)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) (async)
listen(r4, 0xfff) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYRESHEX=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) (async, rerun: 32)
r5 = fspick(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x1) (rerun: 32)
fcntl$F_GET_FILE_RW_HINT(r5, 0x40d, &(0x7f0000000200)) (async, rerun: 32)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ba}, 0x94) (async, rerun: 32)
r8 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) (rerun: 32)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb0100180000000000000028000000280000000700000000000000000000050affff0f0000000002000006040000000500000004000000040000008d000000002e305f5f2e"], &(0x7f0000000f40)=""/4089, 0x47, 0xff9, 0x1}, 0x28)
ftruncate(r8, 0x2007ffc) (async)
sendfile(r8, r8, 0x0, 0x800000009) (async)
r9 = open(&(0x7f0000000340)='./file1\x00', 0x4000, 0x0)
preadv2(r9, &(0x7f0000000400)=[{&(0x7f0000002200)=""/4111, 0x100f}, {&(0x7f0000000940)=""/194, 0xc2}], 0x2, 0x0, 0x0, 0x12) (async, rerun: 32)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000080200002100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESOCT=r6, @ANYRES8=r1], 0x50) (rerun: 32)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xd, 0x8, &(0x7f0000000740)=ANY=[@ANYRES16=r0, @ANYRES32=r10, @ANYRES32=r7], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000540)='rxrpc_disconnect_call\x00', r11, 0x0, 0x4000000000}, 0x68ddb17a9ad3f604)

28.393819196s ago: executing program 3 (id=386):
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[], 0x48)
syz_io_uring_setup(0x2421, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = getpid()
preadv(0xffffffffffffffff, 0x0, 0x0, 0x7fff, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000a01010039ffffff000000020000000900010073797a300000000048000000030a01010000000000000000020000000900010073797a30000000000900030073797a3200000000080007006e617400140004800800024000000000080001"], 0x244c}}, 0x0)

27.101743341s ago: executing program 3 (id=400):
socket$pppoe(0x18, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="09000000040000000800000010"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000002200850000000300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socket$netlink(0x10, 0x3, 0x13)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2000759, &(0x7f00000009c0)={[{@dioread_nolock}, {@noblock_validity}, {@usrquota}, {@data_ordered}, {@abort, 0x0}, {@noauto_da_alloc}, {@noload}, {@minixdf}, {@mblk_io_submit}, {@lazytime}, {@usrjquota}, {@nolazytime}, {@journal_dev={'journal_dev', 0x3d, 0x724}}, {@norecovery}, {@nouser_xattr}, {@journal_checksum}, {@sysvgroups}], [{@audit}, {@fowner_gt={'fowner>', 0xee00}}], 0x2c}, 0x6, 0x4fc, &(0x7f0000001a40)="$eJzs3M1vFOUfAPDvbLe0/QG/VnzjTVlFY6OR0vJ68ABEEy4mJhqDx9oWghQwtCZAGluMgcSDhr/Al5uJf4EnvRg1HjReJV6NCTG9gB7MmtmdrdtOt290u5Z+Pskuz8zO7PN8Z+ZhnpedBrBhldK3JGJLRPwSEd3VxdkblKr/3J2eGPpzemIoiXL51T+SynZ3pieGapvW9tucLfQWIgrvJ7Ern23H2JWr5wZHR0cuZSv6xgtZ6vzgmZEzIxcGjh49eKDryOGBQ6sSZ1qmOzvfvbh7x8k3br48dOrmm999kZa3XDVZH0dVT+V905JzaMutKUVp9rGs8/Tyiv+ft7UunRTT90LrCsOSpVdterraK/W/O9oqS1Xd8dJ7LS0c0FTpza8jt3bmXjZVrpcktRvmtTJwH0ii1SUAWqN2o78znfZUJ4by/eD72+3jUekBpXHfzV7VT4qVHmypp9o3am9S/g9FxKmpvz5OXzFnPAUAoBm+Oh5x40QU03ZH7VX9pBCP1G33/2xuqCciHoiIbRHxYNZ+eTiisu2jEbG9bp+tS5gFKM1Zzrd/furKEvXN1VWTtv9eyOa2Zrf/Zkre05Ytba3E356cPjs6sj87Jr3R3pEu9+e/emZY7esXf/6oUf6luvZf+krzr7UFs3L8XpwzQDc8OD54r3HX3L5WObCT+fiTKCa1VMSOiNi5gu9Pj9nZZz/f3ejzWfGncebi/7DxlxdXUKA5yp9GPFM9/1MxJ/7I5v+Syvzk+bf7xq5cff5s/fxk/5HDA4f6OmN0ZH9f7arI+/7H669kyVw3YoHzX6saTZ1IS8///+a9/mdmLnvS1Mx87djy87h+60bDPs1Kr/9NyWuVdG1+9vLg+Pil/ohNyVR+/cC/+14e7Jq1fRp/79756/+2iL8/yfbbFRHpRfxYRDweEXuysj8REU9GxN4F4v/2xFNvNepCLh5/c6XxDy/r/DdKHPshYv6P2s5982Uu4w9Kufjbo9H5P1hJ9WZrhgfHOxeLa6GS1ifu+QACAADAOrAnIrZEUtiXDTRtiUJh376IzTMjKGPjz52++M6F4eozAj3RXqiNdHXXjYf2Z2PD6XK610Ddcvr5gcq4cblcLnely2n/fXR7a0OHDW9zg/qf+i3/SAtwv1nWPFqjJ9qAdWlu/b+15D1X/wcZwNpahd/RAOuU+g8b15Lrf7OeggNaZr76PxlxtwVFAdbYfPX/9dyaY2tSFmBt6f/DxrXy+u/HALDeuf/DhrSkh+RXkNh2coFtkmJzMm2cKMTCfwWgJ6K2ptamWfgLfy1ErE4J21Y10q5Z57Qw7zadsRp5RWHRbYrL+EMMzUh0Nsy90JLyNEh0RMQiV+/MxTZZS1xtdsEqleCz1v7vBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcO/+CQAA//9DYNmu")

27.085963681s ago: executing program 32 (id=400):
socket$pppoe(0x18, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="09000000040000000800000010"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000002200850000000300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socket$netlink(0x10, 0x3, 0x13)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2000759, &(0x7f00000009c0)={[{@dioread_nolock}, {@noblock_validity}, {@usrquota}, {@data_ordered}, {@abort, 0x0}, {@noauto_da_alloc}, {@noload}, {@minixdf}, {@mblk_io_submit}, {@lazytime}, {@usrjquota}, {@nolazytime}, {@journal_dev={'journal_dev', 0x3d, 0x724}}, {@norecovery}, {@nouser_xattr}, {@journal_checksum}, {@sysvgroups}], [{@audit}, {@fowner_gt={'fowner>', 0xee00}}], 0x2c}, 0x6, 0x4fc, &(0x7f0000001a40)="$eJzs3M1vFOUfAPDvbLe0/QG/VnzjTVlFY6OR0vJ68ABEEy4mJhqDx9oWghQwtCZAGluMgcSDhr/Al5uJf4EnvRg1HjReJV6NCTG9gB7MmtmdrdtOt290u5Z+Pskuz8zO7PN8Z+ZhnpedBrBhldK3JGJLRPwSEd3VxdkblKr/3J2eGPpzemIoiXL51T+SynZ3pieGapvW9tucLfQWIgrvJ7Ern23H2JWr5wZHR0cuZSv6xgtZ6vzgmZEzIxcGjh49eKDryOGBQ6sSZ1qmOzvfvbh7x8k3br48dOrmm999kZa3XDVZH0dVT+V905JzaMutKUVp9rGs8/Tyiv+ft7UunRTT90LrCsOSpVdterraK/W/O9oqS1Xd8dJ7LS0c0FTpza8jt3bmXjZVrpcktRvmtTJwH0ii1SUAWqN2o78znfZUJ4by/eD72+3jUekBpXHfzV7VT4qVHmypp9o3am9S/g9FxKmpvz5OXzFnPAUAoBm+Oh5x40QU03ZH7VX9pBCP1G33/2xuqCciHoiIbRHxYNZ+eTiisu2jEbG9bp+tS5gFKM1Zzrd/furKEvXN1VWTtv9eyOa2Zrf/Zkre05Ytba3E356cPjs6sj87Jr3R3pEu9+e/emZY7esXf/6oUf6luvZf+krzr7UFs3L8XpwzQDc8OD54r3HX3L5WObCT+fiTKCa1VMSOiNi5gu9Pj9nZZz/f3ejzWfGncebi/7DxlxdXUKA5yp9GPFM9/1MxJ/7I5v+Syvzk+bf7xq5cff5s/fxk/5HDA4f6OmN0ZH9f7arI+/7H669kyVw3YoHzX6saTZ1IS8///+a9/mdmLnvS1Mx87djy87h+60bDPs1Kr/9NyWuVdG1+9vLg+Pil/ohNyVR+/cC/+14e7Jq1fRp/79756/+2iL8/yfbbFRHpRfxYRDweEXuysj8REU9GxN4F4v/2xFNvNepCLh5/c6XxDy/r/DdKHPshYv6P2s5982Uu4w9Kufjbo9H5P1hJ9WZrhgfHOxeLa6GS1ifu+QACAADAOrAnIrZEUtiXDTRtiUJh376IzTMjKGPjz52++M6F4eozAj3RXqiNdHXXjYf2Z2PD6XK610Ddcvr5gcq4cblcLnely2n/fXR7a0OHDW9zg/qf+i3/SAtwv1nWPFqjJ9qAdWlu/b+15D1X/wcZwNpahd/RAOuU+g8b15Lrf7OeggNaZr76PxlxtwVFAdbYfPX/9dyaY2tSFmBt6f/DxrXy+u/HALDeuf/DhrSkh+RXkNh2coFtkmJzMm2cKMTCfwWgJ6K2ptamWfgLfy1ErE4J21Y10q5Z57Qw7zadsRp5RWHRbYrL+EMMzUh0Nsy90JLyNEh0RMQiV+/MxTZZS1xtdsEqleCz1v7vBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcO/+CQAA//9DYNmu")

4.380161394s ago: executing program 5 (id=748):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0xef, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd84ef128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

4.293833096s ago: executing program 5 (id=749):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="84010000100013070000000000000000ac1e0101000000000000000100000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb000004d332000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004800020063626328616573290000"], 0x184}}, 0x0)

4.131622259s ago: executing program 5 (id=754):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
syz_open_dev$tty1(0xc, 0x4, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000000), 0x2c, 0x516, &(0x7f0000000740)="$eJzs3c9vG1kdAPCvnV9umm6ysIcFAVuWhYKq2om7G632wnJBQqvVIi2cEGqjxI2i2HEUO6UJkUjPXJGoxAn+BA5IHJB64s4NblzKAalABWqQEPJq7HGbOHFiNXHcxp+PNPJ7MxN/v8/SvBc/2/MCGFpXI2I3IsYj4nZETKf7M+kWH7a25LynT3YW957sLGai0fj0n6PpmTuL7fPbLqfPmYv4JKlPHBG3trW9ulAulzbSeqFeWS/UtrZvrFQWlkvLpbVicX5ufvb9m+8Vz6ytb1V++/i7Kx/98A+///KjP+1+66dJzt9OjyVtO7NA+7Rel7GY2rcveeU+6kewARhJ2zM+6ER4IdmI+FxEvJ2Wn8kNLicAoL8ajeloTO+vd5fp4RwA4OWXvOefikw2n77/n4psNp9vzuHl3ojJbLlaq1+/U91cW4rmHNZMjGXvrJRLs+lc4UyMZZL6XLP8vF7sqN+MiNcj4hcTl5r1/GK1vDSof3oAYMhd7hj//zPRGv974BMCAHiVGckBYPgcHv/HBpIHAHB+vP8HgOGzb/w/6re6AMAFlOv47T8AcPGdOP//Zvzsx+eTCgBwTnz+DwBD5fsff5xsjb30/tdLd7c2V6t3byyVaqv5yuZifrG6sZ5frlaXm/fsqZz0fOVqdX3u3di8V6iXavVCbWv7VqW6uVa/1byv962SHxYAwOC9/tbDv2QiYveDS80t2ms5+EIAXHgucxheI4NOABiY0UEnAAyM+Xggc8Lxrl8RetD9by6dIh+g/659ocv8//H/G/y/cT7pAX1k/h+G1+nm/80ewKvM/D8Mr0YjYz1/ABgyPbyD9xVBuOBe+PN/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGGJTzS2TzadrgU9FNpvPR1yJiJkYy9xZKZdmI+K1iPjzxNhEUp8bdNIAwCll/55J1/+6Nv3OVOfR8cx/J5qPEfGTX336y3sL9frGXLL/X8/21x+k+4tHBpjofxsAgH1GO3e0x+n2ON5e3/fpk53F9naeCT7+Tmtx0STuXrq1U28ln4uxiJj8d+ZAYzJntDDx7v2IeLOz/dlnx2fSlU874yexr/QtfjRbOHUgfvZA/GzzWOsxeS0+fwa5wLB5mPQ/Hx51/WXjavMxvf4yBzvTXPz8cOf6Atr9316js/9rXe+fXMk1+5qj+r+rvcZ494/f63rs/kjji6MRe4f63/aK0Llm6aj47/QY/69f+srb3Y41fh1xLY6L3yoV6pX1Qm1r+8ZKZWG5tFxaKxbn5+Zn37/5XrHQnKMutGeqD/vHB9df697+iMku8XMntP/rPbb/N/+7/aOvHhP/m187Kn423jgmfjImfqPH+AuTv+u6fHcSf6lL+0cPxB8/8HfJvus9xn/0t+2lHk8FAM5BbWt7daFcLm0onLaQ69czX35JGqhwTGEkyu35qJcin1MXBtwxAX33/KIfdCYAAAAAAAAAAAAAAEA3tR+kt/zr44/hBt1GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALq7PAgAA//+iDcmp") (fail_nth: 47)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_open_dev$usbmon(0x0, 0x2, 0x0)

3.419158033s ago: executing program 5 (id=760):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000140)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6"], 0x0}, 0x94)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x810004, &(0x7f0000000ac0)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x04\xc3\x00\x00\x00\x00\x00\x00\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000100)='name', &(0x7f0000000140)='ccnA\xf6gr\xe7lo_', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_io_uring_setup(0x6f35, &(0x7f0000000480)={0x0, 0x4525, 0x0, 0x1, 0x12d}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000640)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r5, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x6})
ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000))
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d15, 0x0, @fd=r2, 0x0, 0x0, 0x1, 0x1})
io_uring_enter(r2, 0x22d0, 0x20, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)={0x34, r8, 0xcd3a991b146a25f, 0x70bd2e, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x4}, @ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008804}, 0x400a4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r9, 0x0, 0x800000000006}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
setgroups(0x0, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r2, 0xb, &(0x7f0000000280)=[@ioring_restriction_register_op={0x0, 0x2}, @ioring_restriction_sqe_flags_required={0x3, 0x5}, @ioring_restriction_sqe_op={0x1, 0x1c}, @ioring_restriction_sqe_op={0x1, 0x18}, @ioring_restriction_sqe_flags_required={0x3, 0x1a}, @ioring_restriction_sqe_op, @ioring_restriction_sqe_op], 0x7)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a"], 0xa8}, 0x1, 0x0, 0x0, 0x20040040}, 0x0)
close(r1)

3.05687562s ago: executing program 5 (id=765):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010700000000fcdbdf2567000000080006"], 0x38}}, 0x40)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="5953fdfffffffddbdf256b000000080043"], 0x28}}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_MPP(r4, &(0x7f00000004c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000128bd7000fbdbdf256b00000008000300", @ANYRES32=r5, @ANYBLOB="0c00990008000000790000000a001a00ffffffffffff00000a00060008021100000100000a00060008021100000100000a00060008021100000100ee0a0006000802110000000000"], 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x48050)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0x34, r1, 0x2, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x10001}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x7}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x94}]}, 0x34}, 0x1, 0x0, 0x0, 0x8040}, 0x800)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKseMQO6UJkUj/BpBA4gR/AgckDkg9ceDGEYkDQpQDUoEItEHiYDRjJ+smNmtqx+7Gn480O/Pmzcz3PWdn3vNz4hfA1LoeEQcRMR8Rb0TEYmd/0lnilfaSHffgcH/l6HB/JYlW6/W/J3l+ti+6zsk82blmISK+/pWIbydn4zZ29zaWq9XKdiddata2So3dvVvrteW1ylpls1y+u3T39ot3XiiPrK7Xar9478vrr37j17/65Lu/O/ji97NiXe7kdddjlNpVnzuJk5mNiFfPI9gEzHTW8xMuBx9MGhEfiYjP5Pf/Yszk/zsBgIus1VqM1mJ3GgC46NJ8DCxJixGRpp1OQLE9hvdMXEqr9Ubz5v36zuZqe6zsSsyl99erldtXF/7w3fzguSRLL+V5eX6eLp9K34mIqxHxo4Un8nRxpV5dnUyXBwCm3pPd7X9E/GshTYvFgU7t8akeAPDYKEy6AADA2Gn/AWD6aP8BYPoM0P53Puw/OPeyAADj4f0/AEwf7T8ATB/tPwBMla+99lq2tI4633+9+ubuzkb9zVurlcZGsbazUlypb28V1+r1tfw7e2qPul61Xt9aej523io1K41mqbG7d69W39ls3su/1/teZW4stQIA/per1975fRIRBy89kS/RNZeDthoutnSERwGPl5lhTtZBgMea2b5geg3UhOedhN+ee1mAyej5Zd6Fnpvv95P/I4jfM4IPlRsfH3z83xzPcLEY2Yfp9cHG/18eeTmA8TP+D9Or1UpOz/k/f5IFAFxIQ/wKX+sHo+qEABP1qMm8R/L5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwwlyPiO5GkxXwu8DT7Ny0WI56KiCsxl9xfr1ZuR8TTcS0i5hay9NKkCw0ADCn9a9KZ/+vG4nOXT+fOJ/9eyNcR8b2fvv7jt5abze2lbP8/TvYvHE8fVn543hDzCgIAg/vzIAfl7Xe5s+56I//gcH/leDnHMp7x3pdOJh9dOTrcz5d2zmy0Wq1WRCHvS1z6ZxKznXMKEfFsRMyMIP7B2xHxsV71T/KxkSudmU+740cn9lNjjZ++L36a57XX2cv30RGUBabNO9nz55Ve918a1/N17/u/kD+hhpc//woRx8++o674s51IMz3iZ/f89UFjPP+br57Z2Vps570d8exsr/jJSfykT/znBoz/x0986ocv98lr/SziRvSO3x2r1KxtlRq7e7fWa8trlbXKZrl8d+nu7RfvvFAu5WPUpeOR6rP+9tLNp/uVLav/pT7xCz3rP39y7ucGrP/P//PGtz79MLlwOv4XPtv75/9Mz/htWZv4+QHjL1/6Zd/pu7P4q33q/6if/80B47/7l73VAQ8FAMagsbu3sVytVraH2sjehY7iOmc2siIOdvBxd3G4oH+KfGNEL0ufjawzNsjBc+f1qp77xuxJX3G0V/5mdsUxVycdeS2G2ngwrliTeyYB4/Hwpp90SQAAAAAAAAAAAAAAgH7G8adLk64jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9d/AwAA//8+JMPM")
timer_create(0x1, &(0x7f00000000c0)={0x0, 0x16, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r6=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
socket$inet_sctp(0x2, 0x5, 0x84)
timer_settime(r6, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r7 = gettid()
tkill(r7, 0x13)
creat(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
mknod(&(0x7f0000000280)='./file0\x00', 0x1ffa, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2029c1b, 0x0, 0x1, 0x0, &(0x7f0000000080))
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1b)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x194)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2.049375589s ago: executing program 2 (id=779):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'vlan0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000017400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1], 0xb4}}, 0x0)

1.837840674s ago: executing program 2 (id=782):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x0, 0x4}, {}, {0x6}, {}, {0xb1, 0x0, 0xfe}, {0xf792}, {0x3}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)

1.739315976s ago: executing program 2 (id=784):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e0000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r2, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0x600, 0x1}}, 0x20)
close_range(r1, 0xffffffffffffffff, 0x0)

1.702813136s ago: executing program 2 (id=785):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000001000)=ANY=[@ANYBLOB="1000000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="0000000000000000009606000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000001"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB="b081ff00", @ANYRES16=r5, @ANYBLOB="01060000000000000000090000002c0004801300010062726f6164636173742d6c696e6b00001400078008000500020000000800030081000000"], 0x40}, 0x1, 0x0, 0x0, 0x20004001}, 0x0)
sendmsg$TIPC_NL_BEARER_DISABLE(r3, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000540)={0x110, r5, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10001}]}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}, @TIPC_NLA_NET_NODEID_W1={0xc}]}, @TIPC_NLA_LINK={0x90, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa8}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_LINK_PROP={0x4}]}, @TIPC_NLA_MEDIA={0x4}]}, 0x110}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000032000000000000000000004fa262e2ed463bd41a300d37127ea49441d830191c4c4f850dad8c5708161567be0dcfc69529013714cd77fe67aaa2af4c90078e44f1cbaa0b51fd95d53267225249d6f103bf"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='mpol=prefer:0'])
r8 = socket(0x10, 0x3, 0x0)
write(r8, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r8, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r9, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)

841.013493ms ago: executing program 2 (id=796):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000001000)=ANY=[@ANYBLOB="1000000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="0000000000000000009606000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000001"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB="b081ff00", @ANYRES16=r3, @ANYBLOB="01060000000000000000090000002c0004801300010062726f6164636173742d6c696e6b00001400078008000500020000000800030081000000"], 0x40}, 0x1, 0x0, 0x0, 0x20004001}, 0x0)
sendmsg$TIPC_NL_BEARER_DISABLE(r1, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000540)={0x110, r3, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10001}]}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}, @TIPC_NLA_NET_NODEID_W1={0xc}]}, @TIPC_NLA_LINK={0x90, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa8}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_LINK_PROP={0x4}]}, @TIPC_NLA_MEDIA={0x4}]}, 0x110}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000032000000000000000000004fa262e2ed463bd41a300d37127ea49441d830191c4c4f850dad8c5708161567be0dcfc69529013714cd77fe67aaa2af4c90078e44f1cbaa0b51fd95d53267225249d6f103bf"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='mpol=prefer:0'])
r5 = socket(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r5, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r6, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)

600.955258ms ago: executing program 1 (id=802):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x4}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000202004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000040003"], 0xa8}}, 0x0)

566.816629ms ago: executing program 1 (id=804):
syz_emit_ethernet(0x76, &(0x7f00000010c0)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0xb, 0x0, 0x0, @broadcast=0x1000000, {0x13, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @multicast2, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x2c, 0x0, 0x1, 0x0, [{@multicast1}, {@private}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@empty}]}]}}}}}}}, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0)

538.327119ms ago: executing program 1 (id=807):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e00000000000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r2, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0x600, 0x1}}, 0x20)
close_range(r1, 0xffffffffffffffff, 0x0)

519.37518ms ago: executing program 1 (id=808):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x9d)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000ac0)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

498.61407ms ago: executing program 1 (id=809):
bpf$MAP_CREATE(0x0, &(0x7f0000000d00)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
close(r1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a7"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_io_uring_setup(0x112, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', 0xffffffffffffffff, 0x0, 0x2ca}, 0x18)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r3, &(0x7f0000000080)={@val={0x0, 0x88f7}, @void, @eth={@broadcast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x4000, 0x0, 0x3, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0xb000, 0x6558, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x9, 0x0, @void}}}}}}}}, 0x32)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x94eb2000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000000000000026", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r6, 0x0, 0x5}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc}, 0x50)
r7 = gettid()
process_vm_writev(r7, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

425.797391ms ago: executing program 4 (id=810):
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[], 0x48)
syz_io_uring_setup(0x2421, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = getpid()
preadv(0xffffffffffffffff, 0x0, 0x0, 0x7fff, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000a010100000000000000000a0000000900010073797a300000000048000000030a01010000000000000000020000000900010073797a30000000000900030073797a3200000000080007006e617400140004800800024000000000080001"], 0x244c}}, 0x0)

425.174451ms ago: executing program 0 (id=811):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000bc0000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000180)=ANY=[], 0x118)
preadv2(r1, &(0x7f00000004c0)=[{&(0x7f0000000640)=""/247, 0xf7}], 0x1, 0x5, 0x7, 0x8)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x18)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@typedef={0x2}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x28}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@alu={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0xb, r4, 0x8, 0x0, 0x0, 0x14}, 0x94)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000780), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r5, 0x0)
r6 = timerfd_create(0x8, 0x80000)
timerfd_settime(r6, 0x3, &(0x7f0000000140), 0x0)
clock_adjtime(0x7, &(0x7f0000000000)={0xffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xdff2, 0x5, 0x1000000000, 0xc, 0x3b9ac9ff, 0x0, 0x0, 0xe, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc})
timerfd_settime(r6, 0x3, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000004000000000000000000000300000000030000000300000000000101010000000000000800000000010000000100000506000000010000000200000000000000005f"], &(0x7f0000001540)=""/4096, 0x58, 0x1000, 0xa}, 0x20)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r7 = syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), r2)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0x84, r7, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x9}, @handle=@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xe}]}, 0x84}}, 0x4010)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x38, 0x1403, 0xc23, 0x70bd2a, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'virt_wifi0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c080}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r5, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000000214010026bd7000fbdbdf2508"], 0x20}, 0x1, 0x0, 0x0, 0xd8}, 0x40090)
getuid()

410.404691ms ago: executing program 4 (id=812):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f0000000200), &(0x7f0000000340)=r1}, 0x20)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0xa1, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}, 0x1, 0x0, 0x400000000000000}, 0x0)

393.425472ms ago: executing program 0 (id=813):
r0 = semget(0x0, 0x2, 0x1)
semop(r0, &(0x7f0000000000)=[{0x4, 0x3, 0x1800}, {0x4, 0x9}, {0x2, 0x101, 0x1800}, {0x0, 0x8e71}, {0x1, 0x9, 0x800}, {0x3, 0x8, 0x1000}, {0x1}, {0x4, 0x7f, 0x800}], 0x8) (async)
r1 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_misc(r1, &(0x7f0000000040)="33d46d4d60b4de03b4e14f27f21f8f0508a9755052899985c2c49f533570a9089b71ef729c7cf61fccfebce3bd7692b5b4d3b8e483a06fca8926ee5fa6d2a86be828d88f7929be67fae8b8f6a2a90d0258723b51bcc9248432d3ad956174043aded3bca17fd3b1811f3e26e0114c8b9737cad55cffcb7d86e6e8", 0x7a)
ioctl$EXT4_IOC_GETFSUUID(r1, 0x8008662c, &(0x7f00000000c0)) (async, rerun: 64)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x141200, 0x15) (rerun: 64)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000140)) (async)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000340)=[0xfffd, 0xc, 0xd4b4, 0xf2]) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{0x1, <r3=>0xffffffffffffffff}, &(0x7f0000000380), &(0x7f00000003c0)}, 0x20) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000780)={'syztnl1\x00', &(0x7f0000000700)={'ip6tnl0\x00', <r4=>0x0, 0x29, 0x44, 0x7, 0x1, 0x10, @dev={0xfe, 0x80, '\x00', 0x39}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8000, 0x7, 0x400, 0x45}}) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b40)={0xffffffffffffffff, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000840)=[0x0, 0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x4, 0x8, &(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000008c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r6=>0x0, 0x17, &(0x7f0000000900)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000980), &(0x7f00000009c0), 0x8, 0x28, 0x8, 0x8, &(0x7f0000000a00)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x2, 0x29, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@map_idx_val={0x18, 0x8, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0xc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1}, @jmp={0x5, 0x0, 0xc, 0x2, 0x0, 0x100, 0x10}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @jmp={0x5, 0x0, 0x7, 0xa, 0xb, 0x30, 0xfffffffffffffff7}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9e5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000005c0)='syzkaller\x00', 0xfe33, 0xc5, &(0x7f0000000600)=""/197, 0x41000, 0x21, '\x00', r4, @fallback=0x30, 0xffffffffffffffff, 0x8, &(0x7f00000007c0)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000800)={0x1, 0xf, 0x8, 0x6}, 0x10, r6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94) (async, rerun: 32)
semop(r0, &(0x7f0000000c40)=[{0x3, 0xcae, 0x1000}], 0x1) (async, rerun: 32)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000cc0), 0xffffffffffffffff) (rerun: 32)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r7, &(0x7f0000000d80)={&(0x7f0000000c80), 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x40, r8, 0x10, 0x70bd29, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xa}, {0x6, 0x11, 0x101}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000004}, 0x80) (async)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0x1, &(0x7f0000000dc0)=0x10, 0x4) (async)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000f00)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x8010010}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e40)={0x48, 0x3, 0x8, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x80}]}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xd}]}, 0x48}, 0x1, 0x0, 0x0, 0x4004008}, 0x40100)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000001080)={'ip_vti0\x00', &(0x7f0000000f80)={'ip_vti0\x00', <r9=>r5, 0x7, 0x1, 0xf, 0xb8, {{0x34, 0x4, 0x0, 0x3c, 0xd0, 0x65, 0x0, 0x0, 0x29, 0x0, @remote, @remote, {[@timestamp={0x44, 0x2c, 0x1a, 0x0, 0x8, [0xfffffff9, 0x60, 0x3596, 0x3, 0x5, 0x7, 0x3ff, 0x10, 0x9, 0x8]}, @ssrr={0x89, 0xf, 0x9b, [@initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, @multicast1]}, @noop, @timestamp_addr={0x44, 0xc, 0x31, 0x1, 0x4, [{@local, 0xcc1d}]}, @lsrr={0x83, 0x7, 0x87, [@local]}, @cipso={0x86, 0x3a, 0xffffffffffffffff, [{0x0, 0xf, "9b4ac051fc013df4e250210eea"}, {0x7, 0x5, "d0eb54"}, {0x1, 0xc, "b6d724c8e198a7501cc0"}, {0x2, 0x8, "6eef91f524cf"}, {0x6, 0x2}, {0x6f204d2b2ae02ab4, 0xa, "29c21dfca9d0da89"}]}, @rr={0x7, 0xb, 0x3d, [@dev={0xac, 0x14, 0x14, 0x23}, @loopback]}, @generic={0x82, 0xb, "a61c2cd223207e29ff"}, @ssrr={0x89, 0x13, 0xb0, [@broadcast, @multicast1, @local, @empty]}, @timestamp={0x44, 0x8, 0xf0, 0x0, 0x1, [0x27]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000001140)={'syztnl1\x00', &(0x7f00000010c0)={'ip6_vti0\x00', <r10=>r5, 0x2f, 0x20, 0x2, 0x3, 0x811f011a47856b00, @private2={0xfc, 0x2, '\x00', 0x1}, @empty, 0x8, 0x20, 0x80, 0x3}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r7, &(0x7f0000002440)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000002400)={&(0x7f0000001180)={0x1280, 0x0, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x48, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_BITS={0x3c, 0x3, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x81}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, 'syzkaller\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x1148, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x70, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xf, 0x2, '[*\'$!$@(${\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1000}]}, {0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xbad}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffff0001}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "41926a25f5e99256b4fa10031d22bc6476dffeababd1e0be162822680ae351935a3a1ab98a76612ee47fed739b80cc231ad7821835b9e5acbc9e9e8aa01378470d8214a50fb65d8da65f1a8541aac9e9c07ed18634f373b745a30741c162b833ca9f4ff605e6aaa35b8b75d1cce1210b05c8dfbe58767555a483d3b501c137c41889e7b55b53f64948691d7ce60f9d92cb7c09498064ff559145807e3d6d1ce076f33aa2c230b4e7ee305da9cd781fc7ab06a14a0154bd74bae6a01ed1161bdb0ca9e08288ddedbdf54ee82c6d69a589e01389392d3dd40d94d4f02b4a94460525b765f97e8badd303fd2003e1bf0e88f33d1d75ede0f41e7dba968c60efde15695d6a089ca19fa3e50b5d06cea9594fa76821ec2a465e2f84f2b57d67a1c2eed8b3505ddc6abe240a25dc7247e76807e6333b59c43010bd0e9709f5e3eb53be35225d7d4f9488773d8bd5b8c7b5e3ec95441378bea0d95d0b6636d99faf34223b9c8eec6bdbd879e9a5fbf28c7d263dbe8a9a97f9f497c41aaece7903f18ef91ad580a89d28211197791d7970cdfbf4aca0deb8bf1a122773b317e7fd6db822a91af69efad9eb457fead4d5218d918fb2e3b0e204abbd96c35352a42937e3d683f00f96c817446e1b4c80aaf51ed4d490f468e8b7802a559e7d52a7a9f14a4f2b4747614d52fe2d39ed3d985a02a74a89f054cdcccdd28c14ec06f0f8dd2054f2cf50e03d3dcb00995b5b9c843bdf5cbb9cc0d1cc9778f1e2419e3ee2aaec769a986cbe0c9714f4bf1dd6d88427479479b6dcab649341e821ee877281d57218ec16a11821958283c1627f638ac64677ed5e72ad658fc93687fbbba19259ed247fff6a096151f68e581c6a53fb5c13aa0239473abd4c9aefa10c0e06d6de118077d944240e5b237b4407226afacf14a9d09deeb66183d4ddb03503bd8de9140876c046ee6f1ca7b8868e385991c75778a17ba12a926e9131e9862c9638dac15c2e02dab5c9ae4e182139241f864a43e99f62ae670d3d6ce8f1ee02816c2ce3ec5e78a9c43caec972bebcf939b6478416cc3490c8c64ca89073b96c7a0577e31e3ec39217fe81b4c1bd7295d46818a4cb5a931a5234fab285e7397a2db3a017eb059c1e48afba556d3fca6e0ca78733cd8924d29afbe0a5a8c8af49206dcb2d6d4bdeb05b37116644e642f168328f5d66560a8b8ff816b4ff3e57efe05368dbb0d457670e4e0532ae41e5028a4aeca9948da0ec944fc0807b800d9ad2f5be4aeb5e529724a57b71a4147e7f55ee3ee6f7b4b33208551e1931134dfd05564e8e4acb2d1a3e4beafa126985eecb7370d5a94d8a38048f4879b31fbc67d808c6ea92152f670d056be77ad6e479b9135e177fe6c89ad3aa607368c7f0b3281014445dbe1f0b4c8f2e4f04620f68724f67208f8d3d3169de4ed53d26d6a3f7a66f692e30c2d38ba1b292277b488f8d0897069501eea697c2bb1778140f16be0b4cef28bc692ae3697968cdd167e46f4c8775a7e06d85d6c9d90ff3eb917217fef2d75f14d0861fedfa0ede960648a4221416b75ea0ac7c280a9e7b30ed33ea4653e44f36a6eac8cdc3164d5b9af3731c32c4974c942933a6c6f614f0df23e5343762442dfa5ff82c63b43f9856e61ffa3d52c3a23bfefcb7e66492929cf1002a6057d20d56cb549ed8a1da9392b088cc9cc57ba93dda80cd1420820d24278124609555a8b8939a5685d6d2d08a1062341c71edcc5c692559a05b8987e5eb4f9724de8f592aeda82fcddcb770ea5aadf825bd14fbadd66dd0640bff3a65ccf55b6470974fd32ca08585075bcb5e3035bffee80aaad2ec66f932e37caea7dfc767c9f33598dba4704610d438b1392f9c094e358e8b6bd13720d6625abcd4e9509b2f74d3208a31c184934cceb0e4cb285f8208a494a5994c6b958b819802804e1b0533547af1b7aafddccb5bedc6c19b02eb1f3ee350f81fc27f48fe87d5c7a613331dc9346bddd8edfb3435df5eeccb6c6804eb68ff945bd8d10c7deee27753ea28ab9da15296350e1e2b4bd58405239087c7aedc99e5c36a52d7df32837303f0a84d9ad3104c2985ffc361670fae726dcdf522f5954de35ad60157df6a5c05217e07cf3f64800ea1ca446f07063ad98e7d1c93428b3243c648ffef056defb0fc8670884215eb2157ca76748528314066310dbd2288d8bbe8ff392618323738fba990fd3a11dff2d1e1adba612760f2267f49dafe32af4fd1b9799b2864613fb04dacf4ae96b760656fdac469244638b7bcbf021051f3101059d072a453dc7298c8b1396668313afefebd06ca289088e5229b3443218879661455df6b0384cde7f114dba70d3362982b4c1a656b44132e88dbfd37b942a6b1fdef1fc75176eabd44c819bcee1e8255e6b0a2833786996800df093e4dcebe3fac995c38086f4b7774d7fd54c761b28781a0337a26f69036b53f992ffc44f2f07c13b4418af4e3a9cf11221c548d79460f1699adc68a57437442a90a3e6038f5065dd70cf8076539e5502ae90edfd01b68239282b6f6bc4dc10119c61c96b936784c8499acaa55a0fb87b676b5232e41bfd109b028956b546c965d59a43739922c6a359f4c76f817040fa204ebdbde1cad71ea85831259656e62a7a1840487c5716f142a361aa29c27540fd63cf1799617b59bd0d4889b7080d35b0c53ce2a6de17a6bada9eff851d957330fe791cf8a3b4d06189ba08e1c1d809f4678445438fb8608ee4ebce043a35cfb88697ac639fdcb9f04937ad56dc6e85cbf553b8a17e06749a50385a19f9b5559faf5f8cc9b0a088722faa4723696b3ba4d4de62431d07f270941cd0ac3537f73050cd432ee25b1f3132d55614caebb7a21b1af654b538c057b2519747fee11e3fba0736f562151325c111c98ec00932dc3ced24923f3485615f6bae7649a5bd52912461cb8fad9b493481e1723951e7c4bc3987e054216b1740d2eb7ea5c3cd6c2dab3d804d79c713bd92504763398512d372fa1271b9d775875330edfd5f7a4bd8da65b523ce6f53d5b7680d4aae57697aff8da78cf3ecdce080d8444017d0e6dec459f0b1b9bdb920e9b15789bb45666bf36628904d6766a7ada51dcc8112e36fed9aac412bfef2d3586739d02a66d4d7b798b200a6f6ff3e105129e1e004fc4f0903988d4e63271368c6bc43bd0987b836f5fe1f0ea748aa7c78b644b715ac881b07f4f7eeae4934e54fb939e51b72d47b3862fde457944891813a614c878694033054bfbf50f3c02bf82755ef75031ca5fb31bef7d8a3bcc5c930cc4fde8f5258159cbc326c27c0c86f09ca4348ad16e053698ccae1b3e872bc8e735b83bd1d83ddf8d1bdcc477fe64712b2c0646142312a9de62afa96a423e5feac65e815f0d084a0a4aae1f2d4e3280d0e1eebec15446dcd39fc07fa1e7b1177b5b605b2cbbde39994ad9eef6647362f1db5fd7b2a425d8cc76503b270806b31a873db842419d5310fbee5cf97dd33fbf3e70b3b33a859f1c3327ea2647d8239bf1117caa3ff40fa2d5a540447c7c769371790ca2931afe1b023f94db612ede441b6fe0800d52f99a2ef6020f2b36e3a9e4eab8d30dd5e97bd587d9334f2e989fef9ad921a80ded83fa7d490cbf5f85da8f7187cda5cb4be6b3449b13c1a35f1ecbb8f2452a97fabe2477a084df3e9329c07f4b36dc49b2294beb300349174a431c183997a6a0f35b4abfc14994e97776a3b0daec813e8832192057e99173e3603d1002e7889268ca30940cba86da2b607df4215032572b3e52a0c415e735971b2bb618d00770ffd7ad5353c7c0ffd4ac9ad8ac1fc539e37bb0fb4dfc241b5ebe2db121b1667d2ab069e78c154c0d7de6b3d96bf071e3c46fad7246d22c8bb314b6e22e415996d7db022864459dc8adcd8068a92ba2196ddfe0a374485101c1771080e7f8e833261ab7ded1a37777a679f871d59fb66fdcfe71a5617dea7c12acba1221b6adb899fc3ac5b40fb9c3cc9a455ce7559b332ef7f36a712a12d1fda4dade36775ede531fcde5b6d19f2c679aee633376b48a78eaa89901474c6ba2de9b1b47cde65b983014307e7e5845aae895d446804a2dd0d1a0c3044a61a88f8c3e1b191a2086898328295c5aa814e942588d42cd463bae5847bacfd8171ae7ef5e66e946d18b22ef65151dd19cd7d23b4fb68886d63e08cc85c991dbf389e70a65d5a9855ca4c7fe5774724c6196468ac574c644c30f5c8c601252cf53abf74444343878f8bced0f1ecda09504ad5b950374a382873669779c81ca4cf6b443092edc946509dbb3b7b8cf99d8bcb4f29cd6e7328b1dc0009d6bf205daaa2a922eb7b1b3163d0a80d7ecce9ede512a3b501d6ec65b3c4cd4cd2324ecfce8dd5ebdabc1062649abd5039d34afeda788646f1ee680c9925dfa565f61c117007e718309cfe340c9ae24a7e1aba92d7d301486c954ee54a3d0d66eb7ee63ceadf0e49a836ff5ee8e38b1cb4fead0c3aae7821ffec6e9bee56c6c3dc8c33d1efd0732b4fa4ad26c6440f9d2cfe83faf16ab44a76ea99cc69084b56dda951966e8e61bee54884e2f26ca99538c471226c56b008aba3fc22bc3e4d7e11faf5e04c045f6849bc75b4ed62cd98c216ccdd9a97f0b753866856ad024fa40b0e3e387ca9cc9874c1b45aaf3870d17caef498b4bcb61dde1dafc599eed5663b206cbbef41a73204ef899990948716985f70752e82711450723a125f902792d4a33a0cb6a043ff2324baf1ff21428d6f6876a89c495aadf2555eda940b68ab6a7117d01ee680075ef05de68fdb977b1343105398fa7f76af5df6e9ab0a5ac964c432893a98fdccf99ea0a9c0c3dcc11346cfd1d91798b29f76bc49021bc2fa435c115e295a78c5dfd343d489d398b3a237f95dd4a65a221182ec187f6dd2ba16cd12f8c1ab989e0c2b677832228b4ca9d591371ab92cfb1c29a08995cf69c3a16909274cf55f83fa5d45ae2b14d68000a7c090618aa874f11dd94a18a85842147f145e4f3916f69dc22ad56f6f2135f55cdb47f5f9cd7183ed5a11ce8fc5393e05ccb3d1432d5c6b38b6058fe66ebaed825532d553ba53894143c5ca865d4d27cd7c65bfde06b567a409c9ae1e71198faeac8a579c59a4267d5ce37565b8bc458c0d4613d089fd8bcbabaf784f36e438541ea3ab5e105d75d2291fc29fd56e3a43a0caf6421d5af1ba9f5aca4307d9964eb2279bee4dffa3d5f4646e8e10aef362068e5faf03637ebfd910e3bf7c0ccd9e5afbc6bfa16aa437efecfa59890eb9be496955bbbe9abf0fc6f8a361b840d4c15feadbc2e3f5334b10b1a53f8976cb80127c0628f2d5220b88897d10dc1ec25e7543c5c5174f6058f933f4e1e8a31c3489a070e4b5e8299e449f9e28357530987a05c8f3739de1379e83ddaac60edf56e339d667a8b2ca18c04c8e6824fdfdaf28291a815bd900575b6233cd6470b5d362a13724cbf4000ef63138882f1f53f4ab070db0956a4bcffab6cbedc27c27bde719341424de65dad7fc2bf647355b4a14c1f2d9fe681b3b81459e4db57214951ffdf54280154cff6bb9a449b67dbdaac8cf4d67666dcd2bdceefae1e5ec7cd05b68c7efdd71145ed7f385a11b70077a1aa2d7ba4cf5c8cd9a7d2c4c6ad67de57e69e256b7005b022e6fb881d4ac51ca11e253c5326de8a5f961f2fe2b1d15075a9a73d99fdd93e3e4d17581f0accd9b61eb939edb924bde448aa5300b2f7ad3ac9eae3e8af712a42d73179da58adb05925e46db06c77b05a6b40d60d25c4253913ba151918fc948bfd"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x52, 0x5, "c7a92561be82bc66706c6752e6a05463645f586870a5d65287663d42bdf99bd01d9490ed980da439e6842fa3024a7332c66956a15fd23c7d902f5dd030195a8bbcffc968be12f753b180df615203"}, @ETHTOOL_A_BITSET_MASK={0x17, 0x5, "bfd0892f469c7e541af96095690c5364ff196d"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_BITS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x935}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, 'pci\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_BITS={0x38, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7ff}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, 'syzkaller\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x1280}, 0x1, 0x0, 0x0, 0x4000080}, 0x40400d0) (async)
r11 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000002480), 0x1, 0x0)
sendmsg$AUDIT_ADD_RULE(r11, &(0x7f00000029c0)={&(0x7f00000024c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000002980)={&(0x7f0000002500)={0x450, 0x3f3, 0xf08, 0x70bd2b, 0x25dfdbfc, {0x1, 0x2, 0x15, [0x4, 0xf, 0x80000000, 0x435, 0xf, 0x1, 0x7f, 0x1, 0xffff, 0x4, 0x0, 0x3e, 0x5, 0xcd, 0xffffffff, 0xf, 0x3ff, 0x9, 0x9, 0x2, 0x3, 0x80000001, 0x3, 0x3, 0x4, 0x845, 0x7fff, 0xc, 0x90000000, 0x80000000, 0x2, 0xfffffffd, 0xc6e, 0x50, 0xb, 0xbcb, 0x6, 0x8478, 0x800, 0x2, 0x2, 0x4, 0xffffffff, 0x2, 0xdf8, 0x4, 0x85, 0x3ff, 0xb71, 0x6, 0x9, 0x4, 0x4fd, 0x1, 0x5, 0xa8, 0x1, 0x1, 0x0, 0x0, 0x40, 0x69, 0x5, 0x6], [0x1, 0xf, 0xfe, 0x0, 0x3, 0x2, 0x3, 0xfffffffe, 0x0, 0x80000001, 0x8, 0x0, 0x4, 0xa2, 0x2040e569, 0xfffffffe, 0x5, 0x2, 0x8, 0x8, 0x4, 0x1, 0x3bae9afb, 0x3, 0x1, 0x38cc366b, 0xffff, 0x2, 0x8, 0xee, 0x8, 0x5, 0xffffffff, 0x7, 0x4, 0x7, 0x1, 0x0, 0x8, 0x3, 0x48, 0xffffffff, 0x8001, 0x1, 0x2, 0x7f, 0x5dbd, 0x6, 0x81, 0x4, 0x20000, 0x3, 0xfffffff8, 0x956, 0xc94, 0xff, 0x7fffffff, 0xd, 0xf, 0x81, 0x9, 0x6, 0x1, 0x3], [0x3, 0x8, 0x9, 0xfff, 0x4, 0x5b3610ca, 0xd11, 0x1, 0x0, 0x9, 0xd, 0x6, 0x0, 0x400, 0x7ff, 0x4, 0x6, 0x0, 0x6, 0x4, 0xfa5, 0xf, 0xb, 0x80, 0x1ff, 0x8, 0x7f, 0x8, 0x2, 0x3, 0x1, 0x8, 0xbf, 0x1, 0xfffffff7, 0xa, 0x5, 0x80, 0x5, 0x4, 0xd0a1, 0x4, 0x8, 0xa00000, 0x5, 0x6, 0x8, 0x4, 0x7, 0xf, 0x0, 0x3, 0x2, 0x100, 0x70, 0x10000, 0x6c0, 0x3, 0xfd, 0xdf1, 0x1, 0x6, 0x5, 0x6], [0x0, 0x8, 0xc, 0xfffffffe, 0x43c6, 0xffffffff, 0xf16, 0xe, 0x3, 0x4, 0xe7a6, 0xe, 0xeda, 0xfffffffd, 0x7, 0x101, 0x5, 0x4, 0x8, 0x401, 0xffffffff, 0x2, 0x8, 0xf1, 0x0, 0xffffff3d, 0x7208e6cf, 0x0, 0x8, 0x7, 0x4, 0x0, 0x93c, 0x140, 0x7, 0x7, 0x6, 0x1, 0x9, 0x9, 0x4, 0x10000, 0xf, 0x0, 0xaa1, 0x80, 0x3, 0x9e, 0x4, 0x10, 0x5, 0x5, 0xda6, 0x42, 0x7632, 0x4, 0x1, 0x10000, 0x5, 0x46f44b5b, 0x9, 0x1, 0x5, 0x7], 0x2f, ['!!\'\\\x1a\x00', 'devlink\x00', '/():!,/:\xcc\x00', '%.#$$,\x00', '/(\x00', '0000:00:10.0\x00']}, [""]}, 0x450}, 0x1, 0x0, 0x0, 0x8000}, 0x2000c000) (async)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
ioctl$TUNGETVNETBE(r11, 0x800454df, &(0x7f0000002a00)=0x1) (async)
r12 = semget(0x0, 0x1, 0x89)
semctl$GETPID(r12, 0x0, 0xb, &(0x7f0000002a40)=""/4096)
ioctl$sock_inet_udp_SIOCOUTQ(r11, 0x5411, &(0x7f0000003a40))
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000003ac0)={'wlan1\x00', <r13=>0x0})
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r11, &(0x7f0000003b80)={&(0x7f0000003a80), 0xc, &(0x7f0000003b40)={&(0x7f0000003b00)={0x28, 0x0, 0x2, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r13}, @val={0xc, 0x99, {0x800, 0x72}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x4000844)

328.362083ms ago: executing program 4 (id=814):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r1}, 0x18)
sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020200090f00000080ff00000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000002000100000004d20000020300000020050005002f8000000a00000000000000ff0100000000000000000000000000010000000000000000010018"], 0x78}}, 0x0)

328.077543ms ago: executing program 0 (id=815):
syz_open_dev$sg(0x0, 0x0, 0x142000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010000100000000000000efffffff000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0)

300.346764ms ago: executing program 0 (id=816):
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x4}}, './file0\x00'})
ioctl$BLKRRPART(r0, 0x125f, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00'}, 0x10)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000400)={@mcast1}, 0x14)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="640000000206010100000000000000000000000005000400000000000900020073797a30000000000500010007000000050005000a000000140007800800114000000000080012400000ffff16000300686173683a6e6574"], 0x64}}, 0x0)

272.729674ms ago: executing program 4 (id=817):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_LINK_SET(r1, 0x0, 0x0) (async)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) (async)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="240000000f14b9a02dbd7000fddbdf250800010000000000090045006973736d00000000e8ad4abb00b383205ea435b3a2bcec3f4312e9d2616c015b4229f65cb2060812195495007441821158a561e917e94882a8f666f4339947dcbae45089f5a85f4824e472a00edcbae9181417307a2d90cd95259aaa1e1e072b69b8109c4003bb717a69fca286cf0a214b8f1c3360f37d55397caf535fa7a6efbd5e85bd506ecf00f8e9f347c4a1e7444961cdea3194a14045ea84fe391172c838c6e26f908c8a8ee1d3d86f18223b73bebe5c0a608292f0934456878cfa5fc254e241da511c48d9b1063f212e72d50e60d8a6e41c2f615123c44b4c1dd3ec356926c17a4258fa000000000000f9816d41b3ed265b51e9e51db9b281027d7e73eac6b3c49a216561518f5632cc0cbcb65ccd4c4aedb94ffe22a6a95265a1e0e91128d2d4a05c8f60cdc5ab715113dde5d90f8aa4db48000e683505be82f5fd4f22558c33751575927dd84d4333ab440506f03ef5a4"], 0x24}, 0x1, 0x0, 0x0, 0x24044000}, 0x41844)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20}, 0x94)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r3, 0x40047438, &(0x7f0000000180)=""/246)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18) (async)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="010001000000000000001000015b097ead85847817353d2dbad05dd5", 0x1c, 0xfffffffffffffffd)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
r6 = socket(0x10, 0x3, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0}) (async)
r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r9, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x1}, 0x7)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r9, 0x6, 0x1, 0x0, &(0x7f0000000080)) (async)
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0xa}, {0xffff, 0xffff}, {0x1a, 0x7}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x143}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080) (async, rerun: 32)
io_uring_enter(0xffffffffffffffff, 0x7a98, 0x0, 0x0, 0x0, 0xfffffffffffffc76) (async, rerun: 32)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r8, {}, {0xffe0, 0xa}, {0xf, 0x10}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x55}, 0x4000) (async)
r10 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r10, 0x0, 0x0)
connect$inet6(r10, &(0x7f0000000040)={0xa, 0x3, 0x7, @loopback, 0x800000}, 0x1c) (async)
r11 = inotify_init1(0x0)
mkdirat(r5, &(0x7f0000000400)='./file0\x00', 0x44) (async)
inotify_add_watch(r11, 0x0, 0x4000064f) (async)
syz_io_uring_setup(0x497, 0x0, &(0x7f0000000340)=<r12=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r12, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)

248.953355ms ago: executing program 0 (id=818):
r0 = open(&(0x7f0000000300)='./file1\x00', 0x8000, 0x1b1)
lseek(r0, 0x0, 0x2)
socket(0x10, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f0000000c00)='net_dev_start_xmit\x00', r1}, 0x10)
socket$can_bcm(0x1d, 0x2, 0x2)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000480)=ANY=[], 0x15)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x66, &(0x7f00000068c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd6007000000303a00fe8000000000000000000003000000bbff020000000000000000000000000001"], 0x0)

181.959626ms ago: executing program 4 (id=819):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x9d)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

151.214687ms ago: executing program 0 (id=820):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x80, 0x0, 0x8, 0x1, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={&(0x7f0000000100), 0xc}, 0x0, 0x0, 0x800000, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x9}]})
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCSFEATURE(r0, 0xc0404806, 0x0)

150.796137ms ago: executing program 4 (id=821):
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[], 0x48)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01022dbd7000ffdbdf252100000009001f00706879310000000005002000000000400c0005"], 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (fail_nth: 11)

150.595877ms ago: executing program 5 (id=822):
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x2100000000000000, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a00000001010000fb7f0000cc00000008000000", @ANYRES32, @ANYBLOB="00000000a000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400008000000000000000000000000000000000000000ecdb372f190a9937c7398748b59b"], 0x50)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)

94.790638ms ago: executing program 1 (id=823):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f6873720000000014"], 0xfc}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0, r3, 0x0, 0xfffffffffffffffd}, 0x18)

0s ago: executing program 2 (id=824):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x88, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xffffffff}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x44, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x48000000, 0x0, {0x0, 0x84}}}, 0xd0}}, 0x20050800)

kernel console output (not intermixed with test programs):

979011][ T4235]  ? __pfx_netlink_sendmsg+0x10/0x10
[   45.979103][ T4235]  __sock_sendmsg+0x142/0x180
[   45.979194][ T4235]  ____sys_sendmsg+0x31e/0x4e0
[   45.979251][ T4235]  ___sys_sendmsg+0x17b/0x1d0
[   45.979298][ T4235]  __x64_sys_sendmsg+0xd4/0x160
[   45.979334][ T4235]  x64_sys_call+0x191e/0x2ff0
[   45.979389][ T4235]  do_syscall_64+0xd2/0x200
[   45.979429][ T4235]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   45.979495][ T4235]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   45.979533][ T4235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.979559][ T4235] RIP: 0033:0x7f3c2c94eba9
[   45.979650][ T4235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.979672][ T4235] RSP: 002b:00007f3c2b3b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   45.979694][ T4235] RAX: ffffffffffffffda RBX: 00007f3c2cb95fa0 RCX: 00007f3c2c94eba9
[   45.979709][ T4235] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[   45.979724][ T4235] RBP: 00007f3c2c9d1e19 R08: 0000000000000000 R09: 0000000000000000
[   45.979793][ T4235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   45.979804][ T4235] R13: 00007f3c2cb96038 R14: 00007f3c2cb95fa0 R15: 00007fff26ff4ea8
[   45.979862][ T4235]  </TASK>
[   45.979870][ T4235] memory: usage 307200kB, limit 307200kB, failcnt 452
[   46.323189][ T4235] memory+swap: usage 308060kB, limit 9007199254740988kB, failcnt 0
[   46.331093][ T4235] kmem: usage 250684kB, limit 9007199254740988kB, failcnt 0
[   46.338453][ T4235] Memory cgroup stats for /syz3:
[   46.338777][ T4235] cache 0
[   46.346674][ T4235] rss 57872384
[   46.350067][ T4235] shmem 0
[   46.352986][ T4235] mapped_file 0
[   46.356876][ T4235] dirty 0
[   46.359878][ T4235] writeback 0
[   46.363499][ T4235] workingset_refault_anon 104
[   46.368209][ T4235] workingset_refault_file 1024
[   46.372983][ T4235] swap 880640
[   46.376363][ T4235] swapcached 0
[   46.379801][ T4235] pgpgin 54619
[   46.383213][ T4235] pgpgout 40490
[   46.386695][ T4235] pgfault 57778
[   46.390156][ T4235] pgmajfault 67
[   46.393661][ T4235] inactive_anon 0
[   46.397283][ T4235] active_anon 0
[   46.400727][ T4235] inactive_file 0
[   46.404384][ T4235] active_file 0
[   46.407855][ T4235] unevictable 57872384
[   46.411915][ T4235] hierarchical_memory_limit 314572800
[   46.417305][ T4235] hierarchical_memsw_limit 9223372036854771712
[   46.423530][ T4235] total_cache 0
[   46.427002][ T4235] total_rss 57872384
[   46.430893][ T4235] total_shmem 0
[   46.434463][ T4235] total_mapped_file 0
[   46.438436][ T4235] total_dirty 0
[   46.441880][ T4235] total_writeback 0
[   46.445693][ T4235] total_workingset_refault_anon 104
[   46.450887][ T4235] total_workingset_refault_file 1024
[   46.456195][ T4235] total_swap 880640
[   46.460005][ T4235] total_swapcached 0
[   46.463903][ T4235] total_pgpgin 54619
[   46.467800][ T4235] total_pgpgout 40490
[   46.471844][ T4235] total_pgfault 57778
[   46.475939][ T4235] total_pgmajfault 67
[   46.479921][ T4235] total_inactive_anon 0
[   46.484094][ T4235] total_active_anon 0
[   46.488152][ T4235] total_inactive_file 0
[   46.492343][ T4235] total_active_file 0
[   46.496376][ T4235] total_unevictable 57872384
[   46.501014][ T4235] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.217,pid=4234,uid=0
[   46.515691][ T4235] Memory cgroup out of memory: Killed process 4234 (syz.3.217) total-vm:180156kB, anon-rss:57648kB, file-rss:26340kB, shmem-rss:0kB, UID:0 pgtables:252kB oom_score_adj:1000
[   46.593663][ T3707] usb 3-1: enqueue for inactive port 0
[   46.599250][ T3707] usb 3-1: enqueue for inactive port 0
[   46.664002][ T4305] loop0: detected capacity change from 0 to 512
[   46.673781][ T3707] vhci_hcd: vhci_device speed not set
[   46.705890][ T4305] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.720024][ T4305] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.791848][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.822762][ T4311] loop4: detected capacity change from 0 to 512
[   46.840322][ T4311] EXT4-fs: Ignoring removed nobh option
[   46.871710][ T4311] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   46.882133][ T4311] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.236: iget: bad i_size value: 38620345925642
[   46.895542][ T4311] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.236: couldn't read orphan inode 15 (err -117)
[   46.908876][ T4311] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.923302][   T29] kauditd_printk_skb: 312 callbacks suppressed
[   46.923371][   T29] audit: type=1400 audit(1758130571.558:11380): avc:  denied  { name_connect } for  pid=4310 comm="syz.4.236" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   46.965306][   T29] audit: type=1400 audit(1758130571.598:11381): avc:  denied  { map } for  pid=4310 comm="syz.4.236" path="/50/file1/file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   46.998279][   T29] audit: type=1400 audit(1758130571.618:11382): avc:  denied  { connect } for  pid=4315 comm="syz.0.238" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   47.020859][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.068373][   T29] audit: type=1400 audit(1758130571.678:11383): avc:  denied  { setopt } for  pid=4317 comm="syz.0.239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   47.135233][   T29] audit: type=1326 audit(1758130571.768:11384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4325 comm="syz.3.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   47.158796][   T29] audit: type=1326 audit(1758130571.768:11385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4325 comm="syz.3.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   47.173492][ T4327] loop1: detected capacity change from 0 to 2048
[   47.182244][   T29] audit: type=1326 audit(1758130571.768:11386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4325 comm="syz.3.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   47.212012][   T29] audit: type=1326 audit(1758130571.768:11387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4325 comm="syz.3.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   47.235581][   T29] audit: type=1326 audit(1758130571.768:11388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4325 comm="syz.3.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   47.259179][   T29] audit: type=1326 audit(1758130571.768:11389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4325 comm="syz.3.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   47.312805][ T3286] Alternate GPT is invalid, using primary GPT.
[   47.319381][ T3286]  loop1: p1 p2 p3
[   47.336817][ T4327] Alternate GPT is invalid, using primary GPT.
[   47.343082][ T4327]  loop1: p1 p2 p3
[   47.382386][ T4334] loop2: detected capacity change from 0 to 512
[   47.389779][ T4327] FAT-fs (loop1p1): bogus number of reserved sectors
[   47.396655][ T4327] FAT-fs (loop1p1): Can't find a valid FAT filesystem
[   47.416394][ T4334] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   47.445269][ T4337] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   47.455568][ T4334] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.245: Failed to acquire dquot type 1
[   47.486769][ T4341] loop1: detected capacity change from 0 to 512
[   47.497636][ T4334] EXT4-fs (loop2): 1 truncate cleaned up
[   47.586798][ T3519] udevd[3519]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   47.602682][ T4334] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.623729][ T3286] udevd[3286]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   47.656833][ T3516] udevd[3516]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   47.678594][ T4334] hub 8-0:1.0: USB hub found
[   47.685946][ T4334] hub 8-0:1.0: 8 ports detected
[   47.716194][ T3516] udevd[3516]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   47.728458][ T3286] udevd[3286]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   47.741730][ T4341] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.755837][ T4341] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.768144][ T4341] __nla_validate_parse: 4 callbacks suppressed
[   47.768156][ T4341] netlink: 196 bytes leftover after parsing attributes in process `syz.1.247'.
[   47.801118][ T3519] udevd[3519]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   47.819013][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.859407][ T4351] atomic_op ffff88812971f928 conn xmit_atomic 0000000000000000
[   48.021559][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.097455][ T4372] loop3: detected capacity change from 0 to 512
[   48.111611][ T4369] loop4: detected capacity change from 0 to 512
[   48.135186][ T4372] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.149064][ T4372] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.170118][ T4369] EXT4-fs (loop4): external journal device major/minor numbers have changed
[   48.221309][ T4384] loop2: detected capacity change from 0 to 1024
[   48.254730][ T4384] EXT4-fs: Ignoring removed bh option
[   48.261688][ T4369] EXT4-fs (loop4): failed to open journal device unknown-block(0,4) -6
[   48.292988][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.306925][ T4384] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.360082][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.401377][ T4389] loop3: detected capacity change from 0 to 4096
[   48.432369][ T4393] team0 (unregistering): Port device team_slave_0 removed
[   48.435439][ T4389] EXT4-fs: Ignoring removed nomblk_io_submit option
[   48.453419][ T4393] team0 (unregistering): Port device team_slave_1 removed
[   48.467299][ T4402] loop4: detected capacity change from 0 to 128
[   48.487451][ T4389] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.506679][ T4402] FAULT_INJECTION: forcing a failure.
[   48.506679][ T4402] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   48.520123][ T4402] CPU: 0 UID: 0 PID: 4402 Comm: syz.4.265 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.520148][ T4402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   48.520158][ T4402] Call Trace:
[   48.520162][ T4402]  <TASK>
[   48.520167][ T4402]  __dump_stack+0x1d/0x30
[   48.520190][ T4402]  dump_stack_lvl+0xe8/0x140
[   48.520284][ T4402]  dump_stack+0x15/0x1b
[   48.520299][ T4402]  should_fail_ex+0x265/0x280
[   48.520383][ T4402]  should_fail_alloc_page+0xf2/0x100
[   48.520408][ T4402]  __alloc_frozen_pages_noprof+0xff/0x360
[   48.520494][ T4402]  alloc_pages_mpol+0xb3/0x250
[   48.520528][ T4402]  vma_alloc_folio_noprof+0x1aa/0x300
[   48.520611][ T4402]  handle_mm_fault+0xec2/0x2c20
[   48.520639][ T4402]  ? __rcu_read_lock+0x37/0x50
[   48.520660][ T4402]  ? __pte_offset_map_lock+0x1d4/0x230
[   48.520758][ T4402]  __get_user_pages+0x102e/0x1fa0
[   48.520805][ T4402]  __gup_longterm_locked+0x8f4/0xe60
[   48.520834][ T4402]  ? __rcu_read_unlock+0x34/0x70
[   48.520868][ T4402]  ? try_get_folio+0x379/0x3c0
[   48.520891][ T4402]  ? mod_node_page_state+0x1c/0xa0
[   48.520911][ T4402]  gup_fast_fallback+0x1f5/0x1420
[   48.520952][ T4402]  pin_user_pages_fast+0x5f/0x90
[   48.521016][ T4402]  iov_iter_extract_pages+0x253/0x420
[   48.521038][ T4402]  __blockdev_direct_IO+0x8a3/0x1d80
[   48.521071][ T4402]  ? __pfx_fat_get_block+0x10/0x10
[   48.521108][ T4402]  ? __pfx_fat_get_block+0x10/0x10
[   48.521191][ T4402]  fat_direct_IO+0x102/0x1d0
[   48.521214][ T4402]  generic_file_read_iter+0x218/0x330
[   48.521240][ T4402]  aio_read+0x1dd/0x2e0
[   48.521281][ T4402]  io_submit_one+0xab2/0x11d0
[   48.521355][ T4402]  __se_sys_io_submit+0xfb/0x280
[   48.521386][ T4402]  __x64_sys_io_submit+0x43/0x50
[   48.521415][ T4402]  x64_sys_call+0x2d5d/0x2ff0
[   48.521442][ T4402]  do_syscall_64+0xd2/0x200
[   48.521516][ T4402]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   48.521544][ T4402]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   48.521623][ T4402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.521643][ T4402] RIP: 0033:0x7f61ccedeba9
[   48.521658][ T4402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.521674][ T4402] RSP: 002b:00007f61cb93f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   48.521690][ T4402] RAX: ffffffffffffffda RBX: 00007f61cd125fa0 RCX: 00007f61ccedeba9
[   48.521701][ T4402] RDX: 0000200000001d00 RSI: 0000000000000002 RDI: 00007f61cdc61000
[   48.521733][ T4402] RBP: 00007f61cb93f090 R08: 0000000000000000 R09: 0000000000000000
[   48.521788][ T4402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   48.521804][ T4402] R13: 00007f61cd126038 R14: 00007f61cd125fa0 R15: 00007ffc024ac788
[   48.521827][ T4402]  </TASK>
[   48.531175][ T4402] syz.4.265: attempt to access beyond end of device
[   48.531175][ T4402] loop4: rw=0, sector=121, nr_sectors = 920 limit=128
[   48.827069][ T4417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.269'.
[   48.836025][ T4417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.269'.
[   48.844978][ T4417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.269'.
[   48.892147][ T4422] loop1: detected capacity change from 0 to 512
[   48.976020][ T4417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.269'.
[   48.985193][ T4417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.269'.
[   48.994217][ T4417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.269'.
[   49.020126][ T4422] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.026163][ T4430] netlink: 'syz.4.272': attribute type 4 has an invalid length.
[   49.056249][ T4422] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.087150][ T4417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.269'.
[   49.096212][ T4417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.269'.
[   49.105344][ T4417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.269'.
[   49.135255][ T4436] loop0: detected capacity change from 0 to 512
[   49.190206][ T4436] EXT4-fs: Ignoring removed i_version option
[   49.221985][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.222011][ T4436] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 17. Delete some EAs or run e2fsck.
[   49.256231][ T4436] EXT4-fs (loop0): 1 truncate cleaned up
[   49.273020][ T4436] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.276630][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.296983][ T4447] loop2: detected capacity change from 0 to 512
[   49.305292][ T4447] EXT4-fs: Ignoring removed nobh option
[   49.326560][ T4447] EXT4-fs (loop2): Invalid log block size: 4294934529
[   49.346215][ T4436] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.388252][ T4456] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   49.432559][ T4460] serio: Serial port ptm13
[   49.471587][ T4463] loop0: detected capacity change from 0 to 1024
[   49.481674][ T4463] EXT4-fs: Mount option(s) incompatible with ext2
[   49.511831][ T4463] loop0: detected capacity change from 0 to 1024
[   49.589655][ T4470] loop2: detected capacity change from 0 to 1024
[   49.607430][ T4470] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   49.618434][ T4470] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   49.630863][ T4470] JBD2: no valid journal superblock found
[   49.636639][ T4470] EXT4-fs (loop2): Could not load journal inode
[   49.680084][ T4470] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   49.689317][ T4470] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   49.721232][ T4471] lo speed is unknown, defaulting to 1000
[   49.721784][ T4470] siw: device registration error -23
[   49.731311][ T4471] lo speed is unknown, defaulting to 1000
[   49.738767][ T4471] lo speed is unknown, defaulting to 1000
[   49.747940][ T4471] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   49.760128][ T4471] lo speed is unknown, defaulting to 1000
[   49.766390][ T4471] lo speed is unknown, defaulting to 1000
[   49.772542][ T4471] lo speed is unknown, defaulting to 1000
[   49.783802][ T4471] lo speed is unknown, defaulting to 1000
[   49.792131][ T4471] lo speed is unknown, defaulting to 1000
[   49.805910][ T4477] pim6reg: entered allmulticast mode
[   49.813202][ T4477] pim6reg: left allmulticast mode
[   49.825384][ T4479] loop2: detected capacity change from 0 to 512
[   49.836532][ T4479] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.849600][ T4479] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.868817][ T4477] loop0: detected capacity change from 0 to 512
[   49.886036][ T4477] EXT4-fs (loop0): too many log groups per flexible block group
[   49.893844][ T4477] EXT4-fs (loop0): failed to initialize mballoc (-12)
[   49.901020][ T4477] EXT4-fs (loop0): mount failed
[   49.953410][ T4487] bridge_slave_0: left allmulticast mode
[   49.959180][ T4487] bridge_slave_0: left promiscuous mode
[   49.965533][ T4487] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.975355][ T4487] bridge_slave_1: left allmulticast mode
[   49.981037][ T4487] bridge_slave_1: left promiscuous mode
[   49.987387][ T4487] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.996168][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.007180][ T4487] bond0: (slave bond_slave_0): Releasing backup interface
[   50.033017][ T4487] bond0: (slave bond_slave_1): Releasing backup interface
[   50.042203][ T4487] team0: Port device team_slave_0 removed
[   50.053181][ T4494] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   50.061756][ T4487] team0: Port device team_slave_1 removed
[   50.067900][ T4487] batman_adv: batadv0: Removing interface: batadv_slave_0
[   50.075907][ T4487] batman_adv: batadv0: Removing interface: batadv_slave_1
[   50.320852][ T4513] loop1: detected capacity change from 0 to 1024
[   50.330753][ T4513] EXT4-fs: Mount option(s) incompatible with ext2
[   50.350704][ T4512] loop4: detected capacity change from 0 to 1024
[   50.374084][ T4513] loop1: detected capacity change from 0 to 1024
[   50.412924][ T4512] EXT4-fs: Mount option(s) incompatible with ext2
[   50.471867][ T4512] loop4: detected capacity change from 0 to 1024
[   50.548333][ T4523] loop3: detected capacity change from 0 to 164
[   50.618547][ T4523] Unable to read rock-ridge attributes
[   50.674674][ T4523] Unable to read rock-ridge attributes
[   50.877875][ T4533] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[   50.879629][ T4533] IPv6: sit1: Disabled Multicast RS
[   50.900860][ T4533] sit1: entered allmulticast mode
[   51.038319][ T4543] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   51.141750][ T4554] loop3: detected capacity change from 0 to 1024
[   51.149006][ T4554] EXT4-fs: Mount option(s) incompatible with ext2
[   51.242043][ T4559] loop3: detected capacity change from 0 to 1024
[   51.507881][ T4573] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[   51.529572][ T4575] loop0: detected capacity change from 0 to 1024
[   51.550562][ T4575] EXT4-fs: Ignoring removed bh option
[   51.564484][ T4575] EXT4-fs: inline encryption not supported
[   51.577551][ T4575] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   51.584092][ T4578] lo speed is unknown, defaulting to 1000
[   51.593809][ T4575] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   51.616860][ T4575] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm syz.0.327: lblock 2 mapped to illegal pblock 2 (length 1)
[   51.632385][ T4575] EXT4-fs (loop0): Remounting filesystem read-only
[   51.639175][ T4575] EXT4-fs (loop0): 1 orphan inode deleted
[   51.645521][ T4575] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.660670][ T4575] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.669963][ T4584] loop2: detected capacity change from 0 to 512
[   51.684295][ T4584] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   51.715520][ T4578] loop3: detected capacity change from 0 to 1024
[   51.732180][ T4575] loop0: detected capacity change from 0 to 1024
[   51.733374][ T4578] EXT4-fs: Ignoring removed orlov option
[   51.744579][ T4575] EXT4-fs: Ignoring removed bh option
[   51.750354][ T4575] EXT4-fs: inline encryption not supported
[   51.757046][ T4575] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   51.790558][ T4575] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   51.822757][ T4578] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.843036][ T4575] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm syz.0.327: lblock 2 mapped to illegal pblock 2 (length 1)
[   51.859886][ T4575] EXT4-fs (loop0): Remounting filesystem read-only
[   51.875210][ T4575] EXT4-fs (loop0): 1 orphan inode deleted
[   51.897855][ T4575] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.036284][ T4575] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.069319][   T29] kauditd_printk_skb: 513 callbacks suppressed
[   52.069335][   T29] audit: type=1400 audit(1758130576.695:11897): avc:  denied  { read } for  pid=4577 comm="syz.3.328" path="/79/bus/bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   52.141531][ T4604] loop0: detected capacity change from 0 to 512
[   52.147880][   T29] audit: type=1400 audit(1758130576.735:11898): avc:  denied  { append } for  pid=4577 comm="syz.3.328" path="/79/bus/cpu.stat" dev="loop3" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   52.162381][ T4606] loop4: detected capacity change from 0 to 512
[   52.208146][ T4606] EXT4-fs: Ignoring removed bh option
[   52.213666][ T4606] EXT4-fs: Ignoring removed mblk_io_submit option
[   52.222822][ T4604] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.303765][ T4606] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   52.318315][ T4604] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.359457][ T4606] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   52.406033][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.416558][ T4606] EXT4-fs (loop4): orphan cleanup on readonly fs
[   52.430263][ T4606] Quota error (device loop4): do_insert_tree: Free block already used in tree: block 4
[   52.440831][ T4606] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota
[   52.531960][ T4606] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.334: Failed to acquire dquot type 1
[   52.573403][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.583687][ T4606] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.334: Invalid block bitmap block 0 in block_group 0
[   52.617637][ T4606] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.334: Invalid block bitmap block 0 in block_group 0
[   52.660279][ T4616] loop0: detected capacity change from 0 to 1024
[   52.673177][ T4606] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.334: Invalid block bitmap block 0 in block_group 0
[   52.690510][ T4616] EXT4-fs: Mount option(s) incompatible with ext2
[   52.732654][   T29] audit: type=1326 audit(1758130577.355:11899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4615 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955b72eba9 code=0x7ffc0000
[   52.756365][   T29] audit: type=1326 audit(1758130577.355:11900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4615 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f955b72eba9 code=0x7ffc0000
[   52.779834][   T29] audit: type=1326 audit(1758130577.355:11901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4615 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955b72eba9 code=0x7ffc0000
[   52.803617][   T29] audit: type=1326 audit(1758130577.355:11902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4615 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f955b72eba9 code=0x7ffc0000
[   52.827153][   T29] audit: type=1326 audit(1758130577.355:11903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4615 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f955b72ebe3 code=0x7ffc0000
[   52.850427][   T29] audit: type=1326 audit(1758130577.355:11904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4615 comm="syz.0.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f955b72d65f code=0x7ffc0000
[   52.990681][ T4606] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.334: Failed to acquire dquot type 1
[   53.020331][ T4620] __nla_validate_parse: 15 callbacks suppressed
[   53.020363][ T4620] netlink: 8 bytes leftover after parsing attributes in process `syz.0.336'.
[   53.035553][ T4620] netlink: 8 bytes leftover after parsing attributes in process `syz.0.336'.
[   53.165031][ T4606] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.334: Failed to acquire dquot type 1
[   53.252577][ T4606] EXT4-fs (loop4): 1 orphan inode deleted
[   53.280243][ T4606] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   53.388655][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.337302][ T4641] loop0: detected capacity change from 0 to 512
[   54.343772][ T4636] FAULT_INJECTION: forcing a failure.
[   54.343772][ T4636] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   54.349840][ T4639] netlink: 8 bytes leftover after parsing attributes in process `syz.4.345'.
[   54.357083][ T4636] CPU: 1 UID: 0 PID: 4636 Comm: syz.3.344 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.357161][ T4636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   54.357180][ T4636] Call Trace:
[   54.357188][ T4636]  <TASK>
[   54.357197][ T4636]  __dump_stack+0x1d/0x30
[   54.357261][ T4636]  dump_stack_lvl+0xe8/0x140
[   54.357290][ T4636]  dump_stack+0x15/0x1b
[   54.357312][ T4636]  should_fail_ex+0x265/0x280
[   54.357361][ T4636]  should_fail+0xb/0x20
[   54.357391][ T4636]  should_fail_usercopy+0x1a/0x20
[   54.357427][ T4636]  _copy_from_user+0x1c/0xb0
[   54.357502][ T4636]  ___sys_recvmsg+0xaa/0x370
[   54.357539][ T4636]  ? 0xffffffff81000000
[   54.357565][ T4636]  ? __rcu_read_unlock+0x4f/0x70
[   54.357615][ T4636]  __x64_sys_recvmsg+0xd1/0x160
[   54.357667][ T4636]  x64_sys_call+0x2b42/0x2ff0
[   54.357696][ T4636]  do_syscall_64+0xd2/0x200
[   54.357738][ T4636]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   54.357825][ T4636]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   54.357864][ T4636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.357891][ T4636] RIP: 0033:0x7f3c2c94eba9
[   54.357911][ T4636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.357933][ T4636] RSP: 002b:00007f3c2b3b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   54.357958][ T4636] RAX: ffffffffffffffda RBX: 00007f3c2cb95fa0 RCX: 00007f3c2c94eba9
[   54.358029][ T4636] RDX: 0000000000000000 RSI: 0000200000000900 RDI: 0000000000000005
[   54.358044][ T4636] RBP: 00007f3c2b3b7090 R08: 0000000000000000 R09: 0000000000000000
[   54.358080][ T4636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.358095][ T4636] R13: 00007f3c2cb96038 R14: 00007f3c2cb95fa0 R15: 00007fff26ff4ea8
[   54.358120][ T4636]  </TASK>
[   54.564173][ T4639] IPVS: Error joining to the multicast group
[   54.573999][ T4641] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.703682][ T4641] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.729129][ T4649] loop3: detected capacity change from 0 to 1024
[   54.797136][ T4649] EXT4-fs: Mount option(s) incompatible with ext2
[   54.886340][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.964031][ T4649] loop3: detected capacity change from 0 to 1024
[   55.324425][ T4666] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[   55.380231][ T4649] netlink: 8 bytes leftover after parsing attributes in process `syz.3.349'.
[   55.389228][ T4649] netlink: 8 bytes leftover after parsing attributes in process `syz.3.349'.
[   55.590832][ T4674] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4674 comm=syz.0.358
[   55.669933][ T4676] loop3: detected capacity change from 0 to 512
[   55.678577][ T4674] netlink: 12 bytes leftover after parsing attributes in process `syz.0.358'.
[   55.719853][ T4676] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.800502][ T4676] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.827475][ T4674] loop0: detected capacity change from 0 to 512
[   55.877955][ T4674] EXT4-fs (loop0): external journal device major/minor numbers have changed
[   55.898787][ T4676] netlink: 196 bytes leftover after parsing attributes in process `syz.3.359'.
[   56.015194][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.034582][ T4674] EXT4-fs (loop0): failed to open journal device unknown-block(0,4) -6
[   56.301139][ T4701] loop1: detected capacity change from 0 to 512
[   56.336261][ T4701] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.373125][ T4701] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.408586][ T4701] netlink: 196 bytes leftover after parsing attributes in process `syz.1.365'.
[   56.452041][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.666621][ T4719] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[   56.673228][ T4719] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   56.680913][ T4719] vhci_hcd vhci_hcd.0: Device attached
[   56.687578][ T4724] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   56.878582][ T3389] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x4
[   56.886455][ T3389] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x2
[   56.890182][ T3404] vhci_hcd: vhci_device speed not set
[   56.898944][ T3389] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x3
[   56.963620][ T3404] usb 9-1: new low-speed USB device number 2 using vhci_hcd
[   56.994631][ T3389] hid-generic 0000:3000000:0000.0009: hidraw7: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   57.025635][ T4738] fido_id[4738]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   57.424609][ T4721] vhci_hcd: connection reset by peer
[   57.474697][   T37] vhci_hcd: stop threads
[   57.478984][   T37] vhci_hcd: release socket
[   57.483425][   T37] vhci_hcd: disconnect device
[   57.567966][ T4758] loop3: detected capacity change from 0 to 1024
[   57.580456][ T4755] netlink: 36 bytes leftover after parsing attributes in process `syz.1.381'.
[   57.644885][ T4758] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.659106][   T29] kauditd_printk_skb: 339 callbacks suppressed
[   57.659119][   T29] audit: type=1326 audit(1758130582.285:12240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   57.689011][   T29] audit: type=1326 audit(1758130582.285:12241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   57.948448][   T29] audit: type=1326 audit(1758130582.345:12242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   57.972042][   T29] audit: type=1326 audit(1758130582.345:12243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   57.995668][   T29] audit: type=1326 audit(1758130582.345:12244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4762 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c2c981465 code=0x7ffc0000
[   58.019239][   T29] audit: type=1326 audit(1758130582.345:12245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   58.042810][   T29] audit: type=1326 audit(1758130582.355:12246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   58.066246][   T29] audit: type=1326 audit(1758130582.355:12247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   58.089830][   T29] audit: type=1326 audit(1758130582.355:12248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   58.113224][   T29] audit: type=1326 audit(1758130582.355:12249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4754 comm="syz.3.383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2c94eba9 code=0x7ffc0000
[   58.509370][ T3900] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.574696][ T4783] loop2: detected capacity change from 0 to 736
[   58.690499][ T4787] loop2: detected capacity change from 0 to 512
[   58.715667][ T4787] EXT4-fs (loop2): orphan cleanup on readonly fs
[   58.730949][ T4787] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm gtp: invalid indirect mapped block 4294967295 (level 1)
[   58.745580][ T4787] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm gtp: invalid indirect mapped block 4294967295 (level 1)
[   58.760296][ T4787] EXT4-fs (loop2): 2 truncates cleaned up
[   58.767642][ T4787] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   58.910133][ T4793] loop0: detected capacity change from 0 to 512
[   58.917218][ T4793] EXT4-fs: Ignoring removed nobh option
[   58.928062][ T4793] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   58.941270][ T4793] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 not in group (block 4294967294)!
[   58.952180][ T4793] EXT4-fs (loop0): group descriptors corrupted!
[   59.029868][ T4801] loop0: detected capacity change from 0 to 1024
[   59.038175][ T4801] EXT4-fs: Mount option(s) incompatible with ext2
[   59.056439][ T1688] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.069472][ T4801] loop0: detected capacity change from 0 to 1024
[   59.096875][ T1688] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.147933][ T1688] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.167981][ T4801] netlink: 8 bytes leftover after parsing attributes in process `syz.0.398'.
[   59.176834][ T4801] netlink: 8 bytes leftover after parsing attributes in process `syz.0.398'.
[   59.211641][ T1049] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[   59.219511][ T1049] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[   59.228087][ T1688] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.237934][ T1049] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[   59.245597][ T1049] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[   59.253009][ T1049] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[   59.260691][ T1049] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[   59.268126][ T1049] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[   59.278222][ T1049] hid-generic 0000:0000:0000.000A: hidraw2: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   59.307127][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.357226][ T4817] fido_id[4817]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   59.420078][ T1688] bridge_slave_1: left allmulticast mode
[   59.426013][ T1688] bridge_slave_1: left promiscuous mode
[   59.431735][ T1688] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.442248][ T1688] bridge_slave_0: left allmulticast mode
[   59.448012][ T1688] bridge_slave_0: left promiscuous mode
[   59.453712][ T1688] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.536245][ T4833] loop4: detected capacity change from 0 to 1024
[   59.566032][ T4833] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.612729][ T4833] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[   59.685043][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.694643][ T1688] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   59.696674][ T4845] netlink: 64 bytes leftover after parsing attributes in process `syz.1.410'.
[   59.733435][ T1688] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   59.744040][ T3707] hid-generic 0000:0000:0000.000B: hidraw2: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   59.780775][ T1688] bond0 (unregistering): Released all slaves
[   59.935313][ T1688] hsr_slave_0: left promiscuous mode
[   59.943393][ T4853] random: crng reseeded on system resumption
[   59.960267][ T1688] hsr_slave_1: left promiscuous mode
[   59.975326][ T1688] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   59.978047][ T4853] Restarting kernel threads ...
[   59.982733][ T1688] batman_adv: batadv0: Removing interface: batadv_slave_0
[   60.008153][ T4853] Done restarting kernel threads.
[   60.067663][ T1688] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   60.075272][ T1688] batman_adv: batadv0: Removing interface: batadv_slave_1
[   60.102213][ T4867] netlink: 8 bytes leftover after parsing attributes in process `syz.0.413'.
[   60.111231][ T4867] netlink: 8 bytes leftover after parsing attributes in process `syz.0.413'.
[   60.120671][ T1688] veth1_macvtap: left promiscuous mode
[   60.134764][ T1688] veth0_macvtap: left promiscuous mode
[   60.150477][ T1688] veth1_vlan: left promiscuous mode
[   60.160570][ T1688] veth0_vlan: left promiscuous mode
[   60.215652][ T4872] loop1: detected capacity change from 0 to 512
[   60.244532][ T4872] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   60.265513][ T4872] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.414: corrupted in-inode xattr: overlapping e_value 
[   60.290637][ T4872] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.414: couldn't read orphan inode 15 (err -117)
[   60.340365][ T4872] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.353350][ T1688] team0 (unregistering): Port device team_slave_1 removed
[   60.366318][ T4875] loop0: detected capacity change from 0 to 512
[   60.372894][ T1688] team0 (unregistering): Port device team_slave_0 removed
[   60.388009][ T4875] vfat: Invalid gid '0x00000000ffffffff'
[   60.395846][ T4872] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.483903][ T4813] lo speed is unknown, defaulting to 1000
[   60.608811][ T4813] chnl_net:caif_netlink_parms(): no params data found
[   60.737718][ T4813] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.745365][ T4813] bridge0: port 1(bridge_slave_0) entered disabled state
[   60.776425][ T4813] bridge_slave_0: entered allmulticast mode
[   60.790117][ T4813] bridge_slave_0: entered promiscuous mode
[   60.821584][ T4813] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.828805][ T4813] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.854822][ T4903] netlink: 'syz.4.417': attribute type 3 has an invalid length.
[   60.862560][ T4903] netlink: 14 bytes leftover after parsing attributes in process `syz.4.417'.
[   60.868489][ T4813] bridge_slave_1: entered allmulticast mode
[   60.890080][ T4813] bridge_slave_1: entered promiscuous mode
[   60.976091][ T4813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.991985][ T4813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.108212][ T4813] team0: Port device team_slave_0 added
[   61.138802][ T4813] team0: Port device team_slave_1 added
[   61.205789][ T4813] batman_adv: batadv0: Adding interface: batadv_slave_0
[   61.212844][ T4813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.238974][ T4813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   61.255951][ T4813] batman_adv: batadv0: Adding interface: batadv_slave_1
[   61.262966][ T4813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.289058][ T4813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   61.305209][ T4927] wireguard0: entered promiscuous mode
[   61.310705][ T4927] wireguard0: entered allmulticast mode
[   61.358854][ T4813] hsr_slave_0: entered promiscuous mode
[   61.378647][ T4813] hsr_slave_1: entered promiscuous mode
[   61.395737][ T4813] debugfs: 'hsr0' already exists in 'hsr'
[   61.401608][ T4813] Cannot create hsr debugfs directory
[   61.443185][ T4935] netlink: 4 bytes leftover after parsing attributes in process `syz.4.423'.
[   61.486036][ T4937] loop4: detected capacity change from 0 to 1024
[   61.500960][ T4937] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[   61.647419][ T4813] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   61.667311][ T4813] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   61.667916][ T4942] netlink: 12 bytes leftover after parsing attributes in process `syz.1.424'.
[   61.691049][ T4813] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   61.711801][ T4813] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   61.887341][ T4967] loop1: detected capacity change from 0 to 1024
[   61.904146][ T4967] EXT4-fs: Mount option(s) incompatible with ext2
[   61.911435][ T4813] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.932604][ T4967] loop1: detected capacity change from 0 to 1024
[   61.970042][ T4813] 8021q: adding VLAN 0 to HW filter on device team0
[   61.990335][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.997454][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.020285][ T4967] netlink: 8 bytes leftover after parsing attributes in process `syz.1.426'.
[   62.029190][ T4967] netlink: 8 bytes leftover after parsing attributes in process `syz.1.426'.
[   62.047864][ T3445] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.053670][ T3404] usb 9-1: enqueue for inactive port 0
[   62.054979][ T3445] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.060496][ T3404] usb 9-1: enqueue for inactive port 0
[   62.164136][ T3404] vhci_hcd: vhci_device speed not set
[   62.192979][ T4813] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.351417][ T4813] veth0_vlan: entered promiscuous mode
[   62.361572][ T4813] veth1_vlan: entered promiscuous mode
[   62.384437][ T4813] veth0_macvtap: entered promiscuous mode
[   62.392614][ T4813] veth1_macvtap: entered promiscuous mode
[   62.409928][ T4813] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.424207][ T4813] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.438110][   T37] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.448353][   T37] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.459008][   T37] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.471041][   T37] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.536658][ T4993] loop5: detected capacity change from 0 to 512
[   62.567437][ T4993] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.850901][ T5008] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   62.889086][ T5011] netlink: 'syz.4.431': attribute type 39 has an invalid length.
[   62.949350][   T29] kauditd_printk_skb: 314 callbacks suppressed
[   62.949365][   T29] audit: type=1326 audit(1758130587.575:12564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5007 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcccb16eba9 code=0x7ffc0000
[   62.979469][   T29] audit: type=1326 audit(1758130587.575:12565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5007 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcccb16eba9 code=0x7ffc0000
[   63.005125][   T29] audit: type=1326 audit(1758130587.575:12566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5007 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fcccb16eba9 code=0x7ffc0000
[   63.028624][   T29] audit: type=1326 audit(1758130587.575:12567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5007 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcccb16eba9 code=0x7ffc0000
[   63.052045][   T29] audit: type=1326 audit(1758130587.575:12568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5007 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcccb16eba9 code=0x7ffc0000
[   63.075522][   T29] audit: type=1326 audit(1758130587.575:12569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5007 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fcccb16eba9 code=0x7ffc0000
[   63.099031][   T29] audit: type=1326 audit(1758130587.575:12570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5007 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcccb16eba9 code=0x7ffc0000
[   63.122613][   T29] audit: type=1326 audit(1758130587.575:12571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5007 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fcccb16eba9 code=0x7ffc0000
[   63.146192][   T29] audit: type=1326 audit(1758130587.575:12572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5007 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcccb16eba9 code=0x7ffc0000
[   63.169887][   T29] audit: type=1326 audit(1758130587.575:12573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5007 comm="syz.2.430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fcccb16eba9 code=0x7ffc0000
[   63.558954][ T5041] loop4: detected capacity change from 0 to 512
[   63.589286][ T5041] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.804128][ T5056] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   64.000317][ T5062] netlink: 'syz.5.447': attribute type 39 has an invalid length.
[   64.079275][ T5071] loop4: detected capacity change from 0 to 512
[   64.100793][ T5071] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.206773][ T5081] loop4: detected capacity change from 0 to 512
[   64.280637][ T5086] loop0: detected capacity change from 0 to 1024
[   64.300058][ T5086] EXT4-fs: Mount option(s) incompatible with ext2
[   64.320479][ T5081] EXT4-fs (loop4): too many log groups per flexible block group
[   64.328389][ T5081] EXT4-fs (loop4): failed to initialize mballoc (-12)
[   64.338267][ T5089] loop1: detected capacity change from 0 to 2048
[   64.346853][ T5081] EXT4-fs (loop4): mount failed
[   64.387640][ T5089] EXT4-fs (loop1): failed to initialize system zone (-117)
[   64.404671][ T5089] EXT4-fs (loop1): mount failed
[   64.422863][ T5086] __nla_validate_parse: 3 callbacks suppressed
[   64.422877][ T5086] netlink: 8 bytes leftover after parsing attributes in process `syz.0.454'.
[   64.438576][ T5086] netlink: 8 bytes leftover after parsing attributes in process `syz.0.454'.
[   64.521875][ T5106] netdevsim netdevsim4: Direct firmware load for ./file0/file1 failed with error -2
[   64.543448][ T5108] netlink: 12 bytes leftover after parsing attributes in process `syz.0.463'.
[   64.569191][ T5108] netlink: 12 bytes leftover after parsing attributes in process `syz.0.463'.
[   64.604329][ T5108] netlink: 12 bytes leftover after parsing attributes in process `syz.0.463'.
[   64.657393][ T5114] lo speed is unknown, defaulting to 1000
[   64.893576][ T5131] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   64.984948][ T5134] macvlan1: entered promiscuous mode
[   64.991198][ T5134] ipvlan0: entered promiscuous mode
[   64.997176][ T5134] ipvlan0: left promiscuous mode
[   65.002417][ T5134] macvlan1: left promiscuous mode
[   65.132348][ T5142] loop4: detected capacity change from 0 to 1024
[   65.142254][ T5142] EXT4-fs: Mount option(s) incompatible with ext2
[   65.146716][ T5144] netlink: 4 bytes leftover after parsing attributes in process `syz.1.475'.
[   65.159474][ T5144] netlink: 8 bytes leftover after parsing attributes in process `syz.1.475'.
[   65.179380][ T5142] loop4: detected capacity change from 0 to 1024
[   65.212879][ T5144] SELinux: failed to load policy
[   65.221891][ T5142] netlink: 8 bytes leftover after parsing attributes in process `syz.4.474'.
[   65.230737][ T5142] netlink: 8 bytes leftover after parsing attributes in process `syz.4.474'.
[   65.256769][ T5149] netlink: 12 bytes leftover after parsing attributes in process `syz.2.477'.
[   65.295732][ T5149] FAULT_INJECTION: forcing a failure.
[   65.295732][ T5149] name failslab, interval 1, probability 0, space 0, times 0
[   65.310268][ T5149] CPU: 1 UID: 0 PID: 5149 Comm: syz.2.477 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.310299][ T5149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   65.310362][ T5149] Call Trace:
[   65.310367][ T5149]  <TASK>
[   65.310374][ T5149]  __dump_stack+0x1d/0x30
[   65.310430][ T5149]  dump_stack_lvl+0xe8/0x140
[   65.310452][ T5149]  dump_stack+0x15/0x1b
[   65.310469][ T5149]  should_fail_ex+0x265/0x280
[   65.310557][ T5149]  should_failslab+0x8c/0xb0
[   65.310584][ T5149]  kmem_cache_alloc_noprof+0x50/0x310
[   65.310620][ T5149]  ? skb_clone+0x151/0x1f0
[   65.310650][ T5149]  skb_clone+0x151/0x1f0
[   65.310753][ T5149]  __netlink_deliver_tap+0x2c9/0x500
[   65.310782][ T5149]  ? netlink_attachskb+0x2d0/0x610
[   65.310806][ T5149]  netlink_sendskb+0x126/0x150
[   65.310829][ T5149]  netlink_unicast+0x2a2/0x690
[   65.310881][ T5149]  netlink_ack+0x4c8/0x500
[   65.310909][ T5149]  netlink_rcv_skb+0x192/0x220
[   65.311005][ T5149]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   65.311033][ T5149]  nfnetlink_rcv+0x16b/0x1690
[   65.311060][ T5149]  ? nlmon_xmit+0x4f/0x60
[   65.311091][ T5149]  ? consume_skb+0x49/0x150
[   65.311170][ T5149]  ? nlmon_xmit+0x4f/0x60
[   65.311202][ T5149]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   65.311250][ T5149]  ? __dev_queue_xmit+0x1200/0x2000
[   65.311277][ T5149]  ? __dev_queue_xmit+0x182/0x2000
[   65.311306][ T5149]  ? ref_tracker_free+0x37d/0x3e0
[   65.311370][ T5149]  ? __netlink_deliver_tap+0x4dc/0x500
[   65.311431][ T5149]  netlink_unicast+0x5c0/0x690
[   65.311468][ T5149]  netlink_sendmsg+0x58b/0x6b0
[   65.311497][ T5149]  ? __pfx_netlink_sendmsg+0x10/0x10
[   65.311525][ T5149]  __sock_sendmsg+0x142/0x180
[   65.311660][ T5149]  ____sys_sendmsg+0x31e/0x4e0
[   65.311749][ T5149]  ___sys_sendmsg+0x17b/0x1d0
[   65.311791][ T5149]  __x64_sys_sendmsg+0xd4/0x160
[   65.311825][ T5149]  x64_sys_call+0x191e/0x2ff0
[   65.311848][ T5149]  do_syscall_64+0xd2/0x200
[   65.312025][ T5149]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   65.312051][ T5149]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   65.312083][ T5149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.312149][ T5149] RIP: 0033:0x7fcccb16eba9
[   65.312165][ T5149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.312184][ T5149] RSP: 002b:00007fccc9bcf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   65.312204][ T5149] RAX: ffffffffffffffda RBX: 00007fcccb3b5fa0 RCX: 00007fcccb16eba9
[   65.312216][ T5149] RDX: 0000000004000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   65.312229][ T5149] RBP: 00007fccc9bcf090 R08: 0000000000000000 R09: 0000000000000000
[   65.312242][ T5149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   65.312254][ T5149] R13: 00007fcccb3b6038 R14: 00007fcccb3b5fa0 R15: 00007ffe6bcde838
[   65.312300][ T5149]  </TASK>
[   65.601213][ T5155] netlink: 'syz.1.480': attribute type 4 has an invalid length.
[   65.694941][ T5157] loop0: detected capacity change from 0 to 512
[   65.744373][ T5157] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   65.796019][ T5157] EXT4-fs (loop0): 1 truncate cleaned up
[   65.815428][ T5171] loop2: detected capacity change from 0 to 512
[   65.857154][ T5171] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.928411][ T5181] loop4: detected capacity change from 0 to 1024
[   65.950676][ T5181] EXT4-fs: Ignoring removed nomblk_io_submit option
[   65.957666][ T5181] EXT4-fs: inline encryption not supported
[   66.056738][ T5195] FAULT_INJECTION: forcing a failure.
[   66.056738][ T5195] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.069875][ T5195] CPU: 1 UID: 0 PID: 5195 Comm: syz.2.493 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.069960][ T5195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   66.069974][ T5195] Call Trace:
[   66.069981][ T5195]  <TASK>
[   66.069989][ T5195]  __dump_stack+0x1d/0x30
[   66.070015][ T5195]  dump_stack_lvl+0xe8/0x140
[   66.070038][ T5195]  dump_stack+0x15/0x1b
[   66.070056][ T5195]  should_fail_ex+0x265/0x280
[   66.070123][ T5195]  should_fail+0xb/0x20
[   66.070148][ T5195]  should_fail_usercopy+0x1a/0x20
[   66.070179][ T5195]  copy_folio_from_iter_atomic+0x278/0x11b0
[   66.070306][ T5195]  ? shmem_write_begin+0xa8/0x190
[   66.070359][ T5195]  ? shmem_write_begin+0xe1/0x190
[   66.070384][ T5195]  generic_perform_write+0x2c2/0x490
[   66.070419][ T5195]  shmem_file_write_iter+0xc5/0xf0
[   66.070460][ T5195]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   66.070545][ T5195]  vfs_write+0x52a/0x960
[   66.070579][ T5195]  ksys_write+0xda/0x1a0
[   66.070607][ T5195]  __x64_sys_write+0x40/0x50
[   66.070633][ T5195]  x64_sys_call+0x27fe/0x2ff0
[   66.070683][ T5195]  do_syscall_64+0xd2/0x200
[   66.070721][ T5195]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.070747][ T5195]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   66.070781][ T5195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.070829][ T5195] RIP: 0033:0x7fcccb16d65f
[   66.070847][ T5195] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   66.070867][ T5195] RSP: 002b:00007fccc9bcedf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   66.070888][ T5195] RAX: ffffffffffffffda RBX: 0000000000014800 RCX: 00007fcccb16d65f
[   66.070900][ T5195] RDX: 0000000000014800 RSI: 00007fccc17af000 RDI: 0000000000000007
[   66.070911][ T5195] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000702
[   66.070967][ T5195] R10: 00000000000007d2 R11: 0000000000000293 R12: 0000000000000007
[   66.071013][ T5195] R13: 00007fccc9bceef0 R14: 00007fccc9bceeb0 R15: 00007fccc17af000
[   66.071035][ T5195]  </TASK>
[   66.072960][ T5195] loop2: detected capacity change from 0 to 164
[   66.290906][ T5195] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   66.363510][ T5201] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[   66.486999][ T5212] pimreg: entered allmulticast mode
[   66.493031][ T5212] pimreg: left allmulticast mode
[   66.539129][ T5218] netlink: 'syz.5.501': attribute type 46 has an invalid length.
[   66.559160][ T5218] loop5: detected capacity change from 0 to 128
[   66.651474][   T31] kworker/u8:1: attempt to access beyond end of device
[   66.651474][   T31] loop5: rw=1, sector=145, nr_sectors = 8 limit=128
[   66.671860][   T31] kworker/u8:1: attempt to access beyond end of device
[   66.671860][   T31] loop5: rw=1, sector=161, nr_sectors = 8 limit=128
[   66.686066][   T31] kworker/u8:1: attempt to access beyond end of device
[   66.686066][   T31] loop5: rw=1, sector=177, nr_sectors = 8 limit=128
[   66.700026][   T31] kworker/u8:1: attempt to access beyond end of device
[   66.700026][   T31] loop5: rw=1, sector=193, nr_sectors = 8 limit=128
[   66.713774][   T31] kworker/u8:1: attempt to access beyond end of device
[   66.713774][   T31] loop5: rw=1, sector=209, nr_sectors = 8 limit=128
[   66.728197][   T31] kworker/u8:1: attempt to access beyond end of device
[   66.728197][   T31] loop5: rw=1, sector=225, nr_sectors = 8 limit=128
[   66.741721][   T31] kworker/u8:1: attempt to access beyond end of device
[   66.741721][   T31] loop5: rw=1, sector=241, nr_sectors = 8 limit=128
[   66.758284][   T31] kworker/u8:1: attempt to access beyond end of device
[   66.758284][   T31] loop5: rw=1, sector=257, nr_sectors = 8 limit=128
[   66.775331][   T31] kworker/u8:1: attempt to access beyond end of device
[   66.775331][   T31] loop5: rw=1, sector=273, nr_sectors = 8 limit=128
[   66.789016][   T31] kworker/u8:1: attempt to access beyond end of device
[   66.789016][   T31] loop5: rw=1, sector=289, nr_sectors = 8 limit=128
[   66.904617][ T5239] dvmrp1: entered allmulticast mode
[   66.929751][ T5243] loop0: detected capacity change from 0 to 512
[   66.952211][ T5243] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.002376][ T5243] netlink: 'syz.0.511': attribute type 1 has an invalid length.
[   67.114708][ T5250] loop0: detected capacity change from 0 to 128
[   67.574676][ T5258] futex_wake_op: syz.1.515 tries to shift op by -1; fix this program
[   67.589099][ T5258] FAULT_INJECTION: forcing a failure.
[   67.589099][ T5258] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.602421][ T5258] CPU: 0 UID: 0 PID: 5258 Comm: syz.1.515 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.602489][ T5258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   67.602505][ T5258] Call Trace:
[   67.602512][ T5258]  <TASK>
[   67.602520][ T5258]  __dump_stack+0x1d/0x30
[   67.602546][ T5258]  dump_stack_lvl+0xe8/0x140
[   67.602571][ T5258]  dump_stack+0x15/0x1b
[   67.602621][ T5258]  should_fail_ex+0x265/0x280
[   67.602667][ T5258]  should_fail+0xb/0x20
[   67.602697][ T5258]  should_fail_usercopy+0x1a/0x20
[   67.602758][ T5258]  strncpy_from_user+0x25/0x230
[   67.602789][ T5258]  ? kmem_cache_alloc_noprof+0x186/0x310
[   67.602819][ T5258]  ? getname_flags+0x80/0x3b0
[   67.602851][ T5258]  getname_flags+0xae/0x3b0
[   67.602878][ T5258]  getname_uflags+0x21/0x30
[   67.602912][ T5258]  __x64_sys_execveat+0x5d/0x90
[   67.602956][ T5258]  x64_sys_call+0x1fec/0x2ff0
[   67.602981][ T5258]  do_syscall_64+0xd2/0x200
[   67.603010][ T5258]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   67.603111][ T5258]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   67.603157][ T5258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.603181][ T5258] RIP: 0033:0x7fe349f0eba9
[   67.603228][ T5258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.603245][ T5258] RSP: 002b:00007fe34896f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[   67.603265][ T5258] RAX: ffffffffffffffda RBX: 00007fe34a155fa0 RCX: 00007fe349f0eba9
[   67.603280][ T5258] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[   67.603295][ T5258] RBP: 00007fe34896f090 R08: 0000000000001000 R09: 0000000000000000
[   67.603308][ T5258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.603322][ T5258] R13: 00007fe34a156038 R14: 00007fe34a155fa0 R15: 00007ffd3a2cf838
[   67.603351][ T5258]  </TASK>
[   67.855193][ T5266] sctp: [Deprecated]: syz.2.518 (pid 5266) Use of int in max_burst socket option deprecated.
[   67.855193][ T5266] Use struct sctp_assoc_value instead
[   67.901394][ T5269] loop5: detected capacity change from 0 to 512
[   67.927706][ T5269] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.982853][   T29] kauditd_printk_skb: 317 callbacks suppressed
[   67.982872][   T29] audit: type=1400 audit(1758130592.605:12891): avc:  denied  { append } for  pid=5278 comm="syz.0.524" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   68.028786][ T5281] vlan2: entered allmulticast mode
[   68.046777][   T29] audit: type=1400 audit(1758130592.655:12892): avc:  denied  { mount } for  pid=5277 comm="syz.1.522" name="/" dev="configfs" ino=2033 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   68.069683][   T29] audit: type=1400 audit(1758130592.655:12893): avc:  denied  { search } for  pid=5277 comm="syz.1.522" name="/" dev="configfs" ino=2033 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   68.092019][   T29] audit: type=1400 audit(1758130592.655:12894): avc:  denied  { search } for  pid=5277 comm="syz.1.522" name="/" dev="configfs" ino=2033 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   68.114346][   T29] audit: type=1400 audit(1758130592.655:12895): avc:  denied  { read open } for  pid=5277 comm="syz.1.522" path="/" dev="configfs" ino=2033 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   68.154712][   T29] audit: type=1326 audit(1758130592.775:12896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5283 comm="syz.4.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ccedeba9 code=0x7ffc0000
[   68.168439][ T5289] bond2: entered promiscuous mode
[   68.178247][   T29] audit: type=1326 audit(1758130592.775:12897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5283 comm="syz.4.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f61ccedeba9 code=0x7ffc0000
[   68.183258][ T5289] bond2: entered allmulticast mode
[   68.184896][ T5289] 8021q: adding VLAN 0 to HW filter on device bond2
[   68.206913][   T29] audit: type=1326 audit(1758130592.775:12898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5283 comm="syz.4.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ccedeba9 code=0x7ffc0000
[   68.242214][   T29] audit: type=1326 audit(1758130592.775:12899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5283 comm="syz.4.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f61ccedeba9 code=0x7ffc0000
[   68.265913][   T29] audit: type=1326 audit(1758131360.786:12900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5283 comm="syz.4.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ccedeba9 code=0x7ffc0000
[   68.293116][ T5294] io-wq is not configured for unbound workers
[   68.321365][ T5294] usb usb1: usbfs: process 5294 (syz.0.527) did not claim interface 0 before use
[   68.329218][ T5284] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.339077][ T5294] tipc: Started in network mode
[   68.348139][ T5284] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.350323][ T5294] tipc: Node identity aaf1d8e8fbf6, cluster identity 4711
[   68.365138][ T5294] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   68.390058][ T5294] tipc: Disabling bearer <eth:syzkaller0>
[   68.444238][ T4813] EXT4-fs unmount: 15 callbacks suppressed
[   68.444257][ T4813] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.468794][ T5300] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[   68.540278][ T5305] loop0: detected capacity change from 0 to 764
[   68.549861][ T5305] rock: directory entry would overflow storage
[   68.556166][ T5305] rock: sig=0x4f50, size=4, remaining=3
[   68.561728][ T5305] iso9660: Corrupted directory entry in block 6 of inode 1792
[   68.593430][ T5309] loop0: detected capacity change from 0 to 256
[   68.641550][ T5313] loop5: detected capacity change from 0 to 512
[   68.659449][ T5313] EXT4-fs (loop5): orphan cleanup on readonly fs
[   68.676858][ T5313] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.534: bad orphan inode 13
[   68.689297][ T5313] ext4_test_bit(bit=12, block=18) = 1
[   68.694797][ T5313] is_bad_inode(inode)=0
[   68.699206][ T5313] NEXT_ORPHAN(inode)=2130706432
[   68.704091][ T5313] max_ino=32
[   68.707487][ T5313] i_nlink=1
[   68.711676][ T5313] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   68.744777][ T5322] loop2: detected capacity change from 0 to 1024
[   68.751816][ T5322] EXT4-fs: Mount option(s) incompatible with ext2
[   68.761378][ T4813] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.797714][ T5322] loop2: detected capacity change from 0 to 1024
[   69.415724][ T5362] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   69.702698][ T5370] loop0: detected capacity change from 0 to 1024
[   69.713753][ T5370] EXT4-fs: Mount option(s) incompatible with ext2
[   69.749546][ T5372] loop2: detected capacity change from 0 to 512
[   69.784042][ T5370] __nla_validate_parse: 17 callbacks suppressed
[   69.784057][ T5370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.552'.
[   69.799410][ T5370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.552'.
[   69.834509][ T5372] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   69.853903][ T5372] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[   69.883769][ T5375] netlink: 360 bytes leftover after parsing attributes in process `syz.5.555'.
[   69.924536][ T5381] netlink: 56 bytes leftover after parsing attributes in process `syz.5.557'.
[   69.926126][ T5372] netlink: 'syz.2.553': attribute type 1 has an invalid length.
[   69.964321][ T5378] loop0: detected capacity change from 0 to 8192
[   70.014243][ T5378] netlink: 36 bytes leftover after parsing attributes in process `syz.0.556'.
[   70.023208][ T5378] netlink: 16 bytes leftover after parsing attributes in process `syz.0.556'.
[   70.031314][ T5386] loop5: detected capacity change from 0 to 512
[   70.032117][ T5378] netlink: 36 bytes leftover after parsing attributes in process `syz.0.556'.
[   70.066104][ T5378] netlink: 36 bytes leftover after parsing attributes in process `syz.0.556'.
[   70.118700][ T5386] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.135949][ T5393] loop2: detected capacity change from 0 to 2048
[   70.145968][ T5386] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.184260][ T3404] IPVS: starting estimator thread 0...
[   70.190857][ T5393] Alternate GPT is invalid, using primary GPT.
[   70.197341][ T5393]  loop2: p1 p2 p3
[   70.251138][ T5393] FAT-fs (loop2p1): bogus number of reserved sectors
[   70.257876][ T5393] FAT-fs (loop2p1): Can't find a valid FAT filesystem
[   70.268795][ T5397] IPVS: using max 2496 ests per chain, 124800 per kthread
[   70.288352][ T4813] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.388976][ T5407] loop2: detected capacity change from 0 to 1024
[   70.404947][ T5407] EXT4-fs: Mount option(s) incompatible with ext2
[   70.440399][ T5407] loop2: detected capacity change from 0 to 1024
[   70.574368][ T5407] netlink: 8 bytes leftover after parsing attributes in process `syz.2.566'.
[   70.583307][ T5407] netlink: 8 bytes leftover after parsing attributes in process `syz.2.566'.
[   70.710498][ T5414] loop2: detected capacity change from 0 to 512
[   70.770971][ T5414] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.833084][ T5414] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.029221][ T5425] batadv_slave_1: entered promiscuous mode
[   71.169119][ T5430] loop1: detected capacity change from 0 to 512
[   71.240378][ T5430] ext4: Unknown parameter 'noacl'
[   71.276454][ T5430] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.298180][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.338980][ T5430] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.357067][ T5433] IPVS: Error connecting to the multicast addr
[   71.398372][ T5430] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.453390][ T5430] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.486200][ T5443] loop0: detected capacity change from 0 to 512
[   71.521374][   T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.557718][ T5443] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.576203][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.599769][   T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.608273][ T5445] loop2: detected capacity change from 0 to 1764
[   71.616250][ T5443] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.643544][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.651893][ T5422] batadv_slave_1: left promiscuous mode
[   71.701669][ T3519] udevd[3519]: inotify_add_watch(7, /dev/loop1, 10) failed: No such file or directory
[   71.825611][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.873141][ T5463] loop4: detected capacity change from 0 to 512
[   71.893318][ T5463] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.928470][ T5463] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.987364][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.047355][ T5470] loop4: detected capacity change from 0 to 1024
[   72.057338][ T5470] EXT4-fs: Mount option(s) incompatible with ext2
[   72.090531][ T5470] loop4: detected capacity change from 0 to 1024
[   72.264718][ T5480] tipc: Started in network mode
[   72.270510][ T5480] tipc: Node identity 0e85ab576208, cluster identity 4711
[   72.277830][ T5480] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   72.352730][ T5480] tipc: Disabling bearer <eth:syzkaller0>
[   72.596483][ T5506] loop4: detected capacity change from 0 to 1024
[   72.619031][ T5506] EXT4-fs: Ignoring removed nomblk_io_submit option
[   72.639555][ T5506] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   72.652514][ T5506] System zones: 0-1, 3-36
[   72.668925][ T5510] loop2: detected capacity change from 0 to 512
[   72.713322][ T5510] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.735362][ T5506] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.749275][ T5510] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.759909][   T29] kauditd_printk_skb: 489 callbacks suppressed
[   72.760004][   T29] audit: type=1400 audit(1758131365.605:13390): avc:  denied  { create } for  pid=5512 comm="syz.0.592" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   72.810822][   T29] audit: type=1400 audit(1758131365.668:13391): avc:  denied  { setattr } for  pid=5505 comm="syz.4.590" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   72.835403][ T5521] loop0: detected capacity change from 0 to 512
[   72.871007][ T5521] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.948267][ T5521] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.968113][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.985157][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.082537][   T29] audit: type=1400 audit(1758131365.952:13392): avc:  denied  { connect } for  pid=5529 comm="syz.2.596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   73.102121][   T29] audit: type=1400 audit(1758131365.952:13393): avc:  denied  { ioctl } for  pid=5529 comm="syz.2.596" path="socket:[11559]" dev="sockfs" ino=11559 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   73.127013][   T29] audit: type=1400 audit(1758131365.952:13394): avc:  denied  { write } for  pid=5529 comm="syz.2.596" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   73.150195][   T29] audit: type=1400 audit(1758131366.025:13395): avc:  denied  { bind } for  pid=5528 comm="syz.4.595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   73.170594][   T29] audit: type=1400 audit(1758131366.025:13396): avc:  denied  { name_bind } for  pid=5528 comm="syz.4.595" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   73.193225][   T29] audit: type=1400 audit(1758131366.025:13397): avc:  denied  { node_bind } for  pid=5528 comm="syz.4.595" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[   73.215671][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.293873][ T5536] bridge_slave_0: left promiscuous mode
[   73.299716][ T5536] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.320181][   T29] audit: type=1400 audit(1758131366.162:13398): avc:  denied  { create } for  pid=5533 comm="syz.1.598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   73.340424][   T29] audit: type=1400 audit(1758131366.204:13399): avc:  denied  { wake_alarm } for  pid=5537 comm="syz.2.599" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   73.367064][ T5536] bridge_slave_1: left allmulticast mode
[   73.372766][ T5536] bridge_slave_1: left promiscuous mode
[   73.378521][ T5536] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.386157][ T5539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   73.395302][ T5539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   73.421372][ T5536] bond0: (slave bond_slave_0): Releasing backup interface
[   73.443066][ T5536] bond0: (slave bond_slave_1): Releasing backup interface
[   73.472835][ T5536] team0: Port device team_slave_0 removed
[   73.493394][ T5536] team0: Port device team_slave_1 removed
[   73.508107][ T5536] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   73.515546][ T5536] batman_adv: batadv0: Removing interface: batadv_slave_0
[   73.537562][ T5536] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   73.545009][ T5536] batman_adv: batadv0: Removing interface: batadv_slave_1
[   73.731548][ T5550] 9pnet: Could not find request transport: 0xffffffffffffffff
[   73.837728][ T5564] FAULT_INJECTION: forcing a failure.
[   73.837728][ T5564] name failslab, interval 1, probability 0, space 0, times 0
[   73.851341][ T5564] CPU: 0 UID: 0 PID: 5564 Comm: syz.0.604 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.851448][ T5564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   73.851460][ T5564] Call Trace:
[   73.851505][ T5564]  <TASK>
[   73.851510][ T5564]  __dump_stack+0x1d/0x30
[   73.851532][ T5564]  dump_stack_lvl+0xe8/0x140
[   73.851555][ T5564]  dump_stack+0x15/0x1b
[   73.851575][ T5564]  should_fail_ex+0x265/0x280
[   73.851643][ T5564]  should_failslab+0x8c/0xb0
[   73.851674][ T5564]  kmem_cache_alloc_noprof+0x50/0x310
[   73.851706][ T5564]  ? p9_client_prepare_req+0xef/0x820
[   73.851742][ T5564]  p9_client_prepare_req+0xef/0x820
[   73.851770][ T5564]  ? parse_opts+0x2a0/0x2d0
[   73.851790][ T5564]  ? __traceiter_kfree+0x2b/0x50
[   73.851817][ T5564]  ? parse_opts+0x2a0/0x2d0
[   73.851904][ T5564]  ? kfree+0xd9/0x320
[   73.851982][ T5564]  ? __list_add_valid_or_report+0x38/0xe0
[   73.852036][ T5564]  p9_client_rpc+0xdf/0x6c0
[   73.852067][ T5564]  ? p9_pollwait+0xb1/0xe0
[   73.852090][ T5564]  ? pipe_poll+0x222/0x250
[   73.852121][ T5564]  ? p9_conn_create+0x2eb/0x320
[   73.852263][ T5564]  ? p9_fd_create+0x26a/0x280
[   73.852289][ T5564]  p9_client_create+0x743/0xbc0
[   73.852319][ T5564]  v9fs_session_init+0xf7/0xde0
[   73.852370][ T5564]  ? avc_has_perm_noaudit+0x1b1/0x200
[   73.852401][ T5564]  ? should_fail_ex+0xdb/0x280
[   73.852427][ T5564]  ? v9fs_mount+0x51/0x5c0
[   73.852498][ T5564]  ? should_failslab+0x8c/0xb0
[   73.852527][ T5564]  ? __kmalloc_cache_noprof+0x189/0x320
[   73.852617][ T5564]  v9fs_mount+0x67/0x5c0
[   73.852714][ T5564]  ? selinux_capable+0x31/0x40
[   73.852828][ T5564]  ? __pfx_v9fs_mount+0x10/0x10
[   73.852861][ T5564]  legacy_get_tree+0x75/0xd0
[   73.852895][ T5564]  vfs_get_tree+0x54/0x1d0
[   73.852969][ T5564]  do_new_mount+0x207/0x5e0
[   73.852995][ T5564]  ? security_capable+0x83/0x90
[   73.853070][ T5564]  path_mount+0x4a4/0xb20
[   73.853095][ T5564]  ? user_path_at+0x109/0x130
[   73.853178][ T5564]  __se_sys_mount+0x28f/0x2e0
[   73.853204][ T5564]  ? fput+0x8f/0xc0
[   73.853297][ T5564]  __x64_sys_mount+0x67/0x80
[   73.853325][ T5564]  x64_sys_call+0x2b4d/0x2ff0
[   73.853351][ T5564]  do_syscall_64+0xd2/0x200
[   73.853389][ T5564]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   73.853463][ T5564]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   73.853499][ T5564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.853524][ T5564] RIP: 0033:0x7f955b72eba9
[   73.853541][ T5564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.853562][ T5564] RSP: 002b:00007f955a197038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   73.853636][ T5564] RAX: ffffffffffffffda RBX: 00007f955b975fa0 RCX: 00007f955b72eba9
[   73.853649][ T5564] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000
[   73.853663][ T5564] RBP: 00007f955a197090 R08: 0000200000000140 R09: 0000000000000000
[   73.853677][ T5564] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000002
[   73.853690][ T5564] R13: 00007f955b976038 R14: 00007f955b975fa0 R15: 00007ffe75078118
[   73.853712][ T5564]  </TASK>
[   74.252133][ T5591] loop0: detected capacity change from 0 to 512
[   74.301911][ T5601] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[   74.328540][ T5591] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.355236][ T5591] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.453925][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.516636][ T5627] netlink: 'syz.0.618': attribute type 3 has an invalid length.
[   74.555373][ T5627] netlink: 'syz.0.618': attribute type 3 has an invalid length.
[   74.635952][ T5639] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5136 sclass=netlink_route_socket pid=5639 comm=syz.0.621
[   74.781450][   T51] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[   74.791520][   T51] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[   74.801609][   T51] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[   74.813062][   T51] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[   75.171723][ T5665] loop4: detected capacity change from 0 to 512
[   75.227845][ T5671] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   75.260917][ T5674] __nla_validate_parse: 17 callbacks suppressed
[   75.260935][ T5674] netlink: 56 bytes leftover after parsing attributes in process `syz.1.631'.
[   75.432026][ T5676] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   75.441949][ T5677] loop4: detected capacity change from 0 to 512
[   75.454742][ T5676] FAT-fs (loop9): unable to read boot sector
[   75.487511][ T5677] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   75.507081][ T5688] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5688 comm=syz.5.637
[   75.529007][ T5677] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.632: corrupted in-inode xattr: overlapping e_value 
[   75.568224][ T5677] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.632: couldn't read orphan inode 15 (err -117)
[   75.581403][ T5677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.584648][ T5695] netlink: 12 bytes leftover after parsing attributes in process `syz.5.637'.
[   75.596661][ T5677] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.619235][ T5698] netlink: 'syz.2.638': attribute type 10 has an invalid length.
[   75.632135][ T5697] netlink: 168 bytes leftover after parsing attributes in process `syz.1.639'.
[   75.641992][ T5697] tipc: Started in network mode
[   75.646952][ T5697] tipc: Node identity 0000000000005f120000120000000001, cluster identity 4711
[   75.656012][ T5697] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[   75.674374][ T5698] macvlan1: entered promiscuous mode
[   75.679966][ T5698] macvlan1: entered allmulticast mode
[   75.697639][ T5693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.638'.
[   75.707699][ T5701] loop0: detected capacity change from 0 to 2048
[   75.749521][ T5707] loop5: detected capacity change from 0 to 1024
[   75.750335][ T5698] veth1_vlan: entered allmulticast mode
[   75.778607][ T5711] netlink: 'syz.0.643': attribute type 10 has an invalid length.
[   75.787009][ T5711] netlink: 40 bytes leftover after parsing attributes in process `syz.0.643'.
[   75.797075][ T5707] EXT4-fs: Mount option(s) incompatible with ext2
[   75.804566][ T5698] bond0: (slave macvlan1): Enslaving as an active interface with an up link
[   75.825885][ T5711] team0: Port device geneve1 added
[   75.839334][ T1688] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 6081 - 0
[   75.848986][ T1688] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 6081 - 0
[   75.882100][ T1688] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 6081 - 0
[   75.901403][ T5717] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   75.904309][ T5707] netlink: 8 bytes leftover after parsing attributes in process `syz.5.642'.
[   75.925615][ T5707] netlink: 8 bytes leftover after parsing attributes in process `syz.5.642'.
[   75.938783][   T37] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 6081 - 0
[   76.000626][ T5721] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   76.000902][ T5723] loop4: detected capacity change from 0 to 512
[   76.041855][ T5725] loop2: detected capacity change from 0 to 512
[   76.048730][ T5723] EXT4-fs (loop4): too many log groups per flexible block group
[   76.056461][ T5723] EXT4-fs (loop4): failed to initialize mballoc (-12)
[   76.070774][ T5723] EXT4-fs (loop4): mount failed
[   76.072372][ T5725] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.113793][ T5725] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.151304][ T5737] netlink: 64 bytes leftover after parsing attributes in process `syz.0.648'.
[   76.198879][ T5741] loop4: detected capacity change from 0 to 512
[   76.217417][ T5741] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   76.225534][ T5741] EXT4-fs (loop4): orphan cleanup on readonly fs
[   76.231950][ T5741] EXT4-fs error (device loop4): ext4_quota_enable:7124: comm syz.4.653: Bad quota inum: 1, type: 0
[   76.244076][ T5741] EXT4-fs (loop4): Remounting filesystem read-only
[   76.250756][ T5741] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=1). Please run e2fsck to fix.
[   76.265762][ T5741] EXT4-fs (loop4): Cannot turn on quotas: error -117
[   76.273025][ T5741] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   76.297333][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.317376][ T5745] random: crng reseeded on system resumption
[   76.342558][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.359676][ T5747] netlink: 204 bytes leftover after parsing attributes in process `syz.0.655'.
[   76.368805][ T5747] netlink: 72 bytes leftover after parsing attributes in process `syz.0.655'.
[   76.420613][ T5756] FAULT_INJECTION: forcing a failure.
[   76.420613][ T5756] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   76.435293][ T5756] CPU: 1 UID: 0 PID: 5756 Comm: syz.2.657 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.435325][ T5756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   76.435340][ T5756] Call Trace:
[   76.435346][ T5756]  <TASK>
[   76.435414][ T5756]  __dump_stack+0x1d/0x30
[   76.435438][ T5756]  dump_stack_lvl+0xe8/0x140
[   76.435511][ T5756]  dump_stack+0x15/0x1b
[   76.435532][ T5756]  should_fail_ex+0x265/0x280
[   76.435561][ T5756]  should_fail_alloc_page+0xf2/0x100
[   76.435593][ T5756]  __alloc_frozen_pages_noprof+0xff/0x360
[   76.435637][ T5756]  alloc_pages_mpol+0xb3/0x250
[   76.435734][ T5756]  vma_alloc_folio_noprof+0x1aa/0x300
[   76.435777][ T5756]  do_wp_page+0x5db/0x24e0
[   76.435848][ T5756]  ? css_rstat_updated+0xb7/0x240
[   76.435890][ T5756]  ? __rcu_read_lock+0x37/0x50
[   76.435927][ T5756]  handle_mm_fault+0x77d/0x2c20
[   76.436017][ T5756]  do_user_addr_fault+0x636/0x1090
[   76.436072][ T5756]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   76.436110][ T5756]  exc_page_fault+0x62/0xa0
[   76.436202][ T5756]  asm_exc_page_fault+0x26/0x30
[   76.436225][ T5756] RIP: 0033:0x7fcccb030ba3
[   76.436242][ T5756] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   76.436262][ T5756] RSP: 002b:00007fccc9bce4a0 EFLAGS: 00010202
[   76.436278][ T5756] RAX: 0000000000005005 RBX: 00007fccc9bce540 RCX: 00007fccc17af000
[   76.436291][ T5756] RDX: 00007fccc9bce6e0 RSI: 0000000000000003 RDI: 00007fccc9bce5e0
[   76.436306][ T5756] RBP: 000000000000009a R08: 0000000000000007 R09: 000000000000003e
[   76.436319][ T5756] R10: 0000000000000050 R11: 00007fccc9bce540 R12: 0000000000000001
[   76.436330][ T5756] R13: 00007fcccb20da00 R14: 0000000000000010 R15: 00007fccc9bce5e0
[   76.436354][ T5756]  </TASK>
[   76.436362][ T5756] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   76.459918][ T5753] loop0: detected capacity change from 0 to 512
[   76.467224][ T5756] loop2: detected capacity change from 0 to 512
[   76.509727][ T5753] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   76.610301][ T5764] FAULT_INJECTION: forcing a failure.
[   76.610301][ T5764] name failslab, interval 1, probability 0, space 0, times 0
[   76.633664][ T5753] EXT4-fs (loop0): mount failed
[   76.638052][ T5764] CPU: 1 UID: 0 PID: 5764 Comm: syz.1.660 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   76.638164][ T5764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   76.638188][ T5764] Call Trace:
[   76.638195][ T5764]  <TASK>
[   76.638204][ T5764]  __dump_stack+0x1d/0x30
[   76.638232][ T5764]  dump_stack_lvl+0xe8/0x140
[   76.638258][ T5764]  dump_stack+0x15/0x1b
[   76.638279][ T5764]  should_fail_ex+0x265/0x280
[   76.638372][ T5764]  should_failslab+0x8c/0xb0
[   76.638407][ T5764]  kmem_cache_alloc_noprof+0x50/0x310
[   76.638464][ T5764]  ? __anon_vma_prepare+0xcd/0x2f0
[   76.638490][ T5764]  __anon_vma_prepare+0xcd/0x2f0
[   76.638516][ T5764]  do_wp_page+0x1926/0x24e0
[   76.638547][ T5764]  ? __lruvec_stat_mod_folio+0xd6/0x120
[   76.638609][ T5764]  ? css_rstat_updated+0xb7/0x240
[   76.638647][ T5764]  ? __rcu_read_lock+0x37/0x50
[   76.638686][ T5764]  handle_mm_fault+0x77d/0x2c20
[   76.638813][ T5764]  do_user_addr_fault+0x636/0x1090
[   76.638863][ T5764]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   76.638962][ T5764]  exc_page_fault+0x62/0xa0
[   76.638999][ T5764]  asm_exc_page_fault+0x26/0x30
[   76.639025][ T5764] RIP: 0033:0x7fe349dd0ba3
[   76.639072][ T5764] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   76.639159][ T5764] RSP: 002b:00007fe34896e4a0 EFLAGS: 00010202
[   76.639179][ T5764] RAX: 0000000000000400 RBX: 00007fe34896e540 RCX: 00007fe34054f000
[   76.639196][ T5764] RDX: 00007fe34896e6e0 RSI: 0000000000000019 RDI: 00007fe34896e5e0
[   76.639212][ T5764] RBP: 00000000000000f9 R08: 0000000000000008 R09: 00000000000000b0
[   76.639228][ T5764] R10: 00000000000000c0 R11: 00007fe34896e540 R12: 0000000000000001
[   76.639243][ T5764] R13: 00007fe349fada00 R14: 0000000000000020 R15: 00007fe34896e5e0
[   76.639324][ T5764]  </TASK>
[   76.639425][ T5764] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   76.656647][ T5754] wireguard0: entered promiscuous mode
[   76.666630][ T5756] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   76.670464][ T5754] wireguard0: entered allmulticast mode
[   76.767820][ T5767] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   76.767820][ T5767] The task syz.4.656 (5767) triggered the difference, watch for misbehavior.
[   76.772818][ T5756] EXT4-fs (loop2): orphan cleanup on readonly fs
[   76.910953][ T5756] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.657: corrupted inode contents
[   76.922952][ T5756] EXT4-fs (loop2): Remounting filesystem read-only
[   76.929687][ T5756] EXT4-fs (loop2): 1 truncate cleaned up
[   76.937211][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   76.947775][   T31] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   76.959492][   T31] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   76.970728][ T5756] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   77.016154][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.045988][ T5777] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   77.094316][ T5780] lo speed is unknown, defaulting to 1000
[   77.374499][ T5798] loop0: detected capacity change from 0 to 512
[   77.404056][ T5800] loop4: detected capacity change from 0 to 512
[   77.412342][ T5800] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   77.427543][ T5798] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.442392][ T5798] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.483070][ T5800] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.673: Failed to acquire dquot type 1
[   77.528042][ T5800] EXT4-fs (loop4): 1 truncate cleaned up
[   77.535887][   T29] kauditd_printk_skb: 439 callbacks suppressed
[   77.535907][   T29] audit: type=1326 audit(3516263764.819:13829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5787 comm="syz.5.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76a281eba9 code=0x7ffc0000
[   77.539091][ T5800] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.542201][   T29] audit: type=1326 audit(3516263764.819:13830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5787 comm="syz.5.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76a281eba9 code=0x7ffc0000
[   77.602906][   T29] audit: type=1326 audit(3516263764.819:13831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5787 comm="syz.5.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76a281eba9 code=0x7ffc0000
[   77.627522][   T29] audit: type=1400 audit(3516263764.861:13832): avc:  denied  { unmount } for  pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   77.648060][   T29] audit: type=1326 audit(3516263764.861:13833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5787 comm="syz.5.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76a281eba9 code=0x7ffc0000
[   77.672784][   T29] audit: type=1326 audit(3516263764.861:13834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5787 comm="syz.5.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76a281eba9 code=0x7ffc0000
[   77.696302][   T29] audit: type=1326 audit(3516263764.861:13835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5787 comm="syz.5.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76a281eba9 code=0x7ffc0000
[   77.720020][   T29] audit: type=1326 audit(3516263764.861:13836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5787 comm="syz.5.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f76a281eba9 code=0x7ffc0000
[   77.744102][   T29] audit: type=1326 audit(3516263764.861:13837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5787 comm="syz.5.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76a281eba9 code=0x7ffc0000
[   77.768255][   T29] audit: type=1326 audit(3516263764.861:13838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5787 comm="syz.5.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f76a281eba9 code=0x7ffc0000
[   77.806008][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.832544][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.026209][ T5840] FAULT_INJECTION: forcing a failure.
[   78.026209][ T5840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.039428][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: syz.0.685 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.039501][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   78.039512][ T5840] Call Trace:
[   78.039518][ T5840]  <TASK>
[   78.039526][ T5840]  __dump_stack+0x1d/0x30
[   78.039598][ T5840]  dump_stack_lvl+0xe8/0x140
[   78.039664][ T5840]  dump_stack+0x15/0x1b
[   78.039683][ T5840]  should_fail_ex+0x265/0x280
[   78.039711][ T5840]  should_fail+0xb/0x20
[   78.039735][ T5840]  should_fail_usercopy+0x1a/0x20
[   78.039890][ T5840]  _copy_to_iter+0xd2/0xe70
[   78.039923][ T5840]  ? should_fail_ex+0x30/0x280
[   78.039995][ T5840]  ? __rcu_read_unlock+0x4f/0x70
[   78.040017][ T5840]  ? avc_has_perm_noaudit+0x1b1/0x200
[   78.040045][ T5840]  ? __pfx_simple_copy_to_iter+0x10/0x10
[   78.040160][ T5840]  __skb_datagram_iter+0xc6/0x690
[   78.040268][ T5840]  ? __pfx_simple_copy_to_iter+0x10/0x10
[   78.040366][ T5840]  skb_copy_datagram_iter+0x3d/0x110
[   78.040415][ T5840]  tipc_recvmsg+0x4cc/0x9d0
[   78.040488][ T5840]  ? __pfx_tipc_recvmsg+0x10/0x10
[   78.040567][ T5840]  sock_recvmsg+0x136/0x170
[   78.040605][ T5840]  ____sys_recvmsg+0xf5/0x280
[   78.040682][ T5840]  ___sys_recvmsg+0x11f/0x370
[   78.040726][ T5840]  __x64_sys_recvmsg+0xd1/0x160
[   78.040832][ T5840]  x64_sys_call+0x2b42/0x2ff0
[   78.040858][ T5840]  do_syscall_64+0xd2/0x200
[   78.040897][ T5840]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   78.040925][ T5840]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   78.041027][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.041049][ T5840] RIP: 0033:0x7f955b72eba9
[   78.041062][ T5840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.041095][ T5840] RSP: 002b:00007f955a197038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   78.041116][ T5840] RAX: ffffffffffffffda RBX: 00007f955b975fa0 RCX: 00007f955b72eba9
[   78.041131][ T5840] RDX: 0000000000000000 RSI: 0000200000000900 RDI: 0000000000000005
[   78.041145][ T5840] RBP: 00007f955a197090 R08: 0000000000000000 R09: 0000000000000000
[   78.041159][ T5840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.041173][ T5840] R13: 00007f955b976038 R14: 00007f955b975fa0 R15: 00007ffe75078118
[   78.041195][ T5840]  </TASK>
[   78.342984][ T5850] loop0: detected capacity change from 0 to 1024
[   78.357057][ T5850] EXT4-fs: Mount option(s) incompatible with ext2
[   78.522774][ T5855] IPVS: Error joining to the multicast group
[   78.602138][ T5863] netlink: 'syz.0.694': attribute type 12 has an invalid length.
[   78.637771][ T5865] bond2: entered promiscuous mode
[   78.643153][ T5865] bond2: entered allmulticast mode
[   78.658178][ T5865] 8021q: adding VLAN 0 to HW filter on device bond2
[   78.688601][ T5865] bond2 (unregistering): Released all slaves
[   78.701448][ T5869] netlink: 'syz.0.694': attribute type 12 has an invalid length.
[   79.019385][ T5891] wireguard0: entered promiscuous mode
[   79.025761][ T5891] wireguard0: entered allmulticast mode
[   79.190310][ T5899] loop5: detected capacity change from 0 to 512
[   79.229052][ T5899] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.253825][ T5899] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.301439][ T4813] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.455628][ T5920] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   80.007424][ T5931] hub 9-0:1.0: USB hub found
[   80.058285][ T5931] hub 9-0:1.0: 8 ports detected
[   80.409792][ T5936] __nla_validate_parse: 18 callbacks suppressed
[   80.409888][ T5936] netlink: 5 bytes leftover after parsing attributes in process `syz.0.720'.
[   80.425685][ T5936] 0ªî{X¹¦: renamed from gretap0
[   80.433338][ T5936] 0ªî{X¹¦: entered allmulticast mode
[   80.440143][ T5936] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   80.590345][ T5954] FAULT_INJECTION: forcing a failure.
[   80.590345][ T5954] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   80.604431][ T5954] CPU: 0 UID: 0 PID: 5954 Comm: syz.5.727 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.604463][ T5954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   80.604477][ T5954] Call Trace:
[   80.604482][ T5954]  <TASK>
[   80.604488][ T5954]  __dump_stack+0x1d/0x30
[   80.604511][ T5954]  dump_stack_lvl+0xe8/0x140
[   80.604548][ T5954]  dump_stack+0x15/0x1b
[   80.604568][ T5954]  should_fail_ex+0x265/0x280
[   80.604596][ T5954]  should_fail_alloc_page+0xf2/0x100
[   80.604630][ T5954]  __alloc_frozen_pages_noprof+0xff/0x360
[   80.604710][ T5954]  alloc_pages_mpol+0xb3/0x250
[   80.604751][ T5954]  folio_alloc_mpol_noprof+0x39/0x80
[   80.604893][ T5954]  shmem_get_folio_gfp+0x3cf/0xd60
[   80.604947][ T5954]  shmem_write_begin+0xa8/0x190
[   80.604974][ T5954]  generic_perform_write+0x181/0x490
[   80.605008][ T5954]  shmem_file_write_iter+0xc5/0xf0
[   80.605042][ T5954]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   80.605085][ T5954]  vfs_write+0x52a/0x960
[   80.605120][ T5954]  ksys_write+0xda/0x1a0
[   80.605200][ T5954]  __x64_sys_write+0x40/0x50
[   80.605282][ T5954]  x64_sys_call+0x27fe/0x2ff0
[   80.605309][ T5954]  do_syscall_64+0xd2/0x200
[   80.605370][ T5954]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   80.605400][ T5954]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   80.605438][ T5954]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.605522][ T5954] RIP: 0033:0x7f76a281d65f
[   80.605541][ T5954] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   80.605563][ T5954] RSP: 002b:00007f76a127edf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   80.605587][ T5954] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f76a281d65f
[   80.605602][ T5954] RDX: 0000000000040000 RSI: 00007f7698e5f000 RDI: 0000000000000004
[   80.605616][ T5954] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000050d
[   80.605631][ T5954] R10: 00000000000007cc R11: 0000000000000293 R12: 0000000000000004
[   80.605692][ T5954] R13: 00007f76a127eef0 R14: 00007f76a127eeb0 R15: 00007f7698e5f000
[   80.605715][ T5954]  </TASK>
[   80.622601][ T5957] netlink: 36 bytes leftover after parsing attributes in process `syz.0.725'.
[   80.828376][ T5957] netlink: 16 bytes leftover after parsing attributes in process `syz.0.725'.
[   80.837301][ T5957] netlink: 36 bytes leftover after parsing attributes in process `syz.0.725'.
[   80.848059][ T5957] netlink: 36 bytes leftover after parsing attributes in process `syz.0.725'.
[   80.862599][ T5963] FAULT_INJECTION: forcing a failure.
[   80.862599][ T5963] name failslab, interval 1, probability 0, space 0, times 0
[   80.876076][ T5963] CPU: 0 UID: 0 PID: 5963 Comm: syz.5.729 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.876175][ T5963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   80.876186][ T5963] Call Trace:
[   80.876191][ T5963]  <TASK>
[   80.876197][ T5963]  __dump_stack+0x1d/0x30
[   80.876237][ T5963]  dump_stack_lvl+0xe8/0x140
[   80.876254][ T5963]  dump_stack+0x15/0x1b
[   80.876268][ T5963]  should_fail_ex+0x265/0x280
[   80.876296][ T5963]  should_failslab+0x8c/0xb0
[   80.876327][ T5963]  __kmalloc_noprof+0xa5/0x3e0
[   80.876365][ T5963]  ? sctp_bind_addrs_to_raw+0x8a/0x220
[   80.876462][ T5963]  sctp_bind_addrs_to_raw+0x8a/0x220
[   80.876501][ T5963]  sctp_make_init+0xdc/0x8b0
[   80.876532][ T5963]  ? fib_table_lookup+0x7be/0xd70
[   80.876656][ T5963]  sctp_sf_do_prm_asoc+0x7c/0x1d0
[   80.876678][ T5963]  sctp_do_sm+0xbb/0x3230
[   80.876863][ T5963]  sctp_primitive_ASSOCIATE+0x71/0x90
[   80.876883][ T5963]  sctp_sendmsg_to_asoc+0xa7b/0xf20
[   80.876977][ T5963]  ? sctp_connect_new_asoc+0x29c/0x3a0
[   80.876999][ T5963]  sctp_sendmsg+0x1263/0x18d0
[   80.877019][ T5963]  ? selinux_socket_sendmsg+0xc1/0x1b0
[   80.877058][ T5963]  ? __pfx_sctp_sendmsg+0x10/0x10
[   80.877123][ T5963]  inet_sendmsg+0xc5/0xd0
[   80.877145][ T5963]  __sock_sendmsg+0x102/0x180
[   80.877229][ T5963]  ____sys_sendmsg+0x345/0x4e0
[   80.877259][ T5963]  ___sys_sendmsg+0x17b/0x1d0
[   80.877378][ T5963]  __sys_sendmmsg+0x178/0x300
[   80.877413][ T5963]  __x64_sys_sendmmsg+0x57/0x70
[   80.877453][ T5963]  x64_sys_call+0x1c4a/0x2ff0
[   80.877477][ T5963]  do_syscall_64+0xd2/0x200
[   80.877512][ T5963]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   80.877616][ T5963]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   80.877706][ T5963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.877725][ T5963] RIP: 0033:0x7f76a281eba9
[   80.877738][ T5963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.877782][ T5963] RSP: 002b:00007f76a127f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   80.877839][ T5963] RAX: ffffffffffffffda RBX: 00007f76a2a65fa0 RCX: 00007f76a281eba9
[   80.877850][ T5963] RDX: 0000000000000001 RSI: 0000200000000880 RDI: 0000000000000006
[   80.877862][ T5963] RBP: 00007f76a127f090 R08: 0000000000000000 R09: 0000000000000000
[   80.877876][ T5963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   80.877887][ T5963] R13: 00007f76a2a66038 R14: 00007f76a2a65fa0 R15: 00007fffefdd7ce8
[   80.877911][ T5963]  </TASK>
[   81.198408][ T5966] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   81.211882][ T5968] loop5: detected capacity change from 0 to 512
[   81.247378][ T5968] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.269278][ T5968] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.301981][ T5965] netlink: 108 bytes leftover after parsing attributes in process `syz.0.730'.
[   81.333938][ T5968] netlink: 196 bytes leftover after parsing attributes in process `syz.5.731'.
[   81.365732][ T4813] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.418659][ T5974] ±ÿ: renamed from team_slave_1
[   81.712251][ T6006] netlink: 'syz.1.737': attribute type 10 has an invalid length.
[   81.732598][ T6006] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   81.772555][ T6014] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   81.855658][ T6014] netlink: 84 bytes leftover after parsing attributes in process `syz.1.746'.
[   81.868017][ T6019] netlink: 148 bytes leftover after parsing attributes in process `syz.5.748'.
[   81.986751][ T6022] netlink: 76 bytes leftover after parsing attributes in process `syz.5.749'.
[   81.999867][ T6027] SELinux:  Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped).
[   82.113108][ T6045] FAULT_INJECTION: forcing a failure.
[   82.113108][ T6045] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.126209][ T6045] CPU: 0 UID: 0 PID: 6045 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) 
[   82.126244][ T6045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   82.126322][ T6045] Call Trace:
[   82.126328][ T6045]  <TASK>
[   82.126335][ T6045]  __dump_stack+0x1d/0x30
[   82.126357][ T6045]  dump_stack_lvl+0xe8/0x140
[   82.126376][ T6045]  dump_stack+0x15/0x1b
[   82.126392][ T6045]  should_fail_ex+0x265/0x280
[   82.126457][ T6045]  should_fail+0xb/0x20
[   82.126477][ T6045]  should_fail_usercopy+0x1a/0x20
[   82.126508][ T6045]  copy_folio_from_iter_atomic+0x278/0x11b0
[   82.126578][ T6045]  ? shmem_write_begin+0xa8/0x190
[   82.126646][ T6045]  ? shmem_write_begin+0xe1/0x190
[   82.126674][ T6045]  generic_perform_write+0x2c2/0x490
[   82.126713][ T6045]  shmem_file_write_iter+0xc5/0xf0
[   82.126747][ T6045]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   82.126784][ T6045]  vfs_write+0x52a/0x960
[   82.126872][ T6045]  ksys_write+0xda/0x1a0
[   82.126915][ T6045]  __x64_sys_write+0x40/0x50
[   82.127007][ T6045]  x64_sys_call+0x27fe/0x2ff0
[   82.127032][ T6045]  do_syscall_64+0xd2/0x200
[   82.127073][ T6045]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   82.127138][ T6045]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   82.127172][ T6045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.127228][ T6045] RIP: 0033:0x7f76a281d65f
[   82.127244][ T6045] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   82.127273][ T6045] RSP: 002b:00007f76a127edf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   82.127365][ T6045] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f76a281d65f
[   82.127380][ T6045] RDX: 0000000000040000 RSI: 00007f7698e5f000 RDI: 0000000000000005
[   82.127469][ T6045] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000510
[   82.127499][ T6045] R10: 00000000000003d6 R11: 0000000000000293 R12: 0000000000000005
[   82.127515][ T6045] R13: 00007f76a127eef0 R14: 00007f76a127eeb0 R15: 00007f7698e5f000
[   82.127540][ T6045]  </TASK>
[   82.344769][   T29] kauditd_printk_skb: 489 callbacks suppressed
[   82.344786][   T29] audit: type=1326 audit(3516263769.848:14328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6043 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fe349f0eba9 code=0x7ffc0000
[   82.374694][   T29] audit: type=1326 audit(3516263769.848:14329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6038 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe349f0eba9 code=0x7ffc0000
[   82.398339][   T29] audit: type=1326 audit(3516263769.848:14330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6038 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe349f0ebe3 code=0x7ffc0000
[   82.421783][   T29] audit: type=1326 audit(3516263769.848:14331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6038 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe349f0d65f code=0x7ffc0000
[   82.445229][   T29] audit: type=1326 audit(3516263769.858:14332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6038 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe349eaada9 code=0x7ffc0000
[   82.468624][   T29] audit: type=1326 audit(3516263769.858:14333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6038 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe349f0ec37 code=0x7ffc0000
[   82.491990][   T29] audit: type=1326 audit(3516263769.858:14334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6038 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe349f0d510 code=0x7ffc0000
[   82.515408][   T29] audit: type=1326 audit(3516263769.858:14335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6038 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe349f0d80a code=0x7ffc0000
[   82.538670][   T29] audit: type=1326 audit(3516263769.858:14336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6038 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe349f0eba9 code=0x7ffc0000
[   82.562714][ T6045] loop5: detected capacity change from 0 to 512
[   82.624436][ T6045] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[   82.634504][ T6045] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[   82.687251][ T6045] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[   82.703674][ T6045] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   82.713077][ T6045] System zones: 0-2, 18-18, 34-35
[   82.719296][ T6045] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.731852][   T29] audit: type=1326 audit(3516263769.858:14337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6038 comm="syz.1.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe349f0eba9 code=0x7ffc0000
[   82.787619][ T4813] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.844547][ T6062] loop4: detected capacity change from 0 to 512
[   82.847645][ T6068] netlink: 'syz.0.763': attribute type 10 has an invalid length.
[   82.873975][ T6068] team0: Port device dummy0 added
[   82.894077][ T6066] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   82.906402][ T6068] netlink: 'syz.0.763': attribute type 10 has an invalid length.
[   82.916741][ T6062] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   82.918084][ T6068] team0: Port device dummy0 removed
[   82.945389][ T6062] EXT4-fs (loop4): failed to initialize system zone (-117)
[   82.960218][ T6062] EXT4-fs (loop4): mount failed
[   82.997501][ T6068] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   83.262551][ T6084] loop5: detected capacity change from 0 to 512
[   83.296258][ T6084] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.309580][ T6084] ext4 filesystem being mounted at /68/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   83.523707][ T6096] loop2: detected capacity change from 0 to 1024
[   83.531900][ T6096] EXT4-fs: Mount option(s) incompatible with ext2
[   83.697862][ T6106] loop7: detected capacity change from 0 to 16384
[   83.773576][ T6109] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[   83.781532][ T6107] loop2: detected capacity change from 0 to 512
[   83.845432][ T6107] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.858668][ T6107] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.884710][ T6106] pim6reg: entered allmulticast mode
[   84.032701][ T6116] loop0: detected capacity change from 0 to 512
[   84.047999][ T6116] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.062073][ T6116] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.095214][ T6106] loop7: detected capacity change from 16384 to 16383
[   84.162083][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.174091][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.235426][ T6123] vlan2: entered allmulticast mode
[   84.240595][ T6123] vlan0: entered allmulticast mode
[   84.245873][ T6123] veth0_vlan: entered allmulticast mode
[   84.467087][ T6124] FAULT_INJECTION: forcing a failure.
[   84.467087][ T6124] name failslab, interval 1, probability 0, space 0, times 0
[   84.479985][ T6124] CPU: 1 UID: 0 PID: 6124 Comm: syz.0.778 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   84.480079][ T6124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   84.480095][ T6124] Call Trace:
[   84.480101][ T6124]  <TASK>
[   84.480109][ T6124]  __dump_stack+0x1d/0x30
[   84.480134][ T6124]  dump_stack_lvl+0xe8/0x140
[   84.480152][ T6124]  dump_stack+0x15/0x1b
[   84.480229][ T6124]  should_fail_ex+0x265/0x280
[   84.480291][ T6124]  should_failslab+0x8c/0xb0
[   84.480315][ T6124]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   84.480361][ T6124]  ? sidtab_sid2str_get+0xa0/0x130
[   84.480390][ T6124]  kmemdup_noprof+0x2b/0x70
[   84.480422][ T6124]  sidtab_sid2str_get+0xa0/0x130
[   84.480463][ T6124]  security_sid_to_context_core+0x1eb/0x2e0
[   84.480491][ T6124]  security_sid_to_context+0x27/0x40
[   84.480515][ T6124]  avc_audit_post_callback+0x10f/0x520
[   84.480547][ T6124]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   84.480610][ T6124]  common_lsm_audit+0x1bb/0x230
[   84.480645][ T6124]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   84.480680][ T6124]  slow_avc_audit+0x104/0x140
[   84.480714][ T6124]  avc_has_perm+0x13a/0x180
[   84.480750][ T6124]  selinux_perf_event_open+0xd4/0xe0
[   84.480863][ T6124]  security_perf_event_open+0x34/0x70
[   84.480882][ T6124]  __se_sys_perf_event_open+0xc0/0x11c0
[   84.480981][ T6124]  ? vfs_write+0x7e8/0x960
[   84.481016][ T6124]  ? __rcu_read_unlock+0x4f/0x70
[   84.481051][ T6124]  __x64_sys_perf_event_open+0x67/0x80
[   84.481087][ T6124]  x64_sys_call+0x7bd/0x2ff0
[   84.481109][ T6124]  do_syscall_64+0xd2/0x200
[   84.481139][ T6124]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   84.481187][ T6124]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   84.481224][ T6124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.481250][ T6124] RIP: 0033:0x7f955b72eba9
[   84.481267][ T6124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.481287][ T6124] RSP: 002b:00007f955a197038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   84.481338][ T6124] RAX: ffffffffffffffda RBX: 00007f955b975fa0 RCX: 00007f955b72eba9
[   84.481357][ T6124] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000400
[   84.481369][ T6124] RBP: 00007f955a197090 R08: 0000000000000000 R09: 0000000000000000
[   84.481380][ T6124] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   84.481390][ T6124] R13: 00007f955b976038 R14: 00007f955b975fa0 R15: 00007ffe75078118
[   84.481408][ T6124]  </TASK>
[   84.940275][ T6148] loop4: detected capacity change from 0 to 2048
[   84.986079][ T6148] Alternate GPT is invalid, using primary GPT.
[   84.992430][ T6148]  loop4: p1 p2 p3
[   85.055946][ T6150] loop4: detected capacity change from 0 to 512
[   85.093610][ T6150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.120265][ T3516] udevd[3516]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   85.120396][ T3286] udevd[3286]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   85.132149][ T3519] udevd[3519]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   85.150238][ T6150] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.313080][ T3300] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.329636][ T6160] __nla_validate_parse: 11 callbacks suppressed
[   85.329649][ T6160] netlink: 64 bytes leftover after parsing attributes in process `syz.1.794'.
[   85.491921][ T6172] netlink: 16 bytes leftover after parsing attributes in process `syz.1.798'.
[   85.968685][ T6226] sch_tbf: burst 0 is lower than device lo mtu (81) !
[   86.057915][ T6236] FAULT_INJECTION: forcing a failure.
[   86.057915][ T6236] name failslab, interval 1, probability 0, space 0, times 0
[   86.070748][ T6236] CPU: 1 UID: 0 PID: 6236 Comm: syz.4.821 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.070793][ T6236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   86.070808][ T6236] Call Trace:
[   86.070815][ T6236]  <TASK>
[   86.070823][ T6236]  __dump_stack+0x1d/0x30
[   86.070845][ T6236]  dump_stack_lvl+0xe8/0x140
[   86.070902][ T6236]  dump_stack+0x15/0x1b
[   86.070919][ T6236]  should_fail_ex+0x265/0x280
[   86.070985][ T6236]  should_failslab+0x8c/0xb0
[   86.071009][ T6236]  kmem_cache_alloc_noprof+0x50/0x310
[   86.071087][ T6236]  ? security_inode_alloc+0x37/0x100
[   86.071119][ T6236]  security_inode_alloc+0x37/0x100
[   86.071152][ T6236]  inode_init_always_gfp+0x4b7/0x500
[   86.071176][ T6236]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[   86.071211][ T6236]  alloc_inode+0x58/0x170
[   86.071297][ T6236]  new_inode+0x1d/0xe0
[   86.071320][ T6236]  __debugfs_create_file+0x109/0x330
[   86.071353][ T6236]  debugfs_create_file_full+0x3f/0x60
[   86.071385][ T6236]  ? __pfx_ieee802154_if_setup+0x10/0x10
[   86.071441][ T6236]  ref_tracker_dir_debugfs+0x100/0x1e0
[   86.071473][ T6236]  alloc_netdev_mqs+0x1a2/0xa30
[   86.071558][ T6236]  ? __kmalloc_node_track_caller_noprof+0x1e5/0x410
[   86.071671][ T6236]  ieee802154_if_add+0xa7/0x800
[   86.071687][ T6236]  ? __nlmsg_put+0xa0/0xc0
[   86.071707][ T6236]  ? genlmsg_put+0x116/0x150
[   86.071741][ T6236]  ieee802154_add_iface_deprecated+0x43/0x70
[   86.071824][ T6236]  ieee802154_add_iface+0x293/0x480
[   86.071850][ T6236]  ? __nla_parse+0x40/0x60
[   86.071881][ T6236]  ? genl_family_rcv_msg_attrs_parse+0x13b/0x190
[   86.071923][ T6236]  ? genl_family_rcv_msg_attrs_parse+0x184/0x190
[   86.071959][ T6236]  genl_family_rcv_msg_doit+0x143/0x1b0
[   86.072014][ T6236]  genl_rcv_msg+0x422/0x460
[   86.072043][ T6236]  ? __pfx_ieee802154_add_iface+0x10/0x10
[   86.072067][ T6236]  netlink_rcv_skb+0x120/0x220
[   86.072158][ T6236]  ? __pfx_genl_rcv_msg+0x10/0x10
[   86.072199][ T6236]  genl_rcv+0x28/0x40
[   86.072316][ T6236]  netlink_unicast+0x5c0/0x690
[   86.072340][ T6236]  netlink_sendmsg+0x58b/0x6b0
[   86.072369][ T6236]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.072454][ T6236]  __sock_sendmsg+0x142/0x180
[   86.072546][ T6236]  ____sys_sendmsg+0x31e/0x4e0
[   86.072576][ T6236]  ___sys_sendmsg+0x17b/0x1d0
[   86.072626][ T6236]  __x64_sys_sendmsg+0xd4/0x160
[   86.072661][ T6236]  x64_sys_call+0x191e/0x2ff0
[   86.072727][ T6236]  do_syscall_64+0xd2/0x200
[   86.072772][ T6236]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   86.072793][ T6236]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   86.072893][ T6236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.072917][ T6236] RIP: 0033:0x7f61ccedeba9
[   86.072933][ T6236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.072951][ T6236] RSP: 002b:00007f61cb93f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.072969][ T6236] RAX: ffffffffffffffda RBX: 00007f61cd125fa0 RCX: 00007f61ccedeba9
[   86.072982][ T6236] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[   86.072995][ T6236] RBP: 00007f61cb93f090 R08: 0000000000000000 R09: 0000000000000000
[   86.073005][ T6236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   86.073018][ T6236] R13: 00007f61cd126038 R14: 00007f61cd125fa0 R15: 00007ffc024ac788
[   86.073039][ T6236]  </TASK>
[   86.073061][ T6236] debugfs: out of free dentries, can not create file 'netdev@ffff88810b31d550'
[   86.099214][ T4813] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.446545][ T2993] ==================================================================
[   86.454657][ T2993] BUG: KCSAN: data-race in block_uevent / inc_diskseq
[   86.461459][ T2993] 
[   86.463780][ T2993] write to 0xffff8881023eda18 of 8 bytes by task 4813 on cpu 1:
[   86.471399][ T2993]  inc_diskseq+0x2d/0x40
[   86.475649][ T2993]  disk_force_media_change+0x9e/0xe0
[   86.480941][ T2993]  lo_release+0x2cb/0x400
[   86.485274][ T2993]  bdev_release+0x370/0x3d0
[   86.489808][ T2993]  blkdev_release+0x15/0x20
[   86.494341][ T2993]  __fput+0x298/0x650
[   86.498345][ T2993]  fput_close_sync+0x6e/0x120
[   86.503037][ T2993]  __x64_sys_close+0x56/0xf0
[   86.507625][ T2993]  x64_sys_call+0x2738/0x2ff0
[   86.512302][ T2993]  do_syscall_64+0xd2/0x200
[   86.516815][ T2993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.522704][ T2993] 
[   86.525022][ T2993] read to 0xffff8881023eda18 of 8 bytes by task 2993 on cpu 0:
[   86.532555][ T2993]  block_uevent+0x31/0x50
[   86.536898][ T2993]  dev_uevent+0x375/0x400
[   86.541229][ T2993]  uevent_show+0x11a/0x200
[   86.545660][ T2993]  dev_attr_show+0x3f/0xa0
[   86.550088][ T2993]  sysfs_kf_seq_show+0x1a3/0x280
[   86.555025][ T2993]  kernfs_seq_show+0x82/0xa0
[   86.559629][ T2993]  seq_read_iter+0x319/0x940
[   86.564234][ T2993]  kernfs_fop_read_iter+0xc1/0x330
[   86.569356][ T2993]  vfs_read+0x649/0x770
[   86.573511][ T2993]  ksys_read+0xda/0x1a0
[   86.577668][ T2993]  __x64_sys_read+0x40/0x50
[   86.582182][ T2993]  x64_sys_call+0x27bc/0x2ff0
[   86.586859][ T2993]  do_syscall_64+0xd2/0x200
[   86.591380][ T2993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.597273][ T2993] 
[   86.599603][ T2993] value changed: 0x0000000000000144 -> 0x0000000000000150
[   86.606706][ T2993] 
[   86.609024][ T2993] Reported by Kernel Concurrency Sanitizer on:
[   86.615171][ T2993] CPU: 0 UID: 0 PID: 2993 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.624452][ T2993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   86.634507][ T2993] ==================================================================