last executing test programs:

2m37.037916587s ago: executing program 1 (id=17):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f0000000880)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
connect$netlink(0xffffffffffffffff, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
pipe2$9p(&(0x7f0000001900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@version_9p2000}], [], 0x6b}})

2m36.458683645s ago: executing program 1 (id=21):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x4}, 0x18)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000010c0), 0x4400)

2m36.368780423s ago: executing program 1 (id=22):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000060000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r3=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = gettid()
sendmsg$unix(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000400)='>N', 0x2}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r6, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r5, @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=r5, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r4, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x160)
syz_emit_ethernet(0x36, &(0x7f0000001680)=ANY=[@ANYBLOB="aaaaaaaaaaaaa31d7b3753c986dd68096b0d000000012001000000000000000000000000000120010000000000000000030000000002"], 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r3, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)

2m36.065582873s ago: executing program 1 (id=24):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000280)='tasks\x00', 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x7}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x6c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6, <r7=>0xffffffffffffffff}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
statx(0xffffffffffffffff, 0x0, 0x6000, 0x8, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x100c40e, &(0x7f00000002c0)={[{@nodots}, {@fat=@fmask={'fmask', 0x3d, 0xdbd}}, {@fat=@uid}, {@fat=@uid={'uid', 0x3d, 0xee00}}, {@dots}, {@nodots}, {@fat=@gid={'gid', 0x3d, 0xee00}}, {@nodots}, {@nodots}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {@fat=@tz_utc}, {@nodots}, {@fat=@nfs}, {@nodots}, {@fat=@sys_immutable}, {@fat=@flush}, {}, {@nodots}, {@dots}]}, 0x1, 0x1f8, &(0x7f0000000800)="$eJzs3c9qE0EYAPAvaZo/4qE3QRBWPOipqE9QkQpiQKjkoDdBT+bUXlIv7WP4Cr6XDyA95SIj6+66NU3TEsiu1t/vkm/3m8nM7JBNLvk2ReHbnS8xHHaiuxd7Me/ETnSjchoAwE0yTym+p0LbcwEAmnGN7/8fDU8JANiwN2/fvXo2Hu8fZNkw4ux0NplNitci/+LleP9x9stO3etsNpts/c4/yRZ/O+T57bhV5p8W/bMqu9WPiEk/Hj0o8nnu+etx9mf/QXzY9OIBAAAAAAAAAAAAAAAAAAAAAKAl9yKrLK3vs7u7mB+V+eLoXH2ghfo9vbjbKw/r8kDppIlFAQAAAAAAAAAAAAAAAAAAwD/m6Pjzp/fT6cfDOhhExPkzvSVtLg865Rtfq3H7QTfW6z4ql7nGoJ3yEm12gaPlm3tlkO9+72/ZnXWDrIGxRisvb0p5sPxTUJXFuLR7PyJWj/7wYN3Jz1NK06/3D4+OI61sXN8jBo3ekQAAAAAAAAAAAAAAAAAA4P9V/+n3Ym7YxoQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAX18//z4OKZlcFJRNyOKxtXY23HsNW1AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHP9DAAA//9TsSD4")
utimensat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r9 = syz_clone(0x4000, &(0x7f0000001000), 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(r1, &(0x7f0000000400)=r9, 0x12)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r11, 0x0, 0x4}, 0x18)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYRESHEX=r4], 0xfc}}, 0x0)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r13, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)

2m35.985021311s ago: executing program 1 (id=26):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth1_vlan\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0xb39730fcc472915c, r1, 0x1, 0x9, 0x6, @random="25127fe7f41f"}, 0x14)
r2 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0x70bd2a, 0x2000001, {0x0, 0x0, 0x0, r1, {0x7, 0xa}, {0xd, 0xffe0}, {0x8, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syncfs(r3)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb010018000000000000000401000004010000030000000e0000000000001018000000090000000600000f02000000050000009c0200000300000001000000ff07000008000000040000000100010009000000050000000300000003000000030000000200000063090000030000004b070000c194e931dc730f000000010000040500000006000000010000000249ad8f2fe4a7adcab9af41322cdfbb000000020000000500000f0200000001000000fcffffff0000000002000000008000005800000003000000010000800600000004000000ff030000020000000400000000000000070000008713100000000000000c02000000020000000000000c01000000080000000000000e0200000000000000040000000100000501000000"], &(0x7f00000005c0)=""/234, 0x11f, 0xea, 0x0, 0xdd58, 0x10000}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xb, &(0x7f0000000240)=ANY=[@ANYRES32=r2, @ANYRESDEC=r1], &(0x7f0000000200)='GPL\x00', 0xa, 0x0, 0x0, 0x41100, 0x0, '\x00', r1, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r5 = gettid()
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000880)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
preadv2(r7, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xdf, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x8927, &(0x7f0000000080)='\x804\x01v\xaa\xd5\x10\x90\x94\xcf\xf3:,\x03\b$\xcfs\xf8l\xf0\x86Q\t3\x03^d7\xab=&\b\x00\x00\x00\x00\x00\x00\xe7\xc4\x16\xd7tE;\xe5\xfd\x17\x8b\nl\x19\x91\xd9\xd9\xc9\n\x00\n\xe63\xe6\xdd\x19FR')

2m34.800691097s ago: executing program 1 (id=43):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x1200000, &(0x7f0000006940)=ANY=[@ANYBLOB='flush,nocase,discard,dots,fmask=00000000000000000000177,dots,nodots,nodots,dots,\x00', @ANYRESDEC=0x0, @ANYRESOCT=0x0, @ANYRES16, @ANYRES16], 0x1, 0x15e, &(0x7f00000003c0)="$eJzs27/K01AYB+C39q+6dBaHgItTUa9AkQpiQFE66KRQXVop2CU69VK8QUE6dTtSI62WOvSjacrX51nywo8czjskJyck7+9+noxn80+zV8voNRrRehxZrBrRjxvRjNIiAIDrZJVS/Ewppe4ibn6PlFLdMwIAqnbF9b9b+cQAgMrY/wPA5bH+A8DlefP23YsneT58nWW9iB+LYlSMymOZP3ueDx9kv/W3Zy2LYtTc5A/LPPs3b8etP/mjvXkn7t8r83X29GW+k9+OcfXtAwAAwEUYZBt79/eDwf/ysvrr/cDO/r0Vd1onawMAOMD867fJh+n04xfFEYt2HGnA9UNY/e2cqojjjBP9iHNo56CiE2cxjW1R950JqNrmok8+/QMAAAAAAAAAAAAAgHN1it+J6u4RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdv0KAAD//zVIUEo=")

2m34.800486147s ago: executing program 32 (id=43):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x1200000, &(0x7f0000006940)=ANY=[@ANYBLOB='flush,nocase,discard,dots,fmask=00000000000000000000177,dots,nodots,nodots,dots,\x00', @ANYRESDEC=0x0, @ANYRESOCT=0x0, @ANYRES16, @ANYRES16], 0x1, 0x15e, &(0x7f00000003c0)="$eJzs27/K01AYB+C39q+6dBaHgItTUa9AkQpiQFE66KRQXVop2CU69VK8QUE6dTtSI62WOvSjacrX51nywo8czjskJyck7+9+noxn80+zV8voNRrRehxZrBrRjxvRjNIiAIDrZJVS/Ewppe4ibn6PlFLdMwIAqnbF9b9b+cQAgMrY/wPA5bH+A8DlefP23YsneT58nWW9iB+LYlSMymOZP3ueDx9kv/W3Zy2LYtTc5A/LPPs3b8etP/mjvXkn7t8r83X29GW+k9+OcfXtAwAAwEUYZBt79/eDwf/ysvrr/cDO/r0Vd1onawMAOMD867fJh+n04xfFEYt2HGnA9UNY/e2cqojjjBP9iHNo56CiE2cxjW1R950JqNrmok8+/QMAAAAAAAAAAAAAgHN1it+J6u4RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdv0KAAD//zVIUEo=")

1m23.486100717s ago: executing program 2 (id=2099):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x2}, 0x50)
r2 = syz_open_dev$vcsn(&(0x7f0000000180), 0xbe9, 0x101000)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r1, &(0x7f0000000140)="59f98c4335c13e6074a756e4aa99289bdc2270ecde86d0075fa3c1f5a0f2ea1e6c015ee903c4cfd246", &(0x7f00000001c0)=@tcp=r2, 0x6}, 0x20)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1802, 0x4)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xfd, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e147e02000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8000)

1m23.384602117s ago: executing program 2 (id=2101):
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x1f, &(0x7f0000000240)=ANY=[], 0x0, 0x10000000, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000640)='rxrpc_rx_lose\x00', r0, 0x0, 0x372}, 0x18)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x6, 0x4, 0x2, 0x4}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x14, &(0x7f00000005c0)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000007300000018110000", @ANYRESHEX, @ANYRES32=r2], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r4}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r6 = dup(r1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r1, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x0, 0x10}, 0xc)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r6, &(0x7f0000000000)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x2f}}, 0x10)

1m23.238979321s ago: executing program 2 (id=2102):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a30000000180a3f6d6f578dbe9c8b000002000000040003800900020073797a30000000000900010073797a300000000014000000020a010100000000000000000000000614000000110001"], 0x6c}}, 0x880)

1m23.224722073s ago: executing program 2 (id=2103):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x18)
lsm_set_self_attr(0x69, 0x0, 0x42, 0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x101002)
writev(r1, &(0x7f0000000540)=[{&(0x7f0000000640)="c35cae255f56", 0x6}, {0x0}], 0x2)
socket$inet_udplite(0x2, 0x2, 0x88)
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x33, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x80, &(0x7f0000000000)={[{@errors_remount}]}, 0x1, 0x4dd, &(0x7f0000000240)="$eJzs3VFrHFsdAPD/TLL3pm2um4si14K3xUbSot1NGtsGkVpB9Kmg1vcYk00I2WRDdlObUDTFDyCIqOCTT74IfgBB+hFEKOi7aFFEW33wQTuysxPbtLtJJGnWu/n94HTOmTM7/3Om2bM7O4eZAE6tixFxOyKGIuJKRJSL9WmRZovU3u7Z0wfz7ZRElt39axJJsW53X+3ycESci4idiBiJiK99OeKbyetxm1vbK3P1em2jKFdbq+vV5tb21eXVuaXaUm1tenrqxszNmeszk1nhSP08HxG3vvjkh9/72Zdu/erT3/r97J8vf7vdrM99tNPuiJg/UoAeOvsu5cdiV/sYbbyJYH0wVPSn1O+GAABwKOMRcSkiPpF//y/HUP5tDgAAABgk2edH419JRAYAAAAMrDQiRiNJK8V839FI00qlM4f3I3E2rTearU8tNjbXFtp1EWNRSheX67XJYq7wWJSSdnkqz78oX3ulPB0R70bED8pn8nJlvlFf6PePHwAAAHBKnLuw9/z/H+U0zwMAAAADZqxnAQAAABgUTvkBAABg8Dn/BwAAgIH2lTt32inbfY73wr2tzZXGvasLteZKZXVzvjLf2FivLDUaS/k9+1YP2l+90Vj/TKxt3q+2as1Wtbm1Pbva2FxrzS7veQQ2AAAAcILevfDod0lE7Hz2TJ6iuA8gwB5/7HcDgOM01O8GAH0z3O8GAH1TOnALIwQMuuSA+p6Td359/G0BAADejImPvX79/62i7uDfBoAPMnN9AOD0cXUPTq+SGYBw6o13Fm/3qj/69f8s+58bBQAAHKvRPCVppbgWOBppWqlEvJM/FqCULC7Xa5MR8aGI+G259Ha7PJW/MjlwzjAAAAAAAAAAAAAAAAAAAAAAAAAA0JFlSWQAAADAQItI/5Tkd/OPmCiPj776+8BbyT/L8aQo/OTuj+7PtVobU+31fyvn9RHR+nGx/lrmkQAAAADwf6Bznl4sp/rdGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzbOnD+Z300nG/csXImKsW/zhGMmXI1GKiLN/T2L4pdclETF0DPF3HkbEe93iJ/E8y7KxohXd4p95w/HH8kPTPX4aEeeOIT6cZo/a48/tbu+/NC7my+7vv+EiHVXv8S/97/g31GP8eeeQMc4//kW1Z/yHEeeHu48/u/GTHvEvHTL+N76+vd2rLvtpxETXz59kT6xqa3W92tzavrq8OrdUW6qtTU9P3Zi5OXN9ZrK6uFyvFf92jfH9j//y+X79P9sj/tgB/R8/ZP///fj+0w93sqVu8S9f6v75+16P+Gnx2ffJIt+un9jN73TyL3v/5795f7/+L/To/0H//5cP2f8rX/3uHw65KQBwAppb2ytz9XptY5/MyCG2kZE5Sib7Tufv8Wj7OeLLX8tk/T4sfcz0e2QCAACO24sv/f1uCQAAAAAAAAAAAAAAAAAAAJxeJ3E7sVdj7vSnqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+/pPAAAA//+e1d5O")
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000380), 0x0, 0x81, 0x2)
lgetxattr(0x0, &(0x7f0000000280)=ANY=[], 0x0, 0x0)

1m23.116993934s ago: executing program 2 (id=2104):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xb, &(0x7f0000000640)=ANY=[@ANYRESDEC], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x74, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000280)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0005}]})
r2 = syz_mount_image$iso9660(&(0x7f0000000380), &(0x7f00000000c0)='./file0\x00', 0x204818, &(0x7f0000000440)=ANY=[@ANYBLOB="6d61703d6f66662c636865636b3d7374726963742c6e6f726f636b2c73657373696f6e3d3078303030303030303030303030303133342c6d6f64653d3078303030303030303030303030303030372c696f636861727365743d63703433372c756e686964650c696f636861727365743d6e6f6e652c00b198652ec0cd3f76fa015649aed760e178e8b79fa93eb5b2dcba4f6c5ed86a10b7d9f0fc7c90eb21428339056b360dfa35989d407b6fe6e4073a1240f5"], 0x1, 0x544, &(0x7f0000001000)="$eJzs3V9v01YfwPGfS/sQ5ZGqRw8TQlWBQ9mkIpXgJBAUceU5J+mBxI5sB7VXqKIpqkhhokxae8O4YZu0vQh2uRexd4T2EjbZTvqHJjHQv6u+nwjOiX3s8zup5Z/cxscCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADEcmu2XbSkabzOkhrNrQV+a/dtf+sDC+TWvmJMvyJW/E9yObmSLrry1e7qy/F/czKbvpuVXFzkZPu/l//34NLkxGD7MQF/lt+/cE+bW9vPV3q97qujCuQMunpx9LqG9kzom5bT0MqEvqpWKvadxXqo6qapw+Uw0i3lBtqJ/EDNu7dUsVotK11Y9jteo+Y09WDh/dsl266oh4W2doLQ9+48LITuomk2jddI2sSr4zb34wPxkYlUpJ2WUmvrvW45awBxo+KnNCplNSrZpVKxWCoVK/eq9+7b9uSBBfZH5ECLozto8e90hGdv4HAm+vlfmmLEk44siRr6cqUmgfjSGrG+b5D/v7mjx/a7N/8PsvyV3dUzkuT/a+m7a6Py/4hYTu61KVuyLc9lRXrSk668OvWITvbVEC2eGAnFFyMtcZIlqr9ESVUqUhFbnsii1CUUJXUx0hQtoSxLKJHo5IhyJRAtjkTiSyBK5sWVW6KkKFWpSlmUaCnIsvjSEU8aUhMn2cuarCefe1mUNSrGnUbFkcPID467rpTGjJb8j8M70vM3cBh/D/I/AAAAAAA4t6zkt+/x9f+UXE1qddPU9mmHBQAAAAAAjlDyl//ZuJiKa1fF4vofAAAAAIDzxkrusbNEJC/X09qaWMntUvwSAAAAAACAcyL5+/+1uEjmQLku1s50KVz/AwAAAABwTvycOcd+2L5o/fmXBMGU9ba99LW1kczN62xcSLe78PEeo/qMNd3fSVJU0mJy0tWzVi5ttDMJ5od+sZYVh7UbgLMTwI+fE8ClSflVbqRtbqym5epgTdpLvm6auuD6zQdFcZzpiUgvRd+/WP9BkuH/4rWmrZys97qFpy97q0ksb+O9vN3oT6B4YB7FMbG8TuZbSO65GDriqeRGjH6/eUvW1ntde+/4J9LNJ/b3+GZ6TJ/vZC5tNdef8Ta/f/y5uM9iYdTo+1EUDznyd3IzbXNz/mZaDImilBVFaW8Uwz+Lw0dRzoqifMgoAOC0rGVkIUsO5N0vOMt9WXaXz8zu72Q+bTM/k5xYJ2eGnNHtrDO6fcjs9seBZyCNyrFxv799lFXfxxu8H9lv2CxZ8Ud44fXGd3J5c2v79vrGyrPus+6LUqlcse/a9r2STCXD6BfkHgDAEHufsWMNzf+ZT+Gx7mZcVf9/5ysFBXkqL6Unq7KQ3G2QfONg6F7ze76GsJBx1ZpP0mT6hJeFMVd1/0nuchjstzS27f4YyifwkwAA4OTMZeThT8n/CxnX3ftz+fir4/yep7UBAIDjoYMPVj76yQoC035SrFaLTrSoVeC7j1Rgag2tjBfpwF10vIZW7cCPfNdvxpXHpqZDFXbabT+IVN0PVNsPzVIyfaDqP/o91C3Hi4wbtpvaCbVyfS9y3EjVTOiqdufbpgkXdZBsHLa1a+rGdSLjeyr0O4GrC0qFWu9paGrai0zdxFVPtQPTcoKceuw3Oy2tajp0A9OO/HSHg76MV/eDVrLbwml/2AAAnBGbW9vPV3q97qtjrAztOHfiQwUAAH0ZWRoAAAAAAAAAAAAAAAAAAAAAAJwBJ3H/H5VzXhlMBX1W4qFyBJXMU8ebYz85AThW/wQAAP//rVVPjw==")
r3 = socket$unix(0x1, 0x5, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_WRITEV={0x2, 0x1a, 0x4000, @fd_index=0x1, 0xbf3, 0x0, 0x0, 0x6840abb1c9b4ef6d, 0x0, {0x2}})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
getpeername$unix(r3, &(0x7f0000000540), &(0x7f00000005c0)=0x6e)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_opts(r4, 0x0, 0x4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xb, &(0x7f00000006c0)=ANY=[@ANYRES64=r1], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1d}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="010001000000000000001000015b097ead85847817353d2dbad05dd5", 0x1c, 0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x14, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
fchmodat(r2, &(0x7f0000000500)='./file1\x00', 0xd6)
r7 = syz_io_uring_setup(0x4553, &(0x7f0000000400)={0x0, 0x59fc, 0x20, 0x203, 0xbd7f7fff}, &(0x7f0000000040)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000180)=@IORING_OP_MKDIRAT={0x25, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000037c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x1})
io_uring_enter(r7, 0x5535, 0x3acd, 0x22, 0x0, 0x0)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x1, &(0x7f00000007c0)=ANY=[@ANYBLOB="3f0bc0ff10000000ae733220239c66e1d53f608bc7ab20022d314ce6781b33abf02fe6df8cde9e0f73aa4d34f3b642fd2781ad3b4902550db9549ace4af30794c507e0f408da9a0967f488aba73d7a7670aba9e143770819104107b7caf0ffdfece56c480d70e038bd9cb7b0257d93015b1dd614eafdfcead227ff1f5810eb465d0b8da2557b2fe93b"], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x78, &(0x7f00000000c0)=""/120, 0x40f00, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x3, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000200)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000240)=[{0x4, 0x3, 0x7, 0x6}, {0x1, 0x1, 0xc, 0x1}, {0x5, 0x5, 0xf0, 0x5}], 0x10, 0x1}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000023ed0000180100002820702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f00000008c0)='fscache_cookie\x00', r11}, 0x18)
syz_io_uring_setup(0x1d1f, 0x0, 0x0, 0x0)
r12 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r12, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000280)=<r13=>0x0, &(0x7f00000003c0)=0x4)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000880)={r10, r13, 0x25, 0x4, @val=@netfilter={0x0, 0x1, 0x80b, 0x1}}, 0x20)

1m22.973454307s ago: executing program 2 (id=2106):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
unshare(0x2040400)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
sendmmsg$inet(r1, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)="7ddb889a", 0xfffffcda}], 0x1}}], 0x1, 0x20000054)
pipe(0x0)

1m22.959877018s ago: executing program 33 (id=2106):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
unshare(0x2040400)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
sendmmsg$inet(r1, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000540)="7ddb889a", 0xfffffcda}], 0x1}}], 0x1, 0x20000054)
pipe(0x0)

1.196602602s ago: executing program 4 (id=4292):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000060000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r3=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = gettid()
sendmsg$unix(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000400)='>N', 0x2}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r7, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r6, @ANYRES32=r5, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=r6, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r5, @ANYBLOB="e5ffff6e"], 0xa0}, 0x4004881)
syz_emit_ethernet(0x36, &(0x7f0000001680)=ANY=[@ANYBLOB="aaaaaaaaaaaaa31d7b3753c986dd68096b0d000000012001000000000000000000000000000120010000000000000000030000000002"], 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r3, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)

1.180215554s ago: executing program 0 (id=4293):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file3\x00', 0x88, &(0x7f0000000240)={[{@nogrpid}, {@min_batch_time}, {@debug}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@nodiscard}, {@grpquota}]}, 0x6, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
r2 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r2, 0x0, 0x0, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000300)='5', 0x1}], 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="30000000000000008400000001000000000000"], 0x30}], 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f00000006c0)={'#! ', '', [{0x20, '+)*)}-('}]}, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1018, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x40000008, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000a00)=@newtaction={0x68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x54, 0x1, [@m_ctinfo={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0xfffff001, 0x7, 0x8, 0x8, 0x3856}}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x3}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x440c0}, 0x0)
r6 = mq_open(&(0x7f0000000000)='!selinu\xff\x7f\x00\x00inux\x00T\x8b\xb5\xf3\xcb\xdd\xe3\xbf2\x86\x01\x84\xdd\x8a\x8f_l\xa1L\xb1\xef\xb2\xc9\xf7+C\xb2\x8e9\xb8\xec\x1a\xe5\xaeq\x8fZ\xff\xbcY+\xaf0<\xa3\xb8\"Zm\x1c\x18\x11\x93\xb5z \xc2\x8b\xa9\xc5\x9es\t\xfe\x002\xa0-\xaf\xcdP\x9f\xe5Iv\xce*\xa8\xa3\x14i\x05\x8f\x9b\x1eB\x9f\x9d#E\x19\xdc\xfe\xc7\xeb\xb5\xcd\xc8\xe2U\xce\x00\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x0, 0x1, 0x3})
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r6, 0x0, 0x300, 0x0, 0x0)
mq_timedreceive(r6, &(0x7f0000000340)=""/200, 0xc8, 0x0, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000040), 0x208e24b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
fadvise64(r7, 0x2, 0x0, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x20ffe, 0x0, 0x0, 0x40f00, 0xac, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)

1.157917976s ago: executing program 4 (id=4295):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1342, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000540)="89e7ee0c7cdad9b4b47380c988cafbe863cac505", 0x14}, {&(0x7f0000000000)="448b7cff030000000000008a15df09", 0xf}, {&(0x7f0000000100)="36d1ce1e6d25a81a70ff16f304874ef539d80e29baefbb8c", 0x18}], 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]})
close_range(r5, 0xffffffffffffffff, 0x0)

993.043232ms ago: executing program 4 (id=4300):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r2)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r4=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0xe1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r4}}], 0x20, 0x2400e044}, 0x0)

939.088078ms ago: executing program 0 (id=4303):
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6(0xa, 0x40000080806, 0x0)
socket(0x1, 0x80802, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x0, @perf_bp={0x0, 0x1}, 0x419, 0x40000000, 0x0, 0x8, 0x103fb, 0x1ff, 0x1ff, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb)
preadv(r0, &(0x7f0000000040)=[{&(0x7f0000001440)=""/4106, 0x100a}], 0x1, 0x300, 0x0)

822.597479ms ago: executing program 0 (id=4310):
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0, 0x0, 0x400007}, 0x18)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x6, 0xf, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000040000000000000060b4000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000f00b7030000000000008500000083000000bf0900000000000055090100000000009500002100000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r2, 0x25, 0x0, @void}, 0x10)

806.50269ms ago: executing program 0 (id=4311):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1342, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000540)="89e7ee0c7cdad9b4b47380c988cafbe863cac505", 0x14}, {&(0x7f0000000000)="448b7cff030000000000008a15df09", 0xf}, {&(0x7f0000000100)="36d1ce1e6d25a81a70ff16f304874ef539d80e29baefbb8c", 0x18}], 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]})
close_range(r5, 0xffffffffffffffff, 0x0)

716.078199ms ago: executing program 0 (id=4315):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
open_by_handle_at(r1, &(0x7f0000000040)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYRES8=r1], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={0x0, r2, 0x0, 0xfffffffffffffff4}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[], 0x50)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r6, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x200}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
syz_usb_connect_ath9k(0x3, 0xfeab, 0x0, 0x0)
write$tun(r4, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0xfd5e, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffff20, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x700, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2, 0xffffff07}, @generic={0x0, 0x2, "d58838000391"}]}}}}}}, 0xfd6c)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r9}, 0x18)
unshare(0x28000600)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r3, 0x0, 0x0}, 0x20)
r10 = syz_open_dev$usbfs(&(0x7f0000000340), 0xffffffffffffffff, 0xa82)
r11 = dup(r10)
ioctl$USBDEVFS_CONTROL(r11, 0xc0185500, &(0x7f0000000400)={0x23, 0x3, 0x14, 0x6, 0x0, 0xffffffff, 0x0})

505.2777ms ago: executing program 6 (id=4321):
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0, 0x0, 0x400007}, 0x18)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x6, 0xf, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000040000000000000060b4000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000f00b7030000000000008500000083000000bf0900000000000055090100000000009500002100000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r2, 0x25, 0x0, @void}, 0x10)

477.827193ms ago: executing program 6 (id=4322):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r0, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x3}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000003580)=[{0x0}, {0xffffffffffffffff}], 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
ioctl$SIOCPNENABLEPIPE(r0, 0x89ed, 0x0)

472.446833ms ago: executing program 5 (id=4323):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000140), &(0x7f0000000040)='%pI4   \x00'}, 0x2a)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0xb, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4002}, 0x50) (fail_nth: 6)

427.395528ms ago: executing program 3 (id=4324):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000400)={'gretap0\x00', &(0x7f0000000340)={'syztnl2\x00', 0x0, 0x1, 0x700, 0x401, 0xfffffff9, {{0x27, 0x4, 0x2, 0x3d, 0x9c, 0x65, 0x0, 0x7f, 0x4, 0x0, @local, @local, {[@rr={0x7, 0x1f, 0x5, [@private=0xa010100, @broadcast, @multicast1, @local, @multicast2, @broadcast, @multicast1]}, @ra={0x94, 0x4}, @ssrr={0x89, 0x27, 0xc1, [@empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010100, @remote, @empty, @multicast1, @broadcast, @private=0xa010101, @multicast1]}, @ssrr={0x89, 0x17, 0xff, [@broadcast, @loopback, @empty, @remote, @multicast1]}, @lsrr={0x83, 0xf, 0x1b, [@rand_addr=0x64010102, @empty, @multicast1]}, @timestamp={0x44, 0x8, 0xf8, 0x0, 0x2, [0x40]}, @end, @generic={0x83, 0xe, "1ca9beed075e163a267fc2c6"}]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000080d096019aaaebcfec95bd1f92f14527ae3b25", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ip6gretap0\x00', <r5=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000280)={@remote, r5}, 0x14)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, r5, {0xfffd, 0x10}, {0x8, 0x4}, {0x6, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x8804)
dup2(r2, r4)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x10)
r7 = getpgrp(0x0)
r8 = syz_pidfd_open(r7, 0x0)
setns(r8, 0x34020000)

426.867948ms ago: executing program 5 (id=4325):
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
writev(r0, &(0x7f0000003740), 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000240)=0x2, 0x4)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, 0x0, 0xfb5)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000080)={'sit0\x00', 0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r4}, &(0x7f0000000580), &(0x7f00000005c0)=r5}, 0x20)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
sendmsg$GTP_CMD_ECHOREQ(r6, 0x0, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0) (fail_nth: 6)

426.583288ms ago: executing program 6 (id=4326):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1342, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
close(0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000540)="89e7ee0c7cdad9b4b47380c988cafbe863cac505", 0x14}, {&(0x7f0000000000)="448b7cff030000000000008a15df09", 0xf}, {&(0x7f0000000100)="36d1ce1e6d25a81a70ff16f304874ef539d80e29baefbb8c", 0x18}], 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]})
close_range(r5, 0xffffffffffffffff, 0x0)

423.531098ms ago: executing program 3 (id=4327):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) (async)
unshare(0x2c020400)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0e000000040000000400000012"], 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000800)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000540), &(0x7f00000001c0)='./file1\x00', 0x14004, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0], 0x4, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=") (async)
chown(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0}, 0x20) (async)
r5 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xff}, 0x7}, 0x1c) (async)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x2, 0x4, 0x6, 0x1, 0x1000, 0xffffffffffffffff, 0xfffffffc}, 0x50) (async)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000030010850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r9}, 0x18) (async)
setitimer(0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r6}, 0x10) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x20, &(0x7f0000000080)={&(0x7f00000002c0)=""/123, 0x7b, <r10=>0x0, &(0x7f0000000840)=""/156, 0x9c}}, 0x10)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x52, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r11}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

151.567545ms ago: executing program 3 (id=4328):
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81)
write$sndseq(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1900000004000000080000000870f6d7ea"], 0x50)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x4c, 0x4c, 0x5, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0xa, 0x5}, {0x9, 0x5}]}, @float={0x7, 0x0, 0x0, 0x10, 0x8}, @type_tag={0x9, 0x0, 0x0, 0x12, 0x1}, @const={0x2, 0x0, 0x0, 0xa, 0x1}, @fwd={0x10}]}, {0x0, [0x5f, 0x5f, 0x2e]}}, &(0x7f0000000240)=""/37, 0x69, 0x25, 0x1, 0xff, 0x10000}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r3)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r3, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x3c, r4, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}]}, 0x3c}}, 0xc001)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_DISABLE_BEARER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r5, 0x12b084226d2dad07, 0x0, 0x0, {{}, {}, {0x0, 0x13, @udp='udp:syz0\x00'}}}, 0x2c}}, 0x0)

151.281125ms ago: executing program 5 (id=4329):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000200), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
creat(&(0x7f00000000c0)='./bus\x00', 0x1a2)

150.874735ms ago: executing program 3 (id=4330):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000060000850000001b000000b7000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r3=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = gettid()
sendmsg$unix(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000400)='>N', 0x2}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r6, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r5, @ANYRES32=r4, @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=r5, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r4, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881)
syz_emit_ethernet(0x36, &(0x7f0000001680)=ANY=[@ANYBLOB="aaaaaaaaaaaaa31d7b3753c986dd68096b0d000000012001000000000000000000000000000120010000000000000000030000000002"], 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r3, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)

135.947456ms ago: executing program 3 (id=4331):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000060000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r3=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = gettid()
sendmsg$unix(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000400)='>N', 0x2}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r7, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r6, @ANYRES32=r5, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=r6, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r5, @ANYBLOB="e5ffff6e"], 0xa0}, 0x4004881)
syz_emit_ethernet(0x36, &(0x7f0000001680)=ANY=[@ANYBLOB="aaaaaaaaaaaaa31d7b3753c986dd68096b0d000000012001000000000000000000000000000120010000000000000000030000000002"], 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r3, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)

92.713571ms ago: executing program 4 (id=4332):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
faccessat(r0, &(0x7f0000000000)='./file0\x00', 0x5)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)

90.659931ms ago: executing program 5 (id=4333):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1, 0x0, 0x400007}, 0x18)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x6, 0xf, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000040000000000000060b4000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000f00b7030000000000008500000083000000bf0900000000000055090100000000009500002100000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r3, 0x25, 0x0, @void}, 0x10)

90.302871ms ago: executing program 4 (id=4334):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, r1, 0xd7b825ccd16be7b5, 0x70bd29, 0x25dfdbfb, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20004810}, 0x2000c800)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x0, 0x1}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x200000, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x2, 0x1}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000090}, 0x95)
r4 = dup3(r2, r3, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r4, 0x10f, 0x88)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), r4)
r5 = socket(0x2, 0x3, 0xff)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000040)=0x40a0, 0x4)
connect$inet(r5, &(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet6(r5, &(0x7f0000003900)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000100)="0cd1d5745c1b2ba15d48bd5398901feb3b2878ae4f0b3a3509c6d1fbe30137dc00d75ca3f93e724f9b6eb1d1090147ae1cab571c7e5ccb721fc95d8bb36294ad24fbbe197c48d759e3a4e9d001eb37a2c1e8dbea99f46c7fd5a34ae5fed2343e0653c194a0c28676ceb3a9cce951", 0x6e}, {0x0}], 0x2}}], 0x1, 0x4000080)
r6 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
setuid(0xee00)
syslog(0xa, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="b1", 0xfffd, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000540)={'gretap0\x00', &(0x7f0000000300)={'gretap0\x00', 0x0, 0x80, 0x8000, 0xda, 0x67bb4f3c, {{0x1f, 0x4, 0x0, 0x24, 0x7c, 0x66, 0x0, 0x9, 0x2f, 0x0, @local, @empty, {[@end, @ssrr={0x89, 0xb, 0xf, [@private=0xa010100, @private=0xa010102]}, @cipso={0x86, 0xa, 0x2, [{0x7, 0x4, "01d3"}]}, @cipso={0x86, 0x11, 0x2, [{0x5, 0x3, "96"}, {0x0, 0x8, "72fc1af6ce38"}]}, @lsrr={0x83, 0x1b, 0x15, [@multicast2, @dev={0xac, 0x14, 0x14, 0x31}, @multicast2, @dev={0xac, 0x14, 0x14, 0x2d}, @remote, @dev={0xac, 0x14, 0x14, 0x19}]}, @lsrr={0x83, 0x1f, 0x29, [@multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x42}, @empty]}, @ra={0x94, 0x4}]}}}}})
syz_open_procfs(0x0, &(0x7f00000001c0)='map_files\x00')
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={r4, 0x20, &(0x7f0000000740)={&(0x7f0000000600)=""/212, 0xd4, 0x0, &(0x7f0000000700)=""/48, 0x30}}, 0x10)

83.566611ms ago: executing program 6 (id=4335):
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000400000099000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r2, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

54.849154ms ago: executing program 6 (id=4336):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000040000004500000088140000", @ANYRES32, @ANYBLOB="0500000000000000000000000000000000000000a3d9f97879730200000000000000b0fc79bd7f64332dbbee9f8552456cf2fc0a5f72987139554888f4053907a47e602c95eff559947be6d3c14bb63706c2e84bd4ff33805e387f80029c6e8e94e102196413d8e8688809271530d4e39f4aa0ffefe86ddf102f751bdd9d52177fe15224e547730cdb5e2cb5ebe539529eb53894ba17b79513198a944c831b3219001d2a002bca2c8eb289b4e073bd03d05cc71c777187a7e85f4d95cd92a65caaeb0cacececa046ac1b330a4be97215480dcec7bf0a0f1ed69bcbb721b1d3a0b481ff2e38c668467f277786fe6227534e3f50f9f5ecd5ee33e1185e7029b45e047f9783a15d0175e97e6a0670cdc9f5c0e85f43c6345be954caeccfb94ef6645a3e03c63052eca47a10f438ea472c58c7cee76e48cee4a5f696ce6b03bd9112f7b80145a4162ebb3c77663a8a2746d967a51d1fa36e257999929924925eae2bf7e1edc1b26abb1bf5978b9b31257a2edb", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003000000018000180140002007665746830"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000000)=<r3=>0x0)
ioctl$sock_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0x0, @nfc={0x27, r3, 0xffffffffffffffff, 0x3}, @qipcrtr={0x2a, 0xffffffffffffffff, 0x7ffe}, @tipc=@name={0x1e, 0x2, 0x2, {{0x41, 0x3}}}, 0x9, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000080)='syzkaller0\x00', 0x3, 0x3de9, 0xd})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=<r5=>r0, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r6}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0xfffffffffffffffe, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r5], 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r7}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

54.220735ms ago: executing program 5 (id=4337):
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
writev(r0, &(0x7f0000003740), 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000240)=0x2, 0x4)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, 0x0, 0xfb5)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x89f4, &(0x7f0000000080)={'sit0\x00', 0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r4}, &(0x7f0000000580), &(0x7f00000005c0)=r5}, 0x20)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
sendmsg$GTP_CMD_ECHOREQ(r6, 0x0, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x8cff)

31.366286ms ago: executing program 3 (id=4338):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x2, @remote, 0x1}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7}, 0x18)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0, 0x2000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

23.526297ms ago: executing program 4 (id=4339):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r1)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r3=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)='F', 0xe1}, {0x0, 0xe0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r3}}], 0x20, 0x2400e044}, 0x0)

798.979µs ago: executing program 5 (id=4340):
syz_mount_image$ext4(&(0x7f0000000680)='ext2\x00', &(0x7f0000000040)='./file2\x00', 0x10000, &(0x7f00000000c0)={[{@jqfmt_vfsv1}]}, 0x1, 0x559, &(0x7f0000000100)="$eJzs3U9vI2cZAPBnHDu76YYmQA8FqX9EK2UrqL3p0jbi0BYJcasEKvclynqjaJ14FTtlE61g9wOgSghBxa0nLkh8ACTUG1eEVAkunDggUIFdOFQIOmjGkw3OjhunG9ut/ftJb+b/PM9re8bjmTczAcyspyPitYiYi4jnImKpGF8pStzulWy+e3dvbWQliTR94+9JJMW4bLakKJkLxWLne51Snf2D6+utVnO3GG50t280OvsHz29tr282N5s7ly+vvrT28tqLa5dKlq4OUbM7fUOPRsQr3/jzT976+Tdf+fVXvvenK3+9+P0s38Vi+mE9Sl0cItwAvdeklr0W92XZ7378VX6izBX1qZ0458JY8gEA4KNlx/ifi4gv5cf/SzE31LF1TzLSzAAAAICzkr66GP9JIlIAAABgalXyNrBJpV60BViMSqVe77XhfSweqbTane6Xr7X3dq722souR61ybavVvDTfayu8HLUkG17N+4+GX7g/nPS1Af7x0kI+vb7Rbl2d3GkPAAAAmCkXjv3+/9dS7/f/R7iTpmk6tgQBAACAs7E86QQAAACAkXvw9/87E8kDAAAAGB3X/wEAAGCqfev117OS3rt7a2MuIq6+ub93vf3mb6LZuV7f3tuob7R3b9Q32+3NVnouYvuk9bXa7RtfjZ29m41us9NtdPYPrmy393a6V7b6HoENAAAAjNFnn3r3D0lE3P7aQl4y89mfuQEL9NoKVMaXITAqw2/INnmYNoO+5h9UHWkewPjZqmF21Xqd5OQ5/+2e/zClTtoBDGy889uHCutBIgAAMEYrXyi//l89OjcATClX9WF2lV7/t1OAmeD6P8yu2ilaAALTZ2GIec73NwE4ai4w9PX/w0v9824EAgAAE7KYl6RSL077L0blg7QnlqOWXNtqNS9FxKMR8ful2rlseDVfMhnmnwYAAAAAAAAAAAAAAAAAAAAAAAAAgPyu3EmkAAAAwFSLqPwlKR7otbL07OLx8wPzyQdLeTd/OsAbP7253u3urmbj/1GMj+i+XYx/4TRnHjxkGAAAAEYl/53+w6K7OulsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJg29+7e2jgs44z7/tcjYrksfjXO593zUYuIR/6ZRPVwoacikoiYO4P4t+9ExONl8ZMsrVgusuiLHxGViFjIsxh5/CfSNC2Nf+Gho8Nsezfb/7xWtv1V4um8W779V4vysAbv/yr3939zJfGzPc9nhozxxfd+2Sifcq43vVq+/zmMnwyI/0zZKktelO9+5+BgUG7pOxErpd8/SV+sRnf7RqOzf/D81vb6ZnOzuXP58upLay+vvbh2qXFtq9Us/pbG+NETv/pwUPz8u2VA/OX++q8fr/+zhys4wX/fu3n380fh/n8V8f6diIvPxIdp+uD7/3h//L6Xdi5+UMzVW9FKxFt/K6atHIv/5C9+9+Sg3LL4VwfU/6T3/+LJVc899+37vemQiwAAI9TZP7i+3mo1d0/fs3C6pd5O0/RjxzplT3bEPGDSH3/Wq/gZxMqOj84g58cGpfpJ7nn1NDOn58o+bGfxFnw6e6oP/7GpDP6En1HPRHdLAADACBwd9E86EwAAAAAAAAAAAAAAAAAAAJhd47jh2fGYt3ud+QlUFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgoP8FAAD//zrp238=")
r0 = inotify_init1(0x80000)
r1 = inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x10000a0)
r2 = dup(r0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)=@newqdisc={0xa8, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}, @TCA_STAB={0x70, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xcd, 0x7f, 0x8, 0x0, 0x0, 0x0, 0x2, 0x1}}, {0x6, 0x2, [0x4]}}, {{0x1c, 0x1, {0x2, 0xec, 0x3, 0xd, 0x0, 0x8001, 0x7, 0x1}}, {0x6, 0x2, [0x8001]}}, {{0x1c, 0x1, {0x4, 0x2, 0x6, 0x77dd, 0x1, 0x7, 0x9, 0x1}}, {0x6, 0x2, [0x1]}}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4008094}, 0x8840)
umount2(&(0x7f0000000cc0)='./file2\x00', 0x2)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r3, 0xf504, 0x0)
getsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000c40)={0x0, 0x9}, &(0x7f0000000c80)=0x8)
inotify_rm_watch(r2, r1)
setsockopt$WPAN_WANTLQI(r2, 0x0, 0x3, &(0x7f0000000080)=0x1, 0x4)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file2\x00', 0x10000, &(0x7f00000001c0), 0x1, 0x559, &(0x7f00000006c0)="$eJzs3U1sI1cdAPD/OHZ2sxtIgB4KUj9EK+1WUHvTpW3EoS0S4lYJVO5LlPVG0TrxKnbKJqogK84ICSGouPXEBYkjByTUG1eEVAkunBAgUAVbOBQEDJqPbJrsuHG6dryKfz/pZd58/t8b28/jmZeZAKbWkxHxSkTMRMQzEbFQTq+VKfaKlC333t03VrOURJq+9rckknJatlhSpszFcrXzEcnegLi9nd2bK51Oe6scb/U3brV6O7vPrm+srLXX2ptXry69sPzi8vPLVyrWrg9RszuHxrJ6vfTlP//wez/5yku//Pw3/3Dtr5e/lW1lvpy/X49RK/ZJI9sX92Rxt8YRbAJmyvo0Jl0QAACGkh3jfzIiPpsf/y/EzFDH1oVkrCUDAAAARiV9eT7+k0SkAAAAwJlVy/vAJrVm2RdgPmq1ZrPow/tIXKh1ur3+5250tzevF31lF6NRu7HeaV+ZLfrULkYjycaX8vzB+HP3xg93Af7Bwlw+v7na7Vyf3GkPAAAAmCoXj/z+/+dC8fv/Q9xJ0zQ9tQICAAAAo7E46QIAAAAAY3f/7/+3JlIOAAAAYHxc/wcAAIAz7auvvpqldP/519df39m+2X39V9Hu3WxubK82V7tbt5pr3e5aJz0XsXHc9jrd7q0vxOb27Va/3eu3eju71za625v9a+uHHoENAAAAnKJPPPH275KI2PviXJ4ys9mfmQErFH0FaqdXQmBcTvRB/tP4ygGcvkFf8/erj7UcwOnzqYbp1SgGyfFL/ts9/+GMOq4BGNh559ejLwsAADAelz5dff2/fnBuADijdOSB6TX89X/grHH9H6ZXozwC0A7AdJobYpkj1/8PugsMuP5//3mFtOw/NOtGIAAAMCHzeUpqzfKYfT5q76eFWIxGcmO9074SER+PiN8uNM5l40v5mskw/zQAAAAAAAAAAAAAAAAAAAAAAAAAAOR35U4iBQAAAM60iNpfkvKBXpcWnp4/en5gNnl/IR/mTwd47Ue3V/r9raVs+t/L6RH9N8vpz53kzIMnjwMAAMC45L/Tv1sOlyZdGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOmvfuvrG6n04z7rtfiojFqvj1OJ8Pz0cjIi78I4n6/kpPRCQRMTOC+Ht3IuLRqvhJVqxYLEtxKH5E1CJiLi/F2OM/lqZpZfyLDxwdptvbWfvzStXnrxZP5sPqz3+9TA9qcPtXu9f+zVTEz1qejw0Z4zPv/KxVPedcMb9e3f7sx08GxH+qapMVO+UbX9/dHVS29K2IS5XfP8mhWK3+xq1Wb2f32fWNlbX2Wnvz6tWlF5ZfXH5++UrrxnqnXf6tjPH9x37xv0Hx370TcSGLn1W2ov39QP1Xjtb/6SzTGLTlA/995/bdTxXZxpFN5PEvP1X9+j96OP6hXTsT3y6XKjZ0aT+/V+Q/6PGf/ubxD6v/9QH7/7jX//LxVc8987Xv/LHMpkOuAgCMUW9n9+ZKp9PeOnlm7mRrvZmm6UeOdcJMdsQ8YNbvf1xUfASxsuOjEZT5kUFFfZgzL59k4fRc1ZvtQV6Cn/8rzT0ke+OEmfqDv21qg9/hI8pMtFkCAADG4OCgf9IlAQAAAAAAAAAAAAAAAAAAgOl1Gjc8OxpzrxjMTqC6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/T8AAP//jxbceg==")

479.109µs ago: executing program 6 (id=4341):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0xc, @ipv4={'\x00', '\xff\xff', @empty}, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r2}, 0x18)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
sendmsg$inet(r4, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0xffdf}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x73}, @noop]}}}], 0x40}, 0x0)
read$char_usb(r4, &(0x7f0000000180)=""/133, 0x85)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000000201010100000000000000000200000004000180180002801400018008000100b04c94a708000a00ac03cdaa14001980"], 0x44}, 0x1, 0x0, 0x0, 0x894}, 0x4000000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="05000000040000000800000008"], 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r8}, 0x10)
socket$pppoe(0x18, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x0)

0s ago: executing program 0 (id=4342):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$vcsn(&(0x7f00000009c0), 0xa67, 0x1050c0)
setsockopt$MRT_DEL_VIF(r1, 0x0, 0xcb, &(0x7f0000000a00)={0x0, 0x8, 0x6, 0x6, @vifc_lcl_addr=@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x9, 0xfec, &(0x7f0000006680))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r2, &(0x7f0000000580), 0x0}, 0x20) (async)
sigaltstack(0x0, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0) (async)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$tipc(r4, &(0x7f0000000980)={&(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x2, 0x2}}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000100)="4adf1260977fdd0dfb8d25c4118c562fd9e4603920011f5b31c07a8910f72007972fa8db55cfbb1849a374bb4b72644131123d2c1132a9b6c9cde9b703c3f7701dfc825394d2ef7c953ae4706614ef3ce817b5e8fa1fa9f65797ae5b3ef814802841af96c99fb4a9838acf601c3efe5dbdd136d5e8f8514a786bc88b2eeca79c84bb8bb0162497cc72ceb3b7acedd967f94332bcf98edc07d7696e7e832ee54d50e25a6675c11eafe56295ebdccf80705c5075b8052cf12eaf37be77ce03577dfff1c32c7a0921d7468ba7db168a509e4b4185fda45d185349515ef73b6cf610fae236a151a970", 0xe7}, {&(0x7f0000000200)="e70f63dbf2c18e3575ca2a5fcc31aa2c4ae0ca55c24a0daddfd30e5983ab4276a9dbd55db6ed90de375541569165de0413afb3c54914a8271720032c2f99e5bd206b03f7b13a5adf46feca3bf4d1130ed17c304adb32933fa9449bcf01ff8f2de2b02cb1c1a93e27a601e58953cafe2f46b89f80", 0x74}, {&(0x7f00000002c0)="248de906961c081d58e5d70536044a1cae8af06e121116dadfc61f18e8d74de3943c47a91bbcc879f7af7635d6d92ef77c6f8b54a392ccba874a67cacf4ac034deb4c0796511c44f926789474aaf7efc1ac6e4ed43605c1183650ec252cb67e13f5079e100778b2b350aa7047a430c484c7bfd6179a355", 0x77}, {&(0x7f00000003c0)="5d5a8bfc4031e13eec1ec32b0af8f6fe95d38cdb65e76210fe8117eed15bd34616a6e515233f04ad8e1a1ca8bab80f533698bfd3684cb6843057df450e903d9f8354cd778c29c904a6990d92517016a2c9ffa6ca3e3a9fc5ae35b2a1c6f2bd376a9100d5654fdcdb81bb182d640b050c43df873d46e4be91e8e34262bf623fa3319828980c8951873d80c3974e5724f35744f6af92c3d75dadea25f14ec898", 0x9f}, {&(0x7f0000000540)="253e9c7ac489dfbf292a5aba4f9a12927c29086021c14d7a52d1859563aeb33a2d47f72a7ad0045e432027069ff7b07bb90c33d8e9c7afe0235c685bfdeea5825bcad8c0acb09084a1ede3e7e0e3814cc1b0893818143972324af0f7f4c03994ab17c7c7d4fc9121f84616237c334b4a34f3f683649d387afacb0374667582c4b9d92c4841c985bfa0c6d333f1be23e627567174b5bdb2ba0b4b57f177872239ef3cd2590fe3fe3978b68c9a3818b50da56cc2cdaec7a803b260dba2ce0dde35f6b7c42171401757a58edd3adacd", 0xce}, {&(0x7f00000006c0)="c2639ac5a706e1874ad79155e5d798a2d14bf4c392a04266eea5350b1b798f4e1529eac1a6c994112975536ad4a61c8e0a58badaf761da1abfd60be803e5ed8060987bc1c3531ab4fb3d698ccbcb5d6dafbd4709655c1d7b5260b27814da64fcd7851fd07cb68db10d1f574c5797313499835765d3cd45fc2b79c041d4f3dc86a6e6864a", 0x84}, {&(0x7f0000000780)="96b8c7c3aefffb6a230e941d755fbd542efbc4e7a76af5106dd90f44375f5134b4c5009d6de3fd1b95f427d53825169d8cbe1a96dcf0bdcd7338d6460f26b6c920fcd75699ff8176b28e37b0c42e9eb23197768cfb1f8c9c7dfc851fd40d4477ddce7e073a9572410ae59ea40c9ae56c2fbd58d2a163e06a115b9e27326fc22e4677eab181f174805ba801674853c222894203e7e58c7e976b0a1d0278f3ea7f8875", 0xa2}], 0x7, &(0x7f00000008c0)="6f4607da3ff2ee6740d62663998bf534d44de7cd45f77f892c147be1b294435395e6c2e6b07557437e6c4718074376cfab529bb3937cd9f2489f7f3ab4a056a9ac03fd0860d7a70efd7a25ff65434aa49c8de1c75c5ab513bdf3374bf311a236a3191a2321ab0f295c49cdf073165ec09177932c6eb5dfc3d91026b49027965aa42357650489153bbe9555dccb9f", 0x8e, 0x800}, 0x4040001) (async)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_flash={0x33, 0xea6, '.\x00'}})

kernel console output (not intermixed with test programs):

: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  167.407929][T12810] CPU: 0 UID: 0 PID: 12810 Comm: syz.4.3543 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  167.407958][T12810] Tainted: [W]=WARN
[  167.408007][T12810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  167.408018][T12810] Call Trace:
[  167.408023][T12810]  <TASK>
[  167.408029][T12810]  __dump_stack+0x1d/0x30
[  167.408052][T12810]  dump_stack_lvl+0xe8/0x140
[  167.408072][T12810]  dump_stack+0x15/0x1b
[  167.408088][T12810]  dump_header+0x81/0x220
[  167.408154][T12810]  oom_kill_process+0x342/0x400
[  167.408190][T12810]  out_of_memory+0x979/0xb80
[  167.408319][T12810]  try_charge_memcg+0x610/0xa10
[  167.408390][T12810]  obj_cgroup_charge_pages+0xa6/0x150
[  167.408408][T12810]  __memcg_kmem_charge_page+0x9f/0x170
[  167.408426][T12810]  __alloc_frozen_pages_noprof+0x188/0x360
[  167.408578][T12810]  alloc_pages_mpol+0xb3/0x260
[  167.408599][T12810]  ? alloc_pages_noprof+0xf4/0x130
[  167.408619][T12810]  alloc_pages_noprof+0x90/0x130
[  167.408639][T12810]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  167.408744][T12810]  __kvmalloc_node_noprof+0x483/0x670
[  167.408836][T12810]  ? ip_set_alloc+0x24/0x30
[  167.408869][T12810]  ? ip_set_alloc+0x24/0x30
[  167.408958][T12810]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  167.408985][T12810]  ip_set_alloc+0x24/0x30
[  167.409051][T12810]  hash_netiface_create+0x282/0x740
[  167.409081][T12810]  ? __pfx_hash_netiface_create+0x10/0x10
[  167.409122][T12810]  ip_set_create+0x3cc/0x970
[  167.409144][T12810]  ? __nla_parse+0x40/0x60
[  167.409163][T12810]  nfnetlink_rcv_msg+0x4c6/0x590
[  167.409221][T12810]  netlink_rcv_skb+0x123/0x220
[  167.409244][T12810]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  167.409269][T12810]  nfnetlink_rcv+0x167/0x16c0
[  167.409288][T12810]  ? kmem_cache_free+0xe4/0x3d0
[  167.409340][T12810]  ? __kfree_skb+0x109/0x150
[  167.409428][T12810]  ? nlmon_xmit+0x4f/0x60
[  167.409447][T12810]  ? consume_skb+0x49/0x150
[  167.409469][T12810]  ? nlmon_xmit+0x4f/0x60
[  167.409524][T12810]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  167.409551][T12810]  ? __dev_queue_xmit+0x1200/0x2000
[  167.409574][T12810]  ? __dev_queue_xmit+0x182/0x2000
[  167.409665][T12810]  ? merge_sched_in+0x605/0xa30
[  167.409700][T12810]  ? ref_tracker_free+0x37d/0x3e0
[  167.409734][T12810]  ? __netlink_deliver_tap+0x4dc/0x500
[  167.409762][T12810]  netlink_unicast+0x5c0/0x690
[  167.409823][T12810]  netlink_sendmsg+0x58b/0x6b0
[  167.409850][T12810]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.409886][T12810]  __sock_sendmsg+0x145/0x180
[  167.409922][T12810]  ____sys_sendmsg+0x31e/0x4e0
[  167.409949][T12810]  ___sys_sendmsg+0x17b/0x1d0
[  167.410008][T12810]  __x64_sys_sendmsg+0xd4/0x160
[  167.410065][T12810]  x64_sys_call+0x191e/0x3000
[  167.410083][T12810]  do_syscall_64+0xd2/0x200
[  167.410098][T12810]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  167.410175][T12810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.410193][T12810] RIP: 0033:0x7f4a48abefc9
[  167.410216][T12810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.410230][T12810] RSP: 002b:00007f4a47527038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  167.410246][T12810] RAX: ffffffffffffffda RBX: 00007f4a48d15fa0 RCX: 00007f4a48abefc9
[  167.410257][T12810] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000008
[  167.410267][T12810] RBP: 00007f4a48b41f91 R08: 0000000000000000 R09: 0000000000000000
[  167.410277][T12810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  167.410288][T12810] R13: 00007f4a48d16038 R14: 00007f4a48d15fa0 R15: 00007ffffa4645d8
[  167.410318][T12810]  </TASK>
[  167.756239][T12810] memory: usage 307200kB, limit 307200kB, failcnt 359
[  167.763136][T12810] memory+swap: usage 307568kB, limit 9007199254740988kB, failcnt 0
[  167.771037][T12810] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[  167.778308][T12810] Memory cgroup stats for /syz4:
[  167.780105][T12810] cache 0
[  167.788045][T12810] rss 0
[  167.790851][T12810] shmem 0
[  167.793778][T12810] mapped_file 0
[  167.797280][T12810] dirty 0
[  167.800473][T12810] writeback 0
[  167.803743][T12810] workingset_refault_anon 18
[  167.808310][T12810] workingset_refault_file 311
[  167.813011][T12810] swap 376832
[  167.816285][T12810] swapcached 4096
[  167.819969][T12810] pgpgin 256799
[  167.823413][T12810] pgpgout 256794
[  167.826951][T12810] pgfault 244050
[  167.830500][T12810] pgmajfault 13
[  167.833958][T12810] inactive_anon 0
[  167.837694][T12810] active_anon 0
[  167.841204][T12810] inactive_file 0
[  167.844982][T12810] active_file 16384
[  167.848884][T12810] unevictable 0
[  167.852436][T12810] hierarchical_memory_limit 314572800
[  167.857881][T12810] hierarchical_memsw_limit 9223372036854771712
[  167.864083][T12810] total_cache 0
[  167.867528][T12810] total_rss 0
[  167.870974][T12810] total_shmem 0
[  167.874427][T12810] total_mapped_file 0
[  167.878426][T12810] total_dirty 0
[  167.881919][T12810] total_writeback 0
[  167.885709][T12810] total_workingset_refault_anon 18
[  167.890817][T12810] total_workingset_refault_file 311
[  167.896017][T12810] total_swap 376832
[  167.899865][T12810] total_swapcached 4096
[  167.904019][T12810] total_pgpgin 256799
[  167.907985][T12810] total_pgpgout 256794
[  167.912105][T12810] total_pgfault 244050
[  167.916266][T12810] total_pgmajfault 13
[  167.920360][T12810] total_inactive_anon 0
[  167.924497][T12810] total_active_anon 0
[  167.928462][T12810] total_inactive_file 0
[  167.932724][T12810] total_active_file 16384
[  167.937041][T12810] total_unevictable 0
[  167.941024][T12810] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.3543,pid=12809,uid=0
[  167.955756][T12810] Memory cgroup out of memory: Killed process 12809 (syz.4.3543) total-vm:93956kB, anon-rss:1116kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  167.973624][T12832] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  168.009594][T12844] tipc: Started in network mode
[  168.014528][T12844] tipc: Node identity ea396b61789, cluster identity 4711
[  168.021682][T12844] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  168.032368][T12843] tipc: Disabling bearer <eth:syzkaller0>
[  168.128867][T12857] loop5: detected capacity change from 0 to 512
[  168.136694][T12857] EXT4-fs (loop5): orphan cleanup on readonly fs
[  168.143498][T12857] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.3562: error while reading EA inode 32 err=-116
[  168.156036][T12857] EXT4-fs (loop5): Remounting filesystem read-only
[  168.162542][T12857] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  168.173001][T12857] EXT4-fs (loop5): 1 orphan inode deleted
[  168.211204][T12864] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  168.220291][T12864] tipc: Disabling bearer <eth:syzkaller0>
[  168.300330][T12810] syz.4.3543 (12810) used greatest stack depth: 6376 bytes left
[  168.328918][T12868] netlink: 27 bytes leftover after parsing attributes in process `syz.5.3566'.
[  168.385142][T12872] loop4: detected capacity change from 0 to 512
[  168.426886][T12860] Set syz1 is full, maxelem 65536 reached
[  168.442942][T12872] EXT4-fs (loop4): 1 truncate cleaned up
[  168.451160][T12872] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3568: bg 0: block 465: padding at end of block bitmap is not set
[  168.502401][T12866] Set syz1 is full, maxelem 65536 reached
[  168.530479][T12879] 9pnet_fd: Insufficient options for proto=fd
[  168.544925][T12883] loop5: detected capacity change from 0 to 128
[  168.554140][T12883] ext4 filesystem being mounted at /194/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.594760][T12890] program syz.5.3575 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  168.609718][T12892] tipc: Started in network mode
[  168.614660][T12892] tipc: Node identity 628493dce1e, cluster identity 4711
[  168.621775][T12892] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  168.630390][T12892] tipc: Disabling bearer <eth:syzkaller0>
[  168.745258][T12908] loop5: detected capacity change from 0 to 512
[  168.752877][T12908] EXT4-fs (loop5): orphan cleanup on readonly fs
[  168.759618][T12908] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.3584: error while reading EA inode 32 err=-116
[  168.772224][T12908] EXT4-fs (loop5): Remounting filesystem read-only
[  168.778731][T12908] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  168.789064][T12908] EXT4-fs (loop5): 1 orphan inode deleted
[  168.879472][T12918] program syz.5.3588 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  168.939004][T12924] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  168.961694][T12929] xt_CT: You must specify a L4 protocol and not use inversions on it
[  168.982188][T12933] loop5: detected capacity change from 0 to 128
[  169.002392][T12939] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3598'.
[  169.012404][T12933] bio_check_eod: 30 callbacks suppressed
[  169.012419][T12933] syz.5.3595: attempt to access beyond end of device
[  169.012419][T12933] loop5: rw=2049, sector=138, nr_sectors = 8 limit=128
[  169.035159][T12933] syz.5.3595: attempt to access beyond end of device
[  169.035159][T12933] loop5: rw=2049, sector=146, nr_sectors = 6 limit=128
[  169.049202][T12933] syz.5.3595: attempt to access beyond end of device
[  169.049202][T12933] loop5: rw=2049, sector=150, nr_sectors = 2 limit=128
[  169.062676][T12933] buffer_io_error: 16 callbacks suppressed
[  169.062688][T12933] Buffer I/O error on dev loop5, logical block 75, lost async page write
[  169.077352][T12933] syz.5.3595: attempt to access beyond end of device
[  169.077352][T12933] loop5: rw=2049, sector=152, nr_sectors = 2 limit=128
[  169.090965][T12933] Buffer I/O error on dev loop5, logical block 76, lost async page write
[  169.100393][T12933] syz.5.3595: attempt to access beyond end of device
[  169.100393][T12933] loop5: rw=2049, sector=170, nr_sectors = 6 limit=128
[  169.114279][T12933] syz.5.3595: attempt to access beyond end of device
[  169.114279][T12933] loop5: rw=2049, sector=174, nr_sectors = 2 limit=128
[  169.127680][T12933] Buffer I/O error on dev loop5, logical block 87, lost async page write
[  169.136352][T12933] syz.5.3595: attempt to access beyond end of device
[  169.136352][T12933] loop5: rw=2049, sector=176, nr_sectors = 2 limit=128
[  169.149832][T12933] Buffer I/O error on dev loop5, logical block 88, lost async page write
[  169.169387][T12933] syz.5.3595: attempt to access beyond end of device
[  169.169387][T12933] loop5: rw=2049, sector=178, nr_sectors = 6 limit=128
[  169.183667][T12933] syz.5.3595: attempt to access beyond end of device
[  169.183667][T12933] loop5: rw=2049, sector=182, nr_sectors = 2 limit=128
[  169.197075][T12933] Buffer I/O error on dev loop5, logical block 91, lost async page write
[  169.205643][T12933] syz.5.3595: attempt to access beyond end of device
[  169.205643][T12933] loop5: rw=2049, sector=184, nr_sectors = 2 limit=128
[  169.219098][T12933] Buffer I/O error on dev loop5, logical block 92, lost async page write
[  169.229377][T12952] loop4: detected capacity change from 0 to 128
[  169.236472][T12933] Buffer I/O error on dev loop5, logical block 103, lost async page write
[  169.246395][T12933] Buffer I/O error on dev loop5, logical block 104, lost async page write
[  169.255642][T12933] Buffer I/O error on dev loop5, logical block 107, lost async page write
[  169.264628][T12933] Buffer I/O error on dev loop5, logical block 108, lost async page write
[  169.289857][T12952] ext4 filesystem being mounted at /193/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.365749][T12972] loop0: detected capacity change from 0 to 512
[  169.373615][T12972] EXT4-fs (loop0): orphan cleanup on readonly fs
[  169.380382][T12972] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.3612: error while reading EA inode 32 err=-116
[  169.392853][T12972] EXT4-fs (loop0): Remounting filesystem read-only
[  169.399395][T12972] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  169.410170][T12972] EXT4-fs (loop0): 1 orphan inode deleted
[  169.505333][T12970] Set syz1 is full, maxelem 65536 reached
[  169.575180][T12992] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  169.584271][T12992] tipc: Disabling bearer <eth:syzkaller0>
[  169.592554][T12988] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  169.602387][T12988] SELinux: failed to load policy
[  169.713421][T13010] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3628'.
[  169.747763][T13014] loop5: detected capacity change from 0 to 512
[  169.755600][T13014] EXT4-fs (loop5): 1 truncate cleaned up
[  169.763301][T13014] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3630: bg 0: block 465: padding at end of block bitmap is not set
[  169.800656][T13018] loop5: detected capacity change from 0 to 512
[  169.812354][T13018] ext4 filesystem being mounted at /213/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.853844][T13028] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3635'.
[  169.867354][T13026] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  169.877244][T13026] SELinux: failed to load policy
[  169.877694][   T29] kauditd_printk_skb: 326 callbacks suppressed
[  169.877706][   T29] audit: type=1326 audit(1761220908.929:14161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13029 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19908efc9 code=0x7ffc0000
[  169.912420][   T29] audit: type=1326 audit(1761220908.939:14162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13029 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fc19908efc9 code=0x7ffc0000
[  169.936033][   T29] audit: type=1326 audit(1761220908.939:14163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13029 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19908efc9 code=0x7ffc0000
[  169.959825][   T29] audit: type=1326 audit(1761220908.939:14164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13029 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fc19908efc9 code=0x7ffc0000
[  169.983530][   T29] audit: type=1326 audit(1761220908.939:14165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13029 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19908efc9 code=0x7ffc0000
[  170.007242][   T29] audit: type=1326 audit(1761220908.939:14166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13029 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc19908efc9 code=0x7ffc0000
[  170.030735][   T29] audit: type=1326 audit(1761220908.939:14167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13029 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19908efc9 code=0x7ffc0000
[  170.054432][   T29] audit: type=1326 audit(1761220908.939:14168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13029 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7fc19908efc9 code=0x7ffc0000
[  170.077978][   T29] audit: type=1326 audit(1761220908.939:14169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13029 comm="syz.5.3636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19908efc9 code=0x7ffc0000
[  170.126163][T13039] loop6: detected capacity change from 0 to 512
[  170.132794][T13039] EXT4-fs: Ignoring removed bh option
[  170.148474][T13039] ext4 filesystem being mounted at /298/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  170.169653][T13048] loop3: detected capacity change from 0 to 128
[  170.213289][T13054] loop6: detected capacity change from 0 to 512
[  170.231212][T13054] ext4 filesystem being mounted at /299/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.277810][T13061] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3647'.
[  170.316049][   T29] audit: type=1326 audit(1761220909.359:14170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13067 comm="syz.5.3651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19908efc9 code=0x7ffc0000
[  170.317485][T13068] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3650'.
[  170.358634][T13069] netlink: 27 bytes leftover after parsing attributes in process `syz.5.3651'.
[  170.404913][T13075] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  170.425744][T13078] loop4: detected capacity change from 0 to 512
[  170.433613][T13078] EXT4-fs: Ignoring removed bh option
[  170.459096][T13078] ext4 filesystem being mounted at /200/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  170.500829][T13090] program syz.6.3660 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  170.514696][T13092] loop5: detected capacity change from 0 to 512
[  170.516912][T13094] loop0: detected capacity change from 0 to 128
[  170.529848][T13094] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.554496][T13092] ext4 filesystem being mounted at /222/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.569397][T13100] loop6: detected capacity change from 0 to 512
[  170.583281][T13100] ext4 filesystem being mounted at /304/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.598855][T13102] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13102 comm=syz.4.3665
[  170.632470][T13112] loop6: detected capacity change from 0 to 512
[  170.639360][T13112] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  170.650337][T13112] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  170.658376][T13112] System zones: 1-12
[  170.662756][T13112] EXT4-fs (loop6): 1 truncate cleaned up
[  170.704393][T13119] FAULT_INJECTION: forcing a failure.
[  170.704393][T13119] name failslab, interval 1, probability 0, space 0, times 0
[  170.717094][T13119] CPU: 1 UID: 0 PID: 13119 Comm: syz.0.3672 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  170.717121][T13119] Tainted: [W]=WARN
[  170.717128][T13119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  170.717139][T13119] Call Trace:
[  170.717198][T13119]  <TASK>
[  170.717206][T13119]  __dump_stack+0x1d/0x30
[  170.717224][T13119]  dump_stack_lvl+0xe8/0x140
[  170.717241][T13119]  dump_stack+0x15/0x1b
[  170.717256][T13119]  should_fail_ex+0x265/0x280
[  170.717364][T13119]  should_failslab+0x8c/0xb0
[  170.717389][T13119]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  170.717416][T13119]  ? __d_alloc+0x3d/0x340
[  170.717510][T13119]  __d_alloc+0x3d/0x340
[  170.717532][T13119]  ? mpol_shared_policy_init+0xbd/0x4c0
[  170.717551][T13119]  d_alloc_pseudo+0x1e/0x80
[  170.717614][T13119]  alloc_file_pseudo+0x71/0x160
[  170.717634][T13119]  __shmem_file_setup+0x1de/0x210
[  170.717656][T13119]  shmem_file_setup+0x3b/0x50
[  170.717675][T13119]  __se_sys_memfd_create+0x2c3/0x590
[  170.717700][T13119]  __x64_sys_memfd_create+0x31/0x40
[  170.717851][T13119]  x64_sys_call+0x2ac2/0x3000
[  170.717872][T13119]  do_syscall_64+0xd2/0x200
[  170.717915][T13119]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  170.717939][T13119]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  170.717968][T13119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.718065][T13119] RIP: 0033:0x7f0dab87efc9
[  170.718080][T13119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.718097][T13119] RSP: 002b:00007f0daa2e6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  170.718116][T13119] RAX: ffffffffffffffda RBX: 0000000000000483 RCX: 00007f0dab87efc9
[  170.718129][T13119] RDX: 00007f0daa2e6ef0 RSI: 0000000000000000 RDI: 00007f0dab902960
[  170.718142][T13119] RBP: 0000200000001040 R08: 00007f0daa2e6bb7 R09: 00007f0daa2e6e40
[  170.718153][T13119] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  170.718218][T13119] R13: 00007f0daa2e6ef0 R14: 00007f0daa2e6eb0 R15: 0000200000000680
[  170.718282][T13119]  </TASK>
[  170.926737][T13119] xt_hashlimit: max too large, truncated to 1048576
[  170.933515][T13121] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  170.933931][T13119] xt_CT: You must specify a L4 protocol and not use inversions on it
[  170.958312][T13119] netlink: 10 bytes leftover after parsing attributes in process `syz.0.3672'.
[  170.978968][T13123] program syz.5.3673 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  170.987000][T13125] loop4: detected capacity change from 0 to 512
[  170.995644][T13125] EXT4-fs: Ignoring removed oldalloc option
[  171.003765][T13125] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  171.017363][T13125] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2853: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  171.036365][T13125] EXT4-fs (loop4): 1 truncate cleaned up
[  171.053591][T13134] loop0: detected capacity change from 0 to 512
[  171.071441][T13134] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.151507][T13149] loop5: detected capacity change from 0 to 512
[  171.157997][T13149] EXT4-fs: Ignoring removed oldalloc option
[  171.165160][T13149] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  171.179392][T13149] EXT4-fs (loop5): 1 truncate cleaned up
[  171.209623][T13152] netlink: 'syz.0.3685': attribute type 1 has an invalid length.
[  171.222637][T13152] 8021q: adding VLAN 0 to HW filter on device bond1
[  171.234655][T13152] bond1 (unregistering): Released all slaves
[  171.415599][T13173] 8021q: adding VLAN 0 to HW filter on device bond0
[  171.423660][T13173] 8021q: adding VLAN 0 to HW filter on device team0
[  171.432404][T13173] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  171.478218][T13175] FAULT_INJECTION: forcing a failure.
[  171.478218][T13175] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.491446][T13175] CPU: 0 UID: 0 PID: 13175 Comm: syz.3.3696 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  171.491471][T13175] Tainted: [W]=WARN
[  171.491477][T13175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  171.491487][T13175] Call Trace:
[  171.491492][T13175]  <TASK>
[  171.491499][T13175]  __dump_stack+0x1d/0x30
[  171.491560][T13175]  dump_stack_lvl+0xe8/0x140
[  171.491578][T13175]  dump_stack+0x15/0x1b
[  171.491596][T13175]  should_fail_ex+0x265/0x280
[  171.491628][T13175]  should_fail+0xb/0x20
[  171.491644][T13175]  should_fail_usercopy+0x1a/0x20
[  171.491662][T13175]  _copy_to_user+0x20/0xa0
[  171.491685][T13175]  vcs_read+0x89f/0xa10
[  171.491704][T13175]  ? selinux_file_permission+0x1e4/0x320
[  171.491754][T13175]  ? __pfx_vcs_read+0x10/0x10
[  171.491773][T13175]  vfs_read+0x1a8/0x770
[  171.491796][T13175]  ? __rcu_read_unlock+0x4f/0x70
[  171.491866][T13175]  ? __fget_files+0x184/0x1c0
[  171.491894][T13175]  ksys_read+0xda/0x1a0
[  171.491915][T13175]  __x64_sys_read+0x40/0x50
[  171.491954][T13175]  x64_sys_call+0x27c0/0x3000
[  171.492045][T13175]  do_syscall_64+0xd2/0x200
[  171.492059][T13175]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  171.492085][T13175]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  171.492111][T13175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.492178][T13175] RIP: 0033:0x7f09fa29efc9
[  171.492245][T13175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.492262][T13175] RSP: 002b:00007f09f8cff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  171.492289][T13175] RAX: ffffffffffffffda RBX: 00007f09fa4f5fa0 RCX: 00007f09fa29efc9
[  171.492300][T13175] RDX: 00000000fffffdf7 RSI: 00002000000000c0 RDI: 0000000000000003
[  171.492311][T13175] RBP: 00007f09f8cff090 R08: 0000000000000000 R09: 0000000000000000
[  171.492321][T13175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.492333][T13175] R13: 00007f09fa4f6038 R14: 00007f09fa4f5fa0 R15: 00007ffc4d24cb18
[  171.492352][T13175]  </TASK>
[  171.637333][T13187] loop6: detected capacity change from 0 to 2048
[  171.746917][T13197] loop6: detected capacity change from 0 to 512
[  171.754297][T13197] EXT4-fs (loop6): orphan cleanup on readonly fs
[  171.761102][T13197] EXT4-fs error (device loop6): ext4_xattr_inode_iget:446: comm syz.6.3704: error while reading EA inode 32 err=-116
[  171.773589][T13197] EXT4-fs (loop6): Remounting filesystem read-only
[  171.780291][T13197] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  171.793266][T13197] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  171.803515][T13197] EXT4-fs (loop6): 1 orphan inode deleted
[  171.827539][T13200] loop6: detected capacity change from 0 to 128
[  171.835445][T13200] ext4 filesystem being mounted at /319/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.864873][T13203] loop6: detected capacity change from 0 to 512
[  171.871570][T13203] EXT4-fs (loop6): invalid first ino: 0
[  171.892395][T13205] loop6: detected capacity change from 0 to 512
[  171.901655][T13205] EXT4-fs (loop6): 1 orphan inode deleted
[  171.937864][T13210] loop6: detected capacity change from 0 to 512
[  171.946077][T13210] EXT4-fs warning (device loop6): ext4_xattr_inode_get:560: inode #11: comm syz.6.3709: EA inode hash validation failed
[  171.958790][T13210] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  171.971968][T13210] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #15: comm syz.6.3709: corrupted inode contents
[  171.984093][T13210] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #15: comm syz.6.3709: mark_inode_dirty error
[  171.995561][T13210] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #15: comm syz.6.3709: corrupted inode contents
[  172.007584][T13210] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2996: inode #15: comm syz.6.3709: mark_inode_dirty error
[  172.019717][T13210] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2999: inode #15: comm syz.6.3709: mark inode dirty (error -117)
[  172.032532][T13210] EXT4-fs warning (device loop6): ext4_evict_inode:274: xattr delete (err -117)
[  172.041846][T13210] EXT4-fs (loop6): 1 orphan inode deleted
[  172.052794][T13210] xt_hashlimit: max too large, truncated to 1048576
[  172.060110][T13210] xt_CT: You must specify a L4 protocol and not use inversions on it
[  172.073099][T13210] __nla_validate_parse: 2 callbacks suppressed
[  172.073112][T13210] netlink: 10 bytes leftover after parsing attributes in process `syz.6.3709'.
[  172.162008][T13217] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  172.171872][T13217] SELinux: failed to load policy
[  172.281373][T13226] loop6: detected capacity change from 0 to 512
[  172.286012][T13219] Set syz1 is full, maxelem 65536 reached
[  172.289163][T13226] EXT4-fs (loop6): 1 truncate cleaned up
[  172.304515][T13226] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3715: bg 0: block 465: padding at end of block bitmap is not set
[  172.332152][T13229] loop6: detected capacity change from 0 to 128
[  172.340048][T13229] ext4 filesystem being mounted at /327/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.367266][T13232] loop6: detected capacity change from 0 to 512
[  172.381244][T13232] ext4 filesystem being mounted at /328/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.476766][T13241] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3720'.
[  172.496410][T13243] loop3: detected capacity change from 0 to 128
[  172.504575][T13243] ext4 filesystem being mounted at /574/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.557196][T13250] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  172.566964][T13250] SELinux: failed to load policy
[  172.617928][T13254] loop3: detected capacity change from 0 to 512
[  172.647596][T13254] loop3: detected capacity change from 0 to 8192
[  172.690144][T13254]  loop3: p1 < > p2 < p5 p6 > p3 p4
[  172.695346][T13254] loop3: partition table partially beyond EOD, truncated
[  172.702412][T13254] loop3: p1 start 67108864 is beyond EOD, truncated
[  172.709376][T13254] loop3: p3 start 100859904 is beyond EOD, truncated
[  172.716051][T13254] loop3: p4 size 393216 extends beyond EOD, truncated
[  172.723252][T13254] loop3: p5 start 100859904 is beyond EOD, truncated
[  172.729961][T13254] loop3: p6 size 393216 extends beyond EOD, truncated
[  172.772418][T13258] loop3: detected capacity change from 0 to 128
[  172.780368][T13258] ext4 filesystem being mounted at /578/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.809660][T13261] loop3: detected capacity change from 0 to 512
[  172.820453][T13261] EXT4-fs (loop3): 1 orphan inode deleted
[  172.897241][T13276] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13276 comm=syz.3.3735
[  172.928865][T13276] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  172.938886][T13276] SELinux: failed to load policy
[  172.948238][T13278] loop0: detected capacity change from 0 to 512
[  172.956678][T13278] EXT4-fs warning (device loop0): ext4_xattr_inode_get:560: inode #11: comm syz.0.3736: EA inode hash validation failed
[  172.969551][T13278] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #15: comm syz.0.3736: corrupted inode contents
[  172.981776][T13278] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #15: comm syz.0.3736: mark_inode_dirty error
[  172.993376][T13278] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #15: comm syz.0.3736: corrupted inode contents
[  173.005539][T13278] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2996: inode #15: comm syz.0.3736: mark_inode_dirty error
[  173.017710][T13278] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2999: inode #15: comm syz.0.3736: mark inode dirty (error -117)
[  173.030362][T13278] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117)
[  173.039387][T13278] EXT4-fs (loop0): 1 orphan inode deleted
[  173.051303][T13278] netlink: 10 bytes leftover after parsing attributes in process `syz.0.3736'.
[  173.070526][T13283] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  173.089193][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  173.095375][ T3665] Bluetooth: hci0: command 0x1003 tx timeout
[  173.112530][T13289] loop4: detected capacity change from 0 to 512
[  173.119071][T13289] EXT4-fs: Ignoring removed bh option
[  173.120125][T13286] netlink: 'syz.3.3739': attribute type 12 has an invalid length.
[  173.126330][T13288] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13288 comm=syz.0.3738
[  173.167659][T13292] loop3: detected capacity change from 0 to 512
[  173.175524][T13292] EXT4-fs (loop3): orphan cleanup on readonly fs
[  173.175946][T13289] ext4 filesystem being mounted at /205/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  173.184529][T13292] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.3742: error while reading EA inode 32 err=-116
[  173.204727][T13292] EXT4-fs (loop3): Remounting filesystem read-only
[  173.211250][T13292] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  173.224306][T13292] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  173.234682][T13292] EXT4-fs (loop3): 1 orphan inode deleted
[  173.240578][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[  173.265304][ T3582] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  173.391157][T13298] Set syz1 is full, maxelem 65536 reached
[  173.408375][T13315] loop4: detected capacity change from 0 to 512
[  173.415106][T13315] EXT4-fs: Ignoring removed oldalloc option
[  173.424841][T13315] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  173.441766][T13315] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2853: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  173.456410][T13315] EXT4-fs (loop4): 1 truncate cleaned up
[  173.483311][T13326] loop6: detected capacity change from 0 to 512
[  173.490779][T13325] loop5: detected capacity change from 0 to 512
[  173.498563][T13326] EXT4-fs (loop6): 1 truncate cleaned up
[  173.509436][T13326] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3754: bg 0: block 465: padding at end of block bitmap is not set
[  173.556810][T13333] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3756'.
[  173.640724][T13343] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  173.644247][T13344] loop6: detected capacity change from 0 to 128
[  173.671469][T13325] loop5: detected capacity change from 0 to 512
[  173.677958][T13325] ext4: Unknown parameter 'permit_directio'
[  173.690974][T13346] loop3: detected capacity change from 0 to 512
[  173.701331][T13346] ext4 filesystem being mounted at /594/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.752687][T13352] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  173.761774][T13352] tipc: Disabling bearer <eth:syzkaller0>
[  173.815234][T13356] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  173.823461][T13356] tipc: Disabling bearer <eth:syzkaller0>
[  173.843340][T13358] loop3: detected capacity change from 0 to 512
[  173.850977][T13358] EXT4-fs (loop3): orphan cleanup on readonly fs
[  173.857665][T13358] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.3768: error while reading EA inode 32 err=-116
[  173.876299][T13358] EXT4-fs (loop3): Remounting filesystem read-only
[  173.882976][T13358] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  173.895943][T13358] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  173.906492][T13358] EXT4-fs (loop3): 1 orphan inode deleted
[  173.918068][T13364] loop5: detected capacity change from 0 to 512
[  173.929158][T13364] EXT4-fs: Ignoring removed bh option
[  173.954311][T13364] ext4 filesystem being mounted at /233/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  173.968790][T13373] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3773'.
[  173.972114][T13371] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  173.991997][T13371] tipc: Disabling bearer <eth:syzkaller0>
[  174.021525][T13377] loop0: detected capacity change from 0 to 2048
[  174.036034][T13382] netlink: 'syz.5.3777': attribute type 12 has an invalid length.
[  174.183357][   T31] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  174.199562][T13397] loop5: detected capacity change from 0 to 512
[  174.208847][T13397] EXT4-fs (loop5): orphan cleanup on readonly fs
[  174.227124][T13397] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.3784: error while reading EA inode 32 err=-116
[  174.246786][   T31] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  174.265230][T13397] EXT4-fs (loop5): Remounting filesystem read-only
[  174.271846][T13397] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  174.272968][T13401] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3785'.
[  174.291452][T13397] EXT4-fs (loop5): 1 orphan inode deleted
[  174.307772][T13406] loop0: detected capacity change from 0 to 512
[  174.330896][   T31] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  174.334414][T13413] loop6: detected capacity change from 0 to 512
[  174.353145][T13406] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.383756][   T31] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  174.396811][T13413] EXT4-fs (loop6): 1 orphan inode deleted
[  174.403290][T13419] loop5: detected capacity change from 0 to 512
[  174.438004][T13419] EXT4-fs (loop5): 1 orphan inode deleted
[  174.443359][T13427] netlink: 'syz.6.3791': attribute type 12 has an invalid length.
[  174.457284][T13394] chnl_net:caif_netlink_parms(): no params data found
[  174.519477][   T31] bridge_slave_1: left allmulticast mode
[  174.525174][   T31] bridge_slave_1: left promiscuous mode
[  174.530907][   T31] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.538760][   T31] bridge_slave_0: left allmulticast mode
[  174.544448][   T31] bridge_slave_0: left promiscuous mode
[  174.550160][   T31] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.558686][   T31] batman_adv: batadv0: Interface deactivated: vxlan0
[  174.598574][   T31] batman_adv: batadv0: Removing interface: vxlan0
[  174.608476][T13449] loop0: detected capacity change from 0 to 512
[  174.622320][T13449] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.667487][T13457] netlink: 'syz.0.3803': attribute type 12 has an invalid length.
[  174.681856][   T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  174.692199][   T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  174.703289][   T31] bond0 (unregistering): Released all slaves
[  174.712669][   T31] bond1 (unregistering): (slave veth3): Releasing active interface
[  174.721643][   T31] bond1 (unregistering): Released all slaves
[  174.729572][T13394] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.736716][T13394] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.743944][T13394] bridge_slave_0: entered allmulticast mode
[  174.750355][T13394] bridge_slave_0: entered promiscuous mode
[  174.761628][T13394] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.768756][T13394] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.776757][T13394] bridge_slave_1: entered allmulticast mode
[  174.783325][T13394] bridge_slave_1: entered promiscuous mode
[  174.789544][   T31] tipc: Left network mode
[  174.802131][T13394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  174.814268][   T31] hsr_slave_0: left promiscuous mode
[  174.820038][   T31] hsr_slave_1: left promiscuous mode
[  174.825561][   T31] batman_adv: batadv0: Removing interface: batadv_slave_0
[  174.833006][   T31] batman_adv: batadv0: Removing interface: batadv_slave_1
[  174.842125][   T31] veth0_vlan: left promiscuous mode
[  174.882769][T13466] loop6: detected capacity change from 0 to 512
[  174.889245][   T31] team0 (unregistering): Port device team_slave_1 removed
[  174.889411][T13466] EXT4-fs: Ignoring removed bh option
[  174.902100][   T31] team0 (unregistering): Port device team_slave_0 removed
[  174.913122][T13466] ext4 filesystem being mounted at /347/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  174.928042][   T31] team0 (unregistering): Port device dummy0 removed
[  174.947878][T13394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  174.992942][T13394] team0: Port device team_slave_0 added
[  175.005228][T13394] team0: Port device team_slave_1 added
[  175.024274][T13394] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.031363][T13394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  175.057296][T13394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.069459][T13394] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.076456][T13394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  175.102435][T13394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.128678][T13394] hsr_slave_0: entered promiscuous mode
[  175.134892][T13394] hsr_slave_1: entered promiscuous mode
[  175.140867][T13394] debugfs: 'hsr0' already exists in 'hsr'
[  175.146605][T13394] Cannot create hsr debugfs directory
[  175.174959][T13475] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  175.236363][T13478] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  175.273565][   T29] kauditd_printk_skb: 308 callbacks suppressed
[  175.273580][   T29] audit: type=1400 audit(1761220914.319:14479): avc:  denied  { getopt } for  pid=13479 comm="syz.6.3811" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  175.300638][T13480] infiniband syz1: set active
[  175.305305][T13480] infiniband syz1: added bond0
[  175.314489][T13480] RDS/IB: syz1: added
[  175.318460][T13480] smc: adding ib device syz1 with port count 1
[  175.325042][T13480] smc:    ib device syz1 port 1 has no pnetid
[  175.455013][T13484] loop6: detected capacity change from 0 to 512
[  175.479872][ T3582] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  175.496265][T13484] ext4 filesystem being mounted at /352/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.522428][T13488] loop4: detected capacity change from 0 to 512
[  175.536666][T13488] EXT4-fs (loop4): orphan cleanup on readonly fs
[  175.548281][T13488] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.3813: error while reading EA inode 32 err=-116
[  175.561354][T13488] EXT4-fs (loop4): Remounting filesystem read-only
[  175.567877][T13488] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  175.578268][T13488] EXT4-fs (loop4): 1 orphan inode deleted
[  175.612435][T13497] loop4: detected capacity change from 0 to 512
[  175.619096][T13497] EXT4-fs: Ignoring removed bh option
[  175.623279][T13499] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3818'.
[  175.633443][T13394] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  175.654855][T13394] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  175.660003][T13499] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  175.671771][T13499] SELinux: failed to load policy
[  175.672865][T13497] ext4 filesystem being mounted at /211/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  175.681941][T13394] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  175.705703][T13394] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  175.742951][T13517] loop6: detected capacity change from 0 to 512
[  175.772681][T13517] EXT4-fs: Ignoring removed oldalloc option
[  175.772891][T13519] loop5: detected capacity change from 0 to 512
[  175.779565][T13394] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.793376][T13517] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  175.798462][T13521] loop4: detected capacity change from 0 to 512
[  175.807511][T13394] 8021q: adding VLAN 0 to HW filter on device team0
[  175.819860][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.820995][T13517] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2853: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  175.826968][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.849153][T13517] EXT4-fs (loop6): 1 truncate cleaned up
[  175.850518][T13519] EXT4-fs (loop5): 1 orphan inode deleted
[  175.863997][T13521] ext4 filesystem being mounted at /213/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.864745][ T3441] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.881463][ T3441] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.897039][T11658] Bluetooth: hci0: Frame reassembly failed (-84)
[  175.925456][T13529] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  175.949603][T13394] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  175.960096][T13394] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  176.029374][T13540] loop0: detected capacity change from 0 to 512
[  176.029677][T13394] 8021q: adding VLAN 0 to HW filter on device batadv0
[  176.042155][T13540] EXT4-fs: Ignoring removed bh option
[  176.055997][T13546] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3832'.
[  176.066323][T13540] ext4 filesystem being mounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  176.091244][T13546] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  176.101537][T13546] SELinux: failed to load policy
[  176.140009][T13559] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3833'.
[  176.159002][T13394] veth0_vlan: entered promiscuous mode
[  176.171355][T13560] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3834'.
[  176.201673][T13394] veth1_vlan: entered promiscuous mode
[  176.212652][T13566] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  176.221688][T13566] tipc: Disabling bearer <eth:syzkaller0>
[  176.237644][T13394] veth0_macvtap: entered promiscuous mode
[  176.245620][T13394] veth1_macvtap: entered promiscuous mode
[  176.257675][T13569] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  176.276380][T13394] batman_adv: batadv0: Interface activated: batadv_slave_0
[  176.297304][T13394] batman_adv: batadv0: Interface activated: batadv_slave_1
[  176.320363][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  176.329206][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  176.341054][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  176.352348][T13572] loop0: detected capacity change from 0 to 2048
[  176.368936][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.398977][T13580] loop4: detected capacity change from 0 to 512
[  176.419859][T13572] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #12: comm syz.0.3840: corrupted in-inode xattr: invalid size in ea xattr
[  176.434054][T13583] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  176.434073][T13583] SELinux: failed to load policy
[  176.450498][   T29] audit: type=1326 audit(1761220915.499:14480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13570 comm="syz.0.3840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dab87efc9 code=0x7ffc0000
[  176.455196][T13580] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.474271][   T29] audit: type=1326 audit(1761220915.529:14481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13570 comm="syz.0.3840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dab87efc9 code=0x7ffc0000
[  176.508934][   T29] audit: type=1326 audit(1761220915.559:14482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13570 comm="syz.0.3840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0dab87efc9 code=0x7ffc0000
[  176.532509][   T29] audit: type=1326 audit(1761220915.559:14483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13570 comm="syz.0.3840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dab87efc9 code=0x7ffc0000
[  176.542730][T13572] FAULT_INJECTION: forcing a failure.
[  176.542730][T13572] name failslab, interval 1, probability 0, space 0, times 0
[  176.556088][   T29] audit: type=1326 audit(1761220915.559:14484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13570 comm="syz.0.3840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dab87efc9 code=0x7ffc0000
[  176.568636][T13572] CPU: 1 UID: 0 PID: 13572 Comm: syz.0.3840 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  176.568700][T13572] Tainted: [W]=WARN
[  176.568706][T13572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  176.568716][T13572] Call Trace:
[  176.568721][T13572]  <TASK>
[  176.568728][T13572]  __dump_stack+0x1d/0x30
[  176.568749][T13572]  dump_stack_lvl+0xe8/0x140
[  176.568766][T13572]  dump_stack+0x15/0x1b
[  176.568783][T13572]  should_fail_ex+0x265/0x280
[  176.568862][T13572]  ? audit_log_d_path+0x8d/0x150
[  176.568883][T13572]  should_failslab+0x8c/0xb0
[  176.568909][T13572]  __kmalloc_cache_noprof+0x4c/0x4a0
[  176.568979][T13572]  audit_log_d_path+0x8d/0x150
[  176.568998][T13572]  audit_log_d_path_exe+0x42/0x70
[  176.569019][T13572]  audit_log_task+0x1e9/0x250
[  176.569075][T13572]  ? kstrtouint+0x76/0xc0
[  176.569102][T13572]  audit_seccomp+0x61/0x100
[  176.569186][T13572]  ? __seccomp_filter+0x82d/0x1250
[  176.569210][T13572]  __seccomp_filter+0x83e/0x1250
[  176.569235][T13572]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  176.569310][T13572]  ? vfs_write+0x7e8/0x960
[  176.569331][T13572]  ? __rcu_read_unlock+0x4f/0x70
[  176.569354][T13572]  ? __fget_files+0x184/0x1c0
[  176.569380][T13572]  __secure_computing+0x82/0x150
[  176.569409][T13572]  syscall_trace_enter+0xcf/0x1e0
[  176.569434][T13572]  do_syscall_64+0xac/0x200
[  176.569470][T13572]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  176.569494][T13572]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  176.569520][T13572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.569540][T13572] RIP: 0033:0x7f0dab87efc9
[  176.569570][T13572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.569587][T13572] RSP: 002b:00007f0daa2e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  176.569605][T13572] RAX: ffffffffffffffda RBX: 00007f0dabad5fa0 RCX: 00007f0dab87efc9
[  176.569679][T13572] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000009
[  176.569692][T13572] RBP: 00007f0daa2e7090 R08: 0000000000000000 R09: 0000000000000000
[  176.569703][T13572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.569715][T13572] R13: 00007f0dabad6038 R14: 00007f0dabad5fa0 R15: 00007ffdb8658038
[  176.569732][T13572]  </TASK>
[  176.594314][T13597] loop3: detected capacity change from 0 to 1024
[  176.609082][   T29] audit: type=1326 audit(1761220915.589:14485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13570 comm="syz.0.3840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f0dab87efc9 code=0x7ffc0000
[  176.847279][   T29] audit: type=1326 audit(1761220915.589:14486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13570 comm="syz.0.3840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dab87efc9 code=0x7ffc0000
[  176.870869][   T29] audit: type=1326 audit(1761220915.589:14487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13570 comm="syz.0.3840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0dab87efc9 code=0x7ffc0000
[  176.894570][   T29] audit: type=1326 audit(1761220915.589:14488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13570 comm="syz.0.3840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dab87efc9 code=0x7ffc0000
[  176.963716][T13608] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  176.982130][T13608] tipc: Disabling bearer <eth:syzkaller0>
[  177.012910][T13620] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13620 comm=syz.5.3856
[  177.031512][T13622] loop4: detected capacity change from 0 to 512
[  177.039233][T13622] EXT4-fs (loop4): orphan cleanup on readonly fs
[  177.046160][T13622] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.3857: error while reading EA inode 32 err=-116
[  177.063662][T13622] EXT4-fs (loop4): Remounting filesystem read-only
[  177.070249][T13622] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  177.083317][T13622] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  177.093514][T13622] EXT4-fs (loop4): 1 orphan inode deleted
[  177.134295][T13637] loop4: detected capacity change from 0 to 128
[  177.150808][T13637] ext4 filesystem being mounted at /223/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.183170][T13646] loop5: detected capacity change from 0 to 512
[  177.210618][T13652] loop3: detected capacity change from 0 to 128
[  177.212018][T13646] ext4 filesystem being mounted at /261/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.234168][T13652] bio_check_eod: 110 callbacks suppressed
[  177.234180][T13652] syz.3.3871: attempt to access beyond end of device
[  177.234180][T13652] loop3: rw=2049, sector=138, nr_sectors = 8 limit=128
[  177.254699][T13652] syz.3.3871: attempt to access beyond end of device
[  177.254699][T13652] loop3: rw=2049, sector=146, nr_sectors = 6 limit=128
[  177.269104][T13652] syz.3.3871: attempt to access beyond end of device
[  177.269104][T13652] loop3: rw=2049, sector=150, nr_sectors = 2 limit=128
[  177.282519][T13652] buffer_io_error: 68 callbacks suppressed
[  177.282531][T13652] Buffer I/O error on dev loop3, logical block 75, lost async page write
[  177.291179][T13657] __nla_validate_parse: 2 callbacks suppressed
[  177.291193][T13657] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3872'.
[  177.298823][T13652] syz.3.3871: attempt to access beyond end of device
[  177.298823][T13652] loop3: rw=2049, sector=152, nr_sectors = 2 limit=128
[  177.325285][T13652] Buffer I/O error on dev loop3, logical block 76, lost async page write
[  177.345942][T13652] syz.3.3871: attempt to access beyond end of device
[  177.345942][T13652] loop3: rw=2049, sector=170, nr_sectors = 6 limit=128
[  177.360047][T13652] syz.3.3871: attempt to access beyond end of device
[  177.360047][T13652] loop3: rw=2049, sector=174, nr_sectors = 2 limit=128
[  177.373498][T13652] Buffer I/O error on dev loop3, logical block 87, lost async page write
[  177.383150][T13652] syz.3.3871: attempt to access beyond end of device
[  177.383150][T13652] loop3: rw=2049, sector=176, nr_sectors = 2 limit=128
[  177.396635][T13652] Buffer I/O error on dev loop3, logical block 88, lost async page write
[  177.405436][T13652] syz.3.3871: attempt to access beyond end of device
[  177.405436][T13652] loop3: rw=2049, sector=178, nr_sectors = 6 limit=128
[  177.422806][T13652] syz.3.3871: attempt to access beyond end of device
[  177.422806][T13652] loop3: rw=2049, sector=182, nr_sectors = 2 limit=128
[  177.436263][T13652] Buffer I/O error on dev loop3, logical block 91, lost async page write
[  177.444870][T13652] syz.3.3871: attempt to access beyond end of device
[  177.444870][T13652] loop3: rw=2049, sector=184, nr_sectors = 2 limit=128
[  177.458362][T13652] Buffer I/O error on dev loop3, logical block 92, lost async page write
[  177.467308][T13652] Buffer I/O error on dev loop3, logical block 103, lost async page write
[  177.475922][T13652] Buffer I/O error on dev loop3, logical block 104, lost async page write
[  177.476897][T13666] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3876'.
[  177.485286][T13652] Buffer I/O error on dev loop3, logical block 107, lost async page write
[  177.502097][T13652] Buffer I/O error on dev loop3, logical block 108, lost async page write
[  177.519146][T13670] netlink: 'syz.4.3878': attribute type 12 has an invalid length.
[  177.558380][T13676] loop5: detected capacity change from 0 to 128
[  177.567521][T13676] ext4 filesystem being mounted at /265/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.599212][T13682] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3883'.
[  177.621529][T13684] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3884'.
[  177.649083][T13688] loop4: detected capacity change from 0 to 512
[  177.659847][T13688] EXT4-fs: Ignoring removed bh option
[  177.684116][T13688] ext4 filesystem being mounted at /233/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  177.694825][T13695] loop3: detected capacity change from 0 to 512
[  177.707835][T13695] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  177.726939][T13695] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  177.734995][T13695] System zones: 1-12
[  177.740083][T13695] EXT4-fs (loop3): 1 truncate cleaned up
[  177.800459][T13705] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  177.873591][T13712] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3896'.
[  177.962292][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  177.995622][T13728] loop6: detected capacity change from 0 to 1024
[  178.010126][T13728] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  178.050459][T13729] loop5: detected capacity change from 0 to 512
[  178.080211][T13729] EXT4-fs: Ignoring removed bh option
[  178.111529][T13725] Set syz1 is full, maxelem 65536 reached
[  178.114938][T13729] ext4 filesystem being mounted at /273/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  178.140515][T13740] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3908'.
[  178.247468][T13751] loop3: detected capacity change from 0 to 512
[  178.257655][T13751] EXT4-fs: Ignoring removed oldalloc option
[  178.270162][T13751] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  178.300035][T13752] loop0: detected capacity change from 0 to 128
[  178.307343][T13751] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  178.331281][T13751] EXT4-fs (loop3): 1 truncate cleaned up
[  178.359991][T13755] bridge0: port 3(batadv1) entered blocking state
[  178.366520][T13755] bridge0: port 3(batadv1) entered disabled state
[  178.374027][T13755] batadv1: entered allmulticast mode
[  178.399108][T13755] batadv1: entered promiscuous mode
[  178.515621][T13764] syz1: rxe_newlink: already configured on bond0
[  178.557889][T13768] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3920'.
[  178.630004][T13770] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  178.817600][T13780] loop6: detected capacity change from 0 to 512
[  178.830724][T13780] EXT4-fs (loop6): too many log groups per flexible block group
[  178.838477][T13780] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  178.845751][T13780] EXT4-fs (loop6): mount failed
[  178.850691][   T42] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  178.859926][   T42] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  178.930114][T13786] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3927'.
[  178.956576][T13788] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  178.964926][T13788] tipc: Disabling bearer <eth:syzkaller0>
[  179.012702][T13793] netlink: 'syz.6.3930': attribute type 2 has an invalid length.
[  179.038741][T13793] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3930'.
[  179.064626][T13795] loop4: detected capacity change from 0 to 512
[  179.090406][T13795] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  179.130273][T13795] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  179.143226][T13797] geneve2: entered promiscuous mode
[  179.148436][T13797] geneve2: entered allmulticast mode
[  179.155527][T13795] System zones: 1-12
[  179.170229][T13795] EXT4-fs (loop4): 1 truncate cleaned up
[  179.352840][T13816] FAULT_INJECTION: forcing a failure.
[  179.352840][T13816] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.365960][T13816] CPU: 0 UID: 0 PID: 13816 Comm: syz.0.3937 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  179.365990][T13816] Tainted: [W]=WARN
[  179.365995][T13816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  179.366005][T13816] Call Trace:
[  179.366011][T13816]  <TASK>
[  179.366073][T13816]  __dump_stack+0x1d/0x30
[  179.366095][T13816]  dump_stack_lvl+0xe8/0x140
[  179.366114][T13816]  dump_stack+0x15/0x1b
[  179.366157][T13816]  should_fail_ex+0x265/0x280
[  179.366184][T13816]  should_fail+0xb/0x20
[  179.366199][T13816]  should_fail_usercopy+0x1a/0x20
[  179.366219][T13816]  _copy_from_user+0x1c/0xb0
[  179.366239][T13816]  ___sys_sendmsg+0xc1/0x1d0
[  179.366334][T13816]  __x64_sys_sendmsg+0xd4/0x160
[  179.366365][T13816]  x64_sys_call+0x191e/0x3000
[  179.366384][T13816]  do_syscall_64+0xd2/0x200
[  179.366401][T13816]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  179.366505][T13816]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  179.366529][T13816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.366606][T13816] RIP: 0033:0x7f0dab87efc9
[  179.366621][T13816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.366637][T13816] RSP: 002b:00007f0daa2e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  179.366653][T13816] RAX: ffffffffffffffda RBX: 00007f0dabad5fa0 RCX: 00007f0dab87efc9
[  179.366728][T13816] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 000000000000000a
[  179.366740][T13816] RBP: 00007f0daa2e7090 R08: 0000000000000000 R09: 0000000000000000
[  179.366757][T13816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.366769][T13816] R13: 00007f0dabad6038 R14: 00007f0dabad5fa0 R15: 00007ffdb8658038
[  179.366787][T13816]  </TASK>
[  179.492532][T13812] Set syz1 is full, maxelem 65536 reached
[  179.551802][T13819] lo speed is unknown, defaulting to 1000
[  179.558476][T13819] lo speed is unknown, defaulting to 1000
[  179.567141][T13819] lo speed is unknown, defaulting to 1000
[  179.578033][T13821] loop5: detected capacity change from 0 to 128
[  179.583923][T13819] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  179.598324][T13819] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  179.622029][T13819] lo speed is unknown, defaulting to 1000
[  179.629040][T13819] lo speed is unknown, defaulting to 1000
[  179.635156][T13819] lo speed is unknown, defaulting to 1000
[  179.641229][T13819] lo speed is unknown, defaulting to 1000
[  179.647198][T13819] lo speed is unknown, defaulting to 1000
[  179.670910][T13828] netlink: 'syz.0.3942': attribute type 12 has an invalid length.
[  179.721044][T13835] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3944'.
[  179.751596][T13835] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  179.761403][T13835] SELinux: failed to load policy
[  179.807998][T13842] loop0: detected capacity change from 0 to 512
[  179.821700][T13842] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.875864][T13852] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13852 comm=syz.5.3949
[  179.966848][T13855] batadv_slave_1: entered promiscuous mode
[  179.973091][T13857] program syz.4.3952 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  179.984075][T13855] batman_adv: batadv0: Adding interface: macvlan2
[  179.990528][T13855] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  180.016032][T13855] batman_adv: batadv0: Interface activated: macvlan2
[  180.059753][T13860] netlink: 'syz.0.3953': attribute type 12 has an invalid length.
[  180.085704][T13864] program syz.0.3954 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  180.108100][T13866] loop4: detected capacity change from 0 to 128
[  180.115931][T13866] ext4 filesystem being mounted at /250/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.158664][T13871] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  180.182534][T13873] loop6: detected capacity change from 0 to 512
[  180.202580][T13873] ext4 filesystem being mounted at /371/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.286499][T13886] netlink: 'syz.4.3964': attribute type 12 has an invalid length.
[  180.330761][T13892] loop6: detected capacity change from 0 to 512
[  180.337485][T13892] EXT4-fs: Ignoring removed bh option
[  180.352304][T13892] ext4 filesystem being mounted at /373/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  180.362664][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  180.368756][ T3582] Bluetooth: hci0: command 0x1003 tx timeout
[  180.380949][   T29] kauditd_printk_skb: 383 callbacks suppressed
[  180.381034][   T29] audit: type=1400 audit(1761220919.429:14872): avc:  denied  { read write } for  pid=13889 comm="syz.4.3966" name="event3" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  180.411023][   T29] audit: type=1400 audit(1761220919.429:14873): avc:  denied  { open } for  pid=13889 comm="syz.4.3966" path="/dev/input/event3" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  180.440842][T13899] program syz.0.3968 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  180.459130][   T29] audit: type=1326 audit(1761220919.499:14874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13900 comm="syz.3.3969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80d81efc9 code=0x7ffc0000
[  180.482857][   T29] audit: type=1326 audit(1761220919.499:14875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13900 comm="syz.3.3969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80d81efc9 code=0x7ffc0000
[  180.506487][   T29] audit: type=1326 audit(1761220919.499:14876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13900 comm="syz.3.3969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fd80d81efc9 code=0x7ffc0000
[  180.534074][   T29] audit: type=1326 audit(1761220919.499:14877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13900 comm="syz.3.3969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80d81efc9 code=0x7ffc0000
[  180.557775][   T29] audit: type=1326 audit(1761220919.499:14878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13900 comm="syz.3.3969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd80d81efc9 code=0x7ffc0000
[  180.558392][T13906] loop4: detected capacity change from 0 to 1024
[  180.581309][   T29] audit: type=1326 audit(1761220919.499:14879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13900 comm="syz.3.3969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80d81efc9 code=0x7ffc0000
[  180.581334][   T29] audit: type=1326 audit(1761220919.499:14880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13900 comm="syz.3.3969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd80d81efc9 code=0x7ffc0000
[  180.581355][   T29] audit: type=1326 audit(1761220919.499:14881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13900 comm="syz.3.3969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd80d81efc9 code=0x7ffc0000
[  180.588220][T13906] EXT4-fs: Ignoring removed nomblk_io_submit option
[  180.780877][T13925] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13925 comm=syz.5.3979
[  180.808756][T13928] loop6: detected capacity change from 0 to 512
[  180.824777][T13928] EXT4-fs (loop6): 1 truncate cleaned up
[  180.833771][T13928] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.3980: bg 0: block 465: padding at end of block bitmap is not set
[  180.868335][T13937] FAULT_INJECTION: forcing a failure.
[  180.868335][T13937] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  180.881496][T13937] CPU: 1 UID: 0 PID: 13937 Comm: syz.0.3981 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  180.881525][T13937] Tainted: [W]=WARN
[  180.881530][T13937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  180.881549][T13937] Call Trace:
[  180.881556][T13937]  <TASK>
[  180.881563][T13937]  __dump_stack+0x1d/0x30
[  180.881572][T13936] loop5: detected capacity change from 0 to 512
[  180.881586][T13937]  dump_stack_lvl+0xe8/0x140
[  180.881643][T13937]  dump_stack+0x15/0x1b
[  180.881660][T13937]  should_fail_ex+0x265/0x280
[  180.881691][T13937]  should_fail+0xb/0x20
[  180.881707][T13937]  should_fail_usercopy+0x1a/0x20
[  180.881726][T13937]  _copy_to_user+0x20/0xa0
[  180.881805][T13937]  simple_read_from_buffer+0xb5/0x130
[  180.881828][T13937]  proc_fail_nth_read+0x10e/0x150
[  180.881872][T13937]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  180.881898][T13937]  vfs_read+0x1a8/0x770
[  180.881918][T13937]  ? __rcu_read_unlock+0x4f/0x70
[  180.881978][T13937]  ? __fget_files+0x184/0x1c0
[  180.882063][T13937]  ksys_read+0xda/0x1a0
[  180.882086][T13937]  __x64_sys_read+0x40/0x50
[  180.882125][T13937]  x64_sys_call+0x27c0/0x3000
[  180.882145][T13937]  do_syscall_64+0xd2/0x200
[  180.882169][T13937]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  180.882194][T13937]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  180.882266][T13937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.882285][T13937] RIP: 0033:0x7f0dab87d9dc
[  180.882299][T13937] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  180.882316][T13937] RSP: 002b:00007f0daa2c6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  180.882334][T13937] RAX: ffffffffffffffda RBX: 00007f0dabad6090 RCX: 00007f0dab87d9dc
[  180.882346][T13937] RDX: 000000000000000f RSI: 00007f0daa2c60a0 RDI: 0000000000000006
[  180.882358][T13937] RBP: 00007f0daa2c6090 R08: 0000000000000000 R09: 0000000000000000
[  180.882370][T13937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.882433][T13937] R13: 00007f0dabad6128 R14: 00007f0dabad6090 R15: 00007ffdb8658038
[  180.882450][T13937]  </TASK>
[  180.976955][T13946] rdma_rxe: rxe_newlink: failed to add bond0
[  181.007585][T13936] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  181.111071][T13936] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  181.119059][T13936] System zones: 1-12
[  181.123329][T13936] EXT4-fs (loop5): 1 truncate cleaned up
[  181.153428][T13955] loop3: detected capacity change from 0 to 512
[  181.170182][T13955] EXT4-fs (loop3): 1 orphan inode deleted
[  181.380267][T13982] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  181.469068][T13996] loop6: detected capacity change from 0 to 512
[  181.689359][T14003] loop6: detected capacity change from 0 to 512
[  181.695802][T14003] ext4: Unknown parameter 'permit_directio'
[  181.779563][T13992] Set syz1 is full, maxelem 65536 reached
[  181.803008][T14006] FAULT_INJECTION: forcing a failure.
[  181.803008][T14006] name failslab, interval 1, probability 0, space 0, times 0
[  181.815657][T14006] CPU: 1 UID: 0 PID: 14006 Comm: syz.0.4008 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  181.815685][T14006] Tainted: [W]=WARN
[  181.815690][T14006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  181.815699][T14006] Call Trace:
[  181.815705][T14006]  <TASK>
[  181.815712][T14006]  __dump_stack+0x1d/0x30
[  181.815730][T14006]  dump_stack_lvl+0xe8/0x140
[  181.815749][T14006]  dump_stack+0x15/0x1b
[  181.815765][T14006]  should_fail_ex+0x265/0x280
[  181.815790][T14006]  should_failslab+0x8c/0xb0
[  181.815812][T14006]  kmem_cache_alloc_noprof+0x50/0x480
[  181.815833][T14006]  ? vm_area_dup+0x33/0x2c0
[  181.815856][T14006]  ? xas_load+0x413/0x430
[  181.815880][T14006]  vm_area_dup+0x33/0x2c0
[  181.815904][T14006]  __split_vma+0xe9/0x650
[  181.815923][T14006]  ? __account_obj_stock+0x211/0x350
[  181.815946][T14006]  vms_gather_munmap_vmas+0x17a/0x7b0
[  181.815969][T14006]  ? mas_find+0x608/0x700
[  181.815985][T14006]  mmap_region+0x52b/0x1620
[  181.816005][T14006]  ? selinux_file_open+0x2df/0x330
[  181.816027][T14006]  ? __rcu_read_unlock+0x4f/0x70
[  181.816048][T14006]  ? mntput_no_expire+0x6f/0x440
[  181.816077][T14006]  do_mmap+0x9b3/0xbe0
[  181.816096][T14006]  __se_sys_remap_file_pages+0x537/0x5e0
[  181.816121][T14006]  ? fput+0x8f/0xc0
[  181.816139][T14006]  __x64_sys_remap_file_pages+0x67/0x80
[  181.816159][T14006]  x64_sys_call+0x23b3/0x3000
[  181.816177][T14006]  do_syscall_64+0xd2/0x200
[  181.816192][T14006]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  181.816215][T14006]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  181.816247][T14006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.816264][T14006] RIP: 0033:0x7f0dab87efc9
[  181.816279][T14006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.816295][T14006] RSP: 002b:00007f0daa2e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  181.816312][T14006] RAX: ffffffffffffffda RBX: 00007f0dabad5fa0 RCX: 00007f0dab87efc9
[  181.816325][T14006] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000800000
[  181.816337][T14006] RBP: 00007f0daa2e7090 R08: 0000000000000000 R09: 0000000000000000
[  181.816348][T14006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.816360][T14006] R13: 00007f0dabad6038 R14: 00007f0dabad5fa0 R15: 00007ffdb8658038
[  181.816376][T14006]  </TASK>
[  181.817060][T13999] Set syz1 is full, maxelem 65536 reached
[  181.836053][T14008] loop0: detected capacity change from 0 to 512
[  182.062000][T14008] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  182.073433][T14008] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  182.081580][T14008] System zones: 1-12
[  182.085890][T14008] EXT4-fs (loop0): 1 truncate cleaned up
[  182.365600][T14025] loop9: detected capacity change from 0 to 7
[  182.371926][T14025] buffer_io_error: 42 callbacks suppressed
[  182.371959][T14025] Buffer I/O error on dev loop9, logical block 0, async page read
[  182.385885][T14025] Buffer I/O error on dev loop9, logical block 0, async page read
[  182.393833][T14025]  loop9: unable to read partition table
[  182.400822][T14025] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  182.400822][T14025] 
) failed (rc=-5)
[  182.430799][T14032] __nla_validate_parse: 3 callbacks suppressed
[  182.430815][T14032] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4018'.
[  182.446487][T14034] FAULT_INJECTION: forcing a failure.
[  182.446487][T14034] name failslab, interval 1, probability 0, space 0, times 0
[  182.459246][T14034] CPU: 0 UID: 0 PID: 14034 Comm: syz.3.4019 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  182.459274][T14034] Tainted: [W]=WARN
[  182.459279][T14034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  182.459367][T14034] Call Trace:
[  182.459373][T14034]  <TASK>
[  182.459380][T14034]  __dump_stack+0x1d/0x30
[  182.459398][T14034]  dump_stack_lvl+0xe8/0x140
[  182.459484][T14034]  dump_stack+0x15/0x1b
[  182.459493][T14034]  should_fail_ex+0x265/0x280
[  182.459512][T14034]  should_failslab+0x8c/0xb0
[  182.459552][T14034]  kmem_cache_alloc_noprof+0x50/0x480
[  182.459568][T14034]  ? getname_flags+0x80/0x3b0
[  182.459583][T14034]  ? kstrtouint+0x76/0xc0
[  182.459717][T14034]  getname_flags+0x80/0x3b0
[  182.459732][T14034]  user_path_at+0x28/0x130
[  182.459823][T14034]  user_statfs+0x4d/0x110
[  182.459851][T14034]  __x64_sys_statfs+0x65/0xf0
[  182.459870][T14034]  ? fput+0x8f/0xc0
[  182.459884][T14034]  ? ksys_write+0x192/0x1a0
[  182.459907][T14034]  x64_sys_call+0x2a07/0x3000
[  182.459987][T14034]  do_syscall_64+0xd2/0x200
[  182.459997][T14034]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  182.460012][T14034]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  182.460035][T14034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.460047][T14034] RIP: 0033:0x7fd80d81efc9
[  182.460056][T14034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.460127][T14034] RSP: 002b:00007fd80c27f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000089
[  182.460139][T14034] RAX: ffffffffffffffda RBX: 00007fd80da75fa0 RCX: 00007fd80d81efc9
[  182.460213][T14034] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000002000
[  182.460220][T14034] RBP: 00007fd80c27f090 R08: 0000000000000000 R09: 0000000000000000
[  182.460227][T14034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.460234][T14034] R13: 00007fd80da76038 R14: 00007fd80da75fa0 R15: 00007ffd1558d398
[  182.460254][T14034]  </TASK>
[  182.674199][T14043] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4020'.
[  182.674642][T14041] loop3: detected capacity change from 0 to 512
[  182.686480][T14043] loop0: detected capacity change from 0 to 512
[  182.690469][T14041] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  182.706909][T14041] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  182.714970][T14041] System zones: 1-12
[  182.725091][T14041] EXT4-fs (loop3): 1 truncate cleaned up
[  182.731840][T14035] uprobe: syz.6.4018:14035 failed to unregister, leaking uprobe
[  182.770962][T14050] loop5: detected capacity change from 0 to 512
[  182.782503][T14052] loop0: detected capacity change from 0 to 512
[  182.791147][T14052] EXT4-fs (loop0): 1 orphan inode deleted
[  182.956259][T14057] loop5: detected capacity change from 0 to 512
[  182.963097][T14057] ext4: Unknown parameter 'permit_directio'
[  182.972978][T14074] vhci_hcd: invalid port number 10
[  182.978153][T14074] vhci_hcd: default hub control req: 2317 v0004 i000a l0
[  182.986767][T14074] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4032'.
[  183.026787][T14084] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4034'.
[  183.037208][T14088] vhci_hcd: invalid port number 10
[  183.042378][T14088] vhci_hcd: default hub control req: 2317 v0004 i000a l0
[  183.077303][T14091] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4034'.
[  183.111187][T14093] program syz.0.4035 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  183.164710][T14097] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4037'.
[  183.255825][T14099] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4038'.
[  183.282687][T14104] loop0: detected capacity change from 0 to 512
[  183.289556][T14104] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  183.303906][T14104] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  183.305832][T14097] program syz.3.4037 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  183.329295][T14097] program syz.3.4037 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  183.332462][T14104] System zones: 1-12
[  183.365846][T14104] EXT4-fs (loop0): 1 truncate cleaned up
[  183.434872][T14116] loop3: detected capacity change from 0 to 512
[  183.448182][T14116] EXT4-fs (loop3): orphan cleanup on readonly fs
[  183.455736][T14116] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.4046: error while reading EA inode 32 err=-116
[  183.468472][T14116] EXT4-fs (loop3): Remounting filesystem read-only
[  183.475057][T14116] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  183.488082][T14116] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  183.498491][T14116] EXT4-fs (loop3): 1 orphan inode deleted
[  183.531555][T14125] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4050'.
[  183.539281][T14128] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4051'.
[  183.548241][T14124] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4049'.
[  183.577984][T14132] loop0: detected capacity change from 0 to 512
[  183.586359][T14132] EXT4-fs: Ignoring removed oldalloc option
[  183.594131][T14132] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  183.617398][T14132] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2853: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  183.644868][T14132] EXT4-fs (loop0): 1 truncate cleaned up
[  183.659658][  T311] Bluetooth: hci0: Frame reassembly failed (-84)
[  183.763766][T14155] @: renamed from vlan0 (while UP)
[  183.782999][T14157] sch_tbf: peakrate 7 is lower than or equals to rate 7 !
[  183.795816][T14157] loop4: detected capacity change from 0 to 1024
[  183.814788][T14157] EXT4-fs error (device loop4): ext4_lookup:1787: comm syz.4.4063: inode #12: comm syz.4.4063: iget: illegal inode #
[  183.827343][T14157] EXT4-fs (loop4): Remounting filesystem read-only
[  183.827384][T14165] loop3: detected capacity change from 0 to 512
[  183.921322][T14175] can0: slcan on ttyS3.
[  183.947764][T14178] loop4: detected capacity change from 0 to 512
[  183.955322][T14178] EXT4-fs (loop4): orphan cleanup on readonly fs
[  183.963335][T14178] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.4072: error while reading EA inode 32 err=-116
[  183.976189][T14178] EXT4-fs (loop4): Remounting filesystem read-only
[  183.983091][T14174] can0 (unregistered): slcan off ttyS3.
[  183.993720][T14178] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  184.006752][T14178] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  184.040192][T14178] EXT4-fs (loop4): 1 orphan inode deleted
[  184.097778][T14187] FAULT_INJECTION: forcing a failure.
[  184.097778][T14187] name failslab, interval 1, probability 0, space 0, times 0
[  184.110464][T14187] CPU: 0 UID: 0 PID: 14187 Comm: syz.5.4076 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  184.110568][T14187] Tainted: [W]=WARN
[  184.110574][T14187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  184.110589][T14187] Call Trace:
[  184.110598][T14187]  <TASK>
[  184.110604][T14187]  __dump_stack+0x1d/0x30
[  184.110622][T14187]  dump_stack_lvl+0xe8/0x140
[  184.110638][T14187]  dump_stack+0x15/0x1b
[  184.110691][T14187]  should_fail_ex+0x265/0x280
[  184.110718][T14187]  should_failslab+0x8c/0xb0
[  184.110834][T14187]  kmem_cache_alloc_noprof+0x50/0x480
[  184.110932][T14187]  ? alloc_empty_file+0x76/0x200
[  184.110959][T14187]  alloc_empty_file+0x76/0x200
[  184.110982][T14187]  alloc_file_pseudo+0xc6/0x160
[  184.111060][T14187]  hugetlb_file_setup+0x2a6/0x3d0
[  184.111106][T14187]  ksys_mmap_pgoff+0x157/0x310
[  184.111135][T14187]  x64_sys_call+0x14a3/0x3000
[  184.111157][T14187]  do_syscall_64+0xd2/0x200
[  184.111174][T14187]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  184.111248][T14187]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  184.111275][T14187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.111347][T14187] RIP: 0033:0x7fc19908efc9
[  184.111361][T14187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.111375][T14187] RSP: 002b:00007fc197aef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  184.111393][T14187] RAX: ffffffffffffffda RBX: 00007fc1992e5fa0 RCX: 00007fc19908efc9
[  184.111406][T14187] RDX: 0000000000000002 RSI: 0000000000ff5000 RDI: 0000200000000000
[  184.111419][T14187] RBP: 00007fc197aef090 R08: ffffffffffffffff R09: 0000000000000000
[  184.111432][T14187] R10: 000000000004c831 R11: 0000000000000246 R12: 0000000000000001
[  184.111444][T14187] R13: 00007fc1992e6038 R14: 00007fc1992e5fa0 R15: 00007fff50683618
[  184.111474][T14187]  </TASK>
[  184.114812][T14186] loop4: detected capacity change from 0 to 512
[  184.175498][T14188] loop3: detected capacity change from 0 to 512
[  184.269277][T14186] EXT4-fs (loop4): 1 truncate cleaned up
[  184.298294][T14188] ext4: Unknown parameter 'permit_directio'
[  184.304621][T14186] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4075: bg 0: block 465: padding at end of block bitmap is not set
[  184.511093][T14216] can0: slcan on ttyS3.
[  184.519162][T14212] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  184.529892][T14212] SELinux: failed to load policy
[  184.559854][T14215] can0 (unregistered): slcan off ttyS3.
[  184.598432][T14226] loop5: detected capacity change from 0 to 512
[  184.606293][T14226] EXT4-fs (loop5): 1 truncate cleaned up
[  184.614054][T14226] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4089: bg 0: block 465: padding at end of block bitmap is not set
[  184.767160][T14245] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  184.806414][T14249] can0: slcan on ttyS3.
[  184.810529][T14251] SELinux:  policydb version -339919689 does not match my version range 15-35
[  184.820894][T14251] SELinux: failed to load policy
[  184.828521][T14247] bridge0: entered promiscuous mode
[  184.834112][T14247] macsec2: entered promiscuous mode
[  184.839661][T14247] bridge0: port 4(macsec2) entered blocking state
[  184.846161][T14247] bridge0: port 4(macsec2) entered disabled state
[  184.852701][T14248] can0 (unregistered): slcan off ttyS3.
[  184.852748][T14247] macsec2: entered allmulticast mode
[  184.863623][T14247] bridge0: entered allmulticast mode
[  184.871035][T14247] macsec2: left allmulticast mode
[  184.876076][T14247] bridge0: left allmulticast mode
[  184.881307][T14254] capability: warning: `syz.5.4098' uses deprecated v2 capabilities in a way that may be insecure
[  184.892262][T14254] Falling back ldisc for ttyS3.
[  184.898080][T14247] bridge0: left promiscuous mode
[  184.931240][T14261] 0�X���: renamed from caif0
[  184.937873][T14261] 0�X���: entered allmulticast mode
[  184.943122][T14261] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  184.952403][T14265] loop4: detected capacity change from 0 to 512
[  184.971665][T14265] EXT4-fs: Ignoring removed bh option
[  184.981766][T14265] ext4 filesystem being mounted at /276/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  185.069604][T14288] loop4: detected capacity change from 0 to 128
[  185.078891][T14288] bio_check_eod: 70 callbacks suppressed
[  185.078903][T14288] syz.4.4113: attempt to access beyond end of device
[  185.078903][T14288] loop4: rw=2049, sector=138, nr_sectors = 8 limit=128
[  185.098817][T14288] syz.4.4113: attempt to access beyond end of device
[  185.098817][T14288] loop4: rw=2049, sector=146, nr_sectors = 6 limit=128
[  185.115841][T14288] syz.4.4113: attempt to access beyond end of device
[  185.115841][T14288] loop4: rw=2049, sector=150, nr_sectors = 2 limit=128
[  185.129317][T14288] Buffer I/O error on dev loop4, logical block 75, lost async page write
[  185.146428][T14288] syz.4.4113: attempt to access beyond end of device
[  185.146428][T14288] loop4: rw=2049, sector=152, nr_sectors = 2 limit=128
[  185.159952][T14288] Buffer I/O error on dev loop4, logical block 76, lost async page write
[  185.169108][T14294] team0: Port device team_slave_1 removed
[  185.182703][T14288] syz.4.4113: attempt to access beyond end of device
[  185.182703][T14288] loop4: rw=2049, sector=170, nr_sectors = 6 limit=128
[  185.188678][T14300] loop6: detected capacity change from 0 to 512
[  185.198483][T14288] syz.4.4113: attempt to access beyond end of device
[  185.198483][T14288] loop4: rw=2049, sector=174, nr_sectors = 2 limit=128
[  185.207185][T14300] EXT4-fs (loop6): orphan cleanup on readonly fs
[  185.215833][T14288] Buffer I/O error on dev loop4, logical block 87, lost async page write
[  185.226974][T14288] syz.4.4113: attempt to access beyond end of device
[  185.226974][T14288] loop4: rw=2049, sector=176, nr_sectors = 2 limit=128
[  185.231190][T14300] EXT4-fs error (device loop6): ext4_xattr_inode_iget:446: comm syz.6.4117: error while reading EA inode 32 err=-116
[  185.244175][T14288] Buffer I/O error on dev loop4, logical block 88, lost async page write
[  185.259754][T14300] EXT4-fs (loop6): Remounting filesystem read-only
[  185.271467][T14300] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  185.275394][T14288] syz.4.4113: attempt to access beyond end of device
[  185.275394][T14288] loop4: rw=2049, sector=178, nr_sectors = 6 limit=128
[  185.282025][T14300] EXT4-fs (loop6): 1 orphan inode deleted
[  185.313184][T14305] loop5: detected capacity change from 0 to 512
[  185.318749][T14288] syz.4.4113: attempt to access beyond end of device
[  185.318749][T14288] loop4: rw=2049, sector=182, nr_sectors = 2 limit=128
[  185.332869][T14288] Buffer I/O error on dev loop4, logical block 91, lost async page write
[  185.333501][T14305] EXT4-fs: Ignoring removed bh option
[  185.341325][T14288] syz.4.4113: attempt to access beyond end of device
[  185.341325][T14288] loop4: rw=2049, sector=184, nr_sectors = 2 limit=128
[  185.360206][T14288] Buffer I/O error on dev loop4, logical block 92, lost async page write
[  185.372350][T14288] Buffer I/O error on dev loop4, logical block 103, lost async page write
[  185.389165][T14288] Buffer I/O error on dev loop4, logical block 104, lost async page write
[  185.399477][   T29] kauditd_printk_skb: 613 callbacks suppressed
[  185.399490][   T29] audit: type=1326 audit(1761220924.429:15495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.6.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c518efc9 code=0x7ffc0000
[  185.415904][T14311] loop3: detected capacity change from 0 to 512
[  185.429378][   T29] audit: type=1326 audit(1761220924.429:15496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.6.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c518efc9 code=0x7ffc0000
[  185.459084][   T29] audit: type=1326 audit(1761220924.429:15497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.6.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72c518efc9 code=0x7ffc0000
[  185.465534][T14311] EXT4-fs (loop3): 1 truncate cleaned up
[  185.482725][   T29] audit: type=1326 audit(1761220924.429:15498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.6.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c518efc9 code=0x7ffc0000
[  185.482752][   T29] audit: type=1326 audit(1761220924.429:15499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.6.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c518efc9 code=0x7ffc0000
[  185.495201][T14305] ext4 filesystem being mounted at /316/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  185.512026][   T29] audit: type=1326 audit(1761220924.429:15500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.6.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72c518efc9 code=0x7ffc0000
[  185.512049][   T29] audit: type=1326 audit(1761220924.429:15501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.6.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c518efc9 code=0x7ffc0000
[  185.592924][   T29] audit: type=1326 audit(1761220924.429:15502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.6.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f72c518efc9 code=0x7ffc0000
[  185.616425][   T29] audit: type=1326 audit(1761220924.449:15503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.6.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72c518efc9 code=0x7ffc0000
[  185.618908][T14317] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  185.640027][   T29] audit: type=1326 audit(1761220924.449:15504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.6.4121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f72c518efc9 code=0x7ffc0000
[  185.650166][T14317] SELinux: failed to load policy
[  185.679633][T14311] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4122: bg 0: block 465: padding at end of block bitmap is not set
[  185.719871][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  185.759424][T14327] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  185.774973][ T3408] lo speed is unknown, defaulting to 1000
[  185.851067][T14342] loop5: detected capacity change from 0 to 512
[  185.857990][T14342] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  185.873371][T14344] rdma_rxe: rxe_newlink: failed to add bond0
[  185.908116][T14342] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  185.917902][T14348] loop6: detected capacity change from 0 to 512
[  185.924731][T14348] EXT4-fs: Ignoring removed bh option
[  185.930463][T14342] System zones: 1-12
[  185.934465][T14355] loop4: detected capacity change from 0 to 512
[  185.940951][T14342] EXT4-fs (loop5): 1 truncate cleaned up
[  185.940994][T14351] program syz.0.4137 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  185.980146][T14348] ext4 filesystem being mounted at /408/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  186.039297][T14354] bridge0: entered promiscuous mode
[  186.046147][T14354] macsec1: entered promiscuous mode
[  186.052530][T14354] bridge0: port 3(macsec1) entered blocking state
[  186.058976][T14354] bridge0: port 3(macsec1) entered disabled state
[  186.065640][T14354] macsec1: entered allmulticast mode
[  186.070983][T14354] bridge0: entered allmulticast mode
[  186.078110][T14354] macsec1: left allmulticast mode
[  186.083189][T14354] bridge0: left allmulticast mode
[  186.098556][T14355] EXT4-fs (loop4): 1 truncate cleaned up
[  186.107554][T14354] bridge0: left promiscuous mode
[  186.110575][T14355] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4136: bg 0: block 465: padding at end of block bitmap is not set
[  186.141226][T14362] can0: slcan on ttyS3.
[  186.173442][T14367] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  186.270559][T14372] loop0: detected capacity change from 0 to 512
[  186.295909][T14372] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  186.306694][T14372] EXT4-fs (loop0): can't mount with journal_async_commit, fs mounted w/o journal
[  186.331294][T14374] loop6: detected capacity change from 0 to 128
[  186.361491][T14375] loop5: detected capacity change from 0 to 512
[  186.370181][T14353] can0 (unregistered): slcan off ttyS3.
[  186.379165][T14375] EXT4-fs (loop5): 1 orphan inode deleted
[  186.648334][T14385] tipc: Started in network mode
[  186.653328][T14385] tipc: Node identity 72cedf95a7db, cluster identity 4711
[  186.660503][T14385] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  186.669524][T14385] tipc: Disabling bearer <eth:syzkaller0>
[  186.697674][T14387] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  186.707796][T14387] tipc: Disabling bearer <eth:syzkaller0>
[  186.716960][T14394] loop5: detected capacity change from 0 to 512
[  186.724023][T14394] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  186.735418][T14394] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  186.743434][T14394] System zones: 1-12
[  186.750023][T14394] EXT4-fs (loop5): 1 truncate cleaned up
[  186.980631][T14404] Set syz1 is full, maxelem 65536 reached
[  187.008391][T14410] loop0: detected capacity change from 0 to 512
[  187.021340][T14410] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  187.032111][T14412] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  187.042896][T14412] SELinux: failed to load policy
[  187.075735][T14421] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14421 comm=syz.5.4161
[  187.117531][T14428] loop5: detected capacity change from 0 to 2048
[  187.141814][T14432] loop3: detected capacity change from 0 to 512
[  187.148893][T14430] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  187.158846][T14430] SELinux: failed to load policy
[  187.168364][T14428] EXT4-fs error (device loop5): ext4_iget_extra_inode:5075: inode #12: comm syz.5.4165: corrupted in-inode xattr: invalid size in ea xattr
[  187.196914][T14432] EXT4-fs (loop3): 1 truncate cleaned up
[  187.207298][T14432] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4167: bg 0: block 465: padding at end of block bitmap is not set
[  187.239035][T14445] loop5: detected capacity change from 0 to 512
[  187.247695][T14445] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  187.260054][T14445] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  187.268071][T14445] System zones: 1-12
[  187.272748][T14445] EXT4-fs (loop5): 1 truncate cleaned up
[  187.316340][T14452] loop0: detected capacity change from 0 to 512
[  187.324272][T14454] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14454 comm=syz.3.4175
[  187.345091][T14450] syz1: rxe_newlink: already configured on bond0
[  187.350575][T14452] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  187.430010][T14467] FAULT_INJECTION: forcing a failure.
[  187.430010][T14467] name failslab, interval 1, probability 0, space 0, times 0
[  187.442817][T14467] CPU: 1 UID: 0 PID: 14467 Comm: syz.0.4179 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  187.442936][T14467] Tainted: [W]=WARN
[  187.442941][T14467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  187.443005][T14467] Call Trace:
[  187.443012][T14467]  <TASK>
[  187.443019][T14467]  __dump_stack+0x1d/0x30
[  187.443039][T14467]  dump_stack_lvl+0xe8/0x140
[  187.443091][T14467]  dump_stack+0x15/0x1b
[  187.443107][T14467]  should_fail_ex+0x265/0x280
[  187.443216][T14467]  should_failslab+0x8c/0xb0
[  187.443239][T14467]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  187.443265][T14467]  ? __alloc_skb+0x101/0x320
[  187.443338][T14467]  __alloc_skb+0x101/0x320
[  187.443371][T14467]  ? avc_policy_seqno+0x15/0x30
[  187.443389][T14467]  ppp_write+0x8a/0x330
[  187.443414][T14467]  vfs_writev+0x406/0x8b0
[  187.443554][T14467]  ? __pfx_ppp_write+0x10/0x10
[  187.443586][T14467]  __x64_sys_pwritev+0xfd/0x1c0
[  187.443683][T14467]  x64_sys_call+0x14f8/0x3000
[  187.443700][T14467]  do_syscall_64+0xd2/0x200
[  187.443739][T14467]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  187.443851][T14467]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  187.443878][T14467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.443914][T14467] RIP: 0033:0x7f0dab87efc9
[  187.443929][T14467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.443946][T14467] RSP: 002b:00007f0daa2e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[  187.443964][T14467] RAX: ffffffffffffffda RBX: 00007f0dabad5fa0 RCX: 00007f0dab87efc9
[  187.443975][T14467] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000003
[  187.443986][T14467] RBP: 00007f0daa2e7090 R08: 000000000000003d R09: 0000000000000000
[  187.443998][T14467] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[  187.444086][T14467] R13: 00007f0dabad6038 R14: 00007f0dabad5fa0 R15: 00007ffdb8658038
[  187.444103][T14467]  </TASK>
[  187.446781][T14469] __nla_validate_parse: 27 callbacks suppressed
[  187.446794][T14469] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4181'.
[  187.507336][T14471] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  187.665276][T14471] SELinux: failed to load policy
[  187.749308][T14478] loop4: detected capacity change from 0 to 512
[  187.762013][T14478] EXT4-fs (loop4): 1 truncate cleaned up
[  187.768400][T14478] EXT4-fs mount: 192 callbacks suppressed
[  187.768414][T14478] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.788368][T14478] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4183: bg 0: block 465: padding at end of block bitmap is not set
[  187.805446][T14482] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4184'.
[  187.814723][T14483] 0�X���: left allmulticast mode
[  187.819730][T14483] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  187.840469][T10386] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.888021][T14493] loop0: detected capacity change from 0 to 512
[  187.897399][T14487] loop4: detected capacity change from 0 to 512
[  187.906789][T14493] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.907303][T14487] EXT4-fs (loop4): 1 orphan inode deleted
[  187.923550][T14491] bridge0: entered promiscuous mode
[  187.925903][T14487] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.930572][T14491] macsec1: entered promiscuous mode
[  187.949500][T14491] bridge0: port 3(macsec1) entered blocking state
[  187.956094][T14491] bridge0: port 3(macsec1) entered disabled state
[  187.963481][T14491] macsec1: entered allmulticast mode
[  187.968780][T14491] bridge0: entered allmulticast mode
[  187.975841][T14493] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  187.977014][T10386] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.995600][T14491] macsec1: left allmulticast mode
[  188.000651][T14491] bridge0: left allmulticast mode
[  188.007008][T12527] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.025657][T14501] loop0: detected capacity change from 0 to 128
[  188.036305][T14501] buffer_io_error: 44 callbacks suppressed
[  188.036319][T14501] Buffer I/O error on dev loop0, logical block 75, lost async page write
[  188.039213][T14503] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4193'.
[  188.042179][T14501] Buffer I/O error on dev loop0, logical block 76, lost async page write
[  188.043134][T14501] Buffer I/O error on dev loop0, logical block 87, lost async page write
[  188.051215][T14491] bridge0: left promiscuous mode
[  188.059963][T14501] Buffer I/O error on dev loop0, logical block 88, lost async page write
[  188.090386][T14501] Buffer I/O error on dev loop0, logical block 91, lost async page write
[  188.101403][T14501] Buffer I/O error on dev loop0, logical block 92, lost async page write
[  188.112540][T14501] Buffer I/O error on dev loop0, logical block 103, lost async page write
[  188.121104][T14501] Buffer I/O error on dev loop0, logical block 104, lost async page write
[  188.130041][T14501] Buffer I/O error on dev loop0, logical block 107, lost async page write
[  188.138630][T14501] Buffer I/O error on dev loop0, logical block 108, lost async page write
[  188.200924][T14510] loop4: detected capacity change from 0 to 512
[  188.208978][T14510] EXT4-fs (loop4): 1 truncate cleaned up
[  188.215656][T14510] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.235339][T14513] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4197'.
[  188.238849][T14510] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4196: bg 0: block 465: padding at end of block bitmap is not set
[  188.264695][T14515] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  188.276717][T14515] tipc: Disabling bearer <eth:syzkaller0>
[  188.284141][T10386] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.336006][T14521] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4201'.
[  188.381041][T14526] loop0: detected capacity change from 0 to 2048
[  188.433163][T14517] Set syz1 is full, maxelem 65536 reached
[  188.442634][T14526] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  188.456979][T14526] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #12: comm syz.0.4203: corrupted in-inode xattr: invalid size in ea xattr
[  188.482970][T14526] FAULT_INJECTION: forcing a failure.
[  188.482970][T14526] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  188.496222][T14526] CPU: 0 UID: 0 PID: 14526 Comm: syz.0.4203 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  188.496268][T14526] Tainted: [W]=WARN
[  188.496273][T14526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  188.496286][T14526] Call Trace:
[  188.496292][T14526]  <TASK>
[  188.496299][T14526]  __dump_stack+0x1d/0x30
[  188.496322][T14526]  dump_stack_lvl+0xe8/0x140
[  188.496342][T14526]  dump_stack+0x15/0x1b
[  188.496415][T14526]  should_fail_ex+0x265/0x280
[  188.496445][T14526]  should_fail_alloc_page+0xf2/0x100
[  188.496473][T14526]  __alloc_frozen_pages_noprof+0xff/0x360
[  188.496579][T14526]  alloc_pages_mpol+0xb3/0x260
[  188.496600][T14526]  alloc_pages_noprof+0x90/0x130
[  188.496619][T14526]  get_zeroed_page_noprof+0x1a/0x40
[  188.496635][T14526]  simple_transaction_get+0x4c/0x130
[  188.496677][T14526]  selinux_transaction_write+0x9d/0x110
[  188.496704][T14526]  ? __pfx_selinux_transaction_write+0x10/0x10
[  188.496733][T14526]  vfs_write+0x269/0x960
[  188.496752][T14526]  ? __rcu_read_unlock+0x4f/0x70
[  188.496803][T14526]  ? __fget_files+0x184/0x1c0
[  188.496830][T14526]  ksys_write+0xda/0x1a0
[  188.496855][T14526]  __x64_sys_write+0x40/0x50
[  188.496878][T14526]  x64_sys_call+0x2802/0x3000
[  188.496903][T14526]  do_syscall_64+0xd2/0x200
[  188.496929][T14526]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  188.496950][T14526]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  188.497062][T14526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.497080][T14526] RIP: 0033:0x7f0dab87efc9
[  188.497092][T14526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.497110][T14526] RSP: 002b:00007f0daa2e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  188.497189][T14526] RAX: ffffffffffffffda RBX: 00007f0dabad5fa0 RCX: 00007f0dab87efc9
[  188.497199][T14526] RDX: 0000000000000041 RSI: 0000200000000400 RDI: 0000000000000007
[  188.497210][T14526] RBP: 00007f0daa2e7090 R08: 0000000000000000 R09: 0000000000000000
[  188.497220][T14526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.497295][T14526] R13: 00007f0dabad6038 R14: 00007f0dabad5fa0 R15: 00007ffdb8658038
[  188.497351][T14526]  </TASK>
[  188.751061][T12527] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  188.787747][T14535] bridge0: entered promiscuous mode
[  188.793082][T14535] macsec2: entered promiscuous mode
[  188.798587][T14535] bridge0: port 4(macsec2) entered blocking state
[  188.805194][T14535] bridge0: port 4(macsec2) entered disabled state
[  188.811901][T14535] macsec2: entered allmulticast mode
[  188.817242][T14535] bridge0: entered allmulticast mode
[  188.850133][T14535] macsec2: left allmulticast mode
[  188.855238][T14535] bridge0: left allmulticast mode
[  188.861374][T14535] bridge0: left promiscuous mode
[  188.900933][T14541] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4207'.
[  188.945975][T14543] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14543 comm=syz.0.4209
[  189.019930][T14554] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4213'.
[  189.041991][T14552] loop3: detected capacity change from 0 to 2048
[  189.061248][T14552] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.154118][T14564] loop0: detected capacity change from 0 to 512
[  189.161258][T14565] lo speed is unknown, defaulting to 1000
[  189.167153][T14565] lo speed is unknown, defaulting to 1000
[  189.173184][T14565] lo speed is unknown, defaulting to 1000
[  189.179967][T14565] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  189.191799][T14564] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.204834][T14565] lo speed is unknown, defaulting to 1000
[  189.206687][T14564] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  189.210985][T14565] lo speed is unknown, defaulting to 1000
[  189.228060][T14565] lo speed is unknown, defaulting to 1000
[  189.234396][T14565] lo speed is unknown, defaulting to 1000
[  189.242257][T14565] lo speed is unknown, defaulting to 1000
[  189.248256][T14552] smc: removing ib device syz1
[  189.254278][T12527] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.305861][T14573] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  189.324129][T14573] tipc: Disabling bearer <eth:syzkaller0>
[  189.348218][T14580] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14580 comm=syz.4.4223
[  189.391270][T14585] can0: slcan on ttyS3.
[  189.419958][T14584] can0 (unregistered): slcan off ttyS3.
[  189.454458][T14624] loop0: detected capacity change from 0 to 2048
[  189.508807][T14633] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  189.536178][T14624]  loop0: p2 p3 p7
[  189.611296][T14661] loop4: detected capacity change from 0 to 128
[  189.683884][T14667] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14667 comm=syz.0.4234
[  189.715853][T14669] loop0: detected capacity change from 0 to 128
[  189.840333][T14671] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  189.849336][T14671] tipc: Disabling bearer <eth:syzkaller0>
[  189.864588][T13394] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.931808][T14676] can0: slcan on ttyS3.
[  190.004306][T14682] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4241'.
[  190.040012][T14675] can0 (unregistered): slcan off ttyS3.
[  190.066551][T14698] loop5: detected capacity change from 0 to 512
[  190.069866][T14695] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14695 comm=syz.3.4245
[  190.094862][T14698] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  190.108481][T14701] loop6: detected capacity change from 0 to 512
[  190.119369][T14704] loop0: detected capacity change from 0 to 512
[  190.130937][T14698] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  190.138921][T14698] System zones: 1-12
[  190.146251][T14701] EXT4-fs (loop6): 1 truncate cleaned up
[  190.147719][T14705] program syz.4.4247 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  190.161706][T14701] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.166195][T14711] loop3: detected capacity change from 0 to 512
[  190.173930][T14698] EXT4-fs (loop5): 1 truncate cleaned up
[  190.187093][T14704] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.187457][T14701] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4248: bg 0: block 465: padding at end of block bitmap is not set
[  190.214861][T14698] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.227034][T14711] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.242954][T14704] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.253902][T14711] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.280980][T12527] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.336594][ T8832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.341637][T14716] infiniband syz1: set active
[  190.350269][T14716] infiniband syz1: added bond0
[  190.356399][T13394] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.384449][T14719] loop4: detected capacity change from 0 to 512
[  190.393433][T14716] RDS/IB: syz1: added
[  190.397576][T14716] smc: adding ib device syz1 with port count 1
[  190.400273][T10815] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.404116][T14716] smc:    ib device syz1 port 1 has no pnetid
[  190.418129][   T29] kauditd_printk_skb: 2876 callbacks suppressed
[  190.418142][   T29] audit: type=1326 audit(1761220929.469:18381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f4a48ac076a code=0x7ffc0000
[  190.448801][   T29] audit: type=1400 audit(1761220929.469:18382): avc:  denied  { remount } for  pid=14717 comm="syz.4.4253" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  190.468785][   T29] audit: type=1326 audit(1761220929.469:18383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4a48abd810 code=0x7ffc0000
[  190.492549][   T29] audit: type=1326 audit(1761220929.469:18384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4a48abebcb code=0x7ffc0000
[  190.516090][   T29] audit: type=1326 audit(1761220929.469:18385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4a48abdc2a code=0x7ffc0000
[  190.539451][   T29] audit: type=1326 audit(1761220929.469:18386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a48abefc9 code=0x7ffc0000
[  190.563028][   T29] audit: type=1326 audit(1761220929.469:18387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a48abefc9 code=0x7ffc0000
[  190.586625][   T29] audit: type=1326 audit(1761220929.469:18388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14717 comm="syz.4.4253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f4a48abefc9 code=0x7ffc0000
[  190.610171][   T29] audit: type=1400 audit(1761220929.469:18389): avc:  denied  { mac_admin } for  pid=14717 comm="syz.4.4253" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  190.631371][   T29] audit: type=1400 audit(1761220929.469:18390): avc:  denied  { relabelto } for  pid=14717 comm="syz.4.4253" name="305" dev="tmpfs" ino=1623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  190.694116][T14732] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  190.763626][T14734] can0: slcan on ttyS3.
[  190.818564][T14750] program syz.6.4264 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  190.890086][T14733] can0 (unregistered): slcan off ttyS3.
[  190.899154][T14757] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4266'.
[  190.962140][T14768] loop3: detected capacity change from 0 to 512
[  190.968877][T14768] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  190.986328][T14767] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4271'.
[  190.986809][T14768] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  191.004207][T14768] System zones: 1-12
[  191.016156][T14768] EXT4-fs (loop3): 1 truncate cleaned up
[  191.032252][T14768] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.086685][T14759] Set syz1 is full, maxelem 65536 reached
[  191.097557][T14781] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14781 comm=syz.4.4276
[  191.124465][T14783] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14783 comm=syz.4.4277
[  191.177615][T14786] program syz.5.4278 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  191.225134][T14794] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  191.233177][T14794] tipc: Disabling bearer <eth:syzkaller0>
[  191.267443][T13394] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.316981][T14803] rdma_rxe: rxe_newlink: failed to add bond0
[  191.354406][T14813] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14813 comm=syz.4.4290
[  191.378202][T14816] loop3: detected capacity change from 0 to 512
[  191.385321][T14816] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  191.403522][T14816] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fffff00)
[  191.424223][T14820] loop0: detected capacity change from 0 to 512
[  191.439363][T14820] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  191.461267][T14822] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  191.462528][T14827] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  191.471433][T14822] SELinux: failed to load policy
[  191.481634][T14820] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  191.490650][T14820] System zones: 1-12
[  191.494989][T14820] EXT4-fs (loop0): 1 truncate cleaned up
[  191.495132][T14827] tipc: Disabling bearer <eth:syzkaller0>
[  191.501267][T14820] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.652396][T12527] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.747093][T14860] SELinux:  policydb magic number 0xa00 does not match expected magic number 0xf97cff8c
[  191.757188][T14860] SELinux: failed to load policy
[  191.795234][T14871] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  191.804166][T14871] tipc: Disabling bearer <eth:syzkaller0>
[  191.855168][T14880] loop6: detected capacity change from 0 to 512
[  191.863189][T14880] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  191.882071][T14880] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002]
[  191.901527][T14880] System zones: 1-12
[  191.910102][T14880] EXT4-fs (loop6): 1 truncate cleaned up
[  191.916298][T14880] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.026272][T14882] Set syz1 is full, maxelem 65536 reached
[  192.088804][ T8832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.168357][T14911] FAULT_INJECTION: forcing a failure.
[  192.168357][T14911] name failslab, interval 1, probability 0, space 0, times 0
[  192.170534][T14910] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  192.181053][T14911] CPU: 1 UID: 0 PID: 14911 Comm: syz.5.4325 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  192.181085][T14911] Tainted: [W]=WARN
[  192.181091][T14911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  192.181104][T14911] Call Trace:
[  192.181111][T14911]  <TASK>
[  192.181119][T14911]  __dump_stack+0x1d/0x30
[  192.181141][T14911]  dump_stack_lvl+0xe8/0x140
[  192.181161][T14911]  dump_stack+0x15/0x1b
[  192.181226][T14911]  should_fail_ex+0x265/0x280
[  192.181256][T14911]  should_failslab+0x8c/0xb0
[  192.181283][T14911]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[  192.181343][T14911]  ? security_context_to_sid_core+0x69/0x3b0
[  192.181373][T14911]  kmemdup_nul+0x36/0xc0
[  192.181396][T14911]  security_context_to_sid_core+0x69/0x3b0
[  192.181498][T14911]  ? avc_has_perm_noaudit+0x1b1/0x200
[  192.181521][T14911]  security_context_to_sid+0x2e/0x40
[  192.181606][T14911]  selinux_inode_setxattr+0x4af/0x6e0
[  192.181637][T14911]  security_inode_setxattr+0x13a/0x1b0
[  192.181662][T14911]  __vfs_setxattr_locked+0x83/0x1d0
[  192.181696][T14911]  vfs_setxattr+0x132/0x270
[  192.181775][T14911]  filename_setxattr+0x1ad/0x400
[  192.181854][T14911]  path_setxattrat+0x2c9/0x310
[  192.181894][T14911]  __x64_sys_lsetxattr+0x71/0x90
[  192.181919][T14911]  x64_sys_call+0x287b/0x3000
[  192.181958][T14911]  do_syscall_64+0xd2/0x200
[  192.182024][T14911]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  192.182049][T14911]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  192.182076][T14911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.182158][T14911] RIP: 0033:0x7fc19908efc9
[  192.182174][T14911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.182190][T14911] RSP: 002b:00007fc197aef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  192.182209][T14911] RAX: ffffffffffffffda RBX: 00007fc1992e5fa0 RCX: 00007fc19908efc9
[  192.182221][T14911] RDX: 0000200000000280 RSI: 0000200000000240 RDI: 00002000000001c0
[  192.182233][T14911] RBP: 00007fc197aef090 R08: 0000000000000000 R09: 0000000000000000
[  192.182305][T14911] R10: 0000000000001001 R11: 0000000000000246 R12: 0000000000000001
[  192.182318][T14911] R13: 00007fc1992e6038 R14: 00007fc1992e5fa0 R15: 00007fff50683618
[  192.182336][T14911]  </TASK>
[  192.422439][T14919] tipc: Disabling bearer <eth:syzkaller0>
[  192.433813][T14922] loop5: detected capacity change from 0 to 512
[  192.451724][T14922] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.464299][T14922] ext4 filesystem being mounted at /358/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.490953][T10815] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.517518][T14935] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14935 comm=syz.6.4335
[  192.597695][T14951] loop5: detected capacity change from 0 to 512
[  192.604860][T14951] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  192.618229][T14954] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14954 comm=syz.0.4342
[  192.618457][T14951] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.4340: bad orphan inode 14
[  192.641275][T14951] ext4_test_bit(bit=13, block=18) = 1
[  192.646645][T14951] is_bad_inode(inode)=0
[  192.646655][T14951] NEXT_ORPHAN(inode)=0
[  192.646662][T14951] max_ino=32
[  192.646669][T14951] i_nlink=1
[  192.655564][T14951] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.673297][T14945] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  192.673451][T14951] ==================================================================
[  192.689065][ T3408] lo speed is unknown, defaulting to 1000
[  192.697007][T14951] BUG: KCSAN: data-race in data_alloc / prb_reserve
[  192.697027][T14951] 
[  192.697032][T14951] write to 0xffffffff86868840 of 8 bytes by task 14945 on cpu 1:
[  192.697048][T14951]  data_alloc+0x280/0x2e0
[  192.723592][T14951]  prb_reserve+0x807/0xaf0
[  192.728007][T14951]  vprintk_store+0x56d/0x860
[  192.732600][T14951]  vprintk_emit+0x10d/0x580
[  192.737091][T14951]  vprintk_default+0x26/0x30
[  192.741665][T14951]  vprintk+0x1d/0x30
[  192.745548][T14951]  _printk+0x79/0xa0
[  192.749430][T14951]  do_setlink+0xb3b/0x2810
[  192.753830][T14951]  rtnl_newlink+0xd8b/0x12d0
[  192.758403][T14951]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  192.763323][T14951]  netlink_rcv_skb+0x123/0x220
[  192.768077][T14951]  rtnetlink_rcv+0x1c/0x30
[  192.772475][T14951]  netlink_unicast+0x5c0/0x690
[  192.777223][T14951]  netlink_sendmsg+0x58b/0x6b0
[  192.781975][T14951]  __sock_sendmsg+0x145/0x180
[  192.786639][T14951]  ____sys_sendmsg+0x31e/0x4e0
[  192.791391][T14951]  ___sys_sendmsg+0x17b/0x1d0
[  192.796058][T14951]  __x64_sys_sendmsg+0xd4/0x160
[  192.800903][T14951]  x64_sys_call+0x191e/0x3000
[  192.805585][T14951]  do_syscall_64+0xd2/0x200
[  192.810067][T14951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.815944][T14951] 
[  192.818248][T14951] read to 0xffffffff86868840 of 8 bytes by task 14951 on cpu 0:
[  192.825857][T14951]  prb_reserve+0x220/0xaf0
[  192.830257][T14951]  vprintk_store+0x56d/0x860
[  192.834834][T14951]  vprintk_emit+0x10d/0x580
[  192.839320][T14951]  vprintk_default+0x26/0x30
[  192.843890][T14951]  vprintk+0x1d/0x30
[  192.847772][T14951]  _printk+0x79/0xa0
[  192.851654][T14951]  mnt_warn_timestamp_expiry+0x1c3/0x200
[  192.857283][T14951]  do_new_mount+0x31b/0x660
[  192.861769][T14951]  path_mount+0x4a5/0xb70
[  192.866081][T14951]  __se_sys_mount+0x28c/0x2e0
[  192.870742][T14951]  __x64_sys_mount+0x67/0x80
[  192.875319][T14951]  x64_sys_call+0x2b51/0x3000
[  192.879979][T14951]  do_syscall_64+0xd2/0x200
[  192.884463][T14951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.890337][T14951] 
[  192.892638][T14951] value changed: 0xfffffffffffc1338 -> 0x0000000000062538
[  192.899722][T14951] 
[  192.902021][T14951] Reported by Kernel Concurrency Sanitizer on:
[  192.908150][T14951] CPU: 0 UID: 0 PID: 14951 Comm: syz.5.4340 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  192.919502][T14951] Tainted: [W]=WARN
[  192.923283][T14951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  192.933344][T14951] ==================================================================
[  192.673278][T14951] ext2 filesystem being mounted at /361/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.974450][T14955] __nla_validate_parse: 8 callbacks suppressed
[  192.974466][T14955] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4341'.
[  193.008301][T10815] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.