last executing test programs:

2.576224594s ago: executing program 0 (id=1259):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x18)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{0x0}], 0x1}}], 0x1, 0x24008094)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvfrom$unix(r3, &(0x7f0000000140)=""/263, 0x107, 0x0, 0x0, 0x0)

2.553510724s ago: executing program 2 (id=1261):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x80}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfc, 0x2bfffdffd}, 0xc)
close(r1)

2.529139494s ago: executing program 2 (id=1263):
socket$can_bcm(0x1d, 0x2, 0x2)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_hsr\x00'})
socket(0x10, 0x803, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mtu(r3, 0x0, 0xa, &(0x7f0000000080)=0x3, 0x4)
sendto$inet(r3, &(0x7f0000000040)="0e00", 0xffec, 0x0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)

2.496665384s ago: executing program 2 (id=1267):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
getcwd(&(0x7f0000000300)=""/138, 0x8a)

2.473564724s ago: executing program 2 (id=1268):
r0 = inotify_init()
pipe2$9p(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
r3 = epoll_create1(0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000040)=0x7)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x1, 0xf8, 0xbd, 0x0, 0x0, 0x2000000000000, 0x42410, 0x18, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x2, @perf_bp={&(0x7f00000004c0), 0xf}, 0x80, 0x9, 0xfffffffb, 0x9, 0x3, 0xfff, 0x4b88, 0x0, 0x0, 0x0, 0x10000}, r4, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
write$P9_RREAD(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="18240396e9d403f6c70000"], 0xb)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000b80)=@newqdisc={0x2c, 0x24, 0x3fe3aa0262d8c583, 0x70bd25, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xf}, {0xffff, 0xffff}, {0xffe0}}, [@TCA_RATE={0x6, 0x5, {0x0, 0xfe}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
ioctl$FS_IOC_SETFLAGS(r3, 0x40088a01, &(0x7f0000000000)=0x10)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000340)={0x90000019})
listen(0xffffffffffffffff, 0x1)
r7 = fcntl$dupfd(r2, 0x406, r2)
close_range(r0, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000005000000020000000400000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000ad315d1573b06f830cc17f910c684565a667a31100a4e7fb747e7234e17d05041e4a4f4bdf25b7aac792b4f06521a788602a00e67334c9ec0993e7f9b6b6af10a43594ce661943da369f5909d6622190aef6cc66aa3ed93654e0825fe28a1720758797542fe52dda0d4324c9"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff00000000000000001801000020646c4200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000002300000095"], 0x0, 0x4e, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000880)=ANY=[@ANYRESHEX=r6, @ANYRESHEX=r2, @ANYRES32=r4, @ANYRESOCT=r9, @ANYRES32=r8, @ANYRES8=r6, @ANYRES16=r2, @ANYRESHEX=r8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback=0x20, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xfffffffffffffc2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r10}, 0x10)
r11 = socket(0x8000000010, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write(r11, &(0x7f00000002c0)="fc0000001c000704ab5b2509b86803000aab087a0400000001481193210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

2.438431834s ago: executing program 2 (id=1272):
r0 = msgget$private(0x0, 0x0)
syz_io_uring_setup(0x380a, &(0x7f0000000140)={0x0, 0x729, 0x3010, 0x0, 0x8000001}, &(0x7f0000000100), &(0x7f0000000480)=<r1=>0x0)
r2 = epoll_create(0xaf2)
epoll_pwait(r2, &(0x7f00000002c0)=[{}], 0xfc, 0x80000001, 0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000ac0)='.\x00', &(0x7f0000000b00), 0x400008, 0x0)
msgrcv(r0, 0x0, 0x0, 0xa64c2a520a4acd8f, 0x2000)
msgsnd(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1a0092e556113374"], 0x8, 0x800)
msgctl$IPC_SET(r0, 0x1, &(0x7f00000004c0)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x6}, 0x0, 0x0, 0xfffffffffffffffe, 0x10001, 0xfffffffffffffffe, 0xf, 0x1, 0xd, 0xd1, 0x2})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRESDEC, @ANYRESDEC=r0, @ANYRESHEX=r1, @ANYRES32=<r5=>r2, @ANYRES8=r4], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x100, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_IMMEDIATE_DATA={0x28, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x22, 0x1, "405cb3665406e3c7bc4071006dfc7dea5999db07b14863d93b4cf31e2096"}]}]}}}]}, @NFTA_RULE_EXPRESSIONS={0x94, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @rt={{0x7}, @void}}, {0x10, 0x1, 0x0, 0x1, @target={{0xb}, @void}}, {0x10, 0x1, 0x0, 0x1, @payload={{0xc}, @void}}, {0x10, 0x1, 0x0, 0x1, @objref={{0xb}, @void}}, {0x54, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x7ff}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0xfff80000}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x5ae99a296e280245}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_NG_TYPE={0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x128}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
getresuid(&(0x7f0000000380), &(0x7f00000003c0)=<r7=>0x0, &(0x7f0000000440))
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x8080, &(0x7f0000000600)={[{@uid={'uid', 0x3d, r7}}, {@mode={'mode', 0x3d, 0x800}}, {@gid}], [{@dont_appraise}, {@subj_type={'subj_type', 0x3d, '&.-'}}, {@subj_type={'subj_type', 0x3d, 'xfrm\x00'}}]})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=ANY=[@ANYBLOB="440000030000000900020073797a310000000005000100070000001c0007800c00018008000140ffffffff0c00148008000140177a88828023c02c5a4e2eb71c9f45de30910a01b23c622800"/88], 0x44}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x15, 0xb, &(0x7f0000000580)=ANY=[@ANYRESDEC=r5], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)

2.186171576s ago: executing program 4 (id=1283):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a31000000000800054000000002090002007307f3dacd00000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c00008008000340000000022c0000000e0a010200000000000000000b0000000900010073797a31000000000900020073797a3100000000140000001100010000000000000000000100000a"], 0xdc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

2.171453916s ago: executing program 4 (id=1284):
r0 = inotify_init()
pipe2$9p(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
r3 = epoll_create1(0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000040)=0x7)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x1, 0xf8, 0xbd, 0x0, 0x0, 0x2000000000000, 0x42410, 0x18, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x2, @perf_bp={&(0x7f00000004c0), 0xf}, 0x80, 0x9, 0xfffffffb, 0x9, 0x3, 0xfff, 0x4b88, 0x0, 0x0, 0x0, 0x10000}, r4, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
write$P9_RREAD(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="18240396e9d403f6c70000"], 0xb)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000b80)=@newqdisc={0x2c, 0x24, 0x3fe3aa0262d8c583, 0x70bd25, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xf}, {0xffff, 0xffff}, {0xffe0}}, [@TCA_RATE={0x6, 0x5, {0x0, 0xfe}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
ioctl$FS_IOC_SETFLAGS(r3, 0x40088a01, &(0x7f0000000000)=0x10)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000340)={0x90000019})
listen(0xffffffffffffffff, 0x1)
r7 = fcntl$dupfd(r2, 0x406, r2)
close_range(r0, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000005000000020000000400000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000ad315d1573b06f830cc17f910c684565a667a31100a4e7fb747e7234e17d05041e4a4f4bdf25b7aac792b4f06521a788602a00e67334c9ec0993e7f9b6b6af10a43594ce661943da369f5909d6622190aef6cc66aa3ed93654e0825fe28a1720758797542fe52dda0d4324c9"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff00000000000000001801000020646c4200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000002300000095"], 0x0, 0x4e, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000880)=ANY=[@ANYRESHEX=r6, @ANYRESHEX=r2, @ANYRES32=r4, @ANYRESOCT=r9, @ANYRES32=r8, @ANYRES8=r6, @ANYRES16=r2, @ANYRESHEX=r8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback=0x20, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xfffffffffffffc2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r10}, 0x10)
r11 = socket(0x8000000010, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write(r11, &(0x7f00000002c0)="fc0000001c000704ab5b2509b86803000aab087a0400000001481193210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

2.144026936s ago: executing program 4 (id=1285):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000300)={'batadv0\x00', <r1=>0x0})
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000007c0)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0xfffe, 0x0, 0x2, 0x0, 0x0, 0x0, r1}, {0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x4000}, {0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {{@in=@dev={0xac, 0x14, 0x14, 0x1f}, 0x0, 0x6c}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2f}, 0x200000, 0x0, 0x0, 0x0, 0x0, 0xbeaf}}, 0xe8)
syz_emit_ethernet(0x55, &(0x7f0000000000)={@local, @random="f368656e065b", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000000400000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45}, 0x94)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, <r6=>0x0}, &(0x7f0000000680)=0xc)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_opts(r7, 0x0, 0x9, 0x0, &(0x7f0000001140))
setuid(r6)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f00000037c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000a70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c21f664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffaf4ab87b1bfed9fbe586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae460f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf8714d7bb2366fde41f94290c2a5fdecb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1f5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27832b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd210819203a513a67da4a571ce585a17a02a210382f14d12ca3c3431ee97471c785a69da7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedda1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a540f0c10ec3a11667290b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad95971030000007d00000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfadfdd708789a20287d58187fbd49fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91647b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf06d0000f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe6e7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a1914b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c056d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c617f005ac2d371a95b8adc67ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c259d3f28b9ea81232fbef665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bdd27e663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70780025072e20586b19127d75fa71577f265c51000000000000000000000000000000000000000000915c2cde78db002a20e370600f56b3803786ffff268fa1782c240a1d3b62bb5c9c5712bc58a0f276f5224b6efaceab36d1468b0800000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x49)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000380)='sys_enter\x00', r8}, 0x18)
r9 = socket(0x15, 0x5, 0x0)
recvmmsg(r9, 0x0, 0x0, 0x61, 0x0)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f00000006c0)=ANY=[@ANYRES64=r9], 0x20)
ppoll(&(0x7f0000000540)=[{}], 0x5b, 0x0, 0x0, 0x0)
quotactl_fd$Q_QUOTAON(r2, 0xffffffff80000202, r6, &(0x7f0000000200)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x1, @perf_config_ext={0x8, 0x6}, 0x120, 0x10000, 0x33f8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x6, 0x2c1, &(0x7f0000000300)="$eJzs3b9rJFUcAPDv5Mdm1WJXsBLBAS2sjsu1NhskB8FUSgq10ODlQHaDkIVAVnE9LGxtLP0LBMHOf8LGwl6wFey84uDJ7Mzcbs7ZvczJXvzx+TR5efO+733n5WWXLea7H7x0OryTx917n/4S3W4WG4MYxP0s+rERtc/jksFXAQD8m91PKX5PpTZxWUR015cWALBGrd//v197SgDAmr39zrtv7h0e7r+V5924ffrl+VHxyb74WV7fuxsfxShO4mb04kFEeqhs304pTbfyQj9ePZ2eHxWRp+//WM2/91vELH43etGfdV2OPzjc381LC/HTIo9nq/UHRfyt6MULDesfHO7faoiPo0689spC/jeiFz99GB/HKO7MkpjHf7ab52+kr//45L0ivSI+m54f7czGzaXNp/ynAQAAAAAAAAAAAAAAAAAAAADgP+xGVTtnJ2b1e4quqv7O5oPil+3Ia/3L9XnK+Kye6JH6QNMU39T1dW7meZ6qgfP4rXhxK7au564BAAAAAAAAAAAAAAAAAADgn2V8MRkej0YnZ3+30Y3h8aiuBlA/1v+kEw4Wel6OhjH9eNizM19yo1p2xcyxWY/JIlamUczYKvntx6++pPHMsqhvv2u7dd3Hj9l+ggyv3Pji+YjJsD5dw+OseQ93ou7p1ofkh8Uxnbjiop1ll1Kr49dpvNRrvQmd52aN6Yoxka1K7PVfy52rerJH76Iz29XG8O2qUf4vNJ2NVuf5r68VmWodAAAAAAAAAAAAAAAAAACwVuOLyTCllBof7b23JOjng/JL/qO/3uQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CkZX0yGx6PRyVmbxrQKvsLgTpyNr/kWAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+B/4MwAA///WLWFE")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x5, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})
r10 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000000)=ANY=[@ANYBLOB="33fe00004a00530c8e5eb88edc5a9c0e0a9b80"], 0xfe33)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={&(0x7f0000000340)="d329fa814ccd041ee99c0a2deb907d201a4fedc7f2b6d9ee546e4b11f0ba02cdb83a0308cec65934dfd29ddb78fd456f8233773dfe767e023165885f65e4487cd73615d0b69bd9c0136b6d86131423dda8211aca24f2452f25e0c1c4b99814e24dd975699c9774646a8610ac59635540428417532c71511b7dc59ccdb98f14507589c056f3d2a7058b776deef05cb9ede0401015236cacfe62814cfdadfbbf6aa065a6f6b9ca6f47d4395bb5b17afd4fd95d8d6ff5f7bcd02a48fd6fdf0c82d9f4a77b02fea48c61446dd802de407701906be723770a34cbb0d2e7faed9920f9ca62ce6947084abfc7451fbcd9df63813f2f53", &(0x7f0000000440)=""/110, &(0x7f00000004c0)="d3d7d559dc0397700897a47cb859e6e5a7bbb17d88441082a11a183220fddd4a016a560918ba27eaaa24a5728e48a65f617effc19b53890a25be9511ef84c6ab1d46c6e0488304e501cca0b3ea432c76e85598b4ec62e61bde077ccf9011e5c511592b21685c8aacfa891be67865df8bd2f9bf83b79f9fb82d6455898fb34b0c84c0a5786e69b02df51ac2332b457351e7437fcee3bb4793ecd8c3a3fcae4bcde78831c099f08d353ab55159a42867823490e585470cd1a865c8bd8ddfc1c8d0fc30426bb72f7c277ed72d165ff2ab1019133d86f3e9c20db60d2328653fd6c6572fd92aef410eeb9bcbd5c29811", &(0x7f00000005c0)="1f6718fb12ee782d773ea6af83c5a9733ac5df35351011887a6d0ce3393f3312be2110f23897b613f0b17103a192f0532baf877f08a766a5e5bf6fa816d6a6b0cd44259329a42e9986b03de210d1a79b74ea3ea498a5fa3a947be92dbefbc00d01f655f932bef58aa25f6a75c1e7af431a047fc3e0361015605349d3aefb82cf3f45bb9e88", 0x2, r3}, 0x38)

1.914973338s ago: executing program 4 (id=1291):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r1}, 0x18)
sendmsg$xdp(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f190bf5274ad7ecef8d8d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac6db5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffc90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07cf66b696d83af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2", 0x3e3}, {&(0x7f00000003c0)="847839fc378469d5765bd74a8532b82037b02c9e", 0x14}], 0x3}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)

1.877464498s ago: executing program 4 (id=1293):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x40010)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Di', 0x0)

1.727197499s ago: executing program 0 (id=1297):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='mm_khugepaged_scan_pmd\x00', r0, 0x0, 0x401}, 0x18)
close(0xffffffffffffffff)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000840)="01000100ec85000000001000015b097ead85847817353d2dbad05dd5", 0x1c, 0xfffffffffffffffd)

1.658395009s ago: executing program 0 (id=1298):
r0 = socket$kcm(0x10, 0x2, 0x0)
epoll_create1(0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
close(r3)
ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000340)=ANY=[@ANYRES16=r1, @ANYRES32=r1])
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), r4)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x20000010)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r6)
socket(0x10, 0x803, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="2e00000011008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x40840)
r7 = signalfd4(r0, &(0x7f0000000200), 0x8, 0x80000)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@map=r7, 0xa, 0x1, 0x1, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0]}, 0x40)

1.5955596s ago: executing program 0 (id=1299):
r0 = syz_io_uring_setup(0x5f4b, &(0x7f0000000100)={0x0, 0x1568, 0x10000, 0x2, 0x285}, &(0x7f0000000040)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='mm_page_free\x00', r4, 0x0, 0x1000000}, 0x18)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}})
io_uring_enter(r0, 0x29ab, 0xd480, 0x0, 0x0, 0x0)

1.57861574s ago: executing program 2 (id=1300):
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x1c, &(0x7f0000000480)=[@in6={0xa, 0x4e23, 0x200, @private1, 0xd968}]}, &(0x7f0000000240)=0x10)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000b00)=0x1200)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xdb, '\x00', 0x0, @tracing=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x300, 0x198, 0xffffffff, 0xffffffff, 0x198, 0xffffffff, 0x268, 0xffffff7a, 0xffffffff, 0x268, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'veth1\x00', 'veth0_to_team\x00', {}, {}, 0x0, 0x0, 0x41}, 0x6, 0x130, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "00000100cbd047da9ca965f96ad5801f0514d363ee84bb895919d9490f6785fba3c4a44f1e25ecefef2a2d6054f5260ece5ce1a56a5ef73be11d65bfe8c37674024c183ebacdf741cea92ded3a9ca54de15dd9ec8ef62f9e000000000000000000ffffff7f00", 0x7d}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x2, 0x0, 'snmp_trap\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x360)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0)
r7 = shmget(0x0, 0x2000, 0x2c000400, &(0x7f0000fae000/0x2000)=nil)
shmctl$IPC_RMID(r7, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
fcntl$setlease(r8, 0x400, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000400)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x0, 0x56a, 0x12, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x6, 0xd0, 0x5, [{{0x9, 0x4, 0x0, 0xdc, 0x2, 0x3, 0x1, 0x3, 0x9, {0x9, 0x21, 0x2, 0x7f, 0x1, {0x22, 0x8e4}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0xd, 0x4, 0x9}}, [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x10, 0x6, 0x8}}]}}}]}}]}}, &(0x7f00000009c0)={0xa, &(0x7f0000000640)={0xa, 0x6, 0x250, 0x5, 0xc4, 0x9, 0x8, 0x4}, 0x49, &(0x7f00000006c0)={0x5, 0xf, 0x49, 0x4, [@ss_container_id={0x14, 0x10, 0x4, 0x1, "d874f8dccad3f29d8bd54aa2151e134e"}, @ptm_cap={0x3}, @ssp_cap={0xc, 0x10, 0xa, 0x7, 0x0, 0x10, 0x8, 0x3ff}, @generic={0x21, 0x10, 0xa, "d21a4fcde2f66efdd6b8d405df9d3680aeb3757b289842aa89a277194274"}]}, 0x4, [{0x4, &(0x7f0000000740)=@lang_id={0x4, 0x3, 0xa8b5}}, {0xb2, &(0x7f0000000800)=@string={0xb2, 0x3, "1f278398bd7a07b6b1d25c563a2b920a251a14d8ed43c3a2bb7c9e415e249d71f2808dc386c40e0ea57c99d886805f9733abaa004fe8b2fff6a8c4f07490dcbf549fd914d46344ac261a397596a5cede2e962317512e51b0d821ced5f5000b869dd3b5b828c8f02e2ee6397aacd0d768ea69cdd7d6621f4068b3cb40d582fd3a4c75a07a62383375c195824e979e1d7de783ac0ab6a0fac5827dd942bd2a6d9bf8e4f5652f35a7c22b68d1c49c1a94b4"}}, {0xd9, &(0x7f00000008c0)=@string={0xd9, 0x3, "c12b3f049a0ccc6d9242e0fb072416a141d1fd2c0e8b31bce7efc30213f25f15ced9bddb37ee6911f01c4fd0687f64d31fe58b00d8075947282b137b6e9e157110cdc82b7fed3fb144ef60d8d45a0d8cf9f262ad92f6995f5df2a03f0124eed733be1c75c9bcf01c389fb5f43d9848a76fa0a526fb11a31770f50aea9dfc58121d84b928789d2498e82bf28edd3405179f281c631d1d5ef78c2932172ff2c9e246e11fb330ac6fc61e0a7bb0464b058b38471b29a961273b346a9d31887d0bb5026378ecd4cdec8a21b13f0f639b64de493da16d2a44ad"}}, {0x4, &(0x7f0000000780)=@lang_id={0x4, 0x3, 0x1c01}}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
inotify_init()

1.54280974s ago: executing program 0 (id=1301):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mtu(r2, 0x0, 0xa, &(0x7f0000000080)=0x3, 0x4)
sendto$inet(r2, &(0x7f0000000040)="0e00", 0xffec, 0x0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)

1.51895296s ago: executing program 0 (id=1302):
r0 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYRES8=r0, @ANYRES16=r0, @ANYBLOB="01002cbd701004000005123db69efb888bcc0000002ed180661c1d608af6871a9e1d67516701f9718ed7955f252f327fa6f8c1b771ef05a097964109f7132fc4b1c748b578e10c5e2b64fef4767f6f7280eaa220335b44cc760ecb77bdcb3cac01fb949bddff05000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4008810}, 0x20004031)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x25c, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
syz_usb_connect(0x0, 0x1e1, &(0x7f0000000600)={{0x12, 0x1, 0x250, 0xfa, 0x3f, 0xb3, 0x10, 0x403, 0xa54b, 0xe38b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1cf, 0x1, 0x4, 0x2, 0x0, 0xfe, [{{0x9, 0x4, 0xad, 0x5c, 0x6, 0xbc, 0xbb, 0x75, 0x8, [], [{{0x9, 0x5, 0x80, 0x0, 0x400, 0x7f, 0x3, 0xbc, [@generic={0xd, 0x8, "0d89d33289452b629bfe81"}]}}, {{0x9, 0x5, 0x3, 0x1, 0x10, 0x0, 0x2, 0x6}}, {{0x9, 0x5, 0x2, 0x0, 0x40, 0x8, 0x7, 0x3}}, {{0x9, 0x5, 0x3, 0x0, 0x8, 0x0, 0xfd, 0x1}}, {{0x9, 0x5, 0xd, 0x10, 0x400, 0x7, 0x8, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xd3, 0x401}, @generic={0xd0, 0xf, "a1b60bd9f45adc02872a7f8fdf60d105104bdcf92d6e6491a319c74fa056d9e00821238e70f10bf45038176efca2882f61f9f709c3537fb7f21a55f8f8ade1bc2c3ff1b93c4d569b989aff031acacae7600927df2932167617055f38f6aee542c1e94d9ae6b2fcb8bf90a8a43d4ae5f5f5dd27e1a8c6915cc30db0a4b741a334c7ef155e6fae677c0200e928f55845cc1990af35e523fce2b53647019a081b14ea5915db8884bb63a45e498132c5f715e33ac77ff588135c310fee503a4de28d5a5725ab9f61763b36df60101107"}]}}, {{0x9, 0x5, 0x2, 0x2, 0x20, 0x3, 0x2, 0x4, [@generic={0xa3, 0x21, "bc1c3d101ff3ea7f1fdccd62caa5f7e1f0a4b5a2337447152cf86c5ed1569148fb1e6aba9a14cd43b8a1be5928dfd54c5f3dd613361fd80f4f715c393d1203075c27a8e9ffe3d10717eed6bf9f9a01d21882e2c2327b72326b00d9c2b18bbee6dd54a55c91a074dcb5497c576c93daa5c184f814a8fc1c2101b5439934862059bc946c7200ce8020e1d8fb1b09c331ffbfd27bfcb739701ba87719ba33178bc85b"}]}}]}}]}}]}}, &(0x7f00000003c0)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x310, 0x1, 0x0, 0x4, 0x8, 0x8}, 0x2f, &(0x7f0000000180)={0x5, 0xf, 0x2f, 0x3, [@wireless={0xb, 0x10, 0x1, 0x8, 0x80, 0x0, 0x2, 0x9, 0xe0}, @ssp_cap={0x1c, 0x10, 0xa, 0xe, 0x4, 0x2, 0x0, 0xfffc, [0xc000, 0x0, 0xf, 0xffc000]}, @ptm_cap={0x3}]}, 0x3, [{0x4e, &(0x7f0000000280)=ANY=[@ANYBLOB="4e03b8171a2cca1c1a3dbe2553324aa5bff2c9d1765fd1a336430ac9915ddd2607e728e17b0aab26deb546e93264cf633e34c1994d547d20a7c1b5a8bf7c84793d54668c460361ec301a9d47af5a"]}, {0xbd, &(0x7f0000000300)=@string={0xbd, 0x3, "4a19db1f7133e37bfc9b650035cb8a8c130da993d14cf41cfc45c4cd6bf8d743746190ee365ebc2aada18fa73ba9f3ad68fe13b255321ba69226f45b48db9ce5a8c4018a1cf40ae73b1ddfdd291e3bf7f2eb26d770ca73520b88f46ea2558f184a834deede3449573d7d42465ce7e3296f119da690c17c6e119e4186f147ff92205f9f35488a86bc213c4e6e0f98cd9c384a0e815666ba33aaec84274a1699c8ce0009b9b45199a514685829f5994f7895b4255986825432c5f205"}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x100c}}]})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x103c41, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r6=>0x0})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800"/12, @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000f00)='kfree\x00', r8}, 0x18)
syz_read_part_table(0x5eb, &(0x7f0000000f00)="$eJzs2zFo1FccB/DfxRwHSnFxclIHKcVFcfQoKnenohBOsxQpBhQRbzpBOOlBig56FMUbxG4uVrhF7ZTLDZkSEsjUIYQMKYEMWVqSJZClV+7yCm1KSq8kBeHz4eDHe//f/33fO976Dz5pQ/Frt9vNRET3p4gDA7492ioULx8bOV++EZGJmxHx9fef/9B7kkkd3dx2PZHGy2n89s3BzrONS9nW0vXNk7emG0N/LDne/8Whd+3RPTge++x9fubw4yfV0vNa/t5iqb76dGH+2of1Qrl9tdH8eCV78Xbqm011ONUHUYtHcT/GYji+jTtR3WX97wbMf91aOZ09WmpN3D23Vey8mDrT7xr0Xv97vfz+hY2IXv7D4y+/atYvnPrxyKuztcm58lqKruR2vjm2b3sCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/y8bM4cdPqqXntfy9xVJ99enC/LUP64Vy+2qj+fFK9uLt1Deb6nCqD6IWj+J+jEUlKnEnqrsmfPbnQW7n0/f5v+a/bq2c/u1oqTVx99xWsfNi6kzqG9mj8/5DfreX//D4yy+b9Qunckdena1NzpXXDmz3Vf628+j/ewAAAAAAAAAAAAAAAAAAALAXCsXLx0bOl29EZOJmRHzxyzdDvflu+t49k/pOpLqc5t++Odh5tnEp21q6vnny1nTj5zQ/HpkYj4hD79qj//thGNjvAQAA//8Pi5HU")
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000013c0)=@newtfilter={0x88c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xd}, {}, {0x7, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x854, 0x2, [@TCA_BASIC_POLICE={0x850, 0x4, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x7ff}, @TCA_POLICE_TBF={0x3c, 0x1, {0x6, 0x10000000, 0x92, 0x5, 0x9bc, {0x2, 0x2, 0x4, 0x9, 0xff, 0x3}, {0x2, 0x1, 0x8, 0x9, 0x80, 0x8e}, 0x1, 0x4, 0x6}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x800, 0x2, 0x5, 0x4, 0x0, 0xfffffc00, 0xb80, 0x7, 0xee13, 0x4, 0x6, 0x3, 0x5, 0x2, 0xc0f9, 0x9e60, 0x10001, 0x4, 0x5, 0x1, 0x9, 0x9a, 0x7, 0x6, 0x2, 0x0, 0xfffffffc, 0x8, 0x8, 0x9, 0x0, 0x619d, 0x37, 0x39, 0x2, 0x3ff, 0x800, 0x559, 0x4, 0x101, 0x7, 0xfffffffe, 0x2, 0x9, 0xffff, 0x2, 0x3, 0x0, 0x800, 0x8, 0x0, 0x9, 0xfffffffb, 0x9, 0x2, 0xa55b, 0x0, 0x400, 0x1, 0x3, 0x25, 0x7, 0x1, 0x1, 0xd, 0x10001, 0x5, 0xfffffffe, 0x72a2c416, 0xfffffff7, 0x9, 0x3d, 0x4, 0x3, 0x4, 0x1, 0x7, 0x4, 0x92, 0x401, 0x3, 0xfffffff7, 0x0, 0x1, 0xd6f, 0x8, 0x80000001, 0x401, 0x2, 0x8, 0x3, 0xd9, 0x0, 0xfffffffd, 0x4, 0x7f4, 0x2, 0xfffffbf8, 0x0, 0x9, 0x4, 0x6, 0x4, 0xfffffff7, 0x0, 0xfb, 0x9, 0x6, 0x400, 0xfc000000, 0x400, 0x7, 0x7, 0x6f1, 0x1, 0x5, 0x7, 0x7fffffff, 0x401, 0xffffffff, 0x4, 0x10, 0xfffffff7, 0x6, 0x964, 0x5, 0x8, 0x101, 0x6, 0xff, 0x1, 0x2, 0x4a, 0x10001, 0xffff, 0x0, 0x14, 0x200, 0xfff, 0x100, 0xc, 0x9, 0x9, 0x0, 0x0, 0x1, 0x8000000, 0x6, 0x0, 0x9a7c, 0x3ff, 0x3, 0x3, 0x0, 0x6, 0x9, 0x3, 0x43, 0x80000000, 0x3, 0xffffffff, 0x1, 0x9, 0x8, 0x5, 0xefd2, 0x795, 0x5, 0x1ff, 0x5, 0x3, 0xffffffff, 0x5, 0x2, 0xc, 0x1e, 0x1, 0x1, 0x8001, 0x200, 0x8001, 0x7, 0x800, 0x5, 0x80000001, 0x0, 0x7fff, 0x8, 0x1d23, 0x7fff, 0x90, 0x5, 0xffffffff, 0xd, 0x3, 0x0, 0x5, 0x10, 0x9, 0x6, 0x9, 0x80000001, 0x2, 0x0, 0x0, 0x7010, 0xfffffe01, 0x2, 0x6, 0xc4e, 0xb, 0x5a, 0xe74, 0x9, 0x1, 0x3, 0x97df, 0x0, 0x2, 0x7, 0x1c, 0x9, 0x1, 0x8, 0x24, 0xfffffff8, 0x10000, 0xffff, 0x6, 0x8d5b, 0x7, 0x2, 0xfffffffd, 0x2, 0x8, 0x5, 0xc9, 0x0, 0x1, 0x4, 0x8, 0xc74, 0x800, 0x1, 0x8, 0x5, 0x6, 0x2, 0xfffffffa, 0x2b, 0x5, 0x8, 0x9, 0x1, 0x3, 0x9a]}, @TCA_POLICE_RATE={0x404, 0x2, [0x6, 0x3, 0xc396, 0x2, 0x2, 0x9, 0x2, 0xfffffff9, 0x8, 0x100, 0xff, 0x9, 0x4, 0x9, 0x0, 0xf, 0x5, 0x4, 0x4a96, 0x4, 0xffffffff, 0x5, 0x1000, 0x2, 0x2, 0x1, 0x6, 0x7, 0x9, 0x68a2, 0x6, 0x7, 0x3, 0x4, 0x7, 0x7ff, 0x2, 0x4, 0xfffffff9, 0x6, 0x7, 0x1, 0x5, 0xffffff7f, 0x6e, 0x0, 0x5, 0x0, 0x3, 0x9674, 0x9, 0x401, 0x7, 0x5, 0x5, 0x101, 0x5, 0x6, 0xa8e, 0xfe, 0xa9, 0x60, 0x80000001, 0x5, 0x1, 0x401, 0x800, 0x5, 0x6, 0x6, 0x9, 0x0, 0x2, 0xc32, 0x6, 0xfffffff8, 0x9, 0x1, 0x3, 0x77a, 0x7, 0x7, 0x31, 0x9, 0x4, 0x6, 0x5, 0xa58, 0x8, 0xffff, 0x8000, 0x9, 0x6, 0x2, 0x1, 0x0, 0x1, 0x2, 0x0, 0xa, 0xe1f, 0x7, 0xfffffffd, 0x1, 0xc4, 0x2, 0x80000001, 0x28, 0xe, 0xff, 0x4cd2, 0xfffffffa, 0x6e, 0xff, 0x0, 0x2, 0x57c6, 0x8, 0x80000001, 0x7, 0x7, 0x2, 0x3ff, 0x6, 0x5, 0x81a, 0x3, 0x5, 0x3, 0x8, 0xac54, 0x9, 0x9, 0x91, 0x9, 0x8, 0x800, 0x2, 0x3, 0x7, 0x4, 0x10, 0xfffffffb, 0x7ff, 0xfffffff8, 0x7, 0x1, 0x8, 0x1, 0x6, 0x4000000, 0x2026ee35, 0x0, 0x7fffffff, 0xfffffffc, 0x1, 0x4, 0x6, 0xf, 0x9, 0x1, 0xc, 0x4, 0xc166, 0x6, 0x101, 0xfffff466, 0x0, 0x0, 0x8, 0x8, 0x6, 0x27, 0xe5f, 0x8, 0xe0, 0x4, 0xfffffffd, 0x1, 0x247800, 0x0, 0xa6f7, 0x2, 0x5, 0xf, 0x0, 0x9, 0x9, 0x9, 0x2, 0x2, 0xb91, 0x401, 0x73a7, 0x0, 0xa9fd, 0x4, 0x0, 0x10001, 0x0, 0xff, 0xfffffff3, 0x2, 0xb8ec, 0x8, 0x1, 0x8, 0xb, 0x7fff, 0x0, 0xa2a, 0xe, 0x80000001, 0x10000, 0x17c3, 0x1, 0x1, 0x80000000, 0x8, 0x7e54, 0x2, 0xe6, 0x9, 0x5b, 0x9, 0x2, 0x3, 0x1, 0xd25, 0x3, 0xa, 0x8, 0x0, 0xdd55, 0x6, 0x1, 0x400, 0x4, 0x8, 0xe8, 0x8bef, 0x4, 0x400, 0x2, 0x2, 0x1, 0x6, 0x3fb9, 0x7, 0x5, 0x4, 0x0, 0x62e0, 0x9, 0x3, 0x4]}]}]}}, @TCA_RATE={0x6, 0x5, {0x1, 0x2}}]}, 0x88c}, 0x1, 0x0, 0x0, 0x20041090}, 0xd0)
keyctl$session_to_parent(0x12)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x24002de8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x6, 0x5635}]})
recvmsg(0xffffffffffffffff, 0x0, 0x12020)
setreuid(0xee00, 0x0)
keyctl$session_to_parent(0x12)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f0000000380)={0x0, @in6={{0xa, 0x4e24, 0xd9, @remote, 0x100}}, 0x81, 0xac5, 0x100, 0x8000, 0x7}, &(0x7f0000000540)=0x98)
flock(r3, 0x5)
r9 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r9, 0x1)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x51031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)

1.259142112s ago: executing program 1 (id=1304):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='+}[@\x00G5\v\x89n\xb2\x0e\xb7\xb4\x9a\xb3\xb9\xe1\xff@`\x87\xefy\xb7\xe0\xe6c\x91\x81ND\t3\xc4\xca\xf0\xd0Zp\xadbdY\xdcz\xc6lo\xd0\xc7\'CT')
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0x0, @ANYBLOB='\x00'/21], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r1}, 0x10)
setgroups(0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20004810)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
unshare(0x600)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d0001007564703aa3"], 0x54}}, 0x0)

1.206127333s ago: executing program 1 (id=1305):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r2)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_WOL_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000000000001b0000000c00018008000100", @ANYRES32=r5], 0x20}}, 0x0) (fail_nth: 4)

896.679674ms ago: executing program 1 (id=1306):
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000200000000000000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001180)=[{{&(0x7f00000000c0)={0xa, 0x4e24, 0x8, @local, 0x3}, 0x1c, 0x0, 0x0, &(0x7f0000000580)=[@dstopts_2292={{0x18, 0x29, 0x4, {0x33}}}, @dstopts_2292={{0x18}}], 0x30}}], 0x1, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

896.115814ms ago: executing program 1 (id=1307):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x18)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{0x0}], 0x1}}], 0x1, 0x24008094)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvfrom$unix(r3, &(0x7f0000000140)=""/263, 0x107, 0x0, 0x0, 0x0)

599.323256ms ago: executing program 4 (id=1310):
r0 = msgget$private(0x0, 0x0)
syz_io_uring_setup(0x380a, &(0x7f0000000140)={0x0, 0x729, 0x3010, 0x0, 0x8000001}, &(0x7f0000000100), &(0x7f0000000480)=<r1=>0x0)
r2 = epoll_create(0xaf2)
epoll_pwait(r2, &(0x7f00000002c0)=[{}], 0xfc, 0x80000001, 0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000ac0)='.\x00', &(0x7f0000000b00), 0x400008, 0x0)
msgrcv(r0, 0x0, 0x0, 0xa64c2a520a4acd8f, 0x2000)
msgsnd(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1a0092e556113374"], 0x8, 0x800)
msgctl$IPC_SET(r0, 0x1, &(0x7f00000004c0)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x6}, 0x0, 0x0, 0xfffffffffffffffe, 0x10001, 0xfffffffffffffffe, 0xf, 0x1, 0xd, 0xd1, 0x2})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRESDEC, @ANYRESDEC=r0, @ANYRESHEX=r1, @ANYRES32=<r5=>r2, @ANYRES8=r4], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x100, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_IMMEDIATE_DATA={0x28, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x22, 0x1, "405cb3665406e3c7bc4071006dfc7dea5999db07b14863d93b4cf31e2096"}]}]}}}]}, @NFTA_RULE_EXPRESSIONS={0x94, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @rt={{0x7}, @void}}, {0x10, 0x1, 0x0, 0x1, @target={{0xb}, @void}}, {0x10, 0x1, 0x0, 0x1, @payload={{0xc}, @void}}, {0x10, 0x1, 0x0, 0x1, @objref={{0xb}, @void}}, {0x54, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x7ff}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0xfff80000}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x5ae99a296e280245}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_NG_TYPE={0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x128}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
getresuid(&(0x7f0000000380), &(0x7f00000003c0)=<r7=>0x0, &(0x7f0000000440))
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x8080, &(0x7f0000000600)={[{@uid={'uid', 0x3d, r7}}, {@mode={'mode', 0x3d, 0x800}}, {@gid}], [{@dont_appraise}, {@subj_type={'subj_type', 0x3d, '&.-'}}, {@subj_type={'subj_type', 0x3d, 'xfrm\x00'}}]})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=ANY=[@ANYBLOB="440000030000000900020073797a310000000005000100070000001c0007800c00018008000140ffffffff0c00148008000140177a88828023c02c5a4e2eb71c9f45de30910a01b23c622800"/88], 0x44}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x15, 0xb, &(0x7f0000000580)=ANY=[@ANYRESDEC=r5], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)

382.936067ms ago: executing program 3 (id=1315):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='+}[@\x00G5\v\x89n\xb2\x0e\xb7\xb4\x9a\xb3\xb9\xe1\xff@`\x87\xefy\xb7\xe0\xe6c\x91\x81ND\t3\xc4\xca\xf0\xd0Zp\xadbdY\xdcz\xc6lo\xd0\xc7\'CT')
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0x0, @ANYBLOB='\x00'/21], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r1}, 0x10)
setgroups(0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20004810)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
unshare(0x600)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff53a2513743897e44000d0001007564703aa3"], 0x54}}, 0x0)

365.916797ms ago: executing program 3 (id=1316):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0, 0x0, 0x2}, 0x18)
getpid()
r1 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setns(r1, 0x66020000)
mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
umount2(&(0x7f0000000040)='.\x00', 0x2)
fadvise64(0xffffffffffffffff, 0x7f, 0x1000000, 0x4)

349.625438ms ago: executing program 3 (id=1317):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x80}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfc, 0x2bfffdffd}, 0xc)
close(r1)

334.330017ms ago: executing program 3 (id=1318):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x7}, 0x18)
syz_emit_ethernet(0x3e, &(0x7f0000000240)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr=0x64010101, @local}, @time_exceeded={0x80, 0x0, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x12, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, @loopback, @multicast2}}}}}}, 0x0)

318.328038ms ago: executing program 3 (id=1319):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r1}, 0x18)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@access_uid}]}})

181.560398ms ago: executing program 3 (id=1320):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x40010)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Di', 0x0)

559.77µs ago: executing program 1 (id=1321):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000280)={0x11, @multicast1, 0x4c23, 0x0, 'wrr\x00', 0x17, 0x8, 0x4002b}, 0x2c)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x5ffffff}, 0x9)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
getgroups(0x9, &(0x7f0000000240)=[0xee01, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xee00, 0x0])

0s ago: executing program 1 (id=1322):
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000040)=ANY=[], 0xa)
r0 = syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x4, 0x127d, &(0x7f00000011c0)="$eJzs3U1rJMUfB/DfJJPH/SeTv66ruyAWelGEcZODJy9BdkEMKNEsqKdeM9EhkwcyQyAi7njyJPgyRD16E8Q3kIsXz4IgkovHPYgtyUw085BsYjIJyOdz6aK6vlXV6U5DD1303itfrK2u1MsrWSOGCoUobo5E8WGKFEMxHC3NeOHeTz8//dY7774+v7BwZzGlu/Nvz76cUpp+5vv3Pv7m2R8a1+59O/3dWOzODO39PvfL7o3dm3t/fh3VeqrW0/pGI2Xp/sZGI7tfq6Tlan21nNKbtUpWr6Tqer2y1bF/pbaxubmTsvXlqcnNrUq9nrL1nbRa2UmNQmps7aTsg6y6nsrlcpqaDM5j6auHeZ5H5PlIjEae5/lETMa1+F9MxXSUYib+H4/F43E9nogb8WQ8FTcPWl31vAEAAAAAAAAAAAAAAAAAAOC/5RHr/wvW/wMAAAAAAAAAAAAAAAAAAMDgda//L0b4/j8AAAAAAAAAAAAAAAAAAABcskd8/79r/f+L1v8DAAAAAAAAAAAAAAAAAADAIIy3NospjUesfba9tL3U2rbq51eiGrWoxO0oxR9xsPq/pVW++9rCndvpwEy8tPagnX+wvTTcmZ8dKcVMoW9+diIiUkqd+bGYPJqfi1Jc7z/+XGv8rvx4PP/cfv7TVr4cpfjx/diIWixHFNpHf5D/ZDalV99YmOjM39pvd6zhAZ8WAAAAuEjl9Lfe5/dmu1Hf/a1d7efz1G5ZOOH3ga7n82LcKl7VUXOovvPRalarVbb+ZWH0+H5Gz9dzT6EQEVkcrZme/HVxf/BT9nN4uV3QfI4Uhi+6wxMLIye3Occ5jeKp/5gDKkSzuyYvRZy1n9++PFIzfub4+QpD7cssqzVPfbFFM88HOrG+/4xjJ6WOv2cUBnxP4vL8c9KveiYAAAAAAAAAAACcRd+3/yYioud9wA97ag5fD++M9/Z8/OifX8IRAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sQPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK8CAAD//w+Ty90=")
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095", @ANYRESOCT=r1, @ANYRES64=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'bridge_slave_1\x00'})
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
r5 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000300)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000540)='kmem_cache_free\x00', r8}, 0x14)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r5, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000500), 0x4)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000030605000000000000000000000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r9, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0x44}], 0x1, 0x8000, 0x0)

kernel console output (not intermixed with test programs):

x191e/0x3000
[   50.741222][ T4171]  do_syscall_64+0xd2/0x200
[   50.741241][ T4171]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   50.741274][ T4171]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   50.741430][ T4171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.741450][ T4171] RIP: 0033:0x7fc676cdf6c9
[   50.741466][ T4171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.741541][ T4171] RSP: 002b:00007fc67573f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   50.741558][ T4171] RAX: ffffffffffffffda RBX: 00007fc676f35fa0 RCX: 00007fc676cdf6c9
[   50.741569][ T4171] RDX: 0000000034004811 RSI: 0000200000000080 RDI: 0000000000000003
[   50.741579][ T4171] RBP: 00007fc67573f090 R08: 0000000000000000 R09: 0000000000000000
[   50.741615][ T4171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.741629][ T4171] R13: 00007fc676f36038 R14: 00007fc676f35fa0 R15: 00007ffeb627d208
[   50.741650][ T4171]  </TASK>
[   50.995025][ T3709] tipc: Node number set to 2886997007
[   51.065361][ T4182] netlink: 4 bytes leftover after parsing attributes in process `syz.3.232'.
[   51.081449][ T4184] netlink: 44 bytes leftover after parsing attributes in process `syz.2.233'.
[   51.090533][ T4179] loop0: detected capacity change from 0 to 1024
[   51.105778][ T4179] EXT4-fs: Ignoring removed orlov option
[   51.106539][ T4184] bridge1: entered promiscuous mode
[   51.115319][ T4179] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.116738][ T4184] bridge1: entered allmulticast mode
[   51.135816][ T4184] team0: Port device bridge1 added
[   51.288769][ T4208] loop4: detected capacity change from 0 to 8192
[   51.355760][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.366033][ T4210] netlink: 12 bytes leftover after parsing attributes in process `syz.4.238'.
[   51.426220][ T4214] team0 (unregistering): Port device team_slave_0 removed
[   51.435349][ T4214] team0 (unregistering): Port device team_slave_1 removed
[   51.447603][ T3709] syz!: Port: 1 Link DOWN
[   51.464472][ T4212] loop0: detected capacity change from 0 to 8192
[   51.524317][    C0] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.548856][ T4224] netlink: 12 bytes leftover after parsing attributes in process `syz.0.239'.
[   51.718264][ T4235] FAULT_INJECTION: forcing a failure.
[   51.718264][ T4235] name failslab, interval 1, probability 0, space 0, times 0
[   51.731032][ T4235] CPU: 0 UID: 60928 PID: 4235 Comm: syz.3.247 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   51.731055][ T4235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   51.731068][ T4235] Call Trace:
[   51.731075][ T4235]  <TASK>
[   51.731084][ T4235]  __dump_stack+0x1d/0x30
[   51.731172][ T4235]  dump_stack_lvl+0xe8/0x140
[   51.731199][ T4235]  dump_stack+0x15/0x1b
[   51.731244][ T4235]  should_fail_ex+0x265/0x280
[   51.731263][ T4235]  should_failslab+0x8c/0xb0
[   51.731298][ T4235]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   51.731338][ T4235]  ? sidtab_sid2str_get+0xa0/0x130
[   51.731436][ T4235]  kmemdup_noprof+0x2b/0x70
[   51.731470][ T4235]  sidtab_sid2str_get+0xa0/0x130
[   51.731532][ T4235]  security_sid_to_context_core+0x1eb/0x2e0
[   51.731572][ T4235]  security_sid_to_context+0x27/0x40
[   51.731610][ T4235]  selinux_lsmprop_to_secctx+0x67/0xf0
[   51.731771][ T4235]  security_lsmprop_to_secctx+0x1a3/0x1c0
[   51.731801][ T4235]  audit_log_subj_ctx+0xa4/0x3e0
[   51.731892][ T4235]  ? skb_put+0xa9/0xf0
[   51.731971][ T4235]  audit_log_task_context+0x48/0x70
[   51.732000][ T4235]  audit_log_task+0xf4/0x250
[   51.732053][ T4235]  audit_seccomp+0x61/0x100
[   51.732093][ T4235]  ? __seccomp_filter+0x82d/0x1250
[   51.732164][ T4235]  __seccomp_filter+0x83e/0x1250
[   51.732196][ T4235]  ? set_dumpable+0xb5/0x150
[   51.732215][ T4235]  ? key_fsuid_changed+0x80/0x90
[   51.732237][ T4235]  __secure_computing+0x82/0x150
[   51.732269][ T4235]  syscall_trace_enter+0xcf/0x1e0
[   51.732356][ T4235]  do_syscall_64+0xac/0x200
[   51.732377][ T4235]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   51.732470][ T4235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.732487][ T4235] RIP: 0033:0x7fae3950e0dc
[   51.732500][ T4235] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   51.732515][ T4235] RSP: 002b:00007fae37f77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   51.732534][ T4235] RAX: ffffffffffffffda RBX: 00007fae39765fa0 RCX: 00007fae3950e0dc
[   51.732548][ T4235] RDX: 000000000000000f RSI: 00007fae37f770a0 RDI: 0000000000000006
[   51.732560][ T4235] RBP: 00007fae37f77090 R08: 0000000000000000 R09: 0000000000000000
[   51.732575][ T4235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   51.732592][ T4235] R13: 00007fae39766038 R14: 00007fae39765fa0 R15: 00007ffeb3aee358
[   51.732616][ T4235]  </TASK>
[   51.997964][ T4238] loop1: detected capacity change from 0 to 512
[   52.024796][ T4238] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.039312][ T4241] loop3: detected capacity change from 0 to 1024
[   52.046635][ T4241] EXT4-fs: Ignoring removed orlov option
[   52.100725][ T4241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.130348][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.176682][ T4253] FAULT_INJECTION: forcing a failure.
[   52.176682][ T4253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.189816][ T4253] CPU: 1 UID: 0 PID: 4253 Comm: syz.2.254 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.189913][ T4253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   52.189927][ T4253] Call Trace:
[   52.189933][ T4253]  <TASK>
[   52.189940][ T4253]  __dump_stack+0x1d/0x30
[   52.189964][ T4253]  dump_stack_lvl+0xe8/0x140
[   52.190004][ T4253]  dump_stack+0x15/0x1b
[   52.190025][ T4253]  should_fail_ex+0x265/0x280
[   52.190069][ T4253]  should_fail+0xb/0x20
[   52.190086][ T4253]  should_fail_usercopy+0x1a/0x20
[   52.190109][ T4253]  _copy_to_user+0x20/0xa0
[   52.190137][ T4253]  simple_read_from_buffer+0xb5/0x130
[   52.190165][ T4253]  proc_fail_nth_read+0x10e/0x150
[   52.190302][ T4253]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   52.190370][ T4253]  vfs_read+0x1a8/0x770
[   52.190396][ T4253]  ? __rcu_read_unlock+0x4f/0x70
[   52.190424][ T4253]  ? __fget_files+0x184/0x1c0
[   52.190466][ T4253]  ksys_read+0xda/0x1a0
[   52.190494][ T4253]  __x64_sys_read+0x40/0x50
[   52.190552][ T4253]  x64_sys_call+0x27c0/0x3000
[   52.190581][ T4253]  do_syscall_64+0xd2/0x200
[   52.190602][ T4253]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.190637][ T4253]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   52.190701][ T4253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.190725][ T4253] RIP: 0033:0x7f2ac28ae0dc
[   52.190742][ T4253] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   52.190763][ T4253] RSP: 002b:00007f2ac130f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   52.190850][ T4253] RAX: ffffffffffffffda RBX: 00007f2ac2b05fa0 RCX: 00007f2ac28ae0dc
[   52.190864][ T4253] RDX: 000000000000000f RSI: 00007f2ac130f0a0 RDI: 0000000000000004
[   52.190878][ T4253] RBP: 00007f2ac130f090 R08: 0000000000000000 R09: 0000000000000000
[   52.190892][ T4253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.190929][ T4253] R13: 00007f2ac2b06038 R14: 00007f2ac2b05fa0 R15: 00007ffdb8e39638
[   52.191047][ T4253]  </TASK>
[   52.390285][ T4250] loop0: detected capacity change from 0 to 8192
[   52.432368][ T4257] tipc: Started in network mode
[   52.437358][ T4257] tipc: Node identity ac14140f, cluster identity 4711
[   52.464204][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.473788][ T4257] tipc: New replicast peer: 255.255.255.83
[   52.479668][ T4260] netlink: 12 bytes leftover after parsing attributes in process `syz.0.252'.
[   52.479676][ T4257] tipc: Enabled bearer <udp:£>, priority 10
[   52.525853][ T4264] netlink: 'syz.3.257': attribute type 1 has an invalid length.
[   52.533619][ T4264] netlink: 224 bytes leftover after parsing attributes in process `syz.3.257'.
[   52.552504][ T4266] tipc: New replicast peer: 255.255.255.83
[   52.558406][ T4266] tipc: Enabled bearer <udp:£>, priority 10
[   52.582830][ T4270] loop1: detected capacity change from 0 to 512
[   52.591032][ T4270] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   52.602607][ T4270] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   52.612790][ T4270] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.260: Corrupt directory, running e2fsck is recommended
[   52.626362][ T4270] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   52.637533][ T4273] netlink: 4 bytes leftover after parsing attributes in process `syz.3.262'.
[   52.648539][ T4270] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.260: corrupted in-inode xattr: invalid ea_ino
[   52.662063][ T4270] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.260: couldn't read orphan inode 15 (err -117)
[   52.691059][ T4270] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.715629][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.748046][   T29] kauditd_printk_skb: 794 callbacks suppressed
[   52.748060][   T29] audit: type=1400 audit(52.723:3047): avc:  denied  { watch watch_reads } for  pid=4272 comm="syz.3.262" path="/61" dev="tmpfs" ino=347 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   52.778406][   T29] audit: type=1326 audit(52.753:3048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4277 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   52.779444][ T4280] netlink: 'syz.0.264': attribute type 1 has an invalid length.
[   52.801145][   T29] audit: type=1326 audit(52.753:3049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4277 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   52.829386][   T29] audit: type=1326 audit(52.793:3050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4277 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   52.854134][   T29] audit: type=1326 audit(52.793:3051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4277 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   52.878078][   T29] audit: type=1326 audit(52.853:3052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4277 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   52.900821][   T29] audit: type=1326 audit(52.853:3053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4277 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   52.923431][   T29] audit: type=1326 audit(52.853:3054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4277 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   52.946204][   T29] audit: type=1326 audit(52.853:3055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4277 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   52.970531][   T29] audit: type=1326 audit(52.953:3056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4277 comm="syz.1.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   53.027295][ T4291] netlink: 'syz.2.267': attribute type 1 has an invalid length.
[   53.048804][ T4291] 8021q: adding VLAN 0 to HW filter on device bond2
[   53.060003][ T4295] atomic_op ffff8881033e7528 conn xmit_atomic 0000000000000000
[   53.075323][ T4291] gretap1: entered promiscuous mode
[   53.080307][ T4295] loop9: detected capacity change from 0 to 7
[   53.089901][ T4291] bond2: (slave gretap1): making interface the new active one
[   53.098336][ T4291] bond2: (slave gretap1): Enslaving as an active interface with an up link
[   53.108371][ T4291] smc: net device bond0 applied user defined pnetid SYZ0
[   53.115718][ T4291] smc: net device bond0 erased user defined pnetid SYZ0
[   53.206206][ T4305] smc: net device bond0 applied user defined pnetid SYZ0
[   53.213903][ T4305] smc: net device bond0 erased user defined pnetid SYZ0
[   53.241224][ T4309] loop1: detected capacity change from 0 to 512
[   53.247730][ T4302] loop0: detected capacity change from 0 to 8192
[   53.260173][ T4308] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   53.267201][ T4309] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   53.282056][ T4309] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   53.292148][ T4309] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.274: Corrupt directory, running e2fsck is recommended
[   53.306828][ T4309] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   53.331041][ T4314] smc: net device bond0 applied user defined pnetid SYZ0
[   53.338700][ T4309] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.274: corrupted in-inode xattr: invalid ea_ino
[   53.357353][ T4314] FAULT_INJECTION: forcing a failure.
[   53.357353][ T4314] name failslab, interval 1, probability 0, space 0, times 0
[   53.370201][ T4314] CPU: 1 UID: 0 PID: 4314 Comm: syz.3.276 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.370226][ T4314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   53.370236][ T4314] Call Trace:
[   53.370241][ T4314]  <TASK>
[   53.370247][ T4314]  __dump_stack+0x1d/0x30
[   53.370266][ T4314]  dump_stack_lvl+0xe8/0x140
[   53.370364][ T4314]  dump_stack+0x15/0x1b
[   53.370379][ T4314]  should_fail_ex+0x265/0x280
[   53.370395][ T4314]  should_failslab+0x8c/0xb0
[   53.370422][ T4314]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   53.370534][ T4314]  ? __alloc_skb+0x101/0x320
[   53.370569][ T4314]  __alloc_skb+0x101/0x320
[   53.370614][ T4314]  netlink_alloc_large_skb+0xbf/0xf0
[   53.370650][ T4314]  netlink_sendmsg+0x3cf/0x6b0
[   53.370674][ T4314]  ? __pfx_netlink_sendmsg+0x10/0x10
[   53.370697][ T4314]  __sock_sendmsg+0x145/0x180
[   53.370732][ T4314]  ____sys_sendmsg+0x31e/0x4e0
[   53.370780][ T4314]  ___sys_sendmsg+0x17b/0x1d0
[   53.370824][ T4314]  __x64_sys_sendmsg+0xd4/0x160
[   53.370851][ T4314]  x64_sys_call+0x191e/0x3000
[   53.370877][ T4314]  do_syscall_64+0xd2/0x200
[   53.370893][ T4314]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   53.370921][ T4314]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   53.370952][ T4314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.370977][ T4314] RIP: 0033:0x7fae3950f6c9
[   53.370992][ T4314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.371009][ T4314] RSP: 002b:00007fae37f77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.371028][ T4314] RAX: ffffffffffffffda RBX: 00007fae39765fa0 RCX: 00007fae3950f6c9
[   53.371091][ T4314] RDX: 0000000000004000 RSI: 0000200000000080 RDI: 0000000000000006
[   53.371106][ T4314] RBP: 00007fae37f77090 R08: 0000000000000000 R09: 0000000000000000
[   53.371120][ T4314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.371133][ T4314] R13: 00007fae39766038 R14: 00007fae39765fa0 R15: 00007ffeb3aee358
[   53.371155][ T4314]  </TASK>
[   53.574405][ T4309] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.274: couldn't read orphan inode 15 (err -117)
[   53.575436][ T3396] tipc: Node number set to 2886997007
[   53.605242][ T4309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.630048][ T4319] tipc: New replicast peer: 255.255.255.83
[   53.635975][ T4319] tipc: Enabled bearer <udp:£>, priority 10
[   53.646387][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.696457][ T4323] loop1: detected capacity change from 0 to 8192
[   54.274625][ T4346] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   54.296489][ T4343] loop3: detected capacity change from 0 to 256
[   54.308598][ T4343] blktrace: Concurrent blktraces are not allowed on sg0
[   54.427139][ T4358] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   54.625824][ T4379] bond1: entered promiscuous mode
[   54.630888][ T4379] bond1: entered allmulticast mode
[   54.642710][ T4379] 8021q: adding VLAN 0 to HW filter on device bond1
[   54.726251][ T4379] bond1 (unregistering): Released all slaves
[   54.849851][ T4390] 9pnet_fd: Insufficient options for proto=fd
[   54.940907][ T4400] __nla_validate_parse: 8 callbacks suppressed
[   54.940920][ T4400] netlink: 20 bytes leftover after parsing attributes in process `syz.0.312'.
[   55.256016][ T4412] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   55.270209][ T4412] netlink: 'wg1': attribute type 6 has an invalid length.
[   55.350335][ T4412] loop2: detected capacity change from 0 to 512
[   55.365019][ T4412] EXT4-fs (loop2): orphan cleanup on readonly fs
[   55.384335][ T4412] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm wg1: EA inode hash validation failed
[   55.396410][ T4412] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   55.409567][ T4412] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm wg1: corrupted inode contents
[   55.422472][ T4412] EXT4-fs error (device loop2): ext4_dirty_inode:6517: inode #15: comm wg1: mark_inode_dirty error
[   55.433688][ T4412] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #15: comm wg1: corrupted inode contents
[   55.443245][ T4418] tipc: Enabling of bearer <udp:£€> rejected, already enabled
[   55.445540][ T4412] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2996: inode #15: comm wg1: mark_inode_dirty error
[   55.464370][ T4412] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2999: inode #15: comm wg1: mark inode dirty (error -117)
[   55.476454][ T4412] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[   55.486049][ T4412] EXT4-fs (loop2): 1 orphan inode deleted
[   55.492361][ T4412] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   55.648894][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.720794][ T4427] loop2: detected capacity change from 0 to 8192
[   56.042027][ T4436] netlink: 12 bytes leftover after parsing attributes in process `syz.2.321'.
[   56.260399][ T4440] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   56.695927][ T4445] loop3: detected capacity change from 0 to 8192
[   56.795825][ T4450] netlink: 12 bytes leftover after parsing attributes in process `syz.3.324'.
[   56.815729][ T4452] FAULT_INJECTION: forcing a failure.
[   56.815729][ T4452] name failslab, interval 1, probability 0, space 0, times 0
[   56.828451][ T4452] CPU: 0 UID: 0 PID: 4452 Comm: syz.1.327 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   56.828490][ T4452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   56.828504][ T4452] Call Trace:
[   56.828510][ T4452]  <TASK>
[   56.828518][ T4452]  __dump_stack+0x1d/0x30
[   56.828543][ T4452]  dump_stack_lvl+0xe8/0x140
[   56.828567][ T4452]  dump_stack+0x15/0x1b
[   56.828587][ T4452]  should_fail_ex+0x265/0x280
[   56.828701][ T4452]  should_failslab+0x8c/0xb0
[   56.828732][ T4452]  kmem_cache_alloc_noprof+0x50/0x480
[   56.828832][ T4452]  ? __proc_create+0x265/0x510
[   56.828853][ T4452]  ? do_user_addr_fault+0xd9e/0x1080
[   56.828878][ T4452]  __proc_create+0x265/0x510
[   56.828897][ T4452]  proc_create_data+0xa3/0x130
[   56.829015][ T4452]  recent_mt_check+0x77e/0x8f0
[   56.829043][ T4452]  recent_mt_check_v0+0x67/0x90
[   56.829118][ T4452]  xt_check_match+0x2ad/0x4f0
[   56.829152][ T4452]  ? strnlen+0x28/0x50
[   56.829171][ T4452]  ? strcmp+0x22/0x50
[   56.829187][ T4452]  ? xt_find_match+0x1d1/0x210
[   56.829238][ T4452]  translate_table+0xa9c/0xf90
[   56.829333][ T4452]  ? _copy_from_user+0x89/0xb0
[   56.829365][ T4452]  do_ipt_set_ctl+0x66f/0x820
[   56.829433][ T4452]  ? _raw_spin_unlock_bh+0x36/0x40
[   56.829519][ T4452]  ? tcp_release_cb+0xf1/0x370
[   56.829555][ T4452]  nf_setsockopt+0x199/0x1b0
[   56.829582][ T4452]  ip_setsockopt+0x102/0x110
[   56.829635][ T4452]  tcp_setsockopt+0x98/0xb0
[   56.829729][ T4452]  sock_common_setsockopt+0x69/0x80
[   56.829807][ T4452]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   56.829838][ T4452]  __sys_setsockopt+0x184/0x200
[   56.829877][ T4452]  __x64_sys_setsockopt+0x64/0x80
[   56.829935][ T4452]  x64_sys_call+0x20ec/0x3000
[   56.829961][ T4452]  do_syscall_64+0xd2/0x200
[   56.829982][ T4452]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   56.830028][ T4452]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   56.830071][ T4452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.830096][ T4452] RIP: 0033:0x7fc676cdf6c9
[   56.830112][ T4452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.830131][ T4452] RSP: 002b:00007fc67573f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   56.830179][ T4452] RAX: ffffffffffffffda RBX: 00007fc676f35fa0 RCX: 00007fc676cdf6c9
[   56.830190][ T4452] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000005
[   56.830278][ T4452] RBP: 00007fc67573f090 R08: 00000000000003f0 R09: 0000000000000000
[   56.830288][ T4452] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000001
[   56.830299][ T4452] R13: 00007fc676f36038 R14: 00007fc676f35fa0 R15: 00007ffeb627d208
[   56.830321][ T4452]  </TASK>
[   57.224893][ T4462] tipc: New replicast peer: 255.255.255.83
[   57.230768][ T4462] tipc: Enabled bearer <udp:£€>, priority 10
[   57.298836][ T4471] netlink: 20 bytes leftover after parsing attributes in process `syz.1.334'.
[   57.443373][ T4481] netlink: 'syz.1.339': attribute type 1 has an invalid length.
[   57.650487][ T4506] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   57.664159][    C1] hrtimer: interrupt took 19137 ns
[   57.759891][ T4508] loop1: detected capacity change from 0 to 764
[   57.777882][   T29] kauditd_printk_skb: 1909 callbacks suppressed
[   57.777907][   T29] audit: type=1400 audit(57.753:4966): avc:  denied  { mount } for  pid=4507 comm="syz.1.348" name="/" dev="loop1" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   57.847233][ T4508] netlink: 4 bytes leftover after parsing attributes in process `syz.1.348'.
[   57.858830][ T4508] netlink: 12 bytes leftover after parsing attributes in process `syz.1.348'.
[   57.968073][   T29] audit: type=1400 audit(57.943:4967): avc:  denied  { mounton } for  pid=4507 comm="syz.1.348" path="/67/file2/file0" dev="loop1" ino=1862 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=file permissive=1
[   58.007356][ T4508] rock: directory entry would overflow storage
[   58.015466][ T4508] rock: sig=0x4f50, size=4, remaining=3
[   58.021289][ T4508] iso9660: Corrupted directory entry in block 6 of inode 1792
[   58.078966][   T29] audit: type=1400 audit(58.053:4968): avc:  denied  { unmount } for  pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   58.120697][   T29] audit: type=1326 audit(58.053:4969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ac28af6c9 code=0x7ffc0000
[   58.143365][   T29] audit: type=1326 audit(58.053:4970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ac28af6c9 code=0x7ffc0000
[   58.166059][   T29] audit: type=1326 audit(58.063:4971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f2ac28af6c9 code=0x7ffc0000
[   58.181368][ T4517] FAULT_INJECTION: forcing a failure.
[   58.181368][ T4517] name failslab, interval 1, probability 0, space 0, times 0
[   58.201301][ T4517] CPU: 1 UID: 0 PID: 4517 Comm: syz.1.351 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.201325][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.201370][ T4517] Call Trace:
[   58.201375][ T4517]  <TASK>
[   58.201382][ T4517]  __dump_stack+0x1d/0x30
[   58.201403][ T4517]  dump_stack_lvl+0xe8/0x140
[   58.201423][ T4517]  dump_stack+0x15/0x1b
[   58.201439][ T4517]  should_fail_ex+0x265/0x280
[   58.201458][ T4517]  should_failslab+0x8c/0xb0
[   58.201493][ T4517]  __kvmalloc_node_noprof+0x12e/0x670
[   58.201524][ T4517]  ? nf_hook_entries_grow+0x1c1/0x460
[   58.201617][ T4517]  ? rcu_segcblist_enqueue+0x92/0xb0
[   58.201650][ T4517]  nf_hook_entries_grow+0x1c1/0x460
[   58.201754][ T4517]  __nf_register_net_hook+0x18e/0x480
[   58.201775][ T4517]  nf_register_net_hook+0x88/0x130
[   58.201864][ T4517]  nf_register_net_hooks+0x44/0x150
[   58.201883][ T4517]  nf_ct_netns_do_get+0x188/0x380
[   58.201931][ T4517]  nf_ct_netns_get+0x87/0xc0
[   58.202016][ T4517]  xt_ct_tg_check+0x7d/0x660
[   58.202122][ T4517]  xt_ct_tg_check_v2+0x4a/0x60
[   58.202149][ T4517]  xt_check_target+0x28d/0x4c0
[   58.202182][ T4517]  ? strnlen+0x28/0x50
[   58.202200][ T4517]  ? strcmp+0x22/0x50
[   58.202259][ T4517]  ? xt_find_target+0x1cd/0x200
[   58.202293][ T4517]  translate_table+0xcf5/0x1070
[   58.202328][ T4517]  do_ip6t_set_ctl+0x678/0x840
[   58.202410][ T4517]  ? kstrtoull+0x111/0x140
[   58.202443][ T4517]  ? __rcu_read_unlock+0x4f/0x70
[   58.202476][ T4517]  nf_setsockopt+0x199/0x1b0
[   58.202503][ T4517]  ipv6_setsockopt+0x11a/0x130
[   58.202598][ T4517]  tcp_setsockopt+0x98/0xb0
[   58.202618][ T4517]  sock_common_setsockopt+0x69/0x80
[   58.202709][ T4517]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   58.202735][ T4517]  __sys_setsockopt+0x184/0x200
[   58.202774][ T4517]  __x64_sys_setsockopt+0x64/0x80
[   58.202827][ T4517]  x64_sys_call+0x20ec/0x3000
[   58.202898][ T4517]  do_syscall_64+0xd2/0x200
[   58.202922][ T4517]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.202957][ T4517]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.203010][ T4517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.203061][ T4517] RIP: 0033:0x7fc676cdf6c9
[   58.203076][ T4517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.203094][ T4517] RSP: 002b:00007fc67571e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   58.203117][ T4517] RAX: ffffffffffffffda RBX: 00007fc676f36090 RCX: 00007fc676cdf6c9
[   58.203181][ T4517] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[   58.203194][ T4517] RBP: 00007fc67571e090 R08: 0000000000000378 R09: 0000000000000000
[   58.203206][ T4517] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001
[   58.203217][ T4517] R13: 00007fc676f36128 R14: 00007fc676f36090 R15: 00007ffeb627d208
[   58.203239][ T4517]  </TASK>
[   58.322985][   T29] audit: type=1326 audit(58.113:4972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ac28af6c9 code=0x7ffc0000
[   58.503668][   T29] audit: type=1326 audit(58.113:4973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2ac28af6c9 code=0x7ffc0000
[   58.526354][   T29] audit: type=1326 audit(58.113:4974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ac28af6c9 code=0x7ffc0000
[   58.549115][   T29] audit: type=1326 audit(58.113:4975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.2.350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ac28af6c9 code=0x7ffc0000
[   58.622880][ T4519] 9pnet_fd: Insufficient options for proto=fd
[   58.663411][ T4523] FAULT_INJECTION: forcing a failure.
[   58.663411][ T4523] name failslab, interval 1, probability 0, space 0, times 0
[   58.676167][ T4523] CPU: 0 UID: 0 PID: 4523 Comm: syz.2.354 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.676270][ T4523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.676286][ T4523] Call Trace:
[   58.676291][ T4523]  <TASK>
[   58.676297][ T4523]  __dump_stack+0x1d/0x30
[   58.676320][ T4523]  dump_stack_lvl+0xe8/0x140
[   58.676343][ T4523]  dump_stack+0x15/0x1b
[   58.676439][ T4523]  should_fail_ex+0x265/0x280
[   58.676471][ T4523]  should_failslab+0x8c/0xb0
[   58.676501][ T4523]  __kmalloc_noprof+0xa5/0x570
[   58.676532][ T4523]  ? process_preds+0x30a/0x2bb0
[   58.676557][ T4523]  process_preds+0x30a/0x2bb0
[   58.676634][ T4523]  ? terminate_walk+0x27f/0x2a0
[   58.676667][ T4523]  ? path_openat+0x1bf8/0x2170
[   58.676693][ T4523]  ? avc_has_perm_noaudit+0x1b1/0x200
[   58.676765][ T4523]  ? should_fail_ex+0xdb/0x280
[   58.676781][ T4523]  ? ftrace_profile_set_filter+0xc2/0x1b0
[   58.676807][ T4523]  ? should_failslab+0x8c/0xb0
[   58.676890][ T4523]  ? __kmalloc_cache_noprof+0x249/0x4a0
[   58.676919][ T4523]  ftrace_profile_set_filter+0xff/0x1b0
[   58.676947][ T4523]  perf_ioctl+0x7b3/0x12e0
[   58.677022][ T4523]  ? ioctl_has_perm+0x289/0x2a0
[   58.677087][ T4523]  ? do_vfs_ioctl+0x866/0xe10
[   58.677112][ T4523]  ? selinux_file_ioctl+0x308/0x3a0
[   58.677223][ T4523]  ? __fget_files+0x184/0x1c0
[   58.677256][ T4523]  ? __pfx_perf_ioctl+0x10/0x10
[   58.677278][ T4523]  __se_sys_ioctl+0xce/0x140
[   58.677330][ T4523]  __x64_sys_ioctl+0x43/0x50
[   58.677379][ T4523]  x64_sys_call+0x1816/0x3000
[   58.677398][ T4523]  do_syscall_64+0xd2/0x200
[   58.677418][ T4523]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.677450][ T4523]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.677534][ T4523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.677555][ T4523] RIP: 0033:0x7f2ac28af6c9
[   58.677625][ T4523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.677644][ T4523] RSP: 002b:00007f2ac130f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   58.677662][ T4523] RAX: ffffffffffffffda RBX: 00007f2ac2b05fa0 RCX: 00007f2ac28af6c9
[   58.677676][ T4523] RDX: 0000200000000180 RSI: 0000000040082406 RDI: 0000000000000005
[   58.677690][ T4523] RBP: 00007f2ac130f090 R08: 0000000000000000 R09: 0000000000000000
[   58.677704][ T4523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.677717][ T4523] R13: 00007f2ac2b06038 R14: 00007f2ac2b05fa0 R15: 00007ffdb8e39638
[   58.677755][ T4523]  </TASK>
[   59.089249][ T4548] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0
[   59.103623][ T4544] loop0: detected capacity change from 0 to 1024
[   59.131587][ T4554] netlink: 12 bytes leftover after parsing attributes in process `syz.4.367'.
[   59.170742][ T4560] netlink: 96 bytes leftover after parsing attributes in process `syz.4.368'.
[   59.271072][ T4565] loop3: detected capacity change from 0 to 1024
[   59.278011][ T4565] EXT4-fs: Ignoring removed orlov option
[   59.294696][ T4565] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.319139][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.009170][ T4603] netlink: 8 bytes leftover after parsing attributes in process `syz.0.383'.
[   60.024376][ T4603] bond1 (unregistering): Released all slaves
[   60.088471][ T4611] FAULT_INJECTION: forcing a failure.
[   60.088471][ T4611] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.101578][ T4611] CPU: 1 UID: 0 PID: 4611 Comm: syz.0.385 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.101665][ T4611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   60.101676][ T4611] Call Trace:
[   60.101681][ T4611]  <TASK>
[   60.101686][ T4611]  __dump_stack+0x1d/0x30
[   60.101711][ T4611]  dump_stack_lvl+0xe8/0x140
[   60.101728][ T4611]  dump_stack+0x15/0x1b
[   60.101748][ T4611]  should_fail_ex+0x265/0x280
[   60.101776][ T4611]  should_fail+0xb/0x20
[   60.101789][ T4611]  should_fail_usercopy+0x1a/0x20
[   60.101808][ T4611]  _copy_from_user+0x1c/0xb0
[   60.101830][ T4611]  ___sys_sendmsg+0xc1/0x1d0
[   60.101861][ T4611]  __x64_sys_sendmsg+0xd4/0x160
[   60.101953][ T4611]  x64_sys_call+0x191e/0x3000
[   60.101974][ T4611]  do_syscall_64+0xd2/0x200
[   60.101991][ T4611]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.102045][ T4611]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   60.102080][ T4611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.102099][ T4611] RIP: 0033:0x7f1937fef6c9
[   60.102115][ T4611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.102133][ T4611] RSP: 002b:00007f1936a57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   60.102152][ T4611] RAX: ffffffffffffffda RBX: 00007f1938245fa0 RCX: 00007f1937fef6c9
[   60.102204][ T4611] RDX: 0000000020008041 RSI: 0000200000000680 RDI: 0000000000000003
[   60.102215][ T4611] RBP: 00007f1936a57090 R08: 0000000000000000 R09: 0000000000000000
[   60.102288][ T4611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.102303][ T4611] R13: 00007f1938246038 R14: 00007f1938245fa0 R15: 00007fffebd25a48
[   60.102319][ T4611]  </TASK>
[   60.336528][ T4620] loop3: detected capacity change from 0 to 8192
[   60.417121][ T4627] netlink: 12 bytes leftover after parsing attributes in process `syz.3.389'.
[   60.506886][ T4629] batadv_slave_1: entered promiscuous mode
[   60.521486][ T4628] batadv_slave_1: left promiscuous mode
[   60.595290][ T4635] tipc: Enabling of bearer <udp:£€> rejected, already enabled
[   60.619359][ T4638] FAULT_INJECTION: forcing a failure.
[   60.619359][ T4638] name failslab, interval 1, probability 0, space 0, times 0
[   60.632021][ T4638] CPU: 0 UID: 0 PID: 4638 Comm: syz.0.396 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.632057][ T4638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   60.632119][ T4638] Call Trace:
[   60.632125][ T4638]  <TASK>
[   60.632130][ T4638]  __dump_stack+0x1d/0x30
[   60.632148][ T4638]  dump_stack_lvl+0xe8/0x140
[   60.632164][ T4638]  dump_stack+0x15/0x1b
[   60.632177][ T4638]  should_fail_ex+0x265/0x280
[   60.632192][ T4638]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   60.632222][ T4638]  should_failslab+0x8c/0xb0
[   60.632254][ T4638]  kmem_cache_alloc_lru_noprof+0x55/0x490
[   60.632276][ T4638]  ? shmem_alloc_inode+0x34/0x50
[   60.632293][ T4638]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   60.632318][ T4638]  shmem_alloc_inode+0x34/0x50
[   60.632334][ T4638]  alloc_inode+0x40/0x170
[   60.632353][ T4638]  new_inode+0x1d/0xe0
[   60.632373][ T4638]  shmem_get_inode+0x244/0x750
[   60.632392][ T4638]  __shmem_file_setup+0x113/0x210
[   60.632413][ T4638]  shmem_file_setup+0x3b/0x50
[   60.632427][ T4638]  __se_sys_memfd_create+0x2c3/0x590
[   60.632447][ T4638]  __x64_sys_memfd_create+0x31/0x40
[   60.632517][ T4638]  x64_sys_call+0x2ac2/0x3000
[   60.632534][ T4638]  do_syscall_64+0xd2/0x200
[   60.632552][ T4638]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.632584][ T4638]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   60.632686][ T4638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.632706][ T4638] RIP: 0033:0x7f1937fef6c9
[   60.632718][ T4638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.632731][ T4638] RSP: 002b:00007f1936a56d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   60.632792][ T4638] RAX: ffffffffffffffda RBX: 00000000000005fb RCX: 00007f1937fef6c9
[   60.632807][ T4638] RDX: 00007f1936a56dec RSI: 0000000000000000 RDI: 00007f1938072960
[   60.632821][ T4638] RBP: 0000200000000c40 R08: 00007f1936a56b07 R09: 0000000000000000
[   60.632835][ T4638] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[   60.632863][ T4638] R13: 00007f1936a56dec R14: 00007f1936a56df0 R15: 00007fffebd25a48
[   60.632882][ T4638]  </TASK>
[   60.901101][ T4647] loop0: detected capacity change from 0 to 1024
[   60.908313][ T4647] EXT4-fs: Ignoring removed orlov option
[   60.924560][ T4647] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.942032][ T4649] loop4: detected capacity change from 0 to 1024
[   60.948682][ T4653] capability: warning: `syz.1.397' uses 32-bit capabilities (legacy support in use)
[   60.973214][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.986604][ T4649] EXT4-fs: Ignoring removed orlov option
[   60.998731][ T4656] netlink: 20 bytes leftover after parsing attributes in process `syz.0.402'.
[   61.010386][ T4649] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.051461][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.075528][ T4661] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   61.120760][ T4666] netlink: 'syz.3.406': attribute type 4 has an invalid length.
[   61.128451][ T4666] netlink: 152 bytes leftover after parsing attributes in process `syz.3.406'.
[   61.157211][ T4673] FAULT_INJECTION: forcing a failure.
[   61.157211][ T4673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.170403][ T4673] CPU: 0 UID: 0 PID: 4673 Comm: syz.1.409 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.170503][ T4673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   61.170592][ T4673] Call Trace:
[   61.170598][ T4673]  <TASK>
[   61.170606][ T4673]  __dump_stack+0x1d/0x30
[   61.170704][ T4673]  dump_stack_lvl+0xe8/0x140
[   61.170736][ T4673]  dump_stack+0x15/0x1b
[   61.170755][ T4673]  should_fail_ex+0x265/0x280
[   61.170777][ T4673]  should_fail+0xb/0x20
[   61.170799][ T4673]  should_fail_usercopy+0x1a/0x20
[   61.170816][ T4673]  strncpy_from_user+0x25/0x230
[   61.170850][ T4673]  strncpy_from_bpfptr+0x43/0x50
[   61.170880][ T4673]  bpf_prog_load+0x883/0x1100
[   61.170911][ T4673]  ? security_bpf+0x2b/0x90
[   61.171042][ T4673]  __sys_bpf+0x469/0x7c0
[   61.171067][ T4673]  __x64_sys_bpf+0x41/0x50
[   61.171142][ T4673]  x64_sys_call+0x2aee/0x3000
[   61.171164][ T4673]  do_syscall_64+0xd2/0x200
[   61.171242][ T4673]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   61.171325][ T4673]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   61.171358][ T4673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.171454][ T4673] RIP: 0033:0x7fc676cdf6c9
[   61.171470][ T4673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.171487][ T4673] RSP: 002b:00007fc67573f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   61.171508][ T4673] RAX: ffffffffffffffda RBX: 00007fc676f35fa0 RCX: 00007fc676cdf6c9
[   61.171522][ T4673] RDX: 0000000000000094 RSI: 0000200000000340 RDI: 0000000000000005
[   61.171535][ T4673] RBP: 00007fc67573f090 R08: 0000000000000000 R09: 0000000000000000
[   61.171548][ T4673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.171560][ T4673] R13: 00007fc676f36038 R14: 00007fc676f35fa0 R15: 00007ffeb627d208
[   61.171604][ T4673]  </TASK>
[   61.361495][ T4666] .`: renamed from bond0 (while UP)
[   61.419426][ T4684] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   61.444086][ T4688] netlink: 8 bytes leftover after parsing attributes in process `syz.1.413'.
[   61.455186][ T4688] netlink: 8 bytes leftover after parsing attributes in process `syz.1.413'.
[   61.464540][ T4688] netlink: 8 bytes leftover after parsing attributes in process `syz.1.413'.
[   61.473728][ T4688] netlink: 8 bytes leftover after parsing attributes in process `syz.1.413'.
[   61.496184][ T4692] netlink: 20 bytes leftover after parsing attributes in process `syz.4.415'.
[   61.519801][ T4695] loop0: detected capacity change from 0 to 256
[   61.528109][ T4688] loop1: detected capacity change from 0 to 8192
[   61.544336][ T4695] FAT-fs (loop0): IO charset cp850 not found
[   61.573091][ T4701] loop0: detected capacity change from 0 to 512
[   61.579712][ T4701] EXT4-fs: Ignoring removed mblk_io_submit option
[   61.587742][ T4701] ext2: Unknown parameter 'smackfshat'
[   61.594726][ T4701] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   61.602404][ T4701] $Hÿ: renamed from bond0 (while UP)
[   61.609801][ T4701] $Hÿ: entered promiscuous mode
[   61.614899][ T4701] bond_slave_0: entered promiscuous mode
[   61.620595][ T4701] bond_slave_1: entered promiscuous mode
[   61.622302][ T4707] FAULT_INJECTION: forcing a failure.
[   61.622302][ T4707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.639367][ T4707] CPU: 1 UID: 0 PID: 4707 Comm: syz.1.421 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   61.639395][ T4707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   61.639409][ T4707] Call Trace:
[   61.639415][ T4707]  <TASK>
[   61.639423][ T4707]  __dump_stack+0x1d/0x30
[   61.639499][ T4707]  dump_stack_lvl+0xe8/0x140
[   61.639521][ T4707]  dump_stack+0x15/0x1b
[   61.639541][ T4707]  should_fail_ex+0x265/0x280
[   61.639564][ T4707]  should_fail+0xb/0x20
[   61.639582][ T4707]  should_fail_usercopy+0x1a/0x20
[   61.639606][ T4707]  _copy_to_user+0x20/0xa0
[   61.639645][ T4707]  simple_read_from_buffer+0xb5/0x130
[   61.639737][ T4707]  proc_fail_nth_read+0x10e/0x150
[   61.639766][ T4707]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   61.639831][ T4707]  vfs_read+0x1a8/0x770
[   61.639875][ T4707]  ? __rcu_read_unlock+0x4f/0x70
[   61.639907][ T4707]  ? __fget_files+0x184/0x1c0
[   61.640012][ T4707]  ksys_read+0xda/0x1a0
[   61.640082][ T4707]  __x64_sys_read+0x40/0x50
[   61.640153][ T4707]  x64_sys_call+0x27c0/0x3000
[   61.640181][ T4707]  do_syscall_64+0xd2/0x200
[   61.640305][ T4707]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   61.640362][ T4707]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   61.640419][ T4707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.640465][ T4707] RIP: 0033:0x7fc676cde0dc
[   61.640482][ T4707] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   61.640533][ T4707] RSP: 002b:00007fc67573f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   61.640556][ T4707] RAX: ffffffffffffffda RBX: 00007fc676f35fa0 RCX: 00007fc676cde0dc
[   61.640589][ T4707] RDX: 000000000000000f RSI: 00007fc67573f0a0 RDI: 0000000000000003
[   61.640600][ T4707] RBP: 00007fc67573f090 R08: 0000000000000000 R09: 0000000000000000
[   61.640614][ T4707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.640629][ T4707] R13: 00007fc676f36038 R14: 00007fc676f35fa0 R15: 00007ffeb627d208
[   61.640654][ T4707]  </TASK>
[   61.860626][ T4709] netlink: 'syz.0.422': attribute type 10 has an invalid length.
[   61.874580][ T4709] team0 (unregistering): Port device team_slave_0 removed
[   61.884190][ T4709] team0 (unregistering): Port device team_slave_1 removed
[   61.931085][ T4713] loop2: detected capacity change from 0 to 256
[   61.966162][ T4713] blktrace: Concurrent blktraces are not allowed on sg0
[   61.975086][ T4713] netlink: 55035 bytes leftover after parsing attributes in process `syz.2.424'.
[   62.306545][ T4755] delete_channel: no stack
[   62.429190][ T4774] loop3: detected capacity change from 0 to 1024
[   62.435835][ T4774] SELinux: security_context_str_to_sid (root) failed with errno=-22
[   62.452952][ T4778] loop2: detected capacity change from 0 to 512
[   62.460742][ T4778] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   62.472254][ T4778] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   62.482339][ T4778] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.450: Corrupt directory, running e2fsck is recommended
[   62.495806][ T4778] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[   62.504322][ T4778] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.450: corrupted in-inode xattr: invalid ea_ino
[   62.518093][ T4778] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.450: couldn't read orphan inode 15 (err -117)
[   62.530359][ T4778] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.555835][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.612003][ T4787] loop3: detected capacity change from 0 to 2048
[   62.653548][ T4787] syz!: rxe_newlink: already configured on team_slave_0
[   62.691119][ T4791] tmpfs: Bad value for 'mpol'
[   62.709838][ T4791] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   62.735850][ T4797] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   62.772084][ T4799] netlink: 'syz.1.459': attribute type 1 has an invalid length.
[   62.786085][ T4799] bond1: entered promiscuous mode
[   62.791401][ T4799] 8021q: adding VLAN 0 to HW filter on device bond1
[   62.804806][ T4799] 8021q: adding VLAN 0 to HW filter on device bond1
[   62.812018][ T4799] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[   62.822543][ T4799] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[   62.834774][ T4799] bond1: (slave wireguard0): making interface the new active one
[   62.842605][ T4799] wireguard0: entered promiscuous mode
[   62.850013][ T4799] bond1: (slave wireguard0): Enslaving as an active interface with an up link
[   62.865368][ T4799] bond1: (slave wireguard1): The slave device specified does not support setting the MAC address
[   62.877743][ T4799] bond1: (slave wireguard1): Enslaving as a backup interface with an up link
[   62.888070][   T29] kauditd_printk_skb: 751 callbacks suppressed
[   62.888084][   T29] audit: type=1326 audit(62.863:5727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4798 comm="syz.1.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   62.924485][ T4807] netlink: 'syz.1.460': attribute type 1 has an invalid length.
[   62.937588][ T4807] bond2: entered promiscuous mode
[   62.943157][ T4807] 8021q: adding VLAN 0 to HW filter on device bond2
[   62.956117][   T29] audit: type=1326 audit(62.863:5728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4798 comm="syz.1.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   62.978916][   T29] audit: type=1326 audit(62.873:5729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4798 comm="syz.1.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   63.001446][   T29] audit: type=1326 audit(62.873:5730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4798 comm="syz.1.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   63.024105][   T29] audit: type=1326 audit(62.873:5731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4798 comm="syz.1.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   63.033249][ T4812] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   63.046952][   T29] audit: type=1326 audit(62.873:5732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4798 comm="syz.1.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   63.053819][ T4812] IPv6: NLM_F_CREATE should be set when creating new route
[   63.053832][ T4812] IPv6: NLM_F_CREATE should be set when creating new route
[   63.055836][ T4812] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   63.076731][   T29] audit: type=1326 audit(62.873:5733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4798 comm="syz.1.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   63.120920][   T29] audit: type=1326 audit(62.873:5734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4798 comm="syz.1.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   63.143733][   T29] audit: type=1326 audit(62.873:5735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4798 comm="syz.1.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   63.166265][   T29] audit: type=1326 audit(62.873:5736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4798 comm="syz.1.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   63.190013][ T4807] 8021q: adding VLAN 0 to HW filter on device bond2
[   63.197194][ T4807] bond2: (slave wireguard2): The slave device specified does not support setting the MAC address
[   63.202233][ T4816] loop0: detected capacity change from 0 to 512
[   63.207760][ T4807] bond2: (slave wireguard2): Setting fail_over_mac to active for active-backup mode
[   63.224912][ T4807] bond2: (slave wireguard2): making interface the new active one
[   63.226364][ T4816] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   63.232715][ T4807] wireguard2: entered promiscuous mode
[   63.244106][ T4816] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   63.244128][ T4816] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.462: Corrupt directory, running e2fsck is recommended
[   63.251912][ T4807] bond2: (slave wireguard2): Enslaving as an active interface with an up link
[   63.259820][ T4816] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   63.273786][ T4818] IPVS: Error connecting to the multicast addr
[   63.298722][ T4816] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.462: corrupted in-inode xattr: invalid ea_ino
[   63.328310][ T4816] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.462: couldn't read orphan inode 15 (err -117)
[   63.366086][ T4816] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.420555][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.463587][ T4839] loop3: detected capacity change from 0 to 1024
[   63.470457][ T4836] loop0: detected capacity change from 0 to 1024
[   63.478061][ T4836] EXT4-fs: Ignoring removed orlov option
[   63.497299][ T4836] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.512429][ T4839] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.540285][ T4847] loop4: detected capacity change from 0 to 1024
[   63.548552][ T4847] EXT4-fs: inline encryption not supported
[   63.550409][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.554540][ T4847] EXT4-fs: Ignoring removed orlov option
[   63.573375][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.582866][ T4847] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   63.596808][ T4850] loop1: detected capacity change from 0 to 256
[   63.612076][ T4850] FAT-fs (loop1): IO charset cp850 not found
[   63.633439][ T4850] FAULT_INJECTION: forcing a failure.
[   63.633439][ T4850] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.634664][ T4847] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c019, mo2=0002]
[   63.646603][ T4850] CPU: 0 UID: 0 PID: 4850 Comm: syz.1.475 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.646636][ T4850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   63.646651][ T4850] Call Trace:
[   63.646659][ T4850]  <TASK>
[   63.646668][ T4850]  __dump_stack+0x1d/0x30
[   63.646693][ T4850]  dump_stack_lvl+0xe8/0x140
[   63.646760][ T4850]  dump_stack+0x15/0x1b
[   63.646782][ T4850]  should_fail_ex+0x265/0x280
[   63.646807][ T4850]  should_fail+0xb/0x20
[   63.646827][ T4850]  should_fail_usercopy+0x1a/0x20
[   63.646900][ T4850]  _copy_from_iter+0xd2/0xe80
[   63.646919][ T4850]  ? __build_skb_around+0x1ab/0x200
[   63.646964][ T4850]  ? __alloc_skb+0x223/0x320
[   63.647003][ T4850]  netlink_sendmsg+0x471/0x6b0
[   63.647030][ T4850]  ? __pfx_netlink_sendmsg+0x10/0x10
[   63.647109][ T4850]  __sock_sendmsg+0x145/0x180
[   63.647140][ T4850]  ____sys_sendmsg+0x31e/0x4e0
[   63.647199][ T4850]  ___sys_sendmsg+0x17b/0x1d0
[   63.647240][ T4850]  __x64_sys_sendmsg+0xd4/0x160
[   63.647269][ T4850]  x64_sys_call+0x191e/0x3000
[   63.647297][ T4850]  do_syscall_64+0xd2/0x200
[   63.647323][ T4850]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   63.647431][ T4850]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   63.647556][ T4850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.647608][ T4850] RIP: 0033:0x7fc676cdf6c9
[   63.647626][ T4850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.647647][ T4850] RSP: 002b:00007fc67573f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   63.647688][ T4850] RAX: ffffffffffffffda RBX: 00007fc676f35fa0 RCX: 00007fc676cdf6c9
[   63.647702][ T4850] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000005
[   63.647716][ T4850] RBP: 00007fc67573f090 R08: 0000000000000000 R09: 0000000000000000
[   63.647736][ T4850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.647751][ T4850] R13: 00007fc676f36038 R14: 00007fc676f35fa0 R15: 00007ffeb627d208
[   63.647775][ T4850]  </TASK>
[   63.712544][ T4858] loop3: detected capacity change from 0 to 8192
[   63.759304][ T4847] System zones: 0-1, 3-12
[   64.046122][ T4875] loop3: detected capacity change from 0 to 8192
[   64.061025][ T4847] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[   64.073437][ T4847] EXT4-fs (loop4): This should not happen!! Data will be lost
[   64.073437][ T4847] 
[   64.083138][ T4847] EXT4-fs (loop4): Total free blocks count 0
[   64.089159][ T4847] EXT4-fs (loop4): Free/Dirty block details
[   64.095188][ T4847] EXT4-fs (loop4): free_blocks=0
[   64.100164][ T4847] EXT4-fs (loop4): dirty_blocks=0
[   64.105212][ T4847] EXT4-fs (loop4): Block reservation details
[   64.111184][ T4847] EXT4-fs (loop4): i_reserved_data_blocks=0
[   64.177523][ T4883] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   64.314291][ T4896] FAULT_INJECTION: forcing a failure.
[   64.314291][ T4896] name failslab, interval 1, probability 0, space 0, times 0
[   64.327231][ T4896] CPU: 1 UID: 0 PID: 4896 Comm: syz.0.492 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.327258][ T4896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   64.327306][ T4896] Call Trace:
[   64.327312][ T4896]  <TASK>
[   64.327320][ T4896]  __dump_stack+0x1d/0x30
[   64.327344][ T4896]  dump_stack_lvl+0xe8/0x140
[   64.327363][ T4896]  dump_stack+0x15/0x1b
[   64.327377][ T4896]  should_fail_ex+0x265/0x280
[   64.327449][ T4896]  should_failslab+0x8c/0xb0
[   64.327520][ T4896]  kmem_cache_alloc_noprof+0x50/0x480
[   64.327569][ T4896]  ? audit_log_start+0x342/0x720
[   64.327670][ T4896]  audit_log_start+0x342/0x720
[   64.327698][ T4896]  audit_seccomp+0x48/0x100
[   64.327741][ T4896]  ? __seccomp_filter+0x82d/0x1250
[   64.327773][ T4896]  __seccomp_filter+0x83e/0x1250
[   64.327854][ T4896]  ? vfs_write+0x7ef/0x960
[   64.327882][ T4896]  ? __rcu_read_unlock+0x4f/0x70
[   64.327911][ T4896]  ? __fget_files+0x184/0x1c0
[   64.327947][ T4896]  __secure_computing+0x82/0x150
[   64.328061][ T4896]  syscall_trace_enter+0xcf/0x1e0
[   64.328092][ T4896]  do_syscall_64+0xac/0x200
[   64.328113][ T4896]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   64.328145][ T4896]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   64.328185][ T4896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.328202][ T4896] RIP: 0033:0x7f1937fee0dc
[   64.328278][ T4896] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   64.328296][ T4896] RSP: 002b:00007f1936a57030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   64.328384][ T4896] RAX: ffffffffffffffda RBX: 00007f1938245fa0 RCX: 00007f1937fee0dc
[   64.328399][ T4896] RDX: 000000000000000f RSI: 00007f1936a570a0 RDI: 0000000000000006
[   64.328413][ T4896] RBP: 00007f1936a57090 R08: 0000000000000000 R09: 0000000000000000
[   64.328468][ T4896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.328478][ T4896] R13: 00007f1938246038 R14: 00007f1938245fa0 R15: 00007fffebd25a48
[   64.328497][ T4896]  </TASK>
[   64.634434][ T3389] kernel write not supported for file bpf-prog (pid: 3389 comm: kworker/1:3)
[   64.745422][ T4926] loop3: detected capacity change from 0 to 512
[   64.761924][ T4929] loop0: detected capacity change from 0 to 128
[   64.780434][ T4926] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   64.803573][ T4926] EXT4-fs (loop3): mount failed
[   65.071140][ T4962] netlink: 'syz.3.518': attribute type 1 has an invalid length.
[   65.083118][ T4965] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   65.086556][ T4962] bond0: entered promiscuous mode
[   65.094908][ T4962] bond0: entered allmulticast mode
[   65.100388][ T4962] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.166812][ T4973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   65.186756][ T4973] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   65.258973][ T4979] FAULT_INJECTION: forcing a failure.
[   65.258973][ T4979] name failslab, interval 1, probability 0, space 0, times 0
[   65.271631][ T4979] CPU: 0 UID: 0 PID: 4979 Comm: syz.4.524 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.271656][ T4979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   65.271666][ T4979] Call Trace:
[   65.271672][ T4979]  <TASK>
[   65.271677][ T4979]  __dump_stack+0x1d/0x30
[   65.271696][ T4979]  dump_stack_lvl+0xe8/0x140
[   65.271730][ T4979]  dump_stack+0x15/0x1b
[   65.271751][ T4979]  should_fail_ex+0x265/0x280
[   65.271838][ T4979]  should_failslab+0x8c/0xb0
[   65.271872][ T4979]  kmem_cache_alloc_noprof+0x50/0x480
[   65.271904][ T4979]  ? mm_alloc+0x2b/0xa0
[   65.271927][ T4979]  mm_alloc+0x2b/0xa0
[   65.272008][ T4979]  alloc_bprm+0x20e/0x350
[   65.272036][ T4979]  do_execveat_common+0x12e/0x750
[   65.272060][ T4979]  ? getname_flags+0x154/0x3b0
[   65.272092][ T4979]  __x64_sys_execveat+0x73/0x90
[   65.272113][ T4979]  x64_sys_call+0x1fec/0x3000
[   65.272137][ T4979]  do_syscall_64+0xd2/0x200
[   65.272159][ T4979]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   65.272215][ T4979]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   65.272243][ T4979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.272261][ T4979] RIP: 0033:0x7faad528f6c9
[   65.272272][ T4979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.272308][ T4979] RSP: 002b:00007faad3cef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[   65.272329][ T4979] RAX: ffffffffffffffda RBX: 00007faad54e5fa0 RCX: 00007faad528f6c9
[   65.272380][ T4979] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffffffffff9c
[   65.272390][ T4979] RBP: 00007faad3cef090 R08: 0000000000001000 R09: 0000000000000000
[   65.272400][ T4979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.272410][ T4979] R13: 00007faad54e6038 R14: 00007faad54e5fa0 R15: 00007ffcec6240a8
[   65.272433][ T4979]  </TASK>
[   65.509364][ T4985] __nla_validate_parse: 7 callbacks suppressed
[   65.509380][ T4985] netlink: 4 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[   65.570405][ T4991] tipc: Enabling of bearer <udp:£€> rejected, already enabled
[   65.596057][ T4993] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   65.631839][ T4997] raw_sendmsg: syz.3.533 forgot to set AF_INET. Fix it!
[   65.641797][ T5001] loop0: detected capacity change from 0 to 512
[   65.652337][ T5001] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   65.663941][ T5001] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[   65.674177][ T5001] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.535: Corrupt directory, running e2fsck is recommended
[   65.687770][ T5001] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   65.696243][ T5001] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.535: corrupted in-inode xattr: invalid ea_ino
[   65.709855][ T5001] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.535: couldn't read orphan inode 15 (err -117)
[   65.956421][ T5021] netlink: 488 bytes leftover after parsing attributes in process `syz.1.541'.
[   65.965534][ T5021] netlink: 8 bytes leftover after parsing attributes in process `syz.1.541'.
[   66.006476][ T5025] tipc: Enabling of bearer <udp:£€> rejected, already enabled
[   66.065789][ T5029] syz!: rxe_newlink: already configured on team_slave_0
[   66.160068][ T5037] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   66.541809][ T5056] loop3: detected capacity change from 0 to 764
[   66.581557][ T5056] bridge0: entered promiscuous mode
[   66.587016][ T5056] macvtap1: entered allmulticast mode
[   66.592397][ T5056] bridge0: entered allmulticast mode
[   66.601315][ T5056] batman_adv: batadv0: Adding interface: macvtap1
[   66.607774][ T5056] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   66.633895][ T5062] netlink: 12 bytes leftover after parsing attributes in process `syz.4.560'.
[   66.633976][ T5056] batman_adv: batadv0: Interface activated: macvtap1
[   66.715157][ T5067] hub 1-0:1.0: USB hub found
[   66.720064][ T5067] hub 1-0:1.0: 8 ports detected
[   66.740109][ T5080] tipc: Enabling of bearer <udp:£€> rejected, already enabled
[   66.743595][ T5077] syz.1.568 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   66.830471][ T5088] netlink: 48 bytes leftover after parsing attributes in process `syz.1.573'.
[   66.908145][ T5084] netlink: 8 bytes leftover after parsing attributes in process `syz.4.570'.
[   66.917605][ T5100] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[   66.942621][ T5084] wireguard0: entered promiscuous mode
[   66.948223][ T5084] wireguard0: entered allmulticast mode
[   66.983735][ T5095] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1545 sclass=netlink_route_socket pid=5095 comm=syz.4.570
[   66.986474][ T5112] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   67.022297][ T5116] erspan0: entered promiscuous mode
[   67.120009][ T5125] FAULT_INJECTION: forcing a failure.
[   67.120009][ T5125] name failslab, interval 1, probability 0, space 0, times 0
[   67.132834][ T5125] CPU: 0 UID: 0 PID: 5125 Comm: syz.1.588 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.132876][ T5125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   67.132889][ T5125] Call Trace:
[   67.132895][ T5125]  <TASK>
[   67.132902][ T5125]  __dump_stack+0x1d/0x30
[   67.132940][ T5125]  dump_stack_lvl+0xe8/0x140
[   67.132963][ T5125]  dump_stack+0x15/0x1b
[   67.132982][ T5125]  should_fail_ex+0x265/0x280
[   67.133004][ T5125]  should_failslab+0x8c/0xb0
[   67.133111][ T5125]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   67.133220][ T5125]  ? __alloc_skb+0x101/0x320
[   67.133252][ T5125]  __alloc_skb+0x101/0x320
[   67.133288][ T5125]  netlink_alloc_large_skb+0xbf/0xf0
[   67.133322][ T5125]  netlink_sendmsg+0x3cf/0x6b0
[   67.133402][ T5125]  ? __pfx_netlink_sendmsg+0x10/0x10
[   67.133424][ T5125]  __sock_sendmsg+0x145/0x180
[   67.133452][ T5125]  ____sys_sendmsg+0x31e/0x4e0
[   67.133496][ T5125]  ___sys_sendmsg+0x17b/0x1d0
[   67.133534][ T5125]  __x64_sys_sendmsg+0xd4/0x160
[   67.133611][ T5125]  x64_sys_call+0x191e/0x3000
[   67.133636][ T5125]  do_syscall_64+0xd2/0x200
[   67.133657][ T5125]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   67.133724][ T5125]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   67.133759][ T5125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.133782][ T5125] RIP: 0033:0x7fc676cdf6c9
[   67.133844][ T5125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.133863][ T5125] RSP: 002b:00007fc67573f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.133882][ T5125] RAX: ffffffffffffffda RBX: 00007fc676f35fa0 RCX: 00007fc676cdf6c9
[   67.133895][ T5125] RDX: 0000000004000000 RSI: 0000200000000180 RDI: 0000000000000005
[   67.133920][ T5125] RBP: 00007fc67573f090 R08: 0000000000000000 R09: 0000000000000000
[   67.133932][ T5125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.133944][ T5125] R13: 00007fc676f36038 R14: 00007fc676f35fa0 R15: 00007ffeb627d208
[   67.133976][ T5125]  </TASK>
[   67.351033][ T5127] 9pnet_fd: Insufficient options for proto=fd
[   67.588117][ T5160] 9pnet_fd: Insufficient options for proto=fd
[   67.703460][ T5181] 9pnet_fd: Insufficient options for proto=fd
[   67.801781][ T5193] netlink: 4 bytes leftover after parsing attributes in process `syz.0.611'.
[   67.820576][ T5195] 9pnet_fd: Insufficient options for proto=fd
[   68.354311][ T5213] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   68.361416][ T5213] syzkaller0: entered promiscuous mode
[   68.366916][ T5213] syzkaller0: entered allmulticast mode
[   68.375031][   T29] kauditd_printk_skb: 2084 callbacks suppressed
[   68.375062][   T29] audit: type=1400 audit(68.333:7816): avc:  denied  { ioctl } for  pid=5212 comm="syz.4.624" path="socket:[10753]" dev="sockfs" ino=10753 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   68.408105][ T5212] tipc: Resetting bearer <eth:syzkaller0>
[   68.416406][ T5212] tipc: Disabling bearer <eth:syzkaller0>
[   68.587452][ T5218] loop4: detected capacity change from 0 to 1024
[   68.605189][ T5218] EXT4-fs: Ignoring removed nobh option
[   68.610903][ T5218] EXT4-fs: Ignoring removed bh option
[   68.643757][   T29] audit: type=1400 audit(68.613:7817): avc:  denied  { mounton } for  pid=5230 comm="syz.0.630" path="/" dev="rootfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   68.705331][   T29] audit: type=1400 audit(68.673:7818): avc:  denied  { mounton } for  pid=5230 comm="syz.0.630" path="/file0" dev="rootfs" ino=10827 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   68.732021][ T5218] EXT4-fs mount: 4 callbacks suppressed
[   68.732035][ T5218] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.775355][   T29] audit: type=1400 audit(68.753:7819): avc:  denied  { write } for  pid=5217 comm="syz.4.626" path="/116/file2/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   68.845116][   T29] audit: type=1400 audit(68.813:7820): avc:  denied  { associate } for  pid=5241 comm="syz.0.630" name="core" scontext=root:object_r:etc_runtime_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1
[   68.904741][   T29] audit: type=1400 audit(68.873:7821): avc:  denied  { read } for  pid=5217 comm="syz.4.626" name="bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   68.951779][ T5245] EXT4-fs (loop4): shut down requested (0)
[   69.023026][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.185961][ T5249] loop4: detected capacity change from 0 to 512
[   69.379744][ T5249] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   69.391303][ T5249] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   69.401407][ T5249] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.634: Corrupt directory, running e2fsck is recommended
[   69.450085][ T5249] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   69.480402][ T5249] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.634: corrupted in-inode xattr: invalid ea_ino
[   69.525653][ T5249] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.634: couldn't read orphan inode 15 (err -117)
[   69.561447][ T5249] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.624224][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.752139][ T5264] syz!: rxe_newlink: already configured on team_slave_0
[   69.863778][ T5267] loop1: detected capacity change from 0 to 512
[   69.948652][ T5267] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.980122][ T5276] netlink: 660 bytes leftover after parsing attributes in process `syz.3.644'.
[   70.023627][   T29] audit: type=1326 audit(70.003:7822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5274 comm="syz.4.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   70.063134][   T29] audit: type=1326 audit(70.023:7823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5274 comm="syz.4.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   70.086045][   T29] audit: type=1326 audit(70.023:7824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5274 comm="syz.4.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   70.108863][   T29] audit: type=1326 audit(70.023:7825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5274 comm="syz.4.645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   70.113807][ T5276] infiniband syû: set active
[   70.136178][ T5276] infiniband syû: added bond_slave_0
[   70.156911][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.237736][ T5276] RDS/IB: syû: added
[   70.261938][ T5276] smc: adding ib device syû with port count 1
[   70.292225][ T5276] smc:    ib device syû port 1 has no pnetid
[   70.331531][ T5288] loop1: detected capacity change from 0 to 512
[   70.709223][ T5302] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   70.751012][ T5292] loop1: detected capacity change from 0 to 512
[   70.777713][ T5292] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.649: bad orphan inode 11862016
[   70.796977][ T5312] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   70.844894][ T5292] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   70.861918][ T5322] dns_resolver: Unsupported content type (231)
[   70.898833][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   71.349204][ T5340] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   71.483714][ T5345] FAULT_INJECTION: forcing a failure.
[   71.483714][ T5345] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.496963][ T5345] CPU: 1 UID: 0 PID: 5345 Comm: syz.2.669 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.497000][ T5345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   71.497015][ T5345] Call Trace:
[   71.497022][ T5345]  <TASK>
[   71.497031][ T5345]  __dump_stack+0x1d/0x30
[   71.497136][ T5345]  dump_stack_lvl+0xe8/0x140
[   71.497162][ T5345]  dump_stack+0x15/0x1b
[   71.497213][ T5345]  should_fail_ex+0x265/0x280
[   71.497238][ T5345]  should_fail+0xb/0x20
[   71.497257][ T5345]  should_fail_usercopy+0x1a/0x20
[   71.497276][ T5345]  _copy_to_user+0x20/0xa0
[   71.497395][ T5345]  simple_read_from_buffer+0xb5/0x130
[   71.497428][ T5345]  proc_fail_nth_read+0x10e/0x150
[   71.497494][ T5345]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   71.497602][ T5345]  vfs_read+0x1a8/0x770
[   71.497627][ T5345]  ? __rcu_read_unlock+0x4f/0x70
[   71.497654][ T5345]  ? __fget_files+0x184/0x1c0
[   71.497747][ T5345]  ksys_read+0xda/0x1a0
[   71.497842][ T5345]  __x64_sys_read+0x40/0x50
[   71.497875][ T5345]  x64_sys_call+0x27c0/0x3000
[   71.497902][ T5345]  do_syscall_64+0xd2/0x200
[   71.497972][ T5345]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   71.498015][ T5345]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   71.498058][ T5345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.498128][ T5345] RIP: 0033:0x7f2ac28ae0dc
[   71.498147][ T5345] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   71.498170][ T5345] RSP: 002b:00007f2ac130f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   71.498193][ T5345] RAX: ffffffffffffffda RBX: 00007f2ac2b05fa0 RCX: 00007f2ac28ae0dc
[   71.498205][ T5345] RDX: 000000000000000f RSI: 00007f2ac130f0a0 RDI: 0000000000000006
[   71.498216][ T5345] RBP: 00007f2ac130f090 R08: 0000000000000000 R09: 002367732f766564
[   71.498331][ T5345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.498347][ T5345] R13: 00007f2ac2b06038 R14: 00007f2ac2b05fa0 R15: 00007ffdb8e39638
[   71.498372][ T5345]  </TASK>
[   71.745050][ T5348] loop4: detected capacity change from 0 to 256
[   71.761729][ T5348] blktrace: Concurrent blktraces are not allowed on sg0
[   71.795240][ T5348] netlink: 8727 bytes leftover after parsing attributes in process `syz.4.670'.
[   71.836176][ T5358] netlink: 'syz.3.674': attribute type 39 has an invalid length.
[   71.887934][ T5363] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   71.895618][ T5364] loop3: detected capacity change from 0 to 512
[   71.906491][ T5364] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.674: error while reading EA inode 32 err=-116
[   71.919077][ T5364] EXT4-fs (loop3): Remounting filesystem read-only
[   71.922024][ T5368] loop2: detected capacity change from 0 to 128
[   71.929350][ T5364] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   71.944935][ T5364] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   71.956380][ T5364] EXT4-fs (loop3): 1 orphan inode deleted
[   71.963474][ T5364] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.016804][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.053867][ T5380] loop2: detected capacity change from 0 to 512
[   72.069352][ T5384] loop4: detected capacity change from 0 to 512
[   72.077684][ T5380] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.078422][ T5384] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   72.101659][ T5384] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   72.111838][ T5384] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.685: Corrupt directory, running e2fsck is recommended
[   72.144565][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.153927][ T5384] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   72.162187][ T5384] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.685: corrupted in-inode xattr: invalid ea_ino
[   72.180659][ T5384] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.685: couldn't read orphan inode 15 (err -117)
[   72.213858][ T5384] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.274769][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.310524][ T5403] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   72.379614][ T5416] tipc: New replicast peer: 255.255.255.83
[   72.385622][ T5416] tipc: Enabled bearer <udp:£>, priority 10
[   72.448338][ T5422] syz.1.701: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   72.462772][ T5422] CPU: 0 UID: 0 PID: 5422 Comm: syz.1.701 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.462796][ T5422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   72.462861][ T5422] Call Trace:
[   72.462869][ T5422]  <TASK>
[   72.462877][ T5422]  __dump_stack+0x1d/0x30
[   72.462961][ T5422]  dump_stack_lvl+0xe8/0x140
[   72.462982][ T5422]  dump_stack+0x15/0x1b
[   72.463003][ T5422]  warn_alloc+0x12b/0x1a0
[   72.463077][ T5422]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   72.463115][ T5422]  __vmalloc_node_range_noprof+0x9d/0xed0
[   72.463156][ T5422]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   72.463210][ T5422]  ? __rcu_read_unlock+0x4f/0x70
[   72.463243][ T5422]  ? __perf_event_task_sched_in+0xa5b/0xac0
[   72.463277][ T5422]  ? xfd_validate_state+0x45/0xf0
[   72.463311][ T5422]  ? save_fpregs_to_fpstate+0x100/0x160
[   72.463354][ T5422]  ? should_fail_ex+0x30/0x280
[   72.463379][ T5422]  ? xskq_create+0x36/0xe0
[   72.463423][ T5422]  vmalloc_user_noprof+0x7d/0xb0
[   72.463495][ T5422]  ? xskq_create+0x80/0xe0
[   72.463521][ T5422]  xskq_create+0x80/0xe0
[   72.463546][ T5422]  xsk_init_queue+0x95/0xf0
[   72.463647][ T5422]  xsk_setsockopt+0x3f5/0x640
[   72.463667][ T5422]  ? __pfx_xsk_setsockopt+0x10/0x10
[   72.463687][ T5422]  __sys_setsockopt+0x184/0x200
[   72.463729][ T5422]  __x64_sys_setsockopt+0x64/0x80
[   72.463839][ T5422]  x64_sys_call+0x20ec/0x3000
[   72.463899][ T5422]  do_syscall_64+0xd2/0x200
[   72.463923][ T5422]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   72.463952][ T5422]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   72.464009][ T5422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.464096][ T5422] RIP: 0033:0x7fc676cdf6c9
[   72.464111][ T5422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.464131][ T5422] RSP: 002b:00007fc67573f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   72.464149][ T5422] RAX: ffffffffffffffda RBX: 00007fc676f35fa0 RCX: 00007fc676cdf6c9
[   72.464185][ T5422] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[   72.464196][ T5422] RBP: 00007fc676d61f91 R08: 0000000000000004 R09: 0000000000000000
[   72.464210][ T5422] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[   72.464220][ T5422] R13: 00007fc676f36038 R14: 00007fc676f35fa0 R15: 00007ffeb627d208
[   72.464237][ T5422]  </TASK>
[   72.464258][ T5422] Mem-Info:
[   72.500703][ T5426] FAULT_INJECTION: forcing a failure.
[   72.500703][ T5426] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.503584][ T5422] active_anon:49683 inactive_anon:19 isolated_anon:0
[   72.503584][ T5422]  active_file:21412 inactive_file:2263 isolated_file:0
[   72.503584][ T5422]  unevictable:16364 dirty:391 writeback:0
[   72.503584][ T5422]  slab_reclaimable:3456 slab_unreclaimable:82741
[   72.503584][ T5422]  mapped:32349 shmem:44964 pagetables:1556
[   72.503584][ T5422]  sec_pagetables:0 bounce:0
[   72.503584][ T5422]  kernel_misc_reclaimable:0
[   72.503584][ T5422]  free:1712260 free_pcp:10958 free_cma:0
[   72.508014][ T5426] CPU: 1 UID: 0 PID: 5426 Comm: syz.1.701 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.508084][ T5426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   72.508102][ T5426] Call Trace:
[   72.508110][ T5426]  <TASK>
[   72.508119][ T5426]  __dump_stack+0x1d/0x30
[   72.508150][ T5426]  dump_stack_lvl+0xe8/0x140
[   72.508179][ T5426]  dump_stack+0x15/0x1b
[   72.508204][ T5426]  should_fail_ex+0x265/0x280
[   72.508246][ T5426]  should_fail+0xb/0x20
[   72.508267][ T5426]  should_fail_usercopy+0x1a/0x20
[   72.508297][ T5426]  _copy_from_user+0x1c/0xb0
[   72.508333][ T5426]  ___sys_sendmsg+0xc1/0x1d0
[   72.508410][ T5426]  __x64_sys_sendmsg+0xd4/0x160
[   72.508444][ T5426]  x64_sys_call+0x191e/0x3000
[   72.508487][ T5426]  do_syscall_64+0xd2/0x200
[   72.508513][ T5426]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   72.508554][ T5426]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   72.508711][ T5426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.508739][ T5426] RIP: 0033:0x7fc676cdf6c9
[   72.508796][ T5426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.508820][ T5426] RSP: 002b:00007fc67571e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   72.508844][ T5426] RAX: ffffffffffffffda RBX: 00007fc676f36090 RCX: 00007fc676cdf6c9
[   72.508862][ T5426] RDX: 0000000004000000 RSI: 0000200000000280 RDI: 0000000000000005
[   72.508931][ T5426] RBP: 00007fc67571e090 R08: 0000000000000000 R09: 0000000000000000
[   72.509013][ T5426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.509029][ T5426] R13: 00007fc676f36128 R14: 00007fc676f36090 R15: 00007ffeb627d208
[   72.509057][ T5426]  </TASK>
[   72.927123][ T5422] Node 0 active_anon:215100kB inactive_anon:76kB active_file:85648kB inactive_file:9024kB unevictable:65444kB isolated(anon):0kB isolated(file):0kB mapped:129444kB dirty:1612kB writeback:0kB shmem:196280kB kernel_stack:3840kB pagetables:6172kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   72.955075][ T5422] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   72.984877][ T5422] lowmem_reserve[]: 0 2881 7859 7859
[   72.990195][ T5422] Node 0 DMA32 free:2946732kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2950260kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[   73.021992][ T5422] lowmem_reserve[]: 0 0 4978 4978
[   73.027051][ T5422] Node 0 Normal free:3871236kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:215216kB inactive_anon:76kB active_file:85648kB inactive_file:9024kB unevictable:65444kB writepending:1612kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:39648kB local_pcp:31680kB free_cma:0kB
[   73.060529][ T5422] lowmem_reserve[]: 0 0 0 0
[   73.065124][ T5422] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   73.077874][ T5422] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 5*16kB (M) 2*32kB (M) 4*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2946732kB
[   73.093969][ T5422] Node 0 Normal: 10*4kB (UE) 23*8kB (UM) 8*16kB (UME) 2*32kB (ME) 20*64kB (U) 6*128kB (UE) 0*256kB 2*512kB (UE) 1*1024kB (E) 2*2048kB (UM) 943*4096kB (UM) = 3871136kB
[   73.110873][ T5422] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   73.120180][ T5422] 89125 total pagecache pages
[   73.124866][ T5422] 19 pages in swap cache
[   73.129092][ T5422] Free swap  = 124920kB
[   73.133273][ T5422] Total swap = 124996kB
[   73.137517][ T5422] 2097051 pages RAM
[   73.141362][ T5422] 0 pages HighMem/MovableOnly
[   73.146030][ T5422] 81086 pages reserved
[   73.176852][ T5434] netlink: 48 bytes leftover after parsing attributes in process `syz.0.704'.
[   73.214124][ T5437] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   73.285961][ T5449] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   73.384130][   T29] kauditd_printk_skb: 482 callbacks suppressed
[   73.384147][   T29] audit: type=1326 audit(73.363:8308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc676cd6567 code=0x7ffc0000
[   73.450336][   T29] audit: type=1326 audit(73.393:8309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc676c7b779 code=0x7ffc0000
[   73.472925][   T29] audit: type=1326 audit(73.393:8310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc676cd6567 code=0x7ffc0000
[   73.495492][   T29] audit: type=1326 audit(73.393:8311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc676c7b779 code=0x7ffc0000
[   73.518102][   T29] audit: type=1326 audit(73.393:8312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   73.540598][   T29] audit: type=1326 audit(73.393:8313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc676cd6567 code=0x7ffc0000
[   73.563097][   T29] audit: type=1326 audit(73.393:8314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc676c7b779 code=0x7ffc0000
[   73.585690][   T29] audit: type=1326 audit(73.393:8315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   73.608134][   T29] audit: type=1326 audit(73.413:8316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc676cd6567 code=0x7ffc0000
[   73.630708][   T29] audit: type=1326 audit(73.413:8317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5452 comm="syz.1.714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc676c7b779 code=0x7ffc0000
[   73.754603][ T5475] netlink: 48 bytes leftover after parsing attributes in process `syz.2.721'.
[   73.963881][ T5507] netlink: 48 bytes leftover after parsing attributes in process `syz.3.734'.
[   74.005959][ T5515] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   74.132625][ T5529] bridge0: port 3(macsec1) entered blocking state
[   74.139188][ T5529] bridge0: port 3(macsec1) entered disabled state
[   74.199632][ T5539] netlink: 12 bytes leftover after parsing attributes in process `syz.2.745'.
[   74.221266][ T5529] macsec1: entered allmulticast mode
[   74.226610][ T5529] bridge0: entered allmulticast mode
[   74.234227][ T5529] macsec1: left allmulticast mode
[   74.239336][ T5529] bridge0: left allmulticast mode
[   74.265366][ T5539] vlan2: entered promiscuous mode
[   74.270439][ T5539] syz_tun: entered promiscuous mode
[   74.290349][ T5553] netlink: 104 bytes leftover after parsing attributes in process `syz.1.754'.
[   74.304204][ T5553] netlink: 'syz.1.754': attribute type 2 has an invalid length.
[   74.311847][ T5553] netlink: 'syz.1.754': attribute type 11 has an invalid length.
[   74.319634][ T5553] netlink: 132 bytes leftover after parsing attributes in process `syz.1.754'.
[   74.337199][ T5553] loop1: detected capacity change from 0 to 1024
[   74.344293][ T5553] EXT4-fs: Ignoring removed bh option
[   74.361501][ T5553] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   74.372425][ T5553] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (31873!=20869)
[   74.392735][ T5553] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   74.402968][ T5553] EXT4-fs (loop1): filesystem has both journal inode and journal device!
[   74.431134][ T5562] mmap: syz.2.758 (5562) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   74.808748][ T5616] netlink: 64 bytes leftover after parsing attributes in process `syz.3.782'.
[   74.819496][ T5616] vcan0: tx drop: invalid da for name 0x0000000000000004
[   74.847467][ T5617] FAULT_INJECTION: forcing a failure.
[   74.847467][ T5617] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   74.860715][ T5617] CPU: 0 UID: 0 PID: 5617 Comm: syz.1.780 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.860759][ T5617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   74.860769][ T5617] Call Trace:
[   74.860774][ T5617]  <TASK>
[   74.860779][ T5617]  __dump_stack+0x1d/0x30
[   74.860796][ T5617]  dump_stack_lvl+0xe8/0x140
[   74.860812][ T5617]  dump_stack+0x15/0x1b
[   74.860903][ T5617]  should_fail_ex+0x265/0x280
[   74.860919][ T5617]  should_fail_alloc_page+0xf2/0x100
[   74.860943][ T5617]  __alloc_frozen_pages_noprof+0xff/0x360
[   74.860962][ T5617]  alloc_pages_mpol+0xb3/0x260
[   74.861022][ T5617]  ? _copy_from_user+0x89/0xb0
[   74.861042][ T5617]  alloc_pages_noprof+0x90/0x130
[   74.861058][ T5617]  bpf_prog_test_run_xdp+0x7c2/0x970
[   74.861106][ T5617]  ? kstrtouint+0x50/0xc0
[   74.861141][ T5617]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   74.861166][ T5617]  bpf_prog_test_run+0x22a/0x390
[   74.861193][ T5617]  __sys_bpf+0x4c0/0x7c0
[   74.861218][ T5617]  __x64_sys_bpf+0x41/0x50
[   74.861293][ T5617]  x64_sys_call+0x2aee/0x3000
[   74.861317][ T5617]  do_syscall_64+0xd2/0x200
[   74.861388][ T5617]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   74.861420][ T5617]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   74.861457][ T5617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.861515][ T5617] RIP: 0033:0x7fc676cdf6c9
[   74.861526][ T5617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.861539][ T5617] RSP: 002b:00007fc67571e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   74.861566][ T5617] RAX: ffffffffffffffda RBX: 00007fc676f36090 RCX: 00007fc676cdf6c9
[   74.861655][ T5617] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[   74.861670][ T5617] RBP: 00007fc67571e090 R08: 0000000000000000 R09: 0000000000000000
[   74.861679][ T5617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.861688][ T5617] R13: 00007fc676f36128 R14: 00007fc676f36090 R15: 00007ffeb627d208
[   74.861705][ T5617]  </TASK>
[   75.064329][ T5618] netlink: 8 bytes leftover after parsing attributes in process `syz.3.782'.
[   75.352987][ T5633] netlink: 8727 bytes leftover after parsing attributes in process `syz.0.789'.
[   75.729774][ T5659] FAULT_INJECTION: forcing a failure.
[   75.729774][ T5659] name failslab, interval 1, probability 0, space 0, times 0
[   75.742476][ T5659] CPU: 1 UID: 0 PID: 5659 Comm: syz.4.799 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.742505][ T5659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   75.742516][ T5659] Call Trace:
[   75.742521][ T5659]  <TASK>
[   75.742527][ T5659]  __dump_stack+0x1d/0x30
[   75.742550][ T5659]  dump_stack_lvl+0xe8/0x140
[   75.742568][ T5659]  dump_stack+0x15/0x1b
[   75.742701][ T5659]  should_fail_ex+0x265/0x280
[   75.742719][ T5659]  should_failslab+0x8c/0xb0
[   75.742841][ T5659]  kmem_cache_alloc_noprof+0x50/0x480
[   75.742925][ T5659]  ? dst_alloc+0xbd/0x100
[   75.742969][ T5659]  dst_alloc+0xbd/0x100
[   75.743045][ T5659]  ip_route_input_rcu+0x173b/0x1cd0
[   75.743091][ T5659]  ip_route_input_noref+0x5f/0x90
[   75.743122][ T5659]  ip_rcv_finish_core+0x315/0xb60
[   75.743145][ T5659]  ? iptable_mangle_hook+0x119/0x260
[   75.743215][ T5659]  ip_rcv_finish+0x100/0x1c0
[   75.743235][ T5659]  ip_rcv+0x62/0x140
[   75.743257][ T5659]  ? __pfx_ip_rcv_finish+0x10/0x10
[   75.743277][ T5659]  ? __pfx_ip_rcv+0x10/0x10
[   75.743295][ T5659]  __netif_receive_skb+0xff/0x270
[   75.743333][ T5659]  ? tun_rx_batched+0xc7/0x430
[   75.743407][ T5659]  netif_receive_skb+0x4b/0x2e0
[   75.743475][ T5659]  ? tun_rx_batched+0xc7/0x430
[   75.743524][ T5659]  tun_rx_batched+0xfc/0x430
[   75.743693][ T5659]  tun_get_user+0x1f35/0x26e0
[   75.743734][ T5659]  ? ref_tracker_alloc+0x1f2/0x2f0
[   75.743785][ T5659]  tun_chr_write_iter+0x15e/0x210
[   75.743895][ T5659]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   75.743922][ T5659]  vfs_write+0x52a/0x960
[   75.743971][ T5659]  ksys_write+0xda/0x1a0
[   75.744000][ T5659]  __x64_sys_write+0x40/0x50
[   75.744094][ T5659]  x64_sys_call+0x2802/0x3000
[   75.744114][ T5659]  do_syscall_64+0xd2/0x200
[   75.744134][ T5659]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   75.744167][ T5659]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   75.744267][ T5659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.744286][ T5659] RIP: 0033:0x7faad528e17f
[   75.744301][ T5659] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   75.744322][ T5659] RSP: 002b:00007faad3cce000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   75.744349][ T5659] RAX: ffffffffffffffda RBX: 00007faad54e6090 RCX: 00007faad528e17f
[   75.744363][ T5659] RDX: 000000000000004a RSI: 0000200000000000 RDI: 00000000000000c8
[   75.744407][ T5659] RBP: 00007faad3cce090 R08: 0000000000000000 R09: 0000000000000000
[   75.744421][ T5659] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[   75.744435][ T5659] R13: 00007faad54e6128 R14: 00007faad54e6090 R15: 00007ffcec6240a8
[   75.744455][ T5659]  </TASK>
[   76.548254][ T5693] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   76.563821][ T5693] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[   76.872708][ T5726] loop1: detected capacity change from 0 to 512
[   76.880850][ T5726] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   76.892404][ T5726] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   76.902481][ T5726] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.828: Corrupt directory, running e2fsck is recommended
[   76.916962][ T5726] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   76.925543][ T5726] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.828: corrupted in-inode xattr: invalid ea_ino
[   76.938892][ T5726] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.828: couldn't read orphan inode 15 (err -117)
[   76.951249][ T5726] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.980180][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.990046][ T5729] __nla_validate_parse: 2 callbacks suppressed
[   76.990071][ T5729] netlink: 40 bytes leftover after parsing attributes in process `syz.2.829'.
[   77.066235][ T5734] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   77.365327][ T5750] netlink: 32 bytes leftover after parsing attributes in process `syz.1.838'.
[   77.418013][ T5755] loop1: detected capacity change from 0 to 512
[   77.425928][ T5755] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   77.437449][ T5755] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   77.447585][ T5755] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.840: Corrupt directory, running e2fsck is recommended
[   77.461014][ T5755] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   77.469411][ T5755] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.840: corrupted in-inode xattr: invalid ea_ino
[   77.483871][ T5755] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.840: couldn't read orphan inode 15 (err -117)
[   77.496635][ T5755] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.528107][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.553318][ T5766] loop4: detected capacity change from 0 to 164
[   77.650687][ T5779] netlink: 56 bytes leftover after parsing attributes in process `syz.1.849'.
[   77.784472][ T5791] loop4: detected capacity change from 0 to 512
[   77.849696][ T5791] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   77.861314][ T5791] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it
[   77.871455][ T5791] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.854: Corrupt directory, running e2fsck is recommended
[   77.888740][ T5791] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   77.899584][ T5803] 9pnet_fd: Insufficient options for proto=fd
[   77.905023][ T5791] EXT4-fs error (device loop4): ext4_iget_extra_inode:5075: inode #15: comm syz.4.854: corrupted in-inode xattr: invalid ea_ino
[   77.921422][ T5791] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.854: couldn't read orphan inode 15 (err -117)
[   77.937028][ T5791] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.951794][ T5800] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   77.975232][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.080769][ T5813] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   78.164010][   T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1)
[   78.359994][ T5867] netlink: 32 bytes leftover after parsing attributes in process `syz.3.889'.
[   78.392835][   T29] kauditd_printk_skb: 1164 callbacks suppressed
[   78.392851][   T29] audit: type=1326 audit(78.363:9482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5872 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   78.432724][ T5873] loop4: detected capacity change from 0 to 256
[   78.436807][   T29] audit: type=1326 audit(78.373:9483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5872 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   78.461703][   T29] audit: type=1326 audit(78.393:9484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5872 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   78.484429][   T29] audit: type=1326 audit(78.403:9485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5872 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   78.506981][   T29] audit: type=1326 audit(78.403:9486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5872 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   78.513048][ T5873] blktrace: Concurrent blktraces are not allowed on sg0
[   78.529624][   T29] audit: type=1326 audit(78.403:9487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5872 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   78.529656][   T29] audit: type=1326 audit(78.403:9488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5872 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   78.545778][ T5873] netlink: 8727 bytes leftover after parsing attributes in process `syz.4.890'.
[   78.559186][   T29] audit: type=1326 audit(78.403:9489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5872 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   78.613615][   T29] audit: type=1326 audit(78.403:9490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5872 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   78.636238][   T29] audit: type=1326 audit(78.403:9491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5872 comm="syz.4.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faad528f6c9 code=0x7ffc0000
[   78.662253][ T5879] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.718089][ T5879] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.767722][ T5879] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.818645][ T5879] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.892141][   T37] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.902748][   T37] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.927053][   T37] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.954500][   T37] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.155037][ T5928] loop1: detected capacity change from 0 to 1024
[   79.183949][ T5928] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   79.201900][ T5928] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   79.556182][ T5977] loop4: detected capacity change from 0 to 512
[   79.588464][ T5974] loop4: detected capacity change from 0 to 512
[   79.595633][ T5974] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.603123][ T5974] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   79.611596][ T5974] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   79.635902][ T5974] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.928: Allocating blocks 41-42 which overlap fs metadata
[   79.652582][ T5974] EXT4-fs (loop4): Remounting filesystem read-only
[   79.659239][ T5974] EXT4-fs (loop4): 1 truncate cleaned up
[   79.670333][ T5974] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.694070][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.763070][ T5987] loop4: detected capacity change from 0 to 256
[   79.776011][ T5987] blktrace: Concurrent blktraces are not allowed on sg0
[   79.785432][ T5987] netlink: 8727 bytes leftover after parsing attributes in process `syz.4.932'.
[   79.800473][ T5991] 9pnet_fd: Insufficient options for proto=fd
[   79.801160][ T5993] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   79.882420][ T5996] netlink: 180 bytes leftover after parsing attributes in process `syz.0.937'.
[   79.982788][ T6008] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   80.265739][ T6032] loop1: detected capacity change from 0 to 2048
[   80.272512][ T6032] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.279497][ T6032] ext4: Unknown parameter 'euid<00000000000000000000'
[   80.506447][ T6034] netlink: 32 bytes leftover after parsing attributes in process `syz.4.950'.
[   81.060473][ T6061] 9pnet_fd: Insufficient options for proto=fd
[   81.083319][ T6064] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[   81.431640][ T6095] netlink: 20 bytes leftover after parsing attributes in process `gtp'.
[   81.989216][ T6132] loop1: detected capacity change from 0 to 512
[   82.041626][ T6137] __nla_validate_parse: 2 callbacks suppressed
[   82.041639][ T6137] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[   82.065465][ T6132] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.177058][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.256528][ T6157] loop1: detected capacity change from 0 to 256
[   82.288697][ T6157] blktrace: Concurrent blktraces are not allowed on sg0
[   82.298961][ T6157] netlink: 8727 bytes leftover after parsing attributes in process `syz.1.992'.
[   82.363973][ T6163] loop4: detected capacity change from 0 to 512
[   82.662978][ T6185] loop1: detected capacity change from 0 to 512
[   82.751466][ T6185] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.764435][ T6184] FAULT_INJECTION: forcing a failure.
[   82.764435][ T6184] name failslab, interval 1, probability 0, space 0, times 0
[   82.777183][ T6184] CPU: 0 UID: 0 PID: 6184 Comm: syz.1.1003 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   82.777205][ T6184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   82.777217][ T6184] Call Trace:
[   82.777224][ T6184]  <TASK>
[   82.777231][ T6184]  __dump_stack+0x1d/0x30
[   82.777256][ T6184]  dump_stack_lvl+0xe8/0x140
[   82.777279][ T6184]  dump_stack+0x15/0x1b
[   82.777363][ T6184]  should_fail_ex+0x265/0x280
[   82.777386][ T6184]  should_failslab+0x8c/0xb0
[   82.777470][ T6184]  kmem_cache_alloc_noprof+0x50/0x480
[   82.777496][ T6184]  ? getname_flags+0x80/0x3b0
[   82.777530][ T6184]  getname_flags+0x80/0x3b0
[   82.777605][ T6184]  user_path_at+0x28/0x130
[   82.777623][ T6184]  __se_sys_mount+0x25b/0x2e0
[   82.777665][ T6184]  ? fput+0x8f/0xc0
[   82.777688][ T6184]  __x64_sys_mount+0x67/0x80
[   82.777716][ T6184]  x64_sys_call+0x2b51/0x3000
[   82.777736][ T6184]  do_syscall_64+0xd2/0x200
[   82.777773][ T6184]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   82.777799][ T6184]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   82.777908][ T6184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.777931][ T6184] RIP: 0033:0x7fc676cdf6c9
[   82.777943][ T6184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.777959][ T6184] RSP: 002b:00007fc67571e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   82.778042][ T6184] RAX: ffffffffffffffda RBX: 00007fc676f36090 RCX: 00007fc676cdf6c9
[   82.778056][ T6184] RDX: 0000200000000040 RSI: 0000200000000400 RDI: 0000000000000000
[   82.778070][ T6184] RBP: 00007fc67571e090 R08: 0000200000000a40 R09: 0000000000000000
[   82.778083][ T6184] R10: 0000000000800048 R11: 0000000000000246 R12: 0000000000000001
[   82.778149][ T6184] R13: 00007fc676f36128 R14: 00007fc676f36090 R15: 00007ffeb627d208
[   82.778173][ T6184]  </TASK>
[   83.173024][ T6130] syz.2.984 (6130) used greatest stack depth: 6328 bytes left
[   83.390092][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.429192][   T29] kauditd_printk_skb: 857 callbacks suppressed
[   83.429209][   T29] audit: type=1326 audit(83.403:10345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6221 comm="syz.1.1019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   83.458277][   T29] audit: type=1326 audit(83.403:10346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6221 comm="syz.1.1019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   83.481182][   T29] audit: type=1326 audit(83.403:10347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6221 comm="syz.1.1019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   83.504224][   T29] audit: type=1326 audit(83.403:10348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6221 comm="syz.1.1019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   83.527344][   T29] audit: type=1326 audit(83.403:10349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6221 comm="syz.1.1019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc676cdf6c9 code=0x7ffc0000
[   83.630234][ T6220] xt_bpf: check failed: parse error
[   83.735119][   T29] audit: type=1326 audit(83.713:10350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.3.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae3950f6c9 code=0x7ffc0000
[   83.757991][   T29] audit: type=1326 audit(83.713:10351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.3.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae3950f6c9 code=0x7ffc0000
[   83.815197][   T29] audit: type=1326 audit(83.713:10352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.3.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fae3950f6c9 code=0x7ffc0000
[   83.838249][   T29] audit: type=1326 audit(83.713:10353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.3.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae3950f6c9 code=0x7ffc0000
[   83.861209][   T29] audit: type=1326 audit(83.713:10354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6229 comm="syz.3.1022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae3950f6c9 code=0x7ffc0000
[   83.902036][ T6234] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   84.147600][ T6267] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   84.216464][ T6275] netlink: 8727 bytes leftover after parsing attributes in process `syz.2.1043'.
[   84.684961][ T6314] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   84.770616][ T6322] netlink: 'syz.3.1062': attribute type 21 has an invalid length.
[   84.952384][ T6337] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   85.142911][ T6350] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   85.152331][ T6350] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[   85.167689][ T6351] loop4: detected capacity change from 0 to 512
[   85.175097][ T6351] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   85.186285][ T6351] EXT4-fs (loop4): 1 truncate cleaned up
[   85.202343][ T6351] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.646913][ T6376] netlink: 62947 bytes leftover after parsing attributes in process `syz.3.1079'.
[   85.946472][ T6409] 9p: Unknown access argument ¿: -22
[   85.964552][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.009241][ T6421] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   86.018726][ T6421] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[   86.087110][ T6433] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   86.168208][ T6444] netlink: 'syz.1.1109': attribute type 12 has an invalid length.
[   86.177051][ T6444] netlink: 'syz.1.1109': attribute type 13 has an invalid length.
[   86.225583][ T6454] netlink: 55 bytes leftover after parsing attributes in process `syz.2.1112'.
[   86.235355][ T6456] netlink: 55 bytes leftover after parsing attributes in process `syz.2.1112'.
[   86.278877][ T6465] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   86.310844][ T6469] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1119'.
[   86.349631][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   86.357759][   T10] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   86.457128][ T6490] netlink: 260 bytes leftover after parsing attributes in process `syz.0.1126'.
[   86.484904][ T6494] loop4: detected capacity change from 0 to 1024
[   86.494647][ T6494] EXT4-fs: Ignoring removed orlov option
[   86.500335][ T6494] EXT4-fs: Ignoring removed mblk_io_submit option
[   86.511569][ T6498] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   86.519750][ T6494] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a854c018, mo2=0002]
[   86.529418][ T6494] System zones: 0-1, 3-12
[   86.534546][ T6494] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.559098][ T6494] netlink: 'syz.4.1129': attribute type 9 has an invalid length.
[   86.585443][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.614835][ T6512] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   86.625736][ T6512] x_tables: duplicate underflow at hook 1
[   86.656095][ T6515] 9pnet_virtio: no channels available for device ./file0
[   86.748602][ T6525] loop4: detected capacity change from 0 to 512
[   86.764401][ T6525] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.789975][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.804202][ T6529] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1144'.
[   86.818029][ T6531] FAULT_INJECTION: forcing a failure.
[   86.818029][ T6531] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.831225][ T6531] CPU: 1 UID: 0 PID: 6531 Comm: syz.4.1143 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.831248][ T6531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   86.831259][ T6531] Call Trace:
[   86.831266][ T6531]  <TASK>
[   86.831273][ T6531]  __dump_stack+0x1d/0x30
[   86.831316][ T6531]  dump_stack_lvl+0xe8/0x140
[   86.831399][ T6531]  dump_stack+0x15/0x1b
[   86.831414][ T6531]  should_fail_ex+0x265/0x280
[   86.831437][ T6531]  should_fail+0xb/0x20
[   86.831473][ T6531]  should_fail_usercopy+0x1a/0x20
[   86.831491][ T6531]  _copy_to_user+0x20/0xa0
[   86.831561][ T6531]  simple_read_from_buffer+0xb5/0x130
[   86.831592][ T6531]  proc_fail_nth_read+0x10e/0x150
[   86.831628][ T6531]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   86.831704][ T6531]  vfs_read+0x1a8/0x770
[   86.831755][ T6531]  ? do_handle_open+0x5b7/0x6e0
[   86.831787][ T6531]  ? __rcu_read_unlock+0x4f/0x70
[   86.831896][ T6531]  ? __fget_files+0x184/0x1c0
[   86.831940][ T6531]  ? kfree+0xdb/0x400
[   86.831972][ T6531]  ksys_read+0xda/0x1a0
[   86.832002][ T6531]  __x64_sys_read+0x40/0x50
[   86.832091][ T6531]  x64_sys_call+0x27c0/0x3000
[   86.832118][ T6531]  do_syscall_64+0xd2/0x200
[   86.832157][ T6531]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   86.832189][ T6531]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   86.832227][ T6531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.832324][ T6531] RIP: 0033:0x7faad528e0dc
[   86.832342][ T6531] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   86.832363][ T6531] RSP: 002b:00007faad3cef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   86.832386][ T6531] RAX: ffffffffffffffda RBX: 00007faad54e5fa0 RCX: 00007faad528e0dc
[   86.832401][ T6531] RDX: 000000000000000f RSI: 00007faad3cef0a0 RDI: 0000000000000008
[   86.832416][ T6531] RBP: 00007faad3cef090 R08: 0000000000000000 R09: 0000000000000000
[   86.832431][ T6531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.832445][ T6531] R13: 00007faad54e6038 R14: 00007faad54e5fa0 R15: 00007ffcec6240a8
[   86.832498][ T6531]  </TASK>
[   87.105554][ T6543] 9p: Unknown access argument ¿: -22
[   87.119839][ T6548] 9pnet_fd: Insufficient options for proto=fd
[   87.288365][ T6563] netlink: 62947 bytes leftover after parsing attributes in process `syz.3.1158'.
[   87.303335][ T6567] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1157'.
[   87.509058][ T6586] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1166'.
[   87.631172][ T6592] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.648041][ T6592] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.762186][ T6592] gre1: entered allmulticast mode
[   87.904338][ T6618] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1180'.
[   88.180027][ T6627] loop4: detected capacity change from 0 to 256
[   88.196115][ T6627] blktrace: Concurrent blktraces are not allowed on sg0
[   88.204983][ T6627] netlink: 62947 bytes leftover after parsing attributes in process `syz.4.1184'.
[   88.325522][ T6646] netlink: 'syz.0.1191': attribute type 7 has an invalid length.
[   88.359534][ T6648] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   88.496444][   T29] kauditd_printk_skb: 1188 callbacks suppressed
[   88.496461][   T29] audit: type=1326 audit(88.473:11543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6651 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faad5286567 code=0x7ffc0000
[   88.513272][ T6659] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1196'.
[   88.525536][   T29] audit: type=1326 audit(88.473:11544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6651 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faad522b779 code=0x7ffc0000
[   88.557142][   T29] audit: type=1326 audit(88.473:11545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6651 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faad5286567 code=0x7ffc0000
[   88.580039][   T29] audit: type=1326 audit(88.473:11546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6651 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faad522b779 code=0x7ffc0000
[   88.602814][   T29] audit: type=1326 audit(88.473:11547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6651 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faad5286567 code=0x7ffc0000
[   88.625571][   T29] audit: type=1326 audit(88.473:11548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6651 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faad522b779 code=0x7ffc0000
[   88.648379][   T29] audit: type=1326 audit(88.473:11549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6651 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faad5286567 code=0x7ffc0000
[   88.671253][   T29] audit: type=1326 audit(88.473:11550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6651 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faad522b779 code=0x7ffc0000
[   88.694125][   T29] audit: type=1326 audit(88.473:11551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6651 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faad5286567 code=0x7ffc0000
[   88.716825][   T29] audit: type=1326 audit(88.473:11552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6651 comm="syz.4.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faad522b779 code=0x7ffc0000
[   88.837834][ T6670] 9p: Unknown access argument ¿: -22
[   88.859959][ T6672] 9p: Unknown access argument ¿: -22
[   88.898704][ T6676] netlink: 'syz.1.1204': attribute type 12 has an invalid length.
[   89.231586][ T6688] loop1: detected capacity change from 0 to 256
[   89.258387][ T6706] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1218'.
[   89.268341][ T6688] blktrace: Concurrent blktraces are not allowed on sg0
[   89.276410][ T6688] netlink: 8727 bytes leftover after parsing attributes in process `syz.1.1210'.
[   89.411963][ T6731] 9pnet_fd: Insufficient options for proto=fd
[   89.452336][ T6722] loop4: detected capacity change from 0 to 8192
[   89.482720][ T6737] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1232'.
[   89.529897][ T6745] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1226'.
[   89.627541][ T6760] 9pnet_fd: Insufficient options for proto=fd
[   89.659893][ T6764] 9pnet_fd: Insufficient options for proto=fd
[   89.703197][ T6769] 9pnet_fd: Insufficient options for proto=fd
[   89.736543][ T6762] loop1: detected capacity change from 0 to 256
[   89.751686][ T6762] blktrace: Concurrent blktraces are not allowed on sg0
[   89.861364][ T6793] 9pnet_fd: Insufficient options for proto=fd
[   89.918747][ T6795] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   89.948537][ T6797] 9pnet_fd: Insufficient options for proto=fd
[   90.059938][ T6820] netlink: 'syz.2.1268': attribute type 12 has an invalid length.
[   90.070606][ T6821] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   90.157989][ T6832] tipc: Enabling of bearer <udp:£> rejected, already enabled
[   90.170492][ T6832] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[   90.355776][ T6854] netlink: 'syz.4.1284': attribute type 12 has an invalid length.
[   90.404460][ T6856] loop4: detected capacity change from 0 to 256
[   90.417664][ T6856] blktrace: Concurrent blktraces are not allowed on sg0
[   90.827801][ T6887] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   90.873606][ T6887] netlink: 'syz.0.1298': attribute type 10 has an invalid length.
[   91.088218][ T6902] 9pnet_fd: Insufficient options for proto=fd
[   91.146119][ T6904] xt_CT: You must specify a L4 protocol and not use inversions on it
[   91.340123][ T6910] FAULT_INJECTION: forcing a failure.
[   91.340123][ T6910] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.353329][ T6910] CPU: 0 UID: 0 PID: 6910 Comm: syz.1.1305 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.353362][ T6910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   91.353375][ T6910] Call Trace:
[   91.353381][ T6910]  <TASK>
[   91.353387][ T6910]  __dump_stack+0x1d/0x30
[   91.353430][ T6910]  dump_stack_lvl+0xe8/0x140
[   91.353498][ T6910]  dump_stack+0x15/0x1b
[   91.353522][ T6910]  should_fail_ex+0x265/0x280
[   91.353543][ T6910]  should_fail+0xb/0x20
[   91.353615][ T6910]  should_fail_usercopy+0x1a/0x20
[   91.353639][ T6910]  _copy_from_iter+0xd2/0xe80
[   91.353669][ T6910]  ? __build_skb_around+0x1ab/0x200
[   91.353708][ T6910]  ? __alloc_skb+0x223/0x320
[   91.353796][ T6910]  netlink_sendmsg+0x471/0x6b0
[   91.353820][ T6910]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.353877][ T6910]  __sock_sendmsg+0x145/0x180
[   91.353903][ T6910]  ____sys_sendmsg+0x31e/0x4e0
[   91.353998][ T6910]  ___sys_sendmsg+0x17b/0x1d0
[   91.354110][ T6910]  __x64_sys_sendmsg+0xd4/0x160
[   91.354138][ T6910]  x64_sys_call+0x191e/0x3000
[   91.354164][ T6910]  do_syscall_64+0xd2/0x200
[   91.354182][ T6910]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   91.354268][ T6910]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   91.354300][ T6910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.354318][ T6910] RIP: 0033:0x7fc676cdf6c9
[   91.354331][ T6910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.354350][ T6910] RSP: 002b:00007fc67573f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.354419][ T6910] RAX: ffffffffffffffda RBX: 00007fc676f35fa0 RCX: 00007fc676cdf6c9
[   91.354442][ T6910] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000006
[   91.354456][ T6910] RBP: 00007fc67573f090 R08: 0000000000000000 R09: 0000000000000000
[   91.354501][ T6910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.354514][ T6910] R13: 00007fc676f36038 R14: 00007fc676f35fa0 R15: 00007ffeb627d208
[   91.354532][ T6910]  </TASK>
[   92.532805][ T6900] ==================================================================
[   92.541037][ T6900] BUG: KCSAN: data-race in atime_needs_update / inode_update_timestamps
[   92.549397][ T6900] 
[   92.551725][ T6900] write to 0xffff88813054c9ac of 4 bytes by task 6903 on cpu 1:
[   92.559352][ T6900]  inode_update_timestamps+0x147/0x270
[   92.564846][ T6900]  file_update_time+0x20e/0x2b0
[   92.569704][ T6900]  shmem_file_write_iter+0x9c/0xf0
[   92.574821][ T6900]  iter_file_splice_write+0x666/0xa60
[   92.580211][ T6900]  direct_splice_actor+0x156/0x2a0
[   92.585329][ T6900]  splice_direct_to_actor+0x312/0x680
[   92.590715][ T6900]  do_splice_direct+0xda/0x150
[   92.595492][ T6900]  do_sendfile+0x380/0x650
[   92.599930][ T6900]  __x64_sys_sendfile64+0x105/0x150
[   92.605155][ T6900]  x64_sys_call+0x2bb4/0x3000
[   92.609842][ T6900]  do_syscall_64+0xd2/0x200
[   92.614366][ T6900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.620264][ T6900] 
[   92.622591][ T6900] read to 0xffff88813054c9ac of 4 bytes by task 6900 on cpu 0:
[   92.630135][ T6900]  atime_needs_update+0x2a8/0x3e0
[   92.635181][ T6900]  touch_atime+0x4a/0x340
[   92.639547][ T6900]  shmem_file_read_iter+0x477/0x540
[   92.644756][ T6900]  copy_splice_read+0x442/0x660
[   92.649616][ T6900]  splice_direct_to_actor+0x290/0x680
[   92.655005][ T6900]  do_splice_direct+0xda/0x150
[   92.659789][ T6900]  do_sendfile+0x380/0x650
[   92.664216][ T6900]  __x64_sys_sendfile64+0x105/0x150
[   92.669431][ T6900]  x64_sys_call+0x2bb4/0x3000
[   92.674115][ T6900]  do_syscall_64+0xd2/0x200
[   92.678619][ T6900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.684512][ T6900] 
[   92.686833][ T6900] value changed: 0x1e052aa7 -> 0x1e9dc127
[   92.692544][ T6900] 
[   92.694867][ T6900] Reported by Kernel Concurrency Sanitizer on:
[   92.701035][ T6900] CPU: 0 UID: 0 PID: 6900 Comm: syz.2.1300 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   92.710759][ T6900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   92.720815][ T6900] ==================================================================
[   92.868400][ T6948] loop1: detected capacity change from 0 to 8192
[   92.974234][ T6952] __nla_validate_parse: 4 callbacks suppressed
[   92.974251][ T6952] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1322'.