last executing test programs:

5m28.115398056s ago: executing program 2 (id=1206):
mount(0x0, 0x0, &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000080"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x198)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='veno\x00', 0x5)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x5e, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

5m28.015164708s ago: executing program 2 (id=1208):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
syz_emit_ethernet(0xbb, &(0x7f0000000fc0)={@multicast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x85, 0x3c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[@hopopts={0x33, 0x3, '\x00', [@calipso={0x7, 0x8}, @calipso={0x7, 0x8}, @ra]}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"8a616cf910ffff0439bbc97a30c94a86576e9abefdb289951319b9a4bc52788f105edcfae6626af5f79816a2a43cee64736a09d13035fb3896610708eb424511fd6fee105cd463034ff15e92f76adb04d9"}}}}}}}, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x200000)
ioctl$EVIOCGID(r1, 0x80084502, 0x0)
ioctl$TCXONC(r0, 0x4b3a, 0x30b1693cc8029e2a)
setxattr$trusted_overlay_upper(0x0, &(0x7f00000001c0), 0x0, 0x835, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000880)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$cgroup(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x0, 0x0)

5m26.608725368s ago: executing program 2 (id=1221):
pipe2$9p(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0))
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

5m26.556675608s ago: executing program 2 (id=1223):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_clone(0x40100000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r4}})

5m25.927825748s ago: executing program 2 (id=1227):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
setrlimit(0xf, 0x0)
quotactl$Q_SETINFO(0xffffffff80000601, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000180)={0xffffe, 0x1})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xffffffff}, 0x1320, 0x0, 0x3, 0x5, 0x0, 0x800001, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r1, 0x8)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="020300000f"], 0x78}, 0x1, 0x7}, 0x0)
r4 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@noauto_da_alloc}, {@block_validity}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
close_range(r4, 0xffffffffffffffff, 0x2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$lock(r1, 0x25, &(0x7f0000000180)={0x1, 0x2, 0x6, 0x80000000})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYRESHEX=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = memfd_create(&(0x7f00000001c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x5)
fsetxattr$security_selinux(r6, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000016c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7, 0x0, 0x4}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000180)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r9, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r10 = dup(r9)
write$P9_RLERRORu(r10, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r10, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r10, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r10])

5m25.77275455s ago: executing program 2 (id=1229):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x44180, 0x0)

5m10.728242536s ago: executing program 32 (id=1229):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x44180, 0x0)

2.094370589s ago: executing program 3 (id=5614):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x3, 0x7ffc0001}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x20000000000000c2, &(0x7f0000000200)})
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
truncate(&(0x7f0000000040)='./file0\x00', 0x4)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a089, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0}, 0x2018, 0x5, 0x0, 0x8, 0x1000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x5, 0x0)
socket$kcm(0x2, 0x922000000001, 0x106)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000840))
socket$kcm(0x11, 0x2, 0x300)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140))
perf_event_open(&(0x7f0000000780)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0x8}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x1e, 0x5, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
socket$kcm(0xa, 0x2, 0x0)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

2.001806581s ago: executing program 3 (id=5615):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x9}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000008510000003000000180000000000000000000000010000009500000000000000950085ff00000000ca413ff56462bb7abdc9d7c1cdcbb76f193107cba005abe8abc250ef04862d3904b2579e302d1c54782f92f08c1099ee60e4f0627e85cf04e8e2707184b57dcf53bc2fbfdd34907a6c554b578d643a94e17d00"/164], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00'}, 0x18)
r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
writev(r3, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)

1.572577517s ago: executing program 4 (id=5625):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x3, 0x7ffc0001}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x20000000000000c2, &(0x7f0000000200)})
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
truncate(&(0x7f0000000040)='./file0\x00', 0x4)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a089, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0}, 0x2018, 0x5, 0x0, 0x8, 0x1000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x5, 0x0)
socket$kcm(0x2, 0x922000000001, 0x106)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000840))
socket$kcm(0x11, 0x2, 0x300)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140))
perf_event_open(&(0x7f0000000780)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0x8}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x1e, 0x5, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
socket$kcm(0xa, 0x2, 0x0)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100)=r3, 0x4)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

1.459873209s ago: executing program 4 (id=5630):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000005c0), r1)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000077400062c00070073797374656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080004200000000014000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0xf)
open_tree(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x81000)

1.39273108s ago: executing program 4 (id=5632):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
r5 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r5, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRESHEX=0x0, @ANYRESOCT], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000001180)={0x5, &(0x7f0000001140)=[{0x9, 0x1, 0x3, 0xd}, {0x9, 0x2, 0x4, 0x9}, {0x7, 0xd7, 0x10, 0x1}, {0x0, 0x2, 0x1}, {0x9, 0x3, 0x5, 0x3}]})
write$UHID_INPUT(r4, &(0x7f0000000000)={0x7, {"a2e3ad21ed0d52f91b5d520987f70e06d038e7ff7fc6e5539b0d47078b089b3907376d090890e0878f0e1ac6e7049b334a959b669a240d5d67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07670936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70fe98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf1a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e470dea05918b41243513f000800000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3e3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14d9fdb8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a19000000000000006f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69b15c9f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d44400009a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc01008cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c16c02ed4b5d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaab1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106d26658b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6b14effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c110000a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b51028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6815d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3f3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51090840517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4e004a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6ce1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c817e9177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d543902113c4c859465c3c115c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc248850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafcc009fc074bb6b68a1f0c4649820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948998cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2fd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5dc4ff8f0104000000000000df72279fdb0d2b9e936e5a983c12fded79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d3700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa6e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9f07b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e3ebb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3fec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4cddd5d0fc5a752f9000", 0x1000}}, 0x1006)

1.142736533s ago: executing program 5 (id=5642):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000005c0), r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0xf)
open_tree(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x81000)

1.113377784s ago: executing program 3 (id=5643):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
preadv(r2, &(0x7f0000000180)=[{&(0x7f0000000100)=""/25, 0x19}], 0x1, 0x401, 0x2)

1.094867704s ago: executing program 5 (id=5644):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000003c0), 0xfe, 0x524, &(0x7f0000000e00)="$eJzs3U9vI2cZAPBnJvEmu5uSFDiUSi0VLcpWsHbS0Dbi0C4S4lYJVO7bKHGiKE4cxU7ZRD2k4gMgIQS9cuKCxAdAQv0IqFIlekeAQAi2cOAADBp7TF0zzh9tbC/J7yeNPfPOzPs87649fudPZgK4tp6LiHsRMRURL0bEfFGeFkOcdId8uY8fvrOeD/mcN/+SRFKURcRCr7687HZnlZunxm0dHe+sNRr1g2K61t7dr7WOju9u765t1bfqeysry6+svrr68urSpbQzb9dr3/zDj3/ws2+99quvfu+39/90Z7p/ftGO80gvEvejzmslZvvK8sAHF6nkMTZVtKcy6UQAADiXvDP72Yj4Uqf/Px9T8d9u8WCXbnb82QEAAACXIXt9Lv6ZRGQAAADAlfV6RMxFklaLawHmIk2r1e41vJ+PW2mj2Wp/ZbN5uLeRz4tYiEq6ud2oLxXX1C5EJcmnl4uLgHvTLw1Mr0TEkxHxo/mbnenqerOxMemDHwAAAHBN3B7Y///7fHf/HwAAALhiFiadAAAAADByw/b/kzHnAQAAAIzOsP3/mTHnAQAAAIzEt994Ix+y2eg+/3rj7aPDnebbdzfqrZ3q7uF6db15sF/daja3Ovfs2z2rvkazuf+12Dt8UGvX7yW11tHx/d3m4V77/rbnBwIAAMCkPPnF9z9KIuLk6zc7Q+7GxlsRU0NWcK8AuDLSiyz8+9HlAYzfsJ954OqbnnQCwOScTDoBYNI+dauPkk5B/8U7af/Cvx5hUgAAwKVa/ELJ+f9iF6Ay6eSAkbrQ+X/gSnH+H66vC57//2BUeQDjV/mkB+BSILimznrUx9Cbd5Sd/79RtmCWnVkXAAAwUnOd1yStFucC5yJNq9WIJzp/6l9JNrcb9aWI+ExE/Ga+MpNPL3fX8XhAAAAAAAAAAAAAAAAAAAAAAAAAADinLEsiAwAAAK60iPSPSfH8r8X5F+YGjw/cSP4xH91HevWeD9g+WM7L/9orj/Z7b/7kwVq7ffDSuI9eAAAAAGV6++md9+VJZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAVfPxw3fWi+HGOOP++RsRsfCp+OvdOdMx23mfjUpE3PpbEtN96yURMXUJ8U/ejYinyuIneVqxUGQxGD+NiJvjif9MlmWl8W9fQny4zt7Ptz/3yr5/aTzXeS///k8Xw6Pqbf9mSuL3tn9TQ7Z/T5wzxtMf/qI2NP67EU9Pl29/evGTIfGfL6uw5B/lre8eH/9PYbfyyH4asRjl8ftj1dq7+7XW0fHd7d21rfpWfW9lZfmV1VdXX15dqm1uN+rFa2kbf/jML/89UPSvrKvT/hgSf+GM9r+Qj1T6CrPBMEWwDx88/Fx3tDJQRSf+nefLP39PnRI//0x8ufgdyOcv9sZPuuP9nv35B8+WJlbE3xjS/rP+/+8Mq3TAi9/5/u/OuSgAMAato+OdtUajfjDykfeyLHuUem6NL9VrOdLr3Z2yzMwjhZh9XFr6/zgyExHjC3oZR7YAAIDHzSed/klnAgAAAAAAAAAAAAAAAAAAANdX6yjSUd9ObDDmyWSaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwqv8EAAD//57g0/s=")
r3 = socket$inet(0x2, 0x2, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r4 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_FLUSH(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=<r7=>r5, @ANYBLOB="01000000000000000000011500002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c0007002000000002000000080008000100000008000b00736970000600010002000000080005"], 0xc4}}, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000700)={&(0x7f00000007c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="00012cbd7000ffdbdf2509000000080004000300000038000180070006007272000014000300ff02000000000000000000000000000108000900050000000800050001000094120b3639cc1e25598ab881c19ec77514dcbeece40f8248c5aa53cdc4e08b3f29577849531e2cdba970bd5ad2359b002e66d2e652f13a42cefa26a0a09891ee01f221"], 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x4804)
r8 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0)
write$binfmt_register(r8, &(0x7f0000000380)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x8, 0x3a, '^^', 0x3a, 'GPL\x00', 0x3a, './file0'}, 0x2d)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000780)=ANY=[@ANYRESOCT=r7, @ANYRES32=r9, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getresuid(&(0x7f0000000340), &(0x7f0000000440), &(0x7f00000005c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r10}, 0x18)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r11}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
sendmsg$inet(r3, &(0x7f0000000040)={&(0x7f0000000080)={0x2, 0xffff, @rand_addr=0x64010101}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x24000004)

1.067013914s ago: executing program 3 (id=5645):
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8042, &(0x7f0000000380)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x7}}, {@dioread_nolock}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}]}, 0x3, 0x4f3, &(0x7f00000012c0)="$eJzs3F1oXFUeAPD/nXz2a5vd7Xa33e5uut1lwxaTNq02D4JUFHxQECuojyFJS23aSJOCLVWmIPVRCr6Lj7764Kv6UsQnwdf6KEihSF/aCuLInbl3vjKTNJNkxpjfD27mnHtn7jnnnnvunHtO5gawbY2mf5JK+E5E7I2IQvMbRisvD+9fn3l0//pMFEulMz8m5Y89SOOZbDexK4uMFSIK7yW1DXUWr167MD0/P3c5i08sXXxrYvHqtSfOD2drpqaS/g4L1SK9tFwPDr67cOjAC2/cemmmuuc8tfpybJTRGG2VlbL/bnRiPbanLtxxvdF16fmfVtdAuf3vjb5YqfKKXcwZsNlKpVJpqP3mYqnZjWVrgC0rhnudA6A38i/69P43X1p1BAY3p/vRc/dOV26A0nI/zJaIf5VX5uMgA033txtpNCJeL/70UbrEJo1DAADU++J03hNs6v+NVGZGfr5y+5n09Q/ZHMpIRPwxIv4UEX+OiH0R8ZeI2B8Rf42IvzXtvy8iSiukP9oUr6ZfnYQq3N2goraU9v+ezua20qU291UNjfRlsT0ReYd57lh2TMZiYOjs+fm54yuk8eVz337Qblt9/y9d0jzkfcEsH3f7mwboZqeXpjsr7XL3bkQc7K+Vv9L/TfojkupMQBIRByLi4Br2O1IXPv//Tw5VIwON71u9/GWllvNoGzDPVPo44n+V+i9GtfzRMImYNMxPXpw+N3du7tLk1NTJE8dPPTX55MRwzM8dm0jPgmMt0/j6m5svt0t/1fJ/9n3zR54/9fmZrGWtX1r/O+vO/8jnb2vlH0kikup87eLa07j53ftt72k6Pf8Hk1fL4fy+9O3ppaXLxyMGkxeXr5+sfTaPp69RrJR/7Ejz+V9Ot3yNy4/E3yMiPYn/ERH/jModYpr3wxHx74g4skL5v3r2P292Xv7NlZZ/NhrLX6n5hvqvzde3CyTZ3GDDpsFIA30XDt951Obi8Xj1f7IcGsvWtL7+JQ2XiHY5zb/t0jW/rPvoAQAAwNZQiIjddWNJu6NQGB+vjAHti52F+YXFpaNnF65cmk23RYzEQCEf6aqMBw8k+fjnSF18sil+Ihs3/rBvRzk+PrMwP9vTkgO7ym0+KYxHvNZX1/5TP2zMEDPwW+b3WrB9rdT+0078/ltdzAzQVY///X/7nU3NCNB1de2/3S/8ix383xewBbj/B2pWf9CPawZsfSVtGba1NbX/ox4CCL8n/fFKNVzoaU6AbtP/h21p1d/1rytQGmq9aTiWvzmGV95hX3SWjR0t0upJIO1Z9ST1HZ18Kn+aQtv3RGFtOxyKxjWDHdbp2XUejeLlxXP7ayd//myRdR7nUva/8htdg592pZ22CnT9UgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALApfg0AAP//XhrXwA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103000, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x8004587d, &(0x7f0000000340)={0x2, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r1, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{}, &(0x7f0000000300), &(0x7f0000000340)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})

850.345417ms ago: executing program 3 (id=5650):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000040000000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
recvfrom$inet(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f0000001140)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

823.086498ms ago: executing program 1 (id=5651):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000012000000000000000000"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close_range(r0, 0xffffffffffffffff, 0x0)

818.781038ms ago: executing program 5 (id=5652):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000003c0), 0xfe, 0x524, &(0x7f0000000e00)="$eJzs3U9vI2cZAPBnJvEmu5uSFDiUSi0VLcpWsHbS0Dbi0C4S4lYJVO7bKHGiKE4cxU7ZRD2k4gMgIQS9cuKCxAdAQv0IqFIlekeAQAi2cOAADBp7TF0zzh9tbC/J7yeNPfPOzPs87649fudPZgK4tp6LiHsRMRURL0bEfFGeFkOcdId8uY8fvrOeD/mcN/+SRFKURcRCr7687HZnlZunxm0dHe+sNRr1g2K61t7dr7WOju9u765t1bfqeysry6+svrr68urSpbQzb9dr3/zDj3/ws2+99quvfu+39/90Z7p/ftGO80gvEvejzmslZvvK8sAHF6nkMTZVtKcy6UQAADiXvDP72Yj4Uqf/Px9T8d9u8WCXbnb82QEAAACXIXt9Lv6ZRGQAAADAlfV6RMxFklaLawHmIk2r1e41vJ+PW2mj2Wp/ZbN5uLeRz4tYiEq6ud2oLxXX1C5EJcmnl4uLgHvTLw1Mr0TEkxHxo/mbnenqerOxMemDHwAAAHBN3B7Y///7fHf/HwAAALhiFiadAAAAADByw/b/kzHnAQAAAIzOsP3/mTHnAQAAAIzEt994Ix+y2eg+/3rj7aPDnebbdzfqrZ3q7uF6db15sF/daja3Ovfs2z2rvkazuf+12Dt8UGvX7yW11tHx/d3m4V77/rbnBwIAAMCkPPnF9z9KIuLk6zc7Q+7GxlsRU0NWcK8AuDLSiyz8+9HlAYzfsJ954OqbnnQCwOScTDoBYNI+dauPkk5B/8U7af/Cvx5hUgAAwKVa/ELJ+f9iF6Ay6eSAkbrQ+X/gSnH+H66vC57//2BUeQDjV/mkB+BSILimznrUx9Cbd5Sd/79RtmCWnVkXAAAwUnOd1yStFucC5yJNq9WIJzp/6l9JNrcb9aWI+ExE/Ga+MpNPL3fX8XhAAAAAAAAAAAAAAAAAAAAAAAAAADinLEsiAwAAAK60iPSPSfH8r8X5F+YGjw/cSP4xH91HevWeD9g+WM7L/9orj/Z7b/7kwVq7ffDSuI9eAAAAAGV6++md9+VJZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAVfPxw3fWi+HGOOP++RsRsfCp+OvdOdMx23mfjUpE3PpbEtN96yURMXUJ8U/ejYinyuIneVqxUGQxGD+NiJvjif9MlmWl8W9fQny4zt7Ptz/3yr5/aTzXeS///k8Xw6Pqbf9mSuL3tn9TQ7Z/T5wzxtMf/qI2NP67EU9Pl29/evGTIfGfL6uw5B/lre8eH/9PYbfyyH4asRjl8ftj1dq7+7XW0fHd7d21rfpWfW9lZfmV1VdXX15dqm1uN+rFa2kbf/jML/89UPSvrKvT/hgSf+GM9r+Qj1T6CrPBMEWwDx88/Fx3tDJQRSf+nefLP39PnRI//0x8ufgdyOcv9sZPuuP9nv35B8+WJlbE3xjS/rP+/+8Mq3TAi9/5/u/OuSgAMAato+OdtUajfjDykfeyLHuUem6NL9VrOdLr3Z2yzMwjhZh9XFr6/zgyExHjC3oZR7YAAIDHzSed/klnAgAAAAAAAAAAAAAAAAAAANdX6yjSUd9ObDDmyWSaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwqv8EAAD//57g0/s=")
r3 = socket$inet(0x2, 0x2, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r4 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_FLUSH(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=<r7=>r5, @ANYBLOB="01000000000000000000011500002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c0007002000000002000000080008000100000008000b00736970000600010002000000080005"], 0xc4}}, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000700)={&(0x7f00000007c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="00012cbd7000ffdbdf2509000000080004000300000038000180070006007272000014000300ff02000000000000000000000000000108000900050000000800050001000094120b3639cc1e25598ab881c19ec77514dcbeece40f8248c5aa53cdc4e08b3f29577849531e2cdba970bd5ad2359b002e66d2e652f13a42cefa26a0a09891ee01f221"], 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x4804)
r8 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0)
write$binfmt_register(r8, &(0x7f0000000380)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x8, 0x3a, '^^', 0x3a, 'GPL\x00', 0x3a, './file0'}, 0x2d)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000780)=ANY=[@ANYRESOCT=r7, @ANYRES32=r9, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getresuid(&(0x7f0000000340), &(0x7f0000000440), &(0x7f00000005c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r10}, 0x18)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r11}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
sendmsg$inet(r3, &(0x7f0000000040)={&(0x7f0000000080)={0x2, 0xffff, @rand_addr=0x64010101}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x24000004)

758.913909ms ago: executing program 0 (id=5653):
mount(0x0, 0x0, &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000080"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x198)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='veno\x00', 0x5)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000300000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfd', @ANYRESHEX=r4])
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0))
mount$bind(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

757.268589ms ago: executing program 1 (id=5654):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0xf)
open_tree(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x81000)

737.918269ms ago: executing program 0 (id=5655):
faccessat(0xffffffffffffff9c, 0x0, 0x2)
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x3, 0x800000000001}, 0x1180, 0x5dd8, 0x0, 0x8, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, 0x0, &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x402, @loopback}], 0x1c)
sendto$inet6(r2, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

733.603189ms ago: executing program 1 (id=5656):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80)={<r3=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r3, 0x1}}, 0x18)

654.35479ms ago: executing program 3 (id=5657):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008000000"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r1, {0xee00, <r3=>0xffffffffffffffff}}, './file1\x00'})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r3, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40ff3, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c0002400000f900000000000c0001"], 0x118}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
mknodat$null(0xffffffffffffffff, &(0x7f0000000340)='./file1\x00', 0x8000, 0x103)
sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c"], 0x38}}, 0x0)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x40, 0x6, 0x0, 0x0, 0x4d299, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x4}, 0x100882, 0x7ff, 0x6, 0x0, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)

618.560271ms ago: executing program 1 (id=5658):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="2c0000001800835e0100000000000000020000000200fe02"], 0x2c}, 0x1, 0xffffff7f}, 0x40080) (fail_nth: 7)

617.601751ms ago: executing program 5 (id=5659):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r2, 0x10e, 0xc, &(0x7f0000000640)=0x7, 0x4)
sendmsg$netlink(r2, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000021c0)=ANY=[@ANYBLOB="28000000120001000000000000000000100000000c00ce00000000de"], 0x28}], 0x1}, 0x4000800)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvtap0\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000240)={'wg1\x00', <r6=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4c0a}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r3}, @IFLA_HSR_SLAVE2={0x8, 0x2, r6}]}}}]}, 0x40}}, 0x0)

603.247601ms ago: executing program 0 (id=5660):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
utime(&(0x7f0000000200)='./file0\x00', 0x0)

308.933465ms ago: executing program 0 (id=5661):
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8042, &(0x7f0000000380)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x7}}, {@dioread_nolock}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}]}, 0x3, 0x4f3, &(0x7f00000012c0)="$eJzs3F1oXFUeAPD/nXz2a5vd7Xa33e5uut1lwxaTNq02D4JUFHxQECuojyFJS23aSJOCLVWmIPVRCr6Lj7764Kv6UsQnwdf6KEihSF/aCuLInbl3vjKTNJNkxpjfD27mnHtn7jnnnnvunHtO5gawbY2mf5JK+E5E7I2IQvMbRisvD+9fn3l0//pMFEulMz8m5Y89SOOZbDexK4uMFSIK7yW1DXUWr167MD0/P3c5i08sXXxrYvHqtSfOD2drpqaS/g4L1SK9tFwPDr67cOjAC2/cemmmuuc8tfpybJTRGG2VlbL/bnRiPbanLtxxvdF16fmfVtdAuf3vjb5YqfKKXcwZsNlKpVJpqP3mYqnZjWVrgC0rhnudA6A38i/69P43X1p1BAY3p/vRc/dOV26A0nI/zJaIf5VX5uMgA033txtpNCJeL/70UbrEJo1DAADU++J03hNs6v+NVGZGfr5y+5n09Q/ZHMpIRPwxIv4UEX+OiH0R8ZeI2B8Rf42IvzXtvy8iSiukP9oUr6ZfnYQq3N2goraU9v+ezua20qU291UNjfRlsT0ReYd57lh2TMZiYOjs+fm54yuk8eVz337Qblt9/y9d0jzkfcEsH3f7mwboZqeXpjsr7XL3bkQc7K+Vv9L/TfojkupMQBIRByLi4Br2O1IXPv//Tw5VIwON71u9/GWllvNoGzDPVPo44n+V+i9GtfzRMImYNMxPXpw+N3du7tLk1NTJE8dPPTX55MRwzM8dm0jPgmMt0/j6m5svt0t/1fJ/9n3zR54/9fmZrGWtX1r/O+vO/8jnb2vlH0kikup87eLa07j53ftt72k6Pf8Hk1fL4fy+9O3ppaXLxyMGkxeXr5+sfTaPp69RrJR/7Ejz+V9Ot3yNy4/E3yMiPYn/ERH/jModYpr3wxHx74g4skL5v3r2P292Xv7NlZZ/NhrLX6n5hvqvzde3CyTZ3GDDpsFIA30XDt951Obi8Xj1f7IcGsvWtL7+JQ2XiHY5zb/t0jW/rPvoAQAAwNZQiIjddWNJu6NQGB+vjAHti52F+YXFpaNnF65cmk23RYzEQCEf6aqMBw8k+fjnSF18sil+Ihs3/rBvRzk+PrMwP9vTkgO7ym0+KYxHvNZX1/5TP2zMEDPwW+b3WrB9rdT+0078/ltdzAzQVY///X/7nU3NCNB1de2/3S/8ix383xewBbj/B2pWf9CPawZsfSVtGba1NbX/ox4CCL8n/fFKNVzoaU6AbtP/h21p1d/1rytQGmq9aTiWvzmGV95hX3SWjR0t0upJIO1Z9ST1HZ18Kn+aQtv3RGFtOxyKxjWDHdbp2XUejeLlxXP7ayd//myRdR7nUva/8htdg592pZ22CnT9UgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALApfg0AAP//XhrXwA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103000, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x8004587d, &(0x7f0000000340)={0x2, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000c"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1}, &(0x7f0000000300), &(0x7f0000000340)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})

307.821566ms ago: executing program 1 (id=5662):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, @perf_bp={0x0}, 0x2402, 0x0, 0x800000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x790, &(0x7f0000000d80)="$eJzs3M9rHGUfAPDvTLNNf+R9Ny+8h/e9VKGFFko3SXNpT8aLeCkUCl5rSCYhZJIt2U1NYqGpN0GozUVFEL179CqU+gd4k4KCNw+CaI0H9bKym83WpJvtpk26bfx8YDLPM/vMfL/fnc2TGchsAP9YL9d/JBEDEXE5IorN7WlEHG60jkSsboxbf3Bjor4kUatd+Tmp7xbrtWLrWElzfTwau8T/IuJeIeLsO4/GrSyvzI7nebbQ7A9V564NVZZXzs3MjU9n09n8yOjF4QujoxeGR/es1lNvXDx65+vX1ta++aJ6+0TfuSTGGnVHs7bOex9+opgb70khxrZtn3+ioz2/ki7G9D2DPAAA6Kx+nX+oeW1WiGIc6nSV5gIOAAAAXki1/lq3/uh6JAAAAPCcSaLXGQAAAAD7a/P/ADaf7X38c7B766dXI2KwXfy+xjPEEUeiEBHH1pMtjx8kG7vBU1m9FRF3x9p8/rp5ormz4YfNo3tzRPba3fr8M9Zu/klb80+0mX/6Nr874SntPP89jH9oh/nvcpcxvvzk/4Ud49+qLL17ol38pBU/2SH+m13Gv7323p2dXqt9FnG67d+fZEusDt8PMTQ1k7f71Wqle+/PM/d3rj/i2CPxk6QRNelc/7Uu6397/dfZ1Q7xz5zsfP434vdv2a/+mXi/mUcaEXea63p/bVuMk3PffvVo5GR1M/5kq/7Clgrbn//XW/V/2mX933/ev9TlUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhII2IgkrTUaqdpqRRxPCL+G8fSvFypnp0qL85P1l+LGIxCOjWTZ8MRUdzoJ/X+SKP9sH9+W380Iv7z3dGNoDN5Vpoo55O9Lh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICW4xExEElaiog0In4rpmmp1OusAAAAgD032OsEAAAAgH3n/h8AAAAOvt3e/6fNdbIPuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH1uVLl+pLbf3BjYl6f/L68uJs+fq5yawyW5pbnChNlBeulabL5ek8K02U5x53vDQiRi7G4tJQNatUhyrLK1fnyovz1aszc+PT2dWs8EyqAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYLcGGkuSliIibbTTtFSK+FdEDEYhmZrJs+GI+HdE3C8W+uv9kV4nDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ6rLK/Mjud5tvBiN2oHq5yuG5FEPAdp7ND4qHlWOo1JViPy7IfmyB6lmjbDP81xdpf8zce8Lb1uvNSDuQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN6rLK/Mjud5tlDpdSYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0VvpjEhH15XTx1MD2Vw8nvxcb64h46+MrHyyNV6sLI/Xtv7S2Vz9sbj//tx1vPssaAAAA4MB7ZTeDN+/TN+/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAulVZXpkdz/NsYR8bcavXVQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE/irwAAAP//8lOzpg==")
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x0, 0x5, 0x20000)
mlock(&(0x7f0000441000/0x4000)=nil, 0x4000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r3 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000002c0)={'syztnl1\x00', &(0x7f0000000340)={'ip6_vti0\x00', <r4=>0x0, 0x2f, 0x2, 0x2, 0xffff1dbf, 0x8, @empty, @empty, 0x10, 0x8000, 0x1, 0xb8b9}})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000001bc0)=@raw={'raw\x00', 0x8, 0x3, 0x4f8, 0x250, 0x11, 0x148, 0x0, 0x10, 0x460, 0x2a8, 0x2a8, 0x460, 0x2a8, 0x7fffffe, 0x0, {[{{@uncond, 0x10, 0x1e8, 0x250, 0x1c, {}, [@common=@inet=@hashlimit1={{0x58}, {'team_slave_0\x00', {0x0, 0x0, 0x9, 0x3, 0x0, 0xffffffff, 0x8}}}, @common=@unspec=@comment={{0x120}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x19, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}, {{@ip={@multicast1, @rand_addr, 0x0, 0xff000000, 'syzkaller0\x00', 'veth1_to_batadv\x00'}, 0x0, 0x1c8, 0x210, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'team_slave_0\x00', {0x459, 0x0, 0x48, 0x0, 0x0, 0x3, 0x2, 0x80}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev, 'macsec0\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x558)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000ff0700"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r9}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r6, 0xb, &(0x7f0000000480)=[@ioring_restriction_sqe_op={0x1, 0x1c}], 0x1)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r10=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r10}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x44}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000cc0)=@bpf_ext={0x1c, 0x23, &(0x7f0000000ac0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xffff0001}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @exit, @map_fd={0x18, 0x9}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @tail_call, @cb_func={0x18, 0x5, 0x4, 0x0, 0x6}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x10000}, @map_fd={0x18, 0x4}]}, &(0x7f0000000200)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41000, 0x40, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000540)={0x3, 0x2, 0x9, 0x23b}, 0x10, 0x1560, r0, 0xa, 0x0, &(0x7f0000000c00)=[{0x4, 0x5, 0xd, 0x3}, {0x2, 0x1, 0x4, 0x4}, {0x1, 0x3, 0xf, 0x6}, {0x5, 0x5, 0x9, 0x1}, {0x5, 0x3, 0xd, 0xc}, {0x1, 0x5, 0x2}, {0x2, 0x4, 0xb, 0x8}, {0x3, 0x1, 0x10, 0x8}, {0x2, 0x1, 0x4, 0x7}, {0x2, 0x5, 0x7, 0x4}], 0x10, 0x6, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095000000000000004c4a661721ffe18319e21686a1af6cdfa9b836ccf011"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r11}, 0x10)
r12 = dup(0xffffffffffffffff)
ioctl$PTP_EXTTS_REQUEST2(r12, 0x43403d05, 0x0)

274.518166ms ago: executing program 0 (id=5663):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000030000004c0001800d0001007564703a73797a300000000038000400140001000a0000007f00000100000000000000316d2bbb29b8f44a7d00200002000a00000000000000ff01000000000000000000"], 0x60}}, 0x0)

228.750216ms ago: executing program 4 (id=5664):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000440)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='rtc_alarm_irq_enable\x00', r0}, 0x18)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_AIE_ON(r1, 0x7001)

134.110598ms ago: executing program 0 (id=5665):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000012000000000000000000"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close_range(r0, 0xffffffffffffffff, 0x0)

132.250788ms ago: executing program 4 (id=5666):
mount(0x0, 0x0, &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000080"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x198)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='veno\x00', 0x5)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000300000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfd', @ANYRESHEX=r4])
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0))
mount$bind(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

68.908579ms ago: executing program 5 (id=5667):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000040000000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
recvfrom$inet(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f0000001140)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

68.339239ms ago: executing program 4 (id=5668):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x1)

821.04µs ago: executing program 1 (id=5669):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x3, 0x7ffc0001}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x20000000000000c2, &(0x7f0000000200)})
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
truncate(&(0x7f0000000040)='./file0\x00', 0x4)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a089, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0}, 0x2018, 0x5, 0x0, 0x8, 0x1000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x5, 0x0)
socket$kcm(0x2, 0x922000000001, 0x106)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000840))
socket$kcm(0x11, 0x2, 0x300)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140))
perf_event_open(&(0x7f0000000780)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={0x0, 0x8}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x1e, 0x5, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
socket$kcm(0xa, 0x2, 0x0)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

0s ago: executing program 5 (id=5670):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18)
nanosleep(&(0x7f0000000600)={0x0, 0x989680}, 0x0)
r1 = memfd_secret(0x0)
mmap(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x3000009, 0x12, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18) (async)
nanosleep(&(0x7f0000000600)={0x0, 0x989680}, 0x0) (async)
memfd_secret(0x0) (async)
mmap(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x3000009, 0x12, r1, 0x0) (async)

kernel console output (not intermixed with test programs):

3e syscall=321 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  394.275740][   T29] audit: type=1326 audit(1747449266.174:16799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17811 comm="syz.0.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  394.299354][   T29] audit: type=1326 audit(1747449266.174:16800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17811 comm="syz.0.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  394.322975][   T29] audit: type=1326 audit(1747449266.174:16801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17811 comm="syz.0.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  394.346794][   T29] audit: type=1326 audit(1747449266.174:16802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17811 comm="syz.0.4811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  394.372159][T17809] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  394.393816][T17812] 8021q: adding VLAN 0 to HW filter on device bond1
[  394.407367][T17815] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  394.447274][T13580] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  394.484998][T17828] loop3: detected capacity change from 0 to 512
[  394.503911][T17836] 9pnet_fd: Insufficient options for proto=fd
[  394.525001][T17828] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  394.559294][T17828] ext4 filesystem being mounted at /429/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  394.580025][T17843] loop4: detected capacity change from 0 to 512
[  394.602493][T17843] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  394.638323][T12166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  394.668828][T17843] EXT4-fs (loop4): 1 truncate cleaned up
[  394.672090][T17847] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4820'.
[  394.675155][T17843] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  394.723479][T17843] lo speed is unknown, defaulting to 1000
[  394.939983][T13580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.114569][T17865] loop4: detected capacity change from 0 to 512
[  395.577109][T17865] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  395.644422][T13580] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  395.793014][T17879] SELinux:  policydb string SE L does not match my string SE Linux
[  395.886131][T17879] SELinux: failed to load policy
[  396.034742][T17888] lo speed is unknown, defaulting to 1000
[  396.214239][T17908] loop5: detected capacity change from 0 to 1024
[  396.250582][T17908] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  396.261909][T17908] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  396.281864][T17911] 8021q: adding VLAN 0 to HW filter on device bond2
[  396.297910][T17908] JBD2: no valid journal superblock found
[  396.303720][T17908] EXT4-fs (loop5): Could not load journal inode
[  396.341130][T17904] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  396.850325][T17941] 8021q: adding VLAN 0 to HW filter on device bond2
[  396.870902][T17941] bond1: (slave dummy0): Releasing backup interface
[  396.882155][T17941] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  397.228059][T17971] loop4: detected capacity change from 0 to 512
[  397.270057][T17971] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  397.293931][T17971] ext4 filesystem being mounted at /295/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  397.416278][T13580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.840711][T17998] loop4: detected capacity change from 0 to 256
[  398.029476][T18005] __nla_validate_parse: 14 callbacks suppressed
[  398.029495][T18005] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4881'.
[  398.132674][T17998] FAT-fs (loop4): codepage cp857 not found
[  398.319594][T18012] loop3: detected capacity change from 0 to 512
[  398.338498][T18012] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  398.351758][T18012] ext4 filesystem being mounted at /439/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  398.380576][T12166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.415472][T18017] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4884'.
[  398.528480][T18033] SELinux:  policydb string SE Linu does not match my string SE Linux
[  398.538854][T18033] SELinux: failed to load policy
[  398.584503][T18040] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  398.611230][T18046] netlink: 'syz.5.4896': attribute type 5 has an invalid length.
[  398.630045][T18048] loop3: detected capacity change from 0 to 512
[  398.639470][T18048] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  398.647854][T18048] EXT4-fs (loop3): Invalid default hash set in the superblock
[  398.660359][T18048] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4893'.
[  398.669990][T18050] FAULT_INJECTION: forcing a failure.
[  398.669990][T18050] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  398.683538][T18050] CPU: 0 UID: 0 PID: 18050 Comm: syz.5.4897 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  398.683673][T18050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  398.683685][T18050] Call Trace:
[  398.683693][T18050]  <TASK>
[  398.683710][T18050]  __dump_stack+0x1d/0x30
[  398.683732][T18050]  dump_stack_lvl+0xe8/0x140
[  398.683751][T18050]  dump_stack+0x15/0x1b
[  398.683820][T18050]  should_fail_ex+0x265/0x280
[  398.683860][T18050]  should_fail+0xb/0x20
[  398.683959][T18050]  should_fail_usercopy+0x1a/0x20
[  398.683983][T18050]  _copy_from_user+0x1c/0xb0
[  398.684019][T18050]  sock_do_ioctl+0xe6/0x220
[  398.684053][T18050]  sock_ioctl+0x41b/0x610
[  398.684084][T18050]  ? __pfx_sock_ioctl+0x10/0x10
[  398.684114][T18050]  __se_sys_ioctl+0xcb/0x140
[  398.684219][T18050]  __x64_sys_ioctl+0x43/0x50
[  398.684243][T18050]  x64_sys_call+0x19a8/0x2fb0
[  398.684308][T18050]  do_syscall_64+0xd0/0x1a0
[  398.684335][T18050]  ? clear_bhb_loop+0x40/0x90
[  398.684359][T18050]  ? clear_bhb_loop+0x40/0x90
[  398.684383][T18050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.684407][T18050] RIP: 0033:0x7fd877bde969
[  398.684466][T18050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.684489][T18050] RSP: 002b:00007fd876247038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  398.684511][T18050] RAX: ffffffffffffffda RBX: 00007fd877e05fa0 RCX: 00007fd877bde969
[  398.684527][T18050] RDX: 0000200000000340 RSI: 0000000000008946 RDI: 0000000000000003
[  398.684541][T18050] RBP: 00007fd876247090 R08: 0000000000000000 R09: 0000000000000000
[  398.684555][T18050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.684569][T18050] R13: 0000000000000000 R14: 00007fd877e05fa0 R15: 00007fffe3cd5218
[  398.684663][T18050]  </TASK>
[  398.689487][T18051] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4894'.
[  398.883614][T18053] netdevsim netdevsim5: Direct firmware load for ./file0 failed with error -2
[  398.948143][T18055] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4899'.
[  399.142674][   T29] kauditd_printk_skb: 331 callbacks suppressed
[  399.142726][   T29] audit: type=1400 audit(1747449271.204:17134): avc:  denied  { prog_load } for  pid=18064 comm="syz.1.4903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  399.171368][   T29] audit: type=1400 audit(1747449271.204:17135): avc:  denied  { bpf } for  pid=18064 comm="syz.1.4903" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  399.192306][   T29] audit: type=1400 audit(1747449271.204:17136): avc:  denied  { perfmon } for  pid=18064 comm="syz.1.4903" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  399.245083][   T29] audit: type=1400 audit(1747449271.304:17137): avc:  denied  { map_create } for  pid=18066 comm="syz.1.4904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  399.264743][   T29] audit: type=1400 audit(1747449271.304:17138): avc:  denied  { map_read map_write } for  pid=18066 comm="syz.1.4904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  399.278041][T18069] SELinux:  policydb string SE Linu does not match my string SE Linux
[  399.285380][   T29] audit: type=1400 audit(1747449271.304:17139): avc:  denied  { read } for  pid=18066 comm="syz.1.4904" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  399.293726][T18069] SELinux: failed to load policy
[  399.317084][   T29] audit: type=1400 audit(1747449271.304:17140): avc:  denied  { open } for  pid=18066 comm="syz.1.4904" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  399.346023][   T29] audit: type=1400 audit(1747449271.304:17141): avc:  denied  { prog_run } for  pid=18066 comm="syz.1.4904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  399.365434][   T29] audit: type=1326 audit(1747449271.304:17142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.4904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76ed48e969 code=0x7ffc0000
[  399.389074][   T29] audit: type=1326 audit(1747449271.304:17143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18066 comm="syz.1.4904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f76ed48e969 code=0x7ffc0000
[  399.449472][T18075] loop3: detected capacity change from 0 to 1024
[  399.461082][T18073] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  399.511410][T18078] pim6reg: entered allmulticast mode
[  399.519125][T18078] pim6reg: left allmulticast mode
[  399.525156][T18075] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  399.545979][T18075] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.4908: Allocating blocks 385-513 which overlap fs metadata
[  399.560959][T18075] FAULT_INJECTION: forcing a failure.
[  399.560959][T18075] name failslab, interval 1, probability 0, space 0, times 0
[  399.573700][T18075] CPU: 0 UID: 0 PID: 18075 Comm: syz.3.4908 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  399.573732][T18075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  399.573783][T18075] Call Trace:
[  399.573792][T18075]  <TASK>
[  399.573878][T18075]  __dump_stack+0x1d/0x30
[  399.573904][T18075]  dump_stack_lvl+0xe8/0x140
[  399.573923][T18075]  dump_stack+0x15/0x1b
[  399.573939][T18075]  should_fail_ex+0x265/0x280
[  399.573972][T18075]  should_failslab+0x8c/0xb0
[  399.574010][T18075]  __kmalloc_noprof+0xa5/0x3e0
[  399.574041][T18075]  ? ext4_find_extent+0x16b/0x7a0
[  399.574083][T18075]  ext4_find_extent+0x16b/0x7a0
[  399.574111][T18075]  ext4_ext_map_blocks+0x115/0x3620
[  399.574136][T18075]  ? sched_clock+0x3f/0x60
[  399.574218][T18075]  ? perf_cgroup_switch+0x132/0x450
[  399.574257][T18075]  ? _raw_spin_unlock+0x26/0x50
[  399.574294][T18075]  ? finish_task_switch+0xad/0x2b0
[  399.574324][T18075]  ? ext4_es_lookup_extent+0x352/0x4f0
[  399.574535][T18075]  ext4_map_blocks+0x5ab/0xd00
[  399.574627][T18075]  ? xas_load+0x413/0x430
[  399.574659][T18075]  _ext4_get_block+0x10a/0x350
[  399.574696][T18075]  ext4_get_block_unwritten+0x2a/0xb0
[  399.574728][T18075]  ext4_block_write_begin+0x300/0x970
[  399.574796][T18075]  ? __pfx_ext4_get_block_unwritten+0x10/0x10
[  399.574824][T18075]  ? folio_mapping+0xb9/0x120
[  399.574847][T18075]  ext4_write_begin+0x43c/0xc30
[  399.574870][T18082] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4909'.
[  399.574940][T18075]  ext4_da_write_begin+0x1e8/0x580
[  399.574971][T18075]  ? balance_dirty_pages_ratelimited_flags+0x40b/0x5e0
[  399.575025][T18075]  generic_perform_write+0x181/0x490
[  399.575127][T18075]  ? file_modified_flags+0x30f/0x350
[  399.575194][T18075]  ext4_buffered_write_iter+0x1ee/0x3c0
[  399.575233][T18075]  ? ext4_file_write_iter+0xfe/0xf00
[  399.575272][T18075]  ext4_file_write_iter+0x383/0xf00
[  399.575367][T18075]  ? path_openat+0x1bf8/0x2170
[  399.575396][T18075]  ? _parse_integer_limit+0x170/0x190
[  399.575529][T18075]  do_iter_readv_writev+0x421/0x4c0
[  399.575610][T18075]  vfs_writev+0x2c9/0x870
[  399.575645][T18075]  __se_sys_pwritev2+0xfc/0x1c0
[  399.575686][T18075]  __x64_sys_pwritev2+0x67/0x80
[  399.575727][T18075]  x64_sys_call+0x1cea/0x2fb0
[  399.575832][T18075]  do_syscall_64+0xd0/0x1a0
[  399.575863][T18075]  ? clear_bhb_loop+0x40/0x90
[  399.575892][T18075]  ? clear_bhb_loop+0x40/0x90
[  399.575919][T18075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.575947][T18075] RIP: 0033:0x7f1dd2d6e969
[  399.575970][T18075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  399.575994][T18075] RSP: 002b:00007f1dd13d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  399.576019][T18075] RAX: ffffffffffffffda RBX: 00007f1dd2f95fa0 RCX: 00007f1dd2d6e969
[  399.576035][T18075] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 0000000000000005
[  399.576052][T18075] RBP: 00007f1dd13d7090 R08: 0000000000000000 R09: 0000000000000000
[  399.576068][T18075] R10: 0000000000000e7b R11: 0000000000000246 R12: 0000000000000001
[  399.576084][T18075] R13: 0000000000000000 R14: 00007f1dd2f95fa0 R15: 00007ffc22fa39b8
[  399.576133][T18075]  </TASK>
[  399.576916][T18074] EXT4-fs (loop3): pa ffff8881071fbc40: logic 16, phys. 129, len 24
[  399.900973][T18074] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  400.054687][T12166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.174642][T18089] FAULT_INJECTION: forcing a failure.
[  400.174642][T18089] name failslab, interval 1, probability 0, space 0, times 0
[  400.187473][T18089] CPU: 0 UID: 0 PID: 18089 Comm: syz.3.4911 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  400.187501][T18089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  400.187517][T18089] Call Trace:
[  400.187526][T18089]  <TASK>
[  400.187537][T18089]  __dump_stack+0x1d/0x30
[  400.187599][T18089]  dump_stack_lvl+0xe8/0x140
[  400.187624][T18089]  dump_stack+0x15/0x1b
[  400.187640][T18089]  should_fail_ex+0x265/0x280
[  400.187762][T18089]  should_failslab+0x8c/0xb0
[  400.187801][T18089]  kmem_cache_alloc_noprof+0x50/0x310
[  400.187826][T18089]  ? getname_flags+0x80/0x3b0
[  400.187884][T18089]  getname_flags+0x80/0x3b0
[  400.187980][T18089]  user_path_at+0x28/0x130
[  400.188045][T18089]  __x64_sys_umount+0x85/0xe0
[  400.188068][T18089]  x64_sys_call+0x2915/0x2fb0
[  400.188090][T18089]  do_syscall_64+0xd0/0x1a0
[  400.188114][T18089]  ? clear_bhb_loop+0x40/0x90
[  400.188167][T18089]  ? clear_bhb_loop+0x40/0x90
[  400.188196][T18089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.188223][T18089] RIP: 0033:0x7f1dd2d6e969
[  400.188243][T18089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.188265][T18089] RSP: 002b:00007f1dd13d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  400.188284][T18089] RAX: ffffffffffffffda RBX: 00007f1dd2f95fa0 RCX: 00007f1dd2d6e969
[  400.188296][T18089] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 00002000000003c0
[  400.188309][T18089] RBP: 00007f1dd13d7090 R08: 0000000000000000 R09: 0000000000000000
[  400.188326][T18089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.188342][T18089] R13: 0000000000000000 R14: 00007f1dd2f95fa0 R15: 00007ffc22fa39b8
[  400.188430][T18089]  </TASK>
[  400.503893][T18103] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4918'.
[  400.513426][T18103] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4918'.
[  400.623915][T18112] loop4: detected capacity change from 0 to 512
[  400.631612][T18112] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  400.640034][T18112] EXT4-fs (loop4): Invalid default hash set in the superblock
[  401.666643][T18159] lo speed is unknown, defaulting to 1000
[  401.729821][T18168] loop4: detected capacity change from 0 to 512
[  401.737227][T18168] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  401.745520][T18168] EXT4-fs (loop4): Invalid default hash set in the superblock
[  401.961552][T18189] FAULT_INJECTION: forcing a failure.
[  401.961552][T18189] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.974937][T18189] CPU: 0 UID: 0 PID: 18189 Comm: syz.5.4950 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  401.975039][T18189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  401.975050][T18189] Call Trace:
[  401.975056][T18189]  <TASK>
[  401.975075][T18189]  __dump_stack+0x1d/0x30
[  401.975121][T18189]  dump_stack_lvl+0xe8/0x140
[  401.975138][T18189]  dump_stack+0x15/0x1b
[  401.975225][T18189]  should_fail_ex+0x265/0x280
[  401.975256][T18189]  should_fail+0xb/0x20
[  401.975282][T18189]  should_fail_usercopy+0x1a/0x20
[  401.975353][T18189]  _copy_from_user+0x1c/0xb0
[  401.975373][T18189]  sock_do_ioctl+0xe6/0x220
[  401.975409][T18189]  sock_ioctl+0x41b/0x610
[  401.975451][T18189]  ? __pfx_sock_ioctl+0x10/0x10
[  401.975473][T18189]  __se_sys_ioctl+0xcb/0x140
[  401.975494][T18189]  __x64_sys_ioctl+0x43/0x50
[  401.975580][T18189]  x64_sys_call+0x19a8/0x2fb0
[  401.975602][T18189]  do_syscall_64+0xd0/0x1a0
[  401.975623][T18189]  ? clear_bhb_loop+0x40/0x90
[  401.975691][T18189]  ? clear_bhb_loop+0x40/0x90
[  401.975800][T18189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.975829][T18189] RIP: 0033:0x7fd877bde969
[  401.975858][T18189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.975948][T18189] RSP: 002b:00007fd876247038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  401.975966][T18189] RAX: ffffffffffffffda RBX: 00007fd877e05fa0 RCX: 00007fd877bde969
[  401.975979][T18189] RDX: 0000200000000340 RSI: 0000000000008946 RDI: 0000000000000004
[  401.975990][T18189] RBP: 00007fd876247090 R08: 0000000000000000 R09: 0000000000000000
[  401.976001][T18189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.976012][T18189] R13: 0000000000000000 R14: 00007fd877e05fa0 R15: 00007fffe3cd5218
[  401.976070][T18189]  </TASK>
[  402.192590][T18185] 8021q: adding VLAN 0 to HW filter on device bond2
[  402.210436][T18190] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  402.458701][T18210] loop5: detected capacity change from 0 to 512
[  402.489454][T18210] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  402.510715][T18210] EXT4-fs (loop5): 1 truncate cleaned up
[  402.518575][T18210] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  402.553422][T18212] 8021q: adding VLAN 0 to HW filter on device bond3
[  402.608969][T18210] lo speed is unknown, defaulting to 1000
[  402.704631][T18217] 8021q: adding VLAN 0 to HW filter on device bond2
[  402.752404][T18212] bond2: (slave dummy0): Releasing backup interface
[  402.775435][T18212] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  402.895946][T18231] bond1: (slave dummy0): Releasing backup interface
[  402.910555][T18231] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  402.994330][T18233] 8021q: adding VLAN 0 to HW filter on device bond3
[  403.015902][T18233] bond2: (slave dummy0): Releasing backup interface
[  403.028918][T18233] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  403.039075][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.118107][T18255] program syz.4.4968 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  403.156995][T18258] __nla_validate_parse: 9 callbacks suppressed
[  403.157011][T18258] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4972'.
[  403.172351][T18258] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4972'.
[  403.680397][T18280] netlink: 'syz.5.4979': attribute type 1 has an invalid length.
[  403.688763][T18280] netlink: 'syz.5.4979': attribute type 2 has an invalid length.
[  403.734239][T18284] openvswitch: netlink: Message has 6 unknown bytes.
[  403.806666][T18290] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  403.813258][T18290] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  403.821020][T18290] vhci_hcd vhci_hcd.0: Device attached
[  403.850468][T18290] bond0: entered promiscuous mode
[  403.855624][T18290] bond_slave_0: entered promiscuous mode
[  403.861592][T18290] bond_slave_1: entered promiscuous mode
[  403.870686][T18290] netlink: 56 bytes leftover after parsing attributes in process `syz.5.4984'.
[  403.897767][T18243] dccp_close: ABORT with 15653 bytes unread
[  403.933424][T18294] FAULT_INJECTION: forcing a failure.
[  403.933424][T18294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  403.946623][T18294] CPU: 1 UID: 0 PID: 18294 Comm: syz.4.4985 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  403.946656][T18294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  403.946672][T18294] Call Trace:
[  403.946681][T18294]  <TASK>
[  403.946689][T18294]  __dump_stack+0x1d/0x30
[  403.946710][T18294]  dump_stack_lvl+0xe8/0x140
[  403.946774][T18294]  dump_stack+0x15/0x1b
[  403.946842][T18294]  should_fail_ex+0x265/0x280
[  403.947015][T18294]  should_fail+0xb/0x20
[  403.947054][T18294]  should_fail_usercopy+0x1a/0x20
[  403.947078][T18294]  _copy_from_user+0x1c/0xb0
[  403.947101][T18294]  ___sys_sendmsg+0xc1/0x1d0
[  403.947194][T18294]  __x64_sys_sendmsg+0xd4/0x160
[  403.947234][T18294]  x64_sys_call+0x2999/0x2fb0
[  403.947260][T18294]  do_syscall_64+0xd0/0x1a0
[  403.947284][T18294]  ? clear_bhb_loop+0x40/0x90
[  403.947304][T18294]  ? clear_bhb_loop+0x40/0x90
[  403.947357][T18294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.947384][T18294] RIP: 0033:0x7f8f5190e969
[  403.947470][T18294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.947493][T18294] RSP: 002b:00007f8f4ff77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  403.947517][T18294] RAX: ffffffffffffffda RBX: 00007f8f51b35fa0 RCX: 00007f8f5190e969
[  403.947575][T18294] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  403.947587][T18294] RBP: 00007f8f4ff77090 R08: 0000000000000000 R09: 0000000000000000
[  403.947599][T18294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.947610][T18294] R13: 0000000000000000 R14: 00007f8f51b35fa0 R15: 00007ffc8b7e61f8
[  403.947698][T18294]  </TASK>
[  403.953911][T18291] vhci_hcd: connection closed
[  404.066262][ T3183] usb 11-1: new high-speed USB device number 2 using vhci_hcd
[  404.099030][ T7415] vhci_hcd: stop threads
[  404.142715][ T7415] vhci_hcd: release socket
[  404.147170][ T7415] vhci_hcd: disconnect device
[  404.168881][   T29] kauditd_printk_skb: 478 callbacks suppressed
[  404.168902][   T29] audit: type=1400 audit(1747449276.214:17616): avc:  denied  { execmem } for  pid=18295 comm="syz.0.4986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  404.195040][   T29] audit: type=1400 audit(1747449276.214:17617): avc:  denied  { ioctl } for  pid=18297 comm="syz.4.4987" path="socket:[58314]" dev="sockfs" ino=58314 ioctlcmd=0x89f4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  404.220141][   T29] audit: type=1400 audit(1747449276.214:17618): avc:  denied  { write } for  pid=18297 comm="syz.4.4987" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  404.240728][   T29] audit: type=1400 audit(1747449276.224:17619): avc:  denied  { read } for  pid=18297 comm="syz.4.4987" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  404.723400][T18318] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4995'.
[  404.736820][   T29] audit: type=1400 audit(1747449276.424:17620): avc:  denied  { read } for  pid=18302 comm="syz.3.4989" name="usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  404.760575][   T29] audit: type=1400 audit(1747449276.424:17621): avc:  denied  { open } for  pid=18302 comm="syz.3.4989" path="/dev/usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  404.784943][   T29] audit: type=1400 audit(1747449276.424:17622): avc:  denied  { ioctl } for  pid=18302 comm="syz.3.4989" path="/dev/usbmon7" dev="devtmpfs" ino=163 ioctlcmd=0x9208 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  404.810885][   T29] audit: type=1400 audit(1747449276.454:17623): avc:  denied  { mounton } for  pid=18308 comm="syz.1.4991" path="/397/file0" dev="tmpfs" ino=2124 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  404.834784][   T29] audit: type=1326 audit(1747449276.524:17624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.3.4992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd2d6e969 code=0x7ffc0000
[  404.858436][   T29] audit: type=1326 audit(1747449276.524:17625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.3.4992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd2d6e969 code=0x7ffc0000
[  404.909988][T18325] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4998'.
[  404.919276][T18325] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4998'.
[  405.066673][T18332] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5001'.
[  405.092781][T18332] 8021q: adding VLAN 0 to HW filter on device bond1
[  405.160482][T18345] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5005'.
[  405.176471][T18345] 8021q: adding VLAN 0 to HW filter on device bond4
[  405.200270][T18345] bond3: (slave dummy0): Releasing backup interface
[  405.213226][T18345] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  405.265029][T18354] loop5: detected capacity change from 0 to 512
[  405.289010][T18354] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.303549][T18354] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  405.345515][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.419986][T18369] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5012'.
[  405.429067][T18369] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5012'.
[  405.578668][T18374] loop5: detected capacity change from 0 to 1024
[  405.631031][T18374] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  405.642113][T18374] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  405.656409][T18374] JBD2: no valid journal superblock found
[  405.662228][T18374] EXT4-fs (loop5): Could not load journal inode
[  405.897524][T18377] IPv6: Can't replace route, no match found
[  406.062379][T18393] loop3: detected capacity change from 0 to 512
[  406.079772][T18393] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  406.092932][T18393] ext4 filesystem being mounted at /481/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  406.126669][T12166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.195706][T18405] loop3: detected capacity change from 0 to 1024
[  406.203716][T18405] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  406.214992][T18405] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  406.230834][T18405] JBD2: no valid journal superblock found
[  406.236729][T18405] EXT4-fs (loop3): Could not load journal inode
[  406.285223][T18415] FAULT_INJECTION: forcing a failure.
[  406.285223][T18415] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  406.298675][T18415] CPU: 0 UID: 0 PID: 18415 Comm: syz.3.5031 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  406.298783][T18415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  406.298795][T18415] Call Trace:
[  406.298802][T18415]  <TASK>
[  406.298812][T18415]  __dump_stack+0x1d/0x30
[  406.298833][T18415]  dump_stack_lvl+0xe8/0x140
[  406.298851][T18415]  dump_stack+0x15/0x1b
[  406.298867][T18415]  should_fail_ex+0x265/0x280
[  406.298950][T18415]  should_fail+0xb/0x20
[  406.299011][T18415]  should_fail_usercopy+0x1a/0x20
[  406.299118][T18415]  _copy_from_user+0x1c/0xb0
[  406.299147][T18415]  ____sys_sendmsg+0x1c5/0x4e0
[  406.299178][T18415]  ___sys_sendmsg+0x17b/0x1d0
[  406.299263][T18415]  __sys_sendmmsg+0x178/0x300
[  406.299299][T18415]  __x64_sys_sendmmsg+0x57/0x70
[  406.299321][T18415]  x64_sys_call+0x2f2f/0x2fb0
[  406.299415][T18415]  do_syscall_64+0xd0/0x1a0
[  406.299502][T18415]  ? clear_bhb_loop+0x40/0x90
[  406.299523][T18415]  ? clear_bhb_loop+0x40/0x90
[  406.299586][T18415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.299606][T18415] RIP: 0033:0x7f1dd2d6e969
[  406.299623][T18415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.299640][T18415] RSP: 002b:00007f1dd13d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  406.299663][T18415] RAX: ffffffffffffffda RBX: 00007f1dd2f95fa0 RCX: 00007f1dd2d6e969
[  406.299680][T18415] RDX: 0000000000000001 RSI: 0000200000001580 RDI: 0000000000000003
[  406.299756][T18415] RBP: 00007f1dd13d7090 R08: 0000000000000000 R09: 0000000000000000
[  406.299772][T18415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.299852][T18415] R13: 0000000000000000 R14: 00007f1dd2f95fa0 R15: 00007ffc22fa39b8
[  406.299869][T18415]  </TASK>
[  406.518913][T18421] loop5: detected capacity change from 0 to 2048
[  406.526003][T18421] EXT4-fs (loop5): invalid inodes per group: 204800
[  406.526003][T18421] 
[  406.574677][T18421] veth0: entered promiscuous mode
[  406.639392][T18426] loop5: detected capacity change from 0 to 512
[  406.669100][T18426] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #4: comm syz.5.5033: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  406.687491][T18426] EXT4-fs error (device loop5): ext4_quota_enable:7129: comm syz.5.5033: Bad quota inode: 4, type: 1
[  406.698728][T18426] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  406.714592][T18426] EXT4-fs (loop5): mount failed
[  406.789490][T18441] loop3: detected capacity change from 0 to 512
[  406.800277][T18441] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  406.849696][T12166] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  406.893697][T18451] FAULT_INJECTION: forcing a failure.
[  406.893697][T18451] name failslab, interval 1, probability 0, space 0, times 0
[  406.906551][T18451] CPU: 1 UID: 0 PID: 18451 Comm: syz.3.5045 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  406.906582][T18451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  406.906597][T18451] Call Trace:
[  406.906602][T18451]  <TASK>
[  406.906612][T18451]  __dump_stack+0x1d/0x30
[  406.906703][T18451]  dump_stack_lvl+0xe8/0x140
[  406.906723][T18451]  dump_stack+0x15/0x1b
[  406.906740][T18451]  should_fail_ex+0x265/0x280
[  406.906896][T18451]  should_failslab+0x8c/0xb0
[  406.906972][T18451]  __kmalloc_noprof+0xa5/0x3e0
[  406.906993][T18451]  ? alloc_pipe_info+0x1c9/0x350
[  406.907036][T18451]  alloc_pipe_info+0x1c9/0x350
[  406.907069][T18451]  splice_direct_to_actor+0x592/0x680
[  406.907100][T18451]  ? kstrtouint_from_user+0x9f/0xf0
[  406.907176][T18451]  ? __pfx_direct_splice_actor+0x10/0x10
[  406.907198][T18451]  ? __rcu_read_unlock+0x4f/0x70
[  406.907225][T18451]  ? get_pid_task+0x96/0xd0
[  406.907319][T18451]  ? avc_policy_seqno+0x15/0x30
[  406.907348][T18451]  do_splice_direct+0xda/0x150
[  406.907373][T18451]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  406.907473][T18451]  do_sendfile+0x380/0x640
[  406.907493][T18451]  __x64_sys_sendfile64+0x105/0x150
[  406.907577][T18451]  x64_sys_call+0xb39/0x2fb0
[  406.907604][T18451]  do_syscall_64+0xd0/0x1a0
[  406.907680][T18451]  ? clear_bhb_loop+0x40/0x90
[  406.907707][T18451]  ? clear_bhb_loop+0x40/0x90
[  406.907734][T18451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.907782][T18451] RIP: 0033:0x7f1dd2d6e969
[  406.907801][T18451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.907818][T18451] RSP: 002b:00007f1dd13d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  406.907836][T18451] RAX: ffffffffffffffda RBX: 00007f1dd2f95fa0 RCX: 00007f1dd2d6e969
[  406.907848][T18451] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  406.907859][T18451] RBP: 00007f1dd13d7090 R08: 0000000000000000 R09: 0000000000000000
[  406.907872][T18451] R10: 000000040000f63c R11: 0000000000000246 R12: 0000000000000001
[  406.907910][T18451] R13: 0000000000000000 R14: 00007f1dd2f95fa0 R15: 00007ffc22fa39b8
[  406.907931][T18451]  </TASK>
[  407.140228][T18454] program syz.1.5044 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  407.345404][T18480] FAULT_INJECTION: forcing a failure.
[  407.345404][T18480] name failslab, interval 1, probability 0, space 0, times 0
[  407.358193][T18480] CPU: 1 UID: 0 PID: 18480 Comm: syz.4.5058 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  407.358239][T18480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  407.358252][T18480] Call Trace:
[  407.358259][T18480]  <TASK>
[  407.358267][T18480]  __dump_stack+0x1d/0x30
[  407.358288][T18480]  dump_stack_lvl+0xe8/0x140
[  407.358307][T18480]  dump_stack+0x15/0x1b
[  407.358407][T18480]  should_fail_ex+0x265/0x280
[  407.358446][T18480]  should_failslab+0x8c/0xb0
[  407.358476][T18480]  kmem_cache_alloc_noprof+0x50/0x310
[  407.358501][T18480]  ? getname_flags+0x80/0x3b0
[  407.358579][T18480]  getname_flags+0x80/0x3b0
[  407.358658][T18480]  io_renameat_prep+0x105/0x1b0
[  407.358704][T18480]  io_submit_sqes+0x5ce/0x1000
[  407.358817][T18480]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  407.358865][T18480]  ? __rcu_read_unlock+0x4f/0x70
[  407.358968][T18480]  ? get_pid_task+0x96/0xd0
[  407.358995][T18480]  ? proc_fail_nth_write+0x12d/0x160
[  407.359024][T18480]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  407.359054][T18480]  ? vfs_write+0x75e/0x8d0
[  407.359090][T18480]  ? __rcu_read_unlock+0x4f/0x70
[  407.359140][T18480]  ? __fget_files+0x184/0x1c0
[  407.359173][T18480]  ? fput+0x8f/0xc0
[  407.359200][T18480]  __x64_sys_io_uring_enter+0x78/0x90
[  407.359254][T18480]  x64_sys_call+0x28c8/0x2fb0
[  407.359274][T18480]  do_syscall_64+0xd0/0x1a0
[  407.359355][T18480]  ? clear_bhb_loop+0x40/0x90
[  407.359382][T18480]  ? clear_bhb_loop+0x40/0x90
[  407.359410][T18480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.359480][T18480] RIP: 0033:0x7f8f5190e969
[  407.359495][T18480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.359579][T18480] RSP: 002b:00007f8f4ff77038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  407.359603][T18480] RAX: ffffffffffffffda RBX: 00007f8f51b35fa0 RCX: 00007f8f5190e969
[  407.359619][T18480] RDX: 000000000200e176 RSI: 0000000000001c3a RDI: 0000000000000006
[  407.359634][T18480] RBP: 00007f8f4ff77090 R08: 0000000000000000 R09: 0000000000000000
[  407.359717][T18480] R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001
[  407.359728][T18480] R13: 0000000000000000 R14: 00007f8f51b35fa0 R15: 00007ffc8b7e61f8
[  407.359747][T18480]  </TASK>
[  407.706466][T18448] dccp_close: ABORT with 15653 bytes unread
[  408.197084][T18524] program syz.5.5071 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  408.251501][T18528] xt_connbytes: Forcing CT accounting to be enabled
[  408.258398][T18528] Cannot find add_set index 0 as target
[  408.829704][T18544] __nla_validate_parse: 15 callbacks suppressed
[  408.829814][T18544] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5081'.
[  408.856332][T18544] 8021q: adding VLAN 0 to HW filter on device bond3
[  408.958250][T18551] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5083'.
[  408.970371][T18551] netlink: 'syz.1.5083': attribute type 1 has an invalid length.
[  409.109007][T18559] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=38 sclass=netlink_audit_socket pid=18559 comm=syz.0.5086
[  409.122994][T18559] netlink: 'syz.0.5086': attribute type 2 has an invalid length.
[  409.216637][   T29] kauditd_printk_skb: 365 callbacks suppressed
[  409.216656][   T29] audit: type=1400 audit(1747449281.284:17991): avc:  denied  { append } for  pid=18554 comm="syz.1.5085" name="hwrng" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  409.223220][T18567] loop5: detected capacity change from 0 to 512
[  409.274488][   T29] audit: type=1326 audit(1747449281.334:17992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18569 comm="syz.0.5091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  409.306898][T18567] EXT4-fs (loop5): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  409.312846][ T3183] vhci_hcd: vhci_device speed not set
[  409.331375][   T29] audit: type=1326 audit(1747449281.334:17993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18569 comm="syz.0.5091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  409.355229][   T29] audit: type=1326 audit(1747449281.334:17994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18569 comm="syz.0.5091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  409.379285][   T29] audit: type=1326 audit(1747449281.334:17995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18569 comm="syz.0.5091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  409.404491][   T29] audit: type=1326 audit(1747449281.424:17996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18573 comm="syz.4.5093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f5190e969 code=0x7ffc0000
[  409.428617][   T29] audit: type=1326 audit(1747449281.424:17997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18573 comm="syz.4.5093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f5190e969 code=0x7ffc0000
[  409.452582][   T29] audit: type=1326 audit(1747449281.424:17998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18573 comm="syz.4.5093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f5190e969 code=0x7ffc0000
[  409.453248][T18580] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5093'.
[  409.476245][   T29] audit: type=1326 audit(1747449281.424:17999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18573 comm="syz.4.5093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f5190e969 code=0x7ffc0000
[  409.509816][   T29] audit: type=1326 audit(1747449281.424:18000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18573 comm="syz.4.5093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f5190e969 code=0x7ffc0000
[  409.534162][T17023] EXT4-fs (loop5): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  409.561218][T18580] 8021q: adding VLAN 0 to HW filter on device bond5
[  409.748403][T18593] program syz.5.5095 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  409.758086][T18594] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5097'.
[  410.153711][T18618] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5107'.
[  410.356543][T18623] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5109'.
[  410.365654][T18623] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5109'.
[  410.442787][T18625] loop5: detected capacity change from 0 to 1024
[  410.492191][T18625] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  410.503256][T18625] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  410.533704][T18625] JBD2: no valid journal superblock found
[  410.539796][T18625] EXT4-fs (loop5): Could not load journal inode
[  410.695104][T18647] loop4: detected capacity change from 0 to 512
[  410.712229][T18647] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  410.720671][T18647] EXT4-fs (loop4): Invalid default hash set in the superblock
[  410.754548][T18647] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5115'.
[  410.805132][T18652] loop3: detected capacity change from 0 to 512
[  410.879808][T18656] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5123'.
[  410.914120][T18652] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  410.967327][T18652] ext4 filesystem being mounted at /506/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  411.019119][T12166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.106687][T18677] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5129'.
[  411.257088][T18686] loop3: detected capacity change from 0 to 512
[  411.278966][T18686] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  411.354859][T12166] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  411.546552][T18696] FAULT_INJECTION: forcing a failure.
[  411.546552][T18696] name failslab, interval 1, probability 0, space 0, times 0
[  411.559252][T18696] CPU: 1 UID: 0 PID: 18696 Comm: syz.4.5135 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  411.559358][T18696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  411.559370][T18696] Call Trace:
[  411.559377][T18696]  <TASK>
[  411.559470][T18696]  __dump_stack+0x1d/0x30
[  411.559553][T18696]  dump_stack_lvl+0xe8/0x140
[  411.559611][T18696]  dump_stack+0x15/0x1b
[  411.559632][T18696]  should_fail_ex+0x265/0x280
[  411.559674][T18696]  should_failslab+0x8c/0xb0
[  411.559786][T18696]  kmem_cache_alloc_node_noprof+0x57/0x320
[  411.559813][T18696]  ? __alloc_skb+0x101/0x320
[  411.559847][T18696]  ? mod_objcg_state+0x40e/0x530
[  411.559876][T18696]  __alloc_skb+0x101/0x320
[  411.559927][T18696]  ? xas_load+0x413/0x430
[  411.559956][T18696]  tipc_msg_build+0xbe/0x840
[  411.559989][T18696]  ? page_counter_charge+0x207/0x230
[  411.560038][T18696]  __tipc_sendstream+0x668/0xb30
[  411.560084][T18696]  ? __pfx_woken_wake_function+0x10/0x10
[  411.560109][T18696]  tipc_sendstream+0x3e/0x60
[  411.560162][T18696]  ? __pfx_tipc_sendstream+0x10/0x10
[  411.560228][T18696]  __sock_sendmsg+0x142/0x180
[  411.560259][T18696]  ____sys_sendmsg+0x345/0x4e0
[  411.560322][T18696]  ___sys_sendmsg+0x17b/0x1d0
[  411.560363][T18696]  __sys_sendmmsg+0x178/0x300
[  411.560404][T18696]  __x64_sys_sendmmsg+0x57/0x70
[  411.560440][T18696]  x64_sys_call+0x2f2f/0x2fb0
[  411.560462][T18696]  do_syscall_64+0xd0/0x1a0
[  411.560484][T18696]  ? clear_bhb_loop+0x40/0x90
[  411.560506][T18696]  ? clear_bhb_loop+0x40/0x90
[  411.560539][T18696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.560584][T18696] RIP: 0033:0x7f8f5190e969
[  411.560603][T18696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.560625][T18696] RSP: 002b:00007f8f4ff56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  411.560649][T18696] RAX: ffffffffffffffda RBX: 00007f8f51b36080 RCX: 00007f8f5190e969
[  411.560665][T18696] RDX: 0000000000000006 RSI: 0000200000004b00 RDI: 0000000000000003
[  411.560678][T18696] RBP: 00007f8f4ff56090 R08: 0000000000000000 R09: 0000000000000000
[  411.560746][T18696] R10: 00000000200040d1 R11: 0000000000000246 R12: 0000000000000001
[  411.560761][T18696] R13: 0000000000000000 R14: 00007f8f51b36080 R15: 00007ffc8b7e61f8
[  411.560785][T18696]  </TASK>
[  412.072559][T18716] 8021q: adding VLAN 0 to HW filter on device bond3
[  412.091910][T18713] policy can only be matched on NF_INET_PRE_ROUTING
[  412.091926][T18713] unable to load match
[  412.235905][T18734] loop4: detected capacity change from 0 to 512
[  412.343220][T18734] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.370364][T18734] ext4 filesystem being mounted at /346/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  412.492543][T13580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.722974][T18768] loop4: detected capacity change from 0 to 512
[  412.760720][T18768] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  412.769133][T18768] EXT4-fs (loop4): Invalid default hash set in the superblock
[  412.770014][T18780] loop3: detected capacity change from 0 to 512
[  412.834381][T18780] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.856827][T18780] ext4 filesystem being mounted at /513/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  412.984826][T12166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.451290][T18826] loop4: detected capacity change from 0 to 512
[  413.542494][T18826] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  413.687502][T13580] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  413.828763][T18835] loop4: detected capacity change from 0 to 512
[  413.866617][T18835] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  413.911712][T18835] ext4 filesystem being mounted at /351/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  414.045036][ T1052] IPVS: starting estimator thread 0...
[  414.051783][T13580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.156284][T18846] IPVS: using max 1824 ests per chain, 91200 per kthread
[  414.222781][T18859] program syz.5.5195 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  414.232182][   T29] kauditd_printk_skb: 260 callbacks suppressed
[  414.232198][   T29] audit: type=1400 audit(1747449286.284:18261): avc:  denied  { read } for  pid=18851 comm="syz.5.5195" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  414.262288][   T29] audit: type=1400 audit(1747449286.284:18262): avc:  denied  { open } for  pid=18851 comm="syz.5.5195" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  414.332330][   T29] audit: type=1400 audit(1747449286.364:18263): avc:  denied  { create } for  pid=18851 comm="syz.5.5195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  414.352144][   T29] audit: type=1400 audit(1747449286.364:18264): avc:  denied  { bind } for  pid=18851 comm="syz.5.5195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  414.371856][   T29] audit: type=1400 audit(1747449286.364:18265): avc:  denied  { name_bind } for  pid=18851 comm="syz.5.5195" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  414.393099][   T29] audit: type=1400 audit(1747449286.364:18266): avc:  denied  { node_bind } for  pid=18851 comm="syz.5.5195" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  414.414292][   T29] audit: type=1400 audit(1747449286.364:18267): avc:  denied  { listen } for  pid=18851 comm="syz.5.5195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  414.434023][   T29] audit: type=1400 audit(1747449286.364:18268): avc:  denied  { connect } for  pid=18851 comm="syz.5.5195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  414.453920][   T29] audit: type=1400 audit(1747449286.364:18269): avc:  denied  { name_connect } for  pid=18851 comm="syz.5.5195" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  414.475503][   T29] audit: type=1400 audit(1747449286.374:18270): avc:  denied  { accept } for  pid=18851 comm="syz.5.5195" lport=39579 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  414.767604][T18877] __nla_validate_parse: 9 callbacks suppressed
[  414.767619][T18877] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5199'.
[  414.823201][T18878] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5199'.
[  415.652768][T18917] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5215'.
[  415.775058][T18927] lo speed is unknown, defaulting to 1000
[  415.783447][T18931] netlink: 'syz.0.5219': attribute type 9 has an invalid length.
[  416.043734][T18956] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5229'.
[  416.088461][T18954] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5230'.
[  416.098138][T18954] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5230'.
[  416.118532][T18954] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5230'.
[  416.227520][T18969] loop5: detected capacity change from 0 to 512
[  416.279535][T18969] EXT4-fs (loop5): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  416.324926][T17023] EXT4-fs (loop5): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  416.427224][T18983] FAULT_INJECTION: forcing a failure.
[  416.427224][T18983] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  416.440464][T18983] CPU: 1 UID: 0 PID: 18983 Comm: syz.5.5242 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  416.440494][T18983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  416.440508][T18983] Call Trace:
[  416.440516][T18983]  <TASK>
[  416.440524][T18983]  __dump_stack+0x1d/0x30
[  416.440547][T18983]  dump_stack_lvl+0xe8/0x140
[  416.440567][T18983]  dump_stack+0x15/0x1b
[  416.440638][T18983]  should_fail_ex+0x265/0x280
[  416.440673][T18983]  should_fail+0xb/0x20
[  416.440763][T18983]  should_fail_usercopy+0x1a/0x20
[  416.440784][T18983]  _copy_from_user+0x1c/0xb0
[  416.440811][T18983]  ___sys_sendmsg+0xc1/0x1d0
[  416.440855][T18983]  __sys_sendmmsg+0x178/0x300
[  416.440892][T18983]  __x64_sys_sendmmsg+0x57/0x70
[  416.440918][T18983]  x64_sys_call+0x2f2f/0x2fb0
[  416.440942][T18983]  do_syscall_64+0xd0/0x1a0
[  416.440979][T18983]  ? clear_bhb_loop+0x40/0x90
[  416.441003][T18983]  ? clear_bhb_loop+0x40/0x90
[  416.441097][T18983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.441132][T18983] RIP: 0033:0x7fd877bde969
[  416.441149][T18983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.441168][T18983] RSP: 002b:00007fd876247038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  416.441255][T18983] RAX: ffffffffffffffda RBX: 00007fd877e05fa0 RCX: 00007fd877bde969
[  416.441268][T18983] RDX: 0000000000000004 RSI: 0000200000009c40 RDI: 0000000000000003
[  416.441281][T18983] RBP: 00007fd876247090 R08: 0000000000000000 R09: 0000000000000000
[  416.441294][T18983] R10: 0000000000048800 R11: 0000000000000246 R12: 0000000000000001
[  416.441306][T18983] R13: 0000000000000000 R14: 00007fd877e05fa0 R15: 00007fffe3cd5218
[  416.441326][T18983]  </TASK>
[  416.796550][T19012] loop5: detected capacity change from 0 to 512
[  416.803684][T19012] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  416.856537][T19012] EXT4-fs (loop5): 1 truncate cleaned up
[  416.862796][T19012] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  416.892598][T19012] lo speed is unknown, defaulting to 1000
[  416.994645][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  417.372038][T19036] FAULT_INJECTION: forcing a failure.
[  417.372038][T19036] name failslab, interval 1, probability 0, space 0, times 0
[  417.384795][T19036] CPU: 0 UID: 0 PID: 19036 Comm: syz.4.5258 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  417.384829][T19036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  417.384846][T19036] Call Trace:
[  417.384853][T19036]  <TASK>
[  417.384861][T19036]  __dump_stack+0x1d/0x30
[  417.384886][T19036]  dump_stack_lvl+0xe8/0x140
[  417.384910][T19036]  dump_stack+0x15/0x1b
[  417.384989][T19036]  should_fail_ex+0x265/0x280
[  417.385039][T19036]  should_failslab+0x8c/0xb0
[  417.385152][T19036]  kmem_cache_alloc_node_noprof+0x57/0x320
[  417.385180][T19036]  ? __alloc_skb+0x101/0x320
[  417.385221][T19036]  __alloc_skb+0x101/0x320
[  417.385295][T19036]  netlink_alloc_large_skb+0xba/0xf0
[  417.385334][T19036]  netlink_sendmsg+0x3cf/0x6b0
[  417.385362][T19036]  ? __pfx_netlink_sendmsg+0x10/0x10
[  417.385389][T19036]  __sock_sendmsg+0x142/0x180
[  417.385494][T19036]  ____sys_sendmsg+0x31e/0x4e0
[  417.385525][T19036]  ___sys_sendmsg+0x17b/0x1d0
[  417.385602][T19036]  __x64_sys_sendmsg+0xd4/0x160
[  417.385627][T19036]  x64_sys_call+0x2999/0x2fb0
[  417.385719][T19036]  do_syscall_64+0xd0/0x1a0
[  417.385749][T19036]  ? clear_bhb_loop+0x40/0x90
[  417.385777][T19036]  ? clear_bhb_loop+0x40/0x90
[  417.385804][T19036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.385893][T19036] RIP: 0033:0x7f8f5190e969
[  417.385909][T19036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.385929][T19036] RSP: 002b:00007f8f4ff77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  417.385952][T19036] RAX: ffffffffffffffda RBX: 00007f8f51b35fa0 RCX: 00007f8f5190e969
[  417.385964][T19036] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000003
[  417.385975][T19036] RBP: 00007f8f4ff77090 R08: 0000000000000000 R09: 0000000000000000
[  417.385987][T19036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  417.386033][T19036] R13: 0000000000000000 R14: 00007f8f51b35fa0 R15: 00007ffc8b7e61f8
[  417.386058][T19036]  </TASK>
[  417.627737][T19038] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.709282][T19038] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.797479][T19038] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.830416][T19055] FAULT_INJECTION: forcing a failure.
[  417.830416][T19055] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  417.843571][T19055] CPU: 0 UID: 0 PID: 19055 Comm: syz.1.5264 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  417.843602][T19055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  417.843618][T19055] Call Trace:
[  417.843628][T19055]  <TASK>
[  417.843637][T19055]  __dump_stack+0x1d/0x30
[  417.843664][T19055]  dump_stack_lvl+0xe8/0x140
[  417.843689][T19055]  dump_stack+0x15/0x1b
[  417.843717][T19055]  should_fail_ex+0x265/0x280
[  417.843791][T19055]  should_fail+0xb/0x20
[  417.843829][T19055]  should_fail_usercopy+0x1a/0x20
[  417.843912][T19055]  _copy_to_user+0x20/0xa0
[  417.843942][T19055]  simple_read_from_buffer+0xb5/0x130
[  417.843975][T19055]  proc_fail_nth_read+0x100/0x140
[  417.844007][T19055]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  417.844084][T19055]  vfs_read+0x19d/0x6f0
[  417.844107][T19055]  ? __rcu_read_unlock+0x4f/0x70
[  417.844129][T19055]  ? __rcu_read_unlock+0x4f/0x70
[  417.844156][T19055]  ? __fget_files+0x184/0x1c0
[  417.844264][T19055]  ksys_read+0xda/0x1a0
[  417.844374][T19055]  __x64_sys_read+0x40/0x50
[  417.844452][T19055]  x64_sys_call+0x2d77/0x2fb0
[  417.844479][T19055]  do_syscall_64+0xd0/0x1a0
[  417.844510][T19055]  ? clear_bhb_loop+0x40/0x90
[  417.844609][T19055]  ? clear_bhb_loop+0x40/0x90
[  417.844638][T19055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.844665][T19055] RIP: 0033:0x7f76ed48d37c
[  417.844684][T19055] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  417.844774][T19055] RSP: 002b:00007f76ebaf7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  417.844798][T19055] RAX: ffffffffffffffda RBX: 00007f76ed6b5fa0 RCX: 00007f76ed48d37c
[  417.844810][T19055] RDX: 000000000000000f RSI: 00007f76ebaf70a0 RDI: 0000000000000006
[  417.844822][T19055] RBP: 00007f76ebaf7090 R08: 0000000000000000 R09: 0000000000000000
[  417.844879][T19055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  417.844895][T19055] R13: 0000000000000000 R14: 00007f76ed6b5fa0 R15: 00007ffd187f1cd8
[  417.844996][T19055]  </TASK>
[  418.113467][T19038] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.205460][T19062] loop5: detected capacity change from 0 to 512
[  418.240300][T19062] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  418.250099][T19038] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  418.269730][T19038] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  418.275272][T19062] ext4 filesystem being mounted at /144/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  418.282289][T19038] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  418.300430][T19038] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  418.458873][T19072] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5271'.
[  418.517056][ T1052] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  418.573626][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.644040][T19082] loop5: detected capacity change from 0 to 512
[  418.682213][T19082] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  418.801052][T19082] EXT4-fs (loop5): 1 truncate cleaned up
[  418.808422][T19082] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  418.892857][T19082] lo speed is unknown, defaulting to 1000
[  419.051639][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  419.221263][T19116] bond4: (slave dummy0): Releasing backup interface
[  419.236088][T19116] bridge_slave_0: left allmulticast mode
[  419.241999][T19116] bridge_slave_0: left promiscuous mode
[  419.247717][T19116] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.507867][   T29] kauditd_printk_skb: 259 callbacks suppressed
[  419.507883][   T29] audit: type=1400 audit(1747449291.514:18530): avc:  denied  { create } for  pid=19117 comm="syz.0.5289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  419.534167][   T29] audit: type=1400 audit(1747449291.534:18531): avc:  denied  { setopt } for  pid=19117 comm="syz.0.5289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  419.553972][   T29] audit: type=1400 audit(1747449291.534:18532): avc:  denied  { bind } for  pid=19117 comm="syz.0.5289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  419.573603][   T29] audit: type=1400 audit(1747449291.534:18533): avc:  denied  { name_bind } for  pid=19117 comm="syz.0.5289" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  419.595781][   T29] audit: type=1400 audit(1747449291.534:18534): avc:  denied  { node_bind } for  pid=19117 comm="syz.0.5289" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  419.617968][   T29] audit: type=1400 audit(1747449291.534:18535): avc:  denied  { setopt } for  pid=19117 comm="syz.0.5289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  419.667588][T19116] bridge_slave_1: left allmulticast mode
[  419.673508][T19116] bridge_slave_1: left promiscuous mode
[  419.679469][T19116] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.751045][T19116] bond0: (slave bond_slave_0): Releasing backup interface
[  419.776679][T19116] bond0: (slave bond_slave_1): Releasing backup interface
[  419.789535][T19116] team_slave_0: left promiscuous mode
[  419.807882][T19116] team0: Port device team_slave_0 removed
[  419.815061][T19116] team_slave_1: left promiscuous mode
[  419.828713][T19116] team0: Port device team_slave_1 removed
[  419.841407][   T29] audit: type=1326 audit(1747449291.904:18536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19130 comm="syz.3.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd2d6e969 code=0x7ffc0000
[  419.968764][   T29] audit: type=1326 audit(1747449291.934:18537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19130 comm="syz.3.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f1dd2d6e969 code=0x7ffc0000
[  419.992491][   T29] audit: type=1326 audit(1747449291.934:18538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19130 comm="syz.3.5293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1dd2d6e969 code=0x7ffc0000
[  420.072979][   T29] audit: type=1400 audit(1747449292.124:18539): avc:  denied  { setopt } for  pid=19137 comm="syz.5.5296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  420.238880][T19151] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5300'.
[  420.838572][T19172] Invalid ELF header magic: != ELF
[  421.189604][T19193] loop4: detected capacity change from 0 to 512
[  421.209068][T19193] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  421.242356][T19206] program syz.3.5321 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  421.262065][T19193] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  421.317911][T19193] ext4 filesystem being mounted at /370/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  421.434172][T19193] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  421.475879][T13580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.999977][T19236] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5334'.
[  422.293854][T19255] lo speed is unknown, defaulting to 1000
[  422.302961][T19260] loop3: detected capacity change from 0 to 512
[  422.308145][T19262] loop5: detected capacity change from 0 to 512
[  422.314142][T19258] loop4: detected capacity change from 0 to 512
[  422.339198][T19258] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  422.361920][T19260] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  422.377372][T19262] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  422.391339][T19260] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.5345: invalid block
[  422.431854][T19262] ext4 filesystem being mounted at /154/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  422.448625][T19260] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.5345: invalid indirect mapped block 4294967295 (level 1)
[  422.473056][T13580] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  422.486469][T19260] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.5345: invalid indirect mapped block 4294967295 (level 1)
[  422.575790][T19260] EXT4-fs (loop3): 2 truncates cleaned up
[  422.603739][T19260] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  422.678638][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.699318][T19260] EXT4-fs (loop3): shut down requested (2)
[  422.717372][T19260] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=11
[  422.761798][T12166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.794525][T19278] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5347'.
[  423.125447][T19301] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5357'.
[  423.135813][T19300] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5351'.
[  423.270635][T19309] bridge0: entered promiscuous mode
[  423.299180][T19309] bridge0: port 1(macvlan2) entered blocking state
[  423.305951][T19309] bridge0: port 1(macvlan2) entered disabled state
[  423.313456][T19309] macvlan2: entered allmulticast mode
[  423.318999][T19309] bridge0: entered allmulticast mode
[  423.325105][T19311] 9pnet: Could not find request transport: r&½p
[  423.332230][T19309] macvlan2: left allmulticast mode
[  423.337545][T19309] bridge0: left allmulticast mode
[  423.354571][T19309] bridge0: left promiscuous mode
[  423.379050][T19315] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5363'.
[  423.391890][T19320] netlink: 'syz.3.5360': attribute type 29 has an invalid length.
[  423.399907][T19320] netlink: 'syz.3.5360': attribute type 3 has an invalid length.
[  423.407700][T19320] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5360'.
[  423.710077][T19334] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5370'.
[  424.297076][T19343] loop5: detected capacity change from 0 to 512
[  424.303777][T19343] EXT4-fs: Ignoring removed orlov option
[  424.315138][ T7432] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  424.327643][T19343] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  424.348937][T19343] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5372: bg 0: block 248: padding at end of block bitmap is not set
[  424.365503][T19343] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.5372: Failed to acquire dquot type 1
[  424.379289][T19343] EXT4-fs (loop5): 1 truncate cleaned up
[  424.386054][T19343] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  424.398960][T19343] ext4 filesystem being mounted at /157/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  424.483807][T19347] loop4: detected capacity change from 0 to 512
[  424.643903][T19347] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  424.676657][   T29] kauditd_printk_skb: 465 callbacks suppressed
[  424.676672][   T29] audit: type=1326 audit(1747449296.734:19001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19353 comm="syz.0.5375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  424.706605][   T29] audit: type=1326 audit(1747449296.734:19002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19353 comm="syz.0.5375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  424.706802][T19349] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5374'.
[  424.730797][   T29] audit: type=1326 audit(1747449296.734:19003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19353 comm="syz.0.5375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  424.763159][   T29] audit: type=1326 audit(1747449296.744:19004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19353 comm="syz.0.5375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  424.786971][   T29] audit: type=1326 audit(1747449296.744:19005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19353 comm="syz.0.5375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  424.811193][   T29] audit: type=1400 audit(1747449296.754:19006): avc:  denied  { unmount } for  pid=17023 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  424.812081][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.831478][   T29] audit: type=1326 audit(1747449296.834:19007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19353 comm="syz.0.5375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  424.864365][   T29] audit: type=1326 audit(1747449296.834:19008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19353 comm="syz.0.5375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  424.888144][   T29] audit: type=1326 audit(1747449296.834:19009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19353 comm="syz.0.5375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  424.911961][   T29] audit: type=1326 audit(1747449296.834:19010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19353 comm="syz.0.5375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2f8c8be969 code=0x7ffc0000
[  424.977040][T13580] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  425.021844][T19365] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5376'.
[  425.120359][T19388] FAULT_INJECTION: forcing a failure.
[  425.120359][T19388] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  425.133685][T19388] CPU: 0 UID: 0 PID: 19388 Comm: syz.5.5387 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  425.133722][T19388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  425.133738][T19388] Call Trace:
[  425.133748][T19388]  <TASK>
[  425.133758][T19388]  __dump_stack+0x1d/0x30
[  425.133784][T19388]  dump_stack_lvl+0xe8/0x140
[  425.133804][T19388]  dump_stack+0x15/0x1b
[  425.133849][T19388]  should_fail_ex+0x265/0x280
[  425.133958][T19388]  should_fail+0xb/0x20
[  425.133998][T19388]  should_fail_usercopy+0x1a/0x20
[  425.134023][T19388]  _copy_from_user+0x1c/0xb0
[  425.134106][T19388]  __copy_msghdr+0x244/0x300
[  425.134128][T19388]  ___sys_sendmsg+0x109/0x1d0
[  425.134170][T19388]  __x64_sys_sendmsg+0xd4/0x160
[  425.134261][T19388]  x64_sys_call+0x2999/0x2fb0
[  425.134286][T19388]  do_syscall_64+0xd0/0x1a0
[  425.134327][T19388]  ? clear_bhb_loop+0x40/0x90
[  425.134349][T19388]  ? clear_bhb_loop+0x40/0x90
[  425.134376][T19388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.134403][T19388] RIP: 0033:0x7fd877bde969
[  425.134422][T19388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  425.134454][T19388] RSP: 002b:00007fd876247038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  425.134480][T19388] RAX: ffffffffffffffda RBX: 00007fd877e05fa0 RCX: 00007fd877bde969
[  425.134496][T19388] RDX: 0000000000044000 RSI: 0000200000001000 RDI: 0000000000000004
[  425.134512][T19388] RBP: 00007fd876247090 R08: 0000000000000000 R09: 0000000000000000
[  425.134528][T19388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  425.134544][T19388] R13: 0000000000000000 R14: 00007fd877e05fa0 R15: 00007fffe3cd5218
[  425.134648][T19388]  </TASK>
[  425.141454][T19391] loop3: detected capacity change from 0 to 512
[  425.211177][T19394] lo speed is unknown, defaulting to 1000
[  425.303379][T19402] loop4: detected capacity change from 0 to 512
[  425.341074][T19401] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  425.347784][T19401] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  425.355568][T19401] vhci_hcd vhci_hcd.0: Device attached
[  425.369864][T19391] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  425.385977][T19401] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(13)
[  425.387901][T19391] ext4 filesystem being mounted at /560/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  425.392803][T19401] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  425.392941][T19401] vhci_hcd vhci_hcd.0: Device attached
[  425.445649][T19402] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  425.454005][T19402] EXT4-fs (loop4): Invalid default hash set in the superblock
[  425.466620][T12166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.498309][T19402] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5386'.
[  425.520754][T19401] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(15)
[  425.527758][T19401] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  425.535444][T19401] vhci_hcd vhci_hcd.0: Device attached
[  425.536253][   T23] vhci_hcd: vhci_device speed not set
[  425.583829][T19423] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5397'.
[  425.613092][T19411] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(18)
[  425.619870][T19411] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  425.627732][T19411] vhci_hcd vhci_hcd.0: Device attached
[  425.633402][   T23] usb 11-1: new full-speed USB device number 3 using vhci_hcd
[  425.665749][T19432] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5400'.
[  425.726052][T19401] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(17)
[  425.732727][T19401] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  425.740473][T19401] vhci_hcd vhci_hcd.0: Device attached
[  425.769759][T19411] vhci_hcd vhci_hcd.0: pdev(5) rhport(5) sockfd(17)
[  425.776428][T19411] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  425.783919][T19411] vhci_hcd vhci_hcd.0: Device attached
[  425.796907][T19401] vhci_hcd vhci_hcd.0: pdev(5) rhport(6) sockfd(22)
[  425.803588][T19401] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  425.811931][T19401] vhci_hcd vhci_hcd.0: Device attached
[  425.821801][T19438] vhci_hcd: connection closed
[  425.921758][ T7423] vhci_hcd: stop threads
[  425.930995][ T7423] vhci_hcd: release socket
[  425.935477][ T7423] vhci_hcd: disconnect device
[  426.143369][T19454] program syz.4.5406 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  426.332757][T19462] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5410'.
[  426.376136][T19428] vhci_hcd: connection closed
[  426.376981][T19413] vhci_hcd: connection closed
[  426.377507][T19421] vhci_hcd: connection closed
[  426.387416][T19404] vhci_hcd: connection reset by peer
[  426.387467][ T7432] vhci_hcd: stop threads
[  426.392512][T19441] vhci_hcd: connection closed
[  426.397471][ T7432] vhci_hcd: release socket
[  426.405481][T19433] vhci_hcd: connection closed
[  426.406797][ T7432] vhci_hcd: disconnect device
[  426.429151][ T7432] vhci_hcd: stop threads
[  426.433534][ T7432] vhci_hcd: release socket
[  426.438120][ T7432] vhci_hcd: disconnect device
[  426.443034][ T7432] vhci_hcd: stop threads
[  426.447423][ T7432] vhci_hcd: release socket
[  426.451893][ T7432] vhci_hcd: disconnect device
[  426.457060][ T7432] vhci_hcd: stop threads
[  426.461369][ T7432] vhci_hcd: release socket
[  426.465970][ T7432] vhci_hcd: disconnect device
[  426.472355][ T7432] vhci_hcd: stop threads
[  426.476684][ T7432] vhci_hcd: release socket
[  426.481205][ T7432] vhci_hcd: disconnect device
[  426.487802][ T7432] vhci_hcd: stop threads
[  426.492152][ T7432] vhci_hcd: release socket
[  426.496648][ T7432] vhci_hcd: disconnect device
[  426.680771][T19476] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5414'.
[  426.977751][T19486] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5418'.
[  427.186385][T19503] loop5: detected capacity change from 0 to 512
[  427.202431][T19503] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  427.225493][T19503] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.5426: invalid block
[  427.240522][T19503] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.5426: invalid indirect mapped block 4294967295 (level 1)
[  427.255381][T19503] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.5426: invalid indirect mapped block 4294967295 (level 1)
[  427.270013][T19503] EXT4-fs (loop5): 2 truncates cleaned up
[  427.278307][T19503] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  427.294146][T19503] EXT4-fs (loop5): shut down requested (2)
[  427.302365][T19503] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  427.501842][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  427.735207][T19521] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5433'.
[  427.926707][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  428.128054][T19544] program syz.5.5438 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  428.179250][T19547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5439'.
[  428.383171][T19555] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5445'.
[  429.519112][T19562] FAULT_INJECTION: forcing a failure.
[  429.519112][T19562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.532428][T19562] CPU: 0 UID: 0 PID: 19562 Comm: syz.1.5448 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  429.532545][T19562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  429.532561][T19562] Call Trace:
[  429.532570][T19562]  <TASK>
[  429.532580][T19562]  __dump_stack+0x1d/0x30
[  429.532607][T19562]  dump_stack_lvl+0xe8/0x140
[  429.532632][T19562]  dump_stack+0x15/0x1b
[  429.532671][T19562]  should_fail_ex+0x265/0x280
[  429.532751][T19562]  should_fail+0xb/0x20
[  429.532785][T19562]  should_fail_usercopy+0x1a/0x20
[  429.532804][T19562]  _copy_from_user+0x1c/0xb0
[  429.532826][T19562]  sctp_setsockopt+0x154/0xe30
[  429.532892][T19562]  sock_common_setsockopt+0x66/0x80
[  429.532929][T19562]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  429.532966][T19562]  __sys_setsockopt+0x181/0x200
[  429.533021][T19562]  __x64_sys_setsockopt+0x64/0x80
[  429.533039][T19562]  x64_sys_call+0x2bd5/0x2fb0
[  429.533066][T19562]  do_syscall_64+0xd0/0x1a0
[  429.533103][T19562]  ? clear_bhb_loop+0x40/0x90
[  429.533130][T19562]  ? clear_bhb_loop+0x40/0x90
[  429.533158][T19562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.533185][T19562] RIP: 0033:0x7f76ed48e969
[  429.533202][T19562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  429.533251][T19562] RSP: 002b:00007f76ebaf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  429.533270][T19562] RAX: ffffffffffffffda RBX: 00007f76ed6b5fa0 RCX: 00007f76ed48e969
[  429.533286][T19562] RDX: 0000000000000025 RSI: 0000000000000084 RDI: 0000000000000003
[  429.533301][T19562] RBP: 00007f76ebaf7090 R08: 000000000000009c R09: 0000000000000000
[  429.533317][T19562] R10: 0000200000000300 R11: 0000000000000246 R12: 0000000000000001
[  429.533336][T19562] R13: 0000000000000000 R14: 00007f76ed6b5fa0 R15: 00007ffd187f1cd8
[  429.533360][T19562]  </TASK>
[  429.720347][   T29] kauditd_printk_skb: 1326 callbacks suppressed
[  429.720396][   T29] audit: type=1326 audit(1747450327.566:20337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.3.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1dd2d0ab39 code=0x7ffc0000
[  429.750386][   T29] audit: type=1326 audit(1747450327.676:20338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.3.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1dd2d65927 code=0x7ffc0000
[  429.774088][   T29] audit: type=1326 audit(1747450327.676:20339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.3.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1dd2d0ab39 code=0x7ffc0000
[  429.798688][   T29] audit: type=1326 audit(1747450327.676:20340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.3.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1dd2d65927 code=0x7ffc0000
[  429.822407][   T29] audit: type=1326 audit(1747450327.676:20341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.3.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1dd2d0ab39 code=0x7ffc0000
[  429.846285][   T29] audit: type=1326 audit(1747450327.676:20342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.3.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1dd2d65927 code=0x7ffc0000
[  429.870090][   T29] audit: type=1326 audit(1747450327.676:20343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.3.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1dd2d0ab39 code=0x7ffc0000
[  429.893927][   T29] audit: type=1326 audit(1747450327.676:20344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.3.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1dd2d65927 code=0x7ffc0000
[  429.917507][   T29] audit: type=1326 audit(1747450327.676:20345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.3.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1dd2d0ab39 code=0x7ffc0000
[  429.941266][   T29] audit: type=1326 audit(1747450327.676:20346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19531 comm="syz.3.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1dd2d65927 code=0x7ffc0000
[  429.976996][ T7443] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  430.067754][T19570] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5452'.
[  430.175072][T19584] loop3: detected capacity change from 0 to 512
[  430.199982][T19584] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  430.263908][T12166] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  430.856439][   T23] usb 11-1: enqueue for inactive port 0
[  430.862281][   T23] usb 11-1: enqueue for inactive port 0
[  430.927849][T19607] loop5: detected capacity change from 0 to 512
[  430.936241][   T23] vhci_hcd: vhci_device speed not set
[  430.979169][T19607] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  431.006308][T19607] ext4 filesystem being mounted at /168/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  431.086799][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.105959][T19620] netlink: 'syz.0.5467': attribute type 10 has an invalid length.
[  431.130741][T19620] ipvlan0: entered allmulticast mode
[  431.136137][T19620] veth0_vlan: entered allmulticast mode
[  431.137442][T19623] loop5: detected capacity change from 0 to 512
[  431.248068][T19623] EXT4-fs (loop5): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  431.284556][T17023] EXT4-fs (loop5): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  431.307936][T19630] __nla_validate_parse: 1 callbacks suppressed
[  431.307955][T19630] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5471'.
[  431.408480][T19634] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5472'.
[  431.431306][T19637] loop4: detected capacity change from 0 to 128
[  431.446660][T19637] vfat: Unknown parameter ''
[  431.472396][T19644] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  431.472574][T19637] IPVS: stopping master sync thread 19644 ...
[  431.577140][T19642] FAULT_INJECTION: forcing a failure.
[  431.577140][T19642] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  431.590471][T19642] CPU: 1 UID: 0 PID: 19642 Comm: syz.5.5475 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  431.590501][T19642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  431.590515][T19642] Call Trace:
[  431.590524][T19642]  <TASK>
[  431.590534][T19642]  __dump_stack+0x1d/0x30
[  431.590562][T19642]  dump_stack_lvl+0xe8/0x140
[  431.590587][T19642]  dump_stack+0x15/0x1b
[  431.590616][T19642]  should_fail_ex+0x265/0x280
[  431.590658][T19642]  should_fail_alloc_page+0xf2/0x100
[  431.590691][T19642]  __alloc_frozen_pages_noprof+0xff/0x360
[  431.590730][T19642]  alloc_pages_mpol+0xb3/0x250
[  431.590840][T19642]  vma_alloc_folio_noprof+0x1aa/0x300
[  431.590869][T19642]  handle_mm_fault+0x1056/0x2ae0
[  431.590943][T19642]  ? mas_walk+0xf2/0x120
[  431.590971][T19642]  do_user_addr_fault+0x636/0x1090
[  431.591006][T19642]  exc_page_fault+0x54/0xc0
[  431.591057][T19642]  asm_exc_page_fault+0x26/0x30
[  431.591083][T19642] RIP: 0033:0x7fd877b8bf6b
[  431.591180][T19642] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  431.591201][T19642] RSP: 002b:00007fd876244e10 EFLAGS: 00010246
[  431.591217][T19642] RAX: 00007fd876246f30 RBX: 00007fd877dd3620 RCX: 0000000000000000
[  431.591229][T19642] RDX: 00007fd876246f78 RSI: 00007fd877c3dbf8 RDI: 00007fd876244e30
[  431.591241][T19642] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  431.591252][T19642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  431.591264][T19642] R13: 0000000000000000 R14: 00007fd877e05fa0 R15: 00007fffe3cd5218
[  431.591355][T19642]  </TASK>
[  431.591379][T19642] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  432.530120][T19684] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5492'.
[  432.620512][T19693] loop4: detected capacity change from 0 to 164
[  432.645126][T19693] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  432.673718][T19693] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  432.685716][T19693] Symlink component flag not implemented
[  432.691609][T19693] Symlink component flag not implemented
[  432.723787][T19693] Symlink component flag not implemented (7)
[  432.729893][T19693] Symlink component flag not implemented (116)
[  432.814588][T19707] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  432.815465][T19703] loop5: detected capacity change from 0 to 2048
[  432.821146][T19707] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  432.821251][T19707] vhci_hcd vhci_hcd.0: Device attached
[  432.868235][T19707] netlink: 'syz.3.5501': attribute type 10 has an invalid length.
[  432.876483][T19707] ipvlan0: entered allmulticast mode
[  432.881960][T19707] veth0_vlan: entered allmulticast mode
[  432.889594][T19707] team0: Device ipvlan0 failed to register rx_handler
[  432.915075][T19703] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  432.929184][T19708] vhci_hcd: connection closed
[  432.933512][ T7428] vhci_hcd: stop threads
[  432.940377][T19703] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  432.943207][ T7428] vhci_hcd: release socket
[  432.943218][ T7428] vhci_hcd: disconnect device
[  433.189090][T19703] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5499: bg 0: block 345: padding at end of block bitmap is not set
[  433.227524][T19703] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 312 with error 117
[  433.240285][T19703] EXT4-fs (loop5): This should not happen!! Data will be lost
[  433.240285][T19703] 
[  433.322791][T19725] loop4: detected capacity change from 0 to 512
[  433.360139][T19723] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5506'.
[  433.385361][T19725] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  433.397858][T19729] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5508'.
[  433.434686][T19725] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.5507: invalid block
[  433.620254][T19725] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.5507: invalid indirect mapped block 4294967295 (level 1)
[  433.638981][ T3390] usb usb12-port7: attempt power cycle
[  433.675756][T19725] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.5507: invalid indirect mapped block 4294967295 (level 1)
[  433.707978][T19725] EXT4-fs (loop4): 2 truncates cleaned up
[  433.717200][T19725] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  433.768793][T19725] EXT4-fs (loop4): shut down requested (2)
[  433.775342][T19725] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=11
[  433.810556][T13580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.847745][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  434.016707][T19757] FAULT_INJECTION: forcing a failure.
[  434.016707][T19757] name failslab, interval 1, probability 0, space 0, times 0
[  434.029478][T19757] CPU: 0 UID: 0 PID: 19757 Comm: syz.5.5517 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  434.029513][T19757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  434.029530][T19757] Call Trace:
[  434.029539][T19757]  <TASK>
[  434.029549][T19757]  __dump_stack+0x1d/0x30
[  434.029589][T19757]  dump_stack_lvl+0xe8/0x140
[  434.029614][T19757]  dump_stack+0x15/0x1b
[  434.029686][T19757]  should_fail_ex+0x265/0x280
[  434.029782][T19757]  should_failslab+0x8c/0xb0
[  434.029818][T19757]  kmem_cache_alloc_node_noprof+0x57/0x320
[  434.029845][T19757]  ? __alloc_skb+0x101/0x320
[  434.030014][T19757]  __alloc_skb+0x101/0x320
[  434.030050][T19757]  tcp_stream_alloc_skb+0x2d/0x1d0
[  434.030081][T19757]  tcp_sendmsg_locked+0x9e7/0x28b0
[  434.030119][T19757]  ? __rcu_read_unlock+0x4f/0x70
[  434.030205][T19757]  ? __pfx_tcp_sendmsg+0x10/0x10
[  434.030230][T19757]  tcp_sendmsg+0x2f/0x50
[  434.030261][T19757]  inet6_sendmsg+0x76/0xd0
[  434.030303][T19757]  __sock_sendmsg+0x8b/0x180
[  434.030460][T19757]  ____sys_sendmsg+0x31e/0x4e0
[  434.030534][T19757]  ___sys_sendmsg+0x17b/0x1d0
[  434.030606][T19757]  __x64_sys_sendmsg+0xd4/0x160
[  434.030631][T19757]  x64_sys_call+0x2999/0x2fb0
[  434.030657][T19757]  do_syscall_64+0xd0/0x1a0
[  434.030688][T19757]  ? clear_bhb_loop+0x40/0x90
[  434.030756][T19757]  ? clear_bhb_loop+0x40/0x90
[  434.030783][T19757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.030807][T19757] RIP: 0033:0x7fd877bde969
[  434.030843][T19757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  434.030873][T19757] RSP: 002b:00007fd876247038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  434.030897][T19757] RAX: ffffffffffffffda RBX: 00007fd877e05fa0 RCX: 00007fd877bde969
[  434.030913][T19757] RDX: 0000000000040010 RSI: 0000200000000400 RDI: 0000000000000003
[  434.030947][T19757] RBP: 00007fd876247090 R08: 0000000000000000 R09: 0000000000000000
[  434.030963][T19757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  434.030978][T19757] R13: 0000000000000000 R14: 00007fd877e05fa0 R15: 00007fffe3cd5218
[  434.031084][T19757]  </TASK>
[  434.734548][T12539] syz_tun (unregistering): left allmulticast mode
[  434.766646][   T29] kauditd_printk_skb: 390 callbacks suppressed
[  434.766665][   T29] audit: type=1400 audit(1747450332.836:20728): avc:  denied  { sys_module } for  pid=19767 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  434.889160][   T29] audit: type=1400 audit(1747450332.866:20729): avc:  denied  { read } for  pid=19761 comm="syz.3.5523" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  434.912869][   T29] audit: type=1400 audit(1747450332.866:20730): avc:  denied  { open } for  pid=19761 comm="syz.3.5523" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  434.937396][   T29] audit: type=1326 audit(1747450332.936:20731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19773 comm="syz.5.5525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd877bde969 code=0x7ffc0000
[  434.961494][   T29] audit: type=1326 audit(1747450332.936:20732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19773 comm="syz.5.5525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7fd877bde969 code=0x7ffc0000
[  434.985808][   T29] audit: type=1326 audit(1747450332.936:20733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19773 comm="syz.5.5525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd877bde969 code=0x7ffc0000
[  435.103674][T19767] lo speed is unknown, defaulting to 1000
[  435.132427][   T29] audit: type=1400 audit(1747450333.196:20734): avc:  denied  { create } for  pid=19787 comm="syz.1.5529" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  435.149999][T19785] loop5: detected capacity change from 0 to 512
[  435.166428][   T29] audit: type=1400 audit(1747450333.196:20735): avc:  denied  { ioctl } for  pid=19787 comm="syz.1.5529" path="socket:[63632]" dev="sockfs" ino=63632 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  435.226274][T19785] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  435.256227][   T29] audit: type=1400 audit(1747450333.266:20736): avc:  denied  { mounton } for  pid=19783 comm="syz.5.5528" path="/180/file0" dev="tmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  435.324444][T19785] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  435.342944][T19767] chnl_net:caif_netlink_parms(): no params data found
[  435.351543][T19785] EXT4-fs (loop5): 1 truncate cleaned up
[  435.359062][T19800] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5532'.
[  435.370143][T19785] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  435.384018][   T29] audit: type=1400 audit(1747450333.456:20737): avc:  denied  { create } for  pid=19799 comm="syz.1.5532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  435.424753][T19767] bridge0: port 1(bridge_slave_0) entered blocking state
[  435.432118][T19767] bridge0: port 1(bridge_slave_0) entered disabled state
[  435.458597][T19767] bridge_slave_0: entered allmulticast mode
[  435.468711][T19767] bridge_slave_0: entered promiscuous mode
[  435.482054][T19785] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5528'.
[  435.484784][T19767] bridge0: port 2(bridge_slave_1) entered blocking state
[  435.498940][T19767] bridge0: port 2(bridge_slave_1) entered disabled state
[  435.527784][T19767] bridge_slave_1: entered allmulticast mode
[  435.535133][T19767] bridge_slave_1: entered promiscuous mode
[  435.542114][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  435.575419][T19767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  435.589410][T19767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  435.612381][T19815] loop4: detected capacity change from 0 to 512
[  435.619759][ T7416] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  435.631948][T19815] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  435.651019][T19767] team0: Port device team_slave_0 added
[  435.658317][T19767] team0: Port device team_slave_1 added
[  435.677406][T19767] batman_adv: batadv0: Adding interface: batadv_slave_0
[  435.677920][T13580] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  435.684372][T19767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  435.684459][T19767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  435.685369][T19767] batman_adv: batadv0: Adding interface: batadv_slave_1
[  435.726486][ T3390] usb usb12-port7: unable to enumerate USB device
[  435.729990][T19767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  435.769655][T19767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  435.800431][T19767] hsr_slave_0: entered promiscuous mode
[  435.806864][T19767] hsr_slave_1: entered promiscuous mode
[  435.812881][T19767] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  435.820824][T19767] Cannot create hsr debugfs directory
[  435.904228][T19767] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  435.968677][T19767] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.138022][T19767] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.218467][T19767] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.353845][T19767] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  436.390811][T19767] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  436.453551][T19767] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  436.464461][T19767] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  436.521648][T19767] 8021q: adding VLAN 0 to HW filter on device bond0
[  436.547000][T19767] 8021q: adding VLAN 0 to HW filter on device team0
[  436.564138][ T7433] bridge0: port 1(bridge_slave_0) entered blocking state
[  436.571322][ T7433] bridge0: port 1(bridge_slave_0) entered forwarding state
[  436.593347][ T7433] bridge0: port 2(bridge_slave_1) entered blocking state
[  436.600576][ T7433] bridge0: port 2(bridge_slave_1) entered forwarding state
[  436.730897][T19767] 8021q: adding VLAN 0 to HW filter on device batadv0
[  436.765708][T19877] 9pnet_fd: Insufficient options for proto=fd
[  436.849146][T19767] veth0_vlan: entered promiscuous mode
[  436.867487][T19767] veth1_vlan: entered promiscuous mode
[  436.891127][T19767] veth0_macvtap: entered promiscuous mode
[  436.903038][T19767] veth1_macvtap: entered promiscuous mode
[  436.917153][T19767] batman_adv: batadv0: Interface activated: batadv_slave_0
[  436.934655][T19767] batman_adv: batadv0: Interface activated: batadv_slave_1
[  436.942509][T19893] loop5: detected capacity change from 0 to 512
[  436.946492][T19767] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  436.958131][T19767] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  436.960818][T19893] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  436.966934][T19767] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  436.975123][T19893] EXT4-fs (loop5): Invalid default hash set in the superblock
[  436.991611][T19767] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  437.029677][T19893] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5563'.
[  437.077933][T19900] FAULT_INJECTION: forcing a failure.
[  437.077933][T19900] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  437.091562][T19900] CPU: 1 UID: 0 PID: 19900 Comm: syz.0.5521 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  437.091639][T19900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  437.091657][T19900] Call Trace:
[  437.091664][T19900]  <TASK>
[  437.091674][T19900]  __dump_stack+0x1d/0x30
[  437.091702][T19900]  dump_stack_lvl+0xe8/0x140
[  437.091727][T19900]  dump_stack+0x15/0x1b
[  437.091743][T19900]  should_fail_ex+0x265/0x280
[  437.091810][T19900]  should_fail+0xb/0x20
[  437.091846][T19900]  should_fail_usercopy+0x1a/0x20
[  437.091867][T19900]  _copy_to_user+0x20/0xa0
[  437.091894][T19900]  simple_read_from_buffer+0xb5/0x130
[  437.091949][T19900]  proc_fail_nth_read+0x100/0x140
[  437.091979][T19900]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  437.092070][T19900]  vfs_read+0x19d/0x6f0
[  437.092097][T19900]  ? _raw_spin_unlock+0x26/0x50
[  437.092151][T19900]  ? finish_task_switch+0xad/0x2b0
[  437.092177][T19900]  ? xfd_validate_state+0x45/0xf0
[  437.092270][T19900]  ksys_read+0xda/0x1a0
[  437.092303][T19900]  __x64_sys_read+0x40/0x50
[  437.092425][T19900]  x64_sys_call+0x2d77/0x2fb0
[  437.092509][T19900]  do_syscall_64+0xd0/0x1a0
[  437.092540][T19900]  ? clear_bhb_loop+0x40/0x90
[  437.092567][T19900]  ? clear_bhb_loop+0x40/0x90
[  437.092591][T19900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.092612][T19900] RIP: 0033:0x7f0ee04dd37c
[  437.092626][T19900] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  437.092701][T19900] RSP: 002b:00007f0edeb47030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  437.092734][T19900] RAX: ffffffffffffffda RBX: 00007f0ee0705fa0 RCX: 00007f0ee04dd37c
[  437.092751][T19900] RDX: 000000000000000f RSI: 00007f0edeb470a0 RDI: 0000000000000006
[  437.092805][T19900] RBP: 00007f0edeb47090 R08: 0000000000000000 R09: 0000000000000000
[  437.092817][T19900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  437.092828][T19900] R13: 0000000000000000 R14: 00007f0ee0705fa0 R15: 00007ffd3b51d208
[  437.092847][T19900]  </TASK>
[  437.526627][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  437.784014][T19917] 9pnet_fd: Insufficient options for proto=fd
[  438.039947][T12166] syz_tun (unregistering): left allmulticast mode
[  438.197967][T19922] lo speed is unknown, defaulting to 1000
[  438.238579][T19950] loop5: detected capacity change from 0 to 512
[  438.245925][T19950] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  438.263333][T19950] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  438.286796][T19950] EXT4-fs (loop5): 1 truncate cleaned up
[  438.294846][T19950] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  438.342419][T19950] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5584'.
[  438.363110][T19922] chnl_net:caif_netlink_parms(): no params data found
[  438.388240][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.394432][T19963] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5588'.
[  438.465862][T19922] bridge0: port 1(bridge_slave_0) entered blocking state
[  438.473413][T19922] bridge0: port 1(bridge_slave_0) entered disabled state
[  438.483082][T19922] bridge_slave_0: entered allmulticast mode
[  438.490385][T19922] bridge_slave_0: entered promiscuous mode
[  438.502625][T19922] bridge0: port 2(bridge_slave_1) entered blocking state
[  438.509948][T19922] bridge0: port 2(bridge_slave_1) entered disabled state
[  438.518785][T19974] loop5: detected capacity change from 0 to 164
[  438.519237][T19922] bridge_slave_1: entered allmulticast mode
[  438.544949][T19922] bridge_slave_1: entered promiscuous mode
[  438.577454][T19974] syz.5.5589: attempt to access beyond end of device
[  438.577454][T19974] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  438.593539][T19974] syz.5.5589: attempt to access beyond end of device
[  438.593539][T19974] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  438.612081][T19922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  438.624640][T19980] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5595'.
[  438.628498][T19922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  438.658910][T19922] team0: Port device team_slave_0 added
[  438.665517][T19922] team0: Port device team_slave_1 added
[  438.685181][T19922] batman_adv: batadv0: Adding interface: batadv_slave_0
[  438.685194][T19922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.685351][T19922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  438.686512][T19922] batman_adv: batadv0: Adding interface: batadv_slave_1
[  438.686528][T19922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.686689][T19922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  438.742758][T19922] hsr_slave_0: entered promiscuous mode
[  438.743308][T19922] hsr_slave_1: entered promiscuous mode
[  438.743756][T19922] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  438.743771][T19922] Cannot create hsr debugfs directory
[  438.846388][   T36] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  438.908975][T19922] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.003937][T19991] FAULT_INJECTION: forcing a failure.
[  439.003937][T19991] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  439.017203][T19991] CPU: 0 UID: 0 PID: 19991 Comm: syz.4.5599 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  439.017237][T19991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  439.017253][T19991] Call Trace:
[  439.017261][T19991]  <TASK>
[  439.017271][T19991]  __dump_stack+0x1d/0x30
[  439.017301][T19991]  dump_stack_lvl+0xe8/0x140
[  439.017323][T19991]  dump_stack+0x15/0x1b
[  439.017399][T19991]  should_fail_ex+0x265/0x280
[  439.017455][T19991]  should_fail+0xb/0x20
[  439.017487][T19991]  should_fail_usercopy+0x1a/0x20
[  439.017506][T19991]  _copy_to_user+0x20/0xa0
[  439.017528][T19991]  simple_read_from_buffer+0xb5/0x130
[  439.017578][T19991]  proc_fail_nth_read+0x100/0x140
[  439.017604][T19991]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  439.017701][T19991]  vfs_read+0x19d/0x6f0
[  439.017733][T19991]  ? __rcu_read_unlock+0x4f/0x70
[  439.017798][T19991]  ? __fget_files+0x184/0x1c0
[  439.017837][T19991]  ksys_read+0xda/0x1a0
[  439.017868][T19991]  __x64_sys_read+0x40/0x50
[  439.017899][T19991]  x64_sys_call+0x2d77/0x2fb0
[  439.018004][T19991]  do_syscall_64+0xd0/0x1a0
[  439.018103][T19991]  ? clear_bhb_loop+0x40/0x90
[  439.018131][T19991]  ? clear_bhb_loop+0x40/0x90
[  439.018234][T19991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.018262][T19991] RIP: 0033:0x7f8f5190d37c
[  439.018278][T19991] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  439.018345][T19991] RSP: 002b:00007f8f4ff77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  439.018363][T19991] RAX: ffffffffffffffda RBX: 00007f8f51b35fa0 RCX: 00007f8f5190d37c
[  439.018375][T19991] RDX: 000000000000000f RSI: 00007f8f4ff770a0 RDI: 0000000000000004
[  439.018410][T19991] RBP: 00007f8f4ff77090 R08: 0000000000000000 R09: 0000000000000000
[  439.018424][T19991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  439.018439][T19991] R13: 0000000000000000 R14: 00007f8f51b35fa0 R15: 00007ffc8b7e61f8
[  439.018464][T19991]  </TASK>
[  439.234519][T19993] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5600'.
[  439.249326][T19922] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.306888][T19922] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.320651][T19996] program syz.4.5601 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  439.409621][T19922] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.478499][T19922] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  439.487588][T19922] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  439.497404][T19922] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  439.506505][T19922] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  439.564111][T19922] 8021q: adding VLAN 0 to HW filter on device bond0
[  439.578011][T19922] 8021q: adding VLAN 0 to HW filter on device team0
[  439.589912][ T7416] bridge0: port 1(bridge_slave_0) entered blocking state
[  439.597104][ T7416] bridge0: port 1(bridge_slave_0) entered forwarding state
[  439.610057][ T7428] bridge0: port 2(bridge_slave_1) entered blocking state
[  439.617204][ T7428] bridge0: port 2(bridge_slave_1) entered forwarding state
[  439.681966][T20011] bridge0: the hash_elasticity option has been deprecated and is always 16
[  439.693385][T20011] bridge0: port 2(bridge_slave_1) entered disabled state
[  439.700975][T20011] bridge0: port 1(bridge_slave_0) entered disabled state
[  439.746467][T19922] 8021q: adding VLAN 0 to HW filter on device batadv0
[  439.807575][T20022] loop5: detected capacity change from 0 to 512
[  439.821255][T20022] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  439.843043][T20022] EXT4-fs (loop5): 1 truncate cleaned up
[  439.856840][T20022] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  439.880846][   T29] kauditd_printk_skb: 392 callbacks suppressed
[  439.880861][   T29] audit: type=1400 audit(1747450337.946:21130): avc:  denied  { write } for  pid=20021 comm="syz.5.5610" name="/" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  439.884721][T19922] veth0_vlan: entered promiscuous mode
[  439.887195][   T29] audit: type=1400 audit(1747450337.946:21131): avc:  denied  { add_name } for  pid=20021 comm="syz.5.5610" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  439.919870][T19922] veth1_vlan: entered promiscuous mode
[  439.935632][   T29] audit: type=1400 audit(1747450337.946:21132): avc:  denied  { create } for  pid=20021 comm="syz.5.5610" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  439.951461][T19922] veth0_macvtap: entered promiscuous mode
[  439.969633][T19922] veth1_macvtap: entered promiscuous mode
[  439.991146][T19922] batman_adv: batadv0: Interface activated: batadv_slave_0
[  440.004790][T19922] batman_adv: batadv0: Interface activated: batadv_slave_1
[  440.024368][T19922] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  440.033248][T19922] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  440.042098][T19922] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  440.050978][T19922] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  440.060333][   T29] audit: type=1400 audit(1747450338.116:21133): avc:  denied  { read write } for  pid=20021 comm="syz.5.5610" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  440.083305][   T29] audit: type=1400 audit(1747450338.116:21134): avc:  denied  { open } for  pid=20021 comm="syz.5.5610" path="/204/bus/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  440.107088][   T29] audit: type=1400 audit(1747450338.116:21135): avc:  denied  { ioctl } for  pid=20021 comm="syz.5.5610" path="/204/bus/file1" dev="loop5" ino=15 ioctlcmd=0x5441 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  440.137528][   T29] audit: type=1400 audit(1747450338.136:21136): avc:  denied  { append } for  pid=20005 comm="syz.1.5606" name="hwrng" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  440.148366][ T9585] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  440.183842][T20022] lo speed is unknown, defaulting to 1000
[  440.230523][   T29] audit: type=1400 audit(1747450338.286:21137): avc:  denied  { create } for  pid=20005 comm="syz.1.5606" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  440.250443][   T29] audit: type=1400 audit(1747450338.286:21138): avc:  denied  { setopt } for  pid=20005 comm="syz.1.5606" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  440.309631][T20032] loop4: detected capacity change from 0 to 164
[  440.340715][T20032] syz.4.5611: attempt to access beyond end of device
[  440.340715][T20032] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  440.366626][   T29] audit: type=1400 audit(1747450338.386:21139): avc:  denied  { mounton } for  pid=19922 comm="syz-executor" path="/root/syzkaller.jqwJ8f/syz-tmp" dev="sda1" ino=2061 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  440.390689][T20036] loop3: detected capacity change from 0 to 512
[  440.399084][T20032] syz.4.5611: attempt to access beyond end of device
[  440.399084][T20032] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  440.431957][T20036] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  440.470085][T20036] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.5573: invalid block
[  440.482557][T20036] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.5573: invalid indirect mapped block 4294967295 (level 1)
[  440.482770][T20036] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.5573: invalid indirect mapped block 4294967295 (level 1)
[  440.483022][T20036] EXT4-fs (loop3): 2 truncates cleaned up
[  440.483437][T20036] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  440.604428][T20036] EXT4-fs (loop3): shut down requested (2)
[  440.604706][T20036] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=11
[  440.618767][T19922] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  440.619261][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.278855][T20075] 9pnet_fd: Insufficient options for proto=fd
[  441.335368][T20081] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5630'.
[  441.376558][ T7428] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  441.527444][T20087] loop4: detected capacity change from 0 to 164
[  441.542621][T20095] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5636'.
[  441.564694][   T36] IPVS: starting estimator thread 0...
[  441.578943][T20099] 9pnet_fd: Insufficient options for proto=fd
[  441.594368][T20087] syz.4.5632: attempt to access beyond end of device
[  441.594368][T20087] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  441.677710][T20100] IPVS: using max 2352 ests per chain, 117600 per kthread
[  441.693390][T20087] syz.4.5632: attempt to access beyond end of device
[  441.693390][T20087] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  441.723545][T20110] loop5: detected capacity change from 0 to 512
[  441.735679][T20112] loop3: detected capacity change from 0 to 512
[  441.746673][T20112] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  441.755338][T20110] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  441.768773][T20112] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.5645: invalid block
[  441.791989][T20110] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  441.792354][T20110] EXT4-fs (loop5): 1 truncate cleaned up
[  441.792809][T20110] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  441.802247][T20110] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5644'.
[  441.843263][T20112] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.5645: invalid indirect mapped block 4294967295 (level 1)
[  441.860122][T20112] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.5645: invalid indirect mapped block 4294967295 (level 1)
[  441.860577][T20112] EXT4-fs (loop3): 2 truncates cleaned up
[  441.860968][T20112] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  441.876741][T20112] EXT4-fs (loop3): shut down requested (2)
[  441.876977][T20112] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=11
[  441.931185][T19922] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.968207][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  442.030495][T20129] loop5: detected capacity change from 0 to 512
[  442.032304][T20129] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  442.033465][T20132] 9pnet_fd: Insufficient options for proto=fd
[  442.052511][T20129] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  442.096869][T20129] EXT4-fs (loop5): 1 truncate cleaned up
[  442.097316][T20129] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  442.100673][T20129] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5652'.
[  442.151529][T20145] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5658'.
[  442.164820][T17023] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  442.176061][T20143] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.188188][T20145] FAULT_INJECTION: forcing a failure.
[  442.188188][T20145] name failslab, interval 1, probability 0, space 0, times 0
[  442.201098][T20145] CPU: 1 UID: 0 PID: 20145 Comm: syz.1.5658 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  442.201182][T20145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  442.201199][T20145] Call Trace:
[  442.201205][T20145]  <TASK>
[  442.201214][T20145]  __dump_stack+0x1d/0x30
[  442.201283][T20145]  dump_stack_lvl+0xe8/0x140
[  442.201311][T20145]  dump_stack+0x15/0x1b
[  442.201336][T20145]  should_fail_ex+0x265/0x280
[  442.201375][T20145]  should_failslab+0x8c/0xb0
[  442.201495][T20145]  __kmalloc_noprof+0xa5/0x3e0
[  442.201522][T20145]  ? fib_create_info+0xbb1/0x1980
[  442.201571][T20145]  fib_create_info+0xbb1/0x1980
[  442.201619][T20145]  fib_table_insert+0x60/0xeb0
[  442.201646][T20145]  ? fib_trie_table+0xd0/0xf0
[  442.201728][T20145]  ? fib_new_table+0x1ac/0x1c0
[  442.201761][T20145]  inet_rtm_newroute+0xab/0x140
[  442.201838][T20145]  ? __pfx_inet_rtm_newroute+0x10/0x10
[  442.201895][T20145]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  442.201928][T20145]  netlink_rcv_skb+0x123/0x220
[  442.201968][T20145]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  442.202098][T20145]  rtnetlink_rcv+0x1c/0x30
[  442.202123][T20145]  netlink_unicast+0x59e/0x670
[  442.202159][T20145]  netlink_sendmsg+0x58b/0x6b0
[  442.202189][T20145]  ? __pfx_netlink_sendmsg+0x10/0x10
[  442.202275][T20145]  __sock_sendmsg+0x142/0x180
[  442.202312][T20145]  ____sys_sendmsg+0x31e/0x4e0
[  442.202341][T20145]  ___sys_sendmsg+0x17b/0x1d0
[  442.202456][T20145]  __x64_sys_sendmsg+0xd4/0x160
[  442.202481][T20145]  x64_sys_call+0x2999/0x2fb0
[  442.202501][T20145]  do_syscall_64+0xd0/0x1a0
[  442.202527][T20145]  ? clear_bhb_loop+0x40/0x90
[  442.202553][T20145]  ? clear_bhb_loop+0x40/0x90
[  442.202615][T20145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.202640][T20145] RIP: 0033:0x7f76ed48e969
[  442.202658][T20145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  442.202681][T20145] RSP: 002b:00007f76ebaf7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  442.202707][T20145] RAX: ffffffffffffffda RBX: 00007f76ed6b5fa0 RCX: 00007f76ed48e969
[  442.202720][T20145] RDX: 0000000000040080 RSI: 0000200000000080 RDI: 0000000000000003
[  442.202732][T20145] RBP: 00007f76ebaf7090 R08: 0000000000000000 R09: 0000000000000000
[  442.202744][T20145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  442.202889][T20145] R13: 0000000000000000 R14: 00007f76ed6b5fa0 R15: 00007ffd187f1cd8
[  442.202913][T20145]  </TASK>
[  442.509586][T20155] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5663'.
[  442.518617][T20155] tipc: Invalid UDP bearer configuration
[  442.518633][T20155] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  442.569210][T20156] macvtap0: entered promiscuous mode
[  442.572710][T20149] infiniband syz!: set active
[  442.577113][T20156] macvtap0: left promiscuous mode
[  442.579279][T20149] infiniband syz!: added team_slave_0
[  442.598935][T20149] RDS/IB: syz!: added
[  442.603025][T20149] smc: adding ib device syz! with port count 1
[  442.609471][T20157] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  442.611234][T20149] smc:    ib device syz! port 1 has pnetid 
[  442.692944][T20168] 9pnet_fd: Insufficient options for proto=fd
[  442.775478][T20176] ==================================================================
[  442.783607][T20176] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  442.790922][T20176] 
[  442.793254][T20176] write to 0xffff8881035c7800 of 8 bytes by task 20170 on cpu 0:
[  442.801066][T20176]  mas_wmb_replace+0x20e/0x14a0
[  442.806028][T20176]  mas_wr_store_entry+0x17ae/0x2b60
[  442.811331][T20176]  mas_store_prealloc+0x74d/0x9e0
[  442.816518][T20176]  vma_iter_store_new+0x1c5/0x200
[  442.821709][T20176]  vma_complete+0x125/0x570
[  442.826241][T20176]  __split_vma+0x54c/0x610
[  442.830700][T20176]  vma_modify+0x107/0x210
[  442.835074][T20176]  vma_modify_flags+0x101/0x130
[  442.839992][T20176]  mprotect_fixup+0x2cc/0x570
[  442.844690][T20176]  do_mprotect_pkey+0x6d6/0x980
[  442.849561][T20176]  __x64_sys_mprotect+0x48/0x60
[  442.854431][T20176]  x64_sys_call+0x2794/0x2fb0
[  442.859212][T20176]  do_syscall_64+0xd0/0x1a0
[  442.863772][T20176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.869690][T20176] 
[  442.872025][T20176] read to 0xffff8881035c7800 of 8 bytes by task 20176 on cpu 1:
[  442.879670][T20176]  mas_state_walk+0x119/0x650
[  442.884368][T20176]  mas_walk+0x30/0x120
[  442.888451][T20176]  lock_vma_under_rcu+0xa2/0x2f0
[  442.893410][T20176]  do_user_addr_fault+0x233/0x1090
[  442.898644][T20176]  exc_page_fault+0x54/0xc0
[  442.903159][T20176]  asm_exc_page_fault+0x26/0x30
[  442.908110][T20176] 
[  442.910472][T20176] value changed: 0xffff8881045b4d41 -> 0xffff8881035c7800
[  442.917677][T20176] 
[  442.920003][T20176] Reported by Kernel Concurrency Sanitizer on:
[  442.926161][T20176] CPU: 1 UID: 0 PID: 20176 Comm: syz.5.5670 Not tainted 6.15.0-rc6-syzkaller-00208-g3c21441eeffc #0 PREEMPT(voluntary) 
[  442.938684][T20176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  442.948938][T20176] ==================================================================
[  444.499153][T20143] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.549825][T20143] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.598927][T20143] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.662370][T20143] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  444.673941][T20143] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  444.685246][T20143] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  444.696786][T20143] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  447.136590][ T7428] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  448.416512][   T23] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration