last executing test programs:

3m14.435493928s ago: executing program 1 (id=486):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x124)
mknodat$null(r1, &(0x7f0000000000)='./file1\x00', 0x1000, 0x103)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f00000001c0)='./file1\x00', 0x80000004)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x80, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x90}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x1c, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x4}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xa8}}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x836d9fb164f927b3)
io_setup(0x3, &(0x7f0000000600)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000000)=[&(0x7f0000000080)={0x0, 0x0, 0x10, 0x7, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x2}])
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYRES64=r0], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000340)='kfree\x00', r6}, 0x18)
socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r7, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r7, 0x29, 0x1b, &(0x7f0000000280)={@remote}, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x3)
close(r7)
r10 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DESTROY(r10, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f0000001840)={0x14, 0x15, 0x615, 0x70bd2d, 0x25dfdbfb, {0x1a, 0xa2}}, 0x14}, 0x1, 0x0, 0x0, 0x6004000}, 0x8084)
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
setresuid(0xee01, 0xee00, 0x0)

3m14.289664224s ago: executing program 1 (id=494):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair(0x26, 0x6, 0x0, &(0x7f0000000040))
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @local, @val, {@ipv6={0x86dd, @generic={0x0, 0x6, "76cd8a", 0x0, 0x0, 0x0, @rand_addr=' \x01\x00', @dev}}}}, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f288476d2610054c6588a8", 0x0, 0x180, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1000000}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)

3m13.647548562s ago: executing program 1 (id=503):
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x68, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x1, 0x400, 0xfffffff7}, 0xc0000000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='xen_mmu_set_pud\x00'}, 0x18)
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000540)='/sys/kernel/notes', 0x6b2180, 0x1f)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newtfilter={0xd4, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xe, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0xa8, 0x2, [@TCA_U32_SEL={0x94, 0x5, {0x7, 0xef, 0x8, 0x8, 0x5, 0x9, 0x7, 0x0, [{0x1000, 0x4, 0x401, 0x6}, {0x8, 0x7, 0x1009, 0x5}, {0xfffffff9, 0x43, 0x7ffd, 0x5}, {0x7fde, 0x40, 0x51, 0x3ff}, {0x8, 0xb, 0x1, 0x42}, {0x6, 0x400004, 0x8, 0x8}, {0x8001, 0x0, 0x0, 0x8001}, {0x1, 0x1800000, 0xa525}]}}, @TCA_U32_LINK={0x8, 0x3, 0x1000000}, @TCA_U32_CLASSID={0x8, 0x1, {0xa, 0xfff2}}]}}]}, 0xd4}, 0x1, 0x0, 0x0, 0x80}, 0x40)
r7 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={0x0, 0x4}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x18)
unshare(0x22060400)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="81101009000000009500000000000000"], &(0x7f0000000280)='GPL\x00'}, 0x90)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r9 = geteuid()
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x800840, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@access_uid={'access', 0x3d, r9}}, {@ignoreqv}, {@access_any}, {@cache_loose}, {@version_L}, {@access_user}, {@fscache}, {@cache_fscache}, {@access_user}], [{@fsname={'fsname', 0x3d, ',\xae-/'}}, {@dont_measure}, {@smackfshat}, {@hash}, {@smackfsdef={'smackfsdef', 0x3d, 'Ktb\x00'}}, {@subj_type}]}})
ioctl$BLKFLSBUF(r8, 0x1261, 0x0)
r10 = syz_io_uring_setup(0xbdd, &(0x7f0000000080)={0x0, 0x48e0, 0x80, 0x3, 0x40000336, 0x0, r1}, &(0x7f0000000340)=<r11=>0x0, &(0x7f0000000040)=<r12=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r11, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r11, r12, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/201, 0xc9}], 0x1, 0x0, 0x1})
io_uring_enter(r10, 0x847ba, 0x2000, 0xe, 0x0, 0x0)

3m13.47727429s ago: executing program 1 (id=512):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000ec0)=ANY=[@ANYBLOB='iocharset=cp865,utf8=1,utf8=0,utf8=1,iocharset=utf8,sys_immutable,uni_xlate=0,uni_xlate=1,uni_xlate=1,gid=', @ANYRESDEC=0x0, @ANYRESDEC=0x0], 0xfd, 0x1b1, &(0x7f0000000d00)="$eJzs2zFrE2EYB/DnahrTOiSDkzjc6BSafoIGqSAGBCWDgqDYBqQnBQsBHWw3B7+EH8bBVT+JYwfhpLk0aUKEGpocJL/fkodc/rnnfcMleQJ5ff/90cHxSe9V70fUkiQ29iKN8yQasRGXzgIAWCXneR6/8zzPb5/F1rfI87zsjgCARfP5DwDr5/mLl0/anc7+szStRWRf+t1+t7gtjrd78S6yOIydqMefuPiCMFTUjx539nfSgUZ8zU6H+dN+99ZkvhX1aMzOt4p8OpnfjO2r+d2ox93Z+d2Z+Wo8qI7ymxFRj19v4ziyOIiL7Dj/uZWmD592pvJ3Bo8DAACAVdBMRwbzezUm5/dmc/L4eD4u8u3k2r8PTM3XlbhXKXftALCuTj5+OnqTZYcf5ihqw+eYM3694ud2cZIFnuKGisstHd2zt4z9+d+ierXDqWJrwa1Wlr7kJCLK2vDvEVH6yz3XRT0oSngzApZqfPWX3QkAAAAAAAAAAAAAAPAvy/hfUdlrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD9/A0AAP//W1+CbQ==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x189800, 0x9b)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setuid(r2)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_readv(r3, &(0x7f0000000100)=[{&(0x7f0000000040)=""/37, 0x25}], 0x1, &(0x7f00000002c0)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x40047211, &(0x7f00000000c0))
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000ec0)=ANY=[@ANYBLOB='iocharset=cp865,utf8=1,utf8=0,utf8=1,iocharset=utf8,sys_immutable,uni_xlate=0,uni_xlate=1,uni_xlate=1,gid=', @ANYRESDEC=0x0, @ANYRESDEC=0x0], 0xfd, 0x1b1, &(0x7f0000000d00)="$eJzs2zFrE2EYB/DnahrTOiSDkzjc6BSafoIGqSAGBCWDgqDYBqQnBQsBHWw3B7+EH8bBVT+JYwfhpLk0aUKEGpocJL/fkodc/rnnfcMleQJ5ff/90cHxSe9V70fUkiQ29iKN8yQasRGXzgIAWCXneR6/8zzPb5/F1rfI87zsjgCARfP5DwDr5/mLl0/anc7+szStRWRf+t1+t7gtjrd78S6yOIydqMefuPiCMFTUjx539nfSgUZ8zU6H+dN+99ZkvhX1aMzOt4p8OpnfjO2r+d2ox93Z+d2Z+Wo8qI7ymxFRj19v4ziyOIiL7Dj/uZWmD592pvJ3Bo8DAACAVdBMRwbzezUm5/dmc/L4eD4u8u3k2r8PTM3XlbhXKXftALCuTj5+OnqTZYcf5ihqw+eYM3694ud2cZIFnuKGisstHd2zt4z9+d+ierXDqWJrwa1Wlr7kJCLK2vDvEVH6yz3XRT0oSngzApZqfPWX3QkAAAAAAAAAAAAAAPAvy/hfUdlrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD9/A0AAP//W1+CbQ==") (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x189800, 0x9b) (async)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5) (async)
setuid(r2) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
process_vm_readv(r3, &(0x7f0000000100)=[{&(0x7f0000000040)=""/37, 0x25}], 0x1, &(0x7f00000002c0)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1, 0x0) (async)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x40047211, &(0x7f00000000c0)) (async)

3m13.441458621s ago: executing program 1 (id=514):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree\x00', r0}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4, 0x2}, {0xc}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xfffffffffffffffe, 0x4}}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x8c}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001240)=@newqdisc={0x434, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x4000000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0xffff}, {0x6, 0xf}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x6, 0x0, 0x1fc, 0x0, 0xfffffc80, 0x0, 0x6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x1, 0xffffffff, 0x0, 0x0, 0x2, 0xffffffff, 0x5, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x80002, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x4000, 0x0, 0x0, 0xfffffffe, 0x6, 0x0, 0x0, 0x272, 0x8000, 0x9, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0xe, 0x0, 0x2, 0xfffffffd, 0x0, 0x80007, 0x4, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xb9a, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x5e, 0x6, 0x8, 0x0, 0x0, 0x1, 0x3, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffffff, 0xffff8000, 0x0, 0xffffffff, 0x1, 0x0, 0x800009, 0x0, 0x0, 0x8, 0x6, 0x9, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x0, 0x2000000, 0x100, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0xb6, 0x0, 0x1, 0x0, 0x7, 0x8, 0x0, 0xffffffff, 0xffff, 0xfffffffd, 0x0, 0xb3c, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x9, 0x1, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x2, 0x13, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0xaa, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x26c, 0x4, 0x7, 0x102, 0x0, 0x8, 0x200, 0x7fffffff, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, 0x0, 0xfffffffd, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
preadv(r1, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/122, 0x6}], 0x3e8, 0x0, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x2000, 0x0, 0xfd, 0x0, &(0x7f00000000c0))
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x5, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x4, &(0x7f0000000580)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xc5}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000004780)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000080)={0x0, 0x5}, 0x8)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0)

3m13.218984811s ago: executing program 1 (id=517):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f0000000d40)={0x16, 0x98, 0xfa00, {0x0, 0x800000000000002, 0xffffffffffffffff, 0x10, 0x0, @ib={0x1b, 0x8, 0x2, {"cc84fb75c275ad847d0e1cf961bfbbc5"}, 0x7fffffff, 0x66c5, 0x6}}}, 0xa0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffff99}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x41100}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mm_page_alloc\x00', r3, 0x0, 0x1}, 0x18)
r4 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x6, 0x40, 0x6, 0x0, 0x4000000000, 0xd4, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x100082, 0x7ff, 0x6, 0x7, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12011, r4, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000380)={&(0x7f0000000780)={0x2, 0xa, 0x0, 0x3, 0x2, 0x0, 0x70bd2c, 0x25dfdbfc}, 0x10}, 0x1, 0x7}, 0x0)

3m13.218782381s ago: executing program 32 (id=517):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f0000000d40)={0x16, 0x98, 0xfa00, {0x0, 0x800000000000002, 0xffffffffffffffff, 0x10, 0x0, @ib={0x1b, 0x8, 0x2, {"cc84fb75c275ad847d0e1cf961bfbbc5"}, 0x7fffffff, 0x66c5, 0x6}}}, 0xa0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffff99}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x41100}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mm_page_alloc\x00', r3, 0x0, 0x1}, 0x18)
r4 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x6, 0x40, 0x6, 0x0, 0x4000000000, 0xd4, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x100082, 0x7ff, 0x6, 0x7, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12011, r4, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000380)={&(0x7f0000000780)={0x2, 0xa, 0x0, 0x3, 0x2, 0x0, 0x70bd2c, 0x25dfdbfc}, 0x10}, 0x1, 0x7}, 0x0)

10.749046322s ago: executing program 5 (id=3399):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0)
read(r3, &(0x7f0000000240)=""/123, 0x7b)
clock_adjtime(0x0, &(0x7f0000000040)={0xd51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x201, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xe438, 0x0, 0x3})
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x3}, 0x800)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1a, 0x2000000000000057, &(0x7f0000000480)=ANY=[@ANYRES8=r1, @ANYBLOB="ccb4f637cb49780d3290659067f6bcbceab1df825e424634bd95f2d69f873d3f06c9690723a29bbf645eb1f89325fbdddbd7c39a430761d0abb9ffea8690d47b5674bb127bf146fb2c42d3c7ac685b050cfb093b688022b50eb8f5ebd8feb96525dbc7f188f31420a2b07e6cab21d1450d4d6ca3cce596d8338468d87fbe778ea9a61a928c7e88d8eacc5ca5fd8afee03251366ff2836d5cc15faec4ea48305f2d9d940fe2b09902", @ANYRESOCT, @ANYRES8=r0, @ANYRESDEC=r0], 0x0, 0x400000, 0x0, 0x0, 0x40f00, 0xa, '\x00', 0x0, @fallback=0xb, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
capget(&(0x7f0000000600)={0x20080522}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
syz_open_dev$loop(&(0x7f0000000180), 0x3, 0x410000)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, 0x0, 0x40000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x0, 0x0, 0x0)
r5 = inotify_init1(0x0)
r6 = inotify_add_watch(r5, &(0x7f0000000200)='.\x00', 0x10000a0)
inotify_rm_watch(r5, r6)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
socket(0x2, 0x4, 0x0)
openat(0xffffffffffffff9c, 0x0, 0xa4c42, 0x108)

8.237527271s ago: executing program 5 (id=3454):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3e8, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH71p0k0/qj1EPFgQEyaNNYKIuYiInqyRw/G/Kilm0aSFWwIqCjeevPqQfHg3+BJwf9AEE+epRAkLehxZXZn4prspt1u1sHs5wNT3ps3y3sz333zmjfzNoC+NRkRn0TEcESsRsRovj/Jt3i1sWXH3d3dXsq2JGq1t/9I6uV3dreXoukzmdPZP2nEVBqRfh5xvkW9mze3ri9WKisbeX6muvbBzObNreevrS1eXbm6cmPu4ouz85fmLs2+cGTneuv85Zeenn/j11uvfbP0y5Xv3svaeyYvaz6PozKZXbW0ddmFo66sZGfKbgAPJPt6DkTEYL3/j8ZAPdUwGh+/U2rjAICeqNVqA/vyAMCxlxjzAaDPFH/339ndXiq2UiYiKMXOQkScaMS/eL7bKBncexI01MPne5MR8X76/US2RY+ewwIAAAD0sx8WIuJyq/m/NJ5qOu5sRDyUrw8Yi4jxiHg4Ih7psv7JffmD8z/p7S6r4BA7CxEvN63tuNsU/9zYQJ47W4/9ULJ6rbJyIf8+TMXQSJafPaSOP7euf9GurHn+L9uy+ou5wLwdtwdH/v2Z5cXqYjfnzD92Po14crBV/JO9+d8kIia6qOPH8bWv2pXdO/70Uu3riGdb9v9k75jk8PVZM/X7wUxxVzjorZ8+e7dd/eJfrqz/nzo8/mNJ83q9zc7rePzcbxvtyh70/j+cXKk3cDjf99FitboxGzGcvHlw/1znbT6uiutRXK8s/lPPtB7/iyBkF/TRiHgsi2VEPBER5zqo89vxv062K9P/y5XFf7mj/t954pWJ139uV//99f/5emOm8j3+/3dv9xugstsJAAAAAAAAwNFI62u7k3R6L52m09ON3/CeiFNpZX2z+tzq+oc3lhtrwMdiKC3e9Bpteh90Nn8vuMjP7ctfzN8Z/nLkZD0/vbReWS775AGgT51uM/5nfh8pu3UAQM+cKLsBAMB/zvgPAP3H+A8A/cf4DwD9x/gPAP3H+A8AfaWb3/WXkJA4romy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/b38HAAD//78JzGY=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xaf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f0000000a40)='./file0/file2\x00', 0x1000)

5.662030814s ago: executing program 5 (id=3496):
r0 = socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00'})
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0xfd, 0xe, 0xfd, 0x0, 0x4, 0x20621, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c094, 0x2, @perf_config_ext={0x9, 0x10000}, 0x0, 0x9, 0x7ffffd, 0x6, 0x2, 0x2, 0x3, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, r1, 0x1)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x11)
bpf$MAP_CREATE(0x0, &(0x7f0000001500)=ANY=[@ANYRES64], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x14}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'tunl0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x6, 0x0, 0x0, 0xffffff81, 0x20}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x40}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000f00)=ANY=[@ANYBLOB="b702000002000000bfa30000000000000703000000feffff7a0af0fff8bffffd79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000081007d60b7030000000000006a0a00fefdff0000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c3a1f59916ffc9bf0bd09279c362f80e5cf8df265e1b40e4c8ae7a89cf8bd819b5c0c000000008da68076774bb4db2c769937000090af27db5b56024dcbbbd2cb2000ce94284673b4e8d5467e357754508535766c801100000000b290a248a120c9c6e39f3052aae80677eeba68562eaeaea5fecf298ca20f274233106e2baf69b1c60f0ce4099f366b89ab63ecf772de7b265040b6b1acbef92b2704550a4d1dd5c50b7420b58a93fe94c756008afcd0b2eb785632e0a85f02a5a6474ae549070000000000001294fba0ed5020e6477cc921fee1f6d8ad6a80d0947cd6d4a561ced23b0b4a902be6af7ec2d1ba000057f301000000000000000000000000100000aaf253886c0b9f6d4731d714ad72e5ad8530a6380ed2d29f47f96a576cd20cef7ed95157ab050000f0077e9d13d8b93eb0f2c6f8941e35e1577c10e509c9b133c849eb709df5c6ba73cccdfa3c58bc5204339b0b487f0eeed581cb202900000d322717c338033213c18a34ee0ca2cf61efb4b3797a642735d6d482ba98d252f36c54333aab1aa736369392239820f5f1557b0bf7ccb0a5a13c714e0b1a5bc3f9caff3283076cda3d0b1a2905cf7bd04f2db530abcbe44bc40528ad807970727fb819afa14aad99f93093ced7dd51995edcf53b907228fa9e83433eedb4ac88d0285594ffb0d14e71d5c57f33702f22b22417bfb38d04c8441ceec8bcaffbe800aa41307bd8325a76f395bc9a8b0c9d905979f34adddb521914f92eed3d3e9de82942a952e86bd67aff5bc2e3c1fcc00f61124dd06df4b8fd356cb365adc037e443820c05c5db160087a9cf471e0eff227f25b2c5cacebfcd55f8c81f5eb1f8d615ca27efb2193bb61665b8ce37f30c2efc9c3b5a4a5d95479fac471ba60fbd0e50223517a07a3484124c5563cd3700000000001825b05a580ea8cb7f85b77b35a06a895b287b47efbe220bc215aca4a65d7018a7f91c4228b35f71a7c183360ab7a7b6b7870086d851ff861ee07bbec801b79afa477ebab255c7265820456fdc3f34f9d729315d856be7ec564613d5e28cf7c405d6e2b6aeb20000b8505a36a8067cb459fab87c8de118117733d30f4fe049658a2c3edd43546ead9c7882858868cff89a49a693731140db1b7b7116060c30690a39de8b3e0eb4f5401e8354870848c546f9defe1a9c534c9030830fec3eeb5faf1d64bb8e80000000f6ff0000000000000055d843352632b829ceb5200a2cdeb63c0bc7e835e061f9ac3c052b5b6f689bf203aeb8858be07691bc83e178181fab55e6ed9e8a17819de49564d0f0c00dd507441b80cd499c39c5d03d6c00cf5be5215bae09a4f52abf8f1c1add498470a0bb9d7ab757a8b28e4accc939b3621e4c2c9e02741c51eeeaad40cf2e1c3659d83ed71fc628807739d70edda93542445e3204828c49bef648efdc2208341357dd158f411d379df9b1feffbe7c7ee80558a040fa3d5a303f36d5c1a66d9644fc0559aa0e291355ee3de6c7a705b8f7b45bb825044b9a82a6fd2f6eeb14eee0c3f71eeea9984e14c57022ef72850b6dc5fda167d6f98f6c1c73feb424b7937e3c7ca0d2525efbdac50eb94797cf3747b83b56cfea8c74dd3f957dc462e715b789934b422b7ddf3e11a6ad6ad9afd5389c728d14"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3f, 0x10, &(0x7f0000000000), 0x2ff}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b90703600000f007049e0ff086dd", 0x0, 0x104, 0xa000000, 0x29, 0x0, &(0x7f0000000640)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999", 0x0}, 0x34)

2.462258353s ago: executing program 5 (id=3536):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1818e58, &(0x7f00000003c0), 0x2a, 0x63f, &(0x7f0000000d80)="$eJzs3c9rXFsdAPDvvZPkJWl86RMRX1AMuHgP5KVJfVh1Y1sXdlGwYBciLhqapIZOf5CkYGvBBFwoKIi4LdKN/4B76d6dCOrOtVBFKha0dB73zp1mMplfaTIzSe7nA5M599wzOeebOyf33HvnzA2gtOazH2nE+xGvbyQRs03rZqK+cr4o9+Lfj29mjyRqte/+K4mkyGuUT4rnM8XCZET86XLEpyv76918+Oj2crVW95OIc1t37p/bfPjoo/U7y7dWb63eXTr/tY8vLH596eOlpoa+vTPF85Wr3/n8L3/6w6+u/bn6URIX4/r4j1eiJY6jMh/z8boIsTl/LCIuZIk2f5eT5hSEUGqV4v04HhGfjdmo5Et1s7H+i5E2DhioWiWi1l3SqwBwUuneUFaNcUDj2L6/4+DrAx6VDM/zS/UDoP3xjxWnHCbzY6PpF0nTkVH93MbZI6g/q+PV48knrx7PPYk95yFevtk6Y0dQTyfbOxHxuXbxJ3nbzuaRZvGne47104hYjIiJon3fOkQbkqb0IM7DdHOQ+Ju3Qxb/xeI5y7/8lvW3ntYadvwAlNOzS8WOfDtb2t3/ZWOPxvgn2ox/Zg5/SSY36v1f5/FfY38/mY970pZxWDZmudb+V463Zvz951d+3an++vhv7knjkdXfGAsOw/OdiLmW+H+WBVuMf7L4kzbbPyty42J/dXz7L/+80mndqOOvPY34oO3xz+6oNEt1uT55bm29urpY/9m2jj/88Qe/61R/+/jfGUCk7WXbf7pD/E3bP219XfY3ud/+V+60Zvz+2tM7neqf6bn9039MJPXjzYki50c7W1sbSxETydWiSJG/vLW1cb57vPUyL2v581I9/g+/1L7/73n/t0Q11fiX2Yf737v9otO6t3n/N11Mfl3rsw2dZPGv9N7++/p/lverPuv47/cffKHTum7xTx0mMAAAAAAAACihNL8Gm6QLb9JpurBQny/7mZhOq/c2t768du/B3ZWID/PPQ46nkSb5R0Zm68vJ2np1dan4PGxj+XzL8lci4r2I+E1lKl9euHmvujLq4AEAAAAAAAAAAAAAAAAAAOCYOFPM/2/cp/o/lfr8f6Aket9gbt/9H4BTYpA3mASOt7z/d9vFvzu8tgDDZf8P5aX/Q3np/1Be+j+Ul/4P5aX/Q3np/1Be+j8AAAAAnErvffHZ35KI2P7GVP7ITBTrTPqF0238QKUrA2sHMHx6NJTXm0v/BvtQOn2N//9XfDng4JsDjEDSLjMfHNS6d/5nbV+5a+fwbQMAAAAAAAAAAAAA6j54v/P8/4PNDQZOGtP+oLwOMf/fVwfACeer/6G8HOMDPWbxx2SnFb3m/wMAAAAAAAAAAAAAR2YmfyTpQjEXeCbSdGEh4lMRcTbGk7X16upiRLwbEX+tjL+TLS+NutEAAAAAAAAAAAAAAAAAAABwymw+fHR7uVpd3WhO/H9fzulONO6C2rtwrY8yXRPfjAO+KpLh/1mmImLkG2VgibGmnCRiO9vyx6JhG5txPJqRJ0b8jwkAAAAAAAAAAAAAAAAAAEqoae5xe3O/HXKLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD4du//3yOxMl1/QV+F9yZGHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcDJ9EgAA//+YYDw3")

1.15624751s ago: executing program 5 (id=3555):
syz_io_uring_setup(0x10d, &(0x7f0000000900)={0x0, 0x5885}, &(0x7f0000000800), &(0x7f0000000280))
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')

793.968996ms ago: executing program 2 (id=3561):
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xaf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
sysinfo(&(0x7f0000000440)=""/231)

711.440339ms ago: executing program 2 (id=3562):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3e8, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH71p0k0/qj1EPFgQEyaNNYKIuYiInqyRw/G/Kilm0aSFWwIqCjeevPqQfHg3+BJwf9AEE+epRAkLehxZXZn4prspt1u1sHs5wNT3ps3y3sz333zmjfzNoC+NRkRn0TEcESsRsRovj/Jt3i1sWXH3d3dXsq2JGq1t/9I6uV3dreXoukzmdPZP2nEVBqRfh5xvkW9mze3ri9WKisbeX6muvbBzObNreevrS1eXbm6cmPu4ouz85fmLs2+cGTneuv85Zeenn/j11uvfbP0y5Xv3svaeyYvaz6PozKZXbW0ddmFo66sZGfKbgAPJPt6DkTEYL3/j8ZAPdUwGh+/U2rjAICeqNVqA/vyAMCxlxjzAaDPFH/339ndXiq2UiYiKMXOQkScaMS/eL7bKBncexI01MPne5MR8X76/US2RY+ewwIAAAD0sx8WIuJyq/m/NJ5qOu5sRDyUrw8Yi4jxiHg4Ih7psv7JffmD8z/p7S6r4BA7CxEvN63tuNsU/9zYQJ47W4/9ULJ6rbJyIf8+TMXQSJafPaSOP7euf9GurHn+L9uy+ou5wLwdtwdH/v2Z5cXqYjfnzD92Po14crBV/JO9+d8kIia6qOPH8bWv2pXdO/70Uu3riGdb9v9k75jk8PVZM/X7wUxxVzjorZ8+e7dd/eJfrqz/nzo8/mNJ83q9zc7rePzcbxvtyh70/j+cXKk3cDjf99FitboxGzGcvHlw/1znbT6uiutRXK8s/lPPtB7/iyBkF/TRiHgsi2VEPBER5zqo89vxv062K9P/y5XFf7mj/t954pWJ139uV//99f/5emOm8j3+/3dv9xugstsJAAAAAAAAwNFI62u7k3R6L52m09ON3/CeiFNpZX2z+tzq+oc3lhtrwMdiKC3e9Bpteh90Nn8vuMjP7ctfzN8Z/nLkZD0/vbReWS775AGgT51uM/5nfh8pu3UAQM+cKLsBAMB/zvgPAP3H+A8A/cf4DwD9x/gPAP3H+A8AfaWb3/WXkJA4romy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/b38HAAD//78JzGY=")
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xaf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f0000000a40)='./file0/file2\x00', 0x1000)

669.787241ms ago: executing program 2 (id=3565):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f00000002c0)={'ip6tnl0\x00', <r1=>0x0, 0x29, 0x8, 0x7, 0xfffff8ab, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, 0x20, 0x7800, 0x400, 0x5}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = socket(0x1e, 0x5, 0x0)
listen(r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x2}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, '\x00', r1, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r3}, 0x18)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

650.782892ms ago: executing program 3 (id=3566):
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x2201, 0x0)
write$binfmt_elf32(r0, 0x0, 0x69)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRESDEC], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
r4 = accept4$tipc(r0, &(0x7f0000000400)=@id, &(0x7f0000000440)=0x10, 0x800)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000480)={0x40, 0x0, 0x3}, 0x10)
ioctl$sock_inet_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f00000003c0)={'pim6reg0\x00', {0x2, 0x4e20, @local}})
sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYRES32=r3, @ANYRES16=r3, @ANYBLOB="0103feffffff0000000001"], 0x30}, 0x1, 0x0, 0x0, 0x20040000}, 0x850)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x5, &(0x7f0000001d00)={0x1, 0x3, 0x4, 0x8})
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r5, 0xc0505405, &(0x7f00000001c0)={{0x1, 0x2, 0x3, 0x1, 0x1ff}, 0x5, 0x9, 0x3ff})
socket$kcm(0x10, 0x3, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x20000044)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x41, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x400, 0x0, 0x8, 0x3fe, 0x7ffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$selinux_user(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522)
ioctl$USBDEVFS_BULK(0xffffffffffffffff, 0x5523, 0x0)

631.863073ms ago: executing program 2 (id=3567):
r0 = socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00'})
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0xfd, 0xe, 0xfd, 0x0, 0x4, 0x20621, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c094, 0x2, @perf_config_ext={0x9, 0x10000}, 0x0, 0x9, 0x7ffffd, 0x6, 0x2, 0x2, 0x3, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, r1, 0x1)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x11)
bpf$MAP_CREATE(0x0, &(0x7f0000001500)=ANY=[@ANYRES64], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x14}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'tunl0\x00'})
socket$netlink(0x10, 0x3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000f00)=ANY=[@ANYBLOB="b702000002000000bfa30000000000000703000000feffff7a0af0fff8bffffd79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000081007d60b7030000000000006a0a00fefdff0000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c3a1f59916ffc9bf0bd09279c362f80e5cf8df265e1b40e4c8ae7a89cf8bd819b5c0c000000008da68076774bb4db2c769937000090af27db5b56024dcbbbd2cb2000ce94284673b4e8d5467e357754508535766c801100000000b290a248a120c9c6e39f3052aae80677eeba68562eaeaea5fecf298ca20f274233106e2baf69b1c60f0ce4099f366b89ab63ecf772de7b265040b6b1acbef92b2704550a4d1dd5c50b7420b58a93fe94c756008afcd0b2eb785632e0a85f02a5a6474ae549070000000000001294fba0ed5020e6477cc921fee1f6d8ad6a80d0947cd6d4a561ced23b0b4a902be6af7ec2d1ba000057f301000000000000000000000000100000aaf253886c0b9f6d4731d714ad72e5ad8530a6380ed2d29f47f96a576cd20cef7ed95157ab050000f0077e9d13d8b93eb0f2c6f8941e35e1577c10e509c9b133c849eb709df5c6ba73cccdfa3c58bc5204339b0b487f0eeed581cb202900000d322717c338033213c18a34ee0ca2cf61efb4b3797a642735d6d482ba98d252f36c54333aab1aa736369392239820f5f1557b0bf7ccb0a5a13c714e0b1a5bc3f9caff3283076cda3d0b1a2905cf7bd04f2db530abcbe44bc40528ad807970727fb819afa14aad99f93093ced7dd51995edcf53b907228fa9e83433eedb4ac88d0285594ffb0d14e71d5c57f33702f22b22417bfb38d04c8441ceec8bcaffbe800aa41307bd8325a76f395bc9a8b0c9d905979f34adddb521914f92eed3d3e9de82942a952e86bd67aff5bc2e3c1fcc00f61124dd06df4b8fd356cb365adc037e443820c05c5db160087a9cf471e0eff227f25b2c5cacebfcd55f8c81f5eb1f8d615ca27efb2193bb61665b8ce37f30c2efc9c3b5a4a5d95479fac471ba60fbd0e50223517a07a3484124c5563cd3700000000001825b05a580ea8cb7f85b77b35a06a895b287b47efbe220bc215aca4a65d7018a7f91c4228b35f71a7c183360ab7a7b6b7870086d851ff861ee07bbec801b79afa477ebab255c7265820456fdc3f34f9d729315d856be7ec564613d5e28cf7c405d6e2b6aeb20000b8505a36a8067cb459fab87c8de118117733d30f4fe049658a2c3edd43546ead9c7882858868cff89a49a693731140db1b7b7116060c30690a39de8b3e0eb4f5401e8354870848c546f9defe1a9c534c9030830fec3eeb5faf1d64bb8e80000000f6ff0000000000000055d843352632b829ceb5200a2cdeb63c0bc7e835e061f9ac3c052b5b6f689bf203aeb8858be07691bc83e178181fab55e6ed9e8a17819de49564d0f0c00dd507441b80cd499c39c5d03d6c00cf5be5215bae09a4f52abf8f1c1add498470a0bb9d7ab757a8b28e4accc939b3621e4c2c9e02741c51eeeaad40cf2e1c3659d83ed71fc628807739d70edda93542445e3204828c49bef648efdc2208341357dd158f411d379df9b1feffbe7c7ee80558a040fa3d5a303f36d5c1a66d9644fc0559aa0e291355ee3de6c7a705b8f7b45bb825044b9a82a6fd2f6eeb14eee0c3f71eeea9984e14c57022ef72850b6dc5fda167d6f98f6c1c73feb424b7937e3c7ca0d2525efbdac50eb94797cf3747b83b56cfea8c74dd3f957dc462e715b789934b422b7ddf3e11a6ad6ad9afd5389c728d14"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3f, 0x10, &(0x7f0000000000), 0x2ff}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b90703600000f007049e0ff086dd", 0x0, 0x104, 0xa000000, 0x29, 0x0, &(0x7f0000000640)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999", 0x0}, 0x34)

583.038025ms ago: executing program 4 (id=3568):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f00000001c0), &(0x7f0000000280)=r1}, 0x20)
process_mrelease(0xffffffffffffffff, 0x0)

554.546976ms ago: executing program 3 (id=3569):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f00000002c0)={'ip6tnl0\x00', <r1=>0x0, 0x29, 0x8, 0x7, 0xfffff8ab, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, 0x20, 0x7800, 0x400, 0x5}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = socket(0x1e, 0x5, 0x0)
listen(r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x2}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, '\x00', r1, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r3}, 0x18)
r4 = socket(0x10, 0x3, 0x0)
getsockname$packet(r4, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r5, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112)

491.008159ms ago: executing program 4 (id=3571):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00"/11], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50)

490.632079ms ago: executing program 0 (id=3572):
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xaf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
sysinfo(&(0x7f0000000440)=""/231)

474.92021ms ago: executing program 2 (id=3573):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000040), 0x2}], 0x1, 0x0, 0x0, 0x0)
futex(&(0x7f0000000040), 0x1, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8)

450.387611ms ago: executing program 0 (id=3574):
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x28}, 0x1c)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x6, @private=0xa010102}, 0x2, 0x0, 0x1}}, 0x26)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

449.843421ms ago: executing program 3 (id=3575):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3e8, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH71p0k0/qj1EPFgQEyaNNYKIuYiInqyRw/G/Kilm0aSFWwIqCjeevPqQfHg3+BJwf9AEE+epRAkLehxZXZn4prspt1u1sHs5wNT3ps3y3sz333zmjfzNoC+NRkRn0TEcESsRsRovj/Jt3i1sWXH3d3dXsq2JGq1t/9I6uV3dreXoukzmdPZP2nEVBqRfh5xvkW9mze3ri9WKisbeX6muvbBzObNreevrS1eXbm6cmPu4ouz85fmLs2+cGTneuv85Zeenn/j11uvfbP0y5Xv3svaeyYvaz6PozKZXbW0ddmFo66sZGfKbgAPJPt6DkTEYL3/j8ZAPdUwGh+/U2rjAICeqNVqA/vyAMCxlxjzAaDPFH/339ndXiq2UiYiKMXOQkScaMS/eL7bKBncexI01MPne5MR8X76/US2RY+ewwIAAAD0sx8WIuJyq/m/NJ5qOu5sRDyUrw8Yi4jxiHg4Ih7psv7JffmD8z/p7S6r4BA7CxEvN63tuNsU/9zYQJ47W4/9ULJ6rbJyIf8+TMXQSJafPaSOP7euf9GurHn+L9uy+ou5wLwdtwdH/v2Z5cXqYjfnzD92Po14crBV/JO9+d8kIia6qOPH8bWv2pXdO/70Uu3riGdb9v9k75jk8PVZM/X7wUxxVzjorZ8+e7dd/eJfrqz/nzo8/mNJ83q9zc7rePzcbxvtyh70/j+cXKk3cDjf99FitboxGzGcvHlw/1znbT6uiutRXK8s/lPPtB7/iyBkF/TRiHgsi2VEPBER5zqo89vxv062K9P/y5XFf7mj/t954pWJ139uV//99f/5emOm8j3+/3dv9xugstsJAAAAAAAAwNFI62u7k3R6L52m09ON3/CeiFNpZX2z+tzq+oc3lhtrwMdiKC3e9Bpteh90Nn8vuMjP7ctfzN8Z/nLkZD0/vbReWS775AGgT51uM/5nfh8pu3UAQM+cKLsBAMB/zvgPAP3H+A8A/cf4DwD9x/gPAP3H+A8AfaWb3/WXkJA4romy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/b38HAAD//78JzGY=")
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xaf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f0000000a40)='./file0/file2\x00', 0x1000)

397.256523ms ago: executing program 4 (id=3576):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r2}, 0x18)
fsetxattr$security_selinux(r1, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

381.823944ms ago: executing program 4 (id=3577):
perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x40002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0, 0x1}, 0xc004, 0x10000, 0x0, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
select(0x0, 0x0, &(0x7f0000000440)={0x10001, 0x2, 0xe1, 0xa, 0x63, 0xff0, 0x8, 0x58af}, &(0x7f0000000580)={0xff, 0xc1, 0x7, 0x9, 0x6, 0x3, 0x9, 0xff}, &(0x7f00000005c0)={0x0, 0xea60})

349.338545ms ago: executing program 2 (id=3578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0)
read(r3, &(0x7f0000000240)=""/123, 0x7b)
clock_adjtime(0x0, &(0x7f0000000040)={0xd51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x201, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xe438, 0x0, 0x3})
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x3}, 0x800)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1a, 0x2000000000000057, &(0x7f0000000480)=ANY=[@ANYRES8=r1, @ANYBLOB="ccb4f637cb49780d3290659067f6bcbceab1df825e424634bd95f2d69f873d3f06c9690723a29bbf645eb1f89325fbdddbd7c39a430761d0abb9ffea8690d47b5674bb127bf146fb2c42d3c7ac685b050cfb093b688022b50eb8f5ebd8feb96525dbc7f188f31420a2b07e6cab21d1450d4d6ca3cce596d8338468d87fbe778ea9a61a928c7e88d8eacc5ca5fd8afee03251366ff2836d5cc15faec4ea48305f2d9d940fe2b09902", @ANYRESOCT, @ANYRES8=r0, @ANYRESDEC=r0], 0x0, 0x400000, 0x0, 0x0, 0x40f00, 0xa, '\x00', 0x0, @fallback=0xb, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
capget(&(0x7f0000000600)={0x20080522}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
syz_open_dev$loop(&(0x7f0000000180), 0x3, 0x410000)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, 0x0, 0x40000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x0, 0x0, 0x0)
r5 = inotify_init1(0x0)
r6 = inotify_add_watch(r5, &(0x7f0000000200)='.\x00', 0x10000a0)
inotify_rm_watch(r5, r6)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
socket(0x2, 0x4, 0x0)
openat(0xffffffffffffff9c, 0x0, 0xa4c42, 0x108)

322.156677ms ago: executing program 3 (id=3579):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1818e58, &(0x7f00000003c0), 0x2a, 0x63f, &(0x7f0000000d80)="$eJzs3c9rXFsdAPDvvZPkJWl86RMRX1AMuHgP5KVJfVh1Y1sXdlGwYBciLhqapIZOf5CkYGvBBFwoKIi4LdKN/4B76d6dCOrOtVBFKha0dB73zp1mMplfaTIzSe7nA5M599wzOeebOyf33HvnzA2gtOazH2nE+xGvbyQRs03rZqK+cr4o9+Lfj29mjyRqte/+K4mkyGuUT4rnM8XCZET86XLEpyv76918+Oj2crVW95OIc1t37p/bfPjoo/U7y7dWb63eXTr/tY8vLH596eOlpoa+vTPF85Wr3/n8L3/6w6+u/bn6URIX4/r4j1eiJY6jMh/z8boIsTl/LCIuZIk2f5eT5hSEUGqV4v04HhGfjdmo5Et1s7H+i5E2DhioWiWi1l3SqwBwUuneUFaNcUDj2L6/4+DrAx6VDM/zS/UDoP3xjxWnHCbzY6PpF0nTkVH93MbZI6g/q+PV48knrx7PPYk95yFevtk6Y0dQTyfbOxHxuXbxJ3nbzuaRZvGne47104hYjIiJon3fOkQbkqb0IM7DdHOQ+Ju3Qxb/xeI5y7/8lvW3ntYadvwAlNOzS8WOfDtb2t3/ZWOPxvgn2ox/Zg5/SSY36v1f5/FfY38/mY970pZxWDZmudb+V463Zvz951d+3an++vhv7knjkdXfGAsOw/OdiLmW+H+WBVuMf7L4kzbbPyty42J/dXz7L/+80mndqOOvPY34oO3xz+6oNEt1uT55bm29urpY/9m2jj/88Qe/61R/+/jfGUCk7WXbf7pD/E3bP219XfY3ud/+V+60Zvz+2tM7neqf6bn9039MJPXjzYki50c7W1sbSxETydWiSJG/vLW1cb57vPUyL2v581I9/g+/1L7/73n/t0Q11fiX2Yf737v9otO6t3n/N11Mfl3rsw2dZPGv9N7++/p/lverPuv47/cffKHTum7xTx0mMAAAAAAAACihNL8Gm6QLb9JpurBQny/7mZhOq/c2t768du/B3ZWID/PPQ46nkSb5R0Zm68vJ2np1dan4PGxj+XzL8lci4r2I+E1lKl9euHmvujLq4AEAAAAAAAAAAAAAAAAAAOCYOFPM/2/cp/o/lfr8f6Aket9gbt/9H4BTYpA3mASOt7z/d9vFvzu8tgDDZf8P5aX/Q3np/1Be+j+Ul/4P5aX/Q3np/1Be+j8AAAAAnErvffHZ35KI2P7GVP7ITBTrTPqF0238QKUrA2sHMHx6NJTXm0v/BvtQOn2N//9XfDng4JsDjEDSLjMfHNS6d/5nbV+5a+fwbQMAAAAAAAAAAAAA6j54v/P8/4PNDQZOGtP+oLwOMf/fVwfACeer/6G8HOMDPWbxx2SnFb3m/wMAAAAAAAAAAAAAR2YmfyTpQjEXeCbSdGEh4lMRcTbGk7X16upiRLwbEX+tjL+TLS+NutEAAAAAAAAAAAAAAAAAAABwymw+fHR7uVpd3WhO/H9fzulONO6C2rtwrY8yXRPfjAO+KpLh/1mmImLkG2VgibGmnCRiO9vyx6JhG5txPJqRJ0b8jwkAAAAAAAAAAAAAAAAAAEqoae5xe3O/HXKLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD4du//3yOxMl1/QV+F9yZGHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcDJ9EgAA//+YYDw3")

270.721079ms ago: executing program 0 (id=3580):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000008080000000a90000000030a03000000"], 0xb8}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
write$tun(r0, &(0x7f00000002c0)={@val={0x0, 0x6005}, @void, @eth={@multicast, @remote, @val={@void}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x26, 0x28, 0x68, 0x0, 0x9, 0x4, 0x0, @private=0xa010101, @multicast1}, "a93a88c19c640ec98e51b5683ee58e25bfcdb2ba"}}}}}, 0x3e)

219.228691ms ago: executing program 4 (id=3581):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r2}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f00000001c0), &(0x7f0000000280)=r1}, 0x20)
process_mrelease(0xffffffffffffffff, 0x0)

200.282382ms ago: executing program 4 (id=3582):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ff9}]})
r0 = shmat(0x0, &(0x7f0000caa000/0x3000)=nil, 0x7000)
mmap(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1000001, 0x20031, 0xffffffffffffffff, 0xec785000)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000c43000/0x3000)=nil)
shmdt(r0)
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_usb_connect(0x4, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x8000001f)
r3 = open(&(0x7f0000000280)='.\x00', 0x181000, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000100000000000100000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000000100000000009500000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='cachefiles_mark_active\x00', 0xffffffffffffffff, 0x0, 0x200000000004}, 0x18)
fcntl$notify(r3, 0x402, 0x8000003d)
close_range(r2, r3, 0x0)

186.196653ms ago: executing program 5 (id=3583):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f00000002c0)={@val={0x0, 0x6005}, @void, @eth={@multicast, @remote, @val={@void}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x26, 0x28, 0x68, 0x0, 0x9, 0x4, 0x0, @private=0xa010101, @multicast1}, "a93a88c19c640ec98e51b5683ee58e25bfcdb2ba"}}}}}, 0x3e)

183.709793ms ago: executing program 0 (id=3584):
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xaf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
sysinfo(&(0x7f0000000440)=""/231)

52.405518ms ago: executing program 0 (id=3585):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)

51.065788ms ago: executing program 3 (id=3586):
syz_io_uring_setup(0x10d, &(0x7f0000000900)={0x0, 0x5885}, &(0x7f0000000800), &(0x7f0000000280))
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')

612.5µs ago: executing program 3 (id=3587):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r2}, 0x18)
fsetxattr$security_selinux(r1, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

0s ago: executing program 0 (id=3588):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x2, 0x80805, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000040), 0x2}], 0x1, 0x0, 0x0, 0x0)
futex(&(0x7f0000000040), 0x1, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8)

kernel console output (not intermixed with test programs):

 bring it up to get a fully working HSR network
[  210.380816][T12174] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.391750][T12322] loop4: detected capacity change from 0 to 512
[  210.414810][T12322] EXT4-fs (loop4): inodes count not valid: 5 vs 32
[  210.510234][T12174] veth0_vlan: entered promiscuous mode
[  210.536061][T12174] veth1_vlan: entered promiscuous mode
[  210.568373][T12174] veth0_macvtap: entered promiscuous mode
[  210.576335][T12174] veth1_macvtap: entered promiscuous mode
[  210.595214][T12174] batman_adv: batadv0: Interface activated: batadv_slave_0
[  210.613289][T12174] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.619324][T12341] usb usb8: usbfs: process 12341 (syz.0.2824) did not claim interface 0 before use
[  210.633522][ T4482] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.654040][ T4482] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.672045][T12345] netlink: 'syz.0.2826': attribute type 3 has an invalid length.
[  210.691124][ T4482] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.709743][ T4482] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.755559][T12351] netlink: 'syz.3.2766': attribute type 11 has an invalid length.
[  210.794583][T12353] lo speed is unknown, defaulting to 1000
[  210.908188][T12359] FAULT_INJECTION: forcing a failure.
[  210.908188][T12359] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.922299][T12359] CPU: 1 UID: 0 PID: 12359 Comm: syz.0.2831 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  210.922371][T12359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  210.922382][T12359] Call Trace:
[  210.922387][T12359]  <TASK>
[  210.922394][T12359]  __dump_stack+0x1d/0x30
[  210.922420][T12359]  dump_stack_lvl+0xe8/0x140
[  210.922443][T12359]  dump_stack+0x15/0x1b
[  210.922478][T12359]  should_fail_ex+0x265/0x280
[  210.922517][T12359]  should_fail+0xb/0x20
[  210.922608][T12359]  should_fail_usercopy+0x1a/0x20
[  210.922627][T12359]  _copy_from_user+0x1c/0xb0
[  210.922716][T12359]  __sys_bpf+0x183/0x7c0
[  210.922741][T12359]  __x64_sys_bpf+0x41/0x50
[  210.922836][T12359]  x64_sys_call+0x2aee/0x3000
[  210.922861][T12359]  do_syscall_64+0xd2/0x200
[  210.922886][T12359]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  210.922925][T12359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.922986][T12359] RIP: 0033:0x7ffa19bbf749
[  210.923004][T12359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.923022][T12359] RSP: 002b:00007ffa18627038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  210.923042][T12359] RAX: ffffffffffffffda RBX: 00007ffa19e15fa0 RCX: 00007ffa19bbf749
[  210.923056][T12359] RDX: 0000000000000018 RSI: 0000200000000080 RDI: 0000000000000011
[  210.923068][T12359] RBP: 00007ffa18627090 R08: 0000000000000000 R09: 0000000000000000
[  210.923079][T12359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.923091][T12359] R13: 00007ffa19e16038 R14: 00007ffa19e15fa0 R15: 00007fffb68238a8
[  210.923110][T12359]  </TASK>
[  211.124432][   T29] kauditd_printk_skb: 190 callbacks suppressed
[  211.124484][   T29] audit: type=1326 audit(211.093:28780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12360 comm="syz.5.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  211.154298][   T29] audit: type=1326 audit(211.093:28781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12360 comm="syz.5.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  211.177574][   T29] audit: type=1326 audit(211.093:28782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12360 comm="syz.5.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  211.200866][   T29] audit: type=1326 audit(211.093:28783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12360 comm="syz.5.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  211.214080][T12355] loop3: detected capacity change from 0 to 512
[  211.224910][   T29] audit: type=1326 audit(211.093:28784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12360 comm="syz.5.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  211.254316][   T29] audit: type=1326 audit(211.093:28785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12360 comm="syz.5.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  211.258958][T12355] EXT4-fs: Ignoring removed bh option
[  211.277918][   T29] audit: type=1326 audit(211.093:28786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12360 comm="syz.5.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  211.277956][   T29] audit: type=1326 audit(211.093:28787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12360 comm="syz.5.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  211.330051][   T29] audit: type=1326 audit(211.093:28788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12360 comm="syz.5.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f558ab11667 code=0x7ffc0000
[  211.349345][T12355] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  211.353053][   T29] audit: type=1326 audit(211.093:28789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12360 comm="syz.5.2833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f558ab115dc code=0x7ffc0000
[  211.389409][T12355] EXT4-fs (loop3): 1 truncate cleaned up
[  211.395799][T12355] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.431234][T12371] lo speed is unknown, defaulting to 1000
[  211.449579][T12377] usb usb8: usbfs: process 12377 (syz.4.2835) did not claim interface 0 before use
[  211.470337][T12379] netlink: 'syz.0.2836': attribute type 3 has an invalid length.
[  211.514044][T12174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.531938][T12386] binfmt_misc: register: failed to install interpreter file ./file2
[  211.543897][T12386] macsec1: entered promiscuous mode
[  211.549372][T12386] bridge0: entered promiscuous mode
[  211.595359][T12386] bridge0: port 3(macsec1) entered blocking state
[  211.602073][T12386] bridge0: port 3(macsec1) entered disabled state
[  211.608782][T12386] macsec1: entered allmulticast mode
[  211.614276][T12386] bridge0: entered allmulticast mode
[  211.621010][T12386] macsec1: left allmulticast mode
[  211.626391][T12386] bridge0: left allmulticast mode
[  211.640724][T12386] bridge0: left promiscuous mode
[  211.665631][T12399] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub
[  211.708974][T12403] netlink: 'syz.3.2843': attribute type 1 has an invalid length.
[  211.722829][T12403] macvlan2: entered promiscuous mode
[  211.728331][T12403] macvlan2: entered allmulticast mode
[  212.212111][T12411] __nla_validate_parse: 3 callbacks suppressed
[  212.212129][T12411] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2846'.
[  212.270303][T12415] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2847'.
[  212.315165][T12419] usb usb8: usbfs: process 12419 (syz.5.2849) did not claim interface 0 before use
[  212.487027][T12428] loop0: detected capacity change from 0 to 1024
[  212.511370][T12428] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  212.550545][T12432] loop3: detected capacity change from 0 to 512
[  212.902763][T12431] lo speed is unknown, defaulting to 1000
[  212.911173][T12432] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.924032][T12428] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2853: Invalid block bitmap block 0 in block_group 0
[  212.946913][T12428] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.2853: Failed to acquire dquot type 0
[  212.959134][T12428] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.2853: Freeing blocks not in datazone - block = 0, count = 4096
[  212.972891][T12428] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.2853: Invalid inode bitmap blk 0 in block_group 0
[  212.986035][ T4509] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:40: Failed to release dquot type 0
[  212.988488][T12428] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  213.016777][T12428] EXT4-fs (loop0): 1 orphan inode deleted
[  213.030566][T12428] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.075647][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.090069][T12432] EXT4-fs (loop3): shut down requested (0)
[  213.112297][T12432] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  213.121782][T12432] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  213.121927][T12445] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2859'.
[  213.132574][T12432] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=14
[  213.159313][T12432] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  213.168531][T12432] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  213.180213][T12432] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  213.245319][T12432] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=14
[  213.246146][T12455] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2862'.
[  213.302412][T12174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.696094][T12494] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2878'.
[  213.710577][T12496] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2879'.
[  213.730715][T12498] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2877'.
[  213.833329][T12504] loop0: detected capacity change from 0 to 512
[  213.880256][T12504] EXT4-fs (loop0): too many log groups per flexible block group
[  213.895845][T12508] FAULT_INJECTION: forcing a failure.
[  213.895845][T12508] name failslab, interval 1, probability 0, space 0, times 0
[  213.908613][T12508] CPU: 0 UID: 0 PID: 12508 Comm: syz.2.2882 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  213.908646][T12508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  213.908661][T12508] Call Trace:
[  213.908669][T12508]  <TASK>
[  213.908679][T12508]  __dump_stack+0x1d/0x30
[  213.908705][T12508]  dump_stack_lvl+0xe8/0x140
[  213.908791][T12508]  dump_stack+0x15/0x1b
[  213.908812][T12508]  should_fail_ex+0x265/0x280
[  213.908847][T12508]  should_failslab+0x8c/0xb0
[  213.908873][T12508]  kmem_cache_alloc_noprof+0x50/0x480
[  213.908922][T12508]  ? skb_clone+0x151/0x1f0
[  213.908948][T12508]  skb_clone+0x151/0x1f0
[  213.908970][T12508]  dev_queue_xmit_nit+0x146/0x680
[  213.909008][T12508]  dev_hard_start_xmit+0xd3/0x3e0
[  213.909102][T12508]  ? validate_xmit_skb+0x7c1/0x980
[  213.909167][T12508]  __dev_queue_xmit+0x10f9/0x2000
[  213.909187][T12508]  ? __dev_queue_xmit+0x182/0x2000
[  213.909215][T12508]  __netlink_deliver_tap+0x3c3/0x500
[  213.909243][T12508]  netlink_unicast+0x66b/0x690
[  213.909400][T12508]  netlink_sendmsg+0x58b/0x6b0
[  213.909424][T12508]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.909444][T12508]  __sock_sendmsg+0x145/0x180
[  213.909467][T12508]  ____sys_sendmsg+0x31e/0x4e0
[  213.909499][T12508]  ___sys_sendmsg+0x17b/0x1d0
[  213.909615][T12508]  __x64_sys_sendmsg+0xd4/0x160
[  213.909638][T12508]  x64_sys_call+0x191e/0x3000
[  213.909658][T12508]  do_syscall_64+0xd2/0x200
[  213.909704][T12508]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  213.909736][T12508]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  213.909765][T12508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.909786][T12508] RIP: 0033:0x7f7b39e8f749
[  213.909847][T12508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.909867][T12508] RSP: 002b:00007f7b388ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.909891][T12508] RAX: ffffffffffffffda RBX: 00007f7b3a0e5fa0 RCX: 00007f7b39e8f749
[  213.909939][T12508] RDX: 0000000000040006 RSI: 0000200000000700 RDI: 0000000000000006
[  213.909952][T12508] RBP: 00007f7b388ef090 R08: 0000000000000000 R09: 0000000000000000
[  213.909987][T12508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.910000][T12508] R13: 00007f7b3a0e6038 R14: 00007f7b3a0e5fa0 R15: 00007ffe6e2278f8
[  213.910083][T12508]  </TASK>
[  214.158986][T12504] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  214.204015][T12504] EXT4-fs (loop0): mount failed
[  214.297381][T12526] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2889'.
[  214.351057][T12528] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2890'.
[  214.435916][T12532] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2891'.
[  214.473967][T12533] loop5: detected capacity change from 0 to 512
[  214.491201][T12533] EXT4-fs: Ignoring removed nobh option
[  214.506163][T12533] EXT4-fs: old and new quota format mixing
[  214.722346][T12555] FAULT_INJECTION: forcing a failure.
[  214.722346][T12555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.735635][T12555] CPU: 0 UID: 0 PID: 12555 Comm: syz.0.2899 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  214.735668][T12555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  214.735683][T12555] Call Trace:
[  214.735690][T12555]  <TASK>
[  214.735696][T12555]  __dump_stack+0x1d/0x30
[  214.735798][T12555]  dump_stack_lvl+0xe8/0x140
[  214.735823][T12555]  dump_stack+0x15/0x1b
[  214.735845][T12555]  should_fail_ex+0x265/0x280
[  214.735879][T12555]  should_fail+0xb/0x20
[  214.735973][T12555]  should_fail_usercopy+0x1a/0x20
[  214.735992][T12555]  _copy_from_user+0x1c/0xb0
[  214.736078][T12555]  __sys_bpf+0x183/0x7c0
[  214.736107][T12555]  __x64_sys_bpf+0x41/0x50
[  214.736148][T12555]  x64_sys_call+0x2aee/0x3000
[  214.736173][T12555]  do_syscall_64+0xd2/0x200
[  214.736217][T12555]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  214.736250][T12555]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  214.736287][T12555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.736311][T12555] RIP: 0033:0x7ffa19bbf749
[  214.736400][T12555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.736420][T12555] RSP: 002b:00007ffa18627038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  214.736443][T12555] RAX: ffffffffffffffda RBX: 00007ffa19e15fa0 RCX: 00007ffa19bbf749
[  214.736457][T12555] RDX: 0000000000000050 RSI: 00002000000008c0 RDI: 0000000000000000
[  214.736472][T12555] RBP: 00007ffa18627090 R08: 0000000000000000 R09: 0000000000000000
[  214.736485][T12555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.736498][T12555] R13: 00007ffa19e16038 R14: 00007ffa19e15fa0 R15: 00007fffb68238a8
[  214.736519][T12555]  </TASK>
[  214.744750][T12557] loop4: detected capacity change from 0 to 512
[  215.044443][T12557] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  215.077793][T12569] lo speed is unknown, defaulting to 1000
[  215.121826][T12573] loop0: detected capacity change from 0 to 1024
[  215.132323][T12571] loop5: detected capacity change from 0 to 1024
[  215.147672][T12571] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  215.160054][T12573] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  215.174263][T12571] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2909: Invalid block bitmap block 0 in block_group 0
[  215.198811][T12571] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.2909: Failed to acquire dquot type 0
[  215.200931][T12573] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.2910: Invalid block bitmap block 0 in block_group 0
[  215.258554][T12571] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.2909: Freeing blocks not in datazone - block = 0, count = 4096
[  215.308492][T12571] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.2909: Invalid inode bitmap blk 0 in block_group 0
[  215.338529][ T4482] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:15: Failed to release dquot type 0
[  215.379029][T12573] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.2910: Failed to acquire dquot type 0
[  215.422056][T12571] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  215.449270][T12571] EXT4-fs (loop5): 1 orphan inode deleted
[  215.456598][T12571] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.458740][T12573] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.2910: Freeing blocks not in datazone - block = 0, count = 4096
[  215.520812][ T5171] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.571716][T12573] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.2910: Invalid inode bitmap blk 0 in block_group 0
[  215.601346][T12597] netem: change failed
[  215.607814][ T4535] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:63: Failed to release dquot type 0
[  215.618232][T12599] loop4: detected capacity change from 0 to 1764
[  215.667982][T12573] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  215.698876][T12573] EXT4-fs (loop0): 1 orphan inode deleted
[  215.700399][T12607] netem: change failed
[  215.705138][T12573] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.854754][T12619] loop3: detected capacity change from 0 to 512
[  215.943553][T12624] FAULT_INJECTION: forcing a failure.
[  215.943553][T12624] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.956741][T12624] CPU: 0 UID: 0 PID: 12624 Comm: syz.5.2928 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  215.956802][T12624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  215.956815][T12624] Call Trace:
[  215.956822][T12624]  <TASK>
[  215.956830][T12624]  __dump_stack+0x1d/0x30
[  215.956855][T12624]  dump_stack_lvl+0xe8/0x140
[  215.956886][T12624]  dump_stack+0x15/0x1b
[  215.956902][T12624]  should_fail_ex+0x265/0x280
[  215.956939][T12624]  should_fail+0xb/0x20
[  215.956983][T12624]  should_fail_usercopy+0x1a/0x20
[  215.957002][T12624]  _copy_from_user+0x1c/0xb0
[  215.957033][T12624]  vmemdup_user+0x5e/0xd0
[  215.957079][T12624]  path_setxattrat+0x1b6/0x310
[  215.957185][T12624]  __x64_sys_fsetxattr+0x6b/0x80
[  215.957218][T12624]  x64_sys_call+0x1ced/0x3000
[  215.957238][T12624]  do_syscall_64+0xd2/0x200
[  215.957258][T12624]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  215.957314][T12624]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  215.957349][T12624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.957418][T12624] RIP: 0033:0x7f558ab0f749
[  215.957481][T12624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.957502][T12624] RSP: 002b:00007f558956f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  215.957526][T12624] RAX: ffffffffffffffda RBX: 00007f558ad65fa0 RCX: 00007f558ab0f749
[  215.957599][T12624] RDX: 0000200000000200 RSI: 0000200000000040 RDI: 0000000000000003
[  215.957612][T12624] RBP: 00007f558956f090 R08: 0000000000000002 R09: 0000000000000000
[  215.957626][T12624] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[  215.957682][T12624] R13: 00007f558ad66038 R14: 00007f558ad65fa0 R15: 00007ffc07d89eb8
[  215.957743][T12624]  </TASK>
[  216.149132][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.198353][   T29] kauditd_printk_skb: 485 callbacks suppressed
[  216.198372][   T29] audit: type=1326 audit(216.163:29266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.0.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19bbf749 code=0x7ffc0000
[  216.325128][   T29] audit: type=1326 audit(216.203:29267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.0.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa19bbf749 code=0x7ffc0000
[  216.348502][   T29] audit: type=1326 audit(216.203:29268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.0.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19bbf749 code=0x7ffc0000
[  216.371869][   T29] audit: type=1326 audit(216.203:29269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.0.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa19bbf749 code=0x7ffc0000
[  216.395235][   T29] audit: type=1326 audit(216.203:29270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.0.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19bbf749 code=0x7ffc0000
[  216.418400][   T29] audit: type=1326 audit(216.203:29271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.0.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa19bbf749 code=0x7ffc0000
[  216.441771][   T29] audit: type=1326 audit(216.203:29272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.0.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19bbf749 code=0x7ffc0000
[  216.465008][   T29] audit: type=1326 audit(216.203:29273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.0.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7ffa19bbf749 code=0x7ffc0000
[  216.472571][T12619] EXT4-fs (loop3): too many log groups per flexible block group
[  216.488068][   T29] audit: type=1326 audit(216.273:29274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.0.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19bbf749 code=0x7ffc0000
[  216.488148][   T29] audit: type=1326 audit(216.273:29275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12627 comm="syz.0.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19bbf749 code=0x7ffc0000
[  216.543985][T12619] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  216.551109][T12619] EXT4-fs (loop3): mount failed
[  216.846353][T12660] macvtap0: refused to change device tx_queue_len
[  216.858509][T12660] loop4: detected capacity change from 0 to 512
[  216.866335][T12660] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  216.886306][T12660] EXT4-fs error (device loop4): xattr_find_entry:337: inode #15: comm syz.4.2941: corrupted xattr entries
[  217.075281][T12669] lo speed is unknown, defaulting to 1000
[  217.083451][T12660] EXT4-fs (loop4): Remounting filesystem read-only
[  217.096325][T12660] EXT4-fs (loop4): 1 truncate cleaned up
[  217.107923][T12660] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.253657][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.281072][T12682] SELinux:  Context system_u:object_r:udev_var_run_t:s0 is not valid (left unmapped).
[  217.331423][T12682] __nla_validate_parse: 9 callbacks suppressed
[  217.331454][T12682] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2946'.
[  217.335645][T12684] usb usb8: usbfs: process 12684 (syz.4.2949) did not claim interface 0 before use
[  217.397822][T12688] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2951'.
[  217.456750][T12692] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2953'.
[  217.456846][T12690] loop3: detected capacity change from 0 to 512
[  217.478747][T12692] netlink: 312 bytes leftover after parsing attributes in process `syz.4.2953'.
[  217.487823][T12692] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2953'.
[  217.508644][T12694] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2955'.
[  217.525100][T12692] loop4: detected capacity change from 0 to 1024
[  217.532821][T12692] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  217.545229][T12692] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  217.553698][T12692] EXT4-fs (loop4): orphan cleanup on readonly fs
[  217.564786][T12692] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #3: block 3: comm syz.4.2953: lblock 3 mapped to illegal pblock 3 (length 1)
[  217.581007][T12690] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.604114][T12700] FAULT_INJECTION: forcing a failure.
[  217.604114][T12700] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.617324][T12700] CPU: 0 UID: 0 PID: 12700 Comm: syz.0.2956 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  217.617358][T12700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  217.617369][T12700] Call Trace:
[  217.617375][T12700]  <TASK>
[  217.617383][T12700]  __dump_stack+0x1d/0x30
[  217.617405][T12700]  dump_stack_lvl+0xe8/0x140
[  217.617424][T12700]  dump_stack+0x15/0x1b
[  217.617481][T12700]  should_fail_ex+0x265/0x280
[  217.617515][T12700]  should_fail+0xb/0x20
[  217.617535][T12700]  should_fail_usercopy+0x1a/0x20
[  217.617603][T12700]  _copy_from_user+0x1c/0xb0
[  217.617627][T12700]  ___sys_sendmsg+0xc1/0x1d0
[  217.617659][T12700]  __x64_sys_sendmsg+0xd4/0x160
[  217.617684][T12700]  x64_sys_call+0x191e/0x3000
[  217.617710][T12700]  do_syscall_64+0xd2/0x200
[  217.617786][T12700]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  217.617819][T12700]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  217.617911][T12700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.617933][T12700] RIP: 0033:0x7ffa19bbf749
[  217.617982][T12700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.618000][T12700] RSP: 002b:00007ffa18627038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.618026][T12700] RAX: ffffffffffffffda RBX: 00007ffa19e15fa0 RCX: 00007ffa19bbf749
[  217.618038][T12700] RDX: 0000000000000040 RSI: 0000200000000600 RDI: 0000000000000007
[  217.618052][T12700] RBP: 00007ffa18627090 R08: 0000000000000000 R09: 0000000000000000
[  217.618067][T12700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.618081][T12700] R13: 00007ffa19e16038 R14: 00007ffa19e15fa0 R15: 00007fffb68238a8
[  217.618104][T12700]  </TASK>
[  217.909607][T12703] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2957'.
[  217.920629][T12174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.930034][T12692] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2953: Failed to acquire dquot type 0
[  217.953518][T12692] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 3: comm syz.4.2953: lblock 3 mapped to illegal pblock 3 (length 1)
[  217.990448][T12692] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2953: Failed to acquire dquot type 0
[  218.009835][T12692] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.2953: Freeing blocks not in datazone - block = 0, count = 4096
[  218.039058][T12692] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 3: comm syz.4.2953: lblock 3 mapped to illegal pblock 3 (length 1)
[  218.056942][T12711] FAULT_INJECTION: forcing a failure.
[  218.056942][T12711] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.070255][T12711] CPU: 0 UID: 0 PID: 12711 Comm: syz.2.2962 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  218.070334][T12711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  218.070345][T12711] Call Trace:
[  218.070352][T12711]  <TASK>
[  218.070360][T12711]  __dump_stack+0x1d/0x30
[  218.070384][T12711]  dump_stack_lvl+0xe8/0x140
[  218.070454][T12711]  dump_stack+0x15/0x1b
[  218.070475][T12711]  should_fail_ex+0x265/0x280
[  218.070507][T12711]  should_fail+0xb/0x20
[  218.070585][T12711]  should_fail_usercopy+0x1a/0x20
[  218.070604][T12711]  _copy_from_user+0x1c/0xb0
[  218.070644][T12711]  map_update_elem+0x3a8/0x520
[  218.070670][T12711]  __sys_bpf+0x57b/0x7c0
[  218.070718][T12711]  __x64_sys_bpf+0x41/0x50
[  218.070761][T12711]  x64_sys_call+0x2aee/0x3000
[  218.070823][T12711]  do_syscall_64+0xd2/0x200
[  218.070883][T12711]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  218.070912][T12711]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  218.070950][T12711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.071054][T12711] RIP: 0033:0x7f7b39e8f749
[  218.071070][T12711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.071172][T12711] RSP: 002b:00007f7b388ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  218.071197][T12711] RAX: ffffffffffffffda RBX: 00007f7b3a0e5fa0 RCX: 00007f7b39e8f749
[  218.071213][T12711] RDX: 0000000000000020 RSI: 0000200000000000 RDI: 0000000000000002
[  218.071307][T12711] RBP: 00007f7b388ef090 R08: 0000000000000000 R09: 0000000000000000
[  218.071322][T12711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.071335][T12711] R13: 00007f7b3a0e6038 R14: 00007f7b3a0e5fa0 R15: 00007ffe6e2278f8
[  218.071431][T12711]  </TASK>
[  218.289792][T12692] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2953: Failed to acquire dquot type 0
[  218.308799][T12692] EXT4-fs (loop4): 1 orphan inode deleted
[  218.329234][T12692] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  218.342687][T12717] usb usb8: usbfs: process 12717 (syz.5.2963) did not claim interface 0 before use
[  218.361801][T12723] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2964'.
[  218.385478][T12692] EXT4-fs (loop4): shut down requested (1)
[  218.399760][T12725] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2965'.
[  218.445607][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.518320][T12735] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2967'.
[  218.523070][T12718] lo speed is unknown, defaulting to 1000
[  218.716039][T12718] chnl_net:caif_netlink_parms(): no params data found
[  218.783098][T12718] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.790241][T12718] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.797477][T12718] bridge_slave_0: entered allmulticast mode
[  218.804497][T12718] bridge_slave_0: entered promiscuous mode
[  218.813601][T12718] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.820869][T12718] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.828866][T12718] bridge_slave_1: entered allmulticast mode
[  218.835423][T12718] bridge_slave_1: entered promiscuous mode
[  218.865423][T12718] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  219.010402][T12769] loop4: detected capacity change from 0 to 512
[  219.048948][T12718] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  219.121365][T12718] team0: Port device team_slave_0 added
[  219.159020][T12718] team0: Port device team_slave_1 added
[  219.188436][T12769] EXT4-fs (loop4): too many log groups per flexible block group
[  219.238607][T12718] batman_adv: batadv0: Adding interface: batadv_slave_0
[  219.245712][T12718] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  219.272089][T12718] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  219.310033][T12769] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  219.358427][T12769] EXT4-fs (loop4): mount failed
[  219.383684][T12718] batman_adv: batadv0: Adding interface: batadv_slave_1
[  219.390868][T12718] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  219.416991][T12718] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  219.479014][T12718] hsr_slave_0: entered promiscuous mode
[  219.499384][T12718] hsr_slave_1: entered promiscuous mode
[  219.759029][T12718] debugfs: 'hsr0' already exists in 'hsr'
[  219.764820][T12718] Cannot create hsr debugfs directory
[  219.800871][T12773] lo speed is unknown, defaulting to 1000
[  219.878435][T12763] netlink: 'syz.5.2979': attribute type 12 has an invalid length.
[  220.116598][T12718] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.190380][T12718] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.260820][T12718] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.340264][T12718] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.399905][T12806] usb usb8: usbfs: process 12806 (syz.5.2995) did not claim interface 0 before use
[  220.423341][T12804] lo speed is unknown, defaulting to 1000
[  220.450591][T12808] vhci_hcd: default hub control req: 230c v0011 i0006 l0
[  220.515132][T12718] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  220.544651][T12718] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  220.558467][T12718] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  220.571321][T12718] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  220.609648][T12814] sctp: [Deprecated]: syz.2.2999 (pid 12814) Use of struct sctp_assoc_value in delayed_ack socket option.
[  220.609648][T12814] Use struct sctp_sack_info instead
[  220.633621][T12816] sctp: [Deprecated]: syz.3.3000 (pid 12816) Use of struct sctp_assoc_value in delayed_ack socket option.
[  220.633621][T12816] Use struct sctp_sack_info instead
[  220.718442][T12718] 8021q: adding VLAN 0 to HW filter on device bond0
[  220.734056][T12718] 8021q: adding VLAN 0 to HW filter on device team0
[  220.761074][ T4485] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.768199][ T4485] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.808488][ T4509] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.815639][ T4509] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.978705][T12843] usb usb8: usbfs: process 12843 (syz.2.3005) did not claim interface 0 before use
[  221.071858][T12718] 8021q: adding VLAN 0 to HW filter on device batadv0
[  221.209017][T12718] veth0_vlan: entered promiscuous mode
[  221.217941][T12718] veth1_vlan: entered promiscuous mode
[  221.243202][T12718] veth0_macvtap: entered promiscuous mode
[  221.276059][T12718] veth1_macvtap: entered promiscuous mode
[  221.303271][T12718] batman_adv: batadv0: Interface activated: batadv_slave_0
[  221.326743][T12718] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.338934][ T4482] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.349590][ T4482] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.382373][ T4482] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.398261][ T4482] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.439685][T12875] usb usb8: usbfs: process 12875 (syz.2.3015) did not claim interface 0 before use
[  221.548362][T12885] FAULT_INJECTION: forcing a failure.
[  221.548362][T12885] name failslab, interval 1, probability 0, space 0, times 0
[  221.561291][T12885] CPU: 0 UID: 0 PID: 12885 Comm: syz.2.3018 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  221.561322][T12885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  221.561333][T12885] Call Trace:
[  221.561339][T12885]  <TASK>
[  221.561346][T12885]  __dump_stack+0x1d/0x30
[  221.561370][T12885]  dump_stack_lvl+0xe8/0x140
[  221.561393][T12885]  dump_stack+0x15/0x1b
[  221.561412][T12885]  should_fail_ex+0x265/0x280
[  221.561450][T12885]  should_failslab+0x8c/0xb0
[  221.561476][T12885]  kmem_cache_alloc_noprof+0x50/0x480
[  221.561502][T12885]  ? mas_alloc_nodes+0x1a2/0x210
[  221.561541][T12885]  mas_alloc_nodes+0x1a2/0x210
[  221.561563][T12885]  mas_preallocate+0x2ca/0x510
[  221.561591][T12885]  vma_link+0x8b/0x220
[  221.561621][T12885]  insert_vm_struct+0x113/0x1a0
[  221.561651][T12885]  create_init_stack_vma+0x1a9/0x390
[  221.561683][T12885]  alloc_bprm+0x2b9/0x350
[  221.561705][T12885]  do_execveat_common+0x12e/0x750
[  221.561729][T12885]  ? getname_flags+0x154/0x3b0
[  221.561757][T12885]  __x64_sys_execveat+0x73/0x90
[  221.561783][T12885]  x64_sys_call+0x1fec/0x3000
[  221.561804][T12885]  do_syscall_64+0xd2/0x200
[  221.561822][T12885]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  221.561854][T12885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.561876][T12885] RIP: 0033:0x7f7b39e8f749
[  221.561891][T12885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.561908][T12885] RSP: 002b:00007f7b388ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  221.561927][T12885] RAX: ffffffffffffffda RBX: 00007f7b3a0e5fa0 RCX: 00007f7b39e8f749
[  221.561941][T12885] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[  221.561956][T12885] RBP: 00007f7b388ef090 R08: 0000000000001000 R09: 0000000000000000
[  221.561970][T12885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  221.561983][T12885] R13: 00007f7b3a0e6038 R14: 00007f7b3a0e5fa0 R15: 00007ffe6e2278f8
[  221.562005][T12885]  </TASK>
[  221.680259][T12889] loop3: detected capacity change from 0 to 1024
[  221.778789][T12889] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  221.799424][T12889] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3019: Invalid block bitmap block 0 in block_group 0
[  221.813203][T12889] __quota_error: 292 callbacks suppressed
[  221.813234][T12889] Quota error (device loop3): write_blk: dquota write failed
[  221.826637][T12889] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  221.837794][T12889] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3019: Failed to acquire dquot type 0
[  221.849951][T12889] EXT4-fs error (device loop3): ext4_free_blocks:6706: comm syz.3.3019: Freeing blocks not in datazone - block = 0, count = 4096
[  221.864836][T12889] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.3019: Invalid inode bitmap blk 0 in block_group 0
[  221.877878][ T4482] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-7
[  221.887010][ T4482] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:15: Failed to release dquot type 0
[  221.888608][T12889] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  221.925889][T12889] EXT4-fs (loop3): 1 orphan inode deleted
[  221.938957][T12889] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.986712][T12907] loop0: detected capacity change from 0 to 512
[  222.030992][T12174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.040308][T12907] EXT4-fs (loop0): too many log groups per flexible block group
[  222.060366][T12907] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  222.078204][T12907] EXT4-fs (loop0): mount failed
[  222.097148][T12915] usb usb8: usbfs: process 12915 (syz.3.3027) did not claim interface 0 before use
[  222.251086][   T29] audit: type=1400 audit(222.223:29561): avc:  denied  { write } for  pid=12930 comm="syz.0.3036" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  222.325914][T12942] usb usb8: usbfs: process 12942 (syz.3.3039) did not claim interface 0 before use
[  222.377656][T12948] loop3: detected capacity change from 0 to 512
[  222.387712][T12948] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.400143][   T29] audit: type=1400 audit(222.363:29562): avc:  denied  { compute_member } for  pid=12949 comm="syz.5.3042" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  222.420431][   T29] audit: type=1326 audit(222.363:29563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12949 comm="syz.5.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  222.428422][T12934] lo speed is unknown, defaulting to 1000
[  222.443584][   T29] audit: type=1326 audit(222.363:29564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12949 comm="syz.5.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  222.472706][   T29] audit: type=1326 audit(222.363:29565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12949 comm="syz.5.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  222.495819][   T29] audit: type=1326 audit(222.363:29566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12949 comm="syz.5.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  222.519197][   T29] audit: type=1326 audit(222.363:29567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12949 comm="syz.5.3042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f558ab0f749 code=0x7ffc0000
[  222.562296][T12174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.605425][T12951] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  222.616620][ T4485] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.635609][T12934] chnl_net:caif_netlink_parms(): no params data found
[  222.696835][ T4485] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.708156][T12934] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.715318][T12934] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.723670][T12934] bridge_slave_0: entered allmulticast mode
[  222.730710][T12934] bridge_slave_0: entered promiscuous mode
[  222.740125][T12934] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.747310][T12934] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.755322][T12934] bridge_slave_1: entered allmulticast mode
[  222.763177][T12934] bridge_slave_1: entered promiscuous mode
[  222.772040][T12975] loop0: detected capacity change from 0 to 512
[  222.785694][T12934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  222.797001][ T4485] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.799440][T12975] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.821230][T12934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  222.844539][T12934] team0: Port device team_slave_0 added
[  222.852210][ T4485] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.872232][T12934] team0: Port device team_slave_1 added
[  222.904076][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.904652][T12934] batman_adv: batadv0: Adding interface: batadv_slave_0
[  222.920284][T12934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  222.946497][T12934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  222.961357][T12934] batman_adv: batadv0: Adding interface: batadv_slave_1
[  222.968492][T12934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  222.994835][T12934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  223.027011][T12934] hsr_slave_0: entered promiscuous mode
[  223.034010][T12934] hsr_slave_1: entered promiscuous mode
[  223.040238][T12934] debugfs: 'hsr0' already exists in 'hsr'
[  223.041226][T12985] __nla_validate_parse: 11 callbacks suppressed
[  223.041242][T12985] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3052'.
[  223.045995][T12934] Cannot create hsr debugfs directory
[  223.075592][ T4485] bridge_slave_1: left allmulticast mode
[  223.081359][ T4485] bridge_slave_1: left promiscuous mode
[  223.087083][ T4485] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.094920][ T4485] bridge_slave_0: left promiscuous mode
[  223.100854][ T4485] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.133732][ T4485] bond5 (unregistering): (slave ip6gretap1): Releasing backup interface
[  223.216503][T12989] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3053'.
[  223.241028][ T4485] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  223.251937][ T4485] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  223.261871][ T4485] bond0 (unregistering): Released all slaves
[  223.270522][ T4485] bond1 (unregistering): Released all slaves
[  223.281325][ T4485] bond2 (unregistering): Released all slaves
[  223.290149][ T4485] bond3 (unregistering): Released all slaves
[  223.299828][ T4485] bond4 (unregistering): Released all slaves
[  223.309854][ T4485] bond5 (unregistering): Released all slaves
[  223.361175][ T4485] tipc: Disabling bearer <udp:s>
[  223.366289][ T4485] tipc: Disabling bearer <udp:syz2>
[  223.371694][ T4485] tipc: Left network mode
[  223.382099][ T4485] hsr_slave_0: left promiscuous mode
[  223.387682][ T4485] hsr_slave_1: left promiscuous mode
[  223.394206][ T4485] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  223.401723][ T4485] batman_adv: batadv0: Removing interface: batadv_slave_0
[  223.417611][ T4485] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  223.425245][ T4485] batman_adv: batadv0: Removing interface: batadv_slave_1
[  223.446185][T12996] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3055'.
[  223.468416][ T4485] veth1_macvtap: left promiscuous mode
[  223.475602][ T4485] veth0_macvtap: left promiscuous mode
[  223.481452][ T4485] veth1_vlan: left promiscuous mode
[  223.486867][ T4485] veth0_vlan: left promiscuous mode
[  223.556420][T13007] loop0: detected capacity change from 0 to 1024
[  223.566896][T13007] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  223.582419][T13007] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.3059: Invalid block bitmap block 0 in block_group 0
[  223.596358][T13007] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3059: Failed to acquire dquot type 0
[  223.610323][T13007] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.3059: Freeing blocks not in datazone - block = 0, count = 4096
[  223.641848][T13007] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3059: Invalid inode bitmap blk 0 in block_group 0
[  223.658431][ T4525] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:53: Failed to release dquot type 0
[  223.670517][T13007] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  223.679726][T13007] EXT4-fs (loop0): 1 orphan inode deleted
[  223.686068][T13007] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.729691][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.734968][T13027] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  223.762082][T13027] hub 5-0:1.0: USB hub found
[  223.766956][T13027] hub 5-0:1.0: 8 ports detected
[  223.840851][T13044] lo speed is unknown, defaulting to 1000
[  223.946202][T13066] FAULT_INJECTION: forcing a failure.
[  223.946202][T13066] name failslab, interval 1, probability 0, space 0, times 0
[  223.959067][T13066] CPU: 1 UID: 0 PID: 13066 Comm: syz.0.3069 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  223.959164][T13066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  223.959199][T13066] Call Trace:
[  223.959206][T13066]  <TASK>
[  223.959215][T13066]  __dump_stack+0x1d/0x30
[  223.959298][T13066]  dump_stack_lvl+0xe8/0x140
[  223.959370][T13066]  dump_stack+0x15/0x1b
[  223.959464][T13066]  should_fail_ex+0x265/0x280
[  223.959505][T13066]  should_failslab+0x8c/0xb0
[  223.959533][T13066]  kmem_cache_alloc_noprof+0x50/0x480
[  223.959560][T13066]  ? security_inode_alloc+0x37/0x100
[  223.959637][T13066]  security_inode_alloc+0x37/0x100
[  223.959658][T13066]  inode_init_always_gfp+0x4b7/0x500
[  223.959683][T13066]  ? __pfx_sock_alloc_inode+0x10/0x10
[  223.959718][T13066]  alloc_inode+0x58/0x170
[  223.959762][T13066]  __sock_create+0x122/0x5b0
[  223.959790][T13066]  __sys_socketpair+0x1bc/0x430
[  223.959816][T13066]  __x64_sys_socketpair+0x52/0x60
[  223.959922][T13066]  x64_sys_call+0x2bf6/0x3000
[  223.959947][T13066]  do_syscall_64+0xd2/0x200
[  223.959970][T13066]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  223.960145][T13066]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  223.960255][T13066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.960280][T13066] RIP: 0033:0x7f41431ef749
[  223.960297][T13066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.960317][T13066] RSP: 002b:00007f4141c57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  223.960339][T13066] RAX: ffffffffffffffda RBX: 00007f4143445fa0 RCX: 00007f41431ef749
[  223.960398][T13066] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[  223.960412][T13066] RBP: 00007f4141c57090 R08: 0000000000000000 R09: 0000000000000000
[  223.960425][T13066] R10: 0000200000000940 R11: 0000000000000246 R12: 0000000000000001
[  223.960439][T13066] R13: 00007f4143446038 R14: 00007f4143445fa0 R15: 00007ffc56e1c638
[  223.960459][T13066]  </TASK>
[  223.960489][T13066] socket: no more sockets
[  224.105275][T13076] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3071'.
[  224.175045][T13081] loop0: detected capacity change from 0 to 512
[  224.184772][T13081] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.215294][T12934] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  224.225630][T12934] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  224.233970][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.244921][T12934] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  224.257415][T12934] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  224.277288][ T4485] IPVS: stop unused estimator thread 0...
[  224.344708][T12934] 8021q: adding VLAN 0 to HW filter on device bond0
[  224.375181][T12934] 8021q: adding VLAN 0 to HW filter on device team0
[  224.392982][ T4482] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.400245][ T4482] bridge0: port 1(bridge_slave_0) entered forwarding state
[  224.430166][ T4482] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.437263][ T4482] bridge0: port 2(bridge_slave_1) entered forwarding state
[  224.490331][T13114] dummy0: entered allmulticast mode
[  224.535292][T13114] dummy0: left allmulticast mode
[  224.543622][T12934] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.702599][T12934] veth0_vlan: entered promiscuous mode
[  224.711694][T12934] veth1_vlan: entered promiscuous mode
[  224.750019][T12934] veth0_macvtap: entered promiscuous mode
[  224.774251][T12934] veth1_macvtap: entered promiscuous mode
[  224.800423][T12934] batman_adv: batadv0: Interface activated: batadv_slave_0
[  224.810615][T13163] lo speed is unknown, defaulting to 1000
[  224.812666][T12934] batman_adv: batadv0: Interface activated: batadv_slave_1
[  224.842523][ T4482] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  224.864463][ T4482] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  224.884279][ T4482] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  224.904904][ T4482] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  224.956261][T13178] loop0: detected capacity change from 0 to 512
[  224.974203][T13178] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.027491][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.048509][ T4485] Bluetooth: hci0: Frame reassembly failed (-84)
[  225.391000][T13228] usb usb8: usbfs: process 13228 (syz.0.3087) did not claim interface 0 before use
[  225.942457][T13256] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3095'.
[  226.072219][T13264] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3099'.
[  226.119882][T13267] lo speed is unknown, defaulting to 1000
[  226.168635][T13269] FAULT_INJECTION: forcing a failure.
[  226.168635][T13269] name failslab, interval 1, probability 0, space 0, times 0
[  226.181424][T13269] CPU: 1 UID: 0 PID: 13269 Comm: syz.2.3101 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  226.181457][T13269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  226.181471][T13269] Call Trace:
[  226.181476][T13269]  <TASK>
[  226.181484][T13269]  __dump_stack+0x1d/0x30
[  226.181508][T13269]  dump_stack_lvl+0xe8/0x140
[  226.181560][T13269]  dump_stack+0x15/0x1b
[  226.181623][T13269]  should_fail_ex+0x265/0x280
[  226.181733][T13269]  should_failslab+0x8c/0xb0
[  226.181762][T13269]  __kmalloc_noprof+0xa5/0x570
[  226.181795][T13269]  ? traceprobe_set_print_fmt+0x48/0xa0
[  226.181823][T13269]  ? create_local_trace_uprobe+0x101/0x2c0
[  226.181899][T13269]  traceprobe_set_print_fmt+0x48/0xa0
[  226.181929][T13269]  create_local_trace_uprobe+0x1c2/0x2c0
[  226.182028][T13269]  perf_uprobe_init+0xc0/0x150
[  226.182051][T13269]  perf_uprobe_event_init+0xc4/0x140
[  226.182073][T13269]  perf_try_init_event+0xd9/0x540
[  226.182166][T13269]  ? perf_event_alloc+0xb1c/0x1740
[  226.182262][T13269]  perf_event_alloc+0xb27/0x1740
[  226.182290][T13269]  __se_sys_perf_event_open+0x615/0x11c0
[  226.182362][T13269]  ? __rcu_read_unlock+0x4f/0x70
[  226.182427][T13269]  __x64_sys_perf_event_open+0x67/0x80
[  226.182459][T13269]  x64_sys_call+0x7bd/0x3000
[  226.182485][T13269]  do_syscall_64+0xd2/0x200
[  226.182591][T13269]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  226.182622][T13269]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  226.182652][T13269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.182695][T13269] RIP: 0033:0x7f58284ef749
[  226.182733][T13269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.182755][T13269] RSP: 002b:00007f5826f4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  226.182778][T13269] RAX: ffffffffffffffda RBX: 00007f5828745fa0 RCX: 00007f58284ef749
[  226.182792][T13269] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  226.182805][T13269] RBP: 00007f5826f4f090 R08: 0000000000000000 R09: 0000000000000000
[  226.182818][T13269] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[  226.182830][T13269] R13: 00007f5828746038 R14: 00007f5828745fa0 R15: 00007ffe47462e98
[  226.182896][T13269]  </TASK>
[  226.420613][ T4513] Bluetooth: hci1: Frame reassembly failed (-84)
[  226.473755][T13275] siw: device registration error -23
[  226.523875][T13280] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3106'.
[  226.666424][T13298] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3110'.
[  226.784336][T13322] can0: slcan on ttyS3.
[  226.835731][   T29] kauditd_printk_skb: 2925 callbacks suppressed
[  226.835748][   T29] audit: type=1326 audit(226.803:32490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13302 comm="syz.0.3111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  226.868706][   T29] audit: type=1326 audit(226.843:32491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13321 comm="syz.0.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  226.891927][   T29] audit: type=1326 audit(226.843:32492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13321 comm="syz.0.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  226.915604][   T29] audit: type=1326 audit(226.843:32493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13321 comm="syz.0.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  226.938738][   T29] audit: type=1326 audit(226.843:32494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13321 comm="syz.0.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  226.961863][   T29] audit: type=1326 audit(226.843:32495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13321 comm="syz.0.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  226.985112][   T29] audit: type=1326 audit(226.843:32496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13321 comm="syz.0.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  227.008348][   T29] audit: type=1326 audit(226.843:32497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13321 comm="syz.0.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  227.031358][   T29] audit: type=1326 audit(226.843:32498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13321 comm="syz.0.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  227.054452][   T29] audit: type=1326 audit(226.843:32499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13321 comm="syz.0.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  227.078297][T13272] Bluetooth: hci0: command 0x1003 tx timeout
[  227.078582][ T3577] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  227.138676][T13321] can0 (unregistered): slcan off ttyS3.
[  227.523591][T13437] usb usb8: usbfs: process 13437 (syz.2.3116) did not claim interface 0 before use
[  227.602240][T13441] veth2: entered promiscuous mode
[  227.607337][T13441] veth2: entered allmulticast mode
[  227.724540][T13445] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3119'.
[  227.883672][T13456] sctp: [Deprecated]: syz.0.3124 (pid 13456) Use of struct sctp_assoc_value in delayed_ack socket option.
[  227.883672][T13456] Use struct sctp_sack_info instead
[  227.954844][T13456] loop0: detected capacity change from 0 to 512
[  227.961592][T13456] EXT4-fs: Ignoring removed nomblk_io_submit option
[  227.969475][T13456] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  227.981059][T13456] EXT4-fs (loop0): 1 truncate cleaned up
[  227.987786][T13456] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.019304][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.054650][T13476] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3130'.
[  228.200739][T13490] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3137'.
[  228.244892][T13499] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3137'.
[  228.442963][ T3596] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  228.443538][T13527] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3141'.
[  228.458390][T13527] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3141'.
[  228.476193][T13534] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3142'.
[  228.489646][ T4535] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  228.498705][ T4535] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  228.504595][T13527] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3141'.
[  228.507578][ T4535] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  228.516419][T13527] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3141'.
[  228.531619][ T4535] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  228.562712][T13540] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3143'.
[  229.850218][T13693] loop0: detected capacity change from 0 to 512
[  229.884104][T13693] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.949189][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.180301][T13728] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3165'.
[  230.526394][T13783] FAULT_INJECTION: forcing a failure.
[  230.526394][T13783] name failslab, interval 1, probability 0, space 0, times 0
[  230.539193][T13783] CPU: 0 UID: 0 PID: 13783 Comm: syz.5.3170 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  230.539214][T13783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  230.539225][T13783] Call Trace:
[  230.539234][T13783]  <TASK>
[  230.539244][T13783]  __dump_stack+0x1d/0x30
[  230.539270][T13783]  dump_stack_lvl+0xe8/0x140
[  230.539288][T13783]  dump_stack+0x15/0x1b
[  230.539308][T13783]  should_fail_ex+0x265/0x280
[  230.539344][T13783]  ? genl_start+0x117/0x390
[  230.539360][T13783]  should_failslab+0x8c/0xb0
[  230.539379][T13783]  __kmalloc_cache_noprof+0x4c/0x4a0
[  230.539401][T13783]  genl_start+0x117/0x390
[  230.539527][T13783]  __netlink_dump_start+0x334/0x520
[  230.539550][T13783]  genl_family_rcv_msg_dumpit+0x115/0x180
[  230.539631][T13783]  ? __pfx_genl_start+0x10/0x10
[  230.539646][T13783]  ? __pfx_genl_dumpit+0x10/0x10
[  230.539662][T13783]  ? __pfx_genl_done+0x10/0x10
[  230.539681][T13783]  genl_rcv_msg+0x3f0/0x460
[  230.539697][T13783]  ? __pfx_devlink_nl_rate_get_dumpit+0x10/0x10
[  230.539779][T13783]  netlink_rcv_skb+0x123/0x220
[  230.539811][T13783]  ? __pfx_genl_rcv_msg+0x10/0x10
[  230.539846][T13783]  genl_rcv+0x28/0x40
[  230.539872][T13783]  netlink_unicast+0x5c0/0x690
[  230.539977][T13783]  netlink_sendmsg+0x58b/0x6b0
[  230.540006][T13783]  ? __pfx_netlink_sendmsg+0x10/0x10
[  230.540019][T13783]  __sock_sendmsg+0x145/0x180
[  230.540037][T13783]  ____sys_sendmsg+0x31e/0x4e0
[  230.540103][T13783]  ___sys_sendmsg+0x17b/0x1d0
[  230.540125][T13783]  __x64_sys_sendmsg+0xd4/0x160
[  230.540149][T13783]  x64_sys_call+0x191e/0x3000
[  230.540263][T13783]  do_syscall_64+0xd2/0x200
[  230.540289][T13783]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  230.540320][T13783]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  230.540439][T13783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.540461][T13783] RIP: 0033:0x7f558ab0f749
[  230.540481][T13783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.540502][T13783] RSP: 002b:00007f558956f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  230.540526][T13783] RAX: ffffffffffffffda RBX: 00007f558ad65fa0 RCX: 00007f558ab0f749
[  230.540542][T13783] RDX: 0000000000000000 RSI: 0000200000001780 RDI: 0000000000000003
[  230.540597][T13783] RBP: 00007f558956f090 R08: 0000000000000000 R09: 0000000000000000
[  230.540606][T13783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.540665][T13783] R13: 00007f558ad66038 R14: 00007f558ad65fa0 R15: 00007ffc07d89eb8
[  230.540688][T13783]  </TASK>
[  231.348563][T13864] sctp: [Deprecated]: syz.3.3181 (pid 13864) Use of struct sctp_assoc_value in delayed_ack socket option.
[  231.348563][T13864] Use struct sctp_sack_info instead
[  231.484555][T13869] sctp: [Deprecated]: syz.4.3183 (pid 13869) Use of struct sctp_assoc_value in delayed_ack socket option.
[  231.484555][T13869] Use struct sctp_sack_info instead
[  231.556384][T13869] loop4: detected capacity change from 0 to 512
[  231.563237][T13869] EXT4-fs: Ignoring removed nomblk_io_submit option
[  231.570316][T13869] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  231.581152][T13869] EXT4-fs (loop4): 1 truncate cleaned up
[  231.587358][T13869] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.621170][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.746116][T13892] sctp: [Deprecated]: syz.0.3193 (pid 13892) Use of struct sctp_assoc_value in delayed_ack socket option.
[  231.746116][T13892] Use struct sctp_sack_info instead
[  231.942379][T13894] lo speed is unknown, defaulting to 1000
[  231.954213][T13920] loop5: detected capacity change from 0 to 512
[  231.999493][T13920] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.020542][T13927] loop3: detected capacity change from 0 to 512
[  232.064664][ T5171] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.087359][T13927] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.184778][T12174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.229282][T13950] netlink: 'syz.5.3199': attribute type 3 has an invalid length.
[  232.229930][T13894] chnl_net:caif_netlink_parms(): no params data found
[  232.246738][   T29] kauditd_printk_skb: 3033 callbacks suppressed
[  232.246831][   T29] audit: type=1326 audit(232.223:35533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13951 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3fd8f749 code=0x7ffc0000
[  232.276460][   T29] audit: type=1326 audit(232.223:35534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13951 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3fd8f749 code=0x7ffc0000
[  232.299712][   T29] audit: type=1326 audit(232.223:35535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13951 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f3f3fd8f749 code=0x7ffc0000
[  232.322974][   T29] audit: type=1326 audit(232.223:35536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13951 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3fd8f749 code=0x7ffc0000
[  232.346046][   T29] audit: type=1326 audit(232.223:35537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13951 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f3fd8f749 code=0x7ffc0000
[  232.383863][   T29] audit: type=1326 audit(232.343:35538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13951 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3f3fd91667 code=0x7ffc0000
[  232.407044][   T29] audit: type=1326 audit(232.343:35539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13951 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3f3fd915dc code=0x7ffc0000
[  232.430129][   T29] audit: type=1326 audit(232.343:35540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13951 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3f3fd91514 code=0x7ffc0000
[  232.453063][   T29] audit: type=1326 audit(232.343:35541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13951 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f3f3fd91514 code=0x7ffc0000
[  232.476000][   T29] audit: type=1326 audit(232.343:35542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13951 comm="syz.3.3201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f3f3fd8e3aa code=0x7ffc0000
[  232.526992][T13965] loop0: detected capacity change from 0 to 512
[  232.561089][T13968] sctp: [Deprecated]: syz.5.3205 (pid 13968) Use of struct sctp_assoc_value in delayed_ack socket option.
[  232.561089][T13968] Use struct sctp_sack_info instead
[  232.578583][T13894] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.585727][T13894] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.593500][T13894] bridge_slave_0: entered allmulticast mode
[  232.600478][T13965] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.613368][T13894] bridge_slave_0: entered promiscuous mode
[  232.628855][T13894] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.636054][T13894] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.651761][T13894] bridge_slave_1: entered allmulticast mode
[  232.658684][T13894] bridge_slave_1: entered promiscuous mode
[  232.696126][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.712940][T13894] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.724013][T13894] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.791930][T13894] team0: Port device team_slave_0 added
[  232.805609][T13894] team0: Port device team_slave_1 added
[  232.869351][T13894] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.876353][T13894] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  232.902908][T13894] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  232.988986][T13894] batman_adv: batadv0: Adding interface: batadv_slave_1
[  232.996028][T13894] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  233.022031][T13894] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.064363][T13894] hsr_slave_0: entered promiscuous mode
[  233.074002][T13894] hsr_slave_1: entered promiscuous mode
[  233.084241][T13894] debugfs: 'hsr0' already exists in 'hsr'
[  233.090104][T13894] Cannot create hsr debugfs directory
[  233.627360][T13894] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  233.672511][T13894] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  233.688704][T14008] __nla_validate_parse: 1 callbacks suppressed
[  233.688720][T14008] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3211'.
[  233.722512][T13894] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  233.754582][T13894] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  234.097193][T13894] 8021q: adding VLAN 0 to HW filter on device bond0
[  234.153107][T13894] 8021q: adding VLAN 0 to HW filter on device team0
[  234.211732][ T4513] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.218866][ T4513] bridge0: port 1(bridge_slave_0) entered forwarding state
[  234.251748][ T4513] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.258974][ T4513] bridge0: port 2(bridge_slave_1) entered forwarding state
[  234.301410][T13894] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  234.311985][T13894] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  234.497358][T13894] 8021q: adding VLAN 0 to HW filter on device batadv0
[  234.791774][T13894] veth0_vlan: entered promiscuous mode
[  234.888784][  T176] bridge_slave_1: left allmulticast mode
[  234.894487][  T176] bridge_slave_1: left promiscuous mode
[  234.900320][  T176] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.955249][T14071] loop3: detected capacity change from 0 to 512
[  234.964077][  T176] bridge_slave_0: left allmulticast mode
[  234.969991][  T176] bridge_slave_0: left promiscuous mode
[  234.975714][  T176] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.978875][T14073] nfs: Unexpected value for 'acl'
[  234.992660][T14076] sctp: [Deprecated]: syz.2.3217 (pid 14076) Use of struct sctp_assoc_value in delayed_ack socket option.
[  234.992660][T14076] Use struct sctp_sack_info instead
[  235.021653][T14071] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.045825][T12174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.083027][T14088] loop3: detected capacity change from 0 to 512
[  235.091704][T14088] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.105912][  T176] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  235.126284][  T176] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  235.126766][T12174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.145262][  T176] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  235.154879][  T176] bond0 (unregistering): Released all slaves
[  235.166772][  T176] bond1 (unregistering): Released all slaves
[  235.186480][  T176] bond2 (unregistering): (slave batadv1): Releasing active interface
[  235.196669][  T176] bond2 (unregistering): Released all slaves
[  235.209643][  T176] bond3 (unregistering): Released all slaves
[  235.216871][T14104] usb usb8: usbfs: process 14104 (syz.0.3223) did not claim interface 0 before use
[  235.228170][  T176] bond4 (unregistering): Released all slaves
[  235.238745][  T176] bond5 (unregistering): Released all slaves
[  235.264269][T13894] veth1_vlan: entered promiscuous mode
[  235.291101][T14108] loop3: detected capacity change from 0 to 512
[  235.298075][T13894] veth0_macvtap: entered promiscuous mode
[  235.307455][T13894] veth1_macvtap: entered promiscuous mode
[  235.315776][T14108] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.317847][  T176] tipc: Disabling bearer <udp:syz2>
[  235.333454][  T176] tipc: Left network mode
[  235.347145][T13894] batman_adv: batadv0: Interface activated: batadv_slave_0
[  235.372157][T12174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.391232][  T176] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.402575][  T176] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.438303][  T176] team0 (unregistering): Port device team_slave_1 removed
[  235.455018][  T176] team0 (unregistering): Port device team_slave_0 removed
[  235.494652][T14121] loop5: detected capacity change from 0 to 512
[  235.503337][T13894] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.515814][ T4528] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.523714][T14121] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.541766][ T4528] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.559416][ T4528] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.569012][ T4528] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.570068][ T5171] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.614065][T14130] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3233'.
[  235.636338][T14130] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3233'.
[  235.649379][T14134] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3236'.
[  235.735184][T14148] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3241'.
[  235.755304][T14150] can0: slcan on ttyS3.
[  235.825424][T14154] loop4: detected capacity change from 0 to 512
[  235.833922][T14154] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.863156][T13894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.874120][T14159] loop5: detected capacity change from 0 to 1024
[  235.883659][T14159] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  235.895813][T14159] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.3245: Invalid block bitmap block 0 in block_group 0
[  235.910133][T14159] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.3245: Failed to acquire dquot type 0
[  235.921887][T14149] can0 (unregistered): slcan off ttyS3.
[  235.938542][T14159] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.3245: Freeing blocks not in datazone - block = 0, count = 4096
[  235.954012][T14159] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3245: Invalid inode bitmap blk 0 in block_group 0
[  235.967146][T14159] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  235.978576][ T4509] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:40: Failed to release dquot type 0
[  235.995781][T14159] EXT4-fs (loop5): 1 orphan inode deleted
[  236.002259][T14159] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.029426][T14172] loop4: detected capacity change from 0 to 256
[  236.044628][T14162] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  236.054681][ T5171] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.065043][T14176] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3252'.
[  236.075830][T14178] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3253'.
[  236.196834][ T4528] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[  236.204759][ T4528] FAT-fs (loop4): Filesystem has been set read-only
[  236.210003][T14184] loop0: detected capacity change from 0 to 512
[  236.218626][ T4528] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[  236.227071][ T4528] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[  236.235165][ T4528] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[  236.244503][ T4528] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[  236.245506][T14184] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.252937][ T4528] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[  236.340949][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.447071][T14217] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3266'.
[  236.540761][T14219] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3267'.
[  236.885731][T14239] FAULT_INJECTION: forcing a failure.
[  236.885731][T14239] name failslab, interval 1, probability 0, space 0, times 0
[  236.898720][T14239] CPU: 1 UID: 0 PID: 14239 Comm: syz.2.3276 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  236.898828][T14239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  236.898843][T14239] Call Trace:
[  236.898851][T14239]  <TASK>
[  236.898861][T14239]  __dump_stack+0x1d/0x30
[  236.898944][T14239]  dump_stack_lvl+0xe8/0x140
[  236.899003][T14239]  dump_stack+0x15/0x1b
[  236.899025][T14239]  should_fail_ex+0x265/0x280
[  236.899063][T14239]  should_failslab+0x8c/0xb0
[  236.899095][T14239]  kmem_cache_alloc_noprof+0x50/0x480
[  236.899142][T14239]  ? getname_flags+0x80/0x3b0
[  236.899177][T14239]  getname_flags+0x80/0x3b0
[  236.899215][T14239]  user_path_at+0x28/0x130
[  236.899304][T14239]  __se_sys_mount+0x25b/0x2e0
[  236.899334][T14239]  ? fput+0x8f/0xc0
[  236.899358][T14239]  __x64_sys_mount+0x67/0x80
[  236.899382][T14239]  x64_sys_call+0x2b51/0x3000
[  236.899403][T14239]  do_syscall_64+0xd2/0x200
[  236.899491][T14239]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  236.899524][T14239]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  236.899561][T14239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.899583][T14239] RIP: 0033:0x7f58284ef749
[  236.899673][T14239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.899695][T14239] RSP: 002b:00007f5826f4f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  236.899719][T14239] RAX: ffffffffffffffda RBX: 00007f5828745fa0 RCX: 00007f58284ef749
[  236.899734][T14239] RDX: 0000200000001440 RSI: 0000200000001400 RDI: 0000000000000000
[  236.899747][T14239] RBP: 00007f5826f4f090 R08: 0000200000000000 R09: 0000000000000000
[  236.899759][T14239] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  236.899786][T14239] R13: 00007f5828746038 R14: 00007f5828745fa0 R15: 00007ffe47462e98
[  236.899804][T14239]  </TASK>
[  237.106843][T14241] can0: slcan on ttyS3.
[  237.122379][T14244] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3278'.
[  237.228344][T14240] can0 (unregistered): slcan off ttyS3.
[  237.248488][   T29] kauditd_printk_skb: 848 callbacks suppressed
[  237.248502][   T29] audit: type=1326 audit(750.225:36388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4143222005 code=0x7ffc0000
[  237.285747][   T29] audit: type=1326 audit(750.245:36389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4143222005 code=0x7ffc0000
[  237.293824][T14252] loop4: detected capacity change from 0 to 512
[  237.309154][   T29] audit: type=1326 audit(750.245:36390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f41431e65e7 code=0x7ffc0000
[  237.338930][   T29] audit: type=1326 audit(750.245:36391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f414318b829 code=0x7ffc0000
[  237.340481][T14252] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.362066][   T29] audit: type=1326 audit(750.245:36392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  237.362114][   T29] audit: type=1326 audit(750.255:36393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4143222005 code=0x7ffc0000
[  237.420456][   T29] audit: type=1326 audit(750.255:36394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f41431e65e7 code=0x7ffc0000
[  237.443378][   T29] audit: type=1326 audit(750.255:36395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f414318b829 code=0x7ffc0000
[  237.466631][   T29] audit: type=1326 audit(750.255:36396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f41431ef749 code=0x7ffc0000
[  237.489917][   T29] audit: type=1326 audit(750.255:36397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14224 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4143222005 code=0x7ffc0000
[  237.532766][T13894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.594424][T14319] loop0: detected capacity change from 0 to 1024
[  238.602292][T14319] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  238.648553][T14319] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.3305: Invalid block bitmap block 0 in block_group 0
[  238.702832][T14319] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3305: Failed to acquire dquot type 0
[  238.718439][T14326] __nla_validate_parse: 4 callbacks suppressed
[  238.718459][T14326] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3307'.
[  238.736950][T14319] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.3305: Freeing blocks not in datazone - block = 0, count = 4096
[  238.758678][T14319] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3305: Invalid inode bitmap blk 0 in block_group 0
[  238.776317][T14319] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  238.785142][ T4482] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:15: Failed to release dquot type 0
[  238.785190][T14319] EXT4-fs (loop0): 1 orphan inode deleted
[  238.785640][T14319] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.904409][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.073218][T14347] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3317'.
[  239.234979][T14364] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3323'.
[  239.675617][T14375] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3327'.
[  239.684920][T14375] hsr_slave_0: left promiscuous mode
[  239.691086][T14375] hsr_slave_1: left promiscuous mode
[  239.726803][T14376] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3327'.
[  239.980396][T14384] ip6t_REJECT: ECHOREPLY is not supported
[  240.023528][T14386] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  240.050995][T14372] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3312'.
[  240.589659][T14406] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3336'.
[  240.730207][T14411] loop0: detected capacity change from 0 to 1024
[  240.772131][T14411] EXT4-fs: Ignoring removed i_version option
[  240.793933][T14411] EXT4-fs: Ignoring removed nobh option
[  240.846496][T14411] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.125525][T14425] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[  241.134531][T14425] ref_ctr increment failed for inode: 0xb68 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888103e11140
[  241.245876][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.356847][T14438] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3348'.
[  241.632450][T14444] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3351'.
[  241.815221][T14425] uprobe: syz.5.3343:14425 failed to unregister, leaking uprobe
[  241.826455][T14453] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14453 comm=syz.3.3355
[  242.021045][T14465] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=245 sclass=netlink_route_socket pid=14465 comm=syz.3.3361
[  242.089815][T14465] $Hÿ: renamed from bond0 (while UP)
[  242.097127][T14465] $Hÿ: entered promiscuous mode
[  242.102541][T14465] bond_slave_0: entered promiscuous mode
[  242.108456][T14465] bond_slave_1: entered promiscuous mode
[  242.154248][T14470] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3362'.
[  242.213359][T14477] io-wq is not configured for unbound workers
[  242.258775][   T29] kauditd_printk_skb: 5825 callbacks suppressed
[  242.258840][   T29] audit: type=1326 audit(755.235:42220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14447 comm="syz.2.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5828522005 code=0x7ffc0000
[  242.311461][   T29] audit: type=1326 audit(755.265:42221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14447 comm="syz.2.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f58284e65e7 code=0x7ffc0000
[  242.334680][   T29] audit: type=1326 audit(755.265:42222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14447 comm="syz.2.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f582848b829 code=0x7ffc0000
[  242.357787][   T29] audit: type=1326 audit(755.265:42223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14447 comm="syz.2.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  242.380858][   T29] audit: type=1326 audit(755.265:42224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14447 comm="syz.2.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5828522005 code=0x7ffc0000
[  242.403969][   T29] audit: type=1326 audit(755.265:42225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14447 comm="syz.2.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5828522005 code=0x7ffc0000
[  242.426989][   T29] audit: type=1326 audit(755.265:42226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14447 comm="syz.2.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5828522005 code=0x7ffc0000
[  242.450153][   T29] audit: type=1326 audit(755.265:42227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14447 comm="syz.2.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5828522005 code=0x7ffc0000
[  242.473581][   T29] audit: type=1326 audit(755.265:42228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14447 comm="syz.2.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f58284e65e7 code=0x7ffc0000
[  242.496855][   T29] audit: type=1326 audit(755.265:42229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14447 comm="syz.2.3353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f582848b829 code=0x7ffc0000
[  242.536781][T14484] loop4: detected capacity change from 0 to 512
[  242.549018][T14484] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  242.599083][T14484] EXT4-fs (loop4): 1 truncate cleaned up
[  242.608309][ T4513] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.629403][T14484] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.691026][ T4513] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.781233][ T4513] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.809103][T14506] tipc: Started in network mode
[  242.814280][T14506] tipc: Node identity ac141413, cluster identity 4711
[  242.828456][T14506] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  242.837280][T14510] program syz.2.3372 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  242.872784][ T4513] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.006414][ T4513] bridge_slave_1: left allmulticast mode
[  243.012322][ T4513] bridge_slave_1: left promiscuous mode
[  243.018055][ T4513] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.064226][ T4513] bridge_slave_0: left allmulticast mode
[  243.070018][ T4513] bridge_slave_0: left promiscuous mode
[  243.075716][ T4513] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.183015][T13894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.240624][ T4513] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  243.249516][ T4513] bond_slave_0: left promiscuous mode
[  243.258452][ T4513] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  243.270695][ T4513] bond_slave_1: left promiscuous mode
[  243.278862][ T4513] $Hÿ (unregistering): Released all slaves
[  243.352811][ T4513] hsr_slave_0: left promiscuous mode
[  243.358681][ T4513] hsr_slave_1: left promiscuous mode
[  243.364336][ T4513] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.371955][ T4513] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.380530][ T4513] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.387939][ T4513] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.401701][ T4513] veth1_macvtap: left promiscuous mode
[  243.407299][ T4513] veth0_macvtap: left promiscuous mode
[  243.412931][ T4513] veth1_vlan: left promiscuous mode
[  243.418504][ T4513] veth0_vlan: left promiscuous mode
[  243.492471][ T4513] team0 (unregistering): Port device team_slave_1 removed
[  243.502447][ T4513] team0 (unregistering): Port device team_slave_0 removed
[  243.590234][T14500] chnl_net:caif_netlink_parms(): no params data found
[  243.651896][T14500] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.659220][T14500] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.666542][T14500] bridge_slave_0: entered allmulticast mode
[  243.673505][T14500] bridge_slave_0: entered promiscuous mode
[  243.680729][T14500] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.687938][T14500] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.695319][T14500] bridge_slave_1: entered allmulticast mode
[  243.702160][T14500] bridge_slave_1: entered promiscuous mode
[  243.722097][T14500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.737938][T14500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.738897][T14550] sctp: [Deprecated]: syz.5.3384 (pid 14550) Use of struct sctp_assoc_value in delayed_ack socket option.
[  243.738897][T14550] Use struct sctp_sack_info instead
[  243.782829][T14500] team0: Port device team_slave_0 added
[  243.792738][T14500] team0: Port device team_slave_1 added
[  243.817372][T14500] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.824396][T14500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  243.850487][T14500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.889046][T14500] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.896040][T14500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  243.922259][T14500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.030420][T14500] hsr_slave_0: entered promiscuous mode
[  244.036563][T14500] hsr_slave_1: entered promiscuous mode
[  244.272271][T14577] __nla_validate_parse: 1 callbacks suppressed
[  244.272289][T14577] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3395'.
[  244.332034][T14569] team0 (unregistering): Port device team_slave_0 removed
[  244.440914][T14569] team0 (unregistering): Port device team_slave_1 removed
[  244.464999][T14582] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  244.472473][T14582] batman_adv: batadv0: Removing interface: batadv_slave_0
[  244.489063][T14582] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  244.496497][T14582] batman_adv: batadv0: Removing interface: batadv_slave_1
[  244.716993][T14595] loop0: detected capacity change from 0 to 1024
[  244.728658][T14595] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  244.729839][T14600] sctp: [Deprecated]: syz.4.3403 (pid 14600) Use of struct sctp_assoc_value in delayed_ack socket option.
[  244.729839][T14600] Use struct sctp_sack_info instead
[  244.771300][T14595] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.3401: Invalid block bitmap block 0 in block_group 0
[  244.810515][T14595] EXT4-fs error (device loop0): ext4_acquire_dquot:6945: comm syz.0.3401: Failed to acquire dquot type 0
[  244.830057][T14595] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.3401: Freeing blocks not in datazone - block = 0, count = 4096
[  244.843913][T14500] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  244.851144][T14595] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3401: Invalid inode bitmap blk 0 in block_group 0
[  244.866228][T14500] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  244.874033][ T4497] EXT4-fs error (device loop0): ext4_release_dquot:6981: comm kworker/u8:28: Failed to release dquot type 0
[  244.887502][T14500] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  244.895122][T14595] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  244.904007][T14500] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  244.930584][T14595] EXT4-fs (loop0): 1 orphan inode deleted
[  244.936817][T14595] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  244.988118][T14623] loop4: detected capacity change from 0 to 512
[  244.996449][T14500] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.007343][T14623] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  245.022968][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.024778][T14500] 8021q: adding VLAN 0 to HW filter on device team0
[  245.042249][ T4485] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.049374][ T4485] bridge0: port 1(bridge_slave_0) entered forwarding state
[  245.089490][ T4513] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.096667][ T4513] bridge0: port 2(bridge_slave_1) entered forwarding state
[  245.105622][T13894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.113034][T14500] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  245.125331][T14500] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  245.210407][T14500] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.315089][T14500] veth0_vlan: entered promiscuous mode
[  245.326910][T14500] veth1_vlan: entered promiscuous mode
[  245.355054][T14500] veth0_macvtap: entered promiscuous mode
[  245.370469][T14500] veth1_macvtap: entered promiscuous mode
[  245.389944][T14500] batman_adv: batadv0: Interface activated: batadv_slave_0
[  245.403047][T14500] batman_adv: batadv0: Interface activated: batadv_slave_1
[  245.439802][ T4513] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  245.461904][ T4513] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  245.480961][ T4513] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  245.509108][ T4513] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  246.012661][T14664] sctp: [Deprecated]: syz.0.3417 (pid 14664) Use of struct sctp_assoc_value in delayed_ack socket option.
[  246.012661][T14664] Use struct sctp_sack_info instead
[  246.395357][T14701] loop0: detected capacity change from 0 to 1024
[  246.403871][T14702] sctp: [Deprecated]: syz.2.3432 (pid 14702) Use of struct sctp_assoc_value in delayed_ack socket option.
[  246.403871][T14702] Use struct sctp_sack_info instead
[  246.430418][T14701] journal_path: Non-blockdev passed as './file1'
[  246.436866][T14701] EXT4-fs: error: could not find journal device path
[  246.665353][T14722] FAULT_INJECTION: forcing a failure.
[  246.665353][T14722] name failslab, interval 1, probability 0, space 0, times 0
[  246.678149][T14722] CPU: 1 UID: 0 PID: 14722 Comm: syz.0.3440 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  246.678179][T14722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  246.678253][T14722] Call Trace:
[  246.678260][T14722]  <TASK>
[  246.678268][T14722]  __dump_stack+0x1d/0x30
[  246.678318][T14722]  dump_stack_lvl+0xe8/0x140
[  246.678343][T14722]  dump_stack+0x15/0x1b
[  246.678364][T14722]  should_fail_ex+0x265/0x280
[  246.678477][T14722]  ? __se_sys_memfd_create+0x1cc/0x590
[  246.678506][T14722]  should_failslab+0x8c/0xb0
[  246.678607][T14722]  __kmalloc_cache_noprof+0x4c/0x4a0
[  246.678646][T14722]  __se_sys_memfd_create+0x1cc/0x590
[  246.678728][T14722]  __x64_sys_memfd_create+0x31/0x40
[  246.678756][T14722]  x64_sys_call+0x2ac2/0x3000
[  246.678784][T14722]  do_syscall_64+0xd2/0x200
[  246.678817][T14722]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  246.678844][T14722]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  246.678874][T14722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.678915][T14722] RIP: 0033:0x7f41431ef749
[  246.678962][T14722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.678990][T14722] RSP: 002b:00007f4141c56e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  246.679010][T14722] RAX: ffffffffffffffda RBX: 0000000000000512 RCX: 00007f41431ef749
[  246.679055][T14722] RDX: 00007f4141c56ef0 RSI: 0000000000000000 RDI: 00007f4143274960
[  246.679069][T14722] RBP: 0000200000000380 R08: 00007f4141c56bb7 R09: 00007f4141c56e40
[  246.679157][T14722] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000980
[  246.679171][T14722] R13: 00007f4141c56ef0 R14: 00007f4141c56eb0 R15: 0000200000000100
[  246.679193][T14722]  </TASK>
[  246.963631][T14733] sctp: [Deprecated]: syz.0.3445 (pid 14733) Use of struct sctp_assoc_value in delayed_ack socket option.
[  246.963631][T14733] Use struct sctp_sack_info instead
[  247.210085][T14749] loop4: detected capacity change from 0 to 1024
[  247.210412][T14749] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  247.268716][T14751] loop3: detected capacity change from 0 to 512
[  247.278903][T14751] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.376287][T14500] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.395235][T14758] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3455'.
[  247.428859][T14761] FAULT_INJECTION: forcing a failure.
[  247.428859][T14761] name failslab, interval 1, probability 0, space 0, times 0
[  247.441540][T14761] CPU: 1 UID: 0 PID: 14761 Comm: syz.4.3456 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  247.441626][T14761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  247.441637][T14761] Call Trace:
[  247.441644][T14761]  <TASK>
[  247.441652][T14761]  __dump_stack+0x1d/0x30
[  247.441749][T14761]  dump_stack_lvl+0xe8/0x140
[  247.441793][T14761]  dump_stack+0x15/0x1b
[  247.441827][T14761]  should_fail_ex+0x265/0x280
[  247.441873][T14761]  should_failslab+0x8c/0xb0
[  247.441904][T14761]  __kmalloc_noprof+0xa5/0x570
[  247.442003][T14761]  ? alloc_pipe_info+0x1c9/0x350
[  247.442034][T14761]  alloc_pipe_info+0x1c9/0x350
[  247.442127][T14761]  splice_direct_to_actor+0x592/0x680
[  247.442155][T14761]  ? kstrtouint_from_user+0x9f/0xf0
[  247.442176][T14761]  ? __pfx_direct_splice_actor+0x10/0x10
[  247.442203][T14761]  ? __rcu_read_unlock+0x4f/0x70
[  247.442245][T14761]  ? get_pid_task+0x96/0xd0
[  247.442272][T14761]  ? avc_policy_seqno+0x15/0x30
[  247.442355][T14761]  ? selinux_file_permission+0x1e4/0x320
[  247.442415][T14761]  do_splice_direct+0xda/0x150
[  247.442441][T14761]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  247.442472][T14761]  do_sendfile+0x380/0x650
[  247.442535][T14761]  __x64_sys_sendfile64+0x105/0x150
[  247.442566][T14761]  x64_sys_call+0x2bb4/0x3000
[  247.442591][T14761]  do_syscall_64+0xd2/0x200
[  247.442616][T14761]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  247.442645][T14761]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  247.442720][T14761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.442745][T14761] RIP: 0033:0x7f3e6c99f749
[  247.442773][T14761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.442793][T14761] RSP: 002b:00007f3e6b407038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  247.442816][T14761] RAX: ffffffffffffffda RBX: 00007f3e6cbf5fa0 RCX: 00007f3e6c99f749
[  247.442867][T14761] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008
[  247.442882][T14761] RBP: 00007f3e6b407090 R08: 0000000000000000 R09: 0000000000000000
[  247.442896][T14761] R10: 000000040000f63c R11: 0000000000000246 R12: 0000000000000001
[  247.442910][T14761] R13: 00007f3e6cbf6038 R14: 00007f3e6cbf5fa0 R15: 00007fff53fd9478
[  247.442932][T14761]  </TASK>
[  247.743111][T14771] sctp: [Deprecated]: syz.3.3460 (pid 14771) Use of struct sctp_assoc_value in delayed_ack socket option.
[  247.743111][T14771] Use struct sctp_sack_info instead
[  247.762208][   T29] kauditd_printk_skb: 1127 callbacks suppressed
[  247.762228][   T29] audit: type=1326 audit(1273.692:43354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14768 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  247.791899][   T29] audit: type=1326 audit(1273.692:43355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14768 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  247.814955][   T29] audit: type=1326 audit(1273.692:43356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14768 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  247.838109][   T29] audit: type=1326 audit(1273.692:43357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14768 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  247.861147][   T29] audit: type=1326 audit(1273.692:43358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14768 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  247.884281][   T29] audit: type=1326 audit(1273.692:43359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14768 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  247.907371][   T29] audit: type=1326 audit(1273.692:43360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14768 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  247.930562][   T29] audit: type=1326 audit(1273.692:43361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14768 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  247.953658][   T29] audit: type=1326 audit(1273.692:43362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14768 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  247.976929][   T29] audit: type=1326 audit(1273.692:43363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14768 comm="syz.2.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  248.003522][T14767] loop5: detected capacity change from 0 to 512
[  248.089912][T14767] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.111368][T14789] loop3: detected capacity change from 0 to 1024
[  248.132281][T14789] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  248.195577][T14789] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3467: Invalid block bitmap block 0 in block_group 0
[  248.216722][T14789] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3467: Failed to acquire dquot type 0
[  248.262664][T14789] EXT4-fs error (device loop3): ext4_free_blocks:6706: comm syz.3.3467: Freeing blocks not in datazone - block = 0, count = 4096
[  248.276882][T14789] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.3467: Invalid inode bitmap blk 0 in block_group 0
[  248.301637][ T4528] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:56: Failed to release dquot type 0
[  248.313419][T14789] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  248.340023][T14789] EXT4-fs (loop3): 1 orphan inode deleted
[  248.405679][T14789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.470529][T14500] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.623662][T14815] loop3: detected capacity change from 0 to 512
[  248.660163][T14815] FAT-fs (loop3): unable to read block(1073741824) for building NFS inode
[  249.029016][T14838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3486'.
[  249.037958][T14838] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3486'.
[  249.757437][ T5171] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.175361][T14879] FAULT_INJECTION: forcing a failure.
[  250.175361][T14879] name failslab, interval 1, probability 0, space 0, times 0
[  250.188277][T14879] CPU: 0 UID: 0 PID: 14879 Comm: syz.0.3502 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  250.188309][T14879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  250.188385][T14879] Call Trace:
[  250.188393][T14879]  <TASK>
[  250.188402][T14879]  __dump_stack+0x1d/0x30
[  250.188453][T14879]  dump_stack_lvl+0xe8/0x140
[  250.188473][T14879]  dump_stack+0x15/0x1b
[  250.188492][T14879]  should_fail_ex+0x265/0x280
[  250.188541][T14879]  should_failslab+0x8c/0xb0
[  250.188582][T14879]  __kmalloc_noprof+0xa5/0x570
[  250.188610][T14879]  ? security_bpf_prog_load+0x60/0x140
[  250.188642][T14879]  ? strncpy_from_user+0x13a/0x230
[  250.188732][T14879]  security_bpf_prog_load+0x60/0x140
[  250.188767][T14879]  bpf_prog_load+0xef8/0x1100
[  250.188819][T14879]  ? security_bpf+0x2b/0x90
[  250.188865][T14879]  __sys_bpf+0x469/0x7c0
[  250.188895][T14879]  __x64_sys_bpf+0x41/0x50
[  250.188981][T14879]  x64_sys_call+0x2aee/0x3000
[  250.189008][T14879]  do_syscall_64+0xd2/0x200
[  250.189033][T14879]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  250.189063][T14879]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  250.189159][T14879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.189181][T14879] RIP: 0033:0x7f41431ef749
[  250.189200][T14879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.189218][T14879] RSP: 002b:00007f4141c57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  250.189238][T14879] RAX: ffffffffffffffda RBX: 00007f4143445fa0 RCX: 00007f41431ef749
[  250.189254][T14879] RDX: 0000000000000094 RSI: 0000200000000300 RDI: 0000000000000005
[  250.189267][T14879] RBP: 00007f4141c57090 R08: 0000000000000000 R09: 0000000000000000
[  250.189326][T14879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.189402][T14879] R13: 00007f4143446038 R14: 00007f4143445fa0 R15: 00007ffc56e1c638
[  250.189452][T14879]  </TASK>
[  250.480205][T14886] loop3: detected capacity change from 0 to 512
[  250.517517][T14886] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.609937][T14890] loop0: detected capacity change from 0 to 512
[  250.662312][T14890] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  250.694990][T14890] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  250.705402][T14890] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.778782][T14500] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.850787][T14890] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  250.861351][T14890] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.931033][T14890] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  250.941445][T14890] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.989649][T14890] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  251.000012][T14890] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.140796][T14916] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3515'.
[  251.150010][T14916] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3515'.
[  251.200373][T14916] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3515'.
[  251.209899][T14916] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3515'.
[  251.280074][ T4513] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  251.288358][ T4513] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  251.363581][ T4513] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  251.372041][ T4513] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  251.380678][ T4513] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  251.389015][ T4513] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  251.402522][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.432851][ T4513] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  251.441293][ T4513] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  251.451748][T14916] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3515'.
[  251.460879][T14916] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3515'.
[  251.616889][T14930] loop0: detected capacity change from 0 to 512
[  251.651370][T14932] loop4: detected capacity change from 0 to 512
[  251.664238][T14930] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.690712][T14932] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.707317][T14926] 9pnet_fd: Insufficient options for proto=fd
[  251.766262][T13894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.031408][T14945] loop4: detected capacity change from 0 to 1024
[  252.049039][T14945] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  252.083603][T14945] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.3524: Invalid block bitmap block 0 in block_group 0
[  252.119667][T14945] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.3524: Failed to acquire dquot type 0
[  252.158723][T14945] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.3524: Freeing blocks not in datazone - block = 0, count = 4096
[  252.187862][T14945] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.3524: Invalid inode bitmap blk 0 in block_group 0
[  252.201168][ T4528] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u8:56: Failed to release dquot type 0
[  252.233687][T14945] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  252.258633][T14945] EXT4-fs (loop4): 1 orphan inode deleted
[  252.264841][T14945] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.309538][T13894] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.348744][T14952] netlink: 'syz.3.3527': attribute type 27 has an invalid length.
[  252.405129][T12718] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.487857][T14952] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.495206][T14952] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.555081][T14952] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  252.565050][T14952] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  252.699164][T14955] 8021q: adding VLAN 0 to HW filter on device bond0
[  252.719678][T14955] 8021q: adding VLAN 0 to HW filter on device team0
[  252.739653][T14955] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  252.766164][ T4485] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  252.775325][T14971] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3533'.
[  252.797482][ T4485] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  252.806712][ T4485] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  252.848299][ T4485] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  253.046404][T14984] SELinux: security_context_str_to_sid (Ö) failed with errno=-22
[  253.376216][   T29] kauditd_printk_skb: 731 callbacks suppressed
[  253.376236][   T29] audit: type=1326 audit(2305.340:44089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14993 comm="syz.2.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  253.468154][   T29] audit: type=1326 audit(2305.340:44090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14993 comm="syz.2.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  253.491512][   T29] audit: type=1326 audit(2305.370:44091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14993 comm="syz.2.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  253.514743][   T29] audit: type=1326 audit(2305.370:44092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14993 comm="syz.2.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  253.537904][   T29] audit: type=1326 audit(2305.370:44093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14993 comm="syz.2.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  253.561142][   T29] audit: type=1326 audit(2305.380:44094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14993 comm="syz.2.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  253.584582][   T29] audit: type=1326 audit(2305.380:44095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14993 comm="syz.2.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  253.607859][   T29] audit: type=1326 audit(2305.380:44096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14993 comm="syz.2.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  253.631197][   T29] audit: type=1326 audit(2305.380:44097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14993 comm="syz.2.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  253.654539][   T29] audit: type=1326 audit(2305.380:44098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14993 comm="syz.2.3542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58284ef749 code=0x7ffc0000
[  253.679451][T14980] loop5: detected capacity change from 0 to 1024
[  253.720599][T15003] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3546'.
[  253.808636][T14980] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  253.990976][T15020] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3550'.
[  254.040088][T15022] can0: slcan on ttyS3.
[  254.059850][T14980] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.3536: Invalid block bitmap block 0 in block_group 0
[  254.082710][T14980] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.3536: Failed to acquire dquot type 0
[  254.096888][T14980] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.3536: Freeing blocks not in datazone - block = 0, count = 4096
[  254.114928][T14980] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3536: Invalid inode bitmap blk 0 in block_group 0
[  254.141438][ T4513] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:44: Failed to release dquot type 0
[  254.213561][T14980] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  254.224451][T14980] EXT4-fs (loop5): 1 orphan inode deleted
[  254.231681][T14980] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  254.265848][ T5171] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.288551][T15021] can0 (unregistered): slcan off ttyS3.
[  254.803940][T15056] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3566'.
[  254.819992][T15058] can0: slcan on ttyS3.
[  254.929249][T15057] can0 (unregistered): slcan off ttyS3.
[  255.008873][T15073] loop3: detected capacity change from 0 to 512
[  255.059542][T15073] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.100351][T14500] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.126587][T15084] loop3: detected capacity change from 0 to 1024
[  255.150970][T15084] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  255.182728][T15084] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.3579: Invalid block bitmap block 0 in block_group 0
[  255.199219][T15084] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3579: Failed to acquire dquot type 0
[  255.247623][T15084] EXT4-fs error (device loop3): ext4_free_blocks:6706: comm syz.3.3579: Freeing blocks not in datazone - block = 0, count = 4096
[  255.292255][T15084] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.3579: Invalid inode bitmap blk 0 in block_group 0
[  255.310338][ T4497] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:28: Failed to release dquot type 0
[  255.322653][T15084] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[  255.338467][T15084] EXT4-fs (loop3): 1 orphan inode deleted
[  255.344742][T15084] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.379145][T14500] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.432213][T15082] ==================================================================
[  255.440343][T15082] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  255.448359][T15082] 
[  255.450702][T15082] write to 0xffffea0004f5fc18 of 8 bytes by task 15008 on cpu 1:
[  255.458539][T15082]  __filemap_remove_folio+0x1a5/0x2a0
[  255.463929][T15082]  filemap_remove_folio+0x6d/0x1d0
[  255.469169][T15082]  truncate_inode_folio+0x42/0x50
[  255.474219][T15082]  shmem_undo_range+0x244/0xa80
[  255.479098][T15082]  shmem_evict_inode+0x134/0x520
[  255.484143][T15082]  evict+0x2e3/0x550
[  255.488052][T15082]  iput+0x4ed/0x650
[  255.491931][T15082]  dentry_unlink_inode+0x24f/0x260
[  255.497061][T15082]  __dentry_kill+0x18d/0x4b0
[  255.501678][T15082]  dput+0x5e/0xd0
[  255.505339][T15082]  __fput+0x444/0x650
[  255.509346][T15082]  ____fput+0x1c/0x30
[  255.513348][T15082]  task_work_run+0x131/0x1a0
[  255.517971][T15082]  do_exit+0x483/0x15c0
[  255.522154][T15082]  do_group_exit+0xff/0x140
[  255.526673][T15082]  get_signal+0xe58/0xf70
[  255.531026][T15082]  arch_do_signal_or_restart+0x96/0x440
[  255.536777][T15082]  irqentry_exit_to_user_mode+0x5b/0xa0
[  255.542341][T15082]  irqentry_exit+0x12/0x50
[  255.546871][T15082]  asm_exc_page_fault+0x26/0x30
[  255.551740][T15082] 
[  255.554071][T15082] read to 0xffffea0004f5fc18 of 8 bytes by task 15082 on cpu 0:
[  255.561718][T15082]  folio_mapping+0xa1/0xe0
[  255.566172][T15082]  evict_folios+0x2b4b/0x3590
[  255.570871][T15082]  try_to_shrink_lruvec+0x5b5/0x950
[  255.576092][T15082]  shrink_lruvec+0x22e/0x1b50
[  255.580784][T15082]  shrink_node+0x686/0x2120
[  255.585304][T15082]  do_try_to_free_pages+0x3f6/0xcd0
[  255.590516][T15082]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  255.596972][T15082]  try_charge_memcg+0x383/0xa10
[  255.601926][T15082]  obj_cgroup_charge_pages+0xa6/0x150
[  255.607471][T15082]  __memcg_kmem_charge_page+0x9f/0x170
[  255.612944][T15082]  __alloc_frozen_pages_noprof+0x188/0x360
[  255.618779][T15082]  alloc_pages_mpol+0xb3/0x260
[  255.623548][T15082]  alloc_pages_noprof+0x90/0x130
[  255.628491][T15082]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  255.634404][T15082]  __kvmalloc_node_noprof+0x483/0x670
[  255.639796][T15082]  ip_set_alloc+0x24/0x30
[  255.644239][T15082]  hash_netiface_create+0x282/0x740
[  255.649490][T15082]  ip_set_create+0x3cc/0x970
[  255.654177][T15082]  nfnetlink_rcv_msg+0x4c6/0x590
[  255.659130][T15082]  netlink_rcv_skb+0x123/0x220
[  255.663917][T15082]  nfnetlink_rcv+0x167/0x16c0
[  255.668601][T15082]  netlink_unicast+0x5c0/0x690
[  255.673484][T15082]  netlink_sendmsg+0x58b/0x6b0
[  255.678249][T15082]  __sock_sendmsg+0x145/0x180
[  255.682940][T15082]  ____sys_sendmsg+0x31e/0x4e0
[  255.687739][T15082]  ___sys_sendmsg+0x17b/0x1d0
[  255.692512][T15082]  __x64_sys_sendmsg+0xd4/0x160
[  255.697575][T15082]  x64_sys_call+0x191e/0x3000
[  255.702261][T15082]  do_syscall_64+0xd2/0x200
[  255.706782][T15082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.712770][T15082] 
[  255.715093][T15082] value changed: 0xffff88816c71dc18 -> 0x0000000000000000
[  255.722198][T15082] 
[  255.724520][T15082] Reported by Kernel Concurrency Sanitizer on:
[  255.730766][T15082] CPU: 0 UID: 0 PID: 15082 Comm: syz.2.3578 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  255.740575][T15082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  255.750636][T15082] ==================================================================