last executing test programs:

4.330981194s ago: executing program 0 (id=318):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000540)='./bus\x00', 0x8800, &(0x7f0000000280)={[{@errors_remount}, {@sysvgroups}, {@i_version}]}, 0x1, 0x50c, &(0x7f0000001000)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x20200, 0x0, 0xfe, 0x0, &(0x7f00000007c0))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus/file0\x00')
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x1a103e43)
syz_emit_ethernet(0x3e2, &(0x7f0000001540)={@local, @multicast, @void, {@ipv6={0x86dd, @dccp_packet={0x3, 0x6, '^4Q', 0x3ac, 0x21, 0xff, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', {[@routing={0x2b, 0x6, 0x1, 0x2, 0x0, [@private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, @empty]}, @srh={0x21, 0x8, 0x4, 0x4, 0x6, 0x8, 0x7fff, [@local, @local, @private0, @mcast2]}, @fragment={0x0, 0x0, 0x7, 0x1, 0x0, 0x1b, 0x66}, @hopopts={0x3c, 0x5, '\x00', [@pad1, @jumbo={0xc2, 0x4, 0x7}, @enc_lim, @enc_lim={0x4, 0x1, 0x5}, @jumbo={0xc2, 0x4, 0xfffffff8}, @calipso={0x7, 0x10, {0x0, 0x2, 0x4, 0x5, [0x0]}}, @pad1]}, @routing={0x88, 0x6, 0x2, 0xe, 0x0, [@remote, @loopback, @private0]}, @srh={0x0, 0x4, 0x4, 0x2, 0x5, 0x10, 0x8, [@ipv4={'\x00', '\xff\xff', @remote}, @private1]}, @dstopts={0x29, 0xe, '\x00', [@calipso={0x7, 0x20, {0x2, 0x6, 0x4, 0x7, [0x7fffffff, 0x8, 0x8000000000000000]}}, @ra={0x5, 0x2, 0x8}, @calipso={0x7, 0x40, {0x2, 0xe, 0x7, 0x8001, [0x401, 0x7fffffffffffffff, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0xffffffffffff0001]}}, @padn={0x1, 0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}, @routing={0xb8b73a21eb382df6, 0x14, 0x0, 0x40, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty, @dev={0xfe, 0x80, '\x00', 0x3f}, @local, @mcast1, @mcast2, @private1={0xfc, 0x1, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2]}, @srh={0x2c, 0x10, 0x4, 0x8, 0x4, 0x30, 0xb, [@ipv4={'\x00', '\xff\xff', @multicast2}, @loopback, @private0, @remote, @empty, @private0={0xfc, 0x0, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1]}], {{0x4e23, 0x4e23, 0x4, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, "8cdf4d", 0x1, "93a81f"}, "b26809a2621fc6a5f37ef2d19a07e1797693ab842e5795e5e50fd617d86b53430634a51ec4e8052e04773882e7093871f4e132d2bc60703178d808f2883a8a84e36f186100b0122f56ce00f362a00d8c323c0c53d0ce3094d7f4b7c396540ec90699d08f96d82ec5ae20d914c0a8618b99b597b92cb2d8129383e29b19fd847deb39ec45cf4ff1da9678929574b4232da2156e6977d3a7a13dfa61e449d624e974d8e3e92e98ab8da51d4e49ff41fe003c1e9ecf14c978e8d107904d13ee01221b79d1a3d33902b410cdd879"}}}}}}, 0x0)

4.122884117s ago: executing program 0 (id=322):
socket(0x2, 0x80805, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@user_xattr}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="1dc60c97ab9a3a1439b2aa9e7f6d8e7198cc827dc308c9eb58c32dab80b1e6e06ccada52c50847d8b36790d1a81b03aa0f52e33f02877adb38be99d183eb1ec7aac3d780b522fa49b6464980f1c89d", @ANYBLOB="662feeefb1b9fd3c9de263b42ff56a1562f6834c0b1dbec9a67062c32c7e86045bfc2cdda9666a7568d67514b8baae182827ad04b61bfbb85a16bcd5dc425e46cf3643b1e7c8729bff0759bf4e766ca78d25c502836ef2ab75b0037daa8dd04ccb7071a1265d29a92f70680a0d03fc871d41e3d6bcd57141477e929fb81ba5b3c6f78fdfb89cb41d461c26a74bb4f43161080000008cbba731c04c4c770edef962c28e8c6a165df88f0b8cdd73fee42b84dafe641e10f0751e441e1ae4e6f54e90"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='xprtrdma_post_send\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00'}, 0x10)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r1, &(0x7f00000004c0)=[{&(0x7f0000000500)="bb38ad032880e88431213ce67612055d278d0411483dc4b8c6debc5cc27bd7c421bc30d095c8e5d479f50e4efa0330167ff2b9743c4217a69610287f99edf3", 0x3f}], 0x1)
symlink(0x0, &(0x7f00000003c0)='./file0/file0\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x8001}, 0x18)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000002480)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
capget(&(0x7f00000014c0)={0x20080522}, &(0x7f0000001500)={0x9, 0x4, 0x2, 0x2, 0x4, 0xe})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000258480f8d1e6c05b60000"], &(0x7f0000000300)='GPL\x00', 0x9, 0xff6, &(0x7f0000001e00)=""/4086}, 0x94)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r3)
sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000180)=0x63)
sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24000000}, 0x8c0)

3.96009183s ago: executing program 0 (id=328):
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
write$selinux_load(r1, &(0x7f0000000000)=ANY=[], 0x44f0)

3.683585804s ago: executing program 0 (id=331):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000020000000000000080000000950000000000000018180000", @ANYRES32, @ANYBLOB="00000000000000000000000010ffffff00b15b84000000000000001812f70df20f84a8", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000085200000030000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x29, &(0x7f00000000c0)=""/41, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x2, 0xa, 0x6, 0x9}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000180)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f00000001c0)=[{0x3, 0x1, 0x6, 0x3}, {0x2, 0x6, 0x5, 0x5}], 0x10, 0xffff}, 0x9f)

3.657155425s ago: executing program 0 (id=333):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r2)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01022abd7001000000250f0000002a000e0068"], 0x40}, 0x1, 0x0, 0x0, 0x20000050}, 0x48000)
socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000080)={0x8, &(0x7f0000000040)=[{0x40, 0x1, 0x47, 0x1}, {0x9, 0xe, 0x6, 0xe}, {0x7a2, 0x2, 0x6, 0xaf882c1}, {0xff64, 0x3, 0x9, 0x5}, {0x4a64, 0x8, 0xa, 0x800}, {0x3, 0x5, 0x4, 0x6}, {0x3, 0x8, 0x6, 0x4}, {0x164, 0xff, 0x7, 0x2}]}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockname$packet(r0, &(0x7f0000000580)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000005c0)=0x14)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000780)={0x0, r4}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
execveat(r5, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340)={[&(0x7f0000000280)='\x00', &(0x7f00000002c0)='\xbae\x00']}, &(0x7f0000000540)={[&(0x7f0000000380)='\x00', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='GPL\x00', &(0x7f00000004c0)='attr/fscreate\x00', &(0x7f0000000500)='GPL\x00']}, 0xe00)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2240, 0x0)
fcntl$setlease(r8, 0x400, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x1, 0x0, 0xa}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xf1}, @IPSET_ATTR_TIMEOUT={0x8}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x2002c0c4}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r9}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000880)=ANY=[@ANYRES32=r9, @ANYRES32, @ANYBLOB='\a\x00\x00\x00  \x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="a60255811daf21d792bb8b93ad6025eb406188924ed5bf5ed89bef22b5c8573bb487a0f587bc41b27617c8fea353428416140dc249f9ffd8d60eb1c47664f03e10c32fcb5fc2aa05542bc279dea7300dad19136a66c5e2930eb86000199b16882b4fad0ed9e52dff9cf7fb3263548bd3bbb47ec81257e504c98ced158d7adce36e1446a9230623f34875a0fc4ce0e8c7f46fa0497f068175e6484f393ea7fc6ed2a4c83b342a7ee3cddbf28abb7185488d3a1becb2c42e59c2342e447e26f6c516c88f4bbb0fa9e9e053d2061868d1db2cf7465cb0bac641563aa88220ef0000", @ANYRES64=0x0], 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r11=>0x0})
r12 = syz_open_dev$usbfs(&(0x7f0000000700), 0xfffffffffffffff7, 0x14002)
ioctl$USBDEVFS_IOCTL(r12, 0xc0105512, &(0x7f0000000740)=@usbdevfs_disconnect={0x5})
sendto$packet(r0, &(0x7f0000000180)="10030600e0fc020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r11}, 0x14)

3.563875006s ago: executing program 0 (id=335):
r0 = perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0x8, 0x2, 0x4, 0x40, 0x0, 0x80, 0x0, 0x9, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1}, 0x2004, 0x6, 0x100, 0x6, 0x1, 0xffff7fff, 0x6, 0x0, 0x8}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff7a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1a, 0x0, 0x0, 0x0}, 0x30)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
fremovexattr(r0, &(0x7f00000001c0)=@random={'trusted.', '\x00'})
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x800000, 0x7, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r3, 0x560e, &(0x7f0000000000))
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffbfffff01000000", @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00\v\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001811000078b341b48d6ea45be6dea6c18d74f860ec9c9bd9925a058a6c2f13f6be19d07976e888052a3570ab75ea3507f9915ef3382dd0c7b2c628e10e4e74835f9581667eba4efaa926b39d06d58487374b5c38f476bad3cd5270d8426a4d0875fa7ff662dfb21831f0c90d071499ecb68d451a4939849b0d9a4bbf1f91d4eeb19ac309ab4e4fc7451315f2fbfec1cbe70e2a46a573a0a4620b0df610a52e0029a49362ff98a2830f57da7b15a2c2e6948754a33553c2331679ee0adc0ec0c8ad", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r7, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xa0}}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16, @ANYBLOB="01000000000000000000030000005800018044000400200001000a000000000000000000000000000000400000000000000000000000200002000a00000000000000fc"], 0x6c}}, 0x0)
socket(0x10, 0x803, 0x0)
sendmmsg(r8, &(0x7f0000000000), 0x4000000000001f2, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x8)

3.035519284s ago: executing program 2 (id=340):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x20, 0x0)
name_to_handle_at(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
r3 = socket(0x10, 0x3, 0x0)
connect$netlink(r3, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x70bd2b, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

3.034541594s ago: executing program 2 (id=341):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x181)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendfile(r1, r0, 0x0, 0x7ffff000) (fail_nth: 2)

2.379356464s ago: executing program 2 (id=348):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x600001, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000140)={0x0, <r4=>0x0}, &(0x7f0000000180)=0xc)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000003040)={0x0, <r5=>0x0}, &(0x7f0000000200)=0xc)
setreuid(r4, r5)
ioctl$TUNSETOWNER(r2, 0x400454cc, r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r7}, &(0x7f0000000240), &(0x7f0000000380)=r6}, 0x20)
ioctl$EXT4_IOC_CHECKPOINT(r1, 0x4004662b, &(0x7f0000000480)=0x7)
creat(&(0x7f0000000000)='./file0\x00', 0x4)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x4c, r8, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x4c}}, 0x0)
unshare(0x20000200)

2.249863566s ago: executing program 2 (id=351):
r0 = perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x64, 0x0, 0x0, 0xfd, 0x0, 0x8, 0x4000, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={&(0x7f00000001c0), 0x2}, 0x803, 0x0, 0x1ec00000, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18f3019267535910d5a82a13118ac245e56d358db8", @ANYRESDEC=r0, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x41102, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffff8}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$unix(0x1, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x3}, 0x18)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400038008000500", @ANYRES32=r6], 0x3c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='f2fs_readpages\x00', r2, 0x0, 0x80000000}, 0x18)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000101010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa14001980"], 0x44}}, 0x0)
r9 = socket(0x40000000015, 0x5, 0x0)
getpeername$packet(r9, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a0b0400000000000000000200000028000480240001800b000100657874686472000014000280080001400200000008000640000000020900010073797a30000000000900020073797a3200000000050007"], 0x84}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r11 = socket$packet(0x11, 0x2, 0x300)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x298000, 0x0)
ioctl$SIOCSIFHWADDR(r12, 0x8924, &(0x7f0000000400)={'gretap0\x00', @local})
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'wg1\x00', <r13=>0x0})
setsockopt$packet_int(r11, 0x107, 0x14, &(0x7f00000000c0)=0xf3e, 0x4)
sendto$packet(r11, &(0x7f0000000280)='\x00', 0x1, 0x0, &(0x7f0000000080)={0x11, 0x0, r13, 0x1, 0xf6, 0x6, @random="5afe8b181d50"}, 0x14)
ioctl$SNAPSHOT_FREE(r0, 0x3305)

2.101807358s ago: executing program 2 (id=356):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@getqdisc={0x24, 0x26, 0x1, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, {0x1, 0x7}, {0xa}, {0xfff9, 0xb}}}, 0x24}}, 0x800)

2.026135989s ago: executing program 2 (id=359):
pipe(0x0)
mq_notify(0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000f5ffffff0000001080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'wg2\x00'})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="07000000040000000802000001", @ANYBLOB], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x8001000000000000, 0x40, &(0x7f0000000740)=@raw={'raw\x00', 0x8, 0x3, 0x240, 0xd0, 0x11, 0x148, 0xd0, 0x0, 0x1a8, 0x2a8, 0x2a8, 0x1a8, 0x2a8, 0x3, 0x0, {[{{@ip={@private=0xa010102, @dev={0xac, 0x14, 0x14, 0x3e}, 0xffffff00, 0xffffffff, 'geneve0\x00', 'sit0\x00', {}, {0xff}, 0x73, 0x2, 0x14}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x2, 0x5, 0x9, 0x3, 0x3, 0x5]}, {0xffffffffffffffff, [0x11]}}}}, {{@ip={@multicast2, @multicast2, 0xffffff00, 0xffffffff, 'lo\x00', 'hsr0\x00', {0xff}, {0x7f}, 0x88, 0x2, 0x2}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00', {0xb201}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0)

2.00873638s ago: executing program 4 (id=361):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r0, 0x0, 0x0, 0x20004041, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r2, &(0x7f0000001800)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000001180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x12, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
socket$packet(0x11, 0x2, 0x300)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0x7}, 0x1c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0900000000000000000002000000140001800500020001"], 0x28}}, 0x0)

1.669651935s ago: executing program 4 (id=365):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
syz_emit_ethernet(0x5e, &(0x7f00000002c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x28, 0x6, 0x0, @remote, @private2={0xfc, 0x2, '\x00', 0x1}, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0xa, 0x0, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x2}, @nop, @fastopen={0x22, 0x5, "a2c468"}, @fastopen={0x22, 0x9, "e721863490e0dc"}]}}}}}}}}, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x18, 0x7, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3c, '\x00', 0x0, 0x2}, 0x94)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r2, 0x5453, 0x0)

1.518426047s ago: executing program 3 (id=367):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0, <r2=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x28, 0x18, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @u32=0x4}, @nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @uid=r2}]}]}, 0x28}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000680)='spmi_write_end\x00', r0, 0x0, 0x80000000000002}, 0x18)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r4, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
connect$vsock_stream(r4, &(0x7f0000000280)={0x28, 0x0, 0x0, @local}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaabe9689ce9f888100200008004500005800660000052f"], 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x6, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xffff68e4}, @alu={0x4, 0x1, 0x7, 0x1, 0x3, 0x6, 0x4}]}, &(0x7f0000000780)='syzkaller\x00', 0x8, 0x0, &(0x7f00000007c0), 0x41100, 0x45, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000800)={0x5, 0xa, 0xa16, 0x1}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xaac}, 0x94)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000900)=@o_path={&(0x7f0000000700)='./file0\x00', r6, 0x4000, r3}, 0x18)
shutdown(r4, 0x1)
ppoll(&(0x7f0000000480)=[{r4, 0x205}], 0x1, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f0000000140)=[{{0x2, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x0, 0x1}}, {{0x2, 0x0, 0x1}, {0x2, 0x0, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x1}}], 0x20)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8)
socket$netlink(0x10, 0x3, 0x10)
recvmsg$can_raw(r3, &(0x7f00000004c0)={&(0x7f0000000340)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000dc0)=""/4096, 0x1000}, {&(0x7f0000000180)=""/44, 0x2c}, {&(0x7f0000000240)=""/60, 0x3c}, {&(0x7f00000003c0)=""/145, 0x91}], 0x4, &(0x7f0000000540)=""/118, 0x76}, 0x12020)

1.462682558s ago: executing program 3 (id=368):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r0, 0x21081c22)
keyctl$read(0xb, r0, 0x0, 0x0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$search(0xa, r0, &(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, r1)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r1)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7f}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000300)=0x53)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000240)={r6, @in={{0x2, 0x4e21, @private=0xa010102}}}, &(0x7f0000000140)=0x84)

1.453726158s ago: executing program 4 (id=369):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@getqdisc={0x24, 0x26, 0x1, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, {0x1, 0x7}, {0xa}, {0xfff9, 0xb}}}, 0x24}}, 0x800)

1.377915699s ago: executing program 3 (id=370):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x7, 0xff, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newtaction={0x6c, 0x30, 0xb, 0x70bd2a, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xb18}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x4, 0xa7, 0x2, 0x6ae9, 0xffffff7d}, 0x3}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x48004}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000020000000000000080000000950000000000000018180000", @ANYRES32, @ANYBLOB="00000000000000000000000010ffffff00b15b84000000000000001812f70df20f84a8", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000085200000030000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x29, &(0x7f00000000c0)=""/41, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x2, 0xa, 0x6, 0x9}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000180)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f00000001c0)=[{0x3, 0x1, 0x6, 0x3}, {0x2, 0x6, 0x5, 0x5}], 0x10, 0xffff}, 0x9f)

1.334594309s ago: executing program 4 (id=371):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x7, 0xff, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newtaction={0x6c, 0x30, 0xb, 0x70bd2a, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xb18}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x4, 0xa7, 0x2, 0x6ae9, 0xffffff7d}, 0x3}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x48004}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r7}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000020000000000000080000000950000000000000018180000", @ANYRES32, @ANYBLOB="00000000000000000000000010ffffff00b15b84000000000000001812f70df20f84a8", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000085200000030000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x29, &(0x7f00000000c0)=""/41, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x2, 0xa, 0x6, 0x9}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000180)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f00000001c0)=[{0x3, 0x1, 0x6, 0x3}, {0x2, 0x6, 0x5, 0x5}], 0x10, 0xffff}, 0x9f)

1.097631923s ago: executing program 3 (id=372):
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000300)={'erspan0\x00', &(0x7f00000002c0)={'sit0\x00', <r1=>0x0, 0x8010, 0x700, 0x0, 0x10, {{0x6, 0x4, 0x1, 0x0, 0x18, 0x64, 0x0, 0xd, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0xd}, @private=0xa010101, {[@noop]}}}}})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x6, 0x19, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@call={0x85, 0x0, 0x0, 0x5b}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xd0aa}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000008c0)=[r0, r0, r0, r0, r0, r0, r0, r0], 0x0, 0x10, 0x6}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', r1, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$inet6(0x10, 0x3, 0x0)
r7 = memfd_secret(0x80000)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x5, 0x3, &(0x7f00000011c0)=ANY=[@ANYRES32=r4, @ANYBLOB="5e529c9e6ad6106c818d90ad6772752bdc218fbfd4effe9c2c9443e780246187c9871e9a4a49a448e5abc5e0734f545386080dfa822cf27f8141e0ecd69f96dbdb093fd8af1b96294924748393976aed0e9511a69c9cb404760e635012845c03667fb0fa1fbd18040a92c41b5e9bf76206174489d2b8287f6c89b8b21de8930bc193d4c5290a5bc5270176c90e555c7124bc934f24667713cf89fc7ea48d782e29551d9e86072e78accea34c772c346f1a1ded08dcfbe82ceae73bc87f8e6095c1f032ff8b6aaa4635a962def14970961b594c3af4bb5d75440a17c31190d182264ad0029cc9a19341bdd9243a4bbe1af95da6c74dbb9942976a76ba3761c7df6bdcda0628cff98d1de02752e95e18915b00a77ad5c1598b50be3f909911cdb309dfdc3e800902cfd778e2e8b2dadcee0dbd221371642841f57afbc6cefdc4af342714b41210ee6fc16e8a584cb346c0709a792b1d259b3d73c3f5ee8b7662996deb54619ee56721079cd5cb1d8154270710b35fa5163884722fb5d3897f7217db22aec80e4fc4029e70416afd0f6f723578a86a5ad521a19f8814e974768c912cd79f481483ac9c5fbb7252a358d26e8f7f5bb7ca8faacd013fa6c147a98334a9d3f1126789a2d6af3f80fac4ed3c7db636171cbf10b25db7f884c620fda04976423f2ef505f0cd56c90977775e41c06b1f7338feddb694e3be8864e62b0780338e83a30ede3d9c7d696cebba044f8e06d99b9ca049fd54b3a0e4db837e657ceb2f8ebcddcb9a9eb0e4cfe4d80ed406854b0cc6f58694cf33d101dd540ed1491293049cda3a733eb7f10eb44f76a5f019510555fb64f799c7dba76d68cbeda5120d39e3012d921cca03715d6101a23ebafdaa28519d8193b54b8356f07e081dae25aafda94a5f1d2f37102923ded2f820e91d31f501cf45437f5c170a93ea4b7b75505886f1ff6bc5130ca780df649b273e7e3be4c98723aac30c84d6ff5c39ed407a7a75e393b560c55b045c3f0c8a4ced5dc3cb8f090e6067f29de257f8fd108afc40271ad5d95f2dc1931c7d6fc506099264946c18c0575248ae05ef8c6a1589bef93f2c566363870aff911b9a229d20965f9ef60b2783b832eb7a1b9a107f38d926074b9032fe157fd524f41581d6386982773b41dfa8c7a7e175a991fb51554da88f971ad58c0cf63c291228caa6b85a5157737c0aa82dac4615165611ccf3572d24f5f11579ee2e90cc815c49a5ba880fa55bb8e2da0a940a6e2fb5ab1e963b2b31546c580c98333530cc6d16dbd0391c62d18c54982bfddf26e88d0720349d3041e37090b3ced7a8ca51535be6f5a06d7d212e732ebb02971ee278d2867ca01d214ceb8ebf7f8e29062b276349a09f1f91ad6705e41699e484cf56e7acfab66c138f92a77ea1d2efad52ca2e76b9f5571648bb75627316360aa80f9b9da552a7e74109787cc9a4ec06d75e1cea70408988eafa57a3094951a9154f44f58f32fde941cdba6703b3f6d9b698504796559837baa9472a82db9fd3c53e8bc415675f88670897a9b23f1f3fb66afc1bc48e4b86462bfd931471dc6731935b592a5c6930950ffa741418674b65a55ceb6790f777224aa5b55dc9b20f32fe4878347665db3ffa68c6aaee6d1943363af72a5c31b2c6239f2a0e76874301157fa9e06c1457d5104346a7df4d55ccd8a658258a9994397c386c5b3c4073b7f6666820d8a29b0f3df976a0186499c12133cf31a5f2baa2dfa1d942d67fa80f49d589f39e496af0ca973cf53fbcc356c876d0ca2bab6de2d4d627dbb9dd83979d45a3c7117b4815b381896f1b97156e4437da1be037716e64b33b884e7bec63104b5c64ebb56d1b9f5b1dfe0ea690b59f9b315352fd8cf2502e2259a1964ed2b4a9db43d67db30d940875ec16f71d428a44955679fccca0285fe9f160450ecc217f85d9bdce78dcaa8e849e1403f80253307cef8afa603bbc93b3a6009283e5752495c48e9843075548ba3533eea625b4d481e2b7eda01c1fa2306d8c6317aa3e878f44d2ecc8cc9bafac204a9f996cccbc380432c387d4e0b871f3edf564abdda49aaf52ae8e854ff6279aeb08c1d0019b20f02f7efd54f218030baa87944e6d3fca0b5dd74626fbec390c78064b152524a6c30f001af64562c23ad466a5505ee8ab6efa6d8fde7388a4fe84832ed7f3843b43358f9c7788e23d8c07397a8e40cab37a3801835cfc2433cab254a613c65aecfc847d63d5208471b6e39275e79d4c96e8bf668d1f9acfcff5484fe918002a62d09aedc56f82f67b8c2320a02cdd28e9e7fd603dd519a4298ede671c6de80bf0c66346b873344d97cdefbe18474649bfafed733c2df62397679dda491c36bdbaeb5dc552ec4f80cb96d406b4e5b178e9e8423f55a9b4c855708dcc1a81a6594c1e905832f3ca2fc41dfdb1d02dc725e6946d635997ce54cd895b395a0908c90c2ba7c9d1d82b0454f14dfb3bbf1979cf97560bbef7bdb8c2f279c4caca886469273c0f9d69c525faaf94bc086195ce0513d766d62a398c09a2872a327df7b70d35078ea60c16e0e3e03ef83b243d5ca414e6d09fda70ff8255f0a0fb9cc210fc586cf3a463fdd66709495b63efe9504e8b45ee6e2d6c5d79b073a6e93e5d6e17c2942c4961f5c1aa89d2cce6875ea4f2734be30279f10b659624398fe463b843ca1f6ecfa289542c780acaca2db84570dc7cd06257ce514ba6738074b8e3789c12ad7a668d5b187d39fdebacfdc51100916811d2e6f4c56de18ef2483f2946cf62e40ee07d089ebab5b59b983b012c330aec0935dc814fcdd820f5b4235d4415718fcd9e152a82fbce1cdf1fd02e9d8d9ac3ebd12620e53987dff320ef939b5c8784f628dd9aed264f56906e095218a93c1304dc39187246444f2e28d41ecdd337d75e3bb6e3aa7ff798ecd51022916760e49614f5023d7acfe900c83cc05e4cd492e42491f2740b2ddc85ee68db8c1c592fb319a04f37e3e010957089148f135d8c60e5b3902f984e1718f6472609dc112f230bbdea99c02e0c00a3da0b99e82702e85b8b5c2e986dd09ec7cfaf16327ccca2cbccc7bc1edfccb1dd9188a541f459dfa582dc3f072e38e96711057a615b793a99015c2b0dc588e604ad2827e19b7e2e8055dd705190012f1e2667132eccc322e3f921322d981dd2088146f1f39650a47c6929191cbd97393cfa6c1df302e4cbfb9539c2e998a865fb558de989eb6016d721a6ec7c0e8d94d8d2687c839ec6da9fdca5f05eb31b701215629e36399546f8a668dd8f43f61f5bf0fa0561409a30f5090ab034db31f2f6ded92ebc0e29b56e3ffa562ec8cb25bfe2b690f5a2df50dbe149b56784f1a74f76cd45b35869cd1cdfc64ae6779c18f706571aa2ebc4628b1e3f99d120784995edff343ee49fd630219dcd7aff264825e136afadcef8a2c3cc8bde83890dcb3a8ae0ab6f9f707106c8a22ec6683a30a1c6e1d63087e3c70c11e056f07bd42227c5801c3cf587c29c8ec207b4e0926f6e63511a9b2d7f81a77161430675c9901482deabdd4e3b92c46c4e4eaa3762e700c1c6b7cd6f66b2fc4aba75bf903d0bf220730830a07c4b5857adb7fbe6845463c1678e7bf2fc33fccce614cd0b01d5d3021937df68aca658a87a5fa5144fb3ac134295a82242ca2379f536b6b038ab43b9340f76f00e3946208b067e51ba50c3247c67c980fafbdc8f2534dd0ebbec14527d13177a99072d76cf6f04bd155fb0a28e7682c65d450635510c8f36a5c4ed15d32a51794aff196ec9bf916a0c4e59b77f6694237ab4cc325f189d63ffef84e53f838340b21d33b540960c600efb341616fc049f52891156ff850ed7fdabb9b556f534bce7c87a9d4178a40793cb694ece5d2d6b19927f86288336c1e0354979fc39429e16da0d04a0f9b0d7149160c3991128aaf0065e8b296d2d77e83f79886707ac264e0b35d889c2a3f87aa51cf89ad463a9db154cb583bb7d84cd88028be94929fa207d88da3c37a4cf3a1ffb3a154704a28b90a07adba8f7c3e65834f204352cf9c7be344d9312f44dea75a5afd627115abc0ace80e2759e27b7b5a6500d05522996d11c837ba2436ba394be7dcf01b1dd5539e3d3662e231f2e27751341c5af170d55ec6f12e150865501b4e71a356becaa3f09231ffe9ac25c022d33e63c75bed9e9f3c7898ee06888bed23b75352662908efe7c6ba81bfd085e72015cca556e6c6f69d7a0e6fdaaeff4b111cff8e1f81f72e7ba3613981d5029b968820d41cd4249b41c54a2825c0906168029aa073a40d9a698e22482bda34f1c416e08b1981bf7cf00baefd567a889065b5e978f8fee5b1d152e793d781aa26a9d14d6c9eb6c77a30fbc379b0ff33beb53a68476a97bc8efe91d43ad6e604ea2d9e6f3963f344ffceec885df5aaae619fbaad2a492abc308efc252a33258dc9618b807c88da615617c37de5b227c1a760ddf88f74e5d939e029749ad44407697d7b4ae6a5e84ade25e330c4272d3da3bb7a8eae8f2e230cfe1a6c891883198bae8f691267a26f060952a9e4f54122026a99aafbc6fb9b57819fb679d9c549d11504e8db0bf6abe04ceec7065305db8000178de90b3b372a4bbe42f1ca36fdc0a853c21722bf838e1b17ac87da56caae038cf1630bb810e7c1435f105824c8eeb5603aceab957748fe72eef8590b9d766323d73a704222d4dce86c8c7d313623f5c509254765869f85e8ed381d14384f038fa4242e37eecfdcb92f2f97c443db5e88ce8238d8389cc8fe2cd1bc100c1123beb0e9d874692db265bf6fdc89a246f810356f9f39ee19b92b1654b1dd775d530ec1cb0a4a3f2cae538b46329ab7ea65f56088318cce56ddb393c18e8643cb1ac1fb851f5ee2427bd062acf29ca08cd40ecd4e3afb1167d62f49a157bfed748901008ece285f470430ac8c5070ab97134aeedd95241d539f4bb3fd24031121ae151ff6a05f94e926bfc0f8f9358d2cb42c628f69e08a0e1b79c34b572a424c425baa80e1c6b025c00af148adaa799dec77444d40aa475d505a315598e411ec9618b290f7b4756f0fb8f49ec8def2bd9c2fc93e214738c05edb58373b6c8c4740f55328b73e93f232f7127f1d2fafced72463c10842c3309516e154f03835abede92942364672a21afb3648bbe111c0281449ca7b97e15939516315ea652a07fcd1892e5e74fbbf6ca0cefde65bf4212e907b6071d1b4701871dd3c3566597d14ce4cdb2fee1bbce8a1ee7aa79370716979fb5f88545eb13f043e6857a0fe403771291678f73ba053fb597cc6e5894ef0198d99592f7e771a72166eb422181c650bda63c36e5dfd7d03e688413b7c8eacf90bc5eeeb2dbacc5783f82636e938a742caf1ad8ced781877f2ebde60b5e0cbab6e023340dcb97869eff699dface42797731b38dbf1d8fd16d40b1ae2b536f17ee3ce97a394c25dd6bf57a4a46ef2c51a18d4696861847e91dd126e393d249b031c85d84abcaf19df7efcc5d7ddb35bc8977f89292a9473e4373979c916eb0c18b7c4d7ad8f6114f9e38f54496774f40f5eca0c9e7cbe31a5edd04710892fdd0606d093e50471a859d8dc021eaaf7b0d2c4999860918139479165007941b7f5e35085b3688ae4ab1583aa9ab3a494201a63d3c3e1820116ee641ae1f9f7f6506cd0b8405700e4cb7a500b5a4e32dc5dc1d487d3984c2cca95b859096c0c8e11d5940bf081b52ba110c5751e95068750988e1b14d13da99b3f048684c6b3bd47649105eccef4c3a762295a9bbbd54ef1dc2a2", @ANYRES32=r4], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40800000000000073119a00000000008510000002000000b7000000000000009500c200000000009500"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc6, &(0x7f00000010c0)=""/198, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000440), 0x400000, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r7, <r10=>0xffffffffffffffff}, &(0x7f0000000480), &(0x7f00000004c0)=r8}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x6, 0x19, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7f}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [@call={0x85, 0x0, 0x0, 0x63}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0x8}, @ldst={0x2, 0x1, 0x6, 0x6, 0x4, 0xffffffffffffffff, 0xfffffffffffffff0}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x1}, @cb_func={0x18, 0x4}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0xf0, &(0x7f0000000340)=""/240, 0x41000, 0x160b4fafbeaa41e5, '\x00', 0x0, @xdp=0x25, r7, 0x8, &(0x7f0000000080)={0x9, 0x3}, 0x8, 0x10, &(0x7f00000000c0)={0x3, 0xe, 0x3, 0x1}, 0x10, 0x0, r9, 0x1, &(0x7f0000000680)=[r10], &(0x7f00000006c0)=[{0x4, 0x1, 0xc, 0xb}], 0x10, 0xffffffff}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000040), &(0x7f00000001c0)='%pK    \x00'}, 0x20)
sendmsg$tipc(r5, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)

1.034909324s ago: executing program 3 (id=374):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850064001b000000b70000010000fff1bbc7000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
setitimer(0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
listxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)=""/13, 0xd)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x10008, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x7fffffffffffffff, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r4}, 0x10)
msync(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000030000000900010073797a300000000040000000030a03000000000000000000030000000900030073797a30000000000900010073797a3000000067140004800800024000000000080001400000000028000000000a01040000000000000000030000000900010073797a30000000000800024000000001"], 0xb0}}, 0x0)

934.302386ms ago: executing program 4 (id=375):
prctl$PR_SET_VMA(0x23, 0x0, &(0x7f000098b000/0x2000)=nil, 0x2000, &(0x7f0000000040)='))$/^\x00')
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000000914e73f"], 0x30}, 0x1, 0x0, 0x0, 0xbe9b70533f0d9e1}, 0x0)
r1 = request_key(&(0x7f0000000000)='.request_key_auth\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f00000001c0)='\x18,(d:@],)*,&}[&\x00', 0xfffffffffffffff9)
getpid()
r2 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
close(0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x1}}, {@dioread_lock}, {@nouid32}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@sysvgroups}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x583, &(0x7f0000001080)="$eJzs3U1rG0cfAPD/yi9xXp7EgRCe56EUQw5NSSPHdl9S6CE9ljY00N5TYSsmWI6CJYfYDTQ5NJdeSiiU0kDpvb33GPoF+ikCbSCUYNpDLyorrxw5lmzZkS0n+v1gxcy+aGa0O8N/NRIbQN8aS19yEf+LiK+TiGMRkWTbBiPbOLa638qTW9PpkkSt9smfSX2/NN94r8Zxh7PMfyPi1y8jzuQ2lltZWp4rlErFhSw/Xp2/Pl5ZWj57db4wW5wtXpucmjr/1tTku++83bW2vn7p7+8+fvDB+a9OrXz786Pj95K4EEeybc3t2Jnh9OV285qxGMs+k6G48MzeE89X2L6T9LoC7MhA1s+HIh0DjsVA1uuBl98XEVED+lTSvv9Hsqc1AfZWIw5o3Ntvfh98dC3VfOyL7PH7qzdAG9s/uPrdSIzU740OrSTr7ozS+93RLpSflvHLH/fvpUt05XsIgM7cvhMR5wYHN45/STb+7dy51qtHmjPPlmH8g73zII1/3mgV/+TW4p9oEf8cbtF3d2Lr/p971IVi2krjv/daxr9rk1ajA1nuP/WYbyi5crVUPJdFw6dj6ECa32w+5/zKw7axcnP8ly5p+Y1YMKvHo8ED64+ZKVQL9S/uuuDxnYj/t4x/k7Xzn7Q4/+nncanDMk4W77/abtvW7d9dtR8jXmt5/p/OaCWbz0+O16+H8cZVsdFfd0/+1q78Xrc/Pf+HNm//aNI8X1vZfhk/jPxTbLdtXfuj8+t/OPm0nh7O1t0sVKsLExHDyUcb108+PbaRb+yftv/0qc3Hv1bX/8GI+KzD9t898dMrHbW/R+d/Zlvnf/uJhx9+/n278jsb/96sp05na+rj3xY6reDzfHYAAAAAAACw3+Qi4kgkufxaOpfL51d/33EiDuVK5Ur1zJXy4rWZqP9XdjSGco2Z7mNNv4eYyH4P28hPPpOfiojjEfHNwMF6Pj9dLs30uvEAAAAAAAAAAAAAAAAAAACwTxxu8///1O8Dva4dsOvaPPL76CaHjOxWXYC9teUj/7vxpCdgX9qy/wMvLf0f+pf+D/1L/4f+pf9D/1rX/036Q/+o1Wq1XtcB6BnxPwAAAAAAAAAAAAAAAAAAAAAAAAAAAHTVpYsX06W28uTWdJqfubG0OFe+cXamWJnLzy9O56fLC9fzs+XybKmYny7Pb/V+pXL5+sRkLN4crxYr1fHK0vLl+fLiterlq/OF2eLl4tCetAoAAAAAAAAAAAAAAAAAAABeLJWl5blCqVRc2LXEyO4XIbH9xGh06Q0H90VzJLqd6PXIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABP/RsAAP//BGY9Dw==")
r7 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x1ff, &(0x7f0000001540)=<r8=>0x0)
io_submit(r8, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r7, &(0x7f0000000000), 0x4000}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
add_key$keyring(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r2)
recvfrom(r0, 0x0, 0x0, 0x20, 0x0, 0x0)

906.694496ms ago: executing program 3 (id=376):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0x1, 0x0)
vmsplice(r1, &(0x7f0000000240), 0x0, 0x6)

814.253817ms ago: executing program 1 (id=377):
prctl$PR_SET_NAME(0xf, &(0x7f0000000880)='+}[@\x00')
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffff7ffffe9}, 0x18)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000340)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0x0)

710.026689ms ago: executing program 1 (id=378):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r2)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01022abd7001000000250f0000002a000e0068"], 0x40}, 0x1, 0x0, 0x0, 0x20000050}, 0x48000)
socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000080)={0x8, &(0x7f0000000040)=[{0x40, 0x1, 0x47, 0x1}, {0x9, 0xe, 0x6, 0xe}, {0x7a2, 0x2, 0x6, 0xaf882c1}, {0xff64, 0x3, 0x9, 0x5}, {0x4a64, 0x8, 0xa, 0x800}, {0x3, 0x5, 0x4, 0x6}, {0x3, 0x8, 0x6, 0x4}, {0x164, 0xff, 0x7, 0x2}]}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockname$packet(r0, &(0x7f0000000580)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000005c0)=0x14)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000780)={0x0, r4}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
execveat(r5, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340)={[&(0x7f0000000280)='\x00', &(0x7f00000002c0)='\xbae\x00']}, &(0x7f0000000540)={[&(0x7f0000000380)='\x00', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='GPL\x00', &(0x7f00000004c0)='attr/fscreate\x00', &(0x7f0000000500)='GPL\x00']}, 0xe00)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2240, 0x0)
fcntl$setlease(r8, 0x400, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x1, 0x0, 0xa}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xf1}, @IPSET_ATTR_TIMEOUT={0x8}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x2002c0c4}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r9}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000880)=ANY=[@ANYRES32=r9, @ANYRES32, @ANYBLOB='\a\x00\x00\x00  \x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="a60255811daf21d792bb8b93ad6025eb406188924ed5bf5ed89bef22b5c8573bb487a0f587bc41b27617c8fea353428416140dc249f9ffd8d60eb1c47664f03e10c32fcb5fc2aa05542bc279dea7300dad19136a66c5e2930eb86000199b16882b4fad0ed9e52dff9cf7fb3263548bd3bbb47ec81257e504c98ced158d7adce36e1446a9230623f34875a0fc4ce0e8c7f46fa0497f068175e6484f393ea7fc6ed2a4c83b342a7ee3cddbf28abb7185488d3a1becb2c42e59c2342e447e26f6c516c88f4bbb0fa9e9e053d2061868d1db2cf7465cb0bac641563aa88220ef0000", @ANYRES64=0x0], 0x20)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r11=>0x0})
r12 = syz_open_dev$usbfs(&(0x7f0000000700), 0xfffffffffffffff7, 0x14002)
ioctl$USBDEVFS_IOCTL(r12, 0xc0105512, &(0x7f0000000740)=@usbdevfs_disconnect={0x5})
sendto$packet(r0, &(0x7f0000000180)="10030600e0fc020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r11}, 0x14)

629.43798ms ago: executing program 1 (id=379):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0, <r2=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x28, 0x18, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @u32=0x4}, @nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @uid=r2}]}]}, 0x28}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000680)='spmi_write_end\x00', r0, 0x0, 0x80000000000002}, 0x18)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r4, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
connect$vsock_stream(r4, &(0x7f0000000280)={0x28, 0x0, 0x0, @local}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaabe9689ce9f888100200008004500005800660000052f"], 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x6, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xffff68e4}, @alu={0x4, 0x1, 0x7, 0x1, 0x3, 0x6, 0x4}]}, &(0x7f0000000780)='syzkaller\x00', 0x8, 0x0, &(0x7f00000007c0), 0x41100, 0x45, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000800)={0x5, 0xa, 0xa16, 0x1}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xaac}, 0x94)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000900)=@o_path={&(0x7f0000000700)='./file0\x00', r6, 0x4000, r3}, 0x18)
shutdown(r4, 0x1)
ppoll(&(0x7f0000000480)=[{r4, 0x205}], 0x1, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f0000000140)=[{{0x2, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x0, 0x1}}, {{0x2, 0x0, 0x1}, {0x2, 0x0, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x1}}], 0x20)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8)
socket$netlink(0x10, 0x3, 0x10)
recvmsg$can_raw(r3, &(0x7f00000004c0)={&(0x7f0000000340)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000dc0)=""/4096, 0x1000}, {&(0x7f0000000180)=""/44, 0x2c}, {&(0x7f0000000240)=""/60, 0x3c}, {&(0x7f00000003c0)=""/145, 0x91}], 0x4, &(0x7f0000000540)=""/118, 0x76}, 0x12020)

550.583502ms ago: executing program 1 (id=380):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r0, 0x21081c22)
keyctl$read(0xb, r0, 0x0, 0x0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$search(0xa, r0, &(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, r1)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r1)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7f}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000300)=0x53)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000240)={r5, @in={{0x2, 0x4e21, @private=0xa010102}}}, &(0x7f0000000140)=0x84)

429.825644ms ago: executing program 1 (id=381):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x141042, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd25, 0x25df9bfb, {0x0, 0x0, 0x0, r3, {0xd, 0xe}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}, @TCA_RATE={0x6, 0x5, {0xfc, 0x3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)

334.522795ms ago: executing program 1 (id=382):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x5, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], <r1=>0x0, 0x7b, &(0x7f0000000580)=[{}], 0x8, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x31, 0x8a, 0x8, 0x8, &(0x7f0000000640)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000940)=ANY=[@ANYRES16=r1, @ANYBLOB="da1adcdb94028fb539c44979f840e95689e02214211bc854d300d8cdcdb70d82e6b470c330e3a73f8b558f692aa41a905217e8320dd659cf4dc388bd7f03eef6fce99d7a40a36c2705a3b6c9639c3fbd361a93449685b07f3b27803b4e07007f5a2716e789cb8b1a117ec647416e71f2ad38b6ad743ba572f4671be0b6", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r0, <r3=>0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f0000000400)}, 0x20)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYRESHEX=r2], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x97)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xffc, 0x4, &(0x7f0000006680))
quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000901, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000180)={'wg1\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYRES16, @ANYRES32=r5], 0x20}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x8, 0x3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_ACTOR_SYSTEM={0x8, 0x1a, @dev}]}}}]}, 0x3c}}, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00'}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x4000)
ioctl$SIOCSIFHWADDR(r8, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})

0s ago: executing program 4 (id=383):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/108, 0x43e5}], 0x1, 0x4000, 0xa000000)

kernel console output (not intermixed with test programs):



syzkaller
syzkaller login: [   20.780337][   T29] kauditd_printk_skb: 45 callbacks suppressed
[   20.780355][   T29] audit: type=1400 audit(1751741777.782:57): avc:  denied  { transition } for  pid=3181 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   20.809400][   T29] audit: type=1400 audit(1751741777.782:58): avc:  denied  { noatsecure } for  pid=3181 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   20.829116][   T29] audit: type=1400 audit(1751741777.782:59): avc:  denied  { write } for  pid=3181 comm="sh" path="pipe:[2227]" dev="pipefs" ino=2227 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   20.851425][   T29] audit: type=1400 audit(1751741777.782:60): avc:  denied  { rlimitinh } for  pid=3181 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   20.870287][   T29] audit: type=1400 audit(1751741777.782:61): avc:  denied  { siginh } for  pid=3181 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '10.128.0.2' (ED25519) to the list of known hosts.
[   29.044959][   T29] audit: type=1400 audit(1751741786.042:62): avc:  denied  { mounton } for  pid=3292 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   29.046427][ T3292] cgroup: Unknown subsys name 'net'
[   29.067840][   T29] audit: type=1400 audit(1751741786.042:63): avc:  denied  { mount } for  pid=3292 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   29.095353][   T29] audit: type=1400 audit(1751741786.072:64): avc:  denied  { unmount } for  pid=3292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   29.246189][ T3292] cgroup: Unknown subsys name 'cpuset'
[   29.252771][ T3292] cgroup: Unknown subsys name 'rlimit'
[   29.385837][   T29] audit: type=1400 audit(1751741786.392:65): avc:  denied  { setattr } for  pid=3292 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   29.409412][   T29] audit: type=1400 audit(1751741786.392:66): avc:  denied  { create } for  pid=3292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   29.429935][   T29] audit: type=1400 audit(1751741786.392:67): avc:  denied  { write } for  pid=3292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   29.450501][   T29] audit: type=1400 audit(1751741786.392:68): avc:  denied  { read } for  pid=3292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   29.470840][   T29] audit: type=1400 audit(1751741786.402:69): avc:  denied  { mounton } for  pid=3292 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   29.480121][ T3296] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   29.495787][   T29] audit: type=1400 audit(1751741786.402:70): avc:  denied  { mount } for  pid=3292 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   29.528261][   T29] audit: type=1400 audit(1751741786.512:71): avc:  denied  { relabelto } for  pid=3296 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[   29.604650][ T3292] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   31.307975][ T3303] chnl_net:caif_netlink_parms(): no params data found
[   31.386459][ T3303] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.393769][ T3303] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.401081][ T3303] bridge_slave_0: entered allmulticast mode
[   31.407698][ T3303] bridge_slave_0: entered promiscuous mode
[   31.429922][ T3303] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.437087][ T3303] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.444588][ T3303] bridge_slave_1: entered allmulticast mode
[   31.451183][ T3303] bridge_slave_1: entered promiscuous mode
[   31.492542][ T3303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   31.505235][ T3303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   31.542186][ T3303] team0: Port device team_slave_0 added
[   31.567467][ T3303] team0: Port device team_slave_1 added
[   31.594863][ T3313] chnl_net:caif_netlink_parms(): no params data found
[   31.627425][ T3303] batman_adv: batadv0: Adding interface: batadv_slave_0
[   31.634412][ T3303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   31.660436][ T3303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   31.671795][ T3303] batman_adv: batadv0: Adding interface: batadv_slave_1
[   31.678828][ T3303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   31.704838][ T3303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   31.783789][ T3313] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.791012][ T3313] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.798785][ T3313] bridge_slave_0: entered allmulticast mode
[   31.805487][ T3313] bridge_slave_0: entered promiscuous mode
[   31.812770][ T3314] chnl_net:caif_netlink_parms(): no params data found
[   31.830036][ T3303] hsr_slave_0: entered promiscuous mode
[   31.836180][ T3303] hsr_slave_1: entered promiscuous mode
[   31.842407][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.849603][ T3313] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.856800][ T3313] bridge_slave_1: entered allmulticast mode
[   31.863243][ T3313] bridge_slave_1: entered promiscuous mode
[   31.894822][ T3317] chnl_net:caif_netlink_parms(): no params data found
[   31.911989][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   31.941063][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   31.984580][ T3313] team0: Port device team_slave_0 added
[   32.000767][ T3314] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.007952][ T3314] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.015178][ T3314] bridge_slave_0: entered allmulticast mode
[   32.021827][ T3314] bridge_slave_0: entered promiscuous mode
[   32.029510][ T3313] team0: Port device team_slave_1 added
[   32.035652][ T3314] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.042828][ T3314] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.050408][ T3314] bridge_slave_1: entered allmulticast mode
[   32.057276][ T3314] bridge_slave_1: entered promiscuous mode
[   32.063600][ T3312] chnl_net:caif_netlink_parms(): no params data found
[   32.109149][ T3314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   32.125647][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_0
[   32.132717][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.158831][ T3313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   32.176125][ T3314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   32.192646][ T3317] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.199821][ T3317] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.207119][ T3317] bridge_slave_0: entered allmulticast mode
[   32.213677][ T3317] bridge_slave_0: entered promiscuous mode
[   32.220607][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_1
[   32.227915][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.255630][ T3313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   32.278408][ T3317] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.286051][ T3317] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.293428][ T3317] bridge_slave_1: entered allmulticast mode
[   32.300342][ T3317] bridge_slave_1: entered promiscuous mode
[   32.340029][ T3314] team0: Port device team_slave_0 added
[   32.355825][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   32.371174][ T3314] team0: Port device team_slave_1 added
[   32.389957][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   32.414045][ T3313] hsr_slave_0: entered promiscuous mode
[   32.420138][ T3313] hsr_slave_1: entered promiscuous mode
[   32.426183][ T3313] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   32.433893][ T3313] Cannot create hsr debugfs directory
[   32.444864][ T3312] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.452015][ T3312] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.459370][ T3312] bridge_slave_0: entered allmulticast mode
[   32.466128][ T3312] bridge_slave_0: entered promiscuous mode
[   32.475302][ T3312] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.482475][ T3312] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.489944][ T3312] bridge_slave_1: entered allmulticast mode
[   32.496578][ T3312] bridge_slave_1: entered promiscuous mode
[   32.503107][ T3314] batman_adv: batadv0: Adding interface: batadv_slave_0
[   32.510603][ T3314] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.537180][ T3314] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   32.548522][ T3314] batman_adv: batadv0: Adding interface: batadv_slave_1
[   32.555535][ T3314] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.582671][ T3314] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   32.605156][ T3317] team0: Port device team_slave_0 added
[   32.614058][ T3317] team0: Port device team_slave_1 added
[   32.633171][ T3312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   32.644548][ T3312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   32.674121][ T3317] batman_adv: batadv0: Adding interface: batadv_slave_0
[   32.681173][ T3317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.707410][ T3317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   32.735611][ T3317] batman_adv: batadv0: Adding interface: batadv_slave_1
[   32.742841][ T3317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.769047][ T3317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   32.792893][ T3312] team0: Port device team_slave_0 added
[   32.799792][ T3312] team0: Port device team_slave_1 added
[   32.810224][ T3314] hsr_slave_0: entered promiscuous mode
[   32.816410][ T3314] hsr_slave_1: entered promiscuous mode
[   32.822339][ T3314] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   32.829952][ T3314] Cannot create hsr debugfs directory
[   32.851270][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_0
[   32.858660][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.885198][ T3312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   32.908343][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_1
[   32.915964][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.942561][ T3312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   32.955825][ T3303] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   32.980801][ T3303] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   32.998375][ T3317] hsr_slave_0: entered promiscuous mode
[   33.004766][ T3317] hsr_slave_1: entered promiscuous mode
[   33.010762][ T3317] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   33.018460][ T3317] Cannot create hsr debugfs directory
[   33.028552][ T3303] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   33.049826][ T3312] hsr_slave_0: entered promiscuous mode
[   33.056015][ T3312] hsr_slave_1: entered promiscuous mode
[   33.062101][ T3312] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   33.070120][ T3312] Cannot create hsr debugfs directory
[   33.081203][ T3303] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   33.192669][ T3313] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   33.217498][ T3313] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   33.233760][ T3313] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   33.242941][ T3313] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   33.299291][ T3312] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   33.309187][ T3312] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   33.320189][ T3312] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   33.331614][ T3312] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   33.366359][ T3303] 8021q: adding VLAN 0 to HW filter on device bond0
[   33.390671][ T3314] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   33.399818][ T3314] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   33.410300][ T3303] 8021q: adding VLAN 0 to HW filter on device team0
[   33.421545][ T3314] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   33.439479][ T3314] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   33.449453][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.457086][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.466051][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.473151][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.499152][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0
[   33.509271][ T3317] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   33.518754][ T3317] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   33.533916][ T3317] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   33.549409][ T3317] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   33.575612][ T3313] 8021q: adding VLAN 0 to HW filter on device team0
[   33.600267][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.609515][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.627394][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.634818][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.653481][ T3312] 8021q: adding VLAN 0 to HW filter on device bond0
[   33.692853][ T3312] 8021q: adding VLAN 0 to HW filter on device team0
[   33.720786][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.728066][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.738131][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.745488][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.783609][ T3303] 8021q: adding VLAN 0 to HW filter on device batadv0
[   33.794472][ T3314] 8021q: adding VLAN 0 to HW filter on device bond0
[   33.808154][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0
[   33.821502][ T3317] 8021q: adding VLAN 0 to HW filter on device team0
[   33.834862][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.842121][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.864888][ T3314] 8021q: adding VLAN 0 to HW filter on device team0
[   33.878253][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.885578][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.912890][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.920710][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.939017][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.946866][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.986019][ T3313] 8021q: adding VLAN 0 to HW filter on device batadv0
[   33.999980][ T3312] 8021q: adding VLAN 0 to HW filter on device batadv0
[   34.018412][ T3303] veth0_vlan: entered promiscuous mode
[   34.034642][ T3303] veth1_vlan: entered promiscuous mode
[   34.100626][ T3303] veth0_macvtap: entered promiscuous mode
[   34.116529][ T3303] veth1_macvtap: entered promiscuous mode
[   34.137072][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_0
[   34.152250][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1
[   34.172426][ T3314] 8021q: adding VLAN 0 to HW filter on device batadv0
[   34.193396][ T3317] 8021q: adding VLAN 0 to HW filter on device batadv0
[   34.211034][ T3313] veth0_vlan: entered promiscuous mode
[   34.244364][ T3303] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   34.253327][ T3303] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   34.262240][ T3303] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   34.271023][ T3303] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   34.300125][ T3313] veth1_vlan: entered promiscuous mode
[   34.312038][ T3312] veth0_vlan: entered promiscuous mode
[   34.339066][ T3312] veth1_vlan: entered promiscuous mode
[   34.347283][   T29] kauditd_printk_skb: 9 callbacks suppressed
[   34.347301][   T29] audit: type=1400 audit(1751741791.352:81): avc:  denied  { mounton } for  pid=3303 comm="syz-executor" path="/root/syzkaller.qjFRyg/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   34.354079][ T3313] veth0_macvtap: entered promiscuous mode
[   34.377847][   T29] audit: type=1400 audit(1751741791.352:82): avc:  denied  { mount } for  pid=3303 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   34.394229][ T3312] veth0_macvtap: entered promiscuous mode
[   34.406126][   T29] audit: type=1400 audit(1751741791.352:83): avc:  denied  { mounton } for  pid=3303 comm="syz-executor" path="/root/syzkaller.qjFRyg/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   34.426528][ T3313] veth1_macvtap: entered promiscuous mode
[   34.447684][   T29] audit: type=1400 audit(1751741791.352:84): avc:  denied  { mount } for  pid=3303 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   34.467067][ T3312] veth1_macvtap: entered promiscuous mode
[   34.471423][   T29] audit: type=1400 audit(1751741791.352:85): avc:  denied  { mounton } for  pid=3303 comm="syz-executor" path="/root/syzkaller.qjFRyg/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   34.506434][   T29] audit: type=1400 audit(1751741791.352:86): avc:  denied  { mounton } for  pid=3303 comm="syz-executor" path="/root/syzkaller.qjFRyg/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   34.512472][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_0
[   34.535910][   T29] audit: type=1400 audit(1751741791.352:87): avc:  denied  { unmount } for  pid=3303 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   34.558658][   T29] audit: type=1400 audit(1751741791.452:88): avc:  denied  { mounton } for  pid=3303 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   34.571197][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0
[   34.586640][   T29] audit: type=1400 audit(1751741791.452:89): avc:  denied  { mount } for  pid=3303 comm="syz-executor" name="/" dev="gadgetfs" ino=3650 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   34.597940][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1
[   34.639931][ T3303] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   34.656245][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_1
[   34.668556][ T3312] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   34.677647][ T3312] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   34.686745][ T3312] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   34.695764][ T3312] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   34.706790][ T3317] veth0_vlan: entered promiscuous mode
[   34.719212][ T3313] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   34.728934][ T3313] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   34.739853][ T3313] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   34.747808][   T29] audit: type=1400 audit(1751741791.742:90): avc:  denied  { read write } for  pid=3303 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   34.749541][ T3313] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   34.820470][ T3476] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2'.
[   34.822490][ T3317] veth1_vlan: entered promiscuous mode
[   34.842088][ T3476] lo speed is unknown, defaulting to 1000
[   34.860928][ T3476] lo speed is unknown, defaulting to 1000
[   34.875325][ T3476] lo speed is unknown, defaulting to 1000
[   34.882453][ T3476] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   34.892884][    C0] hrtimer: interrupt took 32504 ns
[   34.893191][ T3476] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   34.913476][ T3314] veth0_vlan: entered promiscuous mode
[   34.937749][ T3314] veth1_vlan: entered promiscuous mode
[   34.963516][ T3476] lo speed is unknown, defaulting to 1000
[   34.970460][ T3317] veth0_macvtap: entered promiscuous mode
[   34.987947][ T3476] lo speed is unknown, defaulting to 1000
[   35.007186][ T3314] veth0_macvtap: entered promiscuous mode
[   35.015263][ T3476] lo speed is unknown, defaulting to 1000
[   35.016330][ T3317] veth1_macvtap: entered promiscuous mode
[   35.030925][ T3482] atomic_op ffff8881195e7128 conn xmit_atomic 0000000000000000
[   35.039493][ T3314] veth1_macvtap: entered promiscuous mode
[   35.051388][ T3476] lo speed is unknown, defaulting to 1000
[   35.062438][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_0
[   35.077371][ T3476] lo speed is unknown, defaulting to 1000
[   35.081724][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_0
[   35.095910][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_1
[   35.109109][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_1
[   35.140570][ T3314] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   35.149907][ T3314] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   35.159251][ T3314] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   35.168356][ T3314] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   35.178984][ T3476] syz.1.2 (3476) used greatest stack depth: 10712 bytes left
[   35.183629][ T3317] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   35.196234][ T3317] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   35.205799][ T3317] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   35.214968][ T3317] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   35.316521][ T3494] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   35.356414][ T3495] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9'.
[   35.367115][ T3497] loop4: detected capacity change from 0 to 512
[   35.385654][ T3495] loop2: detected capacity change from 0 to 128
[   35.421765][ T3497] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.428684][ T3495] =======================================================
[   35.428684][ T3495] WARNING: The mand mount option has been deprecated and
[   35.428684][ T3495]          and is ignored by this kernel. Remove the mand
[   35.428684][ T3495]          option from the mount to silence this warning.
[   35.428684][ T3495] =======================================================
[   35.446561][ T3494] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10'.
[   35.509757][ T3497] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   35.576337][ T3507] syz.0.11 uses obsolete (PF_INET,SOCK_PACKET)
[   35.781325][ T3517] xt_connbytes: Forcing CT accounting to be enabled
[   35.789871][ T3517] Cannot find set identified by id 0 to match
[   35.822156][ T3495] syz.2.9: attempt to access beyond end of device
[   35.822156][ T3495] loop2: rw=2049, sector=249, nr_sectors = 8 limit=128
[   35.871166][ T3495] syz.2.9: attempt to access beyond end of device
[   35.871166][ T3495] loop2: rw=2049, sector=265, nr_sectors = 8 limit=128
[   35.897358][ T3495] syz.2.9: attempt to access beyond end of device
[   35.897358][ T3495] loop2: rw=2049, sector=281, nr_sectors = 8 limit=128
[   35.917528][ T3523] mmap: syz.0.14 (3523) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   35.956197][ T3495] syz.2.9: attempt to access beyond end of device
[   35.956197][ T3495] loop2: rw=2049, sector=297, nr_sectors = 8 limit=128
[   35.971446][ T3495] syz.2.9: attempt to access beyond end of device
[   35.971446][ T3495] loop2: rw=2049, sector=313, nr_sectors = 8 limit=128
[   35.994623][ T3495] syz.2.9: attempt to access beyond end of device
[   35.994623][ T3495] loop2: rw=2049, sector=329, nr_sectors = 8 limit=128
[   36.014061][ T3495] syz.2.9: attempt to access beyond end of device
[   36.014061][ T3495] loop2: rw=2049, sector=345, nr_sectors = 8 limit=128
[   36.028132][ T3495] syz.2.9: attempt to access beyond end of device
[   36.028132][ T3495] loop2: rw=2049, sector=361, nr_sectors = 8 limit=128
[   36.053891][ T3495] syz.2.9: attempt to access beyond end of device
[   36.053891][ T3495] loop2: rw=2049, sector=377, nr_sectors = 8 limit=128
[   36.071060][ T3495] syz.2.9: attempt to access beyond end of device
[   36.071060][ T3495] loop2: rw=2049, sector=393, nr_sectors = 8 limit=128
[   36.208632][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.248274][ T3534] random: crng reseeded on system resumption
[   36.429848][ T3542] loop4: detected capacity change from 0 to 1024
[   36.457030][ T3545] netlink: 536 bytes leftover after parsing attributes in process `syz.2.23'.
[   36.457735][ T3542] EXT4-fs: Ignoring removed orlov option
[   36.475854][ T3545] netlink: 124 bytes leftover after parsing attributes in process `syz.2.23'.
[   36.517136][ T3542] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.743572][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.900717][ T3570] pim6reg: entered allmulticast mode
[   36.912475][ T3570] pim6reg: left allmulticast mode
[   37.002104][ T3578] 9pnet_virtio: no channels available for device 127.0.0.1
[   37.151617][ T3586] loop3: detected capacity change from 0 to 512
[   37.165220][ T3587] process 'syz.2.32' launched './file0' with NULL argv: empty string added
[   37.187734][ T3586] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.202935][ T3586] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   37.281763][ T3567] Set syz1 is full, maxelem 65536 reached
[   37.351379][ T3594] netlink: 7476 bytes leftover after parsing attributes in process `syz.1.36'.
[   37.361876][ T3594] veth1_macvtap: left promiscuous mode
[   37.381602][ T3592] lo speed is unknown, defaulting to 1000
[   37.442647][ T3592] loop4: detected capacity change from 0 to 2048
[   37.450185][ T3599] loop1: detected capacity change from 0 to 512
[   37.477743][ T3592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.492914][ T3599] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.508359][ T3599] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   37.554941][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.698472][ T3615] netlink: 'syz.4.42': attribute type 4 has an invalid length.
[   37.722891][ T3616] netlink: 8 bytes leftover after parsing attributes in process `syz.2.41'.
[   37.732962][ T3616] netlink: 8 bytes leftover after parsing attributes in process `syz.2.41'.
[   37.749733][ T3617] netlink: 'syz.4.42': attribute type 4 has an invalid length.
[   37.769844][ T3615] bridge0: entered promiscuous mode
[   37.775726][ T3615] macsec1: entered allmulticast mode
[   37.781746][ T3615] bridge0: entered allmulticast mode
[   37.793686][ T3615] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2564 sclass=netlink_route_socket pid=3615 comm=syz.4.42
[   37.819006][ T3617] syz.4.42 (3617) used greatest stack depth: 10448 bytes left
[   37.851751][ T3619] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[   37.858642][ T3619] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   37.866376][ T3619] vhci_hcd vhci_hcd.0: Device attached
[   37.878274][ T3619] loop4: detected capacity change from 0 to 164
[   37.933384][ T3623] loop2: detected capacity change from 0 to 1024
[   37.943384][ T3623] EXT4-fs: Ignoring removed orlov option
[   37.961155][ T3623] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.997895][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.047655][ T3620] vhci_hcd: connection closed
[   38.047880][ T3427] vhci_hcd: stop threads
[   38.057063][ T3427] vhci_hcd: release socket
[   38.061547][ T3427] vhci_hcd: disconnect device
[   38.075576][ T3396] vhci_hcd: vhci_device speed not set
[   38.138441][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.294034][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.638251][ T3646] netlink: 4 bytes leftover after parsing attributes in process `syz.2.52'.
[   38.672851][ T3651] loop3: detected capacity change from 0 to 1024
[   38.694076][ T3651] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   38.705392][ T3651] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   38.763806][ T3651] JBD2: no valid journal superblock found
[   38.770179][ T3651] EXT4-fs (loop3): Could not load journal inode
[   38.830562][ T3651] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   38.948105][ T3669] SET target dimension over the limit!
[   39.025325][ T3673] loop3: detected capacity change from 0 to 1024
[   39.038043][ T3673] EXT4-fs: Ignoring removed orlov option
[   39.152752][ T3682] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   39.179884][ T3673] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.199145][ T3679] SELinux: ebitmap: truncated map
[   39.205229][ T3679] SELinux: failed to load policy
[   39.308805][ T3686] loop1: detected capacity change from 0 to 512
[   39.321693][ T3686] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.66: casefold flag without casefold feature
[   39.336277][   T12] ------------[ cut here ]------------
[   39.341810][   T12] RTNL: assertion failed at ./include/net/netdev_lock.h (72)
[   39.350129][   T12] WARNING: CPU: 0 PID: 12 at ./include/net/netdev_lock.h:72 __linkwatch_sync_dev+0x1f0/0x200
[   39.361116][   T12] Modules linked in:
[   39.365606][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-rc4-syzkaller-00308-ga79a588fc176 #0 PREEMPT(voluntary) 
[   39.378130][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   39.388628][   T12] Workqueue: bond0 bond_mii_monitor
[   39.391188][ T3686] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.66: couldn't read orphan inode 15 (err -117)
[   39.394111][   T12] RIP: 0010:__linkwatch_sync_dev+0x1f0/0x200
[   39.412384][   T12] Code: a8 9e d3 86 e8 41 7a 22 fd c6 05 e2 53 84 02 01 90 48 c7 c7 53 a6 5b 86 48 c7 c6 d8 d2 46 86 ba 48 00 00 00 e8 81 52 d2 fc 90 <0f> 0b 90 90 e9 d6 fe ff ff 0f 1f 80 00 00 00 00 90 90 90 90 90 90
[   39.420947][ T3686] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.432719][   T12] RSP: 0018:ffffc9000006fb70 EFLAGS: 00010246
[   39.451665][   T12] RAX: 993e3b0e4e21bd00 RBX: ffff88811911d000 RCX: ffff88810089c100
[   39.459997][   T12] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[   39.468064][   T12] RBP: 0000000000000000 R08: 0001c9000006f9ef R09: 0000000000000000
[   39.476172][   T12] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000000
[   39.484382][   T12] R13: ffffffff85928980 R14: ffffffff85928980 R15: 0000000000000000
[   39.492487][   T12] FS:  0000000000000000(0000) GS:ffff8882aee30000(0000) knlGS:0000000000000000
[   39.501609][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   39.508388][   T12] CR2: fffffffff0000000 CR3: 000000011a678000 CR4: 00000000003506f0
[   39.517799][   T12] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   39.526525][   T12] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   39.534551][   T12] Call Trace:
[   39.537979][   T12]  <TASK>
[   39.540946][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[   39.546819][   T12]  ethtool_op_get_link+0x15/0x50
[   39.551792][   T12]  bond_check_dev_link+0x295/0x430
[   39.557057][   T12]  bond_mii_monitor+0x2da/0x1770
[   39.558469][ T3690] netlink: 'syz.4.65': attribute type 10 has an invalid length.
[   39.562205][   T12]  ? try_to_wake_up+0x3df/0x630
[   39.574959][   T12]  process_scheduled_works+0x4cb/0x9d0
[   39.580595][   T12]  worker_thread+0x582/0x770
[   39.585343][   T12]  kthread+0x489/0x510
[   39.589588][   T12]  ? finish_task_switch+0xad/0x2b0
[   39.594853][   T12]  ? __pfx_worker_thread+0x10/0x10
[   39.600564][   T12]  ? __pfx_kthread+0x10/0x10
[   39.605220][   T12]  ret_from_fork+0xda/0x150
[   39.610259][   T12]  ? __pfx_kthread+0x10/0x10
[   39.615130][   T12]  ret_from_fork_asm+0x1a/0x30
[   39.620216][   T12]  </TASK>
[   39.623263][   T12] ---[ end trace 0000000000000000 ]---
[   39.625533][ T3690] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.636160][ T3690] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.681032][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.722370][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.733768][   T29] kauditd_printk_skb: 698 callbacks suppressed
[   39.733786][   T29] audit: type=1326 audit(1751741796.732:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3695 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd0bfe929 code=0x7ffc0000
[   39.772069][   T29] audit: type=1326 audit(1751741796.732:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3695 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd0bfe929 code=0x7ffc0000
[   39.796250][   T29] audit: type=1326 audit(1751741796.732:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3695 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fd0bfe929 code=0x7ffc0000
[   39.819661][   T29] audit: type=1326 audit(1751741796.732:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3695 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd0bfe929 code=0x7ffc0000
[   39.844416][   T29] audit: type=1326 audit(1751741796.732:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3695 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fd0bfe929 code=0x7ffc0000
[   39.857963][ T3700] loop3: detected capacity change from 0 to 512
[   39.868209][   T29] audit: type=1326 audit(1751741796.732:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3695 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd0bfe929 code=0x7ffc0000
[   39.898302][   T29] audit: type=1326 audit(1751741796.732:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3695 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2fd0bfe929 code=0x7ffc0000
[   39.923051][   T29] audit: type=1326 audit(1751741796.732:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3695 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd0bfe929 code=0x7ffc0000
[   39.946430][   T29] audit: type=1326 audit(1751741796.732:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3695 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2fd0bfe929 code=0x7ffc0000
[   39.969862][   T29] audit: type=1326 audit(1751741796.732:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3695 comm="syz.0.70" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fd0bfe929 code=0x7ffc0000
[   40.036895][ T3712] loop0: detected capacity change from 0 to 128
[   40.041152][ T3708] loop1: detected capacity change from 0 to 1024
[   40.046977][ T3700] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.064493][ T3708] EXT4-fs: Ignoring removed nobh option
[   40.070374][ T3708] EXT4-fs: Ignoring removed bh option
[   40.092596][ T3709] loop4: detected capacity change from 0 to 2048
[   40.122850][ T3708] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.132545][ T3700] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.138866][ T3709] EXT4-fs (loop4): failed to initialize system zone (-117)
[   40.169367][ T3709] EXT4-fs (loop4): mount failed
[   40.230947][ T3723] loop0: detected capacity change from 0 to 1024
[   40.238880][ T3724] EXT4-fs (loop1): shut down requested (0)
[   40.279307][ T3723] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.311263][ T3723] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.354396][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.374083][ T3729] program syz.4.78 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   40.449846][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.464875][ T3734] loop4: detected capacity change from 0 to 512
[   40.477233][ T3736] xt_CT: You must specify a L4 protocol and not use inversions on it
[   40.510947][ T3734] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.556172][ T3736] loop1: detected capacity change from 0 to 8192
[   40.563418][ T3734] ext4 filesystem being mounted at /15/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   40.600085][ T3734] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.78: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[   40.627754][ T3294]  loop1: p2 p3 p4
[   40.637207][ T3294] loop1: p2 start 4294967295 is beyond EOD, truncated
[   40.644074][ T3294] loop1: p3 start 83886096 is beyond EOD, truncated
[   40.650745][ T3294] loop1: p4 size 3599499264 extends beyond EOD, truncated
[   40.670443][ T3734] EXT4-fs (loop4): Remounting filesystem read-only
[   40.697824][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.723805][ T3736]  loop1: p2 p3 p4
[   40.728124][ T3736] loop1: p2 start 4294967295 is beyond EOD, truncated
[   40.735190][ T3736] loop1: p3 start 83886096 is beyond EOD, truncated
[   40.741909][ T3736] loop1: p4 size 3599499264 extends beyond EOD, truncated
[   40.805166][ T3745] Zero length message leads to an empty skb
[   40.830925][ T3736] netlink: 4 bytes leftover after parsing attributes in process `syz.1.80'.
[   40.845773][ T3746] loop0: detected capacity change from 0 to 512
[   40.853557][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.883742][ T3746] EXT4-fs: Ignoring removed bh option
[   40.895032][ T3746] ext4: Bad value for 'auto_da_alloc'
[   40.990395][ T3754] FAULT_INJECTION: forcing a failure.
[   40.990395][ T3754] name failslab, interval 1, probability 0, space 0, times 1
[   41.003344][ T3754] CPU: 1 UID: 0 PID: 3754 Comm: syz.1.85 Tainted: G        W           6.16.0-rc4-syzkaller-00308-ga79a588fc176 #0 PREEMPT(voluntary) 
[   41.003462][ T3754] Tainted: [W]=WARN
[   41.003471][ T3754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   41.003487][ T3754] Call Trace:
[   41.003502][ T3754]  <TASK>
[   41.003512][ T3754]  __dump_stack+0x1d/0x30
[   41.003572][ T3754]  dump_stack_lvl+0xe8/0x140
[   41.003595][ T3754]  dump_stack+0x15/0x1b
[   41.003615][ T3754]  should_fail_ex+0x265/0x280
[   41.003656][ T3754]  should_failslab+0x8c/0xb0
[   41.003730][ T3754]  kmem_cache_alloc_noprof+0x50/0x310
[   41.003759][ T3754]  ? __anon_vma_prepare+0xcd/0x2f0
[   41.003794][ T3754]  __anon_vma_prepare+0xcd/0x2f0
[   41.003838][ T3754]  do_wp_page+0x1838/0x2400
[   41.003930][ T3754]  ? __rcu_read_lock+0x37/0x50
[   41.003959][ T3754]  handle_mm_fault+0x77d/0x2be0
[   41.003990][ T3754]  ? mas_walk+0xf2/0x120
[   41.004033][ T3754]  do_user_addr_fault+0x636/0x1090
[   41.004075][ T3754]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   41.004117][ T3754]  exc_page_fault+0x62/0xa0
[   41.004198][ T3754]  asm_exc_page_fault+0x26/0x30
[   41.004221][ T3754] RIP: 0033:0x7f665acc0ca3
[   41.004250][ T3754] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   41.004267][ T3754] RSP: 002b:00007f66594663f0 EFLAGS: 00010202
[   41.004284][ T3754] RAX: 0000000000000182 RBX: 00007f6659466490 RCX: 00007f6651047000
[   41.004300][ T3754] RDX: 00007f6659466630 RSI: 0000000000000005 RDI: 00007f6659466530
[   41.004315][ T3754] RBP: 000000000000007f R08: 0000000000000008 R09: 00000000000000d3
[   41.004396][ T3754] R10: 00000000000000e8 R11: 00007f6659466490 R12: 0000000000000001
[   41.004411][ T3754] R13: 00007f665ae9c3a0 R14: 0000000000000010 R15: 00007f6659466530
[   41.004508][ T3754]  </TASK>
[   41.004520][ T3754] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   41.248828][ T3758] loop4: detected capacity change from 0 to 1024
[   41.255851][ T3758] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   41.273824][ T3754] loop1: detected capacity change from 0 to 8192
[   41.317965][ T3297]  loop1: p2 p3 p4
[   41.322011][ T3297] loop1: p2 size 130943 extends beyond EOD, truncated
[   41.330502][ T3297] loop1: p3 size 16776960 extends beyond EOD, truncated
[   41.339391][ T3297] loop1: p4 size 3599499392 extends beyond EOD, truncated
[   41.351801][ T3754]  loop1: p2 p3 p4
[   41.356519][ T3754] loop1: p2 size 130943 extends beyond EOD, truncated
[   41.365056][ T3754] loop1: p3 size 16776960 extends beyond EOD, truncated
[   41.375962][ T3754] loop1: p4 size 3599499392 extends beyond EOD, truncated
[   41.423907][ T3766] netlink: 5 bytes leftover after parsing attributes in process `syz.4.86'.
[   41.432817][ T3766] netlink: 24 bytes leftover after parsing attributes in process `syz.4.86'.
[   41.461231][ T3607] udevd[3607]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   41.473003][ T3710] udevd[3710]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   41.484734][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   41.515546][ T3607] udevd[3607]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   41.527948][ T3297] udevd[3297]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   41.540367][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   41.558765][ T3776] loop0: detected capacity change from 0 to 128
[   41.568052][ T3776] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   41.598666][ T3779] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   41.598666][ T3779]    program syz.1.92 not setting count and/or reply_len properly
[   41.640323][ T3776] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   41.661996][ T3782] netlink: 'syz.0.91': attribute type 10 has an invalid length.
[   41.672535][ T3782] team0: Device hsr_slave_0 failed to register rx_handler
[   41.687351][ T3777] netlink: 20 bytes leftover after parsing attributes in process `syz.0.91'.
[   41.697538][ T3776] netlink: 20 bytes leftover after parsing attributes in process `syz.0.91'.
[   41.709628][ T3781] SELinux: ebitmap: truncated map
[   41.719724][ T3781] SELinux: failed to load policy
[   41.721318][ T3784] pim6reg: entered allmulticast mode
[   41.762375][ T3784] pim6reg: left allmulticast mode
[   41.826960][ T3787] SELinux: ebitmap: truncated map
[   41.859314][ T3787] SELinux: failed to load policy
[   41.894316][ T3795] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   41.926183][ T3798] FAULT_INJECTION: forcing a failure.
[   41.926183][ T3798] name failslab, interval 1, probability 0, space 0, times 0
[   41.939337][ T3798] CPU: 0 UID: 0 PID: 3798 Comm: syz.1.100 Tainted: G        W           6.16.0-rc4-syzkaller-00308-ga79a588fc176 #0 PREEMPT(voluntary) 
[   41.939380][ T3798] Tainted: [W]=WARN
[   41.939386][ T3798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   41.939401][ T3798] Call Trace:
[   41.939435][ T3798]  <TASK>
[   41.939444][ T3798]  __dump_stack+0x1d/0x30
[   41.939470][ T3798]  dump_stack_lvl+0xe8/0x140
[   41.939496][ T3798]  dump_stack+0x15/0x1b
[   41.939514][ T3798]  should_fail_ex+0x265/0x280
[   41.939548][ T3798]  ? allocate_file_region_entries+0xd2/0x310
[   41.939610][ T3798]  should_failslab+0x8c/0xb0
[   41.939639][ T3798]  __kmalloc_cache_noprof+0x4c/0x320
[   41.939673][ T3798]  allocate_file_region_entries+0xd2/0x310
[   41.939722][ T3798]  region_chg+0x232/0x2d0
[   41.939745][ T3798]  alloc_hugetlb_folio+0x312/0x1070
[   41.939792][ T3798]  hugetlb_fault+0xd0f/0x1be0
[   41.939816][ T3798]  ? avc_has_perm+0xd3/0x150
[   41.939935][ T3798]  handle_mm_fault+0x1861/0x2be0
[   41.939960][ T3798]  ? mt_find+0x200/0x320
[   41.939988][ T3798]  ? down_read+0x77/0xe0
[   41.940062][ T3798]  __get_user_pages+0x1036/0x1fb0
[   41.940096][ T3798]  __mm_populate+0x243/0x3a0
[   41.940119][ T3798]  do_mlock+0x47f/0x520
[   41.940194][ T3798]  ? fput+0x8f/0xc0
[   41.940221][ T3798]  ? ksys_write+0x192/0x1a0
[   41.940256][ T3798]  __x64_sys_mlock+0x36/0x50
[   41.940359][ T3798]  x64_sys_call+0x28f4/0x2fb0
[   41.940387][ T3798]  do_syscall_64+0xd2/0x200
[   41.940410][ T3798]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   41.940436][ T3798]  ? clear_bhb_loop+0x40/0x90
[   41.940460][ T3798]  ? clear_bhb_loop+0x40/0x90
[   41.940481][ T3798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.940581][ T3798] RIP: 0033:0x7f665adfe929
[   41.940600][ T3798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.940618][ T3798] RSP: 002b:00007f6659467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[   41.940684][ T3798] RAX: ffffffffffffffda RBX: 00007f665b025fa0 RCX: 00007f665adfe929
[   41.940719][ T3798] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 00002000007d8000
[   41.940735][ T3798] RBP: 00007f6659467090 R08: 0000000000000000 R09: 0000000000000000
[   41.940750][ T3798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.940765][ T3798] R13: 0000000000000000 R14: 00007f665b025fa0 R15: 00007ffd613da998
[   41.940790][ T3798]  </TASK>
[   41.956042][ T3799] loop3: detected capacity change from 0 to 1024
[   42.198641][ T3799] EXT4-fs: Ignoring removed nomblk_io_submit option
[   42.223545][ T3795] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.242213][ T3803] loop1: detected capacity change from 0 to 1024
[   42.264662][ T3803] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.281785][ T3799] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.307624][ T3799] EXT4-fs error (device loop3): __ext4_remount:6736: comm syz.3.99: Abort forced by user
[   42.338857][ T3803] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.380752][ T3799] EXT4-fs (loop3): Remounting filesystem read-only
[   42.387432][ T3799] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[   42.403829][ T3817] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   42.403829][ T3817]    program syz.4.104 not setting count and/or reply_len properly
[   42.451734][ T3795] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.515005][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.558619][ T3795] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.584939][ T3825] netlink: 'syz.0.108': attribute type 8 has an invalid length.
[   42.623469][ T3828] pim6reg: entered allmulticast mode
[   42.631064][ T3830] FAULT_INJECTION: forcing a failure.
[   42.631064][ T3830] name failslab, interval 1, probability 0, space 0, times 0
[   42.638957][ T3828] pim6reg: left allmulticast mode
[   42.643929][ T3830] CPU: 0 UID: 0 PID: 3830 Comm: syz.4.110 Tainted: G        W           6.16.0-rc4-syzkaller-00308-ga79a588fc176 #0 PREEMPT(voluntary) 
[   42.644007][ T3830] Tainted: [W]=WARN
[   42.644016][ T3830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   42.644034][ T3830] Call Trace:
[   42.644081][ T3830]  <TASK>
[   42.644091][ T3830]  __dump_stack+0x1d/0x30
[   42.644120][ T3830]  dump_stack_lvl+0xe8/0x140
[   42.644148][ T3830]  dump_stack+0x15/0x1b
[   42.644170][ T3830]  should_fail_ex+0x265/0x280
[   42.644216][ T3830]  should_failslab+0x8c/0xb0
[   42.644327][ T3830]  kmem_cache_alloc_node_noprof+0x57/0x320
[   42.644366][ T3830]  ? __alloc_skb+0x101/0x320
[   42.644399][ T3830]  __alloc_skb+0x101/0x320
[   42.644456][ T3830]  netlink_alloc_large_skb+0xba/0xf0
[   42.644529][ T3830]  netlink_sendmsg+0x3cf/0x6b0
[   42.644559][ T3830]  ? __pfx_netlink_sendmsg+0x10/0x10
[   42.644589][ T3830]  __sock_sendmsg+0x145/0x180
[   42.644644][ T3830]  ____sys_sendmsg+0x345/0x4e0
[   42.644696][ T3830]  ___sys_sendmsg+0x17b/0x1d0
[   42.644805][ T3830]  __sys_sendmmsg+0x178/0x300
[   42.644849][ T3830]  __x64_sys_sendmmsg+0x57/0x70
[   42.644957][ T3830]  x64_sys_call+0x2f2f/0x2fb0
[   42.644987][ T3830]  do_syscall_64+0xd2/0x200
[   42.645013][ T3830]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   42.645048][ T3830]  ? clear_bhb_loop+0x40/0x90
[   42.645100][ T3830]  ? clear_bhb_loop+0x40/0x90
[   42.645130][ T3830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.645153][ T3830] RIP: 0033:0x7f708733e929
[   42.645171][ T3830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.645337][ T3830] RSP: 002b:00007f70859a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   42.645444][ T3830] RAX: ffffffffffffffda RBX: 00007f7087565fa0 RCX: 00007f708733e929
[   42.645462][ T3830] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000007
[   42.645478][ T3830] RBP: 00007f70859a7090 R08: 0000000000000000 R09: 0000000000000000
[   42.645508][ T3830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.645525][ T3830] R13: 0000000000000000 R14: 00007f7087565fa0 R15: 00007ffe3c840e08
[   42.645553][ T3830]  </TASK>
[   42.989484][ T3795] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   43.004751][ T3795] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   43.019315][ T3795] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   43.031576][ T3795] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   43.063379][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.173525][ T3839] lo speed is unknown, defaulting to 1000
[   43.283990][ T3840] netlink: 28 bytes leftover after parsing attributes in process `syz.1.113'.
[   43.313950][ T3840] netlink: 4 bytes leftover after parsing attributes in process `syz.1.113'.
[   43.370512][ T3840] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   43.378050][ T3840] batman_adv: batadv0: Removing interface: batadv_slave_0
[   43.576451][ T3847] loop0: detected capacity change from 0 to 512
[   43.587606][ T3848] loop1: detected capacity change from 0 to 512
[   43.620945][ T3847] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   43.628941][ T3847] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c01c, mo2=0002]
[   43.637920][ T3848] EXT4-fs: Ignoring removed i_version option
[   43.671924][ T3840] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   43.679554][ T3840] batman_adv: batadv0: Removing interface: batadv_slave_1
[   43.695503][ T3847] System zones: 1-12
[   43.703465][ T3848] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   43.716624][ T3848] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   43.728081][ T3853] netlink: 4 bytes leftover after parsing attributes in process `syz.4.117'.
[   43.735584][ T3847] EXT4-fs (loop0): Can't support bigalloc feature without extents feature
[   43.735584][ T3847] 
[   43.736955][ T3853] netlink: 4 bytes leftover after parsing attributes in process `syz.4.117'.
[   43.747994][ T3847] EXT4-fs (loop0): Skipping orphan cleanup due to unknown ROCOMPAT features
[   43.758883][ T3848] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   43.766411][ T3853] netlink: 4 bytes leftover after parsing attributes in process `syz.4.117'.
[   43.766954][ T3847] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   43.808333][ T3848] EXT4-fs (loop1): 1 truncate cleaned up
[   43.814595][ T3848] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.855334][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.961596][ T3870] pim6reg: entered allmulticast mode
[   43.970296][ T3870] pim6reg: left allmulticast mode
[   44.133452][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.172445][ T3882] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   44.172445][ T3882]    program syz.1.128 not setting count and/or reply_len properly
[   44.215186][ T3886] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   44.215186][ T3886]    program syz.1.129 not setting count and/or reply_len properly
[   44.401207][ T3899] pim6reg: entered allmulticast mode
[   44.407769][ T3899] pim6reg: left allmulticast mode
[   44.428361][ T3895] loop1: detected capacity change from 0 to 512
[   44.438152][ T3895] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   44.447136][ T3895] EXT4-fs (loop1): 1 truncate cleaned up
[   44.456347][ T3895] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.540127][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.723124][ T3911] netlink: zone id is out of range
[   44.735501][ T3911] netlink: del zone limit has 8 unknown bytes
[   44.813074][ T3913] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   44.813074][ T3913]    program syz.3.140 not setting count and/or reply_len properly
[   44.925623][   T29] kauditd_printk_skb: 303 callbacks suppressed
[   44.925643][   T29] audit: type=1400 audit(1751741801.922:1102): avc:  denied  { read } for  pid=3914 comm="syz.3.141" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   44.956675][   T29] audit: type=1400 audit(1751741801.922:1103): avc:  denied  { open } for  pid=3914 comm="syz.3.141" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   45.053450][   T29] audit: type=1326 audit(1751741802.052:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3919 comm="syz.3.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1486a4e929 code=0x7ffc0000
[   45.077461][   T29] audit: type=1326 audit(1751741802.052:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3919 comm="syz.3.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1486a4e929 code=0x7ffc0000
[   45.104794][   T29] audit: type=1326 audit(1751741802.102:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3919 comm="syz.3.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1486a4e929 code=0x7ffc0000
[   45.131140][   T29] audit: type=1326 audit(1751741802.132:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3919 comm="syz.3.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1486a4e929 code=0x7ffc0000
[   45.154827][   T29] audit: type=1326 audit(1751741802.132:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3919 comm="syz.3.143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1486a4e929 code=0x7ffc0000
[   45.180880][   T29] audit: type=1400 audit(1751741802.182:1109): avc:  denied  { create } for  pid=3922 comm="syz.4.144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   45.201003][   T29] audit: type=1400 audit(1751741802.182:1110): avc:  denied  { connect } for  pid=3922 comm="syz.4.144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   45.281085][ T3931] loop0: detected capacity change from 0 to 512
[   45.317331][ T3931] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.342020][ T3933] loop3: detected capacity change from 0 to 1024
[   45.367430][ T3931] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.425225][ T3933] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.467192][   T29] audit: type=1400 audit(1751741802.442:1111): avc:  denied  { create } for  pid=3930 comm="syz.0.147" name="hugetlb.1GB.usage_in_bytes" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   45.538989][ T3939] loop4: detected capacity change from 0 to 512
[   45.576698][ T3933] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.593819][ T3939] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.627606][ T3939] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.683256][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.773146][ T3954] loop3: detected capacity change from 0 to 512
[   45.789984][ T3954] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   45.810661][ T3954] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.852064][ T3954] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.865147][ T3954] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.154: corrupted xattr block 19: overlapping e_value 
[   45.881910][ T3954] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   45.891450][ T3954] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.154: corrupted xattr block 19: overlapping e_value 
[   45.907449][ T3954] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   45.918023][ T3954] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.154: corrupted xattr block 19: overlapping e_value 
[   45.918161][ T3958] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.154: corrupted xattr block 19: overlapping e_value 
[   45.954539][ T3958] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   45.985650][ T3958] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.154: corrupted xattr block 19: overlapping e_value 
[   46.000082][ T3958] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.154: corrupted xattr block 19: overlapping e_value 
[   46.015092][ T3958] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   46.034893][ T3962] loop1: detected capacity change from 0 to 2048
[   46.061790][ T3962] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.092469][  T172] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[   46.129578][  T172] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[   46.130252][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.142014][  T172] EXT4-fs (loop1): This should not happen!! Data will be lost
[   46.142014][  T172] 
[   46.142034][  T172] EXT4-fs (loop1): Total free blocks count 0
[   46.142047][  T172] EXT4-fs (loop1): Free/Dirty block details
[   46.142059][  T172] EXT4-fs (loop1): free_blocks=2415919504
[   46.142080][  T172] EXT4-fs (loop1): dirty_blocks=16
[   46.184573][  T172] EXT4-fs (loop1): Block reservation details
[   46.190811][  T172] EXT4-fs (loop1): i_reserved_data_blocks=1
[   46.197967][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.209362][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.316973][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.518387][ T3981] __nla_validate_parse: 3 callbacks suppressed
[   46.518406][ T3981] netlink: 4 bytes leftover after parsing attributes in process `syz.1.162'.
[   46.518460][ T3980] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   46.643281][ T3983] loop3: detected capacity change from 0 to 1024
[   46.677580][ T3983] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.695086][ T3983] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.791373][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.866219][ T4007] vhci_hcd: invalid port number 236
[   46.946453][ T4015] loop4: detected capacity change from 0 to 1024
[   46.974182][ T4015] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   47.023936][ T4015] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   47.072782][ T4015] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e01c, mo2=0000]
[   47.081292][ T4015] System zones: 0-1, 3-12
[   47.090956][ T4015] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #3: block 1: comm syz.4.175: lblock 1 mapped to illegal pblock 1 (length 1)
[   47.122000][ T4015] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.175: Failed to acquire dquot type 0
[   47.182295][ T4015] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.175: Freeing blocks not in datazone - block = 0, count = 4096
[   47.249038][ T4030] loop0: detected capacity change from 0 to 256
[   47.252648][ T4028] SELinux: ebitmap: truncated map
[   47.261021][ T4015] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.175: Invalid inode bitmap blk 0 in block_group 0
[   47.276802][ T4028] SELinux: failed to load policy
[   47.283203][ T4030] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   47.294245][   T58] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[   47.296897][ T4015] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   47.325625][   T58] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0
[   47.362108][ T4015] EXT4-fs (loop4): 1 orphan inode deleted
[   47.377193][ T4033] loop2: detected capacity change from 0 to 2048
[   47.384606][ T4015] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.427611][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.437740][ T4039] loop3: detected capacity change from 0 to 2048
[   47.464864][ T3294]  loop2: p2 < > p3 < >
[   47.469294][ T3294] loop2: partition table partially beyond EOD, truncated
[   47.477726][ T3294] loop2: p2 start 4278190080 is beyond EOD, truncated
[   47.487481][ T4033]  loop2: p2 < > p3 < >
[   47.491792][ T4033] loop2: partition table partially beyond EOD, truncated
[   47.506311][ T3297]  loop3: p1 < > p4
[   47.510768][ T3297] loop3: p4 size 8388608 extends beyond EOD, truncated
[   47.526781][ T4033] loop2: p2 start 4278190080 is beyond EOD, truncated
[   47.537384][ T4039]  loop3: p1 < > p4
[   47.545293][ T4039] loop3: p4 size 8388608 extends beyond EOD, truncated
[   47.555519][ T2995]  loop2: p2 < > p3 < >
[   47.559950][ T2995] loop2: partition table partially beyond EOD, truncated
[   47.575593][ T2995] loop2: p2 start 4278190080 is beyond EOD, truncated
[   47.589820][ T4044] loop0: detected capacity change from 0 to 8192
[   47.630559][ T3607] udevd[3607]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   47.632220][ T3297] udevd[3297]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   47.651525][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   47.709740][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   47.759191][ T4056] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   47.783741][ T3607] udevd[3607]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   47.788147][ T3297] udevd[3297]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[   47.804955][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   47.818417][ T4057] pim6reg: entered allmulticast mode
[   47.824729][ T4057] pim6reg: left allmulticast mode
[   47.832192][ T4056] SELinux: failed to load policy
[   47.880567][ T4058] netlink: 12 bytes leftover after parsing attributes in process `syz.4.187'.
[   47.903193][ T4046] loop4: detected capacity change from 0 to 512
[   47.959120][ T4046] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.187: Failed to acquire dquot type 1
[   47.980338][ T4065] lo speed is unknown, defaulting to 1000
[   47.990302][ T4046] EXT4-fs (loop4): 1 truncate cleaned up
[   48.006461][ T4046] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.035766][ T4046] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.109408][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.232860][ T4078] loop0: detected capacity change from 0 to 1024
[   48.263625][ T4078] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   48.303488][ T4078] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   48.358853][ T4078] jbd2_journal_init_inode: Cannot locate journal superblock
[   48.366461][ T4078] EXT4-fs (loop0): Could not load journal inode
[   48.426710][ T4086] infiniband syz!: set active
[   48.432319][ T4086] infiniband syz!: added team_slave_0
[   48.447320][ T4082] lo speed is unknown, defaulting to 1000
[   48.447885][ T4086] RDS/IB: syz!: added
[   48.458837][ T4086] smc: adding ib device syz! with port count 1
[   48.465490][ T4086] smc:    ib device syz! port 1 has pnetid 
[   48.479675][ T4102] 9pnet_fd: Insufficient options for proto=fd
[   48.587637][ T4106] SELinux: ebitmap: truncated map
[   48.599545][ T4106] SELinux: failed to load policy
[   48.660531][ T4109] SELinux: ebitmap: truncated map
[   48.684734][ T4109] SELinux: failed to load policy
[   48.729193][ T4111] loop2: detected capacity change from 0 to 512
[   48.736373][ T4111] EXT4-fs: test_dummy_encryption option not supported
[   48.749356][ T4115] loop0: detected capacity change from 0 to 512
[   48.767349][ T4115] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   48.847024][ T4115] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.213: invalid indirect mapped block 83886080 (level 1)
[   48.870183][ T4115] EXT4-fs (loop0): Remounting filesystem read-only
[   48.895584][ T4115] EXT4-fs (loop0): 1 orphan inode deleted
[   48.901606][ T4115] EXT4-fs (loop0): 1 truncate cleaned up
[   48.918726][ T4115] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.967002][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.042304][ T4126] FAULT_INJECTION: forcing a failure.
[   49.042304][ T4126] name failslab, interval 1, probability 0, space 0, times 0
[   49.055523][ T4126] CPU: 0 UID: 0 PID: 4126 Comm: syz.3.217 Tainted: G        W           6.16.0-rc4-syzkaller-00308-ga79a588fc176 #0 PREEMPT(voluntary) 
[   49.055556][ T4126] Tainted: [W]=WARN
[   49.055594][ T4126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   49.055609][ T4126] Call Trace:
[   49.055617][ T4126]  <TASK>
[   49.055626][ T4126]  __dump_stack+0x1d/0x30
[   49.055652][ T4126]  dump_stack_lvl+0xe8/0x140
[   49.055678][ T4126]  dump_stack+0x15/0x1b
[   49.055698][ T4126]  should_fail_ex+0x265/0x280
[   49.055796][ T4126]  should_failslab+0x8c/0xb0
[   49.055820][ T4126]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   49.055911][ T4126]  ? should_failslab+0x8c/0xb0
[   49.055969][ T4126]  ? htable_create+0x222/0x450
[   49.056005][ T4126]  kstrdup+0x3e/0xd0
[   49.056161][ T4126]  htable_create+0x222/0x450
[   49.056196][ T4126]  ? __rcu_read_unlock+0x4f/0x70
[   49.056226][ T4126]  hashlimit_mt_check_common+0x5db/0x6c0
[   49.056299][ T4126]  hashlimit_mt_check_v2+0x169/0x1a0
[   49.056335][ T4126]  xt_check_match+0x2ad/0x4f0
[   49.056373][ T4126]  ? strnlen+0x28/0x50
[   49.056500][ T4126]  ? strcmp+0x22/0x50
[   49.056518][ T4126]  ? xt_find_match+0x1d1/0x210
[   49.056548][ T4126]  translate_table+0xb4b/0x1070
[   49.056594][ T4126]  do_ip6t_set_ctl+0x678/0x840
[   49.056675][ T4126]  ? kstrtoull+0x111/0x140
[   49.056708][ T4126]  ? __rcu_read_unlock+0x4f/0x70
[   49.056740][ T4126]  nf_setsockopt+0x196/0x1b0
[   49.056822][ T4126]  ipv6_setsockopt+0x11a/0x130
[   49.056846][ T4126]  tcp_setsockopt+0x98/0xb0
[   49.056945][ T4126]  sock_common_setsockopt+0x69/0x80
[   49.056972][ T4126]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   49.057032][ T4126]  __sys_setsockopt+0x184/0x200
[   49.057073][ T4126]  __x64_sys_setsockopt+0x64/0x80
[   49.057110][ T4126]  x64_sys_call+0x2bd5/0x2fb0
[   49.057135][ T4126]  do_syscall_64+0xd2/0x200
[   49.057187][ T4126]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   49.057216][ T4126]  ? clear_bhb_loop+0x40/0x90
[   49.057292][ T4126]  ? clear_bhb_loop+0x40/0x90
[   49.057315][ T4126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.057417][ T4126] RIP: 0033:0x7f1486a4e929
[   49.057432][ T4126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.057449][ T4126] RSP: 002b:00007f14850b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   49.057470][ T4126] RAX: ffffffffffffffda RBX: 00007f1486c75fa0 RCX: 00007f1486a4e929
[   49.057485][ T4126] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[   49.057526][ T4126] RBP: 00007f14850b7090 R08: 0000000000000638 R09: 0000000000000000
[   49.057542][ T4126] R10: 0000200000000c40 R11: 0000000000000246 R12: 0000000000000002
[   49.057557][ T4126] R13: 0000000000000000 R14: 00007f1486c75fa0 R15: 00007ffcd20035f8
[   49.057637][ T4126]  </TASK>
[   49.356582][ T4129] loop4: detected capacity change from 0 to 256
[   49.366177][ T4129] FAT-fs (loop4): bogus number of FAT sectors
[   49.372839][ T4129] FAT-fs (loop4): Can't find a valid FAT filesystem
[   49.376074][ T4124] loop0: detected capacity change from 0 to 1024
[   49.390073][ T4124] EXT4-fs: Ignoring removed orlov option
[   49.408260][ T4124] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.446247][ T4137] SELinux: ebitmap: truncated map
[   49.453007][ T4137] SELinux: failed to load policy
[   49.487279][ T4142] netlink: 12 bytes leftover after parsing attributes in process `syz.4.223'.
[   49.523384][ T4144] pim6reg: entered allmulticast mode
[   49.529947][ T4144] pim6reg: left allmulticast mode
[   49.608830][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.648246][ T4150] loop4: detected capacity change from 0 to 1024
[   49.684509][ T4150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.708947][ T4164] loop3: detected capacity change from 0 to 1024
[   49.723211][ T4150] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.767534][ T4164] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.784070][ T4174] netlink: 12 bytes leftover after parsing attributes in process `syz.0.235'.
[   49.824688][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.869707][ T4179] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.894515][ T4181] loop2: detected capacity change from 0 to 1024
[   49.906546][ T4179] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.919953][ T4181] EXT4-fs: Ignoring removed orlov option
[   49.939286][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.955062][ T4182] loop4: detected capacity change from 0 to 1024
[   49.963724][ T4182] EXT4-fs: Ignoring removed nomblk_io_submit option
[   49.965926][ T4181] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.985726][   T29] kauditd_printk_skb: 372 callbacks suppressed
[   49.985740][   T29] audit: type=1326 audit(1751741806.992:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4180 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7561d5e929 code=0x7ffc0000
[   50.023732][   T29] audit: type=1326 audit(1751741807.022:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4180 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f7561d5e929 code=0x7ffc0000
[   50.037888][ T4182] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.047284][   T29] audit: type=1326 audit(1751741807.022:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4180 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7561d5e929 code=0x7ffc0000
[   50.082865][   T29] audit: type=1326 audit(1751741807.022:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4180 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7561d5e929 code=0x7ffc0000
[   50.106346][   T29] audit: type=1326 audit(1751741807.022:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4180 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7561d5e929 code=0x7ffc0000
[   50.129832][   T29] audit: type=1326 audit(1751741807.022:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4180 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7561d5e929 code=0x7ffc0000
[   50.153218][   T29] audit: type=1326 audit(1751741807.022:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4180 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7561d5e929 code=0x7ffc0000
[   50.176783][   T29] audit: type=1326 audit(1751741807.022:1486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4180 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7561d5e929 code=0x7ffc0000
[   50.189553][ T4192] loop3: detected capacity change from 0 to 512
[   50.200217][   T29] audit: type=1326 audit(1751741807.022:1487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4180 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7561d5e929 code=0x7ffc0000
[   50.230077][   T29] audit: type=1326 audit(1751741807.022:1488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4180 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7561d5e929 code=0x7ffc0000
[   50.247596][ T4192] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   50.268266][ T4192] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.240: iget: bogus i_mode (5)
[   50.280434][ T4192] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.240: couldn't read orphan inode 15 (err -117)
[   50.294503][ T4192] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.294543][ T4179] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.307136][ T4192] ext2 filesystem being mounted at /52/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.334172][ T4192] EXT4-fs error (device loop3): ext4_add_entry:2417: inode #2: comm syz.3.240: Directory hole found for htree leaf block 0
[   50.389119][ T4179] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.437765][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.457450][ T4202] netlink: 'syz.0.244': attribute type 298 has an invalid length.
[   50.458321][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.493795][ T4179] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   50.538699][ T4179] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   50.558198][ T4200] lo speed is unknown, defaulting to 1000
[   50.568171][ T4179] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   50.588903][ T4218] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   50.618671][ T4218] loop3: detected capacity change from 0 to 512
[   50.626270][ T4219] netlink: 12 bytes leftover after parsing attributes in process `syz.0.248'.
[   50.644161][ T4179] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   50.675460][ T4222] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   50.675460][ T4222]    program syz.0.250 not setting count and/or reply_len properly
[   50.710720][ T4218] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.753104][ T4218] ext4 filesystem being mounted at /55/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   50.776123][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.848403][ T4228] netlink: 4 bytes leftover after parsing attributes in process `syz.0.252'.
[   51.295881][ T4240] FAULT_INJECTION: forcing a failure.
[   51.295881][ T4240] name failslab, interval 1, probability 0, space 0, times 0
[   51.308649][ T4240] CPU: 0 UID: 0 PID: 4240 Comm: syz.4.254 Tainted: G        W           6.16.0-rc4-syzkaller-00308-ga79a588fc176 #0 PREEMPT(voluntary) 
[   51.308694][ T4240] Tainted: [W]=WARN
[   51.308702][ T4240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   51.308719][ T4240] Call Trace:
[   51.308727][ T4240]  <TASK>
[   51.308738][ T4240]  __dump_stack+0x1d/0x30
[   51.308765][ T4240]  dump_stack_lvl+0xe8/0x140
[   51.308814][ T4240]  dump_stack+0x15/0x1b
[   51.308830][ T4240]  should_fail_ex+0x265/0x280
[   51.308866][ T4240]  should_failslab+0x8c/0xb0
[   51.308896][ T4240]  kmem_cache_alloc_noprof+0x50/0x310
[   51.308932][ T4240]  ? radix_tree_node_alloc+0x8a/0x1f0
[   51.309024][ T4240]  radix_tree_node_alloc+0x8a/0x1f0
[   51.309054][ T4240]  ? ref_tracker_alloc+0x1a0/0x2f0
[   51.309084][ T4240]  idr_get_free+0x1fa/0x550
[   51.309170][ T4240]  idr_alloc_u32+0xca/0x180
[   51.309195][ T4240]  cls_bpf_change+0x266/0x7a0
[   51.309216][ T4240]  ? should_failslab+0x8c/0xb0
[   51.309250][ T4240]  ? __pfx_cls_bpf_change+0x10/0x10
[   51.309296][ T4240]  tc_new_tfilter+0xde1/0x10a0
[   51.309345][ T4240]  ? __pfx_tc_new_tfilter+0x10/0x10
[   51.309366][ T4240]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   51.309402][ T4240]  netlink_rcv_skb+0x120/0x220
[   51.309525][ T4240]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   51.309558][ T4240]  rtnetlink_rcv+0x1c/0x30
[   51.309640][ T4240]  netlink_unicast+0x5a1/0x670
[   51.309704][ T4240]  netlink_sendmsg+0x58b/0x6b0
[   51.309726][ T4240]  ? __pfx_netlink_sendmsg+0x10/0x10
[   51.309751][ T4240]  __sock_sendmsg+0x145/0x180
[   51.309784][ T4240]  ____sys_sendmsg+0x31e/0x4e0
[   51.309866][ T4240]  ___sys_sendmsg+0x17b/0x1d0
[   51.309925][ T4240]  __x64_sys_sendmsg+0xd4/0x160
[   51.309949][ T4240]  x64_sys_call+0x2999/0x2fb0
[   51.309975][ T4240]  do_syscall_64+0xd2/0x200
[   51.310068][ T4240]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   51.310094][ T4240]  ? clear_bhb_loop+0x40/0x90
[   51.310115][ T4240]  ? clear_bhb_loop+0x40/0x90
[   51.310139][ T4240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.310215][ T4240] RIP: 0033:0x7f708733e929
[   51.310230][ T4240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.310247][ T4240] RSP: 002b:00007f70859a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   51.310268][ T4240] RAX: ffffffffffffffda RBX: 00007f7087565fa0 RCX: 00007f708733e929
[   51.310288][ T4240] RDX: 00000000200400d4 RSI: 0000200000000140 RDI: 0000000000000004
[   51.310311][ T4240] RBP: 00007f70859a7090 R08: 0000000000000000 R09: 0000000000000000
[   51.310324][ T4240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   51.310335][ T4240] R13: 0000000000000000 R14: 00007f7087565fa0 R15: 00007ffe3c840e08
[   51.310357][ T4240]  </TASK>
[   51.607568][ T4238] loop1: detected capacity change from 0 to 1024
[   51.624968][ T4238] EXT4-fs: Ignoring removed orlov option
[   51.688170][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.719902][ T4238] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.768166][ T4242] SELinux:  Context system_u:object_r:ldconfig_cache_t:s0 is not valid (left unmapped).
[   52.030974][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.041232][ T4249] loop4: detected capacity change from 0 to 512
[   52.068389][ T4249] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   52.133981][ T4261] loop0: detected capacity change from 0 to 1024
[   52.142104][ T4261] EXT4-fs: Ignoring removed nomblk_io_submit option
[   52.170125][ T4259] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.197328][ T4261] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.213972][ T4259] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.251869][ T4269] loop1: detected capacity change from 0 to 128
[   52.260527][ T4269] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   52.276530][ T4269] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.289866][ T4259] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.350244][ T4259] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.374528][ T4267] loop4: detected capacity change from 0 to 512
[   52.389697][ T4267] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   52.463008][ T4259] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   52.467403][ T4273] Dead loop on virtual device ip6_vti0, fix it urgently!
[   52.477577][ T4259] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   52.493285][ T4259] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   52.507101][ T4259] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   52.516781][ T3303] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   52.566226][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.622519][ T4289] loop3: detected capacity change from 0 to 1024
[   52.675905][ T4289] EXT4-fs: Ignoring removed orlov option
[   52.686991][ T4289] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.781416][ T4298] loop2: detected capacity change from 0 to 512
[   52.820384][ T4298] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.835850][ T4298] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.848485][ T3317] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.972155][ T4311] xt_CT: You must specify a L4 protocol and not use inversions on it
[   52.989798][ T4302] loop4: detected capacity change from 0 to 1024
[   53.073001][ T4302] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.086855][ T4302] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.112806][ T4319] SELinux: ebitmap: truncated map
[   53.120514][ T4319] SELinux: failed to load policy
[   53.178326][ T4325] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   53.178326][ T4325]    program syz.3.282 not setting count and/or reply_len properly
[   53.262966][ T4333] pim6reg: entered allmulticast mode
[   53.277591][ T4333] pim6reg: left allmulticast mode
[   53.654764][ T4347] loop2: detected capacity change from 0 to 1024
[   53.697387][ T4347] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.719451][ T4352] loop4: detected capacity change from 0 to 1024
[   53.768808][ T4347] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   53.785027][ T4347] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[   53.798875][ T4347] EXT4-fs (loop2): This should not happen!! Data will be lost
[   53.798875][ T4347] 
[   53.808827][ T4347] EXT4-fs (loop2): Total free blocks count 0
[   53.814830][ T4347] EXT4-fs (loop2): Free/Dirty block details
[   53.820828][ T4347] EXT4-fs (loop2): free_blocks=4293918720
[   53.826678][ T4347] EXT4-fs (loop2): dirty_blocks=80
[   53.831836][ T4347] EXT4-fs (loop2): Block reservation details
[   53.837872][ T4347] EXT4-fs (loop2): i_reserved_data_blocks=5
[   53.879287][ T4347] syz.2.289 (4347) used greatest stack depth: 9944 bytes left
[   53.928724][ T4360] loop3: detected capacity change from 0 to 512
[   53.944614][ T4363] FAULT_INJECTION: forcing a failure.
[   53.944614][ T4363] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   53.957989][ T4363] CPU: 1 UID: 0 PID: 4363 Comm: syz.2.293 Tainted: G        W           6.16.0-rc4-syzkaller-00308-ga79a588fc176 #0 PREEMPT(voluntary) 
[   53.958109][ T4363] Tainted: [W]=WARN
[   53.958118][ T4363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   53.958134][ T4363] Call Trace:
[   53.958142][ T4363]  <TASK>
[   53.958214][ T4363]  __dump_stack+0x1d/0x30
[   53.958238][ T4363]  dump_stack_lvl+0xe8/0x140
[   53.958257][ T4363]  dump_stack+0x15/0x1b
[   53.958273][ T4363]  should_fail_ex+0x265/0x280
[   53.958383][ T4363]  should_fail_alloc_page+0xf2/0x100
[   53.958414][ T4363]  __alloc_frozen_pages_noprof+0xff/0x360
[   53.958461][ T4363]  alloc_pages_mpol+0xb3/0x250
[   53.958497][ T4363]  vma_alloc_folio_noprof+0x1aa/0x300
[   53.958550][ T4363]  handle_mm_fault+0xec2/0x2be0
[   53.958584][ T4363]  ? mas_walk+0xf2/0x120
[   53.958627][ T4363]  do_user_addr_fault+0x636/0x1090
[   53.958668][ T4363]  ? fpregs_restore_userregs+0xad/0x1d0
[   53.958797][ T4363]  exc_page_fault+0x62/0xa0
[   53.958833][ T4363]  asm_exc_page_fault+0x26/0x30
[   53.958890][ T4363] RIP: 0033:0x7f7561c20d50
[   53.958905][ T4363] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41
[   53.959002][ T4363] RSP: 002b:00007f75603c64a0 EFLAGS: 00010282
[   53.959080][ T4363] RAX: 0000000000001000 RBX: 00007f75603c6540 RCX: 0000000000000022
[   53.959106][ T4363] RDX: 0000000000003fff RSI: 0000000000000800 RDI: 00007f75603c65e0
[   53.959118][ T4363] RBP: 0000000000000023 R08: 00007f7557fa7000 R09: 00000000000000f8
[   53.959129][ T4363] R10: 0000200000000502 R11: 0000000000000205 R12: 0000000000000601
[   53.959170][ T4363] R13: 00007f7561dfc3a0 R14: 0000000000000015 R15: 00007f75603c65e0
[   53.959251][ T4363]  </TASK>
[   53.959261][ T4363] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   53.984802][ T4366] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.291: inode #327696: comm syz.4.291: iget: illegal inode #
[   54.146643][ T4363] loop2: detected capacity change from 0 to 256
[   54.160338][ T4360] EXT4-fs: Ignoring removed oldalloc option
[   54.169304][ T4369] pim6reg: entered allmulticast mode
[   54.172167][ T4360] EXT4-fs: Ignoring removed nobh option
[   54.185794][ T4360] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.294: iget: bad extended attribute block 1
[   54.199294][ T4372] pim6reg: left allmulticast mode
[   54.204961][ T4366] EXT4-fs error (device loop4): ext4_xattr_inode_iget:442: comm syz.4.291: error while reading EA inode 327696 err=-117
[   54.231019][ T4360] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.294: couldn't read orphan inode 15 (err -117)
[   54.398283][ T4391] loop3: detected capacity change from 0 to 512
[   54.406449][ T4387] xt_CT: You must specify a L4 protocol and not use inversions on it
[   54.418030][ T4387] loop2: detected capacity change from 0 to 164
[   54.427570][ T4387] iso9660: Corrupted directory entry in block 2 of inode 1792
[   54.437995][ T4391] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.525124][ T4401] pim6reg: entered allmulticast mode
[   54.603875][ T4414] SELinux: ebitmap: truncated map
[   54.610958][ T4414] SELinux: failed to load policy
[   54.679770][ T4422] loop0: detected capacity change from 0 to 512
[   54.696069][ T4422] EXT4-fs: Ignoring removed i_version option
[   54.704740][ T4422] ext4 filesystem being mounted at /71/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   54.755022][ T4422] EXT4-fs error (device loop0): ext4_get_first_dir_block:3533: inode #12: block 32: comm syz.0.318: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   54.805524][ T4427] netlink: 4 bytes leftover after parsing attributes in process `syz.4.320'.
[   54.828531][ T4422] EXT4-fs (loop0): Remounting filesystem read-only
[   54.887215][ T4435] loop0: detected capacity change from 0 to 1024
[   54.895934][ T4435] EXT4-fs: Ignoring removed orlov option
[   55.045088][   T29] kauditd_printk_skb: 825 callbacks suppressed
[   55.045107][   T29] audit: type=1326 audit(1751741812.042:2314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.4.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708733e929 code=0x7ffc0000
[   55.079310][   T29] audit: type=1326 audit(1751741812.082:2315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4406 comm="syz.1.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f665adfe9b7 code=0x7ffc0000
[   55.103572][   T29] audit: type=1326 audit(1751741812.082:2316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.4.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f708733e929 code=0x7ffc0000
[   55.127227][   T29] audit: type=1326 audit(1751741812.082:2317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.4.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708733e929 code=0x7ffc0000
[   55.151641][   T29] audit: type=1326 audit(1751741812.082:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.4.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f708733e929 code=0x7ffc0000
[   55.163498][ T4407] loop1: detected capacity change from 0 to 2048
[   55.175654][   T29] audit: type=1326 audit(1751741812.082:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.4.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708733e929 code=0x7ffc0000
[   55.205782][   T29] audit: type=1326 audit(1751741812.082:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.4.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f708733e929 code=0x7ffc0000
[   55.229479][   T29] audit: type=1326 audit(1751741812.082:2321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.4.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708733e929 code=0x7ffc0000
[   55.236602][ T4449] SELinux: ebitmap: truncated map
[   55.252949][   T29] audit: type=1326 audit(1751741812.082:2322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.4.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f708733e929 code=0x7ffc0000
[   55.264555][ T4449] SELinux: failed to load policy
[   55.281764][   T29] audit: type=1326 audit(1751741812.082:2323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.4.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f708733e929 code=0x7ffc0000
[   55.344557][ T4456] SELinux:  Context Ü is not valid (left unmapped).
[   55.355531][ T4456] IPv4: Oversized IP packet from 127.202.26.0
[   55.370894][ T4407] Alternate GPT is invalid, using primary GPT.
[   55.387004][ T4407]  loop1: p1 p2 p3
[   55.401395][ T4460] loop3: detected capacity change from 0 to 128
[   55.416512][ T4458] loop4: detected capacity change from 0 to 128
[   55.437873][ T4460] FAULT_INJECTION: forcing a failure.
[   55.437873][ T4460] name failslab, interval 1, probability 0, space 0, times 0
[   55.450668][ T4460] CPU: 1 UID: 0 PID: 4460 Comm: syz.3.332 Tainted: G        W           6.16.0-rc4-syzkaller-00308-ga79a588fc176 #0 PREEMPT(voluntary) 
[   55.450708][ T4460] Tainted: [W]=WARN
[   55.450717][ T4460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   55.450733][ T4460] Call Trace:
[   55.450740][ T4460]  <TASK>
[   55.450750][ T4460]  __dump_stack+0x1d/0x30
[   55.450778][ T4460]  dump_stack_lvl+0xe8/0x140
[   55.450805][ T4460]  dump_stack+0x15/0x1b
[   55.450828][ T4460]  should_fail_ex+0x265/0x280
[   55.450870][ T4460]  should_failslab+0x8c/0xb0
[   55.450909][ T4460]  kmem_cache_alloc_noprof+0x50/0x310
[   55.450939][ T4460]  ? vm_area_dup+0x33/0x2c0
[   55.450974][ T4460]  ? mod_memcg_lruvec_state+0x20e/0x2e0
[   55.451010][ T4460]  vm_area_dup+0x33/0x2c0
[   55.451048][ T4460]  __split_vma+0xe9/0x650
[   55.451076][ T4460]  ? mas_find+0x4ea/0x610
[   55.451097][ T4460]  vms_gather_munmap_vmas+0x2a5/0x7a0
[   55.451135][ T4460]  mmap_region+0x4ce/0x1580
[   55.451169][ T4460]  ? mntput_no_expire+0x6f/0x3c0
[   55.451208][ T4460]  ? mntput+0x4b/0x80
[   55.451261][ T4460]  do_mmap+0x9b3/0xbe0
[   55.451307][ T4460]  vm_mmap_pgoff+0x17a/0x2e0
[   55.451348][ T4460]  ksys_mmap_pgoff+0x268/0x310
[   55.451394][ T4460]  x64_sys_call+0x1602/0x2fb0
[   55.451422][ T4460]  do_syscall_64+0xd2/0x200
[   55.451445][ T4460]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.451481][ T4460]  ? clear_bhb_loop+0x40/0x90
[   55.451509][ T4460]  ? clear_bhb_loop+0x40/0x90
[   55.451532][ T4460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.451560][ T4460] RIP: 0033:0x7f1486a4e929
[   55.451580][ T4460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.451602][ T4460] RSP: 002b:00007f14850b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   55.451626][ T4460] RAX: ffffffffffffffda RBX: 00007f1486c75fa0 RCX: 00007f1486a4e929
[   55.451642][ T4460] RDX: 000000000100000b RSI: 0000000000004000 RDI: 0000200000000000
[   55.451657][ T4460] RBP: 00007f14850b7090 R08: 0000000000000006 R09: 0000000000000000
[   55.451672][ T4460] R10: 0000000000002013 R11: 0000000000000246 R12: 0000000000000001
[   55.451683][ T4460] R13: 0000000000000000 R14: 00007f1486c75fa0 R15: 00007ffcd20035f8
[   55.451701][ T4460]  </TASK>
[   55.454616][ T4458] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   55.697457][ T4458] FAT-fs (loop4): Filesystem has been set read-only
[   55.704301][ T4458] bio_check_eod: 90 callbacks suppressed
[   55.704318][ T4458] syz.4.334: attempt to access beyond end of device
[   55.704318][ T4458] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   55.723655][ T4458] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   55.731558][ T4458] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[   55.741436][ T4458] syz.4.334: attempt to access beyond end of device
[   55.741436][ T4458] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   55.760522][ T4458] syz.4.334: attempt to access beyond end of device
[   55.760522][ T4458] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   55.774911][ T4469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.337'.
[   55.790432][ T4475] loop3: detected capacity change from 0 to 1024
[   55.796173][ T4458] syz.4.334: attempt to access beyond end of device
[   55.796173][ T4458] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   55.813282][ T4458] syz.4.334: attempt to access beyond end of device
[   55.813282][ T4458] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   55.815641][ T4475] EXT4-fs: Ignoring removed orlov option
[   55.828982][ T4458] syz.4.334: attempt to access beyond end of device
[   55.828982][ T4458] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   55.858871][ T4458] syz.4.334: attempt to access beyond end of device
[   55.858871][ T4458] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   55.876138][ T4458] syz.4.334: attempt to access beyond end of device
[   55.876138][ T4458] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   55.891220][ T4458] syz.4.334: attempt to access beyond end of device
[   55.891220][ T4458] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   55.904898][ T4458] syz.4.334: attempt to access beyond end of device
[   55.904898][ T4458] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[   55.989702][ T4482] loop2: detected capacity change from 0 to 1024
[   56.029291][ T4482] EXT4-fs: Ignoring removed orlov option
[   56.045823][ T4484] SELinux: ebitmap: truncated map
[   56.052645][ T4484] SELinux: failed to load policy
[   56.140508][ T4491] loop3: detected capacity change from 0 to 1024
[   56.152517][ T4492] FAULT_INJECTION: forcing a failure.
[   56.152517][ T4492] name failslab, interval 1, probability 0, space 0, times 0
[   56.165677][ T4492] CPU: 1 UID: 0 PID: 4492 Comm: syz.2.341 Tainted: G        W           6.16.0-rc4-syzkaller-00308-ga79a588fc176 #0 PREEMPT(voluntary) 
[   56.165799][ T4492] Tainted: [W]=WARN
[   56.165808][ T4492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   56.165844][ T4492] Call Trace:
[   56.165853][ T4492]  <TASK>
[   56.165921][ T4492]  __dump_stack+0x1d/0x30
[   56.165950][ T4492]  dump_stack_lvl+0xe8/0x140
[   56.165976][ T4492]  dump_stack+0x15/0x1b
[   56.165998][ T4492]  should_fail_ex+0x265/0x280
[   56.166112][ T4492]  should_failslab+0x8c/0xb0
[   56.166143][ T4492]  __kmalloc_noprof+0xa5/0x3e0
[   56.166217][ T4492]  ? alloc_pipe_info+0x1c9/0x350
[   56.166243][ T4492]  alloc_pipe_info+0x1c9/0x350
[   56.166262][ T4492]  splice_direct_to_actor+0x592/0x680
[   56.166371][ T4492]  ? kstrtouint_from_user+0x9f/0xf0
[   56.166473][ T4492]  ? __pfx_direct_splice_actor+0x10/0x10
[   56.166503][ T4492]  ? __rcu_read_unlock+0x4f/0x70
[   56.166524][ T4492]  ? get_pid_task+0x96/0xd0
[   56.166545][ T4492]  ? avc_policy_seqno+0x15/0x30
[   56.166635][ T4492]  ? selinux_file_permission+0x1e4/0x320
[   56.166724][ T4492]  do_splice_direct+0xda/0x150
[   56.166764][ T4492]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   56.166812][ T4492]  do_sendfile+0x380/0x650
[   56.166845][ T4492]  __x64_sys_sendfile64+0x105/0x150
[   56.166885][ T4492]  x64_sys_call+0xb39/0x2fb0
[   56.166913][ T4492]  do_syscall_64+0xd2/0x200
[   56.166938][ T4492]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   56.166973][ T4492]  ? clear_bhb_loop+0x40/0x90
[   56.166996][ T4492]  ? clear_bhb_loop+0x40/0x90
[   56.167073][ T4492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.167107][ T4492] RIP: 0033:0x7f7561d5e929
[   56.167128][ T4492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.167151][ T4492] RSP: 002b:00007f75603a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   56.167242][ T4492] RAX: ffffffffffffffda RBX: 00007f7561f86080 RCX: 00007f7561d5e929
[   56.167254][ T4492] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[   56.167326][ T4492] RBP: 00007f75603a6090 R08: 0000000000000000 R09: 0000000000000000
[   56.167343][ T4492] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000001
[   56.167359][ T4492] R13: 0000000000000000 R14: 00007f7561f86080 R15: 00007fff396a1ae8
[   56.167433][ T4492]  </TASK>
[   56.507083][ T4496] loop1: detected capacity change from 0 to 1024
[   56.527520][ T4496] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.546260][ T4501] netlink: 104 bytes leftover after parsing attributes in process `syz.4.346'.
[   56.562184][ T4502] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.345: inode #327696: comm syz.3.345: iget: illegal inode #
[   56.621310][ T4502] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.345: error while reading EA inode 327696 err=-117
[   56.701967][ T4506] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   56.701967][ T4506]    program syz.1.349 not setting count and/or reply_len properly
[   56.745937][ T4510] random: crng reseeded on system resumption
[   56.833685][ T4514] loop3: detected capacity change from 0 to 1024
[   56.846820][ T4514] EXT4-fs: Ignoring removed orlov option
[   57.085314][ T4535] netlink: 8 bytes leftover after parsing attributes in process `syz.4.361'.
[   57.094571][ T4535] netlink: 8 bytes leftover after parsing attributes in process `syz.4.361'.
[   57.133030][ T4538] serio: Serial port ptm0
[   57.238719][ T4542] SET target dimension over the limit!
[   57.246816][ T4541] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   57.246816][ T4541]    program syz.3.363 not setting count and/or reply_len properly
[   57.305514][ T4544] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.379759][ T4544] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.489608][ T4544] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.574579][ T4544] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.673812][ T4544] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.718940][ T4544] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.764685][ T4544] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.829353][ T4544] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.974391][ T4566] loop1: detected capacity change from 0 to 1024
[   57.981498][ T4568] syz.3.374 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   58.035879][ T4566] EXT4-fs: Ignoring removed orlov option
[   58.210373][ T4577] loop4: detected capacity change from 0 to 1024
[   58.249994][ T4577] EXT4-fs: Ignoring removed bh option
[   58.276106][ T4581] IPv4: Oversized IP packet from 127.202.26.0
[   58.551420][ T4589] loop1: detected capacity change from 0 to 1024
[   58.571441][ T4589] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.681190][ T4593] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.688541][ T4593] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.708781][ T4593] bridge0: entered allmulticast mode
[   58.727436][ T4593] bridge_slave_1: left allmulticast mode
[   58.733225][ T4593] bridge_slave_1: left promiscuous mode
[   58.739006][ T4593] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.759528][ T4593] bridge_slave_0: left allmulticast mode
[   58.765428][ T4593] bridge_slave_0: left promiscuous mode
[   58.771142][ T4593] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.995478][ T4582] ==================================================================
[   59.004449][ T4582] BUG: KCSAN: data-race in ktime_get_real_seconds / timekeeping_update_from_shadow
[   59.013956][ T4582] 
[   59.016305][ T4582] write to 0xffffffff88e700c8 of 280 bytes by interrupt on cpu 0:
[   59.024148][ T4582]  timekeeping_update_from_shadow+0x280/0x2b0
[   59.030363][ T4582]  timekeeping_advance+0xa07/0xba0
[   59.035532][ T4582]  update_wall_time+0x10/0x30
[   59.040432][ T4582]  tick_do_update_jiffies64+0x169/0x1c0
[   59.046591][ T4582]  tick_nohz_handler+0x7f/0x2d0
[   59.052359][ T4582]  __hrtimer_run_queues+0x20f/0x5a0
[   59.058307][ T4582]  hrtimer_interrupt+0x21a/0x460
[   59.063473][ T4582]  __sysvec_apic_timer_interrupt+0x5f/0x1d0
[   59.069866][ T4582]  sysvec_apic_timer_interrupt+0x6f/0x80
[   59.076273][ T4582]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   59.083542][ T4582]  _raw_spin_unlock_irq+0x2f/0x50
[   59.088640][ T4582]  get_signal+0xc22/0xf70
[   59.093121][ T4582]  arch_do_signal_or_restart+0x96/0x480
[   59.098894][ T4582]  exit_to_user_mode_loop+0x7a/0x100
[   59.104233][ T4582]  do_syscall_64+0x1d6/0x200
[   59.108960][ T4582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.115156][ T4582] 
[   59.117512][ T4582] read to 0xffffffff88e70100 of 8 bytes by task 4582 on cpu 1:
[   59.125227][ T4582]  ktime_get_real_seconds+0x15/0x30
[   59.130475][ T4582]  kmmpd+0x486/0x660
[   59.134434][ T4582]  kthread+0x489/0x510
[   59.138674][ T4582]  ret_from_fork+0xda/0x150
[   59.143224][ T4582]  ret_from_fork_asm+0x1a/0x30
[   59.148039][ T4582] 
[   59.150405][ T4582] value changed: 0x0000000068697577 -> 0x0000000068697578
[   59.157562][ T4582] 
[   59.159922][ T4582] Reported by Kernel Concurrency Sanitizer on:
[   59.166196][ T4582] CPU: 1 UID: 0 PID: 4582 Comm: kmmpd-loop4 Tainted: G        W           6.16.0-rc4-syzkaller-00308-ga79a588fc176 #0 PREEMPT(voluntary) 
[   59.180309][ T4582] Tainted: [W]=WARN
[   59.184136][ T4582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   59.194250][ T4582] ==================================================================