last executing test programs:

17.937304765s ago: executing program 4 (id=624):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e57f000008"], 0x50)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syncfs(r3)
write$selinux_attr(r1, &(0x7f00000000c0)='system_u:object_r:printer_device_t:s0\x00', 0x9)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r4 = creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)
write$cgroup_type(r4, &(0x7f00000009c0), 0xd4ba0ff)
unlink(&(0x7f0000000100)='./file0/file1\x00')
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="554b00000000000000000800000014000180080005eeffffffff050001"], 0x28}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r3, @ANYRES8, @ANYRES8=r6], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r8}, 0x10)
setrlimit(0x9, &(0x7f0000000000))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {0x1}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0, 0x0, 0x40}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x50}, 0x80)
io_setup(0x2008, &(0x7f0000000680))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
bind$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)

17.062972728s ago: executing program 4 (id=640):
syz_usb_connect(0x6, 0x24, &(0x7f0000000800)={{0x12, 0x1, 0x110, 0x44, 0xbc, 0x2a, 0x20, 0x45e, 0x723, 0xb610, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0x3, 0x40, 0x5, [{{0x9, 0x4, 0x7c, 0x0, 0x0, 0xe, 0x1, 0x0, 0x2}}]}}]}}, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x45, &(0x7f0000000700)="ff02810900000000000000000000e6e5846bc8cf97f1c330227275b706fdbc39b522caa330066e8f418749264fbbcdfdbefacd34e4f62701db04000000db442ef040d8b4b638c81ce2c16888f5769f7645439d4e7161b304efa3525b3aff2be069bb37007cb61c08b1b3dd3be806080d8f5e357dc4e3988816bd507de41c253793f74e5153a4898943594f0945987957a714dac1ac17dd883701ec03e3e26c7cb584aeebc6", 0xa5)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x79, 0x79, 0x3, [@const={0xe, 0x0, 0x0, 0xa, 0x4}, @ptr={0x2}, @datasec={0x6, 0x4, 0x0, 0xf, 0x1, [{0x4, 0x9, 0x4}, {0x4, 0xffffffff, 0x5}, {0x3, 0x5, 0x3}, {0x5, 0xd, 0x8}], 'k'}, @enum64={0x5, 0x2, 0x0, 0x13, 0x0, 0x5, [{0xa, 0x7, 0x4}, {0x4, 0x2, 0x3}]}]}, {0x0, [0x0]}}, &(0x7f00000000c0)=""/115, 0x97, 0x73, 0x0, 0x5b}, 0x28)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
syz_emit_ethernet(0x0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000002940)=[{{0x0, 0x57, 0x0}}], 0x62, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='ns\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

12.960089768s ago: executing program 4 (id=672):
openat$ptp0(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r1 = gettid()
r2 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
readv(r2, &(0x7f0000002940)=[{&(0x7f0000000000)=""/93, 0x5d}, {0x0, 0x3c}], 0x2)
tkill(r1, 0x8)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

11.225684414s ago: executing program 4 (id=693):
r0 = getpgrp(0xffffffffffffffff)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0xfe)
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x1000c90, &(0x7f00000005c0)=ANY=[], 0xfd, 0x1bf, &(0x7f00000003c0)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f0000000240)='./bus\x00', 0x0)
tkill(r0, 0x2b)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
waitid(0x1, r0, &(0x7f00000001c0), 0x4, &(0x7f0000000580))
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

10.616369533s ago: executing program 4 (id=702):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, 0x0, 0x2)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

10.293196038s ago: executing program 4 (id=706):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x67}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x2}, 0x18)
sendmsg$IPSET_CMD_DESTROY(r1, 0x0, 0x8000)

10.208588919s ago: executing program 32 (id=706):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x67}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x2}, 0x18)
sendmsg$IPSET_CMD_DESTROY(r1, 0x0, 0x8000)

3.019790805s ago: executing program 5 (id=776):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000800), 0x8000, 0x0)
r2 = dup(r1)
ioctl$GIO_UNISCRNMAP(r2, 0x43403d0e, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet6(0xa, 0x4, 0xffffb650)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b70400000000000885000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffbfffff5]}, 0x8, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
tkill(0x0, 0x8)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))

2.875945007s ago: executing program 5 (id=778):
r0 = memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20)
ioprio_get$uid(0x0, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x8010002})
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2000003, 0x97052, r3, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000640)=[{0x6, 0x0, 0x0, 0xea}]}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
sendmmsg$inet(r5, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000280)="ea6d177f4bca9fdd116cfe98efd4953a9819c23df89e1915ca87034640e03a455bc243e90b1abb18f2907a0741170177e74f7c883ffacb823f2db3515b8e6aa8a863eae7ac1773e9dd0213bd2742121b65b50995549076c9053cda2e6e3ddbb32ccf7e412a918d9678f0c14dceff81869199bbb78b0924f83081c310971a9f7022b66741f1d374e0288348a3669c277bc4da04fe3b113afe9ca8e5d085795d3b78d4cb78f48d37b113e200bcd56a2f892326882a27f6ecf8a3ab9db8f1d61f4131cbb288ce3e8c8aaefd62", 0xcb}], 0x1}}], 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r5, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r6, 0xc0105303, &(0x7f0000000040)={0x0, 0x55, 0x3f})
setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f00000004c0)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0x10000a}, 0x1c)
sendmmsg(r4, &(0x7f0000000480)=[{{&(0x7f0000000000)=@qipcrtr={0x2a, 0x2, 0x4000}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000080)="8ec8eff8", 0x4}], 0x1, &(0x7f0000000500)=[{0x10, 0x104, 0xe86}, {0x10, 0x1, 0x2}], 0x20}}], 0x1, 0x10)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

2.266754197s ago: executing program 2 (id=782):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x7, &(0x7f0000006680))
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = geteuid()
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000500)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0x32}, 0x18)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r3, 0x4b68, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8042, &(0x7f0000000800)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x7}}, {@dioread_nolock}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}], [{@permit_directio}, {@euid_eq={'euid', 0x3d, r1}}, {@fowner_eq={'fowner', 0x3d, r1}}, {@smackfsdef}, {@smackfsroot={'smackfsroot', 0x3d, '^@\x8e\xdb\x19('}}, {@smackfsfloor={'smackfsfloor', 0x3d, ',[[$}*:'}}, {@appraise_type}]}, 0x3, 0x4f3, &(0x7f00000012c0)="$eJzs3F1oXFUeAPD/nXz2a5vd7Xa33e5uut1lwxaTNq02D4JUFHxQECuojyFJS23aSJOCLVWmIPVRCr6Lj7764Kv6UsQnwdf6KEihSF/aCuLInbl3vjKTNJNkxpjfD27mnHtn7jnnnnvunHtO5gawbY2mf5JK+E5E7I2IQvMbRisvD+9fn3l0//pMFEulMz8m5Y89SOOZbDexK4uMFSIK7yW1DXUWr167MD0/P3c5i08sXXxrYvHqtSfOD2drpqaS/g4L1SK9tFwPDr67cOjAC2/cemmmuuc8tfpybJTRGG2VlbL/bnRiPbanLtxxvdF16fmfVtdAuf3vjb5YqfKKXcwZsNlKpVJpqP3mYqnZjWVrgC0rhnudA6A38i/69P43X1p1BAY3p/vRc/dOV26A0nI/zJaIf5VX5uMgA033txtpNCJeL/70UbrEJo1DAADU++J03hNs6v+NVGZGfr5y+5n09Q/ZHMpIRPwxIv4UEX+OiH0R8ZeI2B8Rf42IvzXtvy8iSiukP9oUr6ZfnYQq3N2goraU9v+ezua20qU291UNjfRlsT0ReYd57lh2TMZiYOjs+fm54yuk8eVz337Qblt9/y9d0jzkfcEsH3f7mwboZqeXpjsr7XL3bkQc7K+Vv9L/TfojkupMQBIRByLi4Br2O1IXPv//Tw5VIwON71u9/GWllvNoGzDPVPo44n+V+i9GtfzRMImYNMxPXpw+N3du7tLk1NTJE8dPPTX55MRwzM8dm0jPgmMt0/j6m5svt0t/1fJ/9n3zR54/9fmZrGWtX1r/O+vO/8jnb2vlH0kikup87eLa07j53ftt72k6Pf8Hk1fL4fy+9O3ppaXLxyMGkxeXr5+sfTaPp69RrJR/7Ejz+V9Ot3yNy4/E3yMiPYn/ERH/jModYpr3wxHx74g4skL5v3r2P292Xv7NlZZ/NhrLX6n5hvqvzde3CyTZ3GDDpsFIA30XDt951Obi8Xj1f7IcGsvWtL7+JQ2XiHY5zb/t0jW/rPvoAQAAwNZQiIjddWNJu6NQGB+vjAHti52F+YXFpaNnF65cmk23RYzEQCEf6aqMBw8k+fjnSF18sil+Ihs3/rBvRzk+PrMwP9vTkgO7ym0+KYxHvNZX1/5TP2zMEDPwW+b3WrB9rdT+0078/ltdzAzQVY///X/7nU3NCNB1de2/3S/8ix383xewBbj/B2pWf9CPawZsfSVtGba1NbX/ox4CCL8n/fFKNVzoaU6AbtP/h21p1d/1rytQGmq9aTiWvzmGV95hX3SWjR0t0upJIO1Z9ST1HZ18Kn+aQtv3RGFtOxyKxjWDHdbp2XUejeLlxXP7ayd//myRdR7nUva/8htdg592pZ22CnT9UgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALApfg0AAP//XhrXwA==")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1c, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
link(&(0x7f0000000040)='./file0\x00', 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x114, 0x28, 0x1, 0x2, 0x25dfdbfc, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

2.265365776s ago: executing program 5 (id=783):
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x3, 0x34f}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000240)=0xffffffff, 0x0, 0x4)
sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x50}, 0x4, 0x700000000000000}, 0x0)
r3 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r3, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x20000008, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x58}}, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
epoll_wait(0xffffffffffffffff, &(0x7f00000000c0)=[{}, {}], 0x2, 0x9)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r4, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, 0x1, 0x9, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x9}}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_STATUS={0x8}, @NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_STATUS={0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0x90}, 0x40000)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000060b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f00007d1000/0x1000)=nil)

2.174927808s ago: executing program 5 (id=786):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003480)={0x11, 0x2, &(0x7f00000001c0)=ANY=[@ANYBLOB="17010000a4e50a0a05"], &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x88, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x9}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001380)={0x6, 0x0, 0x0, &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x5a, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000c80)={0x1000, 0x1}, 0x8, 0x10, &(0x7f0000000ec0)={0x4, 0x6, 0x8, 0x4}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000180)=[{0x3, 0x1, 0x7}], 0x10, 0x10001}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = perf_event_open(&(0x7f00000002c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff)
openat$ppp(0xffffffffffffff9c, 0x0, 0x305500, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[], 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r0, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000003c0)=[0x0], 0x0, 0x0, 0x86, &(0x7f0000000080)=[{}, {}, {}], 0x18, 0x0, 0x0, &(0x7f00000005c0), 0x8, 0xe2, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x21, &(0x7f0000000540), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$tipc(r3, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
sendmsg$tipc(r2, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000880)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000000000001000004000000000000000002000000000000000000000000000003000000000300000001000000000000000000e1432cbd4802d2366cf2c03d75a3c01b5ac168e5e9895bda4d508fca73"], 0x0, 0x4a}, 0x28)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000006c0)={0x0, 0x80, 0x9, 0x8d, 0x16, 0x4, 0x0, 0x5, 0x94ba0, 0x48cf3dc79f55ac95, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x10001, 0x4}, 0x100000, 0x0, 0x2, 0x8, 0x0, 0x0, 0x2c, 0x0, 0xc7a8, 0x0, 0x4}, r4, 0x1, 0xffffffffffffffff, 0x2)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, &(0x7f0000001480)=""/167, 0x77, 0xa7, 0x0, 0x20000007}, 0x28)

2.041819609s ago: executing program 5 (id=790):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000f7ff0000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0))
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x65, &(0x7f0000002100)=0x7, 0x4)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000000)=0x28, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="24000000200001032abd7000ffd9df2502000000ff00000800000000080018004e214e21"], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x4040)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00'}, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r3, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000640)=[{{&(0x7f0000000140)={0xa, 0x4e22, 0x7ff, @loopback}, 0x1c, 0x0}}], 0x1, 0x0)

1.948121981s ago: executing program 0 (id=791):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newsa={0xf0, 0x10, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64}, {@in, 0x0, 0x32}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, {}, {0x0, 0x0, 0xf84, 0x200}, {}, 0x0, 0x0, 0xa, 0x0, 0x0, 0xcd}}, 0xf0}}, 0x0)

1.947060201s ago: executing program 1 (id=792):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000080)={0x3920e, r0, 0x8001, 0x4, 0x2})
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000200)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x448d1}, 0x20000080)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x2810000, &(0x7f0000000240)={[{@user_xattr}, {@nogrpid}, {@noinit_itable}, {@nogrpid}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nojournal_checksum}, {@errors_remount}, {@jqfmt_vfsold}, {@jqfmt_vfsv0}, {@data_err_ignore}]}, 0x1, 0x57a, &(0x7f0000000300)="$eJzs3d9rW1UcAPDvvW33U10HY6iIFPbgZC5dW39M8GE+ig4H+j5Dm5XRdBlNOtY62PbgXnyRIYg4EN/13cexf8C/YqCDIaPogy+Rm95kaZusWdet2fL5wG3PybnJud977jk5NzeXBDCwxrI/acRrEfFdEnGgrWw48sKx1fVWHlyZzpYk6vUv/k4iyR9rrp/k//fnmVcj4s43EcfSjfVWl5bniuVyaSHPj9fmL45Xl5aPn58vzpZmSxcmp6ZOvjc1+eEH729brG+f+ffHz29/cvLbIys//Hbv4M0kTsVLeVl7HLm0LaReXWvPjMVY/gIjcWrdihOPu/F9qrn/HndH0R+G8n4+EtkYcCCG8l4PvPiuRkQdGFCJ/g8DqjkPaJ7bdzgPfqHd/3j1BGhj/MOrn43Ensa50b6VZM2ZUXa+O7oN9Wd1/P7XrZvZEp0/h1gvWfcxA8CWXLseESeGhzeOf0k+/m3diR7WWV/HoL3/wE66nc1/3uk0/0lb85/oMP/Z36HvbsXm/T+9tw3VdJXN/z7qOP9tXbQaHcpzLzfmfCPJufPlUja2vRIRR2Nkd5Z/1PWckyt3693K2ud/2ZLV35wL5ttxb3j32ufMFGvFJ4m53f3rEa93nP8mrfZPOrR/tj/O9FjH4dKtN7uVbR7/01X/JeKtiLizazXfHn9T8ujrk+ON42G8eVRs9M+Nw3+0Mitry3Y6/qz993U8/lvxjybt12urj1/Hz3v+K0X9aseyrR7/u5IvG+m82eJysVZbmIjYlXy28fHJh89t5pvrZ/EfPfLo8a/T8b83Ir7qMf4bh359o1tZh/jTZ93+Mz21fzYKZu3fOhB6Ttz99OufutW/Jv5r0aX9322kjuaP9DL+9bqBT7LvAAAAAAAAoN+kjXs4k7TQSqdpobD6/Y5DsS8tV6q1Y+cqixdmVu/1HI2RtHml+0Db9yEm8u/DNvOT6/JTEXEwIr4f2tvIF6Yr5ZmdDh4AAAAAAAAAAAAAAAAAAAD6xP4u9/9n/hza6a0Dnjo/+Q2Da9P+vx2/9AT0Je//MLj0fxhc+j8MLv0fBpf+D4Mr7/8u98MA8v4Pg0v/BwAAAAAAAAAAAAAAAAAAAAAAAAAAgG115vTpbKmvPLgyneVnLi0tzlUuHZ8pVecK84vThenKwsXCbKUyWy4Vpivzm71euVK5ODEZi5fHa6Vqbby6tHx2vrJ4oXb2/HxxtnS2NPJMogIAAAAAAAAAAAAAAAAAAIDnS3Vpea5YLpcWJJ7jRBo7V/twv+wEiW1N7PTIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/R8AAP//nI4y/w==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
socket$xdp(0x2c, 0x3, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000580)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
openat$snapshot(0xffffffffffffff9c, 0x0, 0x4900, 0x0)
r4 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000013c0)={{0x14, 0x3f5, 0x1, 0x0, 0x0, {0x5}}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x0)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
msgsnd(0x0, &(0x7f0000000480)=ANY=[], 0x2000, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x47}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x14, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.905568482s ago: executing program 2 (id=793):
prlimit64(0x0, 0xe, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1d, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYRES64=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lsm=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000340)='filemap_set_wb_err\x00', r1}, 0x18)
r2 = add_key(&(0x7f0000000040)='id_resolver\x00', &(0x7f0000000100)={'syz', 0x2}, &(0x7f00000001c0)="97c9d463203d49d638ee17fd99daac0111f8928ba7ebc1f9ad133a47dc432271c84326d9b851d11d54e9c8270d4fb36cb7f9d4af38065ce3f85bf9416043bc32ee3986ef2bb4524bba5e287a6f9689b5344d99689a94a8299780791a5c1fc510f3b370ea143018", 0x67, 0xfffffffffffffff9)
getgroups(0x4, &(0x7f0000000140)=[0xffffffffffffffff, 0xee00, 0x0, <r3=>0xee00])
keyctl$chown(0x4, r2, 0xee01, r3)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r0}, &(0x7f0000001c00), &(0x7f0000001c40)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r4, <r6=>0xffffffffffffffff}, &(0x7f0000000800), &(0x7f0000000840)=r5}, 0x20)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=<r8=>0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000400000100c2800007000300"], 0x48}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r6}, 0x8)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x52, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000400))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x3}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x17, 0xc, &(0x7f0000000740)=ANY=[@ANYRES8=r8, @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095ffff571e4d5beeb91a8e059e780005acd0803eda37f14d39aa443394f750dce9530356afdea9dc60b7e18db3a2ffcf94029b9b"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r10}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r12}, 0x10)
syslog(0x4, &(0x7f0000000440)=""/223, 0xdf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r11}, 0x18)

1.882984092s ago: executing program 0 (id=794):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000d000000000000002018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0x64}, {&(0x7f0000000300)='V', 0xffffff6c}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b91e8f6cdccd17abe8d40ed02463af4bb0e496344f350097f1cc13313fa1e172b63556ed2b8a8121c01a5fb343ff7767821626fc49b0d6bd522e1c9bf137d5a5bccb4bc8dbb64c83a82ef6c2894f3896c9f6bf0c3764011d53eeb6db9ea9dae22d3ebcca4942d5828c0bca0d9ea37701d5a06c066ac4fe318e11e9c0d6c658ac810fb5d7836cfffe4ccbb0934e5567d74695980a156d4bf1c18861c5a29ccd349999dc20562d00e1f6c1851ae563541086438d60b975c8ceb466414ff60efa0b2dee790fd0659ffa98b92414c13d5a6825368f56c4984412205041cd8e006c7127d4395ecdffb5addf80ef938ce54a367154c4fc286d5f969325c12b13655a9a956dd3b98281f537e837669fc55d8930676e807aa8cd046e0f4583d59f86cb99f3f7a7ddde1fb39111fdec7677d2fee4b8f4814a5def5ebcc67c653384ce80eaffd880405f7edf8fd3ea049f040595df4a75e2f892e7a85e0ba351fb8d263bfff7168bb85017b360fcd2ba89346682a6ea7ccc46afbdb5ab444e3f477238b2ab503bde914d3cf1789539cde9c0621152cd97bff9f235d88a1ef4ea4309db3a05d401af7fb82784b050ef529dab4f1f003eb29710a962f7538c521e617e2f0efac36182d09985e1d725cc38c3833a53742a02f76fb2854a9e45f0febacf3bda83f11183ef5b9fef02ebcdf56d4104b175bad937d8f61964f97d673577cdcbbb48d8eb62b063ee6563b9ff053719baff871bcd83822d865b2f7ef023076425ac5cd71b1f2309de0c6f14cc9c4d3e8fad945f756a7c8a084ea1bfdf5ac6e740043e7f7bdaca06774b084ae314c2636529d4fdcd965c7f8c07156572620b827d694efdc9d2bfc5aa9391220a83765f2c71fcd48d4acaed60afb53d1013fa3b15e948ec4159f7d130ef85b594018346e99034c18738285223ea53a6b1d5cf11a607de2e19608ba03ec970a915b773824261f3fc931dd6d3b934d89f07baf14776314c3eeb8cd0537ef5736f565fbd14e520d4ab2f77ed9597b76ff91f8d1f99ebd6e473efda7accb273975a06944d1037032129992b994ca791a09b4d83980a1e494b0f97098df5f6fb6bbb02722adb11dc319c565c2c363cbd19d9fb3efb4613b62d6584cd53f7bd80e3e89304f444ce9dd1835661e3bb4de02ccf568a2a5daaf0d56898d4286c3fb62e22af62d7ac318685834467f337561dde2e0c1e2827cdffcf42c17728ee64b3ff4ccc0227590badd0bd7e448b8cca0892d6a5e0130d2ac665f47c6b28daa101c1b319869bdd39fa924d6d9ba7d72feda5f21ac78641c7d4801d41c7879721b3be4dab40d9c4a78552440101f373489cc5240b0144a9ce32691a784b6dfe971a21bb5980ff67da2d1bb90b223c9e192a39c1aeadd1f5c790811079c0b51a97105c99b6f95d71bb3ea47c33d9dcb0a53c929c44499e184a3cd722c908d3b0d157e28ffdeb2ed7192e780d96a7a2f0fd5a87bdc973e049da0caf931f26f5a21813e2e602ceb2259997e0205ce48fd9424bd6d4d75dd4301f429ee30745cd839a40dbeab4c3db2f0f10bbaea071ca41d1392385681730a3678a5f60f604dbe19cb9d7dd234337e327451b8cc65394af399432ef7fc3765d055874ebdca14e5999292d6f72f31e92bacf25db5ef8f5212952c1910de06ddbe1687a0e1837922f2228289916ed3aeb7b9cc24da3ae47139e371930afa6d3573df6732c26c0c7ae06d9cedfa77160711bcb06e6553338deae4c5731cf53cc154113096d02f3036d7d9edfcdc331e4bb860c5208489212e904eab70e7f860b0379895cbdecbf7a0b7a25e5b853c7dbe08a4e296a30afec8cf5a9f6ea4aef32a508655d539a770b21e660c9ee1d7688c56abeb7cf1afccc8d59780cf26312589e0c8e1bc00ad7b1325cd9a5dd69246e0b33407c381ea09265154aec297e4ccdf9785a1042a83e77c13d4ce4360782f2428f9916b5cd123b089eb683d30c1e895b9944aa905a1a5b52301d8cc5e4741834ead6ebdb5dc05c9c49c5e883e99d40b9838037beaf876534d747856103e59caf6266fbbe760b6ef83d004634b74f14f8eb4aef93c4cc9cbbd78d83d532c70feef51ea3f170b25d81a6a9b074bfca7e9b3771bf83517e0dd9d0600f70b86b20f61fe36076f8bada334b2390fa954973bc901619a3cfd039349cb328625f495ab288dbdd6dbfd022c2a83f59e0b998619a12e35891b5ae9e83a71765507b4a571cd2241e5885c705244c1022688bef7c5065fbcf219fc01753adb611b3fbc09403dcb10a4f99d788667eff75fa27074ca8481a633530e26163ccf7dada049d23e717e067b6fa5b2f652bc50abda9e7ccdc5f2f3c35ecc2c4431c819c9691be4422e379750774e9f39dae06f26423c8a4278789c9f3111b43f6dd25b0ad47c4cc5fda3f3ed82079c9366e0adced883488f429c1d7e1b351fd0bb204dd7977ef224c4df6d7a5f7697bc6500a7d03a8a914154779fa7092bf1be6bad4092367ce5d295a5d5d0e7c469f372ca2011d612637025e89f178ae9ada0c5b73bcb7d7c034ff595263cd4216e3c76ba5f3d81932a088a90bf8043e877e299c670ef1622a098d5519d9adc4ee7d4cd00e5934a4375fa83fdb81214b892482b31bdde59a70aaf25cb7f417c3a2a91c4e54b48149f6c41d9d396ee6ff13e3028c64a7c9b1f2e7c6e67184a3d52d6f570db3d225c947423c4c6533f22df57d15c5e5a3183422bd378b06fe4732a9401dcb19840fb8fa5c50a0ff497fef362c507753e46b8881d3e767f3b1d893a3805941c94f2efa05ce34b9ea81d716984af6834230d4707a87089d40779503ee6a9bb245d7d997f14acb80e89731c042bbbbe3dcd05177b0ee0eec23455830ef5b65aca357f2b0b887e0b9821c0", 0x1000}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0xfffffec0}], 0x4, 0x0, 0x0, 0x8000}, 0x0)
dup2(r3, r2)
setsockopt$sock_attach_bpf(r2, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmmsg(r2, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4, 0x200000d1)
sendmmsg$inet(r3, &(0x7f0000001440)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000900)="f9d481b183c8f25196c4d85859a0e1b3a4da0c756cff8fe87ba4d4b9ddaa4d44b5fccb66806e407a5b849557f866a4571a9d4d2ef9a463c3e4859ab10dc3e6fbaaa3067217", 0x45}, {&(0x7f0000000980)="f64e2ede071efdd1c72786b2fe2d9cb6272c9eab7a815f2058971845d68915170f45b44661511f0b295f01deda46d10cf1647364e8a29d0963ebcea4b89176089519cd5c8d9ecf705b5218d1ff814233c7206d80afa2f652b29461f700a6071a1d8e98b380333e2c6073a25faeb332504459c4c4395d2d7ff35144c0d5df228e9b43524c0f61adb83b12a5220f8dc2e317256222c22319a0c7c131b806a7c901bd7b9d9db4ac8faabf431ce48755f6818bd241d02f2c45ce10a41780be9c3632e51cf3df5cdf4e92f953fa9760e239b256aa7542db53adb58bc1a29d099883ef3aa639b8cc260dd0fc770a3a9f465b1381e3", 0xf2}, {&(0x7f0000002600)="4772d8cff1ee940487851c4d7c205f51cf55f05cd1755be6039c4f650326bd3f4dc3ff3cdd5416f89e90f052b8ba18d28df3a3b421df4d9471f788bca19da35f85b7dc703f771247cfd1c04fbb5b4c16c989bab12277cc916bcf6d61106321a6de6c24f97b55ca858f4e7f73e5d2d8dc4bbe4a6c5dbb07ccc55be5760f2d82bdeba0d41ea2d309b7cb2c549705c078975a861d0520b3945b87b6406086706d81b0de4a04ad84767a4e4d0e30da8faa86b21d086cdeec754d035390d78bdef113c07fbb1d0752f7ae7c570e998949477d83ccc58d42bbf20d8a1a004e2c68661f7c6dc08a7d2b8280aa596c5a741b7467e13d1d54a9696b40c020ebe86d7a8e342cfcc9c6cf373d1783958cec3b22d20bafb7ef86d7f59f8ca0aaaa95af21ccd668154ec5de82f824d95532143e5b7f5d210168d94852c11688860c95267298c320d2a8a07f875fbcd4ec520c52f8960904dcd27abe6e70b7aa93b645ea6d6910fdc4345eb8948e7a605ec6bb90ef6a40a3b0344b7f2e53f7224575ac12904c5a3b6c17e285a29290e1dc6b2a2b568fd4dcf6c9332080ae4f89d71eb90b69a91b3564ea09d4c56b26d1904c5a2de2fe0b5021399d1c7f84f7bd81152e9e5a3e4d7d05cf9dced5ed1b541e701f703f5e2451ece02fc06600abe0cc9b675d4d82a4ab03bf16d20391d12f18b543a07978c7cd35a9d22fa03a10428e7091bc96dd98808205de86626f1309c1de66850b2e3ac3d7bc0ce2b4bf920e05205e2d0c52ff507dc7949d57b43bc2d290c6888f7dab24fa0ea1bf75e3db5d8cabdd898137d20bd68c2a7ce65b599a77c1b3cedf3ebed0f1ce1faab927a617e76d357135a0dd7bddacc3695372f73dc7e0326649bf3865ed2105d3147b9116b0c4c9e14d2eb803a3ec12a09627f28812972e662b63da4ddf2138c1d23704886a990cc8ceb6148bb96709ab33c87d214926da15578073a5ef160c80a157d7f63ff25cbd4f88dd78741ab5f3e60413463d60e2225421e05ad1c26aa15780133ef5fa0176368a0cc7712d59d5a2b2773a94804df2fc49c5250b8203ca1ecbd73563a128d6e5dc2bc908e0c9665e188870793cb40efa29a518395657a61b885e50be4a20671d90b689efe4cbfbaf736699996a45761eefba7ff4c35ed9623bea1c9fa9a87589d5cb160b0a4f8f653e56c320bc2feeaef918e4848ccc42f58e34c9e61ff8fee91910282b3693e8261c7a85602f2d5d136bba9ab79e56e7d1ab3ba4d4a95844414f956a6383b908df12a1e75d9053321f274db3b2ff88cb3854e748c4022560ab4fb96c7d356461acaf7994a8bda0feee83acf57fa0c0218e0bf0da77eb055fd7baf15e3325771beb7310d78f11477e687d37d94dcea10e1bb835bcfa824c288f2c8dadc099e347de2658bbe9078b4ed072f723aaf6d0eb66838fe265c0d6dcc6d9408e592c02b119a8a2f6ef6e0bd1f21a4016d2dda6358d30a8d4caa61fb21a4b4adfb555d5db9ed90a737f5da55fb49a958626bdb9b8170491d6b909aaa49b70dc9aaeb52a5e8542078583fdf72a1a35d88b2cdd0de06194570b07c136a7b67b2ec1b7b42d0752371ca55ba3b6d697699c1507b19803fb4277a79952157adfb15c0301b5aa4392cd5cfe00db6d44a2e531aee61fd1dd44215c5571756ca695e092254e845d33b6", 0x4a6}], 0x3}}], 0x2, 0x1)
r4 = socket(0x2, 0x80805, 0x0)
write$nci(0xffffffffffffffff, 0x0, 0x1a)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0xa, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x65a6, 0x2, @perf_config_ext={0x8000000000000001, 0x8}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x8000000000000002}, 0x0, 0xffffffdfffffffff, 0xffffffffffffffff, 0x2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x7, 0x0, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0xb, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xa000000, 0x0, 0x0, 0x0, 0x80000000}, [@printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0x8, 0x2, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0xc9}}]}, &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
write(r5, &(0x7f0000000040)="3a03000018002551075c0165ff0ffc02802000030004000500e1000c040007031a000900", 0x33a)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1014002, &(0x7f0000000740)={[{@nogrpid}, {@discard}, {@noload}]}, 0x1, 0x62a, &(0x7f0000000100)="$eJzs3c9vFGUfAPDvbLe/3/dtIW/eVzxIE2MgUVpawRBjItwJwR83vVRaCFIooTVaJLEkeDEaLx5MPHkQ/wqVxKv/gAcvngwJMYaDGCJrZnenTNvd7c/tlO7nkwx9ZmZ3nu8u/fZ59tlnZgLoWCPpP6WIAxFxNYkYyu0rR33nSO1x9/+4cS5dkqhU3vg9iRsfJYv5YyX1n/vqT/57KJL06fsnvltV79zC9UuTMzPT1+rrY/OXr47NLVw/cvHy5IXpC9NXJl6aOHH82PET40e39PqSXPn0rXffH/rkzFvffPUwGf/2lzNJnIxHXbV96eta+dzeLdWcvmcjUal5kN+evq8ntnjs3eLPoez3JNMfSbmwcNig8/Xfx+6I+H8MRVfuf3MoPn6t0OCAtqokkbVRQMdJNpX/fdsfCLDDsn5A9tm+0efg1Upt7pUAO+HeqdoAQC33uyMiy/9ybWww+qpjAwP3k2XjPElEbG1kriat46cfz9xKl2gyDge0x+LN3voY+cr2P6nm5nD0VdcG7peW5X8pt6TbX99k/SMr1uU/7JzFmxHxVL3974nH+V/72q9l/o/k8v+dTdYv/wEAAAAAAGD73DkVES80mv9XWpr/09Ng/s9gRJzchvrX/v6vdLdeSLahOiDn3qmIVxrO/12a4zvcVV/7d3U+QHdy/uLM9NGI+E9EHI7u3nR9fMVx8zOEj3y2/8tm9efn/6VLWn82F7B+pLvlFSfiTk3OT271dQMR925GPF2d/3uwvmX5/L+0/U8atP9pfl9dZx37n7t9ttm+tfMfaJfK1xGHGrb/j7vbSevrc4xV+wNjWa8g87gH8MyHn3/frH75D8VJ2/+B1vnfm+Sv1zMXsbiB4/dExIsL5Uqz/Zvt//ckb3Zlx099MDk/f208oic5vXr7xAYChj0sy4csX9L8P/xs6/G/pf5/Lg/7o8HfgSYjdP97NPhrs3i0/1CcNP+nWrf/w8vb/w0UskPcHv6hWf1n19X+H6u26YfrW4z/Qd7q63GsN1MLCRcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnnCliPhXJKXRpXKpNDoaMRgR/42B0szs3Pzz52ffuzKV7qve/7+U3el3qLaeZPf/H86tTyxf70/r2hcRX3T1V/ePnpudmSr6xQMAAAAAAAAAAAAAAAAAAMAuMVg957/Su/L8/9RvXUVHB7Rduf5TvkPnqef/p29v+JmV3u2PBthJ5aIDAAqz/vzvbmscwM5rnv8PHlaqdjQcYAfp/0Pn2mT++7oA9gDtP3SqdY7p9bU7DqAI2n8AAAAAANhT9h2883MSEYsv91eXVE99n8n+sLeVig4AKIw5vNC5yrNFRwAUxWd8IFkq/dXwZP/ms/+T9gQEAAAAAAAAAAAAAKxy6IDz/6FTtT7/39x+2MtanP9fTf7yuh8OPGma3/pD2w973crP+LkG3g2/oEOs1do7/x8AAAAAAAAAAAAAdoG+65cmZ2amr80tPHmFV3dHGBsrLE6u+Zju2B2htir0R8TSlkftqas7Irb/yOWi37p1FLJLcBQYRsF/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX/BAAA///UiSJV")
sendmmsg$inet(r4, &(0x7f0000000600)=[{{&(0x7f0000000100)={0x2, 0x0, @rand_addr=0x3}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)='`', 0x1}], 0x1}}, {{&(0x7f00000006c0)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000200)="ed", 0x1}], 0x1, &(0x7f0000000300)=ANY=[@ANYBLOB="20000000000000008400000008"], 0x20}}], 0x2, 0x0)

1.855565892s ago: executing program 5 (id=795):
syz_io_uring_setup(0x235, &(0x7f0000001240)={0x0, 0x10008cc8, 0x2, 0x2, 0x75}, &(0x7f0000000200)=<r0=>0x0, 0x0)
syz_io_uring_submit(r0, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x12)
r1 = creat(0x0, 0x0)
fallocate(r1, 0x0, 0x0, 0x1000f4)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0}, 0x81}], 0x1, 0x2100, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r2, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
socket$inet6(0xa, 0x3, 0xff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r3, &(0x7f0000003740)=[{{0x0, 0x0, 0x0}, 0xfffffffa}], 0x1, 0x10140, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x2}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r6, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) (fail_nth: 5)

1.774940293s ago: executing program 1 (id=796):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32=0x0, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f00000002c0)=""/4094, 0xffe}], 0x1, 0xf0, 0x3)

1.514291717s ago: executing program 2 (id=797):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") (async)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYRESHEX=r1], 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb:\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x54082, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x18) (async)
ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x18)

1.476835058s ago: executing program 0 (id=798):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0xb4}}, 0x20050800)
unshare(0x40020000)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000040)=@qipcrtr, 0x80)
read$qrtrtun(r3, 0x0, 0xeffd)
dup2(r3, 0xffffffffffffffff)
r4 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
sendmsg$nl_generic(r2, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB="30000000320020002dbd7000ffdbdf25150000009cb6f1dab5b6c75c3551bf86a2810529e08b149c95056dc99693c600"], 0x30}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r4, 0x0)
r5 = openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$selinux_create(r5, &(0x7f0000000340)=@objname={'system_u:object_r:urandom_device_t:s0', 0x20, 'system_u:system_r:kernel_t:s0', 0x20, 0x10000, 0x20, './file0\x00'}, 0x61)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073f97a310000000008000440080000000900010073797a3000000000080003400000000114000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f50000000000000000020000000900"], 0x34}}, 0x0)

1.429043878s ago: executing program 2 (id=799):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
dup(0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$tcp_congestion(r4, &(0x7f0000000100)='reno\x00', 0x5)

1.426552469s ago: executing program 1 (id=800):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000025000a20000000000a01030000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000003740000001e0a01020000000000000000010000000900020073797a32000000003400038030000080090006400000000024000b802000018007000100637400001400028008000160ee00000000000040000000000900010073797a30"], 0xe4}}, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4094, 0xffe}], 0x1, 0xf0, 0xd215)

1.377543219s ago: executing program 1 (id=801):
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000400)={'wlan0\x00'})

1.234581532s ago: executing program 3 (id=802):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$USBDEVFS_ALLOC_STREAMS(r1, 0x8008551c, &(0x7f0000000640)=ANY=[@ANYBLOB="9b0008000b02cf8c16823015b986693c10b2af73186395dfa20b2ad4ba0217bf8b5e73db9f62d11bd188ea503e074e48ad7dc52e2f7e6e653276fd6239f8e3fce75e5e83089abfb3ad9e41d1c79808c3a413d3808f51080de0509d522b849f87222819a029b30927b89437580f280a09cfeb2292"])
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, @perf_bp={0x0}, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_bp={0x0, 0x1}, 0x100410, 0x200, 0x2, 0x5, 0x9, 0x9, 0xfffd, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000280)='fsi_master_acf_cmd_rel_addr\x00', 0xffffffffffffffff, 0x0, 0xfe23}, 0x18)
r2 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x3bac806, &(0x7f00000003c0)={[{@test_dummy_encryption}, {@nobarrier}, {@norecovery}, {@journal_path={'journal_path', 0x3d, './file0'}}, {@discard}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}], [{@obj_type={'obj_type', 0x3d, '\xeel\xc0N\x86-\x00c'}}]}, 0x1, 0x43d, &(0x7f0000000900)="$eJzs281vG0UbAPBn7SR9+/FSU5WPpgUCBRHxkTRpKT1wAYHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFrgYrTZ3cR27LQOTlzw7ydtMrM7zszj3bFnZ7IB9K2R9EcSsS8ifomI/Vm2scBI9uvmytL0HytL00nUaq//nqyWu7GyNF0ULV63t8gMRJQ+TuJwi3oXLl0+N1Wtzl7M8+OL598ZX7h0+em581NnZ8/OXpg8derE8YlnT04+05U407huDL8/f+TQy29efXX69NW3fvgqKeJviqNLRjY7+Fit1uXqeuv/delkoIcNoSPlrJvG4Gr/3x/lWD95++Olj3raOGBb1Wq12r3tDy/XgP+wJHrdAqA3ii/69P632HZo6HFHuP58dgOUxn0z37IjA1HKyww23d9200hEnF7+8/N0i+2ZhwAAaPBNOv55Kh//NSz8lKJ+XuiufA2lEhF3R8SBiDgZEQcj4p6I1bL3RcT9HdbfvEiycfxTutbhn+xIOv57Ll/bahz/FaO/qJQj/iqGy5UYTM7MVWeP5e/JaAzuSvMTm9Tx7Ys/f9ruWP34L93S+ouxYN6OawO7Gl8zM7U49U9irnf9w4jhgVbxJ2srAellcSgihrdYx9wTXx5pd+zW8Tcaqs90YZ2p9kXE49n5X46m+AvJ5uuT4/+L6uyx8eKq2OjHn6681q7+TuPvtvT872l5/a/FX0nq12sXOq/jyq+ftL2n2er1P5S80bDvvanFxYsTEUPJK1mj6/dPNpWbXC+fxj96tHX/PxDr78ThiEgv4gci4sGIeChv+8MR8UhEHN0k/u9fePTtxj1JB/FvrzT+mY7O/3piKJr3tE6Uz333dUOllegg/vT8n1hNjeZ7bufz73batbWrGQAAAP59ShGxL5LS2Fq6VBoby/6H/2DsKVXnFxafPDP/7oWZ7BmBSgyWipmubD44mw+dyG/ri/xkU/54Pm/8WXn3an5ser460+vgoc/tbdP/U7+Ve906YNt5Xgv6l/4P/Uv/h/6l/0P/atH/d/eiHcDOa/X9/0EP2gHsvKb+b9kP+oj7f+hf+j/0L/0f+tLC7rj1Q/ISEhsSUbojmiGxTYlefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0x98BAAD///1B6is=")
openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000080)={'syztnl2\x00', &(0x7f00000002c0)={'ip6gre0\x00', <r3=>0x0, 0x29, 0xc, 0x1c, 0xfffff3e7, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8000, 0x40, 0x9, 0x6}})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x14, 0xf, &(0x7f0000000440)=ANY=[@ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r3, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r6 = getpid()
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40080, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x2, 0xfffb, 0x0, 0x0, 0x0, 0x5}, r6, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="a1ab23bd7000fdffffff320000000800170159004000c2c46a62a03544b12cb4a974b6cd631b448a906fe5f5fee218247958426514c25b76f9b01f779f0ad082e3368ed43c3c7ca7bd9d6287"], 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x200080c0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r9 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000000380), 0x12)
open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val={'init_itable', 0x3d, 0x8000}}, {@nodiscard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {}, {@nobarrier}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r10 = syz_open_procfs(0x0, &(0x7f0000000140)='cgroup\x00')
preadv(r10, &(0x7f00000000c0)=[{&(0x7f0000000480)=""/128, 0x80}], 0x1, 0x12e, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x13, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6c00000010001fff010000000000000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000440012800b00010067656e6576650000340002800500090000000000050009000100000005000a000000000005000300f90000000500040040000000050004000800000008000a00", @ANYRESOCT], 0x6c}}, 0x48c0)

930.337076ms ago: executing program 3 (id=803):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x2}, 0x18)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffff"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)

806.370918ms ago: executing program 3 (id=804):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newsa={0xf0, 0x10, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64}, {@in, 0x0, 0x32}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, {}, {0x0, 0x0, 0xf84, 0x200}, {}, 0x0, 0x0, 0xa, 0x0, 0x0, 0xcd}}, 0xf0}}, 0x0)

777.830798ms ago: executing program 3 (id=805):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32=0x0, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f00000002c0)=""/4094, 0xffe}], 0x1, 0xf0, 0x3) (fail_nth: 3)

496.101593ms ago: executing program 0 (id=806):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x60800)

430.267583ms ago: executing program 2 (id=807):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1400010003bd7000fc9bdfd6000000e0ff00001a"], 0x14}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002840)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001f7ff04b7050000240000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c061c6238975d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4988a0d411a9872971c7c56f0979bd10b97163c066d0e196bf0fb04e500b0c0502df9de9ca3c00cb9a323d9b401bf4e418d07fa22f0610a70f2bdf4000200000000b0c2c125080963f6324bb7b80197aa3161f45346b100000000000000000089e399f6609876b588743794298b79dc192dff048fc207c81f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be06000000000000005064caec04a367c23d9fb6a6991ddb737d527d6acb15426406991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a313e3b3ca5d3393404029e98fa883c71949a34d84030323e3d54fc5b29d27643453ad9226e3550ee5520211d9370175fba303f003073afd1ec9f7c6133f260c6882a146880b9387f1beb5418618bc83a3becf9bb5d80eff7da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb2f30a246c3b2f60000fc4deb91da1368b0960b8d69bd99c64893d44f962524429dc0584b8e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e58219bc54f6ad5679e7f430e6960ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7073be648b12bb1fee58958d6a6f31bfe568215dfbde59dad00008a73b40f09cf018cd496b36050d7fd45e3620c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc348ef2ac3781b847611fcb0a26acafdd6d9a1b17dcb9f7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a938476adeebab9ff44f531bb0200000000000000cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d944763a4bf5e138d810e29a31f08f7dea7762d2d8f7e1d24cabe17ad4135d8872935ceac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cd43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef8234ff850ec3948dd1fa7afb77d951fe4abf618121b7894c106beb49a71c62df5544ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f481112ab8a82247e927fb6f256830dab3671f00500d36a17790bab7d0e89e6c15314f2b963bfc867953476b0505c7d728326d666f39e82cfcf7e7a85df288d75df24c5e4d529c349923f9a4fb882310391dd58b4cbd8def239a227724d39c3e6c40e20e07e68a22888a5c3941b7a765b92bcb37f302487bcbd93ccf3a104021ff34ddf7ffcca1a04eae963e25516a114573779b24a341dfb2e80f1f345c6d96493ffc2a18478b5bf3aab2ea59c51cf0678e1a57d0ea042d911548ff612002ddb2d54d42fbdde42b56887003d27468225b2594a05044baf314113e889468cf13dd92aa0d7744db6b56557a5adad95cb9a69d4de50642b4b9d6d3ba7eb534b00d0fea62f0a61535dfc4da06e7f8695be614c557caed7eb0120516e1351fed7d8ffa31c8f4be364185469cfc5f25c90d71bce745dd2d58a30e0844f12c4cbbdd7a08465e665c2620d78673dfb6d9263ed7def8924cfcd48a8a3534f1a3eac9ee9f18a18106ba3d7c7a62330f5c0e98cb7982dd7bad02c8dba9c13894185bfc4bd2520b6e2043fcb3fc5eb55ecf9e6e363ea2ac40a14a6f00f0ffffa0fdb6487c51ef12c2e88beeb5aa6f6a4151cfb90644e50630ed474df7d1635afcb1ea3f6c47b5acbba2ce5099a9387f74d1ffbd1da497613174f76a656ba5bacccbb58dddaf9a3510d65383829a51e0f41e661fa80ca1eaaa6cf0824305ba4ec80400c50ffe83ccb0e6fef321190c58aca8c7c8c6d26ff5cbc2cadebda8e1219e04f8dacffd33db1a0a2e74c9eb978d80a12d0b5327bfd053000000000000000000be0d02a14708504412fa93d335992b2983c5addc191b4a21c7b340d0536b01958e15315eb5f3f9f4992c18f666359f40295fa73284c4b607669bae75bd68c3e2b770c324a0ab26b6065d7e95a7bd80052db57506ec7cc861bf3998d07484c66630ca8173fea3f06ed1dfc70a8b90418e2dc76137e0f68cb1c8a908aef9f009f85647dba54e05028c33d94d463fb20d2e7547184b8d3611e45dff02144387f342ef9b9bf650e9d049bf65258a7bc094a6965e24611c077e1ca0891362a9d68f3ec7610c0449acf18459110500a09b75885cd79ba32776e4a511c8a4ad922b000000000002ef507ec6fc7f5dc431b9d8cbd9003972bf1dc6a71bedad8e19efc3edd2a7a7e555d5f3176af69920471e6e5bcb8966c813c132d65e2b99d3015e06b372e1aefaae14ee3fbc6349af362c19b59c214de66912d1a9a98d92dc197a51c29443de62caca334c46d110e50896fe50d0477771d387f40c8ef05750ca651e6e69a237dcf78666d6ab2bda1f853525494e4efdd93be38bb5fc671f8794002d7a951fd336aaf4ed1166cb459df70218c571ba1c40b028234505e5477effff26af8812c2fbb8785a223fce0a0601c2a3b58bea8c6216eadabcabe86ab46e4cd3d58ef7ce8d3c4b0bc5952e81dfc0a490d8568db6f9c51fe703c6864fae0053d2f91f49e977cdc1962dbc28c29471a7219986"], &(0x7f0000000340)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r1, 0x18000000000002a0, 0x204, 0xfffff000, &(0x7f0000000040)="5aee41dea43e63a3f7fb7f11c72b", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x84042, 0x1fb)
write$P9_RUNLINKAT(r4, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7)
writev(r4, &(0x7f0000000240)=[{&(0x7f0000000040)}, {0x0}, {0x0}], 0x3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000023"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, 0x25, r4}, 0x94)
r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x80080, 0x0)
syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x0, 0x13100, 0x0, 0x0, 0x0, r6}, 0x0, &(0x7f0000000000))
r7 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r8 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r8, 0x2def, 0x0, 0x0, 0x0, 0x0)
getsockopt$sock_int(r7, 0x1, 0x1, &(0x7f0000000100), &(0x7f0000000400)=0x4)
r11 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r12 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r12, 0x40345410, &(0x7f00000083c0)={{0x1, 0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r12, 0x40505412, 0x0)
ioctl$VT_RESIZE(r11, 0x5609, &(0x7f0000000080)={0x1, 0xf, 0xf})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

429.730113ms ago: executing program 3 (id=808):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x2}, 0x18)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)

429.201183ms ago: executing program 0 (id=809):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x5, 0x4, 0x7fdf, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
listxattr(&(0x7f0000000540)='./file0\x00', 0x0, 0x0)

428.225823ms ago: executing program 3 (id=810):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0x1)
sendfile(0xffffffffffffffff, r0, 0x0, 0x7ffff000)

404.257124ms ago: executing program 0 (id=811):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
dup(0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$tcp_congestion(r5, 0x0, 0x0)

333.091225ms ago: executing program 1 (id=812):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001200)=ANY=[@ANYBLOB="640000000207010304000000000000000200000724000780080002400000000308000c400000000408000240000007cd08"], 0x64}, 0x1, 0x0, 0x0, 0x440c0}, 0x4040804)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000005f80)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {}, {0x8, 0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x58, 0x2, [@TCA_FLOW_ACT={0x54, 0x9, 0x0, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x20000001, 0x4, 0x2}, 0x1, r5}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0x88}}, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000240)=<r6=>0x0)
connect$nfc_raw(r3, &(0x7f0000000280)={0x27, r6, 0x1, 0x5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r7)
sendmsg$NLBL_CIPSOV4_C_ADD(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="50020000", @ANYRES16=r8, @ANYBLOB="0100000000000000000001000000080001000000000004000480080002000100000010000c7d0c000b8008000a00b4ed000004000880c8000c8024000900f36aad4208000a156878badf10076800d5441e0f080009002bd49f3b0c00008008000a00697100002c000b8008000a"], 0x250}}, 0x4c000)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2000002, 0x42032, 0xffffffffffffffff, 0x80000000)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
syz_io_uring_complete(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)

128.248498ms ago: executing program 1 (id=813):
syz_io_uring_setup(0x235, &(0x7f0000001240)={0x0, 0x10008cc8, 0x2, 0x2, 0x75}, &(0x7f0000000200)=<r0=>0x0, 0x0)
syz_io_uring_submit(r0, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x12)
r1 = creat(0x0, 0x0)
fallocate(r1, 0x0, 0x0, 0x1000f4)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0}, 0x81}], 0x1, 0x2100, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r2, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
socket$inet6(0xa, 0x3, 0xff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r3, &(0x7f0000003740)=[{{0x0, 0x0, 0x0}, 0xfffffffa}], 0x1, 0x10140, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x2}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x20, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r6, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

0s ago: executing program 2 (id=814):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000240)=[@mss={0x2, 0x8}, @window={0x3, 0xe, 0x7ff}, @timestamp, @sack_perm, @window={0x3, 0x0, 0xfffc}, @timestamp, @sack_perm], 0x7)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x11, 0x0, 0x11)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

kernel console output (not intermixed with test programs):

ass=netlink_audit_socket pid=4353 comm=syz.0.301
[   54.232341][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.245793][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.328613][ T4369] loop1: detected capacity change from 0 to 128
[   54.376522][ T4360] loop4: detected capacity change from 0 to 128
[   54.510660][ T4369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.306'.
[   54.526605][ T4360] bio_check_eod: 95 callbacks suppressed
[   54.526622][ T4360] syz.4.305: attempt to access beyond end of device
[   54.526622][ T4360] loop4: rw=2049, sector=137, nr_sectors = 8 limit=128
[   54.547697][ T4369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.306'.
[   54.556893][ T4360] syz.4.305: attempt to access beyond end of device
[   54.556893][ T4360] loop4: rw=2049, sector=153, nr_sectors = 8 limit=128
[   54.583872][ T4360] syz.4.305: attempt to access beyond end of device
[   54.583872][ T4360] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128
[   54.601349][ T4374] loop2: detected capacity change from 0 to 512
[   54.609141][ T4360] syz.4.305: attempt to access beyond end of device
[   54.609141][ T4360] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128
[   54.623091][ T4360] syz.4.305: attempt to access beyond end of device
[   54.623091][ T4360] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128
[   54.637754][ T4360] syz.4.305: attempt to access beyond end of device
[   54.637754][ T4360] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128
[   54.651313][ T4360] syz.4.305: attempt to access beyond end of device
[   54.651313][ T4360] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128
[   54.665469][ T4360] syz.4.305: attempt to access beyond end of device
[   54.665469][ T4360] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128
[   54.685077][ T4360] syz.4.305: attempt to access beyond end of device
[   54.685077][ T4360] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128
[   54.697378][ T4374] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.307: Parent and EA inode have the same ino 15
[   54.698684][ T4360] syz.4.305: attempt to access beyond end of device
[   54.698684][ T4360] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[   54.798440][ T4374] EXT4-fs (loop2): Remounting filesystem read-only
[   54.812216][ T4374] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   54.855580][ T4374] EXT4-fs (loop2): 1 orphan inode deleted
[   54.866163][ T4374] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.070692][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.761497][ T4392] netlink: 'syz.2.312': attribute type 1 has an invalid length.
[   55.914107][ T4392] 8021q: adding VLAN 0 to HW filter on device bond1
[   55.922779][   T29] kauditd_printk_skb: 217 callbacks suppressed
[   55.922815][   T29] audit: type=1326 audit(1751396143.239:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   56.096143][ T4394] 8021q: adding VLAN 0 to HW filter on device bond1
[   56.160071][ T4400] loop3: detected capacity change from 0 to 1024
[   56.211086][ T4392] netlink: 'syz.2.312': attribute type 3 has an invalid length.
[   56.249978][   T29] audit: type=1326 audit(1751396143.269:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   56.273431][   T29] audit: type=1326 audit(1751396143.269:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   56.296693][   T29] audit: type=1326 audit(1751396143.289:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   56.320084][   T29] audit: type=1326 audit(1751396143.289:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   56.343570][   T29] audit: type=1326 audit(1751396143.289:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   56.366831][   T29] audit: type=1326 audit(1751396143.289:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   56.390129][   T29] audit: type=1326 audit(1751396143.289:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   56.413329][   T29] audit: type=1326 audit(1751396143.339:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   56.436657][   T29] audit: type=1326 audit(1751396143.339:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4395 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   56.510809][ T4394] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   56.554779][ T4394] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   56.572461][ T4392] netlink: 28 bytes leftover after parsing attributes in process `syz.2.312'.
[   56.593188][ T4400] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.628470][ T4400] EXT4-fs (loop3): shut down requested (1)
[   56.638416][ T4398] veth3: entered promiscuous mode
[   56.647152][ T4400] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4400 comm=syz.3.314
[   56.663152][ T4398] bond1: (slave veth3): Enslaving as an active interface with a down link
[   56.687334][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.690422][ T4392] 8021q: adding VLAN 0 to HW filter on device bond1
[   56.703327][ T4410] loop4: detected capacity change from 0 to 128
[   56.748870][ T4416] loop2: detected capacity change from 0 to 128
[   56.816856][ T4410] netlink: 4 bytes leftover after parsing attributes in process `syz.4.318'.
[   56.826095][ T4410] netlink: 4 bytes leftover after parsing attributes in process `syz.4.318'.
[   56.896238][ T4419] bond4: entered promiscuous mode
[   56.901399][ T4419] bond4: entered allmulticast mode
[   56.912867][ T4419] 8021q: adding VLAN 0 to HW filter on device bond4
[   56.937753][ T4419] bond4 (unregistering): Released all slaves
[   56.972406][ T4425] netlink: 'syz.2.323': attribute type 1 has an invalid length.
[   57.007627][ T4425] 8021q: adding VLAN 0 to HW filter on device bond2
[   57.039259][ T4429] 8021q: adding VLAN 0 to HW filter on device bond2
[   57.043293][ T4431] loop4: detected capacity change from 0 to 1024
[   57.048404][ T4429] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[   57.064572][ T4429] bond2: (slave vxcan3): Error -95 calling set_mac_address
[   57.076182][ T4431] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.098639][ T4425] veth5: entered promiscuous mode
[   57.104135][ T4431] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4431 comm=syz.4.325
[   57.116508][ T4425] bond2: (slave veth5): Enslaving as an active interface with a down link
[   57.128392][ T4431] EXT4-fs error (device loop4): ext4_lookup:1787: comm syz.4.325: inode #12: comm syz.4.325: iget: illegal inode #
[   57.131559][ T4425] netlink: 'syz.2.323': attribute type 3 has an invalid length.
[   57.149792][ T4431] EXT4-fs (loop4): Remounting filesystem read-only
[   57.152476][ T4425] netlink: 28 bytes leftover after parsing attributes in process `syz.2.323'.
[   57.168666][ T4435] lo speed is unknown, defaulting to 1000
[   57.169314][ T4425] 8021q: adding VLAN 0 to HW filter on device bond2
[   57.192043][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.240692][ T4438] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.327'.
[   57.263285][ T4438] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   57.273491][ T4443] loop2: detected capacity change from 0 to 128
[   57.377629][ T4449] loop0: detected capacity change from 0 to 128
[   57.409445][ T4450] netlink: 4 bytes leftover after parsing attributes in process `syz.2.329'.
[   57.627756][ T4465] netlink: 'syz.4.339': attribute type 1 has an invalid length.
[   57.650471][ T4465] 8021q: adding VLAN 0 to HW filter on device bond4
[   57.666029][ T4468] netlink: 'syz.2.340': attribute type 1 has an invalid length.
[   57.695631][ T4465] 8021q: adding VLAN 0 to HW filter on device bond4
[   57.704194][ T4465] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[   57.739084][ T4465] bond4: (slave vxcan3): Error -95 calling set_mac_address
[   57.770313][ T4474] loop0: detected capacity change from 0 to 512
[   57.797914][ T4475] veth7: entered promiscuous mode
[   57.817379][ T4465] netlink: 'syz.4.339': attribute type 3 has an invalid length.
[   57.845095][ T4481] netlink: 'syz.2.340': attribute type 3 has an invalid length.
[   57.846781][ T4474] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.342: Parent and EA inode have the same ino 15
[   57.861339][ T4483] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   57.865649][ T4468] 8021q: adding VLAN 0 to HW filter on device bond3
[   57.880299][ T4474] EXT4-fs (loop0): Remounting filesystem read-only
[   57.889196][ T4474] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   57.901001][ T4474] EXT4-fs (loop0): 1 orphan inode deleted
[   57.907259][ T4474] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.012961][ T4469] 8021q: adding VLAN 0 to HW filter on device bond3
[   58.051503][ T4469] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[   58.082994][ T4469] bond3: (slave vxcan3): Error -95 calling set_mac_address
[   58.111098][ T4472] veth7: entered promiscuous mode
[   58.117933][ T4472] bond4: (slave veth7): Enslaving as an active interface with a down link
[   58.131740][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.144886][ T4465] 8021q: adding VLAN 0 to HW filter on device bond4
[   58.153451][ T4475] 8021q: adding VLAN 0 to HW filter on device bond3
[   58.258691][ T4487] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   58.302247][ T4491] loop2: detected capacity change from 0 to 512
[   58.313120][ T4493] loop1: detected capacity change from 0 to 128
[   58.340637][ T4491] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.346: Parent and EA inode have the same ino 15
[   58.390293][ T4491] EXT4-fs (loop2): Remounting filesystem read-only
[   58.408074][ T4491] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   58.418768][ T4491] EXT4-fs (loop2): 1 orphan inode deleted
[   58.425329][ T4491] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.481523][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.812783][ T4516] loop1: detected capacity change from 0 to 128
[   59.898835][ T4519] netlink: 'syz.1.356': attribute type 1 has an invalid length.
[   59.956150][ T4522] netlink: 'syz.3.357': attribute type 1 has an invalid length.
[   60.064055][ T4519] 8021q: adding VLAN 0 to HW filter on device bond2
[   60.208945][ T4524] 8021q: adding VLAN 0 to HW filter on device bond2
[   60.216604][ T4529] netlink: 'syz.3.357': attribute type 3 has an invalid length.
[   60.358519][ T4532] __nla_validate_parse: 5 callbacks suppressed
[   60.358536][ T4532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.357'.
[   60.410147][ T4524] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[   60.571692][ T4524] bond2: (slave vxcan3): Error -95 calling set_mac_address
[   60.640769][ T4519] netlink: 28 bytes leftover after parsing attributes in process `syz.1.356'.
[   61.166807][ T4522] 8021q: adding VLAN 0 to HW filter on device bond2
[   61.245237][ T4526] 8021q: adding VLAN 0 to HW filter on device bond2
[   61.274219][ T4526] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[   61.333602][ T4526] bond2: (slave vxcan3): Error -95 calling set_mac_address
[   61.371676][ T4528] veth5: entered promiscuous mode
[   61.381086][ T4528] bond2: (slave veth5): Enslaving as an active interface with a down link
[   61.430482][ T4527] veth3: entered promiscuous mode
[   61.458995][ T4527] bond2: (slave veth3): Enslaving as an active interface with a down link
[   61.479689][ T4532] 8021q: adding VLAN 0 to HW filter on device bond2
[   61.513388][ T4519] 8021q: adding VLAN 0 to HW filter on device bond2
[   61.942111][ T4544] netlink: 60 bytes leftover after parsing attributes in process `syz.3.362'.
[   61.961129][ T4542] loop1: detected capacity change from 0 to 1024
[   62.009504][ T4542] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.148556][ T4542] EXT4-fs (loop1): shut down requested (1)
[   62.226138][ T4542] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4542 comm=syz.1.361
[   62.239593][ T4549] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.363'.
[   62.255479][ T4549] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   62.516348][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.529619][ T4551] IPv6: Can't replace route, no match found
[   62.575261][   T29] kauditd_printk_skb: 126 callbacks suppressed
[   62.575279][   T29] audit: type=1326 audit(1751396149.899:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4550 comm="syz.4.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fb339e929 code=0x7ffc0000
[   62.688819][ T4551] loop4: detected capacity change from 0 to 1024
[   62.739327][ T4551] EXT4-fs: Ignoring removed bh option
[   62.773145][   T29] audit: type=1326 audit(1751396149.929:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4550 comm="syz.4.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fb339e929 code=0x7ffc0000
[   62.795949][ T4551] EXT4-fs: inline encryption not supported
[   62.796450][   T29] audit: type=1326 audit(1751396149.929:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4550 comm="syz.4.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6fb339e929 code=0x7ffc0000
[   62.821075][ T4551] ext4: Unknown parameter 'smackfsroot'
[   62.825368][   T29] audit: type=1326 audit(1751396149.929:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4550 comm="syz.4.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fb339e929 code=0x7ffc0000
[   62.825406][   T29] audit: type=1326 audit(1751396149.929:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4550 comm="syz.4.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fb339e929 code=0x7ffc0000
[   62.825439][   T29] audit: type=1326 audit(1751396149.929:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4550 comm="syz.4.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6fb339e929 code=0x7ffc0000
[   62.901121][   T29] audit: type=1326 audit(1751396149.929:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4550 comm="syz.4.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fb339e929 code=0x7ffc0000
[   62.924549][   T29] audit: type=1326 audit(1751396149.939:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4550 comm="syz.4.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fb339e929 code=0x7ffc0000
[   62.947936][   T29] audit: type=1326 audit(1751396149.939:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4550 comm="syz.4.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6fb339d290 code=0x7ffc0000
[   62.971201][   T29] audit: type=1326 audit(1751396149.939:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4550 comm="syz.4.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f6fb33a0157 code=0x7ffc0000
[   63.006912][ T4551] rdma_op ffff88811e528d80 conn xmit_rdma 0000000000000000
[   63.186302][ T4556] loop1: detected capacity change from 0 to 128
[   63.235901][ T4567] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.370'.
[   63.269108][ T4565] lo speed is unknown, defaulting to 1000
[   63.326792][ T4556] bio_check_eod: 104 callbacks suppressed
[   63.326811][ T4556] syz.1.366: attempt to access beyond end of device
[   63.326811][ T4556] loop1: rw=2049, sector=137, nr_sectors = 8 limit=128
[   63.382244][ T4556] syz.1.366: attempt to access beyond end of device
[   63.382244][ T4556] loop1: rw=2049, sector=153, nr_sectors = 8 limit=128
[   63.397794][ T4565] vhci_hcd: invalid port number 96
[   63.402960][ T4565] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   63.411301][ T4565] netlink: 4 bytes leftover after parsing attributes in process `syz.4.369'.
[   63.420636][ T4565] netlink: 20 bytes leftover after parsing attributes in process `syz.4.369'.
[   63.429752][ T4556] syz.1.366: attempt to access beyond end of device
[   63.429752][ T4556] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128
[   63.443618][ T4556] syz.1.366: attempt to access beyond end of device
[   63.443618][ T4556] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128
[   63.457149][ T4556] syz.1.366: attempt to access beyond end of device
[   63.457149][ T4556] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128
[   63.470922][ T4556] syz.1.366: attempt to access beyond end of device
[   63.470922][ T4556] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128
[   63.484669][ T4556] syz.1.366: attempt to access beyond end of device
[   63.484669][ T4556] loop1: rw=2049, sector=233, nr_sectors = 8 limit=128
[   63.498324][ T4556] syz.1.366: attempt to access beyond end of device
[   63.498324][ T4556] loop1: rw=2049, sector=249, nr_sectors = 8 limit=128
[   63.512288][ T4556] syz.1.366: attempt to access beyond end of device
[   63.512288][ T4556] loop1: rw=2049, sector=265, nr_sectors = 8 limit=128
[   63.535651][ T4556] syz.1.366: attempt to access beyond end of device
[   63.535651][ T4556] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[   63.956091][ T4586] lo speed is unknown, defaulting to 1000
[   64.037900][ T4586] vhci_hcd: invalid port number 96
[   64.043267][ T4586] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   64.075412][ T4586] netlink: 4 bytes leftover after parsing attributes in process `syz.0.378'.
[   64.129394][ T4591] loop4: detected capacity change from 0 to 1024
[   64.149221][ T4591] EXT4-fs: Ignoring removed bh option
[   64.161274][ T4591] EXT4-fs: inline encryption not supported
[   64.187751][ T4594] loop3: detected capacity change from 0 to 128
[   64.194273][ T4591] ext4: Unknown parameter 'smackfsroot'
[   64.208867][ T4591] rdma_op ffff88811e52a580 conn xmit_rdma 0000000000000000
[   64.223573][ T4595] netlink: 36 bytes leftover after parsing attributes in process `syz.1.381'.
[   65.299843][ T4620] netlink: 60 bytes leftover after parsing attributes in process `syz.2.390'.
[   65.622550][ T4625] lo speed is unknown, defaulting to 1000
[   65.659019][ T4623] loop3: detected capacity change from 0 to 128
[   65.753263][ T4633] vhci_hcd: invalid port number 96
[   65.758568][ T4633] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   65.985606][ T4637] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.398'.
[   66.076239][ T4640] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   66.105851][ T4625] netlink: 4 bytes leftover after parsing attributes in process `syz.4.394'.
[   66.236288][ T4625] netlink: 20 bytes leftover after parsing attributes in process `syz.4.394'.
[   66.437295][ T4643] loop0: detected capacity change from 0 to 128
[   66.720014][ T4650] loop2: detected capacity change from 0 to 128
[   67.194115][ T4661] SELinux: failed to load policy
[   67.572373][ T4666] loop1: detected capacity change from 0 to 128
[   67.712306][ T4668] netlink: 4 bytes leftover after parsing attributes in process `syz.1.406'.
[   67.728629][ T4669] loop2: detected capacity change from 0 to 512
[   67.739193][ T4669] EXT4-fs: Ignoring removed mblk_io_submit option
[   67.747608][ T4669] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   67.757959][ T4668] netlink: 4 bytes leftover after parsing attributes in process `syz.1.406'.
[   67.782690][ T4669] EXT4-fs (loop2): 1 truncate cleaned up
[   67.805835][ T4669] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.925391][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.976043][   T29] kauditd_printk_skb: 213 callbacks suppressed
[   67.976063][   T29] audit: type=1326 audit(1751396155.299:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4677 comm="syz.2.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712de8e929 code=0x7ffc0000
[   68.031472][ T4678] loop2: detected capacity change from 0 to 1024
[   68.040621][   T29] audit: type=1326 audit(1751396155.299:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4677 comm="syz.2.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712de8e929 code=0x7ffc0000
[   68.064099][   T29] audit: type=1326 audit(1751396155.299:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4677 comm="syz.2.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f712de8e929 code=0x7ffc0000
[   68.087546][   T29] audit: type=1326 audit(1751396155.299:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4677 comm="syz.2.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712de8e929 code=0x7ffc0000
[   68.111021][   T29] audit: type=1326 audit(1751396155.299:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4677 comm="syz.2.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712de8e929 code=0x7ffc0000
[   68.134753][   T29] audit: type=1326 audit(1751396155.329:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4677 comm="syz.2.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f712de8e929 code=0x7ffc0000
[   68.158378][   T29] audit: type=1326 audit(1751396155.329:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4677 comm="syz.2.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712de8e929 code=0x7ffc0000
[   68.172021][ T4683] loop3: detected capacity change from 0 to 512
[   68.181822][   T29] audit: type=1326 audit(1751396155.329:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4677 comm="syz.2.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712de8e929 code=0x7ffc0000
[   68.211542][   T29] audit: type=1326 audit(1751396155.329:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4677 comm="syz.2.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f712de8e929 code=0x7ffc0000
[   68.226315][ T4683] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.412: Parent and EA inode have the same ino 15
[   68.234723][   T29] audit: type=1326 audit(1751396155.329:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4677 comm="syz.2.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712de8e929 code=0x7ffc0000
[   68.250826][ T4683] EXT4-fs (loop3): Remounting filesystem read-only
[   68.308002][ T4683] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   68.327378][ T4678] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.331236][ T4683] EXT4-fs (loop3): 1 orphan inode deleted
[   68.346948][ T4680] validate_nla: 1 callbacks suppressed
[   68.346983][ T4680] netlink: 'syz.0.411': attribute type 1 has an invalid length.
[   68.347843][ T4678] EXT4-fs (loop2): shut down requested (1)
[   68.353166][ T4683] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.384192][ T4678] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4678 comm=syz.2.410
[   68.384662][ T4680] 8021q: adding VLAN 0 to HW filter on device bond3
[   68.417599][ T4690] random: crng reseeded on system resumption
[   68.424147][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.485000][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.495706][ T4680] 8021q: adding VLAN 0 to HW filter on device bond3
[   68.503260][ T4680] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[   68.517526][ T4680] bond3: (slave vxcan3): Error -95 calling set_mac_address
[   68.541358][ T4693] veth7: entered promiscuous mode
[   68.548090][ T4693] bond3: (slave veth7): Enslaving as an active interface with a down link
[   68.570588][ T4696] loop2: detected capacity change from 0 to 128
[   68.583758][ T4698] loop3: detected capacity change from 0 to 1024
[   68.584520][ T4693] netlink: 'syz.0.411': attribute type 3 has an invalid length.
[   68.690982][ T4680] netlink: 28 bytes leftover after parsing attributes in process `syz.0.411'.
[   68.707410][ T4680] 8021q: adding VLAN 0 to HW filter on device bond3
[   68.730012][ T4698] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.857220][ T4698] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4698 comm=syz.3.416
[   68.946118][ T4698] EXT4-fs error (device loop3): ext4_lookup:1787: comm syz.3.416: inode #12: comm syz.3.416: iget: illegal inode #
[   69.039122][ T4698] EXT4-fs (loop3): Remounting filesystem read-only
[   69.053872][ T4710] loop4: detected capacity change from 0 to 128
[   69.082330][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.152128][ T4719] loop2: detected capacity change from 0 to 1024
[   69.159001][ T4719] EXT4-fs: Ignoring removed bh option
[   69.165461][ T4719] EXT4-fs: inline encryption not supported
[   69.171524][ T4719] ext4: Unknown parameter 'smackfsroot'
[   69.219450][ T4719] rdma_op ffff888119ce4d80 conn xmit_rdma 0000000000000000
[   69.242742][ T1058] bio_check_eod: 366 callbacks suppressed
[   69.242760][ T1058] kworker/u8:5: attempt to access beyond end of device
[   69.242760][ T1058] loop4: rw=1, sector=145, nr_sectors = 16 limit=128
[   69.262351][ T1058] kworker/u8:5: attempt to access beyond end of device
[   69.262351][ T1058] loop4: rw=1, sector=169, nr_sectors = 8 limit=128
[   69.275849][ T1058] kworker/u8:5: attempt to access beyond end of device
[   69.275849][ T1058] loop4: rw=1, sector=185, nr_sectors = 8 limit=128
[   69.338165][ T1058] kworker/u8:5: attempt to access beyond end of device
[   69.338165][ T1058] loop4: rw=1, sector=201, nr_sectors = 8 limit=128
[   69.351908][ T1058] kworker/u8:5: attempt to access beyond end of device
[   69.351908][ T1058] loop4: rw=1, sector=217, nr_sectors = 8 limit=128
[   69.365853][ T1058] kworker/u8:5: attempt to access beyond end of device
[   69.365853][ T1058] loop4: rw=1, sector=233, nr_sectors = 8 limit=128
[   69.379402][ T1058] kworker/u8:5: attempt to access beyond end of device
[   69.379402][ T1058] loop4: rw=1, sector=249, nr_sectors = 8 limit=128
[   69.426204][ T1058] kworker/u8:5: attempt to access beyond end of device
[   69.426204][ T1058] loop4: rw=1, sector=265, nr_sectors = 8 limit=128
[   69.441897][ T1058] kworker/u8:5: attempt to access beyond end of device
[   69.441897][ T1058] loop4: rw=1, sector=281, nr_sectors = 8 limit=128
[   69.455615][ T4729] lo speed is unknown, defaulting to 1000
[   69.459890][ T1058] kworker/u8:5: attempt to access beyond end of device
[   69.459890][ T1058] loop4: rw=1, sector=297, nr_sectors = 8 limit=128
[   69.481095][ T4725] lo speed is unknown, defaulting to 1000
[   69.529835][ T4734] lo speed is unknown, defaulting to 1000
[   69.539324][ T4737] vhci_hcd: invalid port number 96
[   69.544592][ T4737] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   69.555527][ T4737] netlink: 4 bytes leftover after parsing attributes in process `syz.1.427'.
[   69.565618][ T4737] netlink: 20 bytes leftover after parsing attributes in process `syz.1.427'.
[   69.602983][ T4735] lo speed is unknown, defaulting to 1000
[   69.623089][ T4729] vhci_hcd: invalid port number 96
[   69.628302][ T4729] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   69.640562][ T4734] netlink: 4 bytes leftover after parsing attributes in process `syz.2.429'.
[   69.649850][ T4734] netlink: 20 bytes leftover after parsing attributes in process `syz.2.429'.
[   70.043334][ T4742] loop3: detected capacity change from 0 to 1024
[   70.056519][ T4742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.070473][ T4742] EXT4-fs (loop3): shut down requested (1)
[   70.079042][ T4742] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4742 comm=syz.3.430
[   70.103425][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.248537][ T4753] loop3: detected capacity change from 0 to 128
[   70.260164][ T4752] lo speed is unknown, defaulting to 1000
[   70.382372][ T4760] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   70.401837][ T4759] random: crng reseeded on system resumption
[   70.442038][ T4752] vhci_hcd: invalid port number 96
[   70.447435][ T4752] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   70.557412][ T4768] loop0: detected capacity change from 0 to 1024
[   70.583297][ T4768] EXT4-fs: Ignoring removed bh option
[   70.603303][ T4768] EXT4-fs: inline encryption not supported
[   70.622728][ T4768] ext4: Unknown parameter 'smackfsroot'
[   70.641649][ T4768] rdma_op ffff88811ca25180 conn xmit_rdma 0000000000000000
[   70.713219][ T4771] netlink: 'syz.0.439': attribute type 1 has an invalid length.
[   70.740398][ T4771] 8021q: adding VLAN 0 to HW filter on device bond4
[   70.769393][ T4771] 8021q: adding VLAN 0 to HW filter on device bond4
[   70.787921][ T4771] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[   70.803812][ T4771] bond4: (slave vxcan3): Error -95 calling set_mac_address
[   70.825173][ T4775] veth9: entered promiscuous mode
[   70.832473][ T4775] bond4: (slave veth9): Enslaving as an active interface with a down link
[   70.844552][ T4775] netlink: 'syz.0.439': attribute type 3 has an invalid length.
[   70.853745][ T4775] 8021q: adding VLAN 0 to HW filter on device bond4
[   70.905101][ T4779] loop2: detected capacity change from 0 to 512
[   70.927297][ T4781] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   70.943029][ T4783] netlink: 'syz.0.443': attribute type 1 has an invalid length.
[   70.958425][ T4783] 8021q: adding VLAN 0 to HW filter on device bond5
[   70.973508][ T4779] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.441: Parent and EA inode have the same ino 15
[   70.984327][ T4783] 8021q: adding VLAN 0 to HW filter on device bond5
[   70.993869][ T4779] EXT4-fs (loop2): Remounting filesystem read-only
[   70.994363][ T4783] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[   71.013548][ T4783] bond5: (slave vxcan3): Error -95 calling set_mac_address
[   71.025149][ T4779] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   71.035476][ T4779] EXT4-fs (loop2): 1 orphan inode deleted
[   71.041701][ T4779] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.059542][ T4787] veth11: entered promiscuous mode
[   71.070696][ T4787] bond5: (slave veth11): Enslaving as an active interface with a down link
[   71.095029][ T4787] netlink: 'syz.0.443': attribute type 3 has an invalid length.
[   71.103608][ T4787] __nla_validate_parse: 8 callbacks suppressed
[   71.103622][ T4787] netlink: 28 bytes leftover after parsing attributes in process `syz.0.443'.
[   71.122289][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.138537][ T4787] 8021q: adding VLAN 0 to HW filter on device bond5
[   71.146852][ T4790] netlink: 'syz.1.445': attribute type 11 has an invalid length.
[   71.154800][ T4790] netlink: 44 bytes leftover after parsing attributes in process `syz.1.445'.
[   71.255619][ T4793] lo speed is unknown, defaulting to 1000
[   71.290154][ T4800] lo speed is unknown, defaulting to 1000
[   71.321752][ T4807] loop1: detected capacity change from 0 to 128
[   71.346580][ T4795] loop0: detected capacity change from 0 to 128
[   71.388534][ T4800] vhci_hcd: invalid port number 96
[   71.393768][ T4800] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   71.402178][ T4793] netlink: 4 bytes leftover after parsing attributes in process `syz.2.446'.
[   71.411580][ T4793] netlink: 20 bytes leftover after parsing attributes in process `syz.2.446'.
[   71.421626][ T4800] netlink: 4 bytes leftover after parsing attributes in process `syz.4.450'.
[   71.430847][ T4800] netlink: 20 bytes leftover after parsing attributes in process `syz.4.450'.
[   71.532983][ T4814] netlink: 'syz.3.454': attribute type 1 has an invalid length.
[   71.581007][ T4814] 8021q: adding VLAN 0 to HW filter on device bond3
[   71.617008][ T4819] 8021q: adding VLAN 0 to HW filter on device bond3
[   71.637839][ T4819] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[   71.661765][ T4821] netlink: 4 bytes leftover after parsing attributes in process `syz.1.456'.
[   71.676350][ T4819] bond3: (slave vxcan3): Error -95 calling set_mac_address
[   71.697574][ T4821] bridge_slave_1: left allmulticast mode
[   71.703365][ T4821] bridge_slave_1: left promiscuous mode
[   71.709329][ T4821] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.718420][ T4821] bridge_slave_0: left allmulticast mode
[   71.724154][ T4821] bridge_slave_0: left promiscuous mode
[   71.730066][ T4821] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.743977][ T4823] netlink: 'syz.3.454': attribute type 3 has an invalid length.
[   71.753236][ T4823] netlink: 28 bytes leftover after parsing attributes in process `syz.3.454'.
[   71.795630][ T4814] veth7: entered promiscuous mode
[   71.802581][ T4814] bond3: (slave veth7): Enslaving as an active interface with a down link
[   71.812942][ T4823] 8021q: adding VLAN 0 to HW filter on device bond3
[   71.871776][ T4825] netlink: 'syz.3.458': attribute type 1 has an invalid length.
[   71.910872][ T4825] 8021q: adding VLAN 0 to HW filter on device bond4
[   71.929462][ T4825] 8021q: adding VLAN 0 to HW filter on device bond4
[   71.936961][ T4825] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[   71.949258][ T4825] bond4: (slave vxcan3): Error -95 calling set_mac_address
[   71.980990][ T4831] veth9: entered promiscuous mode
[   71.989151][ T4831] bond4: (slave veth9): Enslaving as an active interface with a down link
[   72.002552][ T4833] 9pnet_fd: Insufficient options for proto=fd
[   72.026854][ T4835] loop0: detected capacity change from 0 to 128
[   72.030463][ T4825] netlink: 28 bytes leftover after parsing attributes in process `syz.3.458'.
[   72.043195][ T4825] 8021q: adding VLAN 0 to HW filter on device bond4
[   72.062979][ T4835] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   72.079162][ T4835] ext4 filesystem being mounted at /82/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   72.152318][ T3317] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   72.187815][ T4845] loop4: detected capacity change from 0 to 128
[   72.370374][ T4857] 8021q: adding VLAN 0 to HW filter on device bond6
[   72.386175][ T4857] 8021q: adding VLAN 0 to HW filter on device bond6
[   72.404965][ T4857] bond6: (slave vxcan3): The slave device specified does not support setting the MAC address
[   72.417498][ T4852] netlink: 4 bytes leftover after parsing attributes in process `syz.4.466'.
[   72.444482][ T4857] bond6: (slave vxcan3): Error -95 calling set_mac_address
[   72.475661][ T4859] veth13: entered promiscuous mode
[   72.482466][ T4859] bond6: (slave veth13): Enslaving as an active interface with a down link
[   72.519182][ T4859] 8021q: adding VLAN 0 to HW filter on device bond6
[   72.579584][ T4865] 9pnet_fd: Insufficient options for proto=fd
[   72.594997][ T4867] lo speed is unknown, defaulting to 1000
[   72.646802][ T4872] 8021q: adding VLAN 0 to HW filter on device bond4
[   72.659989][ T4872] 8021q: adding VLAN 0 to HW filter on device bond4
[   72.667200][ T4872] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[   72.679191][ T4872] bond4: (slave vxcan3): Error -95 calling set_mac_address
[   72.696342][ T4864] loop0: detected capacity change from 0 to 128
[   72.716532][ T4877] veth7: entered promiscuous mode
[   72.723281][ T4877] bond4: (slave veth7): Enslaving as an active interface with a down link
[   72.743886][ T4872] 8021q: adding VLAN 0 to HW filter on device bond4
[   72.812495][ T4879] lo speed is unknown, defaulting to 1000
[   72.894709][ T4883] vhci_hcd: invalid port number 96
[   72.899921][ T4883] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   73.113643][ T4891] loop3: detected capacity change from 0 to 512
[   73.133579][ T4891] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.479: Parent and EA inode have the same ino 15
[   73.147132][ T4891] EXT4-fs (loop3): Remounting filesystem read-only
[   73.156627][ T4891] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   73.166865][ T4891] EXT4-fs (loop3): 1 orphan inode deleted
[   73.173105][ T4891] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.200571][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.235719][ T4894] 8021q: adding VLAN 0 to HW filter on device bond5
[   73.253665][ T4894] 8021q: adding VLAN 0 to HW filter on device bond5
[   73.261034][ T4894] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[   73.288410][ T4894] bond5: (slave vxcan3): Error -95 calling set_mac_address
[   73.309782][ T4900] veth11: entered promiscuous mode
[   73.316730][ T4900] bond5: (slave veth11): Enslaving as an active interface with a down link
[   73.328407][ T4899] lo speed is unknown, defaulting to 1000
[   73.333363][ T4900] 8021q: adding VLAN 0 to HW filter on device bond5
[   73.413215][ T4899] vhci_hcd: invalid port number 96
[   73.418597][ T4899] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   73.496592][ T4903] loop3: detected capacity change from 0 to 128
[   73.702071][ T4915] loop2: detected capacity change from 0 to 128
[   73.915601][ T4919] loop2: detected capacity change from 0 to 512
[   73.949888][ T4919] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.489: Parent and EA inode have the same ino 15
[   74.031571][ T4919] EXT4-fs (loop2): Remounting filesystem read-only
[   74.041729][ T4919] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   74.052239][ T4919] EXT4-fs (loop2): 1 orphan inode deleted
[   74.058554][ T4919] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.152902][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.192187][ T4926] loop0: detected capacity change from 0 to 128
[   74.367944][ T4928] loop2: detected capacity change from 0 to 128
[   74.422217][ T4933] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8 sclass=netlink_route_socket pid=4933 comm=syz.4.492
[   74.519106][ T4937] loop0: detected capacity change from 0 to 512
[   74.564081][ T4937] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.494: Parent and EA inode have the same ino 15
[   74.567807][ T4928] bio_check_eod: 568 callbacks suppressed
[   74.567826][ T4928] syz.2.490: attempt to access beyond end of device
[   74.567826][ T4928] loop2: rw=2049, sector=137, nr_sectors = 8 limit=128
[   74.606655][ T4937] EXT4-fs (loop0): Remounting filesystem read-only
[   74.621361][ T4941] loop4: detected capacity change from 0 to 1024
[   74.624071][ T4928] syz.2.490: attempt to access beyond end of device
[   74.624071][ T4928] loop2: rw=2049, sector=153, nr_sectors = 8 limit=128
[   74.637104][ T4937] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   74.651722][ T4928] syz.2.490: attempt to access beyond end of device
[   74.651722][ T4928] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[   74.668406][ T4928] syz.2.490: attempt to access beyond end of device
[   74.668406][ T4928] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[   74.685830][ T4937] EXT4-fs (loop0): 1 orphan inode deleted
[   74.692077][ T4937] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.698970][ T4928] syz.2.490: attempt to access beyond end of device
[   74.698970][ T4928] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128
[   74.726370][ T4928] syz.2.490: attempt to access beyond end of device
[   74.726370][ T4928] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128
[   74.740770][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.763878][ T4928] syz.2.490: attempt to access beyond end of device
[   74.763878][ T4928] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128
[   74.778283][ T4941] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.795422][ T4941] EXT4-fs (loop4): shut down requested (1)
[   74.805501][ T4947] loop3: detected capacity change from 0 to 1024
[   74.813508][ T4941] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4941 comm=syz.4.495
[   74.826327][ T4928] syz.2.490: attempt to access beyond end of device
[   74.826327][ T4928] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128
[   74.840258][ T4947] EXT4-fs: Ignoring removed bh option
[   74.845840][ T4947] EXT4-fs: inline encryption not supported
[   74.851986][ T4947] ext4: Unknown parameter 'smackfsroot'
[   74.858228][ T4928] syz.2.490: attempt to access beyond end of device
[   74.858228][ T4928] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[   74.860037][ T4947] rdma_op ffff888104d79980 conn xmit_rdma 0000000000000000
[   74.917029][ T4949] lo speed is unknown, defaulting to 1000
[   74.924827][ T4928] syz.2.490: attempt to access beyond end of device
[   74.924827][ T4928] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[   74.980789][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.046977][ T4949] vhci_hcd: invalid port number 96
[   75.052179][ T4949] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   75.087973][ T4963] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   75.760246][ T4972] lo speed is unknown, defaulting to 1000
[   75.801562][ T4974] vhci_hcd: invalid port number 96
[   75.806785][ T4974] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   76.399824][ T4985] loop2: detected capacity change from 0 to 128
[   77.083048][ T4990] loop3: detected capacity change from 0 to 1024
[   77.122927][ T4993] random: crng reseeded on system resumption
[   77.205251][   T29] kauditd_printk_skb: 92 callbacks suppressed
[   77.205272][   T29] audit: type=1326 audit(1751396164.519:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4992 comm="syz.1.513" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2a5ac7e929 code=0x0
[   77.235831][ T4990] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.280067][ T4994] loop2: detected capacity change from 0 to 128
[   77.389412][ T4990] EXT4-fs (loop3): shut down requested (1)
[   77.397646][ T4990] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4990 comm=syz.3.512
[   77.444710][ T5007] 9pnet_fd: Insufficient options for proto=fd
[   77.470164][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.522287][ T5009] loop1: detected capacity change from 0 to 128
[   77.522895][   T29] audit: type=1326 audit(1751396164.839:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.3.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   77.554184][   T29] audit: type=1326 audit(1751396164.869:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.3.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   77.577532][   T29] audit: type=1326 audit(1751396164.869:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.3.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   77.600873][   T29] audit: type=1326 audit(1751396164.869:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.3.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   77.624224][   T29] audit: type=1326 audit(1751396164.869:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.3.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   77.647636][   T29] audit: type=1326 audit(1751396164.869:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.3.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   77.689245][   T29] audit: type=1326 audit(1751396164.999:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.3.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   77.712622][   T29] audit: type=1326 audit(1751396164.999:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.3.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   77.736249][   T29] audit: type=1326 audit(1751396164.999:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5010 comm="syz.3.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   77.736858][ T5016] __nla_validate_parse: 16 callbacks suppressed
[   77.736876][ T5016] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.520'.
[   77.804043][ T5016] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   78.024309][ T5024] lo speed is unknown, defaulting to 1000
[   78.054140][ T5026] netlink: 4 bytes leftover after parsing attributes in process `syz.3.523'.
[   78.064238][ T5026] netlink: 20 bytes leftover after parsing attributes in process `syz.3.523'.
[   78.095083][ T5030] random: crng reseeded on system resumption
[   78.136547][ T5031] vhci_hcd: invalid port number 96
[   78.141808][ T5031] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   78.150375][ T5031] netlink: 4 bytes leftover after parsing attributes in process `syz.2.522'.
[   78.159736][ T5031] netlink: 20 bytes leftover after parsing attributes in process `syz.2.522'.
[   78.325041][ T5034] SELinux: failed to load policy
[   78.512389][ T5037] loop4: detected capacity change from 0 to 128
[   78.630188][ T5039] random: crng reseeded on system resumption
[   78.727908][ T5041] loop1: detected capacity change from 0 to 128
[   78.881965][ T5045] 9pnet_fd: Insufficient options for proto=fd
[   78.889574][ T5048] loop2: detected capacity change from 0 to 128
[   78.918007][ T5050] loop1: detected capacity change from 0 to 128
[   78.957103][ T5052] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.533'.
[   78.967460][ T5052] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   79.072187][ T5059] loop0: detected capacity change from 0 to 1024
[   79.085180][ T5058] lo speed is unknown, defaulting to 1000
[   79.091624][ T5059] EXT4-fs: Ignoring removed bh option
[   79.098208][ T5059] EXT4-fs: inline encryption not supported
[   79.114108][ T5050] netlink: 4 bytes leftover after parsing attributes in process `syz.1.532'.
[   79.129442][ T5059] ext4: Unknown parameter 'smackfsroot'
[   79.140477][ T5050] netlink: 4 bytes leftover after parsing attributes in process `syz.1.532'.
[   79.157733][ T5059] rdma_op ffff888104d7a580 conn xmit_rdma 0000000000000000
[   79.217292][ T5063] validate_nla: 7 callbacks suppressed
[   79.217310][ T5063] netlink: 'syz.0.537': attribute type 1 has an invalid length.
[   79.240845][ T5058] vhci_hcd: invalid port number 96
[   79.246122][ T5058] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   79.256481][ T5058] netlink: 4 bytes leftover after parsing attributes in process `syz.2.535'.
[   79.266189][ T5058] netlink: 20 bytes leftover after parsing attributes in process `syz.2.535'.
[   79.270051][ T5063] 8021q: adding VLAN 0 to HW filter on device bond7
[   79.292279][ T5067] 8021q: adding VLAN 0 to HW filter on device bond7
[   79.301397][ T5067] bond7: (slave vxcan3): The slave device specified does not support setting the MAC address
[   79.315502][ T5067] bond7: (slave vxcan3): Error -95 calling set_mac_address
[   79.361217][ T5063] veth15: entered promiscuous mode
[   79.369706][ T5063] bond7: (slave veth15): Enslaving as an active interface with a down link
[   79.385648][ T5063] netlink: 'syz.0.537': attribute type 3 has an invalid length.
[   79.395234][ T5063] 8021q: adding VLAN 0 to HW filter on device bond7
[   79.468735][ T5078] lo speed is unknown, defaulting to 1000
[   79.566122][ T5082] vhci_hcd: invalid port number 96
[   79.571333][ T5082] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   79.909910][ T5084] netlink: 'syz.2.543': attribute type 1 has an invalid length.
[   79.923178][ T5084] 8021q: adding VLAN 0 to HW filter on device bond5
[   79.944012][ T5084] 8021q: adding VLAN 0 to HW filter on device bond5
[   79.951508][ T5084] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[   79.963399][ T5084] bond5: (slave vxcan3): Error -95 calling set_mac_address
[   79.995903][ T5086] veth9: entered promiscuous mode
[   80.002558][ T5086] bond5: (slave veth9): Enslaving as an active interface with a down link
[   80.024844][ T5084] netlink: 'syz.2.543': attribute type 3 has an invalid length.
[   80.034631][ T5084] 8021q: adding VLAN 0 to HW filter on device bond5
[   80.064071][ T5088] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   80.368122][ T5102] netlink: 'syz.4.549': attribute type 1 has an invalid length.
[   80.369357][ T5100] SELinux: failed to load policy
[   80.589049][ T5102] 8021q: adding VLAN 0 to HW filter on device bond5
[   80.682929][ T5105] 8021q: adding VLAN 0 to HW filter on device bond5
[   80.729540][ T5105] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[   80.803453][ T5102] netlink: 'syz.4.549': attribute type 3 has an invalid length.
[   80.824212][ T5105] bond5: (slave vxcan3): Error -95 calling set_mac_address
[   80.870154][ T5106] veth9: entered promiscuous mode
[   80.890101][ T5106] bond5: (slave veth9): Enslaving as an active interface with a down link
[   80.901946][ T5111] netlink: 'syz.1.551': attribute type 1 has an invalid length.
[   80.906616][ T5102] 8021q: adding VLAN 0 to HW filter on device bond5
[   80.946116][ T5111] 8021q: adding VLAN 0 to HW filter on device bond3
[   80.963007][ T5117] 8021q: adding VLAN 0 to HW filter on device bond3
[   80.970763][ T5117] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[   80.982895][ T5117] bond3: (slave vxcan3): Error -95 calling set_mac_address
[   81.018247][ T5111] veth5: entered promiscuous mode
[   81.024845][ T5111] bond3: (slave veth5): Enslaving as an active interface with a down link
[   81.033693][ T5119] lo speed is unknown, defaulting to 1000
[   81.039926][ T5111] netlink: 'syz.1.551': attribute type 3 has an invalid length.
[   81.049196][ T5111] 8021q: adding VLAN 0 to HW filter on device bond3
[   81.129804][ T5129] loop3: detected capacity change from 0 to 512
[   81.159231][ T5129] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.558: Parent and EA inode have the same ino 15
[   81.162762][ T5136] random: crng reseeded on system resumption
[   81.187175][ T5129] EXT4-fs (loop3): Remounting filesystem read-only
[   81.187390][ T5119] vhci_hcd: invalid port number 96
[   81.198464][ T5129] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   81.198980][ T5119] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   81.209106][ T5129] EXT4-fs (loop3): 1 orphan inode deleted
[   81.224017][ T5129] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.250655][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.316247][ T5142] loop3: detected capacity change from 0 to 1024
[   81.323215][ T5142] EXT4-fs: Ignoring removed bh option
[   81.329053][ T5142] EXT4-fs: inline encryption not supported
[   81.335311][ T5142] ext4: Unknown parameter 'smackfsroot'
[   81.346967][ T5142] rdma_op ffff888119ce3180 conn xmit_rdma 0000000000000000
[   81.378747][ T5144] loop3: detected capacity change from 0 to 1024
[   81.397544][ T5144] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.413479][ T5144] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.563: Allocating blocks 385-513 which overlap fs metadata
[   81.428988][ T5143] EXT4-fs (loop3): pa ffff888106a86540: logic 16, phys. 129, len 24
[   81.437115][ T5143] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[   81.457625][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.480951][ T5148] SELinux: failed to load policy
[   81.741992][ T5151] lo speed is unknown, defaulting to 1000
[   81.844434][ T5159] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   81.926255][ T5155] loop2: detected capacity change from 0 to 128
[   81.989726][ T5168] loop4: detected capacity change from 0 to 128
[   82.004727][ T5168] FAULT_INJECTION: forcing a failure.
[   82.004727][ T5168] name failslab, interval 1, probability 0, space 0, times 1
[   82.017618][ T5168] CPU: 1 UID: 0 PID: 5168 Comm: syz.4.572 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[   82.017652][ T5168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   82.017673][ T5168] Call Trace:
[   82.017681][ T5168]  <TASK>
[   82.017689][ T5168]  __dump_stack+0x1d/0x30
[   82.017752][ T5168]  dump_stack_lvl+0xe8/0x140
[   82.017777][ T5168]  dump_stack+0x15/0x1b
[   82.017799][ T5168]  should_fail_ex+0x265/0x280
[   82.017871][ T5168]  should_failslab+0x8c/0xb0
[   82.017900][ T5168]  __kmalloc_noprof+0xa5/0x3e0
[   82.018012][ T5168]  ? alloc_pipe_info+0x1c9/0x350
[   82.018034][ T5168]  alloc_pipe_info+0x1c9/0x350
[   82.018060][ T5168]  splice_direct_to_actor+0x592/0x680
[   82.018099][ T5168]  ? kstrtouint_from_user+0x9f/0xf0
[   82.018184][ T5168]  ? __pfx_direct_splice_actor+0x10/0x10
[   82.018223][ T5168]  ? __rcu_read_unlock+0x4f/0x70
[   82.018245][ T5168]  ? get_pid_task+0x96/0xd0
[   82.018264][ T5168]  ? avc_policy_seqno+0x15/0x30
[   82.018303][ T5168]  ? selinux_file_permission+0x1e4/0x320
[   82.018328][ T5168]  do_splice_direct+0xda/0x150
[   82.018367][ T5168]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   82.018431][ T5168]  do_sendfile+0x380/0x650
[   82.018540][ T5168]  __x64_sys_sendfile64+0x105/0x150
[   82.018573][ T5168]  x64_sys_call+0xb39/0x2fb0
[   82.018601][ T5168]  do_syscall_64+0xd2/0x200
[   82.018676][ T5168]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.018710][ T5168]  ? clear_bhb_loop+0x40/0x90
[   82.018740][ T5168]  ? clear_bhb_loop+0x40/0x90
[   82.018769][ T5168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.018798][ T5168] RIP: 0033:0x7f6fb339e929
[   82.018869][ T5168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.018899][ T5168] RSP: 002b:00007f6fb1a07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   82.018923][ T5168] RAX: ffffffffffffffda RBX: 00007f6fb35c5fa0 RCX: 00007f6fb339e929
[   82.018939][ T5168] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[   82.018953][ T5168] RBP: 00007f6fb1a07090 R08: 0000000000000000 R09: 0000000000000000
[   82.018966][ T5168] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[   82.018981][ T5168] R13: 0000000000000000 R14: 00007f6fb35c5fa0 R15: 00007ffebf6ab798
[   82.019068][ T5168]  </TASK>
[   82.288801][ T5171] lo speed is unknown, defaulting to 1000
[   82.344360][ T5175] loop4: detected capacity change from 0 to 1024
[   82.382375][ T5178] vhci_hcd: invalid port number 96
[   82.387635][ T5178] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   82.424696][ T5175] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.448888][ T5155] bio_check_eod: 142 callbacks suppressed
[   82.448907][ T5155] syz.2.567: attempt to access beyond end of device
[   82.448907][ T5155] loop2: rw=2049, sector=137, nr_sectors = 8 limit=128
[   82.471338][ T5175] EXT4-fs (loop4): shut down requested (1)
[   82.480075][ T5175] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5175 comm=syz.4.574
[   82.505974][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.508199][ T5155] syz.2.567: attempt to access beyond end of device
[   82.508199][ T5155] loop2: rw=2049, sector=153, nr_sectors = 8 limit=128
[   82.528975][ T5155] syz.2.567: attempt to access beyond end of device
[   82.528975][ T5155] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[   82.546557][ T5155] syz.2.567: attempt to access beyond end of device
[   82.546557][ T5155] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[   82.561827][ T5155] syz.2.567: attempt to access beyond end of device
[   82.561827][ T5155] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128
[   82.580484][ T5155] syz.2.567: attempt to access beyond end of device
[   82.580484][ T5155] loop2: rw=2049, sector=217, nr_sectors = 8 limit=128
[   82.596535][ T5155] syz.2.567: attempt to access beyond end of device
[   82.596535][ T5155] loop2: rw=2049, sector=233, nr_sectors = 8 limit=128
[   82.625607][ T5155] syz.2.567: attempt to access beyond end of device
[   82.625607][ T5155] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128
[   82.640395][ T5155] syz.2.567: attempt to access beyond end of device
[   82.640395][ T5155] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[   82.711582][ T5155] syz.2.567: attempt to access beyond end of device
[   82.711582][ T5155] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[   82.741350][   T29] kauditd_printk_skb: 10 callbacks suppressed
[   82.741364][   T29] audit: type=1400 audit(1751396170.059:978): avc:  denied  { connect } for  pid=5186 comm="syz.0.578" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   82.768346][   T29] audit: type=1404 audit(1751396170.059:979): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[   82.785776][   T29] audit: type=1404 audit(1751396170.089:980): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[   82.800741][   T29] audit: type=1400 audit(1751396170.089:981): avc:  denied  { create } for  pid=5186 comm="syz.0.578" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   82.821081][   T29] audit: type=1400 audit(1751396170.089:982): avc:  denied  { write } for  pid=5186 comm="syz.0.578" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   82.841667][   T29] audit: type=1400 audit(1751396170.089:983): avc:  denied  { read } for  pid=5186 comm="syz.0.578" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   82.917761][   T29] audit: type=1400 audit(1751396170.209:984): avc:  denied  { read write } for  pid=3306 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   82.942184][   T29] audit: type=1400 audit(1751396170.209:985): avc:  denied  { open } for  pid=3306 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   82.966298][   T29] audit: type=1400 audit(1751396170.209:986): avc:  denied  { ioctl } for  pid=3306 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   82.992203][   T29] audit: type=1400 audit(1751396170.229:987): avc:  denied  { prog_load } for  pid=5194 comm="syz.1.580" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   83.011589][ T5188] lo speed is unknown, defaulting to 1000
[   83.184897][ T5202] lo speed is unknown, defaulting to 1000
[   83.308780][ T5203] vhci_hcd: invalid port number 96
[   83.314001][ T5203] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   83.323288][ T5203] __nla_validate_parse: 11 callbacks suppressed
[   83.323303][ T5203] netlink: 4 bytes leftover after parsing attributes in process `syz.0.582'.
[   83.339329][ T5203] netlink: 20 bytes leftover after parsing attributes in process `syz.0.582'.
[   83.416101][ T5205] loop4: detected capacity change from 0 to 128
[   83.499878][ T5207] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.584'.
[   83.510224][ T5207] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   83.637058][ T5214] loop4: detected capacity change from 0 to 512
[   83.647707][ T5214] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   83.660477][ T5214] EXT4-fs (loop4): 1 truncate cleaned up
[   83.669761][ T5214] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.698954][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.741340][ T5219] loop3: detected capacity change from 0 to 1024
[   83.767599][ T5219] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.780592][ T5221] lo speed is unknown, defaulting to 1000
[   83.793828][ T5219] EXT4-fs (loop3): shut down requested (1)
[   83.804237][ T5219] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5219 comm=syz.3.589
[   83.850295][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.860419][ T5228] netlink: 48 bytes leftover after parsing attributes in process `syz.4.593'.
[   83.887047][ T5221] vhci_hcd: invalid port number 96
[   83.892236][ T5221] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   83.905254][ T5221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.590'.
[   83.914334][ T5221] netlink: 20 bytes leftover after parsing attributes in process `syz.1.590'.
[   83.927646][ T5232] FAULT_INJECTION: forcing a failure.
[   83.927646][ T5232] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   83.940818][ T5232] CPU: 0 UID: 0 PID: 5232 Comm: syz.4.594 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[   83.940857][ T5232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   83.940872][ T5232] Call Trace:
[   83.940880][ T5232]  <TASK>
[   83.940890][ T5232]  __dump_stack+0x1d/0x30
[   83.940916][ T5232]  dump_stack_lvl+0xe8/0x140
[   83.940941][ T5232]  dump_stack+0x15/0x1b
[   83.941046][ T5232]  should_fail_ex+0x265/0x280
[   83.941100][ T5232]  should_fail+0xb/0x20
[   83.941180][ T5232]  should_fail_usercopy+0x1a/0x20
[   83.941212][ T5232]  _copy_from_user+0x1c/0xb0
[   83.941232][ T5232]  ucma_migrate_id+0x77/0x710
[   83.941270][ T5232]  ? __import_iovec+0x321/0x540
[   83.941298][ T5232]  ? should_fail_ex+0xdb/0x280
[   83.941339][ T5232]  ucma_write+0x1b3/0x250
[   83.941364][ T5232]  vfs_writev+0x403/0x8b0
[   83.941416][ T5232]  ? __pfx_ucma_write+0x10/0x10
[   83.941501][ T5232]  do_writev+0xe7/0x210
[   83.941532][ T5232]  __x64_sys_writev+0x45/0x50
[   83.941593][ T5232]  x64_sys_call+0x2006/0x2fb0
[   83.941620][ T5232]  do_syscall_64+0xd2/0x200
[   83.941646][ T5232]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   83.941672][ T5232]  ? clear_bhb_loop+0x40/0x90
[   83.941742][ T5232]  ? clear_bhb_loop+0x40/0x90
[   83.941846][ T5232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.941950][ T5232] RIP: 0033:0x7f6fb339e929
[   83.941966][ T5232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.941983][ T5232] RSP: 002b:00007f6fb1a07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   83.942006][ T5232] RAX: ffffffffffffffda RBX: 00007f6fb35c5fa0 RCX: 00007f6fb339e929
[   83.942022][ T5232] RDX: 0000000000000003 RSI: 0000200000000000 RDI: 0000000000000003
[   83.942037][ T5232] RBP: 00007f6fb1a07090 R08: 0000000000000000 R09: 0000000000000000
[   83.942052][ T5232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.942075][ T5232] R13: 0000000000000000 R14: 00007f6fb35c5fa0 R15: 00007ffebf6ab798
[   83.942094][ T5232]  </TASK>
[   84.233235][ T5242] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.600'.
[   84.243552][ T5242] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   84.363114][ T5246] loop4: detected capacity change from 0 to 128
[   84.522309][ T5256] loop3: detected capacity change from 0 to 1024
[   84.557574][ T5256] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.575100][ T5256] EXT4-fs (loop3): shut down requested (1)
[   84.622936][ T5256] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5256 comm=syz.3.603
[   84.651352][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.682570][ T5263] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.726190][ T5270] SELinux: failed to load policy
[   84.750186][ T5274] loop1: detected capacity change from 0 to 1024
[   84.760390][ T5274] EXT4-fs: Ignoring removed bh option
[   84.770285][ T5274] EXT4-fs: inline encryption not supported
[   84.780795][ T5274] ext4: Unknown parameter 'smackfsroot'
[   84.839034][ T5263] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.839821][ T5274] rdma_op ffff88811ca26180 conn xmit_rdma 0000000000000000
[   84.887664][ T5272] loop0: detected capacity change from 0 to 512
[   84.896221][ T5272] ext4: Unknown parameter 'permit_directio'
[   84.910593][ T5272] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[   84.922438][ T5272] netlink: 'syz.0.610': attribute type 1 has an invalid length.
[   84.930197][ T5272] netlink: 224 bytes leftover after parsing attributes in process `syz.0.610'.
[   85.104577][ T5263] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.175190][ T5263] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   85.214150][ T5284] loop4: detected capacity change from 0 to 512
[   85.236632][ T5284] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   85.248210][ T5284] EXT4-fs (loop4): orphan cleanup on readonly fs
[   85.271017][ T5263] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.282275][ T5284] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.612: corrupted inode contents
[   85.298713][ T5263] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.309090][ T5284] EXT4-fs (loop4): Remounting filesystem read-only
[   85.318587][ T5284] EXT4-fs (loop4): 1 truncate cleaned up
[   85.320731][ T5290] lo speed is unknown, defaulting to 1000
[   85.331503][ T4389] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   85.342224][ T4389] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   85.364757][ T4389] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   85.375832][ T5284] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   85.388973][ T5298] loop3: detected capacity change from 0 to 1024
[   85.389081][ T5284] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.407030][ T5299] vhci_hcd: invalid port number 96
[   85.407351][ T5263] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.412170][ T5299] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   85.444738][ T5302] netlink: 'syz.1.619': attribute type 1 has an invalid length.
[   85.460117][ T5298] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.474187][ T5296] netlink: 4 bytes leftover after parsing attributes in process `syz.0.616'.
[   85.495297][ T5298] EXT4-fs (loop3): shut down requested (1)
[   85.501803][ T5296] netlink: 20 bytes leftover after parsing attributes in process `syz.0.616'.
[   85.512814][ T5298] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5298 comm=syz.3.618
[   85.520080][ T5302] 8021q: adding VLAN 0 to HW filter on device bond4
[   85.542578][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.589664][ T5309] loop4: detected capacity change from 0 to 1024
[   85.590352][ T5302] veth7: entered promiscuous mode
[   85.596695][ T5309] EXT4-fs: Ignoring removed bh option
[   85.607192][ T5309] EXT4-fs: inline encryption not supported
[   85.613130][ T5309] ext4: Unknown parameter 'smackfsroot'
[   85.621886][ T5309] rdma_op ffff888119ce3980 conn xmit_rdma 0000000000000000
[   85.625780][ T5307] netlink: 'syz.1.619': attribute type 3 has an invalid length.
[   85.641096][ T5302] bond4: (slave veth7): Enslaving as an active interface with a down link
[   85.657541][ T5263] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.690363][ T5316] loop0: detected capacity change from 0 to 128
[   85.727578][ T5311] lo speed is unknown, defaulting to 1000
[   85.744198][ T5311] lo speed is unknown, defaulting to 1000
[   85.762035][ T5311] lo speed is unknown, defaulting to 1000
[   85.775243][ T5311] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   85.828833][ T5325] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   85.833014][ T5326] netlink: 'syz.4.624': attribute type 1 has an invalid length.
[   85.847477][ T5311] lo speed is unknown, defaulting to 1000
[   85.885002][ T5311] lo speed is unknown, defaulting to 1000
[   85.891118][ T5311] lo speed is unknown, defaulting to 1000
[   85.914981][ T5311] lo speed is unknown, defaulting to 1000
[   85.921224][ T5311] lo speed is unknown, defaulting to 1000
[   85.940961][ T5328] loop2: detected capacity change from 0 to 512
[   85.967740][ T5328] ext4: Unknown parameter 'permit_directio'
[   85.991320][ T5328] netlink: 'syz.2.627': attribute type 1 has an invalid length.
[   86.043690][ T5336] loop3: detected capacity change from 0 to 1024
[   86.075479][ T5339] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   86.118412][ T5336] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.156775][ T5336] EXT4-fs (loop3): shut down requested (1)
[   86.171878][ T5336] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5336 comm=syz.3.630
[   86.196621][ T5348] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   86.260429][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.429786][ T5355] loop1: detected capacity change from 0 to 128
[   87.242865][ T5373] team0 (unregistering): Port device team_slave_0 removed
[   87.288196][ T5373] team0 (unregistering): Port device team_slave_1 removed
[   87.744974][   T29] kauditd_printk_skb: 241 callbacks suppressed
[   87.744992][   T29] audit: type=1400 audit(1751396175.069:1223): avc:  denied  { create } for  pid=5375 comm="syz.2.644" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   87.778880][ T5382] FAULT_INJECTION: forcing a failure.
[   87.778880][ T5382] name failslab, interval 1, probability 0, space 0, times 0
[   87.791673][ T5382] CPU: 1 UID: 0 PID: 5382 Comm: syz.3.645 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[   87.791785][ T5382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   87.791797][ T5382] Call Trace:
[   87.791804][ T5382]  <TASK>
[   87.791812][ T5382]  __dump_stack+0x1d/0x30
[   87.791833][ T5382]  dump_stack_lvl+0xe8/0x140
[   87.791858][ T5382]  dump_stack+0x15/0x1b
[   87.791932][ T5382]  should_fail_ex+0x265/0x280
[   87.791971][ T5382]  should_failslab+0x8c/0xb0
[   87.792012][ T5382]  kmem_cache_alloc_noprof+0x50/0x310
[   87.792047][ T5382]  ? getname_flags+0x80/0x3b0
[   87.792073][ T5382]  getname_flags+0x80/0x3b0
[   87.792103][ T5382]  do_sys_openat2+0x60/0x110
[   87.792202][ T5382]  __x64_sys_openat+0xf2/0x120
[   87.792239][ T5382]  x64_sys_call+0x1af/0x2fb0
[   87.792268][ T5382]  do_syscall_64+0xd2/0x200
[   87.792376][ T5382]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   87.792412][ T5382]  ? clear_bhb_loop+0x40/0x90
[   87.792448][ T5382]  ? clear_bhb_loop+0x40/0x90
[   87.792509][ T5382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.792609][ T5382] RIP: 0033:0x7f79441ee929
[   87.792628][ T5382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.792652][ T5382] RSP: 002b:00007f7942857038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   87.792676][ T5382] RAX: ffffffffffffffda RBX: 00007f7944415fa0 RCX: 00007f79441ee929
[   87.792728][ T5382] RDX: 0000000000000000 RSI: 0000200000000e00 RDI: ffffffffffffff9c
[   87.792744][ T5382] RBP: 00007f7942857090 R08: 0000000000000000 R09: 0000000000000000
[   87.792760][ T5382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.792775][ T5382] R13: 0000000000000000 R14: 00007f7944415fa0 R15: 00007fff4e97b158
[   87.792795][ T5382]  </TASK>
[   88.025312][ T5380] loop1: detected capacity change from 0 to 1024
[   88.032978][ T5379] lo speed is unknown, defaulting to 1000
[   88.079358][ T5380] EXT4-fs: Ignoring removed bh option
[   88.098210][ T5379] lo speed is unknown, defaulting to 1000
[   88.140924][ T5380] EXT4-fs: inline encryption not supported
[   88.192821][ T5386] vhci_hcd: invalid port number 96
[   88.198260][ T5386] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   88.213869][ T5380] ext4: Unknown parameter 'smackfsroot'
[   88.293191][ T5380] rdma_op ffff888104d79980 conn xmit_rdma 0000000000000000
[   88.467860][ T5387] __nla_validate_parse: 4 callbacks suppressed
[   88.467883][ T5387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.642'.
[   88.529911][ T5392] loop3: detected capacity change from 0 to 1024
[   88.603806][ T5392] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.736601][ T5392] EXT4-fs (loop3): shut down requested (1)
[   88.825959][ T5392] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5392 comm=syz.3.647
[   88.860355][   T29] audit: type=1400 audit(1751396176.179:1224): avc:  denied  { getopt } for  pid=5398 comm="syz.1.649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   88.930023][ T5379] netlink: 20 bytes leftover after parsing attributes in process `syz.0.642'.
[   89.062524][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.159697][   T29] audit: type=1400 audit(1751396176.479:1225): avc:  denied  { bind } for  pid=5409 comm="syz.3.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   89.242220][   T29] audit: type=1400 audit(1751396176.509:1226): avc:  denied  { create } for  pid=5409 comm="syz.3.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   89.255309][ T5411] netlink: 32 bytes leftover after parsing attributes in process `syz.3.653'.
[   89.261618][   T29] audit: type=1400 audit(1751396176.509:1227): avc:  denied  { ioctl } for  pid=5409 comm="syz.3.653" path="socket:[11154]" dev="sockfs" ino=11154 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   89.295207][   T29] audit: type=1400 audit(1751396176.519:1228): avc:  denied  { write } for  pid=5409 comm="syz.3.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   89.314527][   T29] audit: type=1400 audit(1751396176.519:1229): avc:  denied  { bind } for  pid=5409 comm="syz.3.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   89.333703][   T29] audit: type=1400 audit(1751396176.519:1230): avc:  denied  { watch } for  pid=5409 comm="syz.3.653" path="/136" dev="tmpfs" ino=742 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   89.357681][   T29] audit: type=1400 audit(1751396176.619:1231): avc:  denied  { write } for  pid=5414 comm="syz.0.654" name="fib_trie" dev="proc" ino=4026532572 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   89.380673][   T29] audit: type=1400 audit(1751396176.619:1232): avc:  denied  { create } for  pid=5414 comm="syz.0.654" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   89.415646][ T5417] FAULT_INJECTION: forcing a failure.
[   89.415646][ T5417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.428836][ T5417] CPU: 0 UID: 0 PID: 5417 Comm: syz.0.655 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[   89.428888][ T5417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   89.428904][ T5417] Call Trace:
[   89.428913][ T5417]  <TASK>
[   89.428922][ T5417]  __dump_stack+0x1d/0x30
[   89.428950][ T5417]  dump_stack_lvl+0xe8/0x140
[   89.429017][ T5417]  dump_stack+0x15/0x1b
[   89.429046][ T5417]  should_fail_ex+0x265/0x280
[   89.429087][ T5417]  should_fail+0xb/0x20
[   89.429123][ T5417]  should_fail_usercopy+0x1a/0x20
[   89.429179][ T5417]  _copy_from_user+0x1c/0xb0
[   89.429206][ T5417]  copy_clone_args_from_user+0x14f/0x490
[   89.429318][ T5417]  ? kstrtouint+0x76/0xc0
[   89.429352][ T5417]  __se_sys_clone3+0x6f/0x200
[   89.429400][ T5417]  __x64_sys_clone3+0x31/0x40
[   89.429461][ T5417]  x64_sys_call+0x10c9/0x2fb0
[   89.429490][ T5417]  do_syscall_64+0xd2/0x200
[   89.429552][ T5417]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   89.429587][ T5417]  ? clear_bhb_loop+0x40/0x90
[   89.429613][ T5417]  ? clear_bhb_loop+0x40/0x90
[   89.429635][ T5417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.429713][ T5417] RIP: 0033:0x7f125e2fe929
[   89.429733][ T5417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.429755][ T5417] RSP: 002b:00007f125c966f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[   89.429780][ T5417] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f125e2fe929
[   89.429872][ T5417] RDX: 00007f125c966f20 RSI: 0000000000000058 RDI: 00007f125c966f20
[   89.429888][ T5417] RBP: 00007f125c967090 R08: 0000000000000000 R09: 0000000000000058
[   89.429903][ T5417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.429916][ T5417] R13: 0000000000000000 R14: 00007f125e525fa0 R15: 00007ffc31789b38
[   89.429984][ T5417]  </TASK>
[   89.430340][ T5419] netlink: 16 bytes leftover after parsing attributes in process `syz.2.656'.
[   89.637153][ T5419] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.666921][ T5419] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.728189][ T5419] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.742878][ T5428] netlink: 'syz.3.659': attribute type 1 has an invalid length.
[   89.742958][ T5422] vhci_hcd: default hub control req: 8016 v000d i0004 l110
[   89.773249][ T5428] 8021q: adding VLAN 0 to HW filter on device bond6
[   89.786888][ T5433] netlink: 'syz.1.661': attribute type 1 has an invalid length.
[   89.817321][ T5419] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.864110][ T5434] 8021q: adding VLAN 0 to HW filter on device bond6
[   89.873774][ T5437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.662'.
[   89.885772][ T5434] bond6: (slave vxcan3): The slave device specified does not support setting the MAC address
[   89.898037][ T5434] bond6: (slave vxcan3): Error -95 calling set_mac_address
[   89.926426][ T5441] netlink: 'syz.3.659': attribute type 3 has an invalid length.
[   89.940104][ T5441] netlink: 28 bytes leftover after parsing attributes in process `syz.3.659'.
[   89.952088][ T5428] veth13: entered promiscuous mode
[   89.960411][ T5428] bond6: (slave veth13): Enslaving as an active interface with a down link
[   89.970073][ T5441] 8021q: adding VLAN 0 to HW filter on device bond6
[   90.016032][ T5445] netlink: 'syz.1.665': attribute type 1 has an invalid length.
[   90.023759][ T5445] netlink: 224 bytes leftover after parsing attributes in process `syz.1.665'.
[   90.112350][ T5452] lo speed is unknown, defaulting to 1000
[   90.118751][ T5452] lo speed is unknown, defaulting to 1000
[   90.226489][ T5460] vhci_hcd: invalid port number 96
[   90.231661][ T5460] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   90.239698][ T5460] netlink: 4 bytes leftover after parsing attributes in process `syz.1.666'.
[   90.249563][ T5460] netlink: 20 bytes leftover after parsing attributes in process `syz.1.666'.
[   90.467700][ T5465] loop0: detected capacity change from 0 to 1024
[   90.476200][ T5465] EXT4-fs: Ignoring removed nobh option
[   90.481835][ T5465] EXT4-fs: Ignoring removed bh option
[   90.528374][ T5465] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.693976][ T5465] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   90.859556][ T3317] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.049440][ T5484] wireguard0: entered promiscuous mode
[   91.055146][ T5484] wireguard0: entered allmulticast mode
[   91.199649][ T5493] loop0: detected capacity change from 0 to 128
[   91.329774][ T5497] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   91.512806][ T5503] loop0: detected capacity change from 0 to 512
[   91.520497][ T5503] ext4: Unknown parameter 'permit_directio'
[   91.539102][ T5503] netlink: 'syz.0.684': attribute type 1 has an invalid length.
[   91.547528][ T5503] netlink: 224 bytes leftover after parsing attributes in process `syz.0.684'.
[   91.563028][ T5419] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.591686][ T5510] lo speed is unknown, defaulting to 1000
[   91.606178][ T5419] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.627809][ T5510] lo speed is unknown, defaulting to 1000
[   91.635985][ T5419] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.668137][ T5419] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.706860][ T5514] vhci_hcd: invalid port number 96
[   91.712074][ T5514] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   91.779216][ T5520] loop2: detected capacity change from 0 to 512
[   91.839541][ T5521] FAULT_INJECTION: forcing a failure.
[   91.839541][ T5521] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.852722][ T5521] CPU: 1 UID: 0 PID: 5521 Comm: syz.3.687 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[   91.852898][ T5521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.852911][ T5521] Call Trace:
[   91.852918][ T5521]  <TASK>
[   91.852924][ T5521]  __dump_stack+0x1d/0x30
[   91.852950][ T5521]  dump_stack_lvl+0xe8/0x140
[   91.852998][ T5521]  dump_stack+0x15/0x1b
[   91.853014][ T5521]  should_fail_ex+0x265/0x280
[   91.853049][ T5521]  should_fail+0xb/0x20
[   91.853085][ T5521]  should_fail_usercopy+0x1a/0x20
[   91.853148][ T5521]  _copy_from_user+0x1c/0xb0
[   91.853195][ T5521]  ___sys_sendmsg+0xc1/0x1d0
[   91.853314][ T5521]  __x64_sys_sendmsg+0xd4/0x160
[   91.853379][ T5521]  x64_sys_call+0x2999/0x2fb0
[   91.853408][ T5521]  do_syscall_64+0xd2/0x200
[   91.853432][ T5521]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.853495][ T5521]  ? clear_bhb_loop+0x40/0x90
[   91.853517][ T5521]  ? clear_bhb_loop+0x40/0x90
[   91.853605][ T5521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.853633][ T5521] RIP: 0033:0x7f79441ee929
[   91.853652][ T5521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.853675][ T5521] RSP: 002b:00007f7942815038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.853699][ T5521] RAX: ffffffffffffffda RBX: 00007f7944416160 RCX: 00007f79441ee929
[   91.853788][ T5521] RDX: 0000000020004804 RSI: 0000200000000000 RDI: 0000000000000004
[   91.853805][ T5521] RBP: 00007f7942815090 R08: 0000000000000000 R09: 0000000000000000
[   91.853893][ T5521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.853909][ T5521] R13: 0000000000000000 R14: 00007f7944416160 R15: 00007fff4e97b158
[   91.853934][ T5521]  </TASK>
[   92.033671][ T5523] xt_hashlimit: size too large, truncated to 1048576
[   92.123797][ T5524] FAULT_INJECTION: forcing a failure.
[   92.123797][ T5524] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.137172][ T5524] CPU: 0 UID: 0 PID: 5524 Comm: syz.0.692 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[   92.137227][ T5524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.137245][ T5524] Call Trace:
[   92.137254][ T5524]  <TASK>
[   92.137337][ T5524]  __dump_stack+0x1d/0x30
[   92.137366][ T5524]  dump_stack_lvl+0xe8/0x140
[   92.137393][ T5524]  dump_stack+0x15/0x1b
[   92.137416][ T5524]  should_fail_ex+0x265/0x280
[   92.137496][ T5524]  should_fail+0xb/0x20
[   92.137533][ T5524]  should_fail_usercopy+0x1a/0x20
[   92.137628][ T5524]  _copy_from_user+0x1c/0xb0
[   92.137655][ T5524]  memdup_user+0x5e/0xd0
[   92.137687][ T5524]  strndup_user+0x68/0xb0
[   92.137784][ T5524]  __se_sys_fsopen+0x3c/0x1e0
[   92.137811][ T5524]  __x64_sys_fsopen+0x31/0x40
[   92.137836][ T5524]  x64_sys_call+0x2a54/0x2fb0
[   92.137992][ T5524]  do_syscall_64+0xd2/0x200
[   92.138016][ T5524]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.138051][ T5524]  ? clear_bhb_loop+0x40/0x90
[   92.138107][ T5524]  ? clear_bhb_loop+0x40/0x90
[   92.138137][ T5524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.138166][ T5524] RIP: 0033:0x7f125e2fe929
[   92.138186][ T5524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.138255][ T5524] RSP: 002b:00007f125c946038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[   92.138303][ T5524] RAX: ffffffffffffffda RBX: 00007f125e526080 RCX: 00007f125e2fe929
[   92.138319][ T5524] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000580
[   92.138335][ T5524] RBP: 00007f125c946090 R08: 0000000000000000 R09: 0000000000000000
[   92.138350][ T5524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.138365][ T5524] R13: 0000000000000000 R14: 00007f125e526080 R15: 00007ffc31789b38
[   92.138390][ T5524]  </TASK>
[   92.436507][ T5520] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.451992][ T5529] xt_hashlimit: size too large, truncated to 1048576
[   92.459039][ T5531] loop0: detected capacity change from 0 to 128
[   92.496732][ T5520] ext4 filesystem being mounted at /142/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   92.679467][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.749644][ T5538] loop0: detected capacity change from 0 to 1024
[   92.756549][ T5538] EXT4-fs: Ignoring removed bh option
[   92.762054][ T5538] EXT4-fs: inline encryption not supported
[   92.768563][ T5538] ext4: Unknown parameter 'smackfsroot'
[   92.782471][ T5540] loop2: detected capacity change from 0 to 512
[   92.784306][ T5542] loop4: detected capacity change from 0 to 256
[   92.790018][ T5538] rdma_op ffff8881009d0980 conn xmit_rdma 0000000000000000
[   92.802478][ T5540] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   92.833243][   T29] kauditd_printk_skb: 90 callbacks suppressed
[   92.833258][   T29] audit: type=1400 audit(1751396180.149:1323): avc:  denied  { append } for  pid=5543 comm="syz.0.699" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   92.862657][ T5544] random: crng reseeded on system resumption
[   92.892949][   T29] audit: type=1326 audit(1751396180.209:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.0.699" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f125e2fe929 code=0x0
[   92.933177][ T5540] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.946186][ T5540] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.961978][   T29] audit: type=1400 audit(1751396180.279:1325): avc:  denied  { ioctl } for  pid=5539 comm="syz.2.696" path="/143/file0/file1" dev="loop2" ino=15 ioctlcmd=0x5829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   92.992494][ T5540] xt_hashlimit: size too large, truncated to 1048576
[   93.050836][   T29] audit: type=1400 audit(1751396180.369:1326): avc:  denied  { kexec_image_load } for  pid=5539 comm="syz.2.696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[   93.105640][ T5559] loop3: detected capacity change from 0 to 1024
[   93.112587][ T5559] EXT4-fs: Ignoring removed bh option
[   93.124128][ T5559] EXT4-fs: inline encryption not supported
[   93.130340][ T5559] ext4: Unknown parameter 'smackfsroot'
[   93.137389][ T5559] rdma_op ffff88811e52bd80 conn xmit_rdma 0000000000000000
[   93.172634][   T29] audit: type=1326 audit(1751396180.489:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5560 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   93.196889][   T29] audit: type=1326 audit(1751396180.489:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5560 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   93.197960][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.220345][   T29] audit: type=1326 audit(1751396180.489:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5560 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   93.253616][   T29] audit: type=1326 audit(1751396180.489:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5560 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   93.277261][   T29] audit: type=1326 audit(1751396180.499:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5560 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   93.301718][   T29] audit: type=1326 audit(1751396180.499:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5560 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f79441ee929 code=0x7ffc0000
[   93.335441][   T37] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.348617][ T5563] loop2: detected capacity change from 0 to 128
[   93.378641][   T37] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.467457][   T37] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.546420][   T37] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.655042][ T5582] loop2: detected capacity change from 0 to 512
[   93.695090][ T5582] EXT4-fs (loop2): orphan cleanup on readonly fs
[   93.705705][ T5582] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.712: bg 0: block 248: padding at end of block bitmap is not set
[   93.721700][ T5582] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.712: Failed to acquire dquot type 1
[   93.738880][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   93.749813][ T5582] EXT4-fs (loop2): 1 truncate cleaned up
[   93.772267][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   93.782055][ T5588] __nla_validate_parse: 2 callbacks suppressed
[   93.782071][ T5588] netlink: 44 bytes leftover after parsing attributes in process `syz.1.714'.
[   93.799033][ T5582] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   93.815571][   T37] bond0 (unregistering): Released all slaves
[   93.835240][   T37] bond1 (unregistering): (slave veth3): Releasing active interface
[   93.855160][ T5582] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   93.855890][   T37] bond1 (unregistering): Released all slaves
[   93.887027][ T5582] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   93.905985][   T37] bond2 (unregistering): (slave veth5): Releasing active interface
[   93.906513][ T5595] netlink: 332 bytes leftover after parsing attributes in process `syz.1.714'.
[   93.927563][   T37] bond2 (unregistering): Released all slaves
[   93.933965][ T5582] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz.2.712: deleted inode referenced: 12
[   93.934474][ T5595] netlink: 'syz.1.714': attribute type 9 has an invalid length.
[   93.952789][   T37] bond3 (unregistering): Released all slaves
[   93.953667][ T5595] netlink: 108 bytes leftover after parsing attributes in process `syz.1.714'.
[   93.968983][ T5595] netlink: 32 bytes leftover after parsing attributes in process `syz.1.714'.
[   93.980318][   T37] bond4 (unregistering): (slave veth7): Releasing active interface
[   94.015340][   T37] bond4 (unregistering): Released all slaves
[   94.015960][ T5600] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz.2.712: deleted inode referenced: 12
[   94.043938][   T37] bond5 (unregistering): (slave veth9): Releasing active interface
[   94.058211][   T37] bond5 (unregistering): Released all slaves
[   94.065941][ T5582] syz.2.712 (5582) used greatest stack depth: 9304 bytes left
[   94.115853][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.130393][ T5603] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5603 comm=syz.0.716
[   94.178591][   T37] hsr_slave_0: left promiscuous mode
[   94.205635][   T37] hsr_slave_1: left promiscuous mode
[   94.224587][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   94.232183][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[   94.252171][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   94.259802][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[   94.286307][ T5606] loop1: detected capacity change from 0 to 128
[   94.316434][ T5622] loop2: detected capacity change from 0 to 128
[   94.324051][   T37] veth1_macvtap: left promiscuous mode
[   94.329856][   T37] veth0_macvtap: left promiscuous mode
[   94.354605][   T37] veth1_vlan: left promiscuous mode
[   94.367311][   T37] veth0_vlan: left promiscuous mode
[   94.600745][ T5606] bio_check_eod: 100 callbacks suppressed
[   94.600762][ T5606] syz.1.717: attempt to access beyond end of device
[   94.600762][ T5606] loop1: rw=2049, sector=137, nr_sectors = 8 limit=128
[   94.620846][ T5622] syz.2.720: attempt to access beyond end of device
[   94.620846][ T5622] loop2: rw=2049, sector=137, nr_sectors = 8 limit=128
[   94.636479][   T37] team0 (unregistering): Port device team_slave_1 removed
[   94.646773][   T37] team0 (unregistering): Port device team_slave_0 removed
[   94.664180][ T5622] syz.2.720: attempt to access beyond end of device
[   94.664180][ T5622] loop2: rw=2049, sector=153, nr_sectors = 8 limit=128
[   94.703955][ T5622] syz.2.720: attempt to access beyond end of device
[   94.703955][ T5622] loop2: rw=2049, sector=169, nr_sectors = 8 limit=128
[   94.717623][ T5606] syz.1.717: attempt to access beyond end of device
[   94.717623][ T5606] loop1: rw=2049, sector=153, nr_sectors = 8 limit=128
[   94.755648][ T3392] lo speed is unknown, defaulting to 1000
[   94.761566][ T3392] infiniband syz1: ib_query_port failed (-19)
[   94.780077][ T5606] syz.1.717: attempt to access beyond end of device
[   94.780077][ T5606] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128
[   94.813660][ T5574] lo speed is unknown, defaulting to 1000
[   94.847899][ T5622] syz.2.720: attempt to access beyond end of device
[   94.847899][ T5622] loop2: rw=2049, sector=185, nr_sectors = 8 limit=128
[   94.881488][ T5606] syz.1.717: attempt to access beyond end of device
[   94.881488][ T5606] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128
[   94.958443][ T5606] syz.1.717: attempt to access beyond end of device
[   94.958443][ T5606] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128
[   94.974650][ T5622] syz.2.720: attempt to access beyond end of device
[   94.974650][ T5622] loop2: rw=2049, sector=201, nr_sectors = 8 limit=128
[   95.048107][ T5574] chnl_net:caif_netlink_parms(): no params data found
[   95.225007][ T5669] netlink: 'syz.3.726': attribute type 1 has an invalid length.
[   95.248260][ T5673] FAULT_INJECTION: forcing a failure.
[   95.248260][ T5673] name failslab, interval 1, probability 0, space 0, times 0
[   95.261016][ T5673] CPU: 0 UID: 0 PID: 5673 Comm: syz.0.727 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[   95.261050][ T5673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.261065][ T5673] Call Trace:
[   95.261072][ T5673]  <TASK>
[   95.261081][ T5673]  __dump_stack+0x1d/0x30
[   95.261174][ T5673]  dump_stack_lvl+0xe8/0x140
[   95.261196][ T5673]  dump_stack+0x15/0x1b
[   95.261213][ T5673]  should_fail_ex+0x265/0x280
[   95.261254][ T5673]  should_failslab+0x8c/0xb0
[   95.261292][ T5673]  __kmalloc_noprof+0xa5/0x3e0
[   95.261377][ T5673]  ? io_cache_alloc_new+0x2a/0xb0
[   95.261401][ T5673]  io_cache_alloc_new+0x2a/0xb0
[   95.261422][ T5673]  io_sendmsg_prep+0x2df/0x5e0
[   95.261459][ T5673]  io_submit_sqes+0x5e5/0xfd0
[   95.261529][ T5673]  __se_sys_io_uring_enter+0x1c1/0x1b70
[   95.261562][ T5673]  ? 0xffffffff81000000
[   95.261579][ T5673]  ? __rcu_read_unlock+0x4f/0x70
[   95.261604][ T5673]  ? get_pid_task+0x96/0xd0
[   95.261696][ T5673]  ? proc_fail_nth_write+0x12d/0x160
[   95.261733][ T5673]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   95.261850][ T5673]  ? vfs_write+0x75e/0x8e0
[   95.261884][ T5673]  ? __rcu_read_unlock+0x4f/0x70
[   95.261906][ T5673]  ? __fget_files+0x184/0x1c0
[   95.261930][ T5673]  ? fput+0x8f/0xc0
[   95.261958][ T5673]  __x64_sys_io_uring_enter+0x78/0x90
[   95.261990][ T5673]  x64_sys_call+0x28c8/0x2fb0
[   95.262013][ T5673]  do_syscall_64+0xd2/0x200
[   95.262032][ T5673]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.262114][ T5673]  ? clear_bhb_loop+0x40/0x90
[   95.262136][ T5673]  ? clear_bhb_loop+0x40/0x90
[   95.262159][ T5673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.262259][ T5673] RIP: 0033:0x7f125e2fe929
[   95.262274][ T5673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.262311][ T5673] RSP: 002b:00007f125c967038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   95.262372][ T5673] RAX: ffffffffffffffda RBX: 00007f125e525fa0 RCX: 00007f125e2fe929
[   95.262384][ T5673] RDX: 00000000000004c1 RSI: 0000000000000627 RDI: 0000000000000006
[   95.262397][ T5673] RBP: 00007f125c967090 R08: 0000000000000000 R09: 00000000000000fc
[   95.262409][ T5673] R10: 0000000000000043 R11: 0000000000000246 R12: 0000000000000001
[   95.262421][ T5673] R13: 0000000000000000 R14: 00007f125e525fa0 R15: 00007ffc31789b38
[   95.262441][ T5673]  </TASK>
[   95.566368][ T5669] 8021q: adding VLAN 0 to HW filter on device bond7
[   95.580130][ T5574] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.587296][ T5574] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.655224][ T5680] netlink: 'syz.3.726': attribute type 3 has an invalid length.
[   95.664270][ T5680] netlink: 28 bytes leftover after parsing attributes in process `syz.3.726'.
[   95.677616][ T5574] bridge_slave_0: entered allmulticast mode
[   95.699401][ T5574] bridge_slave_0: entered promiscuous mode
[   95.706821][ T5683] netlink: 'syz.0.729': attribute type 1 has an invalid length.
[   95.715370][ T5683] netlink: 224 bytes leftover after parsing attributes in process `syz.0.729'.
[   95.728681][ T5676] 8021q: adding VLAN 0 to HW filter on device bond7
[   95.737446][ T5679] loop1: detected capacity change from 0 to 1024
[   95.756050][ T5676] bond7: (slave vxcan3): The slave device specified does not support setting the MAC address
[   95.785957][ T5679] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.798319][ T5676] bond7: (slave vxcan3): Error -95 calling set_mac_address
[   95.837023][ T5669] veth15: entered promiscuous mode
[   95.842761][ T5679] EXT4-fs (loop1): shut down requested (1)
[   95.862153][ T5669] bond7: (slave veth15): Enslaving as an active interface with a down link
[   95.874039][ T5679] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5679 comm=syz.1.728
[   95.899648][ T5680] 8021q: adding VLAN 0 to HW filter on device bond7
[   95.906954][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.925444][ T5574] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.932766][ T5574] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.941765][ T5574] bridge_slave_1: entered allmulticast mode
[   95.946209][ T5693] netlink: 'syz.2.730': attribute type 1 has an invalid length.
[   95.949893][ T5574] bridge_slave_1: entered promiscuous mode
[   95.970645][ T5695] loop1: detected capacity change from 0 to 128
[   96.011956][ T5693] 8021q: adding VLAN 0 to HW filter on device bond6
[   96.021714][ T5698] sd 0:0:1:0: device reset
[   96.037088][ T5699] 8021q: adding VLAN 0 to HW filter on device bond6
[   96.048279][ T5699] bond6: (slave vxcan3): The slave device specified does not support setting the MAC address
[   96.060915][ T5699] bond6: (slave vxcan3): Error -95 calling set_mac_address
[   96.088861][ T5574] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.130494][ T5710] netlink: 'syz.2.730': attribute type 3 has an invalid length.
[   96.159126][ T5693] veth11: entered promiscuous mode
[   96.176587][ T5693] bond6: (slave veth11): Enslaving as an active interface with a down link
[   96.189744][ T5574] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   96.210633][ T5699] netlink: 28 bytes leftover after parsing attributes in process `syz.2.730'.
[   96.256302][ T5699] 8021q: adding VLAN 0 to HW filter on device bond6
[   96.274075][ T5574] team0: Port device team_slave_0 added
[   96.288054][ T5721] netlink: 'syz.0.736': attribute type 1 has an invalid length.
[   96.289750][ T5574] team0: Port device team_slave_1 added
[   96.295761][ T5721] netlink: 224 bytes leftover after parsing attributes in process `syz.0.736'.
[   96.358643][ T5574] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.366364][ T5574] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.392581][ T5574] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.446134][ T5574] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.453144][ T5574] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.479269][ T5574] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.658052][ T5748] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   96.690451][ T5574] hsr_slave_0: entered promiscuous mode
[   96.704984][ T5574] hsr_slave_1: entered promiscuous mode
[   96.738785][ T5574] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   96.757571][ T5750] netlink: 'syz.2.743': attribute type 1 has an invalid length.
[   96.778020][ T5574] Cannot create hsr debugfs directory
[   97.285410][ T5766] lo speed is unknown, defaulting to 1000
[   97.444554][ T5771] vhci_hcd: invalid port number 96
[   97.449804][ T5771] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   97.647306][ T5766] netlink: 4 bytes leftover after parsing attributes in process `syz.1.746'.
[   97.739865][ T5766] netlink: 20 bytes leftover after parsing attributes in process `syz.1.746'.
[   97.913879][ T5574] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   98.037915][ T5574] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   98.138462][ T5574] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   98.174492][   T29] kauditd_printk_skb: 83 callbacks suppressed
[   98.174511][   T29] audit: type=1326 audit(1751396185.419:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5781 comm="syz.1.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5ac7e929 code=0x7ffc0000
[   98.204186][   T29] audit: type=1326 audit(1751396185.419:1415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5781 comm="syz.1.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5ac7e929 code=0x7ffc0000
[   98.227601][   T29] audit: type=1326 audit(1751396185.419:1416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5781 comm="syz.1.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f2a5ac7e929 code=0x7ffc0000
[   98.250956][   T29] audit: type=1326 audit(1751396185.419:1417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5781 comm="syz.1.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5ac7e929 code=0x7ffc0000
[   98.274496][   T29] audit: type=1326 audit(1751396185.419:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5781 comm="syz.1.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2a5ac7e929 code=0x7ffc0000
[   98.297846][   T29] audit: type=1326 audit(1751396185.419:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5781 comm="syz.1.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5ac7e929 code=0x7ffc0000
[   98.321173][   T29] audit: type=1326 audit(1751396185.419:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5781 comm="syz.1.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5ac7e929 code=0x7ffc0000
[   98.344619][   T29] audit: type=1326 audit(1751396185.419:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5781 comm="syz.1.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f2a5ac7e929 code=0x7ffc0000
[   98.367954][   T29] audit: type=1326 audit(1751396185.449:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5781 comm="syz.1.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5ac7e929 code=0x7ffc0000
[   98.391400][   T29] audit: type=1326 audit(1751396185.449:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5781 comm="syz.1.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5ac7e929 code=0x7ffc0000
[   98.671184][ T5574] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   98.738182][ T5791] loop2: detected capacity change from 0 to 1024
[   98.759559][ T5791] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.798210][ T5574] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.820737][ T5574] 8021q: adding VLAN 0 to HW filter on device team0
[   98.833904][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.834406][ T5791] EXT4-fs (loop2): shut down requested (1)
[   98.841091][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.849701][ T5791] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5791 comm=syz.2.752
[   98.877301][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.879481][ T5810] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.884453][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.904278][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.913335][ T5574] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   98.913356][ T5574] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   98.957961][ T5810] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.968444][ T5810] netlink: 32 bytes leftover after parsing attributes in process `syz.1.754'.
[   99.008800][ T5574] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.069598][ T5825] lo speed is unknown, defaulting to 1000
[   99.079259][ T5826] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.755'.
[   99.110300][ T5826] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   99.219987][ T5825] vhci_hcd: invalid port number 96
[   99.225332][ T5825] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   99.245490][ T5825] netlink: 4 bytes leftover after parsing attributes in process `syz.0.756'.
[   99.255497][ T5825] netlink: 20 bytes leftover after parsing attributes in process `syz.0.756'.
[   99.298484][ T5574] veth0_vlan: entered promiscuous mode
[   99.313402][ T5574] veth1_vlan: entered promiscuous mode
[   99.337287][ T5574] veth0_macvtap: entered promiscuous mode
[   99.345269][ T5574] veth1_macvtap: entered promiscuous mode
[   99.359017][ T5574] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.372505][ T5574] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.387247][ T5574] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.396113][ T5574] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.405047][ T5574] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.413920][ T5574] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.995804][ T5917] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  100.137918][ T5924] SELinux:  Context system_u:object is not valid (left unmapped).
[  100.242937][ T5927] FAULT_INJECTION: forcing a failure.
[  100.242937][ T5927] name failslab, interval 1, probability 0, space 0, times 0
[  100.255684][ T5927] CPU: 1 UID: 0 PID: 5927 Comm: syz.0.770 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  100.255746][ T5927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.255760][ T5927] Call Trace:
[  100.255767][ T5927]  <TASK>
[  100.255775][ T5927]  __dump_stack+0x1d/0x30
[  100.255797][ T5927]  dump_stack_lvl+0xe8/0x140
[  100.255819][ T5927]  dump_stack+0x15/0x1b
[  100.255928][ T5927]  should_fail_ex+0x265/0x280
[  100.255960][ T5927]  should_failslab+0x8c/0xb0
[  100.255988][ T5927]  kmem_cache_alloc_node_noprof+0x57/0x320
[  100.256016][ T5927]  ? __alloc_skb+0x101/0x320
[  100.256115][ T5927]  __alloc_skb+0x101/0x320
[  100.256205][ T5927]  ? audit_log_start+0x365/0x6c0
[  100.256248][ T5927]  audit_log_start+0x380/0x6c0
[  100.256295][ T5927]  audit_seccomp+0x48/0x100
[  100.256343][ T5927]  ? __seccomp_filter+0x68c/0x10d0
[  100.256372][ T5927]  __seccomp_filter+0x69d/0x10d0
[  100.256405][ T5927]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  100.256450][ T5927]  ? vfs_write+0x75e/0x8e0
[  100.256594][ T5927]  ? __rcu_read_unlock+0x4f/0x70
[  100.256623][ T5927]  ? __fget_files+0x184/0x1c0
[  100.256654][ T5927]  __secure_computing+0x82/0x150
[  100.256685][ T5927]  syscall_trace_enter+0xcf/0x1e0
[  100.256784][ T5927]  do_syscall_64+0xac/0x200
[  100.256803][ T5927]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.256829][ T5927]  ? clear_bhb_loop+0x40/0x90
[  100.256891][ T5927]  ? clear_bhb_loop+0x40/0x90
[  100.256913][ T5927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.256935][ T5927] RIP: 0033:0x7f125e2fe929
[  100.256950][ T5927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.257017][ T5927] RSP: 002b:00007f125c967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  100.257036][ T5927] RAX: ffffffffffffffda RBX: 00007f125e525fa0 RCX: 00007f125e2fe929
[  100.257048][ T5927] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000003
[  100.257060][ T5927] RBP: 00007f125c967090 R08: 0000000000000008 R09: 0000000000000000
[  100.257072][ T5927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.257102][ T5927] R13: 0000000000000000 R14: 00007f125e525fa0 R15: 00007ffc31789b38
[  100.257203][ T5927]  </TASK>
[  100.770994][ T5950] loop2: detected capacity change from 0 to 1024
[  100.819451][ T5953] loop3: detected capacity change from 0 to 128
[  101.110706][ T5951] netlink: 'syz.0.779': attribute type 1 has an invalid length.
[  101.119236][ T5951] netlink: 224 bytes leftover after parsing attributes in process `syz.0.779'.
[  101.239223][ T5957] loop1: detected capacity change from 0 to 512
[  101.271816][ T5957] ext4: Unknown parameter 'permit_directio'
[  101.289853][ T5950] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.303936][ T5950] EXT4-fs (loop2): shut down requested (1)
[  101.320194][ T5950] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5950 comm=syz.2.777
[  101.329072][ T5969] syz.0.781 uses obsolete (PF_INET,SOCK_PACKET)
[  101.355053][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.579318][ T5975] loop2: detected capacity change from 0 to 512
[  101.594419][ T5989] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  101.601021][ T5975] ext4: Unknown parameter 'permit_directio'
[  101.623182][ T5981] lo speed is unknown, defaulting to 1000
[  101.635030][ T5992] netlink: 4 bytes leftover after parsing attributes in process `syz.5.790'.
[  101.641313][ T5975] netlink: 'syz.2.782': attribute type 1 has an invalid length.
[  101.651639][ T5975] netlink: 224 bytes leftover after parsing attributes in process `syz.2.782'.
[  101.683263][ T5997] loop1: detected capacity change from 0 to 1024
[  101.701579][ T5993] vhci_hcd: invalid port number 96
[  101.707505][ T5993] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  101.737400][ T5997] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.782408][ T5981] netlink: 4 bytes leftover after parsing attributes in process `syz.3.787'.
[  101.785517][ T5999] netlink: 'syz.2.793': attribute type 3 has an invalid length.
[  101.793151][ T5981] netlink: 20 bytes leftover after parsing attributes in process `syz.3.787'.
[  101.808653][ T5997] EXT4-fs (loop1): shut down requested (1)
[  101.809983][ T5997] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5997 comm=syz.1.792
[  101.844022][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.857353][ T6008] FAULT_INJECTION: forcing a failure.
[  101.857353][ T6008] name failslab, interval 1, probability 0, space 0, times 0
[  101.870089][ T6008] CPU: 1 UID: 0 PID: 6008 Comm: syz.5.795 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  101.870132][ T6008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  101.870145][ T6008] Call Trace:
[  101.870152][ T6008]  <TASK>
[  101.870159][ T6008]  __dump_stack+0x1d/0x30
[  101.870185][ T6008]  dump_stack_lvl+0xe8/0x140
[  101.870211][ T6008]  dump_stack+0x15/0x1b
[  101.870233][ T6008]  should_fail_ex+0x265/0x280
[  101.870282][ T6008]  should_failslab+0x8c/0xb0
[  101.870312][ T6008]  kmem_cache_alloc_noprof+0x50/0x310
[  101.870371][ T6008]  ? skb_clone+0x151/0x1f0
[  101.870397][ T6008]  skb_clone+0x151/0x1f0
[  101.870421][ T6008]  __netlink_deliver_tap+0x2c9/0x500
[  101.870527][ T6008]  netlink_unicast+0x64c/0x670
[  101.870585][ T6008]  netlink_sendmsg+0x58b/0x6b0
[  101.870609][ T6008]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.870714][ T6008]  __sock_sendmsg+0x145/0x180
[  101.870740][ T6008]  ____sys_sendmsg+0x31e/0x4e0
[  101.870780][ T6008]  ___sys_sendmsg+0x17b/0x1d0
[  101.870894][ T6008]  __x64_sys_sendmsg+0xd4/0x160
[  101.870983][ T6008]  x64_sys_call+0x2999/0x2fb0
[  101.871011][ T6008]  do_syscall_64+0xd2/0x200
[  101.871029][ T6008]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.871137][ T6008]  ? clear_bhb_loop+0x40/0x90
[  101.871160][ T6008]  ? clear_bhb_loop+0x40/0x90
[  101.871184][ T6008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.871210][ T6008] RIP: 0033:0x7fe6af95e929
[  101.871226][ T6008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.871322][ T6008] RSP: 002b:00007fe6adf8c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.871345][ T6008] RAX: ffffffffffffffda RBX: 00007fe6afb86080 RCX: 00007fe6af95e929
[  101.871361][ T6008] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000008
[  101.871374][ T6008] RBP: 00007fe6adf8c090 R08: 0000000000000000 R09: 0000000000000000
[  101.871386][ T6008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.871400][ T6008] R13: 0000000000000000 R14: 00007fe6afb86080 R15: 00007fff33f2f3a8
[  101.871423][ T6008]  </TASK>
[  101.871463][ T6008] netlink: 4 bytes leftover after parsing attributes in process `syz.5.795'.
[  102.102771][ T6008] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.110636][ T6008] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.130102][ T6013] loop2: detected capacity change from 0 to 1024
[  102.162188][ T6008] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.169904][ T6008] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.201233][ T6017] lo speed is unknown, defaulting to 1000
[  102.400895][ T6028] loop3: detected capacity change from 0 to 512
[  102.446376][ T6028] loop3: detected capacity change from 0 to 512
[  102.470791][ T6028] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  102.535438][ T6028] EXT4-fs (loop3): 1 truncate cleaned up
[  102.548117][ T6028] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.687961][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.865840][ T6041] FAULT_INJECTION: forcing a failure.
[  102.865840][ T6041] name failslab, interval 1, probability 0, space 0, times 0
[  102.878642][ T6041] CPU: 0 UID: 0 PID: 6041 Comm: syz.3.805 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  102.878678][ T6041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.878695][ T6041] Call Trace:
[  102.878743][ T6041]  <TASK>
[  102.878753][ T6041]  __dump_stack+0x1d/0x30
[  102.878781][ T6041]  dump_stack_lvl+0xe8/0x140
[  102.878807][ T6041]  dump_stack+0x15/0x1b
[  102.878829][ T6041]  should_fail_ex+0x265/0x280
[  102.878889][ T6041]  should_failslab+0x8c/0xb0
[  102.878914][ T6041]  __kmalloc_noprof+0xa5/0x3e0
[  102.878981][ T6041]  ? kobject_get_path+0x92/0x1c0
[  102.879006][ T6041]  kobject_get_path+0x92/0x1c0
[  102.879029][ T6041]  input_devices_seq_show+0x36/0x470
[  102.879111][ T6041]  seq_read_iter+0x319/0x940
[  102.879141][ T6041]  seq_read+0x1f7/0x240
[  102.879181][ T6041]  ? __pfx_seq_read+0x10/0x10
[  102.879226][ T6041]  proc_reg_read+0x128/0x1c0
[  102.879255][ T6041]  ? __pfx_proc_reg_read+0x10/0x10
[  102.879278][ T6041]  vfs_readv+0x3f8/0x690
[  102.879310][ T6041]  __x64_sys_preadv+0xfd/0x1c0
[  102.879344][ T6041]  x64_sys_call+0x1503/0x2fb0
[  102.879366][ T6041]  do_syscall_64+0xd2/0x200
[  102.879459][ T6041]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  102.879492][ T6041]  ? clear_bhb_loop+0x40/0x90
[  102.879596][ T6041]  ? clear_bhb_loop+0x40/0x90
[  102.879626][ T6041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.879707][ T6041] RIP: 0033:0x7f79441ee929
[  102.879727][ T6041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.879745][ T6041] RSP: 002b:00007f7942857038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  102.879764][ T6041] RAX: ffffffffffffffda RBX: 00007f7944415fa0 RCX: 00007f79441ee929
[  102.879781][ T6041] RDX: 0000000000000001 RSI: 00002000000015c0 RDI: 0000000000000005
[  102.879846][ T6041] RBP: 00007f7942857090 R08: 0000000000000003 R09: 0000000000000000
[  102.879858][ T6041] R10: 00000000000000f0 R11: 0000000000000246 R12: 0000000000000001
[  102.879873][ T6041] R13: 0000000000000000 R14: 00007f7944415fa0 R15: 00007fff4e97b158
[  102.879897][ T6041]  </TASK>
[  103.217831][ T6052] loop3: detected capacity change from 0 to 1024
[  103.225439][ T6052] EXT4-fs: Ignoring removed orlov option
[  103.356949][ T6052] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.373421][ T6057] netlink: 'syz.1.812': attribute type 9 has an invalid length.
[  103.451573][   T29] kauditd_printk_skb: 148 callbacks suppressed
[  103.451592][   T29] audit: type=1400 audit(1751396190.769:1570): avc:  denied  { write } for  pid=6050 comm="syz.3.810" name="bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  103.696842][ T6068] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.704442][ T6068] batman_adv: batadv0: Removing interface: batadv_slave_0
[  103.794253][ T6068] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.801874][ T6068] batman_adv: batadv0: Removing interface: batadv_slave_1
[  103.857627][ T6063] ==================================================================
[  103.865862][ T6063] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode
[  103.875123][ T6063] 
[  103.877472][ T6063] write to 0xffff888106a26d10 of 4 bytes by task 6052 on cpu 0:
[  103.885118][ T6063]  writeback_single_inode+0x14a/0x3e0
[  103.890527][ T6063]  sync_inode_metadata+0x5b/0x90
[  103.895509][ T6063]  generic_buffers_fsync_noflush+0xd9/0x120
[  103.901448][ T6063]  ext4_sync_file+0x1ab/0x690
[  103.906174][ T6063]  vfs_fsync_range+0x10a/0x130
[  103.910997][ T6063]  ext4_buffered_write_iter+0x34f/0x3c0
[  103.916593][ T6063]  ext4_file_write_iter+0x383/0xf00
[  103.921821][ T6063]  iter_file_splice_write+0x5ef/0x970
[  103.927243][ T6063]  direct_splice_actor+0x153/0x2a0
[  103.932397][ T6063]  splice_direct_to_actor+0x30f/0x680
[  103.937801][ T6063]  do_splice_direct+0xda/0x150
[  103.942865][ T6063]  do_sendfile+0x380/0x650
[  103.947301][ T6063]  __x64_sys_sendfile64+0x105/0x150
[  103.952514][ T6063]  x64_sys_call+0xb39/0x2fb0
[  103.957149][ T6063]  do_syscall_64+0xd2/0x200
[  103.961676][ T6063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.967597][ T6063] 
[  103.969932][ T6063] read to 0xffff888106a26d10 of 4 bytes by task 6063 on cpu 1:
[  103.977497][ T6063]  generic_buffers_fsync_noflush+0x80/0x120
[  103.983438][ T6063]  ext4_sync_file+0x1ab/0x690
[  103.988128][ T6063]  vfs_fsync_range+0x10a/0x130
[  103.992930][ T6063]  ext4_buffered_write_iter+0x34f/0x3c0
[  103.998528][ T6063]  ext4_file_write_iter+0x383/0xf00
[  104.003761][ T6063]  iter_file_splice_write+0x5ef/0x970
[  104.009193][ T6063]  direct_splice_actor+0x153/0x2a0
[  104.014335][ T6063]  splice_direct_to_actor+0x30f/0x680
[  104.019777][ T6063]  do_splice_direct+0xda/0x150
[  104.024574][ T6063]  do_sendfile+0x380/0x650
[  104.029020][ T6063]  __x64_sys_sendfile64+0x105/0x150
[  104.034232][ T6063]  x64_sys_call+0xb39/0x2fb0
[  104.038850][ T6063]  do_syscall_64+0xd2/0x200
[  104.043375][ T6063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.049296][ T6063] 
[  104.051645][ T6063] value changed: 0x00000038 -> 0x00000002
[  104.057423][ T6063] 
[  104.059760][ T6063] Reported by Kernel Concurrency Sanitizer on:
[  104.065944][ T6063] CPU: 1 UID: 0 PID: 6063 Comm: syz.3.810 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  104.078292][ T6063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.088374][ T6063] ==================================================================
[  104.115823][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.