last executing test programs:

43.892695746s ago: executing program 3 (id=2520):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000016c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x840e, &(0x7f0000001080)={[{@discard}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@bsdgroups}, {@quota}]}, 0x3, 0x43a, &(0x7f0000001100)="$eJzs28tvG1UXAPAzfrRfX19CVR59AIGCqHgkTVpKF2xAILEACQkWZRmStCp1G9QEiVYRBITKCqFK7BFLJP4CVrBBwAqJLexRpQpl08LKaOyZxHYcNzFOnOLfT5r23plr3XM8c+07c+MABtZI+k8SsTcifouIoXq1ucFI/b/bSwtTfy0tTCVRrb7xZ1Jrd2tpYSpvmr9uT14pRRQ+SeJwm37nrly9MFmpzFzO6mPzF98dm7ty9ZnzFyfPzZybuTRx+vTJE+PPnZp4tid5pnndOvTB7JGDr7x1/bWpM9ff/umbJM+/JY8eGel08PFqtcfd9de+hnJS6mMgbEixPkyjXBv/Q1GMlZM3FC9/3NfggE1VrVar9619eLEK/Icl0e8IgP7Iv+jT+99826Kpx7Zw84X6DVCa9+1sqx8pRSFrU265v+2lkYg4s/j3l+kWm/McAgCgyXfp/OfpdvO/QjQ+F/p/toYyHBH3RMT+iDgVEQci4t6IWtv7I+KBDfbfukiyev5TuNFVYuuUzv+ez9a2mud/+ewvhotZbV8t/3Jy9nxl5nj2nhyL8s60Pt6hj+9f+vXztY41zv/SLe0/nwtmcdwo7Wx+zfTk/GRziN27+VHEoVK7/JPllYAkIg5GxKEu+zj/5NdH1jp25/w76ME6U/WriCfq538xWvLPJZ3XJ8f+F5WZ42P5VbHaz79ce32t/v9V/j2Qnv/dba//5fyHk8b12rmN93Ht90/XvKfp9vrfkbzZtO/9yfn5y+MRO5JX60E37p9oaTex0j7N/9jR9uN/f6y8E4cjIr2IH4yIhyLi4Sz2RyLi0Yg42iH/H1987J3u899caf7TGzr/K4Ud0bqnfaF44Ydvmzod3kj+6fk/WSsdy/Ysf/51sJ64uruaAQAA4O5TiIi9kRRGl8uFwuho/W/4D8TuQmV2bv6ps7PvXZqu/0ZgOMqF/EnXUMPz0PHstj6vT7TUT2TPjb8o7qrVR6dmK9P9Th4G3J4otR3/qT+K/Y4O2HR+rwWDy/iHwWX8w+Ay/mFwtRn/u/oRB7D12n3/f9iHOICt1zL+LfvBAHH/D4PL+IfBZfzDQJrbFXf+kbyCwqpCFLZFGOssfFbeFmHcRYV+fzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xj8BAAD//3g65pw=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3a}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', 0x9001)
renameat2(r2, &(0x7f0000000140)='./file0\x00', r2, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4c00000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010067656e65766500001400028005000d0002000000050004000100000008000a00", @ANYRES32=r5], 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

43.387000753s ago: executing program 3 (id=2524):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r0, &(0x7f0000000440)=[{&(0x7f0000000040)='o', 0xfffffffffffffdbd}], 0x1)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffe00}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0x58, 0x8, 0x0, &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x0, '\x00', 0x0, 0xf}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
poll(&(0x7f0000000c80)=[{0xffffffffffffffff, 0x2000}, {0xffffffffffffffff, 0x10}, {0xffffffffffffffff, 0x273d}, {0xffffffffffffffff, 0x28}], 0x200000000000009b, 0xb5)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap$xdp(&(0x7f0000db0000/0x1000)=nil, 0x1000, 0x2, 0x30, r1, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r6}, 0x18)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x81}, 0x38)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3af, 0x4}, 0x100000, 0x0, 0x0, 0x3, 0x40, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff7e}, 0x0, 0xffffffffffffffff, r3, 0x8)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180800000000010000000000000600000018000000", @ANYRES8=<r9=>r4, @ANYRES64=r7], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r8, 0x0, 0xfffffffffffffffe}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r10}, 0x10)
r11 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r11, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES16=r9], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x200, 0x800)

43.107265289s ago: executing program 3 (id=2529):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000280)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000002600)=ANY=[@ANYBLOB="8dc26ad540dac20852edcea770a74821ea2d4c7a1ffa00ed13950c2fc18ab4eae142eedc1bbae2721bb67a5b0e691e866d5cadf56c5756dd48ee18e9f6c9c11013f1988bfd56ad589ea3b3d54b2029088a383dab4dc23cb75968f0226fd9ff60185b582e977d06fa84ac48ab96fbbef78f29d9ae095667e7d4f2894c6b8133fd4ace800d56a4a86c1307dcec8cf5465a4f00286e295fdb0cbb5e475413ed58259634b40502d313edbb9cf6a8a5da250aca5158fd87c1bc95e84e08be1df433acb50f39d1f6ce45e150784c7d2bc932d94e7b189a168e61217c25f0d08c1a12ddf45fe9c3f494c75154cc46c4ea434e516efd0e5cc5e32e2dd2f59a4e466cb001f738f00fb73c99f48dcc350dd0e82ef7e8427f5a1d6ed95b37d064e26c2ff9226bab2fb14844d6ad16613bccb675e4d4ed4a91794a5b49c655eb954f81016f7b599bbdd6e940c1b6a18223d6ff3b77aa1fe9a5eedb3d73b21cc6d8efa4f674324482823ffb5bb9879938689c555a90dcd3022c636c821acdb6538ece76d2b59f8af3d1e23c9a519ca7e6c4c19d9e824f1528b0a68667da7747641cd4d48df6fe546b370cab4532011e869c56ba65983b2bf25528dfed6858a8ecac15de19f43280b8cf978fd91759b06bf26c57a5a5ff27f3f85e7cb003df1e67e632190ac0e01e3891601e8addcdad5f0b0a95a56616c971dc5d5eadc77f27e429bc5a204ee15a0d2a95891b2f0f56b2ff39e2923573b7f7e8eff36a7347fb3bedaa09aaf87f02968ce12cf9d36a9515d2e0636065c49f7f8a86c1c9a9a3fe6adfb2d2671862284ac41c7da7ef9dc904ed7b3a5bb62daaa0acd9e581e60c7fd9607976b6c6046d89bee5c99d46c5a0eb6e4896ec175e5f91fca139fb49cd1ca56729260944721fc1de471d4ff5368431ae9c38955823fb37e83d399277998bc0d0ba8a5fae9541adb3aefd33bf781afb3a67f4fe968037921784cfe7fc8c6a0fa80b2fb9c5b0968421eca6e6e7ec05f09742109d11835c5a66d8edf6c1eb4c39b85dee8ba2f0cea8004f03241d16e7fb547328606510e146a6bbbff997992bf4b41ef7edcafc4b7d76df30729b821c1d8ccf96802a1833b20ab15646b1185d5f701d2d163feb82f1c8dfbe384cc3c048b818733c8347fb1b30a36f8e1a508f86e65ffb753d592489437f1b881bfe70452fc9f621b9865f37a689ffabd4c192635233e8eb5cad659bb063167f7573d9b4e63061a4adaf47ece4dc54a3f97d9505cdda778f0f820a8f4345e610a95f2f57721d9f0bde32bcb03a29a267154a211a80309ea810b2beb80ed27dfa49191baf96cff60209ce7ee69c8eeb70e6dc3ff3eade5d6830da02b9d112e0886e95c4d3abfe66bf9698b3c3e78d6ec1b49e4093bf0e15c63c9b762d3ca2733e9368d110fb55fc70dab7187e4f87b6dd9b657b03d028001e5eb97b18525100f2fbb51fc74b6e838f28f6efa0a655cc99ca436fc8326ae88ab2abd0024a9a8b6ea061834fccc8c2d31667de7b504590c1186a2ba77bd122341da27f8d7c4e2d4d5cc7b09b907b04618c07ca01e6a22de20842e29a0189e9440313938acc30a52fba2b74919c35c61d5e14a54e8aa3ce8ac771afc65fefdb5a24b045d3cd10d5270d8e9368e5313add54ae029416040e8fb4a7ca0e0a4585b76e067c80ccb7d09204de4f0e95bb8b54d5bb536b92f3546407c8f27b280c85bc0776573dcb652c313687c7ad3b81cb75c7906cfe5b0b0e29568b3b2cfcd208aa31b559920b05dc64f738cfef2ff8a36ee938d25f6b7535ebd81f29a1cb86b4ab061b65cc2d4dba7555b660b56ac426979e954b929d2139fd7f65c5c8d37a274940bf7a118c4d3cb385d034060b4308fa0d0f0537db37914c59ec9b3badba5364c3e40fdfca536aadd8ff66801aa3318844fee826493b48c5e787bc64b98868ce5ed78440e01614c86524606e6a980a145d36c59e3b22775647188be5aec94c0509e0056e2d48dc1a4e87ba67dfd22c5ea120cb75773d9ff0789c1479c7e0a7783678374514328c2a8d24edf9d700663e3ecd3d2309cc63a5549641a1427ea6e8023b5603cea973c9d8e17cd8ac89b1336b4e633b191f0825afcc8c9587b311daf7d11faf44411cb78985e3ae499cdee6ddee6694bbad6df1af1852501fcda1b420a8f1e032e9707e04f3cebf71c188bd798402015b18bea15295a94a94c82d5772a04f1da47eaaa893443871c6393abee1f482629efb0ef052c663f31420094495843d42da4f7624b42bfd9690a92b2e1cdc635f6681300613530336a91bc19041c0173b77492e437b064f07d23d1891c54e772b96acb0df0bd5ed92d95222bdc02d390f38c69017b8ca6857ad719d626de85b55b3bd0af5857a2e35390207490121ae47c4a58bfbb82837a5f4cb42337f01791ee74115956d70bfef83c1456a52d2580953affc1ed1c828ddd7099c04fca889e0a79d333a3b87a7dcc888e3d6e3b122314cef4715b4423471c7c2906589f96636b353d1d05f5493edf3cf544cec5a6e334c8c4071cffe27e80baa22766f741483d4864d7847f76ff6ccf77d8f34d0c1cd66874af4281942e5cc5f3df5e7de9fab29b3a70033cf703543cfe46c743b868e687b5f052921b592ecb78ef37d68e4a8b7103a4e43ddcdc81c4554314a81a891ac21f686bc74096efbcfb260268d52b45db147ada840cf2382fa865950405f0478d26035af3fdbf8d5e14d30ccc5651547c912ea045306151201d561477cc726a91d6be2f5ecfa48d96a8a4b47ea47f7830c6a7283748df12e5d9aa10a03425a35fb097bbacdde29878dd5a2a01870932bca0643365cadd7a7230fa5e50216b72984b782c1f6ee86aff4e685f7af26996fecdfbfb2c9bbfc526e3ac7dec13f7b68407d5ff54c4e6bee5a0e921a297d7800af329408119f6966b19325b1c677e32d47502659c4cf1c807e2ae9de970cdbed6fadf9c0b4afca99dd3a35c7078de4ec456a3186167dbad122b5c25adacf423bd56d0f1e7b72d4608d6caf9c6e491692288f3f42119d3e8aa502cdb64c8203aa6ac2481b66bf9e362926250176abf7320859dbf1e0b1965dbcb8684dd3a2fe0086c3b2fc1233f019df26e2b509073f64beeec71502e997be3d30f23dabdc2ea7d9247f36f822a3649afbcb0c5f25bf41b24fe579d37c5f2f46ef5fef822fd806e5da1550a85fb87caa4b96d0da28a95abce2be0e9eb45b4845867c8e4158ca7533793cfcf02c2788b63ee7a6a5f6eb3efae797e8ea6fb0c795a1b9c858df26bc7ed5eacfb43cd12c34c460647233d127fcce035d30ee777203b690cd3ba61f8061828cad01a098a463540e9a00c858ca3485613cf526768c2a42c32e2d3d4037be15c9861a047189266ea11cc80e1bce7c463d0d45647d7f8304db24b0f21d9ce0a1d636b20869350834379e771ae98bf45feb625e4c8bfe741e0e03a121d4aada098caa6215f56542282ca3d3620a7a5f8cecd4b1a520a7a8d2a34a99b2bf4f9f0d32a5e3ca06dc136f7a73e53c894f9e60e0f340661e7316fa21595e138370885ff82649f6fe5ab69f40a04f87a7ab671b89542ba0359ac9db175c35ef70736da7e61115b4c65d1ea6cef9556701e8e1156f28f6390592120285d1ee9c7af7a96d6b0b75dc9d0e6236acbd0ab21421c6f990b8aeddc35f02d66579d5065e9c2e4004600b08969a82a99b92e4f2cfa337e344829c874f8c8be94cbdc1993744a9f3382bf7f179e5c6f121846da9a681b41e0a16d485f3cb97b988cb99410ecb00104f4eadafcb2f13a8b5a19b931f65ed06fa9a06ce88e760f113ceaa52075838ee209f1228e56838a9e51590850e19150c8fa3281ce7171a04820773169ee0e76eaa67468606ad13586e1294b044e8dede5044422155abdfe125c7f6e9e6f312e77c47b2de9d489a3bfb970456468bc96351d9d8df54ba131eed13424d872e6e1a179c881bba14c1ac90216374532e6135bde8fbac72048d10e379d5830fdb0c604c674b999d9f8dde0ee4f7adde2c478fe73e88d50be3fdc2262fece3b9f9fcdb49381867596daa99a73fa17e601b7eec4fa3146651db21fe37dceaaf68031d74df34aec41005ca738ff1b3add8322c40dc229aa8b90e867fba7963946624579feebe52a6b22790f81efafe6b690b99046d803d2422cee6a376f148bb1381e879b4fb3a9e73ec3c6e8c1397031d3bdd9a2a15c689b50faafbd81353d1bccc2fde92a9a899a50d86bc204b158fe41a26257cf0ccc40589b1ef7c1e04b14d2589b415024cac575de0167f9de1df74db53fd4adb933ddc1167a83f9db8d8012194560eb3efcd4496e33fc2c1754dc7e7bb5aeec841a8c363e764f72ad323c4f23c94daa0b3018986730884c9b65ed3ad3ced538ccd6a0db49aaf386df87b1d668c3fb530358730c2833d6275b6948e2014863074d94e012348c2f5dc2e11f2cec365fe6457dbc36f81eff78c44ec9749188c9dd56db356230750447d8e2ea481a0974c51ff37b61c45333cc52b78b62c1de7589c9c1505b5fef571f3015d07974c9e647888d4bfa47781365ae4185f4b642cfb5183892bfed5882b4eadcf47c62f15c522073f6e7b01cc7f46bcf95371eb39f5672f9c653dc60e88b98c245ae52a7673299f97f41832679118b224173a2c844e1cd1d594b84ff3e52af0e837adc9739d5d0479a514ba4dbdd022c7f2162e24f937d0d6e55f9a654735d7142eaf5666c1354e4856d7bb55778bda180ca2d18cd81dc108ac696799cf7ab39d52e595b835066a6bb2a7ef96473cc33f06e7cade198d0f894143e17051a5c33dc2fc3a2c22b8909362c2cfd9e35951823f5303804df911cadf507f6569cc1053c7a4aa64f4e96f0b53e40116353c2b6c5aec1187d5d5270b1ab4de6c6229a8e471b208661f7004f583b04ea5351272617986849b4279dfd9afe0a2af5e21094c1b7dc04461a915938ef671657adffb860174070b385fcbc14ef5fbbb45e2da231eaa11d9f8470de1c4f536e4098724f52ff4e998f6b14ec266dabca858d9d4c5a5ffb3e07f89ba44c1d126dc077c2d0d241447f48963e6b988500f936010a1de9321f5c1cda2d176e46b1cbbb05cc4bb2e54d4d2568ef954d107c638747b3c273d9557e78e25ca19658c80e736b1592878a6e3df94c843477c1a502f330015c5619b3dd991085b54202583a331c7f38b247e5728f4646153f74927c603b67c15757be7de2001fa9b505358032e202be4000392fef0c2547dbfed9439832eb749d3e72cc6b70b5c57cd9ef140e119bd3705863939dbf8be0619cc7243826324642f3ceb82009954a24931d0993ba20da196340a5e1acf5d6cb69647b6e3090da008a10b545d379781dd94293781715b914f3b916976955d1296c2eba8d80ae42c8d7c934e117e860d66de5bf2033cf23311092cae310312e643975a522bb54c75d4532a0c1691a355348a1c8fd91d0af44f7e5bea28fc3e36b4ab79a4743d811fa158ca48fbf625ed6d046f5850269f54616a1aa6035ffa5fd1b5806511269990d54219803c9842e95b36670dff55c707db8fbf371062de40b3ba8acad808db213a7be4195e43acb72ab29f9e51decf89b84607c0fbe209a704b8ec287de2bd7eca95bcc7045b2d0725af84db76476ebe309dc54554c7959e9aae0e43e6a55780343fb35cf16b8c21c9e8a5569cd3e663b833bc387b126433f3c8963a664cf5d4464098fe4889dab050b8ac7cf30e75688d1929e1298542b236bb008b602a56cc4458a2b1da7a8be1c3e46820ba4b6c", @ANYRESDEC=r0], 0x20000000241e400)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
socket$unix(0x1, 0x1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x662bc2, 0x0)
ioctl$TCSETSW(r5, 0x5403, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r4}, 0x18)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r6, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r8}, 0x18)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
recvmsg$kcm(r6, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)

42.757266842s ago: executing program 3 (id=2540):
r0 = mq_open(&(0x7f00000001c0)='\rC~\xd9[<\x97Fo7\xaa\xcb\x15I\xdc\xe1\'\x12\xc3\xc3', 0x40, 0x16, &(0x7f0000000400)={0x8, 0x3, 0x2, 0x7fff})
mq_timedreceive(r0, &(0x7f0000000540)=""/55, 0x37, 0x100, &(0x7f0000000bc0))
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x8000)
ioctl$KDFONTOP_COPY(r1, 0x4b72, &(0x7f0000000040)={0x3, 0x1, 0x10, 0x1a, 0xd8, &(0x7f0000000e40)})
socket$inet_udp(0x2, 0x2, 0x0)
write$selinux_create(0xffffffffffffffff, 0x0, 0x36)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(r3, 0x6)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
read(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="880000000001010400000000000000000200000a240001801400018008000100ac1e000108000200000000000c00028005000100000000000c001080080003400000000808000740000000003c000e802c0001801400030000000000000000000000ffffac14141114000400fc0200000000000000000000000000000c000280050001000000000007fba5ed4ea05d88d6c7c7f1bc97e20857bbcda8eb64fed3995860691cfa8a82911a65007921e4626e10191805d117d6645250271e56df473ece6b6c8492c42759d7ad2a51ef3804ebda5f598726ff36519cd21017561bbea5017d15358faa1e85b2f5e941d425c1e3fea382685d13bc630bb945aa523b971be5415cf7119a0f80a8918c33898a5fe5f4a5332e8a2c21708ae07b26215be62b9dc7ce595d6f18381fb136030d0c94edee6f15a396819850fb6e6a443b179d93ad"], 0x88}}, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000c40)='./file0\x00', 0x808080, &(0x7f0000000c80), 0x2c, 0x534, &(0x7f0000000600)="$eJzs3ctvY1cZAPDPniT2zGSaFLoozw6lMKDR2ImnjaouoGyQUFUVqXSF0DRKPFEUO45ipzQhEhmJHVskKrGCP4EFEgukrtizgx2bIoFUYETVICHk6l5fp4ljR9Ekjmfi30+68rkP3+87lu45vsePE8DYuhkRexExFRFvR8RMtj2XLfFqZ0mO+/jh7tL+w92lXLTbb/5rIjtyd6l7fNf17JzFiDeS9UKfuM3tnbXFWq26ma2XW/WNcnN7585qfXGlulJdr1QW5hfmXr77UuXc6vpc/bcffnf1tbf+8PsvffCnvW/+JMn5251dU0ndzi3QIZ3XZTKmD21LXrnXhhFsBK5k9ZkadSI8knxEfCYins/KB4qjywkAGK52eybaM4fXB8ud4hgA4PGX3PNPRy5fyu7/pyOfL5XSMbziM3EtX2s0W7fvN7bWlyMdw5qNyfz91Vp1LhsrnI3JXLI+n5Y/Xa/0rN+NiKcj4heFq+l6aalRWx7Vmx4AGHPXe/r/jwqd/v8UfEIAAE8yPTkAjJ/j/f/kSPIAAC6O+38AGD/F8CYAAMZNsee3/wDA5Xfo1n+i7wHPxk9/dHHpAAAXwNA/AIyV77/+erK097P/v15+Z3trrfHOneVqc61U31oqLTU2N0orjcZK+p899fRJucHnqzUaG/Mvxta75Va12So3t3fu1Rtb66176f9636v6YQEAjN7Tz73/l6Q733vlarpEdy4HXwiAS89lDuPryqgTAEam//d9gHFgPB444SO91MCvCL03+DlXz5APMHy3Pjdg/L/fe4MHB6X/ty8uRWBIjP/D+Drb+L/RA3iSGf+H8dVu58znDwBj5hR38L4iCJfcI33+/4XGcJIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ8R0uuTypWwu8OnI50uliBsRMXt1Mnd/tVadi4inIuLPhclCsj4/6qQBgDPK/yOXzf91a+aF6d69U7n/FtLHiPjxr9785buLrdbmfLL93wfbW+9l2yt9AxSGXwcA4JCJ3g3dfrrbj3fn9/344e5Sd7nIBD/8Tmdy0STufrZ0U+8kX4zJiLj2n9yRyuTOaWLivQcR8Wxv/fMH+2ezmU974yexbwwtfqQ1nD4SP38kfj7d13lMXovPnkMuMG7eT9qfV/tdf/m4mT5m11/uaGNajJ8fb1wfQbf922/3tn+d6/2NG8W0renX/t08bYwX//i9gfseXGl/fiJi/1j7250RupiWjsWfiHih3wl/9q2Ptno2/fWLX35+UPz2ryNuxUnxO6Vyq75Rbm7v3FmtL65UV6rrlcrC/MLcy3dfqpTTMepyd6T6uH++cvupwfWPuDYgfvGk+kfE1wadtMdv/vf2D79yQvxvfLVf/Hw8c0L8pE/8+injL177Xd/pu7vxlwfUf+JI/Kkjz0u23T5l/A/+trN8ykMBgAvQ3N5ZW6zVqpsKZy0Uh3Xm6+d1wsLj8UJdusLf3zpyTY08n3MpjKxJAi7Ipxf9qDMBAAAAAAAAAAAAAAAGaf4g+8u/If4YbtR1BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PL6JAAA///h5MuV")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000011c0)={&(0x7f0000001180)='kfree\x00', r6, 0x0, 0x4}, 0x18)
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x208a022, 0x0, 0x1, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
umount2(&(0x7f0000000100)='./file0\x00', 0x8)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
mount(0x0, &(0x7f0000000140)='.\x00', 0x0, 0x2b3434, 0x0)
accept(r2, 0x0, 0x0)

41.821480019s ago: executing program 3 (id=2565):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000611040000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x94)
r2 = socket$kcm(0x2, 0x5, 0x84)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000090300000a60000000060a01a4222be0d1ade722000a00fffd0900010073797a31000000003400048030000180080001006f73660024000280050002000600000008000140000000140500020002000000080003405e1500010900020073797a32"], 0x88}, 0x1, 0x0, 0x0, 0xc010}, 0x24000000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
sendmsg$inet(r2, &(0x7f00000007c0)={&(0x7f00000000c0)={0x2, 0x4e23, @private=0xa010102}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000200)='Y', 0x1}], 0x1}, 0x40041)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000800000002"], 0x50)
setsockopt$sock_attach_bpf(r2, 0x84, 0x22, &(0x7f0000000000)=r6, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf050000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad35010000000000840400000000000014000000000000009500000000000000db13d5d8b741f2cdaabc83df03395287fd51a700ea6553f304000000815dcf00c3eebc52267b042d196bde7c382d21ff79a8583a7482c5994747e19325b1ee980cbd800d845dacbcf5ad8cdbc7abf9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x48)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r8}, 0x10)
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x98, 0x24, 0xd0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x68, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1], 0x0, [0x5, 0x8, 0x2, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x200, 0x0, 0xfffd]}}, @TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME_EXTENSION={0xc, 0x9, 0x7fffffffffffffff}]}}]}, 0x98}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
socket$packet(0x11, 0x2, 0x300)
syz_emit_ethernet(0x187, &(0x7f0000000180)={@local, @empty, @val={@val={0x88a8, 0x7, 0x1, 0x2}, {0x8100, 0x1, 0x1}}, {@ipv4={0x800, @icmp={{0x39, 0x4, 0x3, 0x3, 0x171, 0x65, 0x0, 0x3, 0x1, 0x0, @remote, @broadcast, {[@cipso={0x86, 0x18, 0x3, [{0x1, 0xd, "7f276a6535ef0bebd33d41"}, {0x1, 0x5, "3e9e84"}]}, @cipso={0x86, 0x67, 0xffffffffffffffff, [{0x1, 0x8, "8667f2bd75e7"}, {0x1, 0x12, "c6e5ae3acb0e2eccdeee9a21b86f8428"}, {0x4, 0x5, '5k\a'}, {0x2, 0x5, "fd8800"}, {0x7, 0xc, "6b9caa04653e3f6c4e86"}, {0x6, 0x11, "aecb39f0549044a10e74d5467ab2ec"}, {0x0, 0x7, "13d3ff0f12"}, {0x0, 0x10, "026c16e0661763f250e803114404"}, {0x0, 0x9, "d5a5dae52593a4"}]}, @timestamp_addr={0x44, 0x24, 0xf4, 0x1, 0x7, [{@rand_addr=0x64010102, 0x2}, {@multicast1, 0xe}, {@broadcast, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}]}, @ssrr={0x89, 0x7, 0x34, [@dev={0xac, 0x14, 0x14, 0x31}]}, @lsrr={0x83, 0xb, 0x48, [@remote, @multicast1]}, @timestamp={0x44, 0x18, 0x14, 0x0, 0x9, [0x6, 0x80000000, 0x2, 0x0, 0x8001]}]}}, @echo={0x8, 0x0, 0x0, 0xb8, 0x10, "1a082fbba44c69c95a968e71cd6ea7e625d225d73c90e20f38f00fc7a2030af18c860d334ae947246b6a1e2113bbc566599e3e63eeabc49d59e786d2c254cc623c542f7214072d67f40cb7015a8274afe32f798e3088ff6f753b5dde5054af6e0487f07e3c6111908ed772a810f6a4acb429bdfa2b81fac8b6cbce8deb67a6d25483902bc7"}}}}}, 0x0)

41.611516548s ago: executing program 3 (id=2570):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000c4000000003280004800800024000000012080001"], 0xa4}}, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0xffffffffffffff4b, &(0x7f0000000180)=[@in6={0xa, 0x4e22, 0xdd13, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffe}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000001c0)={r5, @in6={{0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x7}}}, 0x84)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0xffffffffffffff82, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x8048)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="480000000d0a01080000000000008c000a0000010900020073797a31000000000900010073797a31000000001c000380180000800c000180060001000d00000008000a5fe1819a75e41f0aa97969f73d6b57e9a2df8a7bc8844242a17ca7b80cb7144f"], 0x48}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)

41.555947184s ago: executing program 32 (id=2570):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000c4000000003280004800800024000000012080001"], 0xa4}}, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0xffffffffffffff4b, &(0x7f0000000180)=[@in6={0xa, 0x4e22, 0xdd13, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffe}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000001c0)={r5, @in6={{0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x7}}}, 0x84)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0xffffffffffffff82, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x8048)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="480000000d0a01080000000000008c000a0000010900020073797a31000000000900010073797a31000000001c000380180000800c000180060001000d00000008000a5fe1819a75e41f0aa97969f73d6b57e9a2df8a7bc8844242a17ca7b80cb7144f"], 0x48}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)

5.831958198s ago: executing program 2 (id=3117):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x100)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0)
read(r2, &(0x7f00000002c0)=""/200, 0x39)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000c00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a300000000040000000030a01020000000000000000020000000900010073797a300000000014000480080002400000000008000140000000000900030073797a320000000034000000140a010200000000000000000100000708000340000000040900010073797a30000000000900010073797a3000000000140000001100010000000000000000000000000ac1786d05acaf7f27e90067875e00cfe04080b973cc1841d2324a58eef040ee941d700f89eb165bff46f0653b6c049893b9bce5c1bfbd9fd69cbb652f24d930a7ad8ff6abf68e6b5427"], 0xbc}}, 0x0)
pipe2$9p(&(0x7f0000001900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}})
keyctl$read(0xb, 0x0, &(0x7f0000000280)=""/26, 0x1a)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r9}, 0x18)
setsockopt$CAN_RAW_FILTER(r7, 0x65, 0x1, 0x0, 0x0)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x14, r10, 0x8, 0xffffffff, 0x25dfdbfe, {0x3}}, 0xfffffffffffffeed}, 0x1, 0x0, 0x0, 0x4008001}, 0x0)

2.25678459s ago: executing program 0 (id=3145):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a000000030000000800000001"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)='%-010d \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
setresuid(0xee01, 0xffffffffffffffff, 0xffffffffffffffff)

2.200969706s ago: executing program 0 (id=3147):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000600)}], 0x1, 0x0, 0x480}, 0x0, 0x50, 0x1})
r1 = syz_io_uring_setup(0x221d, &(0x7f0000000100)={0x0, 0x6e7f, 0x800, 0x1, 0x5cc}, &(0x7f0000000280)=<r2=>0x0, &(0x7f00000005c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffa, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, 0x0, r1})
io_uring_enter(r1, 0x66ab, 0x4, 0x2, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
r5 = dup(0xffffffffffffffff)
acct(&(0x7f0000000000)='./file0\x00')
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x48, &(0x7f0000000280)=0x1, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r5], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syslog(0x2, &(0x7f00000004c0)=""/164, 0xa4)
syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x1001, 0x40, 0x6}, &(0x7f0000000240), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r7}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.424935288s ago: executing program 1 (id=3150):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r0, &(0x7f0000000180)="3a55f585dfd927e28e1c3a635e6c4832f8d2e84b06806de8606d4fed0a18e588e7c38804b52357080d4e82f7f18cea6da9156859ea07d02ac644a80ac345bbdcb682001ef50b1ec3b299fa4b2ad30df4deb5d25611dc483a4edd5c8eff69a5e23f60e5a88943b0bdffde227ff682184df3705bed51efce7e22d9fe9edb6419e0e6f0ea6069e9b2c15f22497ccad7b4aa", &(0x7f0000000300)=""/98}, 0x20)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)

1.417583139s ago: executing program 0 (id=3151):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xfffffffc, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000840000"], 0x0, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x10, 0xb, &(0x7f00000010c0)=ANY=[@ANYBLOB="1a020000000000000000e1ff00000b2b00001812000003dae881df5a0f9c7e94a7b6c46f3909cb9373b47e3666f420dd3c2dd5a9de1a550593c86c", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000008510000002000000850000000800000095000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0xa}, 0x94)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./bus\x00', 0x4000, &(0x7f0000000500)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES64, @ANYRES32, @ANYRESHEX, @ANYRESDEC], 0x1, 0x2cb, &(0x7f0000000ac0)="$eJzs3U9LW1kYx/GfJmNiHE0Ww8AMDHOY2cxsgpN5ATNhUBgmMMUaabsoXOtNG3KbyL3BEik1m9JtX4d02V2h7RtwU7rpvjspFLpxUXqL9yaaaJLGkD9avx+Q8yTPeXKO5ihPLiTuX3t8t1Tw0gWrqum40bRU14GUOowaphrjdBDPqFVdv899ePPT1es3/svmcksrxixnV//MGGMWfn5+7/6TX15W59aeLjyLaS91c/995u3ezN4P+59W7xQ9U/RMuVI1llmvVKrWumObjaJXShtzxbEtzzbFsme7bfmCU9ncrBmrvDGf2HRtzzNWuWZKds1UK6bq1ox12yqWTTqdNvMJXW7RPubkd1dWrGzXtB8Z6o4wcrOd7nTdbL1zMr87hj0BAIBzpnf/H/b63fv/3Fo4nqX///7L/b9E/z8i9bZbXfr/b8e4IYyc62atROP3tx39PwAAAAAAAAAAAAAAAAAAAAAAF8GB7yd9308ejo27gtsxSXFJfiN/VNDP28pxYbQ+/37LV9fnP/TXhLaLIWt5415cch5t5bfy4RjmswUV5cjWopL6GJyHhjBe/je3tGgCKb1wdhr1O1v5iGLN+qZUp/qpqBQ+QHv9N0q0rp9RUt91Xj9jOtXP6LdfW+rTSurVLVXkaCM418f1D/4w5p//cyfqZ4N5AAAAAAB8DdLmyKnX70E+mBDX6XxY33J9wPf9nV7XB068vo7qR64lAgAAAAAwFl5tu2Q5ju0OEMQkDVYuDbxor8D3paE+4EBBRJNcvVvwt6RzsI1xBXE1z5gZpPydznRE/T7mRCVN/MdyhmDSf5kAAAAADJtX2z7+Bz/9ev1wRLsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBy6vfzwJrzT6WaiZ6f9nckMvZvEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADhHPgcAAP//ps0YVA==")
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv4_newrule={0x48, 0x20, 0x100, 0x70bd29, 0x25dfdbfb, {0x2, 0x94, 0x20, 0x8, 0x76, 0x0, 0x0, 0x8, 0x15}, [@FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x27}, @FRA_DST={0x8, 0x1, @broadcast}, @FRA_DST={0x8, 0x1, @remote}, @FRA_SRC={0x8, 0x2, @empty}, @FRA_FLOW={0x8, 0xb, 0xf}]}, 0x48}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x3fd4}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="240000006800d50300000000000000000a0000000000000004000b000800010002"], 0x24}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000300000000002604fdffff02000014010000033800001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0x1}, 0x48)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r7)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r10=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)={0x34, r8, 0x101, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x4}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x84)
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000001080)={&(0x7f0000000f80), 0xc, &(0x7f0000001040)={&(0x7f0000001000)={0x3c, r6, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_IFTYPE={0x8, 0x5, 0xffffffff}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000000}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000c000)
syz_emit_ethernet(0x46, &(0x7f00000001c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @icmp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x400, 0x0, 0x1, 0x0, @remote, @remote, {[@timestamp={0x44, 0x10, 0xb, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}, @timestamp={0xd, 0x0, 0x0, 0x9, 0x2, 0x672d, 0x1, 0x9}}}}}, 0x0)
prctl$PR_SET_MM_MAP(0x21, 0xe, &(0x7f0000000740)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f000085b000/0x1000)=nil, &(0x7f0000c65000/0x3000)=nil, &(0x7f00008d1000/0x1000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f00006bd000/0x2000)=nil, &(0x7f0000f86000/0x3000)=nil, 0x0}, 0x68)
mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file7\x00', 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0)

1.233825756s ago: executing program 1 (id=3153):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_MASTER={0x8, 0xa, r3}, @IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x6}, @IFLA_BR_VLAN_STATS_ENABLED={0x5, 0x29, 0x1}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)
fcntl$lock(r0, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x9, 0x9})
fcntl$lock(r0, 0x5, &(0x7f0000000340)={0x1, 0x1, 0x1000000007, 0xaa})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)={0x34, 0xb, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010104}}]}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4800}, 0x4800)
lsm_set_self_attr(0x64, 0x0, 0x0, 0x0)
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000200)={0x60, 0x1, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x9e, &(0x7f0000000040)=[{0xff, 0x6}, {0x7, 0xffffffffffffffff}, {0x2, 0x10, 0x9}, {0x7d39, 0x401, 0x4}, {0x0, 0x9, 0x9}, {0x3ff, 0xb2, 0x2}, {0x8, 0x101, 0x7}, {0xff, 0x100000001}, {0x9, 0x0, 0x5}, {0x3, 0x5, 0x3}], 0xa, 0x3, 0x0, 0x40, 0x9, 0x42})
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f00000004c0)={&(0x7f0000000180)="edbf760f922837230b62ac0020ed994fb1ad1cc333a8d177c7c2c8efb78f6a6062f76445b9b648e2f9f36a95f5", &(0x7f0000000380)=""/185, &(0x7f00000002c0)="db7837d274550b63934b957b02ee4465f5d19c01cbba97c1458a15fb69340d2a46be9ff28510f737a27a770489a0bfd2273b591a756676d147a1d1c06396725a0bef3db4a50025f0e80d07", &(0x7f0000000440)="eb8f18c7a5823e255e507d6e2cb2cc85624ea89fe077b6b4b1aafabd6394676680d88271b7be84247e0aeb17c8ec81aaa53675916aa0b41fd804d88ea91d55a70089a102964c", 0xffff, r0}, 0x38)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))

1.016740886s ago: executing program 0 (id=3156):
r0 = socket(0x19, 0x3, 0xffffffff)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x11000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x4, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="180afc855c8ea58196e7641176d2983112000006000000000000000099371f5888ecb1bc000000850000000e0f00009500000a04200000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ffffffc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e02742e8680d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r2, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffff"], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r4}, 0x32)
mlockall(0x4)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDSETLED(r5, 0x4b32, 0x91)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x8, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000001b80)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x408c}, 0x40040)
r7 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401000000000000000000090002002f797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
socket$kcm(0x1e, 0x8, 0x0)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000540)=@in={0x2, 0x4e21, @private=0xa010101}, 0x10, &(0x7f0000000280)=[{&(0x7f00000006c0)="01cca9", 0x3}], 0x1, &(0x7f0000000680)=ANY=[@ANYRES32=0x0], 0x30, 0x8000}, 0x2800c055)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffcee, 0x0, 0x0}, 0x94)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r8=>0x0, <r9=>0x0})
close(r8)
setsockopt$sock_attach_bpf(r9, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socket$kcm(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r3, 0x10e, 0x8, &(0x7f0000000240)=0x9, 0x4)
sendmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000880)="d800000010008104685fa31ded828946ca47a49396440b25000000e8fe09a1180015000600140000000012080003004300db805158635a19603f2c76b089e12ef68754fbf1f69c2d06c804262eafc56d61a1d073c47ae54d381924689d09ae560329cc827155a98eb4412359f05482f9f68fa36047c85c8a55b81d55b9d29ca754a3655decce042dfcd43c952a591a7ffaccf3e0b5369366eea971027f5c910761d85ad831fa882c5638c11012e65cb0d8000e521fc83ebbda5e4ba34674a8d46f0c4334ee0ef50caf0ebc24f3382769e8a3f6897f2b40880d230b1f1b05c4784d56e70151c90977add9f0ad8645d119efc343dae52f7f568f4ed7f96235f0a9b803f142c6", 0x105}, {0x0}, {&(0x7f0000000700)="ca8be024b7d3396913009eee085cbfd194f2635a89cac67dd9da7152c77aec7c36908c3b87098d0be7d6278b4f4d630082e4c4a36d9121245e", 0x39}], 0x3}, 0x20000880)
sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0x9}, {0xf, 0xfff1}, {0xffff, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x3}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0xc0}, 0x4000c00)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000"], 0x50)

1.016500646s ago: executing program 2 (id=3122):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x9}, 0x18)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000080)=0x2e9aa845)

1.006159697s ago: executing program 2 (id=3157):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0xffffffffffffff22}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x7}, 0x18)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x29, 0x0, 0x0)

940.973803ms ago: executing program 4 (id=3158):
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, 0x0) (async)
chdir(0x0) (async)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x2000, &(0x7f0000000000), 0x1, 0x620, &(0x7f0000000180)="$eJzs3c9rXNUeAPDvnUnSpM17aR+Px2t4DwMuWpCmSS1W3djWhV0ULNiFiIuGJqmh0x80KdhaaAsuFBRE3Bbpxn/AvXTvTgR151qoIhUFLRm5d+6kk+ROk6admaT384GZOffcO3POd05P77n35swNoLTG0qdKxO6IxVNJxEjLuuForBzLt7v367XT6SOJev2NX5JI8rzm9ov56470KYkYjIhvjkb8q7q63PkrV89O1eoN1yP2L5y7uH/+ytV9c+emzsycmTk/eeDFg4cmXpo8OPlE4tyRvx47/vr/Pn7/nRdmv63tS+JwnOx/bzpWxLEB9aQgcyzGYjEPsTW/LyIOpYmC72WrWVcI2zpfDzammv977I+I/8RIVLOlhpGY+6inlQM6ql6NqAMllej/UFLNcUDz2H59x8EnOzwq6Z67RxoHQKvj72ucG4nB7Nho+72k5ciocW5j5xMoPy3j/rXRW+kjlp2H+GOpdfqeQDnt3LgZEf8tij/J6rYzizSNvxKVlveldZqIiIE8/eoGim4mWs+dPOZ5mEevxCPE39oO6XdxOH9N849usPyxFcvdjh+AcrpzJN+RZ3vjB/u/dOzRHP9EwfhnuGDftRG93v+1H/819/eD2TnyyopxWDpmOVH8kf0rM3788Nin7cpvHf/dv5Zk9WiOBbvh7s2I0RXxf5AN9JKl9k8K2j/d5NTh9ZXx2nc/H2u3bnn8o7e6HX/9dsSewuOfB6PSNPWQ65P7Z+dqMxON58Iyvvr67S/ald/r+NP2394m/pb2r6x8X/qdXFxnGV+euH1uoM264TXjr/w0kDSON5uf8e7UwsKlyYiB5Hi+SUv+gYfXpblN8zPS+Pc+W9z/l/37v7n8c4ZaD2DWcPHNs/fardtI+7dcTF6sr7MO7aTxT6/d/qv6f5r3yTrL+P2ty/9vt64g/og8/qHHCQwAAAAAAABKqJJdg00q40vpSmV8vDFf9t+xvVK7ML/w3OyFy+enI/Zmfw/ZX2le6R5pLCfp8mT+97DN5QMrlp+PiF0R8Vl1KFseP32hNt3r4AEAAAAAAAAAAAAAAAAAAGCT2JHP/2/ep/q3amP+P1ASnbzBHLC56f9QXln/X3WLJ6AM7P+hvPR/KC/9H8pL/4fy0v+hvPR/KC/9H8pL/wcAAACAp9KuZ+78kETEjZeHskdqIF9X7WnNgE7rL8irX+9BRYCus4+H8lq69G/6P5RO0fh/lT/zHwfsfHWAHkiKMrPBQf3hnf9O4TsBAAAAAAAAAAAAgA7Ys7v9/P91zQ0AtizT/qC8HmP+v58OgC3OT/9DeTnGB9aaxT/YboX5/wAAAAAAAAAAAADQNcPZI6mM53OBh6NSGR+P+EdE7Iz+ZHauNjMREf+MiO+r/dvS5cleVxoAAAAAAAAAAAAAAAAAAACeMvNXrp6dqtVmLrUm/lqV83QnmndB7UJZr8QjviuS7n8tQxHR80bpWKKvJSeJuJG2/Kao2KX52BzVyBI9/o8JAAAAAAAAAAAAAAAAAABKqGXucbHRz7tcIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovgf3/+9cotcxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb098BAAD///yqQiE=") (async)
r0 = inotify_init1(0x80800)
inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0x2000775) (async)
close(0x3)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000) (async)
umount2(&(0x7f0000000040)='.\x00', 0x2)

703.424475ms ago: executing program 5 (id=3159):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
io_uring_setup(0x21dd, &(0x7f00000001c0)={0x0, 0x1fffff, 0x0, 0x2, 0xd5})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c617374000000006c000280080001400000000508000140000000090c0002"], 0x140}, 0x1, 0x0, 0x0, 0x4040}, 0x0)

702.971035ms ago: executing program 4 (id=3160):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000001c0)={'vxcan1\x00', <r4=>0x0})
bind$can_raw(r3, &(0x7f0000000000)={0x1d, r4}, 0x10)
close(r3)

690.823136ms ago: executing program 2 (id=3161):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000019300)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xffff}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000140))
write$ppp(r2, &(0x7f0000000100)="00a2a7ea7a", 0x5)

631.481042ms ago: executing program 4 (id=3162):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000000f4008500000086000000"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r2, &(0x7f00000005c0)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0xd90}}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x79ca}], 0x1}, 0x0)

615.264934ms ago: executing program 5 (id=3163):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1008}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x4f, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0x4}, 0x18)
lstat(&(0x7f0000001800)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r3 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$selinux_validatetrans(r3, &(0x7f0000001cc0)=ANY=[@ANYBLOB='system_u:object_r:semanage_t system_u:object_r:fixed_disk_device_t:s0 0'], 0x79)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
getrlimit(0xc, 0x0)

614.100964ms ago: executing program 4 (id=3164):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
io_uring_setup(0x21dd, &(0x7f00000001c0)={0x0, 0x1fffff, 0x0, 0x2, 0xd5})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c617374000000006c000280080001400000000508000140000000090c0002"], 0x140}, 0x1, 0x0, 0x0, 0x4040}, 0x0)

531.507221ms ago: executing program 2 (id=3165):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000080)={0x0, 'batadv0\x00', {0x8}, 0x1})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
openat$dir(0xffffffffffffff9c, 0x0, 0x88040, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_io_uring_submit(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
getpgrp(0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x0, 0x250}, [@IFLA_MASTER={0x8, 0xa, r4}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x40010)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r5, 0x8922, &(0x7f0000000080)={'dummy0\x00', 0x43})

531.229001ms ago: executing program 5 (id=3166):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000580)="d8000000200081044e81f782db44b90402000000e8fe55a11800150006001c0000000e120900100000000401a80016000a0011400600000003080000004dcf5c0468c1d67f6f94007134cf6ee08088568ab35d6e7016bb234841ef52b49816277ce06bbace806069438e6fb599e0ced72a6ba86cf917cbec4c2ee5a7cef4090000001fce1b10d414f00004d9db22fe7c9f8775730d16a4683f1aea4edbb57a5025ccca9e00360db70100000040fad95667e006d8df969b3ef35ce34d4a13821f4fbb9ad809d561cdce81ed0bffece0b42a9e000000000000", 0xd8}], 0x1}, 0x0)

503.097904ms ago: executing program 4 (id=3167):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x9}, 0x18)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000080)=0x2e9aa845)

449.630499ms ago: executing program 5 (id=3168):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000580)="d8000000200081044e81f782db44b90402000000e8fe55a11800150006001c0000000e120900100000000401a80016000a0011400600000003080000004dcf5c0468c1d67f6f94007134cf6ee08088568ab35d6e7016bb234841ef52b49816277ce06bbace806069438e6fb599e0ced72a6ba86cf917cbec4c2ee5a7cef4090000001fce1b10d414f00004d9db22fe7c9f8775730d16a4683f1aea4edbb57a5025ccca9e00360db70100000040fad95667e006d8df969b3ef35ce34d4a13821f4fbb9ad809d561cdce81ed0bffece0b42a9e000000000000", 0xd8}], 0x1}, 0x0)

418.719202ms ago: executing program 4 (id=3169):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000600)}], 0x1, 0x0, 0x480}, 0x0, 0x50, 0x1})
r1 = syz_io_uring_setup(0x221d, &(0x7f0000000100)={0x0, 0x6e7f, 0x800, 0x1, 0x5cc}, &(0x7f0000000280)=<r2=>0x0, &(0x7f00000005c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffa, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, 0x0, r1})
io_uring_enter(r1, 0x66ab, 0x4, 0x2, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
r5 = dup(0xffffffffffffffff)
acct(&(0x7f0000000000)='./file0\x00')
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x48, &(0x7f0000000280)=0x1, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r5], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syslog(0x2, &(0x7f00000004c0)=""/164, 0xa4)
sendto$inet6(r6, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c)
syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x1001, 0x40, 0x6}, &(0x7f0000000240), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)

417.800522ms ago: executing program 2 (id=3170):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000600)}], 0x1, 0x0, 0x480}, 0x0, 0x50, 0x1})
r1 = syz_io_uring_setup(0x221d, &(0x7f0000000100)={0x0, 0x6e7f, 0x800, 0x1, 0x5cc}, &(0x7f0000000280)=<r2=>0x0, &(0x7f00000005c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffa, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x1, 0x0, 0xffffffffffffffff, 0x0, r1})
io_uring_enter(r1, 0x66ab, 0x4, 0x2, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
r5 = dup(0xffffffffffffffff)
acct(&(0x7f0000000000)='./file0\x00')
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x48, &(0x7f0000000280)=0x1, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r5], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syslog(0x2, &(0x7f00000004c0)=""/164, 0xa4)
sendto$inet6(r6, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c)
syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x1001, 0x40, 0x6}, &(0x7f0000000240), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)

394.153404ms ago: executing program 5 (id=3171):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x4, 0x7ffc0002}]})
recvfrom$inet6(r1, &(0x7f0000000000)=""/44, 0x2c, 0x40010100, &(0x7f0000000080)={0xa, 0x4e24, 0xffffffff, @dev={0xfe, 0x80, '\x00', 0x23}, 0x4}, 0x1c)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
arch_prctl$ARCH_SHSTK_ENABLE(0x1003, 0xf0ff1f00000000)

339.509669ms ago: executing program 1 (id=3172):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000001c0)={'vxcan1\x00', <r4=>0x0})
bind$can_raw(r3, &(0x7f0000000000)={0x1d, r4}, 0x10)
close(r3)

339.156109ms ago: executing program 5 (id=3173):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f00000003c0)='syz0\x00', 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@cgroup=r0, 0x14, 0x0, 0xf, &(0x7f0000000040)=[0x0], 0x1, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0]}, 0x40)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x18)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x880, 0x0, 0x0)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000680)='kmem_cache_free\x00', r1}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
timer_create(0x2, 0x0, &(0x7f0000bbdffc)=<r5=>0x0)
timer_gettime(r5, &(0x7f0000000240))
fchdir(r3)
r6 = open(&(0x7f0000000300)='./file1\x00', 0x14b042, 0xc4)
ftruncate(r6, 0x2007ffb)
sendfile(r6, r6, 0x0, 0x1000000201005)
r7 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000000)={0xe, 0x18, 0xfa00, @id_tos={0x0, 0xffffffffffffffff, 0x0, 0x3}}, 0x20)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000001080)=0x8)
openat(0xffffffffffffffff, 0x0, 0x6a1c2, 0x50)
unlink(0x0)

337.963629ms ago: executing program 1 (id=3174):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000000f4008500000086000000"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r2, &(0x7f00000005c0)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0xd90}}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x79ca}], 0x1}, 0x0)

283.735644ms ago: executing program 1 (id=3175):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000019300)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xffff}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000140))
write$ppp(r2, &(0x7f0000000100)="00a2a7ea7a", 0x5)

139.549178ms ago: executing program 1 (id=3176):
socket$kcm(0x10, 0x2, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x800000200000008, 0x8b}, 0x0)
r1 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
r3 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2b, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
fcntl$lock(r6, 0x6, &(0x7f00000000c0)={0x2, 0x7, 0x2, 0x6, r1})

33.494348ms ago: executing program 0 (id=3177):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xf, 0x4, 0x4, 0x12}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20)
close(r0)

0s ago: executing program 0 (id=3178):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000007c0)=@raw={'raw\x00', 0x8, 0x3, 0x478, 0x1e8, 0xffffffff, 0xffffffff, 0x1e8, 0xffffffff, 0x3d0, 0xffffffff, 0xffffffff, 0x1e8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @loopback, [0xff, 0xff, 0xff, 0xff], [0xff000000, 0xff, 0xff], 'team_slave_0\x00', 'netdevsim0\x00', {}, {0xff}, 0x29, 0x3, 0x0, 0x60}, 0x0, 0x1a0, 0x1e8, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x4, 0x7a3, 0x6, 'snmp_trap\x00', {0x369bc443}}}}, {{@ipv6={@remote, @local, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], 'netpci0\x00', 'bridge_slave_1\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0xa8, 0x1c0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x29, 0x1, 0x1, 'syz0\x00'}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d8)

kernel console output (not intermixed with test programs):

e_1: entered promiscuous mode
[  197.613274][T10473] debugfs: 'hsr0' already exists in 'hsr'
[  197.630650][T10473] Cannot create hsr debugfs directory
[  197.645656][T10547] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.2594: Failed to acquire dquot type 1
[  197.659720][T10547] EXT4-fs (loop2): 1 truncate cleaned up
[  197.666266][T10547] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.679115][T10547] ext4 filesystem being mounted at /518/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.792116][T10473] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  197.802481][T10473] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  197.817095][T10473] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  197.839612][   T31] IPVS: stop unused estimator thread 0...
[  197.846157][T10473] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  197.877956][T10547] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2594'.
[  197.915655][T10473] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.943203][T10473] 8021q: adding VLAN 0 to HW filter on device team0
[  197.963855][T10473] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  197.974438][T10473] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  197.987288][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.998659][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.005829][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  198.016812][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.023978][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  198.094656][T10473] 8021q: adding VLAN 0 to HW filter on device batadv0
[  198.358451][T10603] x_tables: ip_tables: osf match: only valid for protocol 6
[  198.418708][T10473] veth0_vlan: entered promiscuous mode
[  198.441291][T10473] veth1_vlan: entered promiscuous mode
[  198.484488][T10473] veth0_macvtap: entered promiscuous mode
[  198.495741][T10473] veth1_macvtap: entered promiscuous mode
[  198.511415][T10473] batman_adv: batadv0: Interface activated: batadv_slave_0
[  198.523986][T10473] batman_adv: batadv0: Interface activated: batadv_slave_1
[  198.535945][ T1095] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.545114][ T1095] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.561675][ T1095] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.591849][ T1095] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.614136][T10610] syzkaller0: entered promiscuous mode
[  198.620131][T10610] syzkaller0: entered allmulticast mode
[  198.801706][ T2929] Bluetooth: hci0: Frame reassembly failed (-84)
[  198.808143][ T2929] Bluetooth: hci0: Frame reassembly failed (-84)
[  198.815974][T10625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.836528][T10625] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.846032][T10614] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2612'.
[  198.936037][T10632] loop4: detected capacity change from 0 to 2048
[  198.975533][T10635] loop2: detected capacity change from 0 to 1024
[  198.982804][T10635] EXT4-fs: test_dummy_encryption option not supported
[  198.994053][T10635] netlink: 'syz.2.2619': attribute type 16 has an invalid length.
[  199.019334][T10632] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.191019][T10127] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.303434][T10655] netlink: 'syz.5.2625': attribute type 1 has an invalid length.
[  199.338867][T10659] FAULT_INJECTION: forcing a failure.
[  199.338867][T10659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.352204][T10659] CPU: 0 UID: 0 PID: 10659 Comm: syz.2.2629 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  199.352263][T10659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  199.352280][T10659] Call Trace:
[  199.352288][T10659]  <TASK>
[  199.352333][T10659]  __dump_stack+0x1d/0x30
[  199.352366][T10659]  dump_stack_lvl+0x95/0xd0
[  199.352393][T10659]  dump_stack+0x15/0x1b
[  199.352417][T10659]  should_fail_ex+0x265/0x280
[  199.352447][T10659]  should_fail+0xb/0x20
[  199.352470][T10659]  should_fail_usercopy+0x1a/0x20
[  199.352574][T10659]  _copy_from_user+0x1c/0xb0
[  199.352616][T10659]  __copy_msghdr+0x244/0x300
[  199.352679][T10659]  ___sys_sendmsg+0x109/0x1d0
[  199.352747][T10659]  __sys_sendmmsg+0x178/0x300
[  199.352790][T10659]  __x64_sys_sendmmsg+0x57/0x70
[  199.352832][T10659]  x64_sys_call+0x1e28/0x3000
[  199.352859][T10659]  do_syscall_64+0xca/0x2b0
[  199.352897][T10659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.352923][T10659] RIP: 0033:0x7f755b95f749
[  199.353012][T10659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.353033][T10659] RSP: 002b:00007f755a3c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  199.353055][T10659] RAX: ffffffffffffffda RBX: 00007f755bbb5fa0 RCX: 00007f755b95f749
[  199.353069][T10659] RDX: 0000000000000001 RSI: 0000200000003a80 RDI: 0000000000000005
[  199.353083][T10659] RBP: 00007f755a3c7090 R08: 0000000000000000 R09: 0000000000000000
[  199.353174][T10659] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  199.353188][T10659] R13: 00007f755bbb6038 R14: 00007f755bbb5fa0 R15: 00007ffc56f97998
[  199.353211][T10659]  </TASK>
[  199.573590][T10665] __nla_validate_parse: 1 callbacks suppressed
[  199.573614][T10665] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2633'.
[  199.774105][T10686] loop2: detected capacity change from 0 to 1024
[  199.781032][T10686] EXT4-fs: test_dummy_encryption option not supported
[  199.852968][T10686] netlink: 'syz.2.2640': attribute type 16 has an invalid length.
[  199.860986][T10686] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2640'.
[  199.943172][T10689] netlink: 'syz.2.2641': attribute type 4 has an invalid length.
[  199.984457][T10689] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  200.216949][T10702] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2647'.
[  200.261353][T10706] loop5: detected capacity change from 0 to 512
[  200.290560][T10706] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.2643: Failed to acquire dquot type 1
[  200.306325][T10706] EXT4-fs (loop5): 1 truncate cleaned up
[  200.313891][T10706] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.326863][T10715] loop2: detected capacity change from 0 to 1024
[  200.335118][T10706] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.347917][T10715] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.2650: Failed to acquire dquot type 0
[  200.370950][T10715] EXT4-fs error (device loop2): mb_free_blocks:2037: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  200.391724][T10715] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #13: comm syz.2.2650: corrupted inode contents
[  200.407820][T10715] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #13: comm syz.2.2650: mark_inode_dirty error
[  200.418506][T10696] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2643'.
[  200.420408][T10715] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #13: comm syz.2.2650: corrupted inode contents
[  200.440980][T10715] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #13: comm syz.2.2650: mark_inode_dirty error
[  200.452828][T10715] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #13: comm syz.2.2650: corrupted inode contents
[  200.472507][T10715] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[  200.481463][T10715] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #13: comm syz.2.2650: corrupted inode contents
[  200.493980][T10698] loop4: detected capacity change from 0 to 512
[  200.500620][T10715] EXT4-fs error (device loop2): ext4_truncate:4635: inode #13: comm syz.2.2650: mark_inode_dirty error
[  200.512127][T10715] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[  200.523057][T10715] EXT4-fs (loop2): 1 truncate cleaned up
[  200.529216][T10715] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.533032][T10473] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.548296][T10698] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.2645: bad orphan inode 11862016
[  200.563204][T10698] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  200.576487][T10698] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.592110][T10698] cgroup2: Unknown parameter 'memory_hugZ¯‡@†iüF£T…ÆäÞetlb_acco~nting'
[  200.606806][T10721] loop5: detected capacity change from 0 to 1024
[  200.612420][T10698] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2645'.
[  200.621109][T10721] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.2651: Failed to acquire dquot type 0
[  200.634774][T10721] EXT4-fs error (device loop5): mb_free_blocks:2037: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  200.649908][T10721] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #13: comm syz.5.2651: corrupted inode contents
[  200.650690][T10723] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  200.662866][T10721] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #13: comm syz.5.2651: mark_inode_dirty error
[  200.683379][T10723] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  200.688168][T10721] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #13: comm syz.5.2651: corrupted inode contents
[  200.705422][T10723] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  200.716162][T10721] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.2651: mark_inode_dirty error
[  200.728042][T10721] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #13: comm syz.5.2651: corrupted inode contents
[  200.740273][T10721] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  200.745061][T10698] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  200.752753][T10721] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #13: comm syz.5.2651: corrupted inode contents
[  200.770706][T10721] EXT4-fs error (device loop5): ext4_truncate:4635: inode #13: comm syz.5.2651: mark_inode_dirty error
[  200.782212][T10721] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem
[  200.791863][T10721] EXT4-fs (loop5): 1 truncate cleaned up
[  200.799550][T10721] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.815064][T10726] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2652'.
[  200.845512][T10721] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.892781][T10732] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  200.902519][T10732] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  200.912954][T10732] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  201.011649][ T3573] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  201.011684][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  201.175436][T10739] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2656'.
[  201.338799][T10751] sch_tbf: burst 0 is lower than device lo mtu (1514) !
[  201.449461][T10756] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2663'.
[  201.541367][T10762] netlink: 88 bytes leftover after parsing attributes in process `syz.4.2666'.
[  201.556017][T10760] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2665'.
[  201.718440][   T29] kauditd_printk_skb: 478 callbacks suppressed
[  201.718460][   T29] audit: type=1326 audit(1767300796.558:18184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10779 comm="syz.4.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c71cf749 code=0x7ffc0000
[  201.758405][   T29] audit: type=1326 audit(1767300796.558:18185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10779 comm="syz.4.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c71cf749 code=0x7ffc0000
[  201.782278][   T29] audit: type=1326 audit(1767300796.568:18186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10779 comm="syz.4.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c71cf749 code=0x7ffc0000
[  201.806441][   T29] audit: type=1326 audit(1767300796.568:18187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10779 comm="syz.4.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc6c71cf749 code=0x7ffc0000
[  201.830258][   T29] audit: type=1326 audit(1767300796.577:18188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10779 comm="syz.4.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c71cf749 code=0x7ffc0000
[  201.854215][   T29] audit: type=1326 audit(1767300796.577:18189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10779 comm="syz.4.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c71cf749 code=0x7ffc0000
[  201.877929][   T29] audit: type=1326 audit(1767300796.577:18190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10779 comm="syz.4.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c71cf749 code=0x7ffc0000
[  201.901896][   T29] audit: type=1326 audit(1767300796.577:18191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10779 comm="syz.4.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c71cf749 code=0x7ffc0000
[  201.925605][   T29] audit: type=1326 audit(1767300796.577:18192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10779 comm="syz.4.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fc6c71cf749 code=0x7ffc0000
[  201.958800][   T29] audit: type=1326 audit(1767300796.633:18193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10779 comm="syz.4.2673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6c71cf749 code=0x7ffc0000
[  202.008134][T10784] loop4: detected capacity change from 0 to 1024
[  202.017029][T10784] ext4: Bad value for 'init_itable'
[  202.298697][T10804] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.306098][T10804] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.313554][T10804] bridge0: entered allmulticast mode
[  202.362690][T10721] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.441386][T10721] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.463749][T10813] ALSA: seq fatal error: cannot create timer (-19)
[  202.472605][T10817] tipc: Started in network mode
[  202.477559][T10817] tipc: Node identity a6ace5826fda, cluster identity 4711
[  202.484806][T10817] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  202.494807][T10721] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.507100][T10818] syzkaller0: entered promiscuous mode
[  202.512860][T10818] syzkaller0: entered allmulticast mode
[  202.539641][   T12] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.549356][T10816] tipc: Resetting bearer <eth:syzkaller0>
[  202.557497][T10816] tipc: Disabling bearer <eth:syzkaller0>
[  202.567376][   T52] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.579307][   T52] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.591318][   T52] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  202.617680][T10473] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.694781][T10838] IPVS: set_ctl: invalid protocol: 135 0.0.0.0:20003
[  202.834633][   T12] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  202.843506][   T12] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  202.855344][T10848] selinux_netlink_send: 23 callbacks suppressed
[  202.855359][T10848] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=10848 comm=syz.1.2699
[  202.892728][   T12] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  202.903163][   T12] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  203.009021][T10862] SELinux: failed to load policy
[  203.024704][T10860] SELinux: failed to load policy
[  203.108553][T10866] IPVS: set_ctl: invalid protocol: 135 0.0.0.0:20003
[  203.165458][T10872] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  203.175826][T10872] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  203.182833][ T1095] Bluetooth: hci0: Frame reassembly failed (-84)
[  203.265835][T10878] warn_alloc: 3 callbacks suppressed
[  203.265860][T10878] syz.1.2710: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  203.285874][T10878] CPU: 0 UID: 0 PID: 10878 Comm: syz.1.2710 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  203.285898][T10878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  203.285910][T10878] Call Trace:
[  203.285916][T10878]  <TASK>
[  203.285927][T10878]  __dump_stack+0x1d/0x30
[  203.285952][T10878]  dump_stack_lvl+0x95/0xd0
[  203.285999][T10878]  dump_stack+0x15/0x1b
[  203.286017][T10878]  warn_alloc+0x12b/0x1a0
[  203.286039][T10878]  ? __schedule+0x85f/0xcd0
[  203.286112][T10878]  ? __rcu_read_unlock+0x4f/0x70
[  203.286131][T10878]  __vmalloc_node_range_noprof+0xa0/0x1310
[  203.286156][T10878]  ? __futex_wait+0x1fa/0x260
[  203.286199][T10878]  ? __pfx_futex_wake_mark+0x10/0x10
[  203.286322][T10878]  ? __rcu_read_unlock+0x4f/0x70
[  203.286341][T10878]  ? avc_has_perm_noaudit+0xab/0x130
[  203.286361][T10878]  ? should_fail_ex+0x30/0x280
[  203.286382][T10878]  ? should_failslab+0x8c/0xb0
[  203.286404][T10878]  vmalloc_user_noprof+0x7d/0xb0
[  203.286478][T10878]  ? xskq_create+0x80/0xe0
[  203.286508][T10878]  xskq_create+0x80/0xe0
[  203.286538][T10878]  xsk_init_queue+0x95/0xf0
[  203.286576][T10878]  xsk_setsockopt+0x3f5/0x640
[  203.286604][T10878]  ? __pfx_xsk_setsockopt+0x10/0x10
[  203.286679][T10878]  __sys_setsockopt+0x184/0x200
[  203.286707][T10878]  __x64_sys_setsockopt+0x64/0x80
[  203.286737][T10878]  x64_sys_call+0x21d5/0x3000
[  203.286760][T10878]  do_syscall_64+0xca/0x2b0
[  203.286802][T10878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.286821][T10878] RIP: 0033:0x7f59d996f749
[  203.286841][T10878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.286875][T10878] RSP: 002b:00007f59d83d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  203.286893][T10878] RAX: ffffffffffffffda RBX: 00007f59d9bc5fa0 RCX: 00007f59d996f749
[  203.286960][T10878] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  203.287049][T10878] RBP: 00007f59d99f3f91 R08: 0000000000000004 R09: 0000000000000000
[  203.287060][T10878] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  203.287071][T10878] R13: 00007f59d9bc6038 R14: 00007f59d9bc5fa0 R15: 00007ffccaef0b68
[  203.287091][T10878]  </TASK>
[  203.287097][T10878] Mem-Info:
[  203.508399][T10878] active_anon:19894 inactive_anon:35 isolated_anon:0
[  203.508399][T10878]  active_file:20826 inactive_file:2515 isolated_file:0
[  203.508399][T10878]  unevictable:0 dirty:329 writeback:0
[  203.508399][T10878]  slab_reclaimable:3368 slab_unreclaimable:30805
[  203.508399][T10878]  mapped:33751 shmem:8990 pagetables:1483
[  203.508399][T10878]  sec_pagetables:0 bounce:0
[  203.508399][T10878]  kernel_misc_reclaimable:0
[  203.508399][T10878]  free:1848693 free_pcp:13590 free_cma:0
[  203.553797][T10878] Node 0 active_anon:79576kB inactive_anon:140kB active_file:83304kB inactive_file:10060kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:135004kB dirty:1316kB writeback:0kB shmem:35960kB kernel_stack:3904kB pagetables:5932kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  203.581592][T10878] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  203.611331][T10878] lowmem_reserve[]: 0 2880 7859 7859
[  203.616778][T10878] Node 0 DMA32 free:2945988kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949516kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[  203.648761][T10878] lowmem_reserve[]: 0 0 4978 4978
[  203.653925][T10878] Node 0 Normal free:4433424kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:79576kB inactive_anon:140kB active_file:83304kB inactive_file:10060kB unevictable:0kB writepending:1316kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:51256kB local_pcp:5520kB free_cma:0kB
[  203.687191][T10878] lowmem_reserve[]: 0 0 0 0
[  203.691765][T10878] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  203.704465][T10878] Node 0 DMA32: 3*4kB (M) 3*8kB (M) 4*16kB (M) 3*32kB (M) 4*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945988kB
[  203.720560][T10878] Node 0 Normal: 970*4kB (UE) 885*8kB (UME) 515*16kB (UME) 557*32kB (U) 436*64kB (UE) 286*128kB (UME) 263*256kB (UME) 195*512kB (UME) 195*1024kB (UME) 176*2048kB (UM) 880*4096kB (UM) = 4433312kB
[  203.739923][T10878] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  203.749356][T10878] 32350 total pagecache pages
[  203.754057][T10878] 35 pages in swap cache
[  203.758364][T10878] Free swap  = 124856kB
[  203.762709][T10878] Total swap = 124996kB
[  203.766976][T10878] 2097051 pages RAM
[  203.770857][T10878] 0 pages HighMem/MovableOnly
[  203.775688][T10878] 81272 pages reserved
[  203.789111][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.870063][T10883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  203.878976][T10883] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  204.363647][T10907] loop4: detected capacity change from 0 to 1024
[  204.379474][T10907] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.2721: Failed to acquire dquot type 0
[  204.402944][T10907] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  204.417925][T10907] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.2721: corrupted inode contents
[  204.430369][T10907] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #13: comm syz.4.2721: mark_inode_dirty error
[  204.442836][T10907] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.2721: corrupted inode contents
[  204.454979][T10907] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #13: comm syz.4.2721: mark_inode_dirty error
[  204.466827][T10907] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.2721: corrupted inode contents
[  204.478924][T10907] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  204.487707][T10907] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.2721: corrupted inode contents
[  204.500005][T10907] EXT4-fs error (device loop4): ext4_truncate:4635: inode #13: comm syz.4.2721: mark_inode_dirty error
[  204.511635][T10907] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  204.521540][T10907] EXT4-fs (loop4): 1 truncate cleaned up
[  204.530145][T10907] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.574310][T10907] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.626227][T10917] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  204.638714][T10917] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  204.648686][T10917] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  204.725413][T10907] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.842691][T10907] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.909035][T10907] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.961577][T10907] debugfs: 'netdev@ffff88810266e558' already exists in 'ref_tracker'
[  204.988502][ T1641] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.005757][ T1641] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.029588][ T1641] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.052813][ T1641] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.353147][T10940] loop2: detected capacity change from 0 to 512
[  205.366509][T10940] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.2732: Failed to acquire dquot type 1
[  205.378715][ T3573] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  205.384965][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  205.392401][T10940] EXT4-fs (loop2): 1 truncate cleaned up
[  205.398761][T10940] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.417557][T10940] ext4 filesystem being mounted at /535/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  205.432827][T10940] __nla_validate_parse: 8 callbacks suppressed
[  205.432846][T10940] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2732'.
[  205.477954][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.502574][T10945] loop2: detected capacity change from 0 to 1024
[  205.509309][T10945] EXT4-fs: Ignoring removed mblk_io_submit option
[  205.516648][T10945] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  205.525541][T10945] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  205.537737][T10945] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #11: comm syz.2.2733: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  205.556965][T10945] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2733: couldn't read orphan inode 11 (err -117)
[  205.569510][T10945] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.727789][T10945] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.2733: Invalid block bitmap block 0 in block_group 0
[  205.741621][T10945] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.2733: Failed to acquire dquot type 0
[  205.870897][T10954] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2736'.
[  205.880022][T10954] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2736'.
[  205.897853][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.915108][T10956] SELinux:  Context system_u:object_r:qemu_device_t:s0 is not valid (left unmapped).
[  205.938163][T10956] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10956 comm=syz.0.2737
[  206.000343][T10976] netlink: 88 bytes leftover after parsing attributes in process `syz.5.2741'.
[  206.035670][T10982] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2743'.
[  206.130951][T10994] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2748'.
[  206.163846][T10988] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2745'.
[  206.195197][T10999] netlink: 'syz.0.2750': attribute type 1 has an invalid length.
[  206.204808][T11001] loop2: detected capacity change from 0 to 256
[  206.222740][T11001] netlink: 212 bytes leftover after parsing attributes in process `syz.2.2751'.
[  206.233978][T11001] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=8219 sclass=netlink_xfrm_socket pid=11001 comm=syz.2.2751
[  206.313220][T11006] loop2: detected capacity change from 0 to 256
[  206.325272][T11006] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  206.339393][T11006] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2753'.
[  206.349908][T11006] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  206.358515][T11006] FAT-fs (loop2): Filesystem has been set read-only
[  206.426644][T11014] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2756'.
[  206.587638][T11034] netlink: 'syz.2.2762': attribute type 1 has an invalid length.
[  206.764428][T11018] chnl_net:caif_netlink_parms(): no params data found
[  206.807491][T11052] 9p: Bad value for 'rfdno'
[  206.859166][T11018] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.866555][T11018] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.874674][T11018] bridge_slave_0: entered allmulticast mode
[  206.882005][T11018] bridge_slave_0: entered promiscuous mode
[  206.889421][T11018] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.896572][T11018] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.904458][T11018] bridge_slave_1: entered allmulticast mode
[  206.911150][T11018] bridge_slave_1: entered promiscuous mode
[  206.930613][T11018] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  206.941280][T11018] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  206.962043][T11018] team0: Port device team_slave_0 added
[  206.968973][T11018] team0: Port device team_slave_1 added
[  206.986026][T11018] batman_adv: batadv0: Adding interface: batadv_slave_0
[  206.993058][T11018] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  207.019115][T11018] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.030673][T11018] batman_adv: batadv0: Adding interface: batadv_slave_1
[  207.037797][T11018] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  207.063733][T11018] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  207.091348][T11018] hsr_slave_0: entered promiscuous mode
[  207.097510][T11018] hsr_slave_1: entered promiscuous mode
[  207.103470][T11018] debugfs: 'hsr0' already exists in 'hsr'
[  207.109274][T11018] Cannot create hsr debugfs directory
[  207.168021][T11018] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  207.177921][T11018] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.213939][T11018] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  207.223842][T11018] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.256902][T11018] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  207.266837][T11018] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.299258][T11018] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  207.309279][T11018] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.379472][T11018] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  207.388822][T11018] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  207.397959][T11018] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  207.407062][T11018] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  207.424168][T11018] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.431295][T11018] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.438634][T11018] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.445713][T11018] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.477286][T11018] 8021q: adding VLAN 0 to HW filter on device bond0
[  207.488342][ T1641] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.496628][ T1641] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.510515][T11018] 8021q: adding VLAN 0 to HW filter on device team0
[  207.521667][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.528811][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.539724][ T1641] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.546871][ T1641] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.582475][T10127] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.629292][T11018] 8021q: adding VLAN 0 to HW filter on device batadv0
[  207.709988][T11018] veth0_vlan: entered promiscuous mode
[  207.719859][T11018] veth1_vlan: entered promiscuous mode
[  207.741513][T11018] veth0_macvtap: entered promiscuous mode
[  207.749940][T11018] veth1_macvtap: entered promiscuous mode
[  207.763231][T11018] batman_adv: batadv0: Interface activated: batadv_slave_0
[  207.775975][T11018] batman_adv: batadv0: Interface activated: batadv_slave_1
[  207.788335][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.811829][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.826764][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.851165][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.882785][T11092] loop4: detected capacity change from 0 to 512
[  207.903428][   T29] kauditd_printk_skb: 946 callbacks suppressed
[  207.903444][   T29] audit: type=1326 audit(1767300802.339:19134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11100 comm="syz.0.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  207.933469][   T29] audit: type=1326 audit(1767300802.339:19135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11100 comm="syz.0.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  207.957232][   T29] audit: type=1326 audit(1767300802.339:19136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11100 comm="syz.0.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  207.980904][   T29] audit: type=1326 audit(1767300802.339:19137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11100 comm="syz.0.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  208.004617][   T29] audit: type=1326 audit(1767300802.339:19138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11100 comm="syz.0.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  208.028802][   T29] audit: type=1326 audit(1767300802.339:19139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11100 comm="syz.0.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  208.052562][   T29] audit: type=1326 audit(1767300802.339:19140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11100 comm="syz.0.2776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  208.090238][T11092] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0
[  208.100741][T11092] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[  208.110193][T11092] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.2774: Failed to acquire dquot type 1
[  208.124526][T11092] EXT4-fs (loop4): 1 truncate cleaned up
[  208.139537][T11092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.152764][T11092] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.196277][T10127] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.218346][T11118] netlink: 'syz.4.2782': attribute type 1 has an invalid length.
[  208.425754][   T29] audit: type=1326 audit(1767300802.835:19141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11128 comm="syz.1.2787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6906a8f749 code=0x7ffc0000
[  208.608227][T11147] netlink: 'syz.4.2794': attribute type 1 has an invalid length.
[  209.845986][T11182] 9p: Bad value for 'rfdno'
[  209.992597][T11185] netlink: 'syz.1.2806': attribute type 1 has an invalid length.
[  210.531997][T11222] netlink: 'syz.0.2820': attribute type 16 has an invalid length.
[  210.567226][T11215] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.753183][T11215] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.818012][T11242] __nla_validate_parse: 22 callbacks suppressed
[  210.818035][T11242] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2827'.
[  210.859075][T11215] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.907056][T11244] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2828'.
[  210.977510][T11215] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.079343][T10080] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  211.097549][T10080] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  211.121429][T10080] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  211.160756][T10080] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.267614][T11266] loop5: detected capacity change from 0 to 512
[  211.281193][T11266] EXT4-fs (loop5): orphan cleanup on readonly fs
[  211.294225][T11266] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2837: bg 0: block 127: padding at end of block bitmap is not set
[  211.313416][T11266] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  211.338994][T11266] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.2837: corrupted inode contents
[  211.362019][T11266] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  211.372809][T11266] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.2837: corrupted inode contents
[  211.386277][T11273] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2839'.
[  211.407746][T11266] EXT4-fs error (device loop5): ext4_evict_inode:301: inode #15: comm syz.5.2837: mark_inode_dirty error
[  211.430032][T11266] EXT4-fs (loop5): 1 orphan inode deleted
[  211.436757][T11266] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  211.451347][T11267] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2835'.
[  211.484047][T10473] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.545704][T11278] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2840'.
[  211.555662][T11278] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2840'.
[  212.094072][T11313] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2852'.
[  212.132389][T11315] loop4: detected capacity change from 0 to 1024
[  212.148359][T11317] dvmrp1: entered allmulticast mode
[  212.171706][T11317] dvmrp1: left allmulticast mode
[  212.242197][T11323] loop4: detected capacity change from 0 to 1024
[  212.250445][T11317] FAULT_INJECTION: forcing a failure.
[  212.250445][T11317] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.263745][T11317] CPU: 0 UID: 0 PID: 11317 Comm: syz.5.2854 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  212.263783][T11317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  212.263801][T11317] Call Trace:
[  212.263808][T11317]  <TASK>
[  212.263819][T11317]  __dump_stack+0x1d/0x30
[  212.263910][T11317]  dump_stack_lvl+0x95/0xd0
[  212.263956][T11317]  dump_stack+0x15/0x1b
[  212.263992][T11317]  should_fail_ex+0x265/0x280
[  212.264023][T11317]  should_fail+0xb/0x20
[  212.264121][T11317]  should_fail_usercopy+0x1a/0x20
[  212.264152][T11317]  _copy_from_user+0x1c/0xb0
[  212.264190][T11317]  input_event_from_user+0x5f/0x160
[  212.264222][T11317]  ? input_inject_event+0x104/0x120
[  212.264286][T11317]  evdev_write+0x1b1/0x290
[  212.264344][T11317]  ? __pfx_evdev_write+0x10/0x10
[  212.264383][T11317]  vfs_write+0x269/0x960
[  212.264448][T11317]  ? kmem_cache_free+0xe3/0x3a0
[  212.264486][T11317]  ? putname+0x90/0x100
[  212.264519][T11317]  ksys_write+0xda/0x1a0
[  212.264547][T11317]  __x64_sys_write+0x40/0x50
[  212.264603][T11317]  x64_sys_call+0x2847/0x3000
[  212.264637][T11317]  do_syscall_64+0xca/0x2b0
[  212.264683][T11317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.264712][T11317] RIP: 0033:0x7f4a1a5df749
[  212.264731][T11317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.264770][T11317] RSP: 002b:00007f4a19047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  212.264790][T11317] RAX: ffffffffffffffda RBX: 00007f4a1a835fa0 RCX: 00007f4a1a5df749
[  212.264803][T11317] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 000000000000000b
[  212.264819][T11317] RBP: 00007f4a19047090 R08: 0000000000000000 R09: 0000000000000000
[  212.264833][T11317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.264845][T11317] R13: 00007f4a1a836038 R14: 00007f4a1a835fa0 R15: 00007ffdbaabcda8
[  212.264913][T11317]  </TASK>
[  212.268284][T11323] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.2857: Failed to acquire dquot type 0
[  212.520590][T11323] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  212.535494][T11323] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.2857: corrupted inode contents
[  212.547861][T11323] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #13: comm syz.4.2857: mark_inode_dirty error
[  212.559523][T11323] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.2857: corrupted inode contents
[  212.575440][T11323] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #13: comm syz.4.2857: mark_inode_dirty error
[  212.600457][T11323] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.2857: corrupted inode contents
[  212.655799][T11323] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  212.665022][T11323] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.2857: corrupted inode contents
[  212.678583][T11323] EXT4-fs error (device loop4): ext4_truncate:4635: inode #13: comm syz.4.2857: mark_inode_dirty error
[  212.691434][T11323] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  212.701342][T11323] EXT4-fs (loop4): 1 truncate cleaned up
[  212.708073][T11323] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.727602][T11323] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.780815][T11343] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  212.790889][T11343] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  212.801773][T11323] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.812363][T11343] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  212.858777][T11323] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.923188][T11323] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.007376][T11366] netlink: 'syz.0.2869': attribute type 21 has an invalid length.
[  213.076016][T11377] netlink: 'syz.0.2873': attribute type 16 has an invalid length.
[  213.084015][T11377] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2873'.
[  213.204895][T11388] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2878'.
[  213.223650][T11388] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2878'.
[  213.269412][T11393] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[  213.337173][   T29] kauditd_printk_skb: 308 callbacks suppressed
[  213.337188][   T29] audit: type=1400 audit(1767300807.418:19448): avc:  denied  { unlink } for  pid=3317 comm="syz-executor" name="file0" dev="tmpfs" ino=2900 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  213.456410][T11410] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.463617][T11410] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.489041][   T29] audit: type=1326 audit(1767300807.568:19449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6906a8f749 code=0x7ffc0000
[  213.515067][   T29] audit: type=1326 audit(1767300807.568:19450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6906a8f749 code=0x7ffc0000
[  213.539051][   T29] audit: type=1326 audit(1767300807.568:19451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6906a8f749 code=0x7ffc0000
[  213.562977][   T29] audit: type=1326 audit(1767300807.568:19452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f6906a8f749 code=0x7ffc0000
[  213.586882][   T29] audit: type=1326 audit(1767300807.568:19453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6906a8f749 code=0x7ffc0000
[  213.610545][   T29] audit: type=1326 audit(1767300807.568:19454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f6906a8f749 code=0x7ffc0000
[  213.611458][T11410] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  213.634185][   T29] audit: type=1326 audit(1767300807.568:19455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6906a8f749 code=0x7ffc0000
[  213.634222][   T29] audit: type=1326 audit(1767300807.568:19456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11409 comm="syz.1.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6906a8f749 code=0x7ffc0000
[  213.650490][T11410] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  213.717976][   T29] audit: type=1400 audit(1767300807.783:19457): avc:  denied  { ioctl } for  pid=11417 comm="syz.2.2886" path="socket:[61632]" dev="sockfs" ino=61632 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  213.754730][   T52] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  213.764219][   T52] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  213.808342][   T52] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  213.817481][   T52] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  214.385172][T11454] loop2: detected capacity change from 0 to 1024
[  214.404891][T11456] warn_alloc: 6 callbacks suppressed
[  214.404911][T11456] syz.1.2901: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  214.424950][T11456] CPU: 1 UID: 0 PID: 11456 Comm: syz.1.2901 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  214.425041][T11456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  214.425058][T11456] Call Trace:
[  214.425067][T11456]  <TASK>
[  214.425077][T11456]  __dump_stack+0x1d/0x30
[  214.425108][T11456]  dump_stack_lvl+0x95/0xd0
[  214.425137][T11456]  dump_stack+0x15/0x1b
[  214.425224][T11456]  warn_alloc+0x12b/0x1a0
[  214.425259][T11456]  __vmalloc_node_range_noprof+0xa0/0x1310
[  214.425300][T11456]  ? tracing_record_taskinfo_sched_switch+0x71/0x260
[  214.425363][T11456]  ? probe_sched_wakeup+0x85/0xa0
[  214.425531][T11456]  ? ttwu_do_activate+0x1d3/0x210
[  214.425567][T11456]  ? __rcu_read_unlock+0x4f/0x70
[  214.425628][T11456]  ? avc_has_perm_noaudit+0xab/0x130
[  214.425647][T11456]  ? should_fail_ex+0x30/0x280
[  214.425741][T11456]  ? should_failslab+0x8c/0xb0
[  214.425771][T11456]  vmalloc_user_noprof+0x7d/0xb0
[  214.425817][T11456]  ? xskq_create+0x80/0xe0
[  214.425856][T11456]  xskq_create+0x80/0xe0
[  214.425898][T11456]  xsk_init_queue+0x95/0xf0
[  214.425941][T11456]  xsk_setsockopt+0x3f5/0x640
[  214.426024][T11456]  ? __pfx_xsk_setsockopt+0x10/0x10
[  214.426126][T11456]  __sys_setsockopt+0x184/0x200
[  214.426164][T11456]  __x64_sys_setsockopt+0x64/0x80
[  214.426244][T11456]  x64_sys_call+0x21d5/0x3000
[  214.426277][T11456]  do_syscall_64+0xca/0x2b0
[  214.426398][T11456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.426420][T11456] RIP: 0033:0x7f6906a8f749
[  214.426434][T11456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.426456][T11456] RSP: 002b:00007f69054ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  214.426477][T11456] RAX: ffffffffffffffda RBX: 00007f6906ce5fa0 RCX: 00007f6906a8f749
[  214.426492][T11456] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  214.426505][T11456] RBP: 00007f6906b13f91 R08: 0000000000000004 R09: 0000000000000000
[  214.426528][T11456] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  214.426540][T11456] R13: 00007f6906ce6038 R14: 00007f6906ce5fa0 R15: 00007ffe34a81028
[  214.426558][T11456]  </TASK>
[  214.426565][T11456] Mem-Info:
[  214.473559][T11454] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  214.476326][T11456] active_anon:17071 inactive_anon:36 isolated_anon:0
[  214.476326][T11456]  active_file:20826 inactive_file:2518 isolated_file:0
[  214.476326][T11456]  unevictable:0 dirty:454 writeback:0
[  214.476326][T11456]  slab_reclaimable:3451 slab_unreclaimable:31781
[  214.476326][T11456]  mapped:30860 shmem:6223 pagetables:1524
[  214.476326][T11456]  sec_pagetables:0 bounce:0
[  214.476326][T11456]  kernel_misc_reclaimable:0
[  214.476326][T11456]  free:1854796 free_pcp:8667 free_cma:0
[  214.540427][T11454] ext4 filesystem being mounted at /559/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  214.541262][T11456] Node 0 active_anon:68284kB inactive_anon:144kB active_file:83304kB inactive_file:10072kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:123440kB dirty:1816kB writeback:0kB shmem:24892kB kernel_stack:4064kB pagetables:6096kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  214.740905][T11456] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  214.770844][T11456] lowmem_reserve[]: 0 2880 7859 7859
[  214.776209][T11456] Node 0 DMA32 free:2945988kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949516kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[  214.807442][T11456] lowmem_reserve[]: 0 0 4978 4978
[  214.812543][T11456] Node 0 Normal free:4455300kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:68284kB inactive_anon:144kB active_file:83304kB inactive_file:10072kB unevictable:0kB writepending:1816kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:31420kB local_pcp:24148kB free_cma:0kB
[  214.845918][T11456] lowmem_reserve[]: 0 0 0 0
[  214.850648][T11456] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  214.863474][T11456] Node 0 DMA32: 3*4kB (M) 3*8kB (M) 4*16kB (M) 3*32kB (M) 4*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945988kB
[  214.879681][T11456] Node 0 Normal: 637*4kB (UME) 926*8kB (UME) 652*16kB (UME) 629*32kB (UM) 557*64kB (UME) 402*128kB (UME) 287*256kB (UME) 205*512kB (UME) 206*1024kB (UME) 199*2048kB (UM) 862*4096kB (UM) = 4455300kB
[  214.899356][T11456] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  214.908676][T11456] 29596 total pagecache pages
[  214.913507][T11456] 36 pages in swap cache
[  214.917816][T11456] Free swap  = 124852kB
[  214.922033][T11456] Total swap = 124996kB
[  214.926248][T11456] 2097051 pages RAM
[  214.930078][T11456] 0 pages HighMem/MovableOnly
[  214.934831][T11456] 81272 pages reserved
[  214.967946][ T3324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  214.990337][T11466] loop5: detected capacity change from 0 to 512
[  214.997441][T11468] FAULT_INJECTION: forcing a failure.
[  214.997441][T11468] name failslab, interval 1, probability 0, space 0, times 0
[  215.010198][T11468] CPU: 1 UID: 0 PID: 11468 Comm: syz.0.2903 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  215.010233][T11468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  215.010267][T11468] Call Trace:
[  215.010274][T11468]  <TASK>
[  215.010282][T11468]  __dump_stack+0x1d/0x30
[  215.010356][T11468]  dump_stack_lvl+0x95/0xd0
[  215.010378][T11468]  dump_stack+0x15/0x1b
[  215.010399][T11468]  should_fail_ex+0x265/0x280
[  215.010519][T11468]  should_failslab+0x8c/0xb0
[  215.010543][T11468]  __kmalloc_node_noprof+0xbe/0x5c0
[  215.010567][T11468]  ? __vmalloc_node_range_noprof+0x433/0x1310
[  215.010598][T11468]  __vmalloc_node_range_noprof+0x433/0x1310
[  215.010681][T11468]  ? path_openat+0x1e82/0x23b0
[  215.010783][T11468]  ? _parse_integer+0x27/0x40
[  215.010802][T11468]  ? __rcu_read_unlock+0x4f/0x70
[  215.010907][T11468]  ? sel_write_load+0x157/0x380
[  215.010926][T11468]  vmalloc_noprof+0x82/0xc0
[  215.010951][T11468]  ? sel_write_load+0x157/0x380
[  215.010977][T11468]  sel_write_load+0x157/0x380
[  215.010997][T11468]  ? __pfx_sel_write_load+0x10/0x10
[  215.011033][T11468]  vfs_write+0x269/0x960
[  215.011122][T11468]  ? __rcu_read_unlock+0x4f/0x70
[  215.011142][T11468]  ? __fget_files+0x184/0x1c0
[  215.011180][T11468]  ? mutex_lock+0x58/0x90
[  215.011208][T11468]  ksys_write+0xda/0x1a0
[  215.011229][T11468]  __x64_sys_write+0x40/0x50
[  215.011284][T11468]  x64_sys_call+0x2847/0x3000
[  215.011310][T11468]  do_syscall_64+0xca/0x2b0
[  215.011346][T11468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.011457][T11468] RIP: 0033:0x7f3d8f0ef749
[  215.011472][T11468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.011570][T11468] RSP: 002b:00007f3d8db57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  215.011590][T11468] RAX: ffffffffffffffda RBX: 00007f3d8f345fa0 RCX: 00007f3d8f0ef749
[  215.011603][T11468] RDX: 0000000000000065 RSI: 0000200000000280 RDI: 0000000000000006
[  215.011615][T11468] RBP: 00007f3d8db57090 R08: 0000000000000000 R09: 0000000000000000
[  215.011628][T11468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.011641][T11468] R13: 00007f3d8f346038 R14: 00007f3d8f345fa0 R15: 00007ffcdc9a4ce8
[  215.011661][T11468]  </TASK>
[  215.015525][T11466] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  215.259555][T11466] EXT4-fs (loop5): 1 truncate cleaned up
[  215.274846][T11466] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.289898][T11466] EXT4-fs (loop5): shut down requested (2)
[  215.344455][T11492] netlink: 'syz.0.2913': attribute type 1 has an invalid length.
[  215.362502][ T1712] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.382331][ T2929] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.398733][   T52] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  215.407229][   T52] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  215.432797][T11501] FAULT_INJECTION: forcing a failure.
[  215.432797][T11501] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.446218][T11501] CPU: 1 UID: 0 PID: 11501 Comm: syz.1.2917 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  215.446251][T11501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  215.446266][T11501] Call Trace:
[  215.446288][T11501]  <TASK>
[  215.446298][T11501]  __dump_stack+0x1d/0x30
[  215.446331][T11501]  dump_stack_lvl+0x95/0xd0
[  215.446353][T11501]  dump_stack+0x15/0x1b
[  215.446374][T11501]  should_fail_ex+0x265/0x280
[  215.446407][T11501]  should_fail+0xb/0x20
[  215.446528][T11501]  should_fail_usercopy+0x1a/0x20
[  215.446555][T11501]  _copy_from_user+0x1c/0xb0
[  215.446615][T11501]  __se_sys_openat2+0xcb/0x1f0
[  215.446668][T11501]  __x64_sys_openat2+0x55/0x70
[  215.446758][T11501]  x64_sys_call+0x2c04/0x3000
[  215.446791][T11501]  do_syscall_64+0xca/0x2b0
[  215.446838][T11501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.446948][T11501] RIP: 0033:0x7f6906a8f749
[  215.446969][T11501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.446992][T11501] RSP: 002b:00007f69054ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b5
[  215.447016][T11501] RAX: ffffffffffffffda RBX: 00007f6906ce5fa0 RCX: 00007f6906a8f749
[  215.447034][T11501] RDX: 0000200000000280 RSI: 0000200000000340 RDI: ffffffffffffff9c
[  215.447059][T11501] RBP: 00007f69054ef090 R08: 0000000000000000 R09: 0000000000000000
[  215.447074][T11501] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[  215.447117][T11501] R13: 00007f6906ce6038 R14: 00007f6906ce5fa0 R15: 00007ffe34a81028
[  215.447136][T11501]  </TASK>
[  215.642448][T10127] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.779612][T11521] netlink: 'syz.0.2926': attribute type 16 has an invalid length.
[  215.972244][T11530] loop4: detected capacity change from 0 to 164
[  216.053646][T11543] SELinux:  policydb version 1374511107 does not match my version range 15-35
[  216.076699][T11543] SELinux: failed to load policy
[  216.092307][T11542] PID 11542 killed due to inadequate hugepage pool
[  216.268066][T10473] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.408831][T11570] delete_channel: no stack
[  216.437627][T11578] netlink: 'syz.2.2947': attribute type 16 has an invalid length.
[  216.445669][T11578] __nla_validate_parse: 5 callbacks suppressed
[  216.445685][T11578] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2947'.
[  216.938348][T11598] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2954'.
[  217.424266][T11603] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2957'.
[  217.768047][T11615] loop5: detected capacity change from 0 to 256
[  217.814937][T11619] FAULT_INJECTION: forcing a failure.
[  217.814937][T11619] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.828085][T11619] CPU: 1 UID: 0 PID: 11619 Comm: syz.2.2963 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  217.828115][T11619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  217.828149][T11619] Call Trace:
[  217.828158][T11619]  <TASK>
[  217.828169][T11619]  __dump_stack+0x1d/0x30
[  217.828218][T11619]  dump_stack_lvl+0x95/0xd0
[  217.828240][T11619]  dump_stack+0x15/0x1b
[  217.828336][T11619]  should_fail_ex+0x265/0x280
[  217.828362][T11619]  should_fail+0xb/0x20
[  217.828383][T11619]  should_fail_usercopy+0x1a/0x20
[  217.828415][T11619]  _copy_from_iter+0xcf/0xe70
[  217.828525][T11619]  ? __alloc_skb+0x396/0x4b0
[  217.828556][T11619]  ? __alloc_skb+0x228/0x4b0
[  217.828583][T11619]  netlink_sendmsg+0x471/0x6b0
[  217.828626][T11619]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.828746][T11619]  __sock_sendmsg+0x145/0x180
[  217.828786][T11619]  ____sys_sendmsg+0x31e/0x4a0
[  217.828879][T11619]  ___sys_sendmsg+0x17b/0x1d0
[  217.828950][T11619]  __x64_sys_sendmsg+0xd4/0x160
[  217.828993][T11619]  x64_sys_call+0x17ba/0x3000
[  217.829025][T11619]  do_syscall_64+0xca/0x2b0
[  217.829144][T11619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.829271][T11619] RIP: 0033:0x7f755b95f749
[  217.829289][T11619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.829307][T11619] RSP: 002b:00007f755a3c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.829327][T11619] RAX: ffffffffffffffda RBX: 00007f755bbb5fa0 RCX: 00007f755b95f749
[  217.829348][T11619] RDX: 0000000004000c00 RSI: 0000200000000180 RDI: 0000000000000003
[  217.829364][T11619] RBP: 00007f755a3c7090 R08: 0000000000000000 R09: 0000000000000000
[  217.829380][T11619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.829392][T11619] R13: 00007f755bbb6038 R14: 00007f755bbb5fa0 R15: 00007ffc56f97998
[  217.829412][T11619]  </TASK>
[  218.063902][T11621] IPv6: Can't replace route, no match found
[  218.093762][T11623] loop2: detected capacity change from 0 to 1024
[  218.105507][T11623] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  218.116571][T11623] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  218.142109][T11623] EXT4-fs (loop2): invalid journal inode
[  218.147956][T11623] EXT4-fs (loop2): can't get journal size
[  218.159160][T11623] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  218.178731][T11623] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.260498][T11638] netlink: 'syz.5.2970': attribute type 21 has an invalid length.
[  218.461766][T11652] FAULT_INJECTION: forcing a failure.
[  218.461766][T11652] name failslab, interval 1, probability 0, space 0, times 0
[  218.474621][T11652] CPU: 1 UID: 0 PID: 11652 Comm: wÞ£ÿ Not tainted syzkaller #0 PREEMPT(voluntary) 
[  218.474655][T11652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  218.474672][T11652] Call Trace:
[  218.474681][T11652]  <TASK>
[  218.474691][T11652]  __dump_stack+0x1d/0x30
[  218.474724][T11652]  dump_stack_lvl+0x95/0xd0
[  218.474805][T11652]  dump_stack+0x15/0x1b
[  218.474832][T11652]  should_fail_ex+0x265/0x280
[  218.474936][T11652]  should_failslab+0x8c/0xb0
[  218.474966][T11652]  __kvmalloc_node_noprof+0x149/0x6b0
[  218.474999][T11652]  ? alloc_netdev_mqs+0x6e3/0xa40
[  218.475118][T11652]  alloc_netdev_mqs+0x6e3/0xa40
[  218.475166][T11652]  rtnl_create_link+0x239/0x6e0
[  218.475203][T11652]  rtnl_newlink_create+0x14c/0x620
[  218.475235][T11652]  ? security_capable+0x83/0x90
[  218.475280][T11652]  ? netlink_ns_capable+0x86/0xa0
[  218.475336][T11652]  rtnl_newlink+0xf5b/0x1360
[  218.475369][T11652]  ? xas_load+0x413/0x430
[  218.475400][T11652]  ? xas_load+0x413/0x430
[  218.475485][T11652]  ? __rcu_read_unlock+0x4f/0x70
[  218.475513][T11652]  ? __rcu_read_unlock+0x4f/0x70
[  218.475641][T11652]  ? avc_has_perm_noaudit+0xab/0x130
[  218.475670][T11652]  ? cred_has_capability+0x210/0x280
[  218.475779][T11652]  ? selinux_capable+0x31/0x40
[  218.475823][T11652]  ? security_capable+0x83/0x90
[  218.475858][T11652]  ? ns_capable+0x7d/0xb0
[  218.475887][T11652]  ? __pfx_rtnl_newlink+0x10/0x10
[  218.475907][T11652]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  218.476016][T11652]  ? avc_has_perm_noaudit+0xab/0x130
[  218.476043][T11652]  netlink_rcv_skb+0x123/0x220
[  218.476141][T11652]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  218.476234][T11652]  rtnetlink_rcv+0x1c/0x30
[  218.476273][T11652]  netlink_unicast+0x5c0/0x690
[  218.476352][T11652]  netlink_sendmsg+0x58b/0x6b0
[  218.476398][T11652]  ? __pfx_netlink_sendmsg+0x10/0x10
[  218.476437][T11652]  __sock_sendmsg+0x145/0x180
[  218.476514][T11652]  ____sys_sendmsg+0x31e/0x4a0
[  218.476549][T11652]  ___sys_sendmsg+0x17b/0x1d0
[  218.476633][T11652]  __x64_sys_sendmsg+0xd4/0x160
[  218.476672][T11652]  x64_sys_call+0x17ba/0x3000
[  218.476791][T11652]  do_syscall_64+0xca/0x2b0
[  218.476836][T11652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.476935][T11652] RIP: 0033:0x7f6906a8f749
[  218.476956][T11652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.477039][T11652] RSP: 002b:00007f69054ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  218.477061][T11652] RAX: ffffffffffffffda RBX: 00007f6906ce5fa0 RCX: 00007f6906a8f749
[  218.477096][T11652] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000005
[  218.477113][T11652] RBP: 00007f69054ef090 R08: 0000000000000000 R09: 0000000000000000
[  218.477129][T11652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  218.477146][T11652] R13: 00007f6906ce6038 R14: 00007f6906ce5fa0 R15: 00007ffe34a81028
[  218.477196][T11652]  </TASK>
[  218.764927][   T29] kauditd_printk_skb: 596 callbacks suppressed
[  218.765017][   T29] audit: type=1326 audit(1767300812.226:20054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11636 comm="syz.5.2970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4a1a612005 code=0x7ffc0000
[  218.795161][   T29] audit: type=1326 audit(1767300812.245:20055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11636 comm="syz.5.2970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4a1a612005 code=0x7ffc0000
[  218.819130][   T29] audit: type=1326 audit(1767300812.245:20056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11636 comm="syz.5.2970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4a1a612005 code=0x7ffc0000
[  218.842921][   T29] audit: type=1326 audit(1767300812.245:20057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11636 comm="syz.5.2970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4a1a612005 code=0x7ffc0000
[  218.866947][   T29] audit: type=1326 audit(1767300812.245:20058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11636 comm="syz.5.2970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4a1a612005 code=0x7ffc0000
[  218.890723][   T29] audit: type=1326 audit(1767300812.245:20059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11636 comm="syz.5.2970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4a1a612005 code=0x7ffc0000
[  218.914459][   T29] audit: type=1326 audit(1767300812.245:20060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11636 comm="syz.5.2970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4a1a612005 code=0x7ffc0000
[  218.938163][   T29] audit: type=1326 audit(1767300812.245:20061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11636 comm="syz.5.2970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4a1a612005 code=0x7ffc0000
[  218.962275][   T29] audit: type=1326 audit(1767300812.245:20062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11636 comm="syz.5.2970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4a1a612005 code=0x7ffc0000
[  218.963482][T11655] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2976'.
[  218.985907][   T29] audit: type=1326 audit(1767300812.254:20063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11636 comm="syz.5.2970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4a1a612005 code=0x7ffc0000
[  219.104905][T11664] batman_adv: batadv0: Adding interface: dummy0
[  219.111259][T11664] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  219.239525][T11664] batman_adv: batadv0: Interface activated: dummy0
[  219.326087][T11675] 9p: Bad value for 'rfdno'
[  219.419527][T11681] 9pnet_virtio: no channels available for device 127.0.0.1
[  219.464214][T11679] loop5: detected capacity change from 0 to 4096
[  219.547408][T11679] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.829569][T10473] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.846575][T11688] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.2986'.
[  219.890688][T11688] netlink: zone id is out of range
[  219.895896][T11688] netlink: zone id is out of range
[  220.072685][T11688] netlink: zone id is out of range
[  220.145032][T11688] netlink: zone id is out of range
[  220.153009][T11699] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2991'.
[  220.167237][T11688] netlink: zone id is out of range
[  220.331893][T11688] netlink: set zone limit has 8 unknown bytes
[  220.446256][T11707] netlink: 'syz.0.2994': attribute type 1 has an invalid length.
[  220.454151][T11707] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2994'.
[  220.579316][T11711] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  220.660221][T11715] SELinux:  Context system_u:object_r:ldconfig_exec_t:s0 is not valid (left unmapped).
[  220.812366][T11730] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3002'.
[  220.852981][T11732] netlink: 'syz.0.3004': attribute type 16 has an invalid length.
[  220.861189][T11732] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3004'.
[  221.553140][ T3384] hid_parser_main: 19 callbacks suppressed
[  221.553161][ T3384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  221.566666][ T3384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  221.574152][ T3384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  221.585100][T11752] random: crng reseeded on system resumption
[  221.748245][ T3384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  221.756033][ T3384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  221.763521][ T3384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  221.770968][ T3384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  221.778498][ T3384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  221.786031][ T3384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  221.793652][ T3384] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  221.888981][T11766] program syz.0.3014 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  221.898627][T11766] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  221.921363][T11766] netlink: 'syz.0.3014': attribute type 11 has an invalid length.
[  221.929398][T11766] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3014'.
[  221.940781][ T3384] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[  221.963065][T11766] lo speed is unknown, defaulting to 1000
[  221.969072][T11766] lo speed is unknown, defaulting to 1000
[  221.975060][T11766] lo speed is unknown, defaulting to 1000
[  221.981878][T11766] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  221.992266][T11766] lo speed is unknown, defaulting to 1000
[  221.998686][T11766] lo speed is unknown, defaulting to 1000
[  222.005144][T11766] lo speed is unknown, defaulting to 1000
[  222.011814][T11766] lo speed is unknown, defaulting to 1000
[  222.017932][T11766] lo speed is unknown, defaulting to 1000
[  222.028728][T11766] lo speed is unknown, defaulting to 1000
[  222.034963][T11766] lo speed is unknown, defaulting to 1000
[  222.054761][T11774] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3016'.
[  222.098642][T11776] FAULT_INJECTION: forcing a failure.
[  222.098642][T11776] name failslab, interval 1, probability 0, space 0, times 0
[  222.111453][T11776] CPU: 0 UID: 0 PID: 11776 Comm: syz.0.3017 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  222.111566][T11776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  222.111583][T11776] Call Trace:
[  222.111592][T11776]  <TASK>
[  222.111602][T11776]  __dump_stack+0x1d/0x30
[  222.111635][T11776]  dump_stack_lvl+0x95/0xd0
[  222.111663][T11776]  dump_stack+0x15/0x1b
[  222.111689][T11776]  should_fail_ex+0x265/0x280
[  222.111778][T11776]  should_failslab+0x8c/0xb0
[  222.111804][T11776]  kmem_cache_alloc_noprof+0x69/0x4b0
[  222.111852][T11776]  ? skb_clone+0x151/0x1f0
[  222.111882][T11776]  skb_clone+0x151/0x1f0
[  222.111909][T11776]  __netlink_deliver_tap+0x2c9/0x500
[  222.111955][T11776]  netlink_unicast+0x66b/0x690
[  222.111986][T11776]  netlink_sendmsg+0x58b/0x6b0
[  222.112057][T11776]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.112093][T11776]  __sock_sendmsg+0x145/0x180
[  222.112114][T11776]  ____sys_sendmsg+0x345/0x4a0
[  222.112216][T11776]  ___sys_sendmsg+0x17b/0x1d0
[  222.112262][T11776]  __sys_sendmmsg+0x178/0x300
[  222.112311][T11776]  __x64_sys_sendmmsg+0x57/0x70
[  222.112362][T11776]  x64_sys_call+0x1e28/0x3000
[  222.112387][T11776]  do_syscall_64+0xca/0x2b0
[  222.112484][T11776]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.112514][T11776] RIP: 0033:0x7f3d8f0ef749
[  222.112533][T11776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.112628][T11776] RSP: 002b:00007f3d8db57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  222.112648][T11776] RAX: ffffffffffffffda RBX: 00007f3d8f345fa0 RCX: 00007f3d8f0ef749
[  222.112662][T11776] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004
[  222.112684][T11776] RBP: 00007f3d8db57090 R08: 0000000000000000 R09: 0000000000000000
[  222.112697][T11776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.112710][T11776] R13: 00007f3d8f346038 R14: 00007f3d8f345fa0 R15: 00007ffcdc9a4ce8
[  222.112730][T11776]  </TASK>
[  222.386636][T11792] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3022'.
[  222.397533][T11787] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  222.407920][T11787] vhci_hcd vhci_hcd.2: invalid port number 96
[  222.409903][T11794] SELinux: failed to load policy
[  222.414146][T11787] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  222.471667][T11800] loop5: detected capacity change from 0 to 1024
[  222.481087][T11800] EXT4-fs: Ignoring removed bh option
[  222.495557][T11805] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  222.503581][T11805] vhci_hcd vhci_hcd.2: invalid port number 96
[  222.509763][T11805] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  222.525220][T11800] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.539352][T11800] FAULT_INJECTION: forcing a failure.
[  222.539352][T11800] name failslab, interval 1, probability 0, space 0, times 0
[  222.552071][T11800] CPU: 1 UID: 0 PID: 11800 Comm: syz.5.3025 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  222.552107][T11800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  222.552150][T11800] Call Trace:
[  222.552160][T11800]  <TASK>
[  222.552170][T11800]  __dump_stack+0x1d/0x30
[  222.552202][T11800]  dump_stack_lvl+0x95/0xd0
[  222.552230][T11800]  dump_stack+0x15/0x1b
[  222.552315][T11800]  should_fail_ex+0x265/0x280
[  222.552383][T11800]  should_failslab+0x8c/0xb0
[  222.552415][T11800]  kmem_cache_alloc_noprof+0x69/0x4b0
[  222.552445][T11800]  ? __es_insert_extent+0x508/0xee0
[  222.552481][T11800]  __es_insert_extent+0x508/0xee0
[  222.552597][T11800]  ext4_es_insert_extent+0x436/0x1c30
[  222.552636][T11800]  ext4_map_blocks+0x8fa/0xd20
[  222.552682][T11800]  _ext4_get_block+0x10a/0x350
[  222.552756][T11800]  ext4_get_block+0x39/0x50
[  222.552787][T11800]  ext4_block_write_begin+0x650/0xcf0
[  222.552902][T11800]  ? __pfx_ext4_get_block+0x10/0x10
[  222.552943][T11800]  ? folio_mapping+0xb9/0xe0
[  222.552974][T11800]  ext4_write_begin+0x636/0xe90
[  222.553019][T11800]  ext4_da_write_begin+0x1f0/0x6b0
[  222.553115][T11800]  ? inode_to_bdi+0x47/0xa0
[  222.553244][T11800]  ? balance_dirty_pages_ratelimited_flags+0x40b/0x5e0
[  222.553290][T11800]  generic_perform_write+0x184/0x490
[  222.553331][T11800]  ext4_buffered_write_iter+0x1ee/0x3c0
[  222.553434][T11800]  ? ext4_file_write_iter+0xfe/0xf60
[  222.553477][T11800]  ext4_file_write_iter+0x387/0xf60
[  222.553536][T11800]  ? kstrtouint+0x76/0xc0
[  222.553560][T11800]  ? kstrtouint_from_user+0x9f/0xf0
[  222.553589][T11800]  ? avc_policy_seqno+0x15/0x30
[  222.553613][T11800]  ? selinux_file_permission+0x1e2/0x320
[  222.553728][T11800]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  222.553767][T11800]  vfs_write+0x52a/0x960
[  222.553799][T11800]  ksys_write+0xda/0x1a0
[  222.553825][T11800]  __x64_sys_write+0x40/0x50
[  222.553844][T11800]  x64_sys_call+0x2847/0x3000
[  222.553886][T11800]  do_syscall_64+0xca/0x2b0
[  222.553929][T11800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.553953][T11800] RIP: 0033:0x7f4a1a5df749
[  222.553970][T11800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.554073][T11800] RSP: 002b:00007f4a19047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  222.554095][T11800] RAX: ffffffffffffffda RBX: 00007f4a1a835fa0 RCX: 00007f4a1a5df749
[  222.554182][T11800] RDX: 000000000208e24b RSI: 0000200000000000 RDI: 0000000000000007
[  222.554196][T11800] RBP: 00007f4a19047090 R08: 0000000000000000 R09: 0000000000000000
[  222.554208][T11800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  222.554220][T11800] R13: 00007f4a1a836038 R14: 00007f4a1a835fa0 R15: 00007ffdbaabcda8
[  222.554276][T11800]  </TASK>
[  222.836331][T11810] FAULT_INJECTION: forcing a failure.
[  222.836331][T11810] name failslab, interval 1, probability 0, space 0, times 0
[  222.849160][T11810] CPU: 1 UID: 0 PID: 11810 Comm: syz.0.3028 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  222.849196][T11810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  222.849210][T11810] Call Trace:
[  222.849216][T11810]  <TASK>
[  222.849225][T11810]  __dump_stack+0x1d/0x30
[  222.849254][T11810]  dump_stack_lvl+0x95/0xd0
[  222.849312][T11810]  dump_stack+0x15/0x1b
[  222.849336][T11810]  should_fail_ex+0x265/0x280
[  222.849366][T11810]  should_failslab+0x8c/0xb0
[  222.849391][T11810]  ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[  222.849436][T11810]  __kmalloc_cache_noprof+0x65/0x4c0
[  222.849497][T11810]  ? percpu_ref_init+0x9c/0x250
[  222.849526][T11810]  ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[  222.849563][T11810]  percpu_ref_init+0x9c/0x250
[  222.849586][T11810]  io_ring_ctx_alloc+0x1b4/0x650
[  222.849620][T11810]  io_uring_create+0x50/0x4e0
[  222.849654][T11810]  ? memchr_inv+0x30/0x2e0
[  222.849691][T11810]  __se_sys_io_uring_setup+0x1be/0x1d0
[  222.849734][T11810]  __x64_sys_io_uring_setup+0x31/0x40
[  222.849784][T11810]  x64_sys_call+0x244c/0x3000
[  222.849832][T11810]  do_syscall_64+0xca/0x2b0
[  222.849935][T11810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.849957][T11810] RIP: 0033:0x7f3d8f0ef749
[  222.849975][T11810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.849998][T11810] RSP: 002b:00007f3d8db57038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  222.850023][T11810] RAX: ffffffffffffffda RBX: 00007f3d8f345fa0 RCX: 00007f3d8f0ef749
[  222.850078][T11810] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000007
[  222.850093][T11810] RBP: 00007f3d8db57090 R08: 0000000000000000 R09: 0000000000000000
[  222.850104][T11810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.850127][T11810] R13: 00007f3d8f346038 R14: 00007f3d8f345fa0 R15: 00007ffcdc9a4ce8
[  222.850146][T11810]  </TASK>
[  223.054338][T11800] EXT4-fs error (device loop5): mb_free_blocks:2037: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  223.070183][T11800] EXT4-fs (loop5): Remounting filesystem read-only
[  223.103269][T11822] FAULT_INJECTION: forcing a failure.
[  223.103269][T11822] name failslab, interval 1, probability 0, space 0, times 0
[  223.116080][T11822] CPU: 0 UID: 0 PID: 11822 Comm: syz.4.3032 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  223.116136][T11822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  223.116184][T11822] Call Trace:
[  223.116191][T11822]  <TASK>
[  223.116202][T11822]  __dump_stack+0x1d/0x30
[  223.116236][T11822]  dump_stack_lvl+0x95/0xd0
[  223.116264][T11822]  dump_stack+0x15/0x1b
[  223.116311][T11822]  should_fail_ex+0x265/0x280
[  223.116340][T11822]  should_failslab+0x8c/0xb0
[  223.116498][T11822]  __kmalloc_cache_noprof+0x65/0x4c0
[  223.116530][T11822]  ? audit_log_d_path+0x8d/0x150
[  223.116559][T11822]  audit_log_d_path+0x8d/0x150
[  223.116664][T11822]  audit_log_d_path_exe+0x42/0x70
[  223.116689][T11822]  audit_log_task+0x1e9/0x250
[  223.116775][T11822]  ? kstrtouint+0x76/0xc0
[  223.116800][T11822]  audit_seccomp+0x61/0x100
[  223.116838][T11822]  ? __seccomp_filter+0x832/0x1260
[  223.116873][T11822]  __seccomp_filter+0x843/0x1260
[  223.116967][T11822]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  223.117053][T11822]  ? vfs_write+0x7e8/0x960
[  223.117080][T11822]  ? __rcu_read_unlock+0x4f/0x70
[  223.117098][T11822]  ? __fget_files+0x184/0x1c0
[  223.117175][T11822]  __secure_computing+0x82/0x150
[  223.117218][T11822]  syscall_trace_enter+0xcf/0x1e0
[  223.117256][T11822]  do_syscall_64+0xa4/0x2b0
[  223.117317][T11822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.117337][T11822] RIP: 0033:0x7fc6c71cf749
[  223.117351][T11822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.117367][T11822] RSP: 002b:00007fc6c5c37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  223.117386][T11822] RAX: ffffffffffffffda RBX: 00007fc6c7425fa0 RCX: 00007fc6c71cf749
[  223.117410][T11822] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400
[  223.117421][T11822] RBP: 00007fc6c5c37090 R08: 0000000000000000 R09: 0000000000000000
[  223.117431][T11822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.117442][T11822] R13: 00007fc6c7426038 R14: 00007fc6c7425fa0 R15: 00007ffe4fca82c8
[  223.117460][T11822]  </TASK>
[  223.118627][T10473] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.305015][T11825] loop4: detected capacity change from 0 to 1024
[  223.434969][T11825] EXT4-fs: Ignoring removed nobh option
[  223.440797][T11825] EXT4-fs: inline encryption not supported
[  223.448667][T11824] lo speed is unknown, defaulting to 1000
[  223.488375][T11842] netlink: 'syz.1.3039': attribute type 16 has an invalid length.
[  223.496288][T11842] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3039'.
[  223.513655][T11825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.531093][T11825] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.3034: Allocating blocks 385-513 which overlap fs metadata
[  223.546531][T11825] EXT4-fs (loop4): pa ffff888107a4a7e0: logic 16, phys. 129, len 24
[  223.554621][T11825] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8
[  223.577973][T11849] IPv6: Can't replace route, no match found
[  223.589544][T10127] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.621737][T11853] netlink: 'syz.2.3043': attribute type 16 has an invalid length.
[  223.629658][T11853] netlink: 156 bytes leftover after parsing attributes in process `syz.2.3043'.
[  223.641109][T11855] netlink: 'syz.4.3042': attribute type 1 has an invalid length.
[  224.247944][T11878] IPVS: length: 24 != 12312
[  224.331820][T11883] 9pnet_virtio: no channels available for device 127.0.0.1
[  225.143864][   T29] kauditd_printk_skb: 315 callbacks suppressed
[  225.143883][   T29] audit: type=1326 audit(1767300817.642:20379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11836 comm="syz.0.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  225.174165][   T29] audit: type=1326 audit(1767300817.652:20380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11881 comm="syz.2.3048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f755b95f749 code=0x7ffc0000
[  225.384345][T11890] netlink: 'syz.5.3052': attribute type 16 has an invalid length.
[  225.392453][T11890] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3052'.
[  225.849072][   T29] audit: type=1326 audit(1767300818.512:20381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11836 comm="syz.0.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  225.872910][   T29] audit: type=1326 audit(1767300818.522:20382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11836 comm="syz.0.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  225.896562][   T29] audit: type=1326 audit(1767300818.531:20383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11836 comm="syz.0.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  225.920178][   T29] audit: type=1326 audit(1767300818.540:20384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11836 comm="syz.0.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  225.943913][   T29] audit: type=1326 audit(1767300818.643:20385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11836 comm="syz.0.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  225.967513][   T29] audit: type=1326 audit(1767300818.652:20386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11836 comm="syz.0.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  225.991270][   T29] audit: type=1326 audit(1767300818.662:20387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11836 comm="syz.0.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  226.015011][   T29] audit: type=1326 audit(1767300818.671:20388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11836 comm="syz.0.3038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f3d8f0ef749 code=0x7ffc0000
[  226.039754][T11894] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3057'.
[  226.138450][T11894] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3057'.
[  226.201943][T11894] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  226.227626][T11922] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3062'.
[  226.293461][T11903] lo speed is unknown, defaulting to 1000
[  226.330694][T11931] netlink: 'syz.1.3065': attribute type 16 has an invalid length.
[  226.338749][T11931] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3065'.
[  226.440909][T11903] chnl_net:caif_netlink_parms(): no params data found
[  226.584515][T11903] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.591817][T11903] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.599459][T11903] bridge_slave_0: entered allmulticast mode
[  226.606599][T11903] bridge_slave_0: entered promiscuous mode
[  226.613805][T11903] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.620982][T11903] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.628507][T11903] bridge_slave_1: entered allmulticast mode
[  226.635302][T11903] bridge_slave_1: entered promiscuous mode
[  226.657497][T11903] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  226.668522][T11903] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  226.697845][T11903] team0: Port device team_slave_0 added
[  226.712229][T11953] FAULT_INJECTION: forcing a failure.
[  226.712229][T11953] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.720955][T11903] team0: Port device team_slave_1 added
[  226.725501][T11953] CPU: 1 UID: 0 PID: 11953 Comm: syz.5.3072 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  226.725610][T11953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  226.725653][T11953] Call Trace:
[  226.725675][T11953]  <TASK>
[  226.725706][T11953]  __dump_stack+0x1d/0x30
[  226.725801][T11953]  dump_stack_lvl+0x95/0xd0
[  226.725932][T11953]  dump_stack+0x15/0x1b
[  226.725996][T11953]  should_fail_ex+0x265/0x280
[  226.726104][T11953]  should_fail+0xb/0x20
[  226.726168][T11953]  should_fail_usercopy+0x1a/0x20
[  226.726253][T11953]  copy_folio_from_iter_atomic+0x26a/0x1150
[  226.726366][T11953]  ? shmem_write_begin+0xfc/0x1f0
[  226.726471][T11953]  ? shmem_write_begin+0x135/0x1f0
[  226.726564][T11953]  generic_perform_write+0x2c2/0x490
[  226.726783][T11953]  shmem_file_write_iter+0xc5/0xf0
[  226.726901][T11953]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  226.727077][T11953]  vfs_write+0x52a/0x960
[  226.727169][T11953]  ksys_write+0xda/0x1a0
[  226.727247][T11953]  __x64_sys_write+0x40/0x50
[  226.727310][T11953]  x64_sys_call+0x2847/0x3000
[  226.727419][T11953]  do_syscall_64+0xca/0x2b0
[  226.727521][T11953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.727592][T11953] RIP: 0033:0x7f4a1a5df749
[  226.727644][T11953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.727700][T11953] RSP: 002b:00007f4a19047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  226.727806][T11953] RAX: ffffffffffffffda RBX: 00007f4a1a835fa0 RCX: 00007f4a1a5df749
[  226.727848][T11953] RDX: 0000000000040010 RSI: 0000200000000180 RDI: 0000000000000007
[  226.727889][T11953] RBP: 00007f4a19047090 R08: 0000000000000000 R09: 0000000000000000
[  226.727930][T11953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.727972][T11953] R13: 00007f4a1a836038 R14: 00007f4a1a835fa0 R15: 00007ffdbaabcda8
[  226.728080][T11953]  </TASK>
[  226.930155][T11959] netlink: 'syz.5.3075': attribute type 1 has an invalid length.
[  226.952263][T11903] batman_adv: batadv0: Adding interface: batadv_slave_0
[  226.959326][T11903] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  226.985313][T11903] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  227.002125][T11903] batman_adv: batadv0: Adding interface: batadv_slave_1
[  227.009137][T11903] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  227.035253][T11903] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  227.078223][T11903] hsr_slave_0: entered promiscuous mode
[  227.084803][T11903] hsr_slave_1: entered promiscuous mode
[  227.091150][T11903] debugfs: 'hsr0' already exists in 'hsr'
[  227.096977][T11903] Cannot create hsr debugfs directory
[  227.273349][T11971] loop2: detected capacity change from 0 to 4096
[  227.389214][T11903] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.452969][T11903] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.539164][T11903] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.592937][T11903] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.730262][T11903] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  227.763823][T11903] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  227.797880][T11903] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  227.829716][T11903] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  227.950520][T11903] 8021q: adding VLAN 0 to HW filter on device bond0
[  227.970908][T11903] 8021q: adding VLAN 0 to HW filter on device team0
[  227.983450][  T332] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.990606][  T332] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.088050][  T332] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.095297][  T332] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.172522][T11903] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  228.183419][T11903] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  228.452023][T11903] 8021q: adding VLAN 0 to HW filter on device batadv0
[  228.627732][T11903] veth0_vlan: entered promiscuous mode
[  228.644595][T11903] veth1_vlan: entered promiscuous mode
[  228.681122][T11903] veth0_macvtap: entered promiscuous mode
[  228.698113][T11903] veth1_macvtap: entered promiscuous mode
[  228.724739][T11903] batman_adv: batadv0: Interface activated: batadv_slave_0
[  228.748038][T11903] batman_adv: batadv0: Interface activated: batadv_slave_1
[  228.784940][   T52] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.827973][   T52] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  228.883270][   T52] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  228.923611][   T52] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.416237][T12050] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3094'.
[  229.427159][T12046] vlan2: entered allmulticast mode
[  229.432681][T12046] dummy0: entered allmulticast mode
[  229.445480][T12050] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.455811][T12050] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  229.465542][T12050] bond0 (unregistering): Released all slaves
[  229.489580][T12054] loop4: detected capacity change from 0 to 1024
[  229.500441][T12054] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.3096: Failed to acquire dquot type 0
[  229.513885][T12054] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  229.528541][T12054] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.3096: corrupted inode contents
[  229.541128][T12054] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #13: comm syz.4.3096: mark_inode_dirty error
[  229.552835][T12054] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.3096: corrupted inode contents
[  229.565213][T12054] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #13: comm syz.4.3096: mark_inode_dirty error
[  229.578974][T12054] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.3096: corrupted inode contents
[  229.591198][T12054] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  229.600092][T12054] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #13: comm syz.4.3096: corrupted inode contents
[  229.612452][T12054] EXT4-fs error (device loop4): ext4_truncate:4635: inode #13: comm syz.4.3096: mark_inode_dirty error
[  229.624586][T12054] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  229.634625][T12054] EXT4-fs (loop4): 1 truncate cleaned up
[  229.642015][T12054] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.643720][T12062] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  229.678533][T12054] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.739511][T12065] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  229.740104][T12054] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.770954][T12065] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  229.792471][T12065] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  229.815998][T12054] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.846039][T12064] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3099'.
[  229.878519][T12054] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.958416][  T332] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  229.977697][  T332] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.007569][ T1712] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.025085][ T1712] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.312895][T12082] loop2: detected capacity change from 0 to 2048
[  230.344337][T12084] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  230.344337][T12084]    program syz.1.3106 not setting count and/or reply_len properly
[  230.366037][T12082]  loop2: p2 < > p4
[  230.370734][T12082] loop2: p4 size 262144 extends beyond EOD, truncated
[  230.378175][T12084] forcing mempool usage for bio_alloc_bioset+0x449/0xa50
[  230.554132][T12091] lo speed is unknown, defaulting to 1000
[  230.595660][   T29] kauditd_printk_skb: 415 callbacks suppressed
[  230.595676][   T29] audit: type=1326 audit(1767300823.573:20802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12081 comm="syz.2.3105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f755b95f749 code=0x7ffc0000
[  230.746737][   T29] audit: type=1400 audit(1767300823.713:20803): avc:  denied  { ioctl } for  pid=12100 comm="syz.2.3112" path="socket:[67898]" dev="sockfs" ino=67898 ioctlcmd=0x89f0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  230.857679][   T29] audit: type=1326 audit(1767300823.807:20804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12104 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f755b95f749 code=0x7ffc0000
[  230.897786][   T29] audit: type=1326 audit(1767300823.844:20805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12104 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f755b95f749 code=0x7ffc0000
[  230.921663][   T29] audit: type=1326 audit(1767300823.844:20806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12104 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f755b95f749 code=0x7ffc0000
[  230.945566][   T29] audit: type=1326 audit(1767300823.844:20807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12104 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f755b95f749 code=0x7ffc0000
[  230.969333][   T29] audit: type=1326 audit(1767300823.844:20808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12104 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f755b95f749 code=0x7ffc0000
[  230.993130][   T29] audit: type=1326 audit(1767300823.844:20809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12104 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f755b95f749 code=0x7ffc0000
[  231.016866][   T29] audit: type=1326 audit(1767300823.844:20810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12104 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7f755b95f749 code=0x7ffc0000
[  231.040471][   T29] audit: type=1326 audit(1767300823.844:20811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12104 comm="syz.2.3114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f755b95f749 code=0x7ffc0000
[  231.155714][T12113] warn_alloc: 3 callbacks suppressed
[  231.155796][T12113] syz.2.3117: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  231.175933][T12113] CPU: 1 UID: 0 PID: 12113 Comm: syz.2.3117 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  231.175966][T12113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  231.175984][T12113] Call Trace:
[  231.175993][T12113]  <TASK>
[  231.176004][T12113]  __dump_stack+0x1d/0x30
[  231.176062][T12113]  dump_stack_lvl+0x95/0xd0
[  231.176115][T12113]  dump_stack+0x15/0x1b
[  231.176139][T12113]  warn_alloc+0x12b/0x1a0
[  231.176166][T12113]  ? __schedule+0x85f/0xcd0
[  231.176251][T12113]  ? __rcu_read_unlock+0x4f/0x70
[  231.176275][T12113]  __vmalloc_node_range_noprof+0xa0/0x1310
[  231.176308][T12113]  ? __futex_wait+0x1fa/0x260
[  231.176333][T12113]  ? __pfx_futex_wake_mark+0x10/0x10
[  231.176445][T12113]  ? __rcu_read_unlock+0x4f/0x70
[  231.176465][T12113]  ? avc_has_perm_noaudit+0xab/0x130
[  231.176486][T12113]  ? should_fail_ex+0x30/0x280
[  231.176514][T12113]  ? should_failslab+0x8c/0xb0
[  231.176598][T12113]  vmalloc_user_noprof+0x7d/0xb0
[  231.176632][T12113]  ? xskq_create+0x80/0xe0
[  231.176666][T12113]  xskq_create+0x80/0xe0
[  231.176732][T12113]  xsk_init_queue+0x95/0xf0
[  231.176772][T12113]  xsk_setsockopt+0x3f5/0x640
[  231.176808][T12113]  ? __pfx_xsk_setsockopt+0x10/0x10
[  231.176886][T12113]  __sys_setsockopt+0x184/0x200
[  231.176915][T12113]  __x64_sys_setsockopt+0x64/0x80
[  231.176943][T12113]  x64_sys_call+0x21d5/0x3000
[  231.176967][T12113]  do_syscall_64+0xca/0x2b0
[  231.177094][T12113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.177120][T12113] RIP: 0033:0x7f755b95f749
[  231.177139][T12113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.177193][T12113] RSP: 002b:00007f755a3c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  231.177292][T12113] RAX: ffffffffffffffda RBX: 00007f755bbb5fa0 RCX: 00007f755b95f749
[  231.177307][T12113] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  231.177320][T12113] RBP: 00007f755b9e3f91 R08: 0000000000000004 R09: 0000000000000000
[  231.177334][T12113] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  231.177351][T12113] R13: 00007f755bbb6038 R14: 00007f755bbb5fa0 R15: 00007ffc56f97998
[  231.177377][T12113]  </TASK>
[  231.177386][T12113] Mem-Info:
[  231.400257][T12113] active_anon:17006 inactive_anon:36 isolated_anon:0
[  231.400257][T12113]  active_file:20949 inactive_file:2528 isolated_file:0
[  231.400257][T12113]  unevictable:0 dirty:456 writeback:0
[  231.400257][T12113]  slab_reclaimable:3534 slab_unreclaimable:35651
[  231.400257][T12113]  mapped:31419 shmem:6131 pagetables:1594
[  231.400257][T12113]  sec_pagetables:0 bounce:0
[  231.400257][T12113]  kernel_misc_reclaimable:0
[  231.400257][T12113]  free:1849774 free_pcp:8996 free_cma:0
[  231.446014][T12113] Node 0 active_anon:68024kB inactive_anon:144kB active_file:83796kB inactive_file:10112kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:125676kB dirty:1824kB writeback:0kB shmem:24524kB kernel_stack:4192kB pagetables:6376kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  231.473821][T12113] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  231.503681][T12113] lowmem_reserve[]: 0 2880 7859 7859
[  231.509681][T12113] Node 0 DMA32 free:2945988kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949516kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[  231.541367][T12113] lowmem_reserve[]: 0 0 4978 4978
[  231.546717][T12113] Node 0 Normal free:4435332kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:68168kB inactive_anon:144kB active_file:83796kB inactive_file:10112kB unevictable:0kB writepending:1496kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:31384kB local_pcp:8144kB free_cma:0kB
[  231.580121][T12113] lowmem_reserve[]: 0 0 0 0
[  231.584722][T12113] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  231.597988][T12113] Node 0 DMA32: 3*4kB (M) 3*8kB (M) 4*16kB (M) 3*32kB (M) 4*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945988kB
[  231.614313][T12113] Node 0 Normal: 468*4kB (M) 415*8kB (UME) 720*16kB (UME) 689*32kB (UME) 510*64kB (UM) 378*128kB (UME) 275*256kB (UM) 217*512kB (UME) 215*1024kB (UME) 202*2048kB (UM) 854*4096kB (UM) = 4433128kB
[  231.633965][T12113] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  231.643470][T12113] 29637 total pagecache pages
[  231.648180][T12113] 36 pages in swap cache
[  231.652538][T12113] Free swap  = 124852kB
[  231.656718][T12113] Total swap = 124996kB
[  231.660892][T12113] 2097051 pages RAM
[  231.664926][T12113] 0 pages HighMem/MovableOnly
[  231.669622][T12113] 81272 pages reserved
[  231.950714][  T388] smc: removing ib device syz1
[  232.162694][T12141] loop5: detected capacity change from 0 to 512
[  232.192857][T12128] lo speed is unknown, defaulting to 1000
[  232.203227][T12141] EXT4-fs (loop5): too many log groups per flexible block group
[  232.215742][T12141] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  232.228234][T12141] EXT4-fs (loop5): mount failed
[  232.371184][T12128] chnl_net:caif_netlink_parms(): no params data found
[  232.396242][T12153] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3126'.
[  232.474743][T12128] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.481942][T12128] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.497978][T12128] bridge_slave_0: entered allmulticast mode
[  232.504825][T12128] bridge_slave_0: entered promiscuous mode
[  232.505964][T12161] netlink: 660 bytes leftover after parsing attributes in process `syz.1.3128'.
[  232.514401][T12128] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.527071][T12128] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.534599][T12128] bridge_slave_1: entered allmulticast mode
[  232.541483][T12128] bridge_slave_1: entered promiscuous mode
[  232.567944][T12128] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.579325][T12128] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.612759][T12128] team0: Port device team_slave_0 added
[  232.623296][T12128] team0: Port device team_slave_1 added
[  232.673127][T12166] netlink: 'syz.5.3129': attribute type 16 has an invalid length.
[  232.681164][T12166] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3129'.
[  232.702059][ T1712] bridge_slave_1: left allmulticast mode
[  232.707856][ T1712] bridge_slave_1: left promiscuous mode
[  232.713752][ T1712] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.725414][T12161] infiniband syû: set down
[  232.729904][T12161] infiniband syû: added bond_slave_0
[  232.739772][T10127] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.755067][ T1712] bridge_slave_0: left allmulticast mode
[  232.760772][ T1712] bridge_slave_0: left promiscuous mode
[  232.766720][ T1712] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.774713][T12161] RDS/IB: syû: added
[  232.788096][T12161] smc: adding ib device syû with port count 1
[  232.803700][T12161] smc:    ib device syû port 1 has no pnetid
[  232.812846][T12170] netlink: 'syz.5.3131': attribute type 16 has an invalid length.
[  232.820903][T12170] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3131'.
[  233.021951][ T1712] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  233.032717][ T1712] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  233.043772][ T1712] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  233.053054][ T1712] bond0 (unregistering): Released all slaves
[  233.062937][T12128] batman_adv: batadv0: Adding interface: batadv_slave_0
[  233.069951][T12128] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  233.095984][T12128] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  233.111396][T12128] batman_adv: batadv0: Adding interface: batadv_slave_1
[  233.118428][T12128] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  233.144627][T12128] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.216678][T12128] hsr_slave_0: entered promiscuous mode
[  233.237806][T12128] hsr_slave_1: entered promiscuous mode
[  233.249546][T12128] debugfs: 'hsr0' already exists in 'hsr'
[  233.255432][T12128] Cannot create hsr debugfs directory
[  233.744003][T12128] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  233.796550][T12128] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  233.823788][T12128] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  233.845310][T12128] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  233.885935][T12188] FAULT_INJECTION: forcing a failure.
[  233.885935][T12188] name failslab, interval 1, probability 0, space 0, times 0
[  233.898779][T12188] CPU: 1 UID: 0 PID: 12188 Comm: syz.5.3136 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  233.898820][T12188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  233.898833][T12188] Call Trace:
[  233.898840][T12188]  <TASK>
[  233.898850][T12188]  __dump_stack+0x1d/0x30
[  233.898883][T12188]  dump_stack_lvl+0x95/0xd0
[  233.898929][T12188]  dump_stack+0x15/0x1b
[  233.898949][T12188]  should_fail_ex+0x265/0x280
[  233.899059][T12188]  should_failslab+0x8c/0xb0
[  233.899095][T12188]  kmem_cache_alloc_noprof+0x69/0x4b0
[  233.899123][T12188]  ? skb_clone+0x151/0x1f0
[  233.899204][T12188]  skb_clone+0x151/0x1f0
[  233.899241][T12188]  nfnetlink_rcv+0x2fc/0x16c0
[  233.899274][T12188]  ? kmem_cache_free+0xe3/0x3a0
[  233.899302][T12188]  ? __kfree_skb+0x109/0x150
[  233.899356][T12188]  ? consume_skb+0x49/0x150
[  233.899382][T12188]  ? nlmon_xmit+0x4f/0x60
[  233.899402][T12188]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  233.899506][T12188]  ? __dev_queue_xmit+0x13a6/0x1ee0
[  233.899534][T12188]  ? __dev_queue_xmit+0x148/0x1ee0
[  233.899567][T12188]  ? ref_tracker_free+0x37d/0x3e0
[  233.899611][T12188]  netlink_unicast+0x5c0/0x690
[  233.899695][T12188]  netlink_sendmsg+0x58b/0x6b0
[  233.899740][T12188]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.899782][T12188]  __sock_sendmsg+0x145/0x180
[  233.899804][T12188]  ____sys_sendmsg+0x31e/0x4a0
[  233.899926][T12188]  ___sys_sendmsg+0x17b/0x1d0
[  233.899980][T12188]  __x64_sys_sendmsg+0xd4/0x160
[  233.900023][T12188]  x64_sys_call+0x17ba/0x3000
[  233.900110][T12188]  do_syscall_64+0xca/0x2b0
[  233.900156][T12188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.900182][T12188] RIP: 0033:0x7f4a1a5df749
[  233.900197][T12188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.900236][T12188] RSP: 002b:00007f4a19047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  233.900339][T12188] RAX: ffffffffffffffda RBX: 00007f4a1a835fa0 RCX: 00007f4a1a5df749
[  233.900356][T12188] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  233.900372][T12188] RBP: 00007f4a19047090 R08: 0000000000000000 R09: 0000000000000000
[  233.900385][T12188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.900397][T12188] R13: 00007f4a1a836038 R14: 00007f4a1a835fa0 R15: 00007ffdbaabcda8
[  233.900416][T12188]  </TASK>
[  234.190036][ T1712] hsr_slave_0: left promiscuous mode
[  234.193243][T12198] FAULT_INJECTION: forcing a failure.
[  234.193243][T12198] name failslab, interval 1, probability 0, space 0, times 0
[  234.208511][T12198] CPU: 0 UID: 0 PID: 12198 Comm: syz.5.3137 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  234.208546][T12198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  234.208564][T12198] Call Trace:
[  234.208571][T12198]  <TASK>
[  234.208581][T12198]  __dump_stack+0x1d/0x30
[  234.208637][T12198]  dump_stack_lvl+0x95/0xd0
[  234.208664][T12198]  dump_stack+0x15/0x1b
[  234.208709][T12198]  should_fail_ex+0x265/0x280
[  234.208740][T12198]  should_failslab+0x8c/0xb0
[  234.208768][T12198]  __kmalloc_cache_noprof+0x65/0x4c0
[  234.208796][T12198]  ? xt_rateest_tg_checkentry+0x14e/0x5a0
[  234.208829][T12198]  ? __xt_rateest_lookup+0x140/0x1c0
[  234.208887][T12198]  xt_rateest_tg_checkentry+0x14e/0x5a0
[  234.208989][T12198]  xt_check_target+0x28d/0x4c0
[  234.209023][T12198]  ? mutex_unlock+0x4f/0x90
[  234.209051][T12198]  ? xt_find_target+0x1cd/0x200
[  234.209085][T12198]  translate_table+0xcf5/0x1070
[  234.209142][T12198]  do_ip6t_set_ctl+0x678/0x840
[  234.209170][T12198]  ? kstrtoull+0x111/0x140
[  234.209190][T12198]  ? __rcu_read_unlock+0x4f/0x70
[  234.209218][T12198]  nf_setsockopt+0x199/0x1b0
[  234.209247][T12198]  ipv6_setsockopt+0x11a/0x130
[  234.209348][T12198]  tcp_setsockopt+0x98/0xb0
[  234.209383][T12198]  sock_common_setsockopt+0x69/0x80
[  234.209409][T12198]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  234.209483][T12198]  __sys_setsockopt+0x184/0x200
[  234.209571][T12198]  __x64_sys_setsockopt+0x64/0x80
[  234.209604][T12198]  x64_sys_call+0x21d5/0x3000
[  234.209628][T12198]  do_syscall_64+0xca/0x2b0
[  234.209733][T12198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.209755][T12198] RIP: 0033:0x7f4a1a5df749
[  234.209774][T12198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.209794][T12198] RSP: 002b:00007f4a19047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  234.209815][T12198] RAX: ffffffffffffffda RBX: 00007f4a1a835fa0 RCX: 00007f4a1a5df749
[  234.209829][T12198] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  234.209844][T12198] RBP: 00007f4a19047090 R08: 0000000000000528 R09: 0000000000000000
[  234.209899][T12198] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000001
[  234.209911][T12198] R13: 00007f4a1a836038 R14: 00007f4a1a835fa0 R15: 00007ffdbaabcda8
[  234.209929][T12198]  </TASK>
[  234.210538][ T1712] hsr_slave_1: left promiscuous mode
[  234.458490][T12202] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3139'.
[  234.480599][ T3484] IPVS: starting estimator thread 0...
[  234.504957][ T1712] team0 (unregistering): Port device team_slave_1 removed
[  234.516889][ T1712] team0 (unregistering): Port device team_slave_0 removed
[  234.601623][T12205] IPVS: using max 1920 ests per chain, 96000 per kthread
[  234.629635][T12209] lo speed is unknown, defaulting to 1000
[  234.681845][T12217] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  234.693090][T12128] 8021q: adding VLAN 0 to HW filter on device bond0
[  234.753545][T12128] 8021q: adding VLAN 0 to HW filter on device team0
[  234.791252][  T388] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.798445][  T388] bridge0: port 1(bridge_slave_0) entered forwarding state
[  234.838772][  T388] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.846077][  T388] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.116184][T12128] 8021q: adding VLAN 0 to HW filter on device batadv0
[  235.577447][T12128] veth0_vlan: entered promiscuous mode
[  235.606780][T12128] veth1_vlan: entered promiscuous mode
[  235.642386][T12128] veth0_macvtap: entered promiscuous mode
[  235.650223][T12128] veth1_macvtap: entered promiscuous mode
[  235.662234][T12128] batman_adv: batadv0: Interface activated: batadv_slave_0
[  235.680813][T12128] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.709124][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.720735][T12254] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12254 comm=syz.1.3153
[  235.737839][T12254] netlink: 'syz.1.3153': attribute type 1 has an invalid length.
[  235.747302][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.765183][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.781605][T12254] bond0: (slave bridge1): making interface the new active one
[  235.790012][T12254] bond0: (slave bridge1): Enslaving as an active interface with an up link
[  235.800181][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.846123][T12262] loop5: detected capacity change from 0 to 512
[  235.873331][T12262] EXT4-fs warning (device loop5): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  235.885057][T12262] EXT4-fs warning (device loop5): dx_probe:849: Enable large directory feature to access it
[  235.895400][T12262] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.3155: Corrupt directory, running e2fsck is recommended
[  235.918086][T12262] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  235.935274][T12262] EXT4-fs error (device loop5): ext4_iget_extra_inode:5073: inode #15: comm syz.5.3155: corrupted in-inode xattr: e_name out of bounds
[  235.949772][T12262] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.3155: couldn't read orphan inode 15 (err -117)
[  235.962601][T12262] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.968795][T12262] EXT4-fs (loop5): can't enable nombcache during remount
[  235.996511][   T29] kauditd_printk_skb: 859 callbacks suppressed
[  235.996529][   T29] audit: type=1326 audit(1767300828.624:21671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12275 comm="syz.2.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1863ddf749 code=0x7ffc0000
[  236.035055][   T29] audit: type=1326 audit(1767300828.624:21672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12275 comm="syz.2.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1863ddf749 code=0x7ffc0000
[  236.058846][   T29] audit: type=1326 audit(1767300828.633:21673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12275 comm="syz.2.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1863ddf749 code=0x7ffc0000
[  236.082646][   T29] audit: type=1326 audit(1767300828.633:21674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12275 comm="syz.2.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1863ddf749 code=0x7ffc0000
[  236.106375][   T29] audit: type=1326 audit(1767300828.633:21675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12275 comm="syz.2.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1863ddf749 code=0x7ffc0000
[  236.121471][T12286] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3156'.
[  236.130152][   T29] audit: type=1326 audit(1767300828.652:21676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12275 comm="syz.2.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1863ddf749 code=0x7ffc0000
[  236.162805][   T29] audit: type=1326 audit(1767300828.652:21677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12275 comm="syz.2.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7f1863ddf749 code=0x7ffc0000
[  236.186605][   T29] audit: type=1326 audit(1767300828.652:21678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12275 comm="syz.2.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1863ddf749 code=0x7ffc0000
[  236.210394][   T29] audit: type=1326 audit(1767300828.652:21679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12275 comm="syz.2.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1863ddf749 code=0x7ffc0000
[  236.234240][   T29] audit: type=1326 audit(1767300828.652:21680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12275 comm="syz.2.3157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1863ddf749 code=0x7ffc0000
[  236.267022][T10473] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.293673][T12268] infiniband !yz!: set active
[  236.298466][T12268] infiniband !yz!: added team_slave_0
[  236.308591][T12291] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3159'.
[  236.313886][T12268] RDS/IB: !yz!: added
[  236.321841][T12268] smc: adding ib device !yz! with port count 1
[  236.329233][T12268] smc:    ib device !yz! port 1 has no pnetid
[  236.385662][T12300] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3164'.
[  236.441787][T12302] batman_adv: batadv0: Adding interface: dummy0
[  236.448110][T12302] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  236.481187][T12302] batman_adv: batadv0: Interface activated: dummy0
[  236.491465][T12304] netlink: 'syz.5.3166': attribute type 16 has an invalid length.
[  236.499439][T12304] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3166'.
[  236.537277][T12308] netlink: 'syz.5.3168': attribute type 16 has an invalid length.
[  236.545185][T12308] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3168'.
[  237.022679][T10080] ==================================================================
[  237.030841][T10080] BUG: KCSAN: data-race in kick_pool / wq_worker_running
[  237.037897][T10080] 
[  237.040474][T10080] read-write to 0xffff888237c2a524 of 4 bytes by task 1039 on cpu 0:
[  237.048816][T10080]  wq_worker_running+0x95/0x120
[  237.053692][T10080]  schedule_timeout+0xb7/0x170
[  237.058459][T10080]  msleep+0x50/0x90
[  237.062268][T10080]  nsim_fib_event_work+0x413c/0x45e0
[  237.067564][T10080]  process_scheduled_works+0x4ce/0x9d0
[  237.073039][T10080]  worker_thread+0x582/0x770
[  237.077822][T10080]  kthread+0x489/0x510
[  237.081904][T10080]  ret_from_fork+0x149/0x290
[  237.086589][T10080]  ret_from_fork_asm+0x1a/0x30
[  237.091359][T10080] 
[  237.093680][T10080] read to 0xffff888237c2a524 of 4 bytes by task 10080 on cpu 1:
[  237.101315][T10080]  kick_pool+0x49/0x2d0
[  237.105492][T10080]  __queue_work+0x897/0xae0
[  237.110029][T10080]  queue_work_on+0xa9/0x130
[  237.114551][T10080]  nsim_fib_event_nb+0xb5a/0xcb0
[  237.119506][T10080]  atomic_notifier_call_chain+0x76/0x1c0
[  237.125168][T10080]  call_fib_notifiers+0x65/0xa0
[  237.130036][T10080]  call_fib6_notifiers+0x30/0x40
[  237.134998][T10080]  fib6_add_rt2node+0xa31/0x17b0
[  237.139965][T10080]  fib6_add+0x5b9/0xe60
[  237.144133][T10080]  ip6_ins_rt+0x73/0xb0
[  237.148298][T10080]  __ipv6_ifa_notify+0x316/0x850
[  237.153249][T10080]  addrconf_dad_completed+0xdb/0x890
[  237.158555][T10080]  addrconf_dad_work+0x8ac/0xbf0
[  237.163504][T10080]  process_scheduled_works+0x4ce/0x9d0
[  237.168972][T10080]  worker_thread+0x582/0x770
[  237.173566][T10080]  kthread+0x489/0x510
[  237.177644][T10080]  ret_from_fork+0x149/0x290
[  237.182242][T10080]  ret_from_fork_asm+0x1a/0x30
[  237.187017][T10080] 
[  237.189351][T10080] value changed: 0x00000000 -> 0x00000001
[  237.195062][T10080] 
[  237.197384][T10080] Reported by Kernel Concurrency Sanitizer on:
[  237.203619][T10080] CPU: 1 UID: 0 PID: 10080 Comm: kworker/u8:15 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  237.213817][T10080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  237.223874][T10080] Workqueue: ipv6_addrconf addrconf_dad_work
[  237.229871][T10080] ==================================================================