last executing test programs:

23.391839707s ago: executing program 1 (id=1294):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/vlan/vlan1\x00')
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f00000000c0)={'NETMAP\x00'}, &(0x7f0000000100)=0x1e)
r1 = socket(0x2, 0x2, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
timer_create(0x3, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000902, &(0x7f0000000080)=@filename='./file0\x00', 0x0, &(0x7f00000002c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigqueueinfo(0x0, 0x21, 0x0)
timer_gettime(r2, &(0x7f0000000100))
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r1, 0x8983, &(0x7f0000000000)={0x1, 'vlan1\x00', {}, 0xc2c})
socket$nl_route(0x10, 0x3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x200000, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

23.268906737s ago: executing program 1 (id=1296):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c00"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000ff1f20207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x20050800)

23.250538799s ago: executing program 1 (id=1297):
r0 = syz_io_uring_setup(0x13e, &(0x7f0000000640)={0x0, 0xaddb, 0x10100, 0x1, 0x92}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r0, 0xd81, 0x0, 0x0, 0x0, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r6, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
ioctl$TIOCMIWAIT(r5, 0x545c, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r4)

22.381536758s ago: executing program 1 (id=1306):
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000c40), 0x2, 0x4a7, &(0x7f0000001140)="$eJzs3EtvG0UcAPD/bl59hZhSXm2hhoKIeCRNWqAHJB4CqRckJDiUY0jTqjRtUBMkWkU0IFSOqJ+gcETiE3CCCwIkJBBXuCOkCuXS0gNatLY3dRI7OGkc0+T3k1zPeGZ3ZnY969mZbgLYssr5P0nEroj4LSIGqtHFGcrVtxvzs+N/z8+OJ5Flb/6VVPJdn58dL7IW2+2sRQbTiPSTJPY1KHf6wsUzY5OTE+dr8eGZs+8NT1+4+Mzps2OnJk5NnBs9evTI4ZHnnxt9dl3a2Z/Xde+HU/sfPPb2ldfHj19554ev8vruqqVfn5/tXbxFqQjsjYhs6f5eaqHMcpQXH8s6j6+u+v97/XXhpLuDFWFVuiIiP109lf4/EF1x6+QNxGsfR6QdrR/QPlmWZX3LPs2vCtvzwFwGbGJJdLoGQGcUv/j5fXzx2uAhSEdde7l6A5S3+0btVU3prtz5lEvVe6P+NpVfjgMRcfPq8bmbV2PJfAoAQDt8k49/nm40/kvjvrp8d9XWhkoRcXdE7I6IeyJiT0TcG1HJe39EPNBqwUnjpZHl459ftq+xaS3Jx38v1Na2Fo//Fua9S121WH+l/T3JydOTE4dqx2Qwevry+MgKZXz76q+fNUsrR0Q+9iteefnFWLBWjz+7l0zQnRibGbudNte7diBib3ej9icLKwFJbFvz/vNjdvrJL/c3S//v9q9gHdaZsi8inqie/7lY0v5CsvL65PC2mJw4NFx8K5b78efLbzQr/7bavw6ufRSxo+H3f6H9paR+vXZ61UV0X/7906b3NGv9/vcmb1XCxaLtB2MzM+dHInqTueWfj97atogX+fP2Dx5s3P93R/zzeW27fRGRf4kfioiHIyp3bXndH4mIRyPi4AoH4PtXHns3f/9pTe1vr7z9J1Z1/usDPbH0k0aBrjPffd2s/NbO/5FKaLD2SSvXv2rhxXWreQXXetwAAADgTpJW/g98kkRU50121aXtiR3p5NT0zFMnp94/d6KaVoqetJjpGqibDx2pzQ0X8dEl8cOVeeMsy7LtlfjQ+NRku9bUgdbsrPb/dGjhWpCmQ0PVtD+6Fud9sSM1BNpqVetozZ5oA+5IrfV/HR82o4X+v/xJwILOD5tUtf93DXS6HsDG8/daYOtq1P8vRdzoQFWADeb3H7Yu/R+2rtX2/1Kb6gFsPL//sCUtfiS+N1p4nL+lwO5j67OfzR/o6nQ1+ta2eaQdP3TLA0mDpLRB5rTlPfeuS8VipTx9EdHqDi/FRh3MTl+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1se/AQAA//++KOKq")
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$binder(&(0x7f000000d000/0x4000)=nil, 0x4000, 0x1, 0x11, r2, 0x8000000000000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

22.243782749s ago: executing program 1 (id=1307):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r0, 0x4, 0x7c00)
dup3(r1, r0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x18)
sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000000106"], 0x2c}, 0x1, 0x0, 0x0, 0x40001d0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)

21.688534304s ago: executing program 1 (id=1318):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
unlink(&(0x7f0000000100)='./file0/file1\x00')

21.687834594s ago: executing program 32 (id=1318):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
unlink(&(0x7f0000000100)='./file0/file1\x00')

1.834380343s ago: executing program 4 (id=1723):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x20050800)

1.821678144s ago: executing program 4 (id=1724):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRESDEC=r0], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000780), 0xffffffffffffffff) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}]}, @NFT_MSG_NEWSETELEM={0x44, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_DATA={0x8, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd8}}, 0x0) (async)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x44, r4, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0x39}}, @FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}, @FOU_ATTR_TYPE={0x5, 0x4, 0x3}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e22}, @FOU_ATTR_PEER_V4={0x8, 0x8, @dev={0xac, 0x14, 0x14, 0x36}}, @FOU_ATTR_PEER_V4={0x8, 0x8, @empty}]}, 0x44}, 0x1, 0x0, 0x0, 0x44880}, 0x40044010) (async, rerun: 64)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) (rerun: 64)
write$binfmt_script(r6, &(0x7f0000000100), 0x208e24b) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) (rerun: 32)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r6, 0xc018937c, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r7=>r1, {0x4}}, './file0\x00'})
setsockopt$MRT6_ADD_MFC_PROXY(r7, 0x29, 0xd2, &(0x7f0000000380)={{0xa, 0x4e24, 0x80000001, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xffff7fff}, {0xa, 0x4e24, 0x4, @mcast2, 0xffff}, 0xffffffffffffffff, {[0x7, 0x80, 0x80000000, 0x3, 0x90, 0x1, 0xc6, 0x3]}}, 0x5c) (async)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r0, 0x0, 0x2}, 0x18)
r9 = socket$nl_route(0x10, 0x3, 0x0) (async)
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000c80)={'lo\x00', <r11=>0x0})
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r12}, 0x10) (async)
syz_emit_ethernet(0x4e, &(0x7f00000009c0)={@local, @random="fad1e048716e", @void, {@ipv4={0x800, @udp={{0xe, 0x4, 0x0, 0x3, 0x40, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp_addr={0x44, 0x24, 0x7, 0x1, 0x8, [{@multicast2, 0x8}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x5}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1}, {@local, 0x8}]}]}}, {0x0, 0x4e20, 0x8}}}}}, 0x0) (async, rerun: 64)
sendmsg$nl_route_sched(r9, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001240)=@newqdisc={0x44, 0x24, 0x1, 0x0, 0x4, {0x0, 0x0, 0x0, r11, {0x0, 0xd}, {0xffff, 0x5}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x9, 0xc1, 0x2}}}}]}, 0x44}}, 0x0) (async, rerun: 64)
fstat(r8, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
r14 = syz_io_uring_setup(0x1c44, &(0x7f0000000240)={0x0, 0x59fc, 0x80, 0x3, 0xbd7f7fff}, &(0x7f0000000480)=<r15=>0x0, &(0x7f00000001c0)=<r16=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r15, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4) (async, rerun: 64)
syz_io_uring_submit(r15, r16, &(0x7f0000000180)=@IORING_OP_MKDIRAT={0x25, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}) (async, rerun: 64)
io_uring_enter(r14, 0x5535, 0x3acd, 0x22, 0x0, 0x0) (async)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000680)={{{@in=@remote, @in=@multicast1, 0x4e24, 0x1, 0x4e23, 0x7582, 0x2, 0xe0, 0x0, 0x11, r11, r13}, {0xffffffff, 0x401, 0x8, 0x6, 0x10, 0x3, 0x6, 0x6}, {0x9, 0x8, 0x5, 0x9}, 0x8c1, 0x6e6bb1, 0x0, 0x0, 0x1, 0x2}, {{@in=@loopback, 0x4d2, 0xff}, 0x2, @in6=@private0, 0x3507, 0x2, 0x1, 0x6, 0x907, 0x7, 0x9f}}, 0xe8)

1.758694779s ago: executing program 4 (id=1726):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001002dbd700000060000e0000002000000000000000000000000e000000100000000000000000000000000000006230000000a00800032000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcfffffffffffffffbffffffffffffff00000000000000000500000000000000000000000000000000004000"/112], 0xb8}}, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f000014e000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xfa50, 0x0, 0x0, 0x0, 0x48}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r5, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x15, 0x1, 0x0, 0x25dfdbff, {{@in=@multicast1=0xe0000002, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0xfffffffffffffffc}, 0x0, 0x6e6bb5}}, 0xb8}}, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/crash_elfcorehdr_size', 0x109200, 0x80)
write$char_usb(r6, &(0x7f0000000040)='=t', 0x2)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000080)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
ftruncate(0xffffffffffffffff, 0x2000009)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r7, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

1.535342507s ago: executing program 0 (id=1731):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000005"], 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f00000002c0)='./file0\x00', 0xfe)

1.504782029s ago: executing program 0 (id=1732):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000000028005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d0000000400000007000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
r2 = syz_open_dev$evdev(&(0x7f0000000140), 0x0, 0x0)
ioctl$EVIOCGMASK(r2, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
ioctl$EVIOCGABS0(r2, 0x80184540, 0x0)
r3 = syz_clone3(&(0x7f00000004c0)={0x8040, &(0x7f00000001c0), &(0x7f0000000240), &(0x7f0000000280), {0x19}, &(0x7f00000003c0)=""/129, 0x81, &(0x7f0000000580)=""/198, &(0x7f0000000480)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x4}, 0x58)
move_pages(r3, 0x7, &(0x7f0000000680)=[&(0x7f0000ffd000/0x1000)=nil, &(0x7f00006a8000/0x1000)=nil, &(0x7f00004ac000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000582000/0x3000)=nil, &(0x7f000023e000/0x4000)=nil], 0x0, &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000200)=0x8, 0x4)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa2586dd6000000000140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5002080094780000"], 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000940)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x7fe, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x5}}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000540)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x28, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x6071, 0x0, 0xe7}}}}}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r6=>0x0})
bind$can_raw(r4, &(0x7f00000000c0)={0x1d, r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="e58f38366899f4fee6dbd3ec69823742f82a9e52152e745ccf0e35f7f4ca3b218b5013a4a73cf40402f0706c7c31fa", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r8}, &(0x7f0000000800), &(0x7f0000000840)=r9}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r10}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='itimer_state\x00', r7}, 0x18)
setitimer(0x1, 0x0, 0x0)
close(r4)

1.414570987s ago: executing program 3 (id=1735):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000200)='kmem_cache_free\x00'}, 0x18)
timer_create(0x0, 0x0, &(0x7f0000000300)=<r0=>0x0)
timer_gettime(r0, &(0x7f00000002c0))

1.413857147s ago: executing program 3 (id=1736):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
syz_read_part_table(0x618, &(0x7f0000002200)="$eJzs3D+IFGcUAPC3dzc7dwqehUWwiWctBMXSK6LsbQwGZE0IHBb5iwhXXeBgQxY3eEVyheIWYplGApviXKvoFVY5FFIHsTAIW9gETBNiipsws3O3GzgOEjaE4O9XfN/bnTfvzQfTvgn+1yYiKaMsLbY3PtozP5sdxu14r1tbOJtlWfZuRCUuRhJzyYFeRExF9G6NVI2jEbF/pM7tb/ZtfP3rW0n3yYVktH470jiY51YjL1ma2e1R0r99WMZufX5z9urqcv1a/qPe6m+9H3HnRa1x79xapzeZnPkk//9KxMMyf6pYZya27/9wKv5yZQ9fDsPKaP/tl+Py43qrf6v77PjW4frk95dOvTyycf3BiYiVvPL5KF72oeo/P/Oo9fnNrFT0X5m7sdhpnT5299DNk837jxrPJ38vLw9aToynLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/5L1fFmtxrXm/OXH9Vb/q59+fOfOi1rj3rm1Tu/t6pmnlUHewzJ/qtw/i2Z8HklELMVSfBrLu5d/bSc6sBMtVkb7z2/OXl1drg/6/7Ev4tnxrcP17sylUy8XNq4/OFFkVWI63ybGevRd+rf6K3M3Fjut08fuHrp5snn/UeP55CBvKY2Pi+NGRDr+xwAAAAAAAAAAAAAAAAAAAOAVV1s4e+T8m42DeXxxOiJ++aKYss/Sme+imLwfOFruT9PBKP/t6cG3ALpPLvxW/eCHtZ/Lofh2pNGOiP3fJhHx+k6fK8W6/fWASIaV+S/9GQAA///p7o1q")
creat(&(0x7f0000000100)='./bus\x00', 0x8c)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1919049, 0x0, 0x1, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
readv(r3, &(0x7f0000000180)=[{&(0x7f0000000000)=""/34, 0x22}, {0x0}], 0x2)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x24, 0x1402, 0x1, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz0\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000841}, 0x20000000)

1.37605912s ago: executing program 3 (id=1737):
socket$packet(0x11, 0xa, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x3a, &(0x7f0000000040)=0x2, 0x4)
setsockopt$inet6_IPV6_DSTOPTS(r2, 0x29, 0x3b, &(0x7f0000000000)=ANY=[], 0x8)
sendto$inet6(r2, 0x0, 0x0, 0x20000004, &(0x7f00000000c0)={0xa, 0x2}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x2a}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}}, 0x8000)
socket$packet(0x11, 0xa, 0x300)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410884, &(0x7f00000001c0)={[{@nouid32}, {@acl}]}, 0x2, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r4, 0xc0c0583b, &(0x7f0000000e00)=ANY=[])
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
socket$packet(0x11, 0xa, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = socket$netlink(0x10, 0x3, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x18)
sendmsg$DEVLINK_CMD_RATE_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x14, 0x0, 0x1, 0x0, 0x25dfdbfb, {0x25}}, 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x8000)

1.277414027s ago: executing program 5 (id=1740):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x80049367, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
lremovexattr(0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_setup(0x1, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x1, 0x6}, 0x2, 0x0, 0x2, 0x5, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x5412, 0xfffffffc, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000000)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x100000000000000, 0x2}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat$selinux_status(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.070510094s ago: executing program 5 (id=1741):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
semctl$IPC_INFO(0x0, 0x1, 0x3, &(0x7f00000001c0)=""/17)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000400000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000040)={0xfffffff8, 0x401, 0xfffffffd, 0xc4cf, 0x7, "0441d3e189e87fe30600000000000f000200", 0x4, 0x200})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000340)=0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x10)
readahead(0xffffffffffffffff, 0x3, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x8, 0x51031, 0xffffffffffffffff, 0x0)

1.070120734s ago: executing program 5 (id=1742):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r1, 0x0, 0x40)
connect$inet(r0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r5}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r6, 0x8922, &(0x7f0000000080)={'dummy0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x42, &(0x7f0000000180)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@end]}}, @parameter_prob={0xc, 0x0, 0x0, 0x7, 0x7, 0x0, {0x5, 0x4, 0x1, 0x8, 0x1, 0x68, 0x4, 0xe, 0x32, 0xff4a, @local, @private=0xa010102}}}}}}, 0x0)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r9, &(0x7f0000000100)={0xa, 0x4e22, 0x6}, 0x1c)
listen(r9, 0x3)
syz_emit_ethernet(0x42, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0x0, 0x0, 0x1000, {[@timestamp={0x8, 0xa, 0x4}]}}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000600)='percpu_free_percpu\x00', r8}, 0x18)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48)
accept4$phonet_pipe(0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180)=0x10, 0x180000)
r10 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

934.702505ms ago: executing program 5 (id=1743):
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000400)={'syztnl2\x00', &(0x7f0000000580)={'gretap0\x00', 0x0, 0x1, 0x40, 0x8001, 0x800, {{0x10, 0x4, 0x1, 0x1c, 0x40, 0x67, 0x0, 0x5, 0x2f, 0x0, @multicast1, @empty, {[@ra={0x94, 0x4}, @end, @cipso={0x86, 0x24, 0x3, [{0x7, 0xf, "a094b1be3203f3e9dca94bed9e"}, {0x7, 0xf, "bbd0474a00d757adaab7047c59"}]}]}}}}})
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_team\x00'})
sendmsg$nl_route_sched(r1, 0x0, 0x20000000)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0xffffffff}]}}]}, 0x40}}, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4004)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r6, 0x0, 0x0, 0x1, 0x3000)
msgrcv(r6, 0x0, 0x0, 0x1, 0x0)
msgctl$IPC_RMID(r6, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x40090)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x38, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x60}, 0x1, 0x0, 0x0, 0x4000850}, 0x4004804)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000020000000000002000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kfree\x00', r8}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r7}, 0x18)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r10 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
ioctl$LOOP_CONFIGURE(r10, 0x4c0a, &(0x7f0000000c80)={r9, 0x0, {0x2a00, 0x80010000, 0x0, 0x400000000000005, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179f10f8a0e91ddaaca7bd64e4a6cd88602a1260a1af1ea09de2b7fb0a0100000000000000000300000000000000000000b5c14a2900", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

927.711816ms ago: executing program 4 (id=1744):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x43, 0x0, 0x0, 0x0, 0x0, 0x10100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xf}, 0x0, 0x0, 0xffffffff, 0x6, 0xbcc, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x8000000}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000340)='cpu\t&0&<\t') (fail_nth: 6)

908.061137ms ago: executing program 0 (id=1745):
socket$netlink(0x10, 0x3, 0x10) (async)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r1}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0))
syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r2 = syz_clone(0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r2, 0x0) (async)
syz_pidfd_open(r2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
pipe2$9p(&(0x7f0000000040), 0x0) (async)
pipe2$9p(&(0x7f0000000040), 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x4)
syz_open_procfs(0x0, &(0x7f0000000440)='projid_map\x00')
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000080)={r3, 0xffffffffffffffff, 0x5, 0x2})
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1) (async)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x401800, 0x4b)
r4 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

606.396681ms ago: executing program 2 (id=1746):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r2=>0x0)
io_submit(r2, 0x2, &(0x7f0000000800)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x1, r1, 0x0, 0x0, 0x2, 0x0, 0x0, r1}])
r3 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x84, 0x0, 0x0)
setfsuid(0x0)

606.122791ms ago: executing program 0 (id=1747):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="010000ada6e14800"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="040000000400000004", @ANYRES32=r2, @ANYRES8=r3, @ANYRES16=r3], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
write$selinux_context(r5, &(0x7f0000000340)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
r6 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@keyring={'key_or_keyring:', r6})

605.330791ms ago: executing program 5 (id=1748):
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

552.788526ms ago: executing program 4 (id=1749):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket(0x1000000010, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001580)=@deltfilter={0x24, 0x2d, 0x1, 0x2, 0x20000000, {0x0, 0x0, 0x0, 0x0, {0x0, 0xa}}}, 0x24}}, 0x0)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001180)="390000fa461ad7e48489bffa56020040001118680907071200000f0000ff3f21000000170a001700006edc000000000000000000ff271400100003000131d7b2d0370a00f302415af0083f52", 0x4c}], 0x1)
r1 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
setreuid(0x0, 0xee00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r1])
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000016c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe40400000056bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a05cbee30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c3157f00000000000000a06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c3630000000002232017810e743bdaf879946547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e6dafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e097585ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb50409fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4d8521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060fd2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3bca426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e4a9f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db00000000000001f915268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00000021f8547d393dabe616fbbde21c90be00b5a22671395c7a69c6dd4d022ffc97ddb6aa025131652d409da1d8cfc3d219d4b1c1b7b8170d7c33d91db2b73f7ae02485a209a2474b5d0790d05c01bec623056e4d3f4d3149373a28b26a15a1fcce73d57e6eaf7e6f315fe275ebc9ef7aeca277dde01dde724f419803a2172a7833ceab38d21ca4f1dea5e1f4d8824167b21dd289dd4e6ecfba9e163bdbc48e1e758ecde000006c06d4d551e81ee73459cf1c00000000000000000000628a663ed417be6ff5b172cba4a1ec629a39ec253c087b1e9ce84e25b8717ae8581bf28c16a8bbda8d69358e885ddf5387e419c64847b8953070cdefe7d6a35197638e929f8f3c005f9de3fe351def9ed5"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0xfffffffe}, 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e22, 0x4, @loopback, 0x1}, 0x1c)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x11, r5, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000080)='vegas\x00', 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x3}, 0x18)
r6 = socket$igmp6(0xa, 0x3, 0x3a)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000004700)={'team0\x00', <r9=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r7, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000680)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="000010000000000100000000000000", @ANYRES32=r9, @ANYBLOB="3c00028038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000c000000"], 0x58}, 0x1, 0xd00, 0x0, 0x4000401}, 0x4040084)
setsockopt$MRT6_ADD_MFC(r6, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @loopback, 0xa3c}, {0xa, 0xfffe, 0xfffffffd, @dev, 0x4}, 0x1000, {[0x9, 0x0, 0xfffffffe, 0xfffffef9, 0x0, 0x1, 0x2]}}, 0x5c)
r10 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x18, 0x2, {{0x0, 0x2, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0x7, 0xfffffff7, 0x101, 0x14, 0xd}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x0)

552.439075ms ago: executing program 5 (id=1750):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f00000002c0)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x41100, 0x49, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000040)={0xb4ff, 0x80, 0x3, 0x4, 0x9, "961000000a1001003ecd42e04f1ef9d500", 0x0, 0x8003})
ioctl$TIOCSTI(r0, 0x5412, 0x0)
socketpair$tipc(0x1e, 0x20f55309a2b51b, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, 0x0, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmsg$tipc(r2, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='%\x00\"\x00\a\x00\x00', @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000010018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000b40)={0x0, 0x0, 0x0}, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
ioctl$TIOCL_SETVESABLANK(r6, 0x560e, &(0x7f0000000140))
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000400)={0x5, 0x4, 0x9fcc})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{}, &(0x7f00000004c0), 0x0}, 0x20)
sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000001640)=ANY=[@ANYBLOB="658ce69005e13d7bea5dec43e2abc2c758ce12a0f43444d922facbf0d50ab3575eb27426b9417410afe89380ff6ce235413c6b6be8cd0bc5fa32a912615f18325f7790673464093b850ebf6106505eff1766e343fb83b94752fd39783512e01061cda33d1352731a4ceb1c45e7b18f144fd3fe588610ec5833d84bf0c00abec4430329", @ANYRES16=0x0, @ANYBLOB="080029bd7000fddbdf254b0000000400ec00bb012a0005ad80cdfe62bc2240c1fa4f128f54a70b2e5640961cd0191bc9a3b78928660bfe0ce05d89bb9bd91fe1d5d2a0908ff42e3b30e9e23eda788c4b1bce8334aaa98c65023c9e7f7e7e0d63f491ad102c76bd7accd5b01f978bd21aea7788de99473741c61479d3a815e3df3239b0a6cbe1747de02a301f054151a8a8adc8dd2e1f3cef430fe47efc9e389c58c2be9573922931003b37ce4ac6faa1cfca8260a054ada0dff833c18594d1eb5eb57b4952fa4cf9e8bba03e533e01023c040105300206028100825107800fff0f0000ffffffffffff0002000002000000000000800501ffffffffffff7f000000010802110000010600000004ffffffffffff02000000050802110000007f000000000802110000010500000000060101010101011001b1827d07060ef8e5022e08021100000009000200efffffff030000000900080202110000010000000000ffffffffffffaf00000001ffffffffffff05000000000802110000000100000000ffffffffffff0900000004080211000001fdffffff0508021100000000060202008c188b0db67ba97cc527c768311a34d092a187f9deb14749cfcc0008009e00200000000800dc00040000000600f7000704000008009e0000000000ab002a00bd060802110000002d1a80001a07000000000000000d001b0017000000000400000000e6376605013e72d459363d488591d905100822c18f734e8285f0488baadaec34810c01f56a40fe566bb1a944728e2ad9f2d566afd8cf32b2ade9274ba20858541aa80e06faefcbc3ed8213a065187a1b5518ea386b03127adab831a4029656a42f650eb6c52e5000043c040103ac02840203003c0401070840680408000700010324890500060098000d00000058008480540000800a0005000bf3f93eea1d00000c00068008000300040000002300010066e3e77df97310974fb51b106430268f9b7f29d860b942b0a2ae33cf2a7815000a000500080211000000000008000200080000006e"], 0x308}, 0x1, 0x0, 0x0, 0x4008800}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x81000)
prctl$PR_SET_SECUREBITS(0x1c, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x100009, &(0x7f0000000a40), 0x1, 0x55e, &(0x7f0000000a80)="$eJzs3c1rHOUfAPDvbJK+/35NoRQVkUAPVmo3TeJLBQ/1KFos6L0uyTSUbLoluylNLNge7MWLFEHEgnjXu8fiP+BfUdBCkRL04CUym9k0L7vJNt2ajfP5wITn2Znd5/nuzPfJMzuzbACFNZL9KUW8GBFfJRFHIyLJ1w1GvnJkZbulxzcnsyWJ5eWP/0ia22X11mu1nnc4r7wQEb98EXG6tLnd+sLiTKVaTefy+mhj9tpofWHxzJXZynQ6nV4dn5g49+bE+Dtvv9WzWF+7+Ne3H91//9yXJ5e++enhsbtJnI8j+bq1cTyDW2srIzGSvydDcX7DhmM9aKyfJLvdAXZkIM/zocjGgKMxkGc98N/3eUQsAwWVyH8oqNY8oHVu36Pz4D3j0XsrJ0Cb4x9c+WwkDjTPjQ4tJevOjLLz3eEetJ+18fPv9+5mS2z4HOJAD14foJNbtyPi7ODg5vEvyce/nTvbxTYb2yja/x/YTfez+c/r7eY/pdX5T7SZ/xxuk7s7sX3+lx72oJmOsvnfu23nv6sXrYYH8tr/mnO+oeTylWqajW3/j4hTMbQ/q291Pefc0oPlTuvWzv+yJWu/NRfM+/FwcP/650xVGpVniXmtR7cjXmo7/01W93/SZv9n78fFLts4kd57pdO67eN/vpZ/iHi17f5/ckUr2fr65GjzeBhtHRWb/XnnxK+d2t/t+LP9f2jr+IeTtddr60/fxvcH/k47rVsXf3R//O9LPmmW9+WP3ag0GnNjEfuSDzc/Pv7kua16a/ss/lMntx7/2h3/ByPi0y7jv3P8x5e7in+X9v/UU+3/py88+OCz7zq1393490azdCp/pJvxr9sOPst7BwAAAAAAAP2mFBFHIimVV8ulUrm8cn/H8ThUqtbqjdOXa/NXp6L5XdnhGCq1rnQfXXM/xFh+P2yrPr6hPhERxyLi64GDzXp5slad2u3gAQAAAAAAAAAAAAAAAAAAoE8c7vD9/8xvA7vdO+C585PfUFzb5n8vfukJ6Ev+/0NxyX8oLvkPxSX/objkPxSX/Ifikv9QXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeurihQvZsrz0+OZkVp+6vjA/U7t+Ziqtz5Rn5yfLk7W5a+XpWm26mpYna7PbvV61Vrs2Nh7zN0Ybab0xWl9YvDRbm7/auHRltjKdXkqH/pWoAAAAAAAAAAAAAAAAAAAAYG+pLyzOVKrVdE5BYUeFwf7oxp4vZNnYB91Y1x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6A//BAAA//8iuzYD")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r8 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6a000}], 0x1, 0x7000, 0x0, 0x3)

520.805488ms ago: executing program 4 (id=1751):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x28, 0x0, 0x0, 0xfff7f038}, {0x6}]}, 0x10)
sendmmsg$unix(r1, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x404c050}}], 0x1, 0xc002104)
perf_event_open$cgroup(&(0x7f0000000000)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x34000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0xc8, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_read_part_table(0x5d4, &(0x7f0000000000)="$eJzs279r02kcB/BPqiF3OrgIBy6nDg6HHCiOZlBJoqKQi3aRGxQUETNFECIXEHTQDIoZxNFFCln6Y2qaoVNLC517pUOPQocud7RLoUtzhD5dyg0tlx4cvF7w5cPzfN/f5/N8/oBv8L82FH/1er1MRPRyEd8d8uvhdqF462z5WuV+RKZ/WPz+8w+/9N/8mBL9U/vOp/VKWn/7eqL7fvNmtr18b+vCw5nm0N51IuJ1RJwc6QwPYj6O1mh+9tSbt7XSh3r+2VKpsfZuceHu2Eah0rnTbI3fzt54nHJzqR5P9UXU41U8j0dRjWo8idqA+n9pr17aOVNqTz69ul3sfpy+nHLlfznnQfu/PPfpQatx/eLE6c9X6lPzlfVju7lq7oguAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAQI3mZ0+9eVsrfajncxGx9m5x4e7YRqHSudNsjd/O3niccnOpHk/1RdTjVTyPR1GNajyJ2t6Bvd5B2n7/D/2fLZUaa1/aq5d2zpTak0+vbhe7H6cvp1x5UAPvs7//y3OfHrQa1y9OnP58pT41X1k/tpur5o7oAgAAAAAAAAAAAAAAAAAAABARheKts+VrlfsRmfg1In7687eh/n4v/e+eSbnzqa6k/W9fT3Tfb97MtpfvbV14ONP8I+2/Ts/Jkc7wfz4Mh/Z3AAAA///sR5Sb")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r4}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000fffe80"], 0xfdef)
recvmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0xffffffffffffffae}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0xfdef)

512.655319ms ago: executing program 2 (id=1752):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0) (fail_nth: 4)

512.219369ms ago: executing program 0 (id=1753):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000000540)=[{{&(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="14000000000000000000000600d2ea440411910000000000"], 0x18}}], 0x1, 0x200c4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x1010040, &(0x7f00000003c0)={[{@noquota}, {@debug}, {@jqfmt_vfsv0}, {@noauto_da_alloc}, {@usrquota}]}, 0x3, 0x4eb, &(0x7f0000001fc0)="$eJzs3d9rW20dAPDvSX9u62ynXsyBc+ikG7ikXd1WvJgVRK8Gznlfa5uW0rQpbbqtZUiHf4Ag/kKvvPJG8FoE2Z8gwkDvRUQZus0LL973zUuSk3ddlrYpa5q2+Xzg6XnOj57v90k4T/LkHM4JoGtdiYipiOiJiOsRMZwuz6Qltmulst2rl09mKyWJcvnBf5JI0mX1fSXp9Fz6b4MR8d1vR/wgeTfu+ubW0kyhkF9L53Ol5dXc+ubWjcXlmYX8Qn5lamL89uSdyVuTY4fW1rvf/OfPf/zbb93901ce/X3639d+WElrKF23sx2t2G5xu1rT+6qvRV1vRKwdJNgx1pO2p6/TiQAA0JLKd/xPR8QXI+L1rzqdDQAAANAO5a8PxQdJRBkAAAA4tTLVa2CTTDa9FmAoMplstnYN72fjbKbQHxHzxY2Vudq1siPRl5lfLOTH0muFR6IvqcyPV+tv5m82zE9ExIWI+Onwmep8drZYmOv0jx8AAADQJc41jP//N1wb/wMAAACnzMgBtm1yLy8AAADgBDjI+B8AAAA4mXYd/ye9R5sIAAAA0A7fuXevUsr151/PPdzcWCo+vDGXX1/KLm/MZmeLa6vZhWJxoXrPvuX99lcoFle/Gisbj3Ol/Hopt765Nb1c3FgpTVef6z2d95xoAAAAOHoXvvDsb0lEbH/tTLVU9KfrWhirT7U3O6CdMgfb3N0/4BTp6XQCQMc0XODb36k8gKPnfDywz8D+Zw3zB/zZAAAAOA5GP/de5/+dD4QTzEAeupfz/9C93OALupfz/9DlBvbfZHC3FX8+5FwAAIC2GaqWJJNNzwUORSaTzUacrz4WoC+ZXyzkxyLiUxHx1+G+gcr8eKeTBgAAAAAAAAAAAAAAAAAAAAAAAIATplxOogwAAACcahGZfyXpg/xHh68ONf4+0J/8f7g6jYhHv37wi8czpdLaeGX5fz9ZXvpluvxmfQkAAADQSfVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH6dXLJ7P1cpRxX3wjIkaaxe+Nwep08A/DEXH2dRK9O/4viYieQ4i//TQiLr4dvyeNMFJNrZZFY/xMRJxpU/xoMf65Q4gP3exZpf+Zqhx/fQ3HXyauVKfNj7/etLyvF1d26/8y9f6v2s816//O773rwXrl0vPf53aN/zTiUm/z/qceP3nP/vf739va2m1d+TcRo/t8/lRi5UrLq7n1za0bi8szC/mF/MrExPjtyTuTtybHcvOLhXz6t2mMn3z+jx/t1f6zTePX+t+92n/13d0NNIvx4fPHLz+zR/xrX2r+/l/cI37ltf9y+jlQWT9ar2/X6jtd/t1fLu/V/rld2r/f+39tt502uH7/R/9ocVMA4Aisb24tzRQK+bWTUYmofSs/Lvl0tnI+jkUaKq1VhtJjbseqnrYHvf9u0NYqneuTAACA9njzpb/TmQAAAAAAAAAAAAAAAAAAAED3avudzwbevrPAYOeaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwp48DAAD//85EyV0=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f0000000140)='2', 0x1, 0x8080c61)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRES32=r1], 0xb4}, 0x1, 0x0, 0x0, 0x400c0d1}, 0x0)
r3 = fsopen(&(0x7f0000000080)='bpf\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x48100)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r5}})
symlinkat(&(0x7f0000000000)='.\x00', r4, &(0x7f0000000140)='./file0\x00')
ioctl$RTC_AIE_OFF(r2, 0x7002)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x7, 0x3})
r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x400000)
ioctl$SG_IO(r7, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0x6, 0x1, @scatter={0x0, 0x0, 0x0}, &(0x7f00000004c0)="851666ce20db", 0x0, 0x10, 0x5bb727690d5f0ff6, 0x0, 0x0})
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)
close_range(0xffffffffffffffff, r8, 0x0)
readlinkat(r4, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f00000002c0)=""/204, 0xcc)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)=@generic={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x18)

447.840934ms ago: executing program 3 (id=1754):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r1, 0x0, 0xf7}, 0x18)
syz_emit_ethernet(0xf507bafb4ee0a4c7, 0x0, 0x0)

431.170255ms ago: executing program 2 (id=1755):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000008c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9feb}]})
r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r4, 0x400, 0x1)
fremovexattr(r4, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r5}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

358.488961ms ago: executing program 3 (id=1756):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x20050800)

139.842349ms ago: executing program 2 (id=1757):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) (async, rerun: 32)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x20, &(0x7f0000000140)={&(0x7f0000000080)=""/86, 0x56, <r1=>0x0, &(0x7f00000002c0)=""/222, 0xde}}, 0x10) (rerun: 32)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x1, 0x7fff0000}]}) (async, rerun: 64)
r2 = memfd_secret(0x80000) (rerun: 64)
fchownat(r2, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r3}, 0x10) (async)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10) (async)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x880)
r9 = socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r9, &(0x7f0000000000)={0x0, 0xffffffffffffffca, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES32=r0, @ANYBLOB="010000000000000000001200000008000800000000000800090000000000180001801400020076657468305f746f5f626f6e640000000800070000000000080006"], 0x4c}}, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="a1ab00000004000000003200000008001701"], 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x0)

114.981001ms ago: executing program 3 (id=1758):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='mm_page_alloc\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f00000001c0)=r4)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socketpair(0x29, 0x6, 0x40, &(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$SMC_PNETID_FLUSH(r5, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0x28, r6, 0x200, 0x70bd25, 0x25dfdbff, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x50}, 0x4020000)
write$cgroup_devices(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="1e03d3ffbc5cb601288763"], 0xffdd)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x900, 0xc3072, 0xffffffffffffffff, 0x0)

857.34µs ago: executing program 2 (id=1759):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x1}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x0, 0x0, 0xf9ff, 0x0, 0x7}}, &(0x7f0000000040)='GPL\x00', 0x2, 0x1000, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x14, &(0x7f00000000c0), 0x1, 0x10, &(0x7f0000000000), 0xa, 0x0, 0xffffffffffffffff, 0x4c}, 0x70)

416.66µs ago: executing program 2 (id=1760):
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

0s ago: executing program 0 (id=1761):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000380)={{0x0, 0x3, 0xff, 0x2, 0x8}}) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES64=r1], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r6)
sendmsg$NLBL_UNLABEL_C_STATICADD(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000a00)={0x28, r7, 0x201, 0xfffffffc, 0x25dfdbfd, {0x3, 0x0, 0x26}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x7, @private2}]}, 0x28}, 0x8, 0x3000000000002}, 0x0) (async)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) (async)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r11, 0x8933, &(0x7f0000000240)={'wpan0\x00', <r12=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x28, r10, 0xc01, 0x70bd25, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r12}, @NL802154_ATTR_SEC_DEVKEY={0xc, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x5}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x40000) (async)
r13 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r13}, 0x10) (async, rerun: 64)
r14 = socket$inet_tcp(0x2, 0x1, 0x0) (rerun: 64)
setsockopt$inet_buf(r14, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8) (async)
r15 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r15, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x12, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r6, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x38, r8, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0xf}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r12}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x20008000) (async, rerun: 32)
sendmsg$ETHTOOL_MSG_WOL_GET(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd7000000000001b0075857a3ed012d18d020064756d6d793000"/38], 0x2c}}, 0x0) (rerun: 32)

kernel console output (not intermixed with test programs):

525][ T6391] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   67.646525][ T6391]    program syz.3.1108 not setting count and/or reply_len properly
[   67.689465][ T6389] lo speed is unknown, defaulting to 1000
[   67.706682][ T6395] FAULT_INJECTION: forcing a failure.
[   67.706682][ T6395] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.719786][ T6395] CPU: 1 UID: 0 PID: 6395 Comm: syz.3.1110 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.719818][ T6395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   67.719828][ T6395] Call Trace:
[   67.719834][ T6395]  <TASK>
[   67.719841][ T6395]  __dump_stack+0x1d/0x30
[   67.719862][ T6395]  dump_stack_lvl+0xe8/0x140
[   67.719877][ T6395]  dump_stack+0x15/0x1b
[   67.719961][ T6395]  should_fail_ex+0x265/0x280
[   67.719982][ T6395]  should_fail+0xb/0x20
[   67.719997][ T6395]  should_fail_usercopy+0x1a/0x20
[   67.720020][ T6395]  _copy_from_user+0x1c/0xb0
[   67.720114][ T6395]  do_ipv6_getsockopt+0x163/0x1470
[   67.720138][ T6395]  ? avc_has_perm_noaudit+0x1b1/0x200
[   67.720164][ T6395]  ? avc_has_perm+0xf7/0x180
[   67.720182][ T6395]  ipv6_getsockopt+0x71/0x1e0
[   67.720198][ T6395]  ? selinux_socket_getsockopt+0xd0/0x1b0
[   67.720225][ T6395]  ? selinux_socket_getsockopt+0xd0/0x1b0
[   67.720314][ T6395]  tcp_getsockopt+0xad/0xe0
[   67.720332][ T6395]  sock_common_getsockopt+0x5d/0x70
[   67.720354][ T6395]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   67.720502][ T6395]  do_sock_getsockopt+0x1fd/0x240
[   67.720524][ T6395]  __x64_sys_getsockopt+0x11e/0x1a0
[   67.720545][ T6395]  x64_sys_call+0x2bc6/0x2ff0
[   67.720623][ T6395]  do_syscall_64+0xd2/0x200
[   67.720644][ T6395]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   67.720671][ T6395]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   67.720695][ T6395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.720767][ T6395] RIP: 0033:0x7f08ff65ebe9
[   67.720781][ T6395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.720833][ T6395] RSP: 002b:00007f08fe0bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   67.720849][ T6395] RAX: ffffffffffffffda RBX: 00007f08ff885fa0 RCX: 00007f08ff65ebe9
[   67.720862][ T6395] RDX: 0010000000000030 RSI: 0000000000000029 RDI: 0000000000000003
[   67.720875][ T6395] RBP: 00007f08fe0bf090 R08: 0000200000002280 R09: 0000000000000000
[   67.720886][ T6395] R10: 0000200000034000 R11: 0000000000000246 R12: 0000000000000001
[   67.720896][ T6395] R13: 00007f08ff886038 R14: 00007f08ff885fa0 R15: 00007fff4b82c8b8
[   67.720912][ T6395]  </TASK>
[   67.790774][ T6385] lo speed is unknown, defaulting to 1000
[   68.078288][ T6416] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1119'.
[   68.092421][ T6419] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   68.092421][ T6419]    program syz.1.1120 not setting count and/or reply_len properly
[   68.125878][ T6416] macsec1: entered promiscuous mode
[   68.131248][ T6416] vlan1: entered promiscuous mode
[   68.136601][ T6416] macsec1: entered allmulticast mode
[   68.141959][ T6416] vlan1: entered allmulticast mode
[   68.147073][ T6416] veth0_vlan: entered allmulticast mode
[   68.184070][ T6416] vlan1: left allmulticast mode
[   68.188960][ T6416] veth0_vlan: left allmulticast mode
[   68.194421][ T6416] vlan1: left promiscuous mode
[   68.282842][ T6417] erspan0: refused to change device tx_queue_len
[   68.377177][ T3383] lo speed is unknown, defaulting to 1000
[   68.383086][ T3383] syz0: Port: 1 Link ACTIVE
[   68.448063][ T3383] lo speed is unknown, defaulting to 1000
[   68.453955][ T3383] syz0: Port: 1 Link DOWN
[   68.533371][ T6445] 9pnet_fd: Insufficient options for proto=fd
[   68.554036][ T6447] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   68.554036][ T6447]    program syz.1.1132 not setting count and/or reply_len properly
[   68.577839][ T6420] loop3: detected capacity change from 0 to 2048
[   68.619244][ T6451] FAULT_INJECTION: forcing a failure.
[   68.619244][ T6451] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.632347][ T6451] CPU: 0 UID: 0 PID: 6451 Comm: syz.1.1133 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.632375][ T6451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   68.632384][ T6451] Call Trace:
[   68.632390][ T6451]  <TASK>
[   68.632396][ T6451]  __dump_stack+0x1d/0x30
[   68.632415][ T6451]  dump_stack_lvl+0xe8/0x140
[   68.632434][ T6451]  dump_stack+0x15/0x1b
[   68.632451][ T6451]  should_fail_ex+0x265/0x280
[   68.632471][ T6451]  should_fail+0xb/0x20
[   68.632519][ T6451]  should_fail_usercopy+0x1a/0x20
[   68.632536][ T6451]  _copy_from_user+0x1c/0xb0
[   68.632641][ T6451]  memdup_user+0x5e/0xd0
[   68.632665][ T6451]  strndup_user+0x68/0xb0
[   68.632685][ T6451]  __se_sys_mount+0x4d/0x2e0
[   68.632703][ T6451]  ? __bpf_trace_sys_enter+0x10/0x30
[   68.632799][ T6451]  ? trace_sys_enter+0xd0/0xf0
[   68.632817][ T6451]  __x64_sys_mount+0x67/0x80
[   68.632836][ T6451]  x64_sys_call+0x2b4d/0x2ff0
[   68.632856][ T6451]  do_syscall_64+0xd2/0x200
[   68.632940][ T6451]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.632963][ T6451]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   68.633030][ T6451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.633090][ T6451] RIP: 0033:0x7f4566cbebe9
[   68.633102][ T6451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.633115][ T6451] RSP: 002b:00007f4565727038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   68.633132][ T6451] RAX: ffffffffffffffda RBX: 00007f4566ee5fa0 RCX: 00007f4566cbebe9
[   68.633145][ T6451] RDX: 0000200000001440 RSI: 0000200000001400 RDI: 00002000000013c0
[   68.633156][ T6451] RBP: 00007f4565727090 R08: 0000200000000080 R09: 0000000000000000
[   68.633188][ T6451] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[   68.633198][ T6451] R13: 00007f4566ee6038 R14: 00007f4566ee5fa0 R15: 00007ffd5b30ffa8
[   68.633213][ T6451]  </TASK>
[   68.637320][ T6420] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.897241][ T6416] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   68.929876][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.939770][ T6468] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   68.939770][ T6468]    program syz.1.1138 not setting count and/or reply_len properly
[   68.986905][ T6476] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   68.986905][ T6476]    program syz.1.1142 not setting count and/or reply_len properly
[   69.018012][ T6479] validate_nla: 9 callbacks suppressed
[   69.018026][ T6479] netlink: 'syz.3.1140': attribute type 10 has an invalid length.
[   69.033377][ T6479] team0: Port device dummy0 added
[   69.040001][ T6479] netlink: 'syz.3.1140': attribute type 10 has an invalid length.
[   69.051226][ T6479] team0: Port device dummy0 removed
[   69.058456][ T6479] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   69.060414][ T6481] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   69.060414][ T6481]    program syz.2.1144 not setting count and/or reply_len properly
[   69.086791][ T6483] netlink: 'syz.1.1145': attribute type 4 has an invalid length.
[   69.097037][ T6483] netlink: 'syz.1.1145': attribute type 4 has an invalid length.
[   69.131848][ T6487] netlink: 'syz.1.1147': attribute type 4 has an invalid length.
[   69.145252][ T6487] netlink: 'syz.1.1147': attribute type 4 has an invalid length.
[   69.170320][ T6489] lo speed is unknown, defaulting to 1000
[   69.221902][ T1050] hid_parser_main: 18 callbacks suppressed
[   69.222005][ T1050] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[   69.235653][ T1050] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[   69.243809][ T1050] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x3
[   69.259622][ T1050] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   69.308496][ T6499] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[   69.315097][ T6499] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   69.322518][ T6499] vhci_hcd vhci_hcd.0: Device attached
[   69.329874][ T6500] usbip_core: unknown command
[   69.334708][ T6500] vhci_hcd: unknown pdu 0
[   69.339268][ T6500] usbip_core: unknown command
[   69.347286][   T41] vhci_hcd: stop threads
[   69.351572][   T41] vhci_hcd: release socket
[   69.356056][   T41] vhci_hcd: disconnect device
[   69.506964][ T6513] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   69.506964][ T6513]    program syz.3.1157 not setting count and/or reply_len properly
[   69.558046][ T6518] loop4: detected capacity change from 0 to 1024
[   69.564550][ T6514] loop1: detected capacity change from 0 to 8192
[   69.842863][ T6535] __nla_validate_parse: 3 callbacks suppressed
[   69.842882][ T6535] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1165'.
[   69.860355][ T3411] Process accounting resumed
[   69.866474][ T6535] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1165'.
[   70.003080][ T6541] smc: net device veth0_virt_wifi applied user defined pnetid SYZ2
[   70.186316][ T6548] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   70.204447][ T6548] hub 9-0:1.0: USB hub found
[   70.209219][ T6548] hub 9-0:1.0: 8 ports detected
[   70.219480][ T6548] loop2: detected capacity change from 0 to 512
[   70.226467][ T6548] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   70.273112][ T6550] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   70.273112][ T6550]    program syz.3.1169 not setting count and/or reply_len properly
[   70.300471][ T6548] EXT4-fs error (device loop2): ext4_quota_enable:7124: comm syz.2.1170: Bad quota inum: 29696, type: 1
[   70.319500][ T6548] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=29696). Please run e2fsck to fix.
[   70.369635][ T6548] EXT4-fs (loop2): mount failed
[   70.589334][ T6580] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   70.589334][ T6580]    program syz.1.1174 not setting count and/or reply_len properly
[   70.631144][ T6585] netlink: 'syz.4.1176': attribute type 4 has an invalid length.
[   70.639110][ T6585] netlink: 'syz.4.1176': attribute type 4 has an invalid length.
[   70.655116][ T6587] geneve0: entered promiscuous mode
[   70.660411][ T6587] geneve0: entered allmulticast mode
[   70.674312][ T4084] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.684894][ T4084] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.711564][ T4084] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.720335][ T4084] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.808227][ T6597] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   70.816704][ T6597] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.036987][ T6602] loop2: detected capacity change from 0 to 512
[   71.045278][ T6602] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.1183: casefold flag without casefold feature
[   71.058196][ T6602] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1183: couldn't read orphan inode 15 (err -117)
[   71.071467][ T6602] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.175724][ T6616] netlink: 'syz.3.1189': attribute type 4 has an invalid length.
[   71.183704][ T6616] netlink: 'syz.3.1189': attribute type 4 has an invalid length.
[   71.192127][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.219092][ T6621] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1191'.
[   71.250986][ T6621] loop3: detected capacity change from 0 to 8192
[   71.303311][ T6626] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   71.303311][ T6626]    program syz.3.1193 not setting count and/or reply_len properly
[   71.487933][ T6635] SELinux: failed to load policy
[   71.649770][ T6646] loop1: detected capacity change from 0 to 512
[   71.673692][ T6646] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.1201: casefold flag without casefold feature
[   71.679511][ T6644] syzkaller0: entered promiscuous mode
[   71.691982][ T6644] syzkaller0: entered allmulticast mode
[   71.700870][ T6651] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   71.700870][ T6651]    program syz.0.1203 not setting count and/or reply_len properly
[   71.701695][ T6646] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1201: couldn't read orphan inode 15 (err -117)
[   71.730921][ T6646] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.784910][ T3411] lo speed is unknown, defaulting to 1000
[   71.790695][ T3411] syz0: Port: 1 Link ACTIVE
[   71.859599][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.961659][ T6680] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1212'.
[   72.025479][ T6680] loop1: detected capacity change from 0 to 8192
[   72.095146][ T6686] loop0: detected capacity change from 0 to 512
[   72.111910][ T6686] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1217: bg 0: block 248: padding at end of block bitmap is not set
[   72.127099][ T6686] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1217: Failed to acquire dquot type 1
[   72.138920][ T6686] EXT4-fs (loop0): 1 truncate cleaned up
[   72.145080][ T6686] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.157677][ T6686] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.169335][ T6686] EXT4-fs error (device loop0): ext4_lookup:1791: inode #2: comm syz.0.1217: deleted inode referenced: 12
[   72.182934][ T6686] EXT4-fs error (device loop0): ext4_lookup:1791: inode #2: comm syz.0.1217: deleted inode referenced: 12
[   72.201704][ T6686] syz.0.1217 (6686) used greatest stack depth: 9368 bytes left
[   72.210093][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.240878][ T3390] lo speed is unknown, defaulting to 1000
[   72.246716][ T3390] syz0: Port: 1 Link DOWN
[   72.253459][ T3383] lo speed is unknown, defaulting to 1000
[   72.259184][ T3383] syz0: Port: 1 Link ACTIVE
[   72.300000][ T6698] loop0: detected capacity change from 0 to 512
[   72.308054][ T6698] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1222: casefold flag without casefold feature
[   72.321001][ T6698] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1222: couldn't read orphan inode 15 (err -117)
[   72.333394][ T6698] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.444425][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.549144][   T29] kauditd_printk_skb: 580 callbacks suppressed
[   72.549159][   T29] audit: type=1326 audit(1756026659.274:3755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6708 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08ff65ebe9 code=0x7ffc0000
[   72.579320][   T29] audit: type=1326 audit(1756026659.274:3756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6708 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f08ff65d550 code=0x7ffc0000
[   72.605096][   T29] audit: type=1326 audit(1756026659.334:3757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6708 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08ff65ebe9 code=0x7ffc0000
[   72.628571][   T29] audit: type=1326 audit(1756026659.334:3758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6708 comm="syz.3.1227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08ff65ebe9 code=0x7ffc0000
[   72.686958][ T6715] binfmt_misc: register: failed to install interpreter file ./file0
[   72.804699][   T29] audit: type=1400 audit(1756026659.534:3759): avc:  denied  { bind } for  pid=6733 comm="syz.2.1237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   72.857481][   T29] audit: type=1400 audit(1756026659.534:3760): avc:  denied  { setopt } for  pid=6733 comm="syz.2.1237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   72.878093][   T29] audit: type=1400 audit(1756026659.584:3761): avc:  denied  { append } for  pid=6735 comm="syz.2.1239" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[   72.901570][   T29] audit: type=1400 audit(1756026659.584:3762): avc:  denied  { getopt } for  pid=6735 comm="syz.2.1239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   72.922204][   T29] audit: type=1400 audit(1756026659.584:3763): avc:  denied  { getopt } for  pid=6735 comm="syz.2.1239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   72.956692][ T6732] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[   72.977656][ T6732] loop1: detected capacity change from 0 to 2048
[   73.012877][ T6732] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.028504][   T29] audit: type=1400 audit(1756026659.754:3764): avc:  denied  { read append open } for  pid=6730 comm="syz.1.1238" path="/237/file0/cgroup.controllers" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   73.053748][ T6732] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   73.068879][ T6732] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28
[   73.081281][ T6732] EXT4-fs (loop1): This should not happen!! Data will be lost
[   73.081281][ T6732] 
[   73.081371][ T6754] loop0: detected capacity change from 0 to 2048
[   73.090919][ T6732] EXT4-fs (loop1): Total free blocks count 0
[   73.103390][ T6732] EXT4-fs (loop1): Free/Dirty block details
[   73.105739][ T6756] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1244'.
[   73.109281][ T6732] EXT4-fs (loop1): free_blocks=2415919104
[   73.124147][ T6732] EXT4-fs (loop1): dirty_blocks=48
[   73.129324][ T6732] EXT4-fs (loop1): Block reservation details
[   73.135340][ T6732] EXT4-fs (loop1): i_reserved_data_blocks=3
[   73.152068][ T6756] loop2: detected capacity change from 0 to 8192
[   73.159686][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.222068][ T6766] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1250'.
[   73.231005][ T6766] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1250'.
[   73.257907][ T6770] loop0: detected capacity change from 0 to 512
[   73.283153][ T6770] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.296123][ T6770] ext4 filesystem being mounted at /247/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.348857][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.481268][ T3383] lo speed is unknown, defaulting to 1000
[   73.487074][ T3383] syz0: Port: 1 Link DOWN
[   73.494472][    T9] lo speed is unknown, defaulting to 1000
[   73.500218][    T9] syz0: Port: 1 Link ACTIVE
[   73.514216][ T6787] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   73.981421][ T6833] sg_write: 2 callbacks suppressed
[   73.981436][ T6833] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   73.981436][ T6833]    program syz.0.1275 not setting count and/or reply_len properly
[   74.014617][ T6813] lo speed is unknown, defaulting to 1000
[   74.043991][ T6838] loop0: detected capacity change from 0 to 1024
[   74.053751][ T6834] loop2: detected capacity change from 0 to 512
[   74.062184][ T6834] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   74.075398][ T6838] EXT4-fs: Ignoring removed bh option
[   74.082508][ T6834] FAULT_INJECTION: forcing a failure.
[   74.082508][ T6834] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.095594][ T6834] CPU: 1 UID: 0 PID: 6834 Comm: syz.2.1271 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.095623][ T6834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   74.095632][ T6834] Call Trace:
[   74.095638][ T6834]  <TASK>
[   74.095645][ T6834]  __dump_stack+0x1d/0x30
[   74.095756][ T6834]  dump_stack_lvl+0xe8/0x140
[   74.095814][ T6834]  dump_stack+0x15/0x1b
[   74.095830][ T6834]  should_fail_ex+0x265/0x280
[   74.095851][ T6834]  should_fail+0xb/0x20
[   74.095869][ T6834]  should_fail_usercopy+0x1a/0x20
[   74.095891][ T6834]  _copy_from_user+0x1c/0xb0
[   74.095990][ T6834]  memdup_user+0x5e/0xd0
[   74.096015][ T6834]  strndup_user+0x68/0xb0
[   74.096042][ T6834]  __se_sys_mount+0x4d/0x2e0
[   74.096065][ T6834]  ? do_mkdirat+0x3ac/0x3f0
[   74.096086][ T6834]  __x64_sys_mount+0x67/0x80
[   74.096128][ T6834]  x64_sys_call+0x2b4d/0x2ff0
[   74.096215][ T6834]  do_syscall_64+0xd2/0x200
[   74.096241][ T6834]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.096264][ T6834]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   74.096322][ T6834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.096358][ T6834] RIP: 0033:0x7fef8ddc038a
[   74.096564][ T6834] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.096619][ T6834] RSP: 002b:00007fef8c7e4e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   74.096639][ T6834] RAX: ffffffffffffffda RBX: 00007fef8c7e4ef0 RCX: 00007fef8ddc038a
[   74.096652][ T6834] RDX: 0000200000000f40 RSI: 0000200000000f00 RDI: 0000000000000000
[   74.096664][ T6834] RBP: 0000200000000f40 R08: 00007fef8c7e4ef0 R09: 0000000001a4a438
[   74.096674][ T6834] R10: 0000000001a4a438 R11: 0000000000000246 R12: 0000200000000f00
[   74.096731][ T6834] R13: 00007fef8c7e4eb0 R14: 0000000000000000 R15: 0000200000000f80
[   74.096811][ T6834]  </TASK>
[   74.098081][ T6838] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[   74.352820][ T6855] loop3: detected capacity change from 0 to 2048
[   74.375031][ T6855] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.667149][ T6861] FAULT_INJECTION: forcing a failure.
[   74.667149][ T6861] name failslab, interval 1, probability 0, space 0, times 0
[   74.679818][ T6861] CPU: 0 UID: 0 PID: 6861 Comm: ’ Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.679869][ T6861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   74.679879][ T6861] Call Trace:
[   74.679885][ T6861]  <TASK>
[   74.679893][ T6861]  __dump_stack+0x1d/0x30
[   74.679912][ T6861]  dump_stack_lvl+0xe8/0x140
[   74.679961][ T6861]  dump_stack+0x15/0x1b
[   74.679978][ T6861]  should_fail_ex+0x265/0x280
[   74.679998][ T6861]  should_failslab+0x8c/0xb0
[   74.680018][ T6861]  kmem_cache_alloc_noprof+0x50/0x310
[   74.680065][ T6861]  ? __break_lease+0x78/0xe80
[   74.680082][ T6861]  __break_lease+0x78/0xe80
[   74.680113][ T6861]  ? selinux_file_open+0x2df/0x330
[   74.680135][ T6861]  do_dentry_open+0x5be/0xa20
[   74.680163][ T6861]  vfs_open+0x37/0x1e0
[   74.680186][ T6861]  path_openat+0x1c5e/0x2170
[   74.680205][ T6861]  ? _parse_integer_limit+0x170/0x190
[   74.680225][ T6861]  ? _parse_integer+0x27/0x40
[   74.680321][ T6861]  do_filp_open+0x109/0x230
[   74.680355][ T6861]  do_sys_openat2+0xa6/0x110
[   74.680384][ T6861]  __x64_sys_creat+0x65/0x90
[   74.680411][ T6861]  x64_sys_call+0x2d94/0x2ff0
[   74.680510][ T6861]  do_syscall_64+0xd2/0x200
[   74.680531][ T6861]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.680604][ T6861]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   74.680645][ T6861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.680657][ T6861] RIP: 0033:0x7fc21a5debe9
[   74.680666][ T6861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.680676][ T6861] RSP: 002b:00007fc21903f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   74.680687][ T6861] RAX: ffffffffffffffda RBX: 00007fc21a805fa0 RCX: 00007fc21a5debe9
[   74.680727][ T6861] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100
[   74.680733][ T6861] RBP: 00007fc21903f090 R08: 0000000000000000 R09: 0000000000000000
[   74.680740][ T6861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.680747][ T6861] R13: 00007fc21a806038 R14: 00007fc21a805fa0 R15: 00007ffd1022b558
[   74.680758][ T6861]  </TASK>
[   74.901607][ T3310] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   74.962698][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[   74.964666][ T6868] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1283'.
[   75.024691][ T6868] loop4: detected capacity change from 0 to 8192
[   75.201259][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.246678][ T6882] validate_nla: 8 callbacks suppressed
[   75.246694][ T6882] netlink: 'syz.3.1288': attribute type 1 has an invalid length.
[   75.313729][ T6890] netlink: 'syz.3.1292': attribute type 1 has an invalid length.
[   75.327791][ T6890] 8021q: adding VLAN 0 to HW filter on device bond2
[   75.337661][ T6890] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1292'.
[   75.348116][ T6890] bond2 (unregistering): Released all slaves
[   75.439877][ T6894] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1293'.
[   75.552658][ T6902] netlink: 'syz.3.1295': attribute type 1 has an invalid length.
[   75.560423][ T6898] netlink: 'syz.3.1295': attribute type 1 has an invalid length.
[   75.632007][ T6907] loop3: detected capacity change from 0 to 1024
[   75.639047][ T6907] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   75.653135][ T6907] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   75.661231][ T6907] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e028, mo2=0000]
[   75.699578][ T6907] System zones: 0-1, 3-12
[   75.706887][ T6907] EXT4-fs (loop3): orphan cleanup on readonly fs
[   75.781859][ T6907] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.1298: Freeing blocks not in datazone - block = 0, count = 4096
[   75.808774][ T6907] EXT4-fs (loop3): Remounting filesystem read-only
[   75.815954][ T6907] EXT4-fs (loop3): 1 orphan inode deleted
[   75.822392][ T6907] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   75.914937][ T6907] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1298'.
[   75.975177][ T6915] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   76.003892][ T6915] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   76.012293][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.030610][ T6915] loop4: detected capacity change from 0 to 1024
[   76.152150][ T6915] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.214571][ T6915] ext4 filesystem being mounted at /204/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.232746][ T6918] 9pnet_fd: Insufficient options for proto=fd
[   76.296508][ T6928] loop3: detected capacity change from 0 to 512
[   76.340263][ T6928] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.358155][ T6915] netlink: 'syz.4.1300': attribute type 1 has an invalid length.
[   76.370645][ T6928] ext4 filesystem being mounted at /285/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.431558][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.509036][ T6936] loop1: detected capacity change from 0 to 512
[   76.548807][ T6936] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm ’: bad orphan inode 13
[   76.573447][ T6936] ext4_test_bit(bit=12, block=4) = 1
[   76.578770][ T6936] is_bad_inode(inode)=0
[   76.582936][ T6936] NEXT_ORPHAN(inode)=0
[   76.587074][ T6936] max_ino=32
[   76.590260][ T6936] i_nlink=1
[   76.594328][ T6936] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.619098][ T3307] EXT4-fs warning (device loop1): dx_probe:801: inode #2: comm syz-executor: Unrecognised inode hash code 20
[   76.630714][ T3307] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz-executor: Corrupt directory, running e2fsck is recommended
[   76.651624][ T3307] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 13: comm syz-executor: path /252/file0: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[   76.688336][ T6941] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   76.688336][ T6941]    program syz.3.1308 not setting count and/or reply_len properly
[   76.721097][ T3307] EXT4-fs error (device loop1): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[   76.750781][ T3307] EXT4-fs error (device loop1): ext4_lookup:1787: inode #16: comm syz-executor: iget: bad i_size value: 880468304680
[   76.782998][ T3307] EXT4-fs error (device loop1): ext4_lookup:1787: inode #16: comm syz-executor: iget: bad i_size value: 880468304680
[   76.882874][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.903592][ T6103] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.964480][ T6950] netlink: 'syz.3.1313': attribute type 4 has an invalid length.
[   76.974634][ T3390] hid (null): unknown global tag 0xc
[   76.979963][ T3390] hid (null): unknown global tag 0xc
[   76.986287][ T3390] hid-generic 0008:FFFFFFF8:0006.0003: collection stack underflow
[   76.994266][ T3390] hid-generic 0008:FFFFFFF8:0006.0003: item 0 2 0 12 parsing failed
[   76.999730][ T6955] loop0: detected capacity change from 0 to 512
[   77.016645][ T3390] hid-generic 0008:FFFFFFF8:0006.0003: probe with driver hid-generic failed with error -22
[   77.028131][ T6950] netlink: 'syz.3.1313': attribute type 4 has an invalid length.
[   77.082787][ T6955] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.143179][ T4083] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.157471][ T6963] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   77.157471][ T6963]    program syz.4.1319 not setting count and/or reply_len properly
[   77.200822][ T6955] ext4 filesystem being mounted at /268/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.246303][ T6965] siw: device registration error -23
[   77.253957][ T4083] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.315043][ T4083] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.325902][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.365453][ T4083] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.392034][ T6965] loop3: detected capacity change from 0 to 4096
[   77.438259][ T6969] lo speed is unknown, defaulting to 1000
[   77.457302][ T6965] ext4: Unknown parameter 'appraise_type'
[   77.472667][ T6987] netlink: 'syz.4.1326': attribute type 4 has an invalid length.
[   77.506458][ T6987] netlink: 'syz.4.1326': attribute type 4 has an invalid length.
[   77.524540][ T6989] netlink: 'syz.0.1327': attribute type 4 has an invalid length.
[   77.537602][ T4083] bridge_slave_1: left allmulticast mode
[   77.543369][ T4083] bridge_slave_1: left promiscuous mode
[   77.549063][ T4083] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.558224][ T4083] bridge_slave_0: left allmulticast mode
[   77.564011][ T4083] bridge_slave_0: left promiscuous mode
[   77.569699][ T4083] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.728127][ T4083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   77.741316][ T4083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   77.751236][ T4083] bond0 (unregistering): Released all slaves
[   77.760165][ T7000] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   77.760165][ T7000]    program syz.2.1328 not setting count and/or reply_len properly
[   77.802722][   T10] lo speed is unknown, defaulting to 1000
[   77.808467][   T10] syz0: Port: 1 Link DOWN
[   77.810700][ T6969] chnl_net:caif_netlink_parms(): no params data found
[   77.836098][   T29] kauditd_printk_skb: 263 callbacks suppressed
[   77.836111][   T29] audit: type=1400 audit(1756026664.564:4028): avc:  denied  { create } for  pid=7002 comm="syz.2.1329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   77.873108][   T29] audit: type=1400 audit(1756026664.594:4029): avc:  denied  { bind } for  pid=7002 comm="syz.2.1329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   77.892660][   T29] audit: type=1400 audit(1756026664.594:4030): avc:  denied  { listen } for  pid=7002 comm="syz.2.1329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   77.892730][   T29] audit: type=1400 audit(1756026664.594:4031): avc:  denied  { connect } for  pid=7002 comm="syz.2.1329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   77.917633][ T7009] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   77.917633][ T7009]    program syz.3.1330 not setting count and/or reply_len properly
[   77.940041][ T7014] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1329'.
[   77.960761][   T29] audit: type=1400 audit(1756026664.664:4032): avc:  denied  { setopt } for  pid=7002 comm="syz.2.1329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   77.987830][ T4083] hsr_slave_0: left promiscuous mode
[   77.993938][ T4083] hsr_slave_1: left promiscuous mode
[   77.993938][   T29] audit: type=1400 audit(1756026664.724:4033): avc:  denied  { write } for  pid=7002 comm="syz.2.1329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   78.021185][ T4083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   78.023901][   T29] audit: type=1400 audit(1756026664.754:4034): avc:  denied  { read write } for  pid=7010 comm="syz.0.1333" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   78.028562][ T4083] batman_adv: batadv0: Removing interface: batadv_slave_0
[   78.059872][   T29] audit: type=1400 audit(1756026664.754:4035): avc:  denied  { open } for  pid=7010 comm="syz.0.1333" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   78.086554][ T4083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   78.087139][   T29] audit: type=1400 audit(1756026664.784:4036): avc:  denied  { create } for  pid=7018 comm="syz.3.1334" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   78.094021][ T4083] batman_adv: batadv0: Removing interface: batadv_slave_1
[   78.113360][   T29] audit: type=1400 audit(1756026664.784:4037): avc:  denied  { setopt } for  pid=7018 comm="syz.3.1334" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   78.145055][ T4083] veth1_macvtap: left promiscuous mode
[   78.150771][ T4083] veth0_macvtap: left promiscuous mode
[   78.156271][ T4083] veth1_vlan: left promiscuous mode
[   78.161616][ T4083] veth0_vlan: left promiscuous mode
[   78.195671][ T7013] loop0: detected capacity change from 0 to 512
[   78.202863][ T7013] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   78.215376][ T7013] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1333: bg 0: block 4: invalid block bitmap
[   78.227861][ T7013] EXT4-fs (loop0): Remounting filesystem read-only
[   78.234585][ T7013] EXT4-fs (loop0): 1 truncate cleaned up
[   78.240602][ T7013] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.292533][ T4083] team0 (unregistering): Port device team_slave_1 removed
[   78.303794][ T4083] team0 (unregistering): Port device team_slave_0 removed
[   78.315430][ T7026] loop4: detected capacity change from 0 to 256
[   78.345560][ T7003] ªªªªªª: renamed from vlan0 (while UP)
[   78.392761][ T6969] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.399913][ T6969] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.411488][ T6969] bridge_slave_0: entered allmulticast mode
[   78.421496][ T6969] bridge_slave_0: entered promiscuous mode
[   78.428208][ T6969] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.435469][ T6969] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.443043][ T6969] bridge_slave_1: entered allmulticast mode
[   78.450276][ T6969] bridge_slave_1: entered promiscuous mode
[   78.473009][ T7045] tc_dump_action: action bad kind
[   78.487056][ T6969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.498114][ T6969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.520294][ T6969] team0: Port device team_slave_0 added
[   78.529542][ T6969] team0: Port device team_slave_1 added
[   78.553255][ T6969] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.560225][ T6969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.586249][ T6969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.607447][ T6969] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.614519][ T6969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.640425][ T6969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.651846][ T7049] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1344'.
[   78.686268][ T6969] hsr_slave_0: entered promiscuous mode
[   78.686948][ T7052] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   78.686948][ T7052]    program syz.2.1345 not setting count and/or reply_len properly
[   78.693530][ T6969] hsr_slave_1: entered promiscuous mode
[   78.715372][ T6969] debugfs: 'hsr0' already exists in 'hsr'
[   78.721128][ T6969] Cannot create hsr debugfs directory
[   78.789370][ T7058] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.798486][ T7058] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   78.821946][ T7061] bond0: entered promiscuous mode
[   78.827067][ T7061] bond_slave_0: entered promiscuous mode
[   78.832751][ T7061] bond_slave_1: entered promiscuous mode
[   78.838474][ T7061] batadv0: entered promiscuous mode
[   78.862924][ T3301] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.882000][ T7060] loop2: detected capacity change from 0 to 512
[   78.898007][ T7060] EXT4-fs (loop2): orphan cleanup on readonly fs
[   78.918230][ T7060] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.1348: bad orphan inode 13
[   78.937937][ T6969] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   78.946528][ T6969] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   78.950059][ T7060] ext4_test_bit(bit=12, block=18) = 1
[   78.958696][ T7060] is_bad_inode(inode)=0
[   78.962958][ T7060] NEXT_ORPHAN(inode)=2130706432
[   78.967790][ T7060] max_ino=32
[   78.971031][ T7060] i_nlink=1
[   78.975018][ T7060] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   78.976718][ T6969] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   78.994691][ T7060] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.009639][ T6969] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   79.025197][ T7060] binfmt_misc: register: failed to install interpreter file ./file2
[   79.071619][ T7087] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1354'.
[   79.097759][ T7093] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   79.097759][ T7093]    program syz.2.1357 not setting count and/or reply_len properly
[   79.101737][ T6969] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.123499][ T7094] loop4: detected capacity change from 0 to 1024
[   79.130342][ T7094] EXT4-fs: Ignoring removed bh option
[   79.144216][ T6969] 8021q: adding VLAN 0 to HW filter on device team0
[   79.153191][ T7094] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   79.165587][ T7094] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e118, mo2=0000]
[   79.174485][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.181544][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.190508][ T7094] System zones: 0-1, 3-12
[   79.196278][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.197670][ T7094] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #3: block 1: comm syz.4.1355: lblock 1 mapped to illegal pblock 1 (length 1)
[   79.203495][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.247667][ T6969] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   79.315167][ T7094] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1355: Failed to acquire dquot type 0
[   79.354057][ T7094] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.1355: Freeing blocks not in datazone - block = 0, count = 4096
[   79.371415][ T7117] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1366'.
[   79.407638][ T6969] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.416311][ T7094] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.1355: Invalid inode bitmap blk 0 in block_group 0
[   79.431418][ T4089] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:20: lblock 1 mapped to illegal pblock 1 (length 1)
[   79.448386][ T4089] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:20: Failed to release dquot type 0
[   79.461074][ T7094] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[   79.474581][ T7094] EXT4-fs (loop4): 1 orphan inode deleted
[   79.483151][ T7094] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.633108][ T7142] loop3: detected capacity change from 0 to 2048
[   79.647490][ T6969] veth0_vlan: entered promiscuous mode
[   79.656593][ T6969] veth1_vlan: entered promiscuous mode
[   79.672221][ T6969] veth0_macvtap: entered promiscuous mode
[   79.673734][ T7142] Alternate GPT is invalid, using primary GPT.
[   79.682191][ T6969] veth1_macvtap: entered promiscuous mode
[   79.684274][ T7142]  loop3: p2 p3 p7
[   79.705729][ T6969] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.724558][ T6969] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.735570][ T4102] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.744918][ T4102] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.759236][ T4102] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.763729][ T7146] loop2: detected capacity change from 0 to 512
[   79.776987][ T7146] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.779279][ T4102] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.832790][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.895468][ T7160] loop5: detected capacity change from 0 to 1024
[   79.923575][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.026280][ T7174] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1378'.
[   80.062070][ T7179] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   80.062070][ T7179]    program syz.4.1385 not setting count and/or reply_len properly
[   80.103325][ T3390] lo speed is unknown, defaulting to 1000
[   80.109077][ T3390] syz0: Port: 1 Link ACTIVE
[   80.142184][ T7184] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1387'.
[   80.247794][ T7196] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1393'.
[   80.304781][ T7199] validate_nla: 18 callbacks suppressed
[   80.304792][ T7199] netlink: 'syz.5.1394': attribute type 4 has an invalid length.
[   80.356101][ T7201] netlink: 'syz.5.1394': attribute type 4 has an invalid length.
[   80.415549][ T7202] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1389'.
[   80.575061][ T7205] loop5: detected capacity change from 0 to 512
[   80.656550][ T7205] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.728067][ T7211] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1397'.
[   80.748594][ T7205] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.782918][ T7216] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   80.782918][ T7216]    program syz.3.1398 not setting count and/or reply_len properly
[   80.877407][ T7218] netlink: 'syz.0.1399': attribute type 4 has an invalid length.
[   80.886422][ T6969] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.898320][   T10] lo speed is unknown, defaulting to 1000
[   80.904148][   T10] syz0: Port: 1 Link DOWN
[   80.913217][ T7218] netlink: 'syz.0.1399': attribute type 4 has an invalid length.
[   80.928148][   T10] lo speed is unknown, defaulting to 1000
[   80.933938][   T10] syz0: Port: 1 Link ACTIVE
[   80.983384][ T7227] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1404'.
[   81.086736][ T7237] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1405'.
[   81.624322][ T7249] netlink: 'syz.4.1410': attribute type 1 has an invalid length.
[   81.636473][ T7249] 8021q: adding VLAN 0 to HW filter on device bond2
[   81.653035][ T7249] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1410'.
[   81.667024][ T7249] bond2 (unregistering): Released all slaves
[   81.705707][ T7254] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   81.705707][ T7254]    program syz.4.1412 not setting count and/or reply_len properly
[   81.710107][ T7256] netlink: 'syz.2.1413': attribute type 4 has an invalid length.
[   81.734904][ T7256] netlink: 'syz.2.1413': attribute type 4 has an invalid length.
[   81.738427][ T7258] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1414'.
[   81.757192][ T7258] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1414'.
[   81.837443][ T7266] netem: change failed
[   81.867014][ T7266] capability: warning: `syz.5.1417' uses 32-bit capabilities (legacy support in use)
[   81.868361][ T7271] loop4: detected capacity change from 0 to 512
[   81.914893][ T7275] netlink: 'syz.5.1423': attribute type 1 has an invalid length.
[   81.933203][ T7275] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.949271][ T7271] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.985447][ T7275] bridge_slave_1 (unregistering): left allmulticast mode
[   81.992602][ T7275] bridge_slave_1 (unregistering): left promiscuous mode
[   81.999645][ T7275] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.023727][ T7271] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.130011][ T7287] netlink: 'syz.2.1425': attribute type 4 has an invalid length.
[   82.155619][ T7287] netlink: 'syz.2.1425': attribute type 4 has an invalid length.
[   82.734502][ T7272] syz.0.1421 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   82.745553][ T7272] CPU: 1 UID: 0 PID: 7272 Comm: syz.0.1421 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   82.745578][ T7272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   82.745587][ T7272] Call Trace:
[   82.745593][ T7272]  <TASK>
[   82.745599][ T7272]  __dump_stack+0x1d/0x30
[   82.745617][ T7272]  dump_stack_lvl+0xe8/0x140
[   82.745660][ T7272]  dump_stack+0x15/0x1b
[   82.745675][ T7272]  dump_header+0x81/0x220
[   82.745704][ T7272]  oom_kill_process+0x342/0x400
[   82.745743][ T7272]  out_of_memory+0x979/0xb80
[   82.745852][ T7272]  try_charge_memcg+0x5e6/0x9e0
[   82.745918][ T7272]  charge_memcg+0x51/0xc0
[   82.745936][ T7272]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   82.745959][ T7272]  __read_swap_cache_async+0x1df/0x350
[   82.746068][ T7272]  swap_cluster_readahead+0x277/0x3e0
[   82.746125][ T7272]  swapin_readahead+0xde/0x6f0
[   82.746153][ T7272]  ? __filemap_get_folio+0x4f7/0x6b0
[   82.746214][ T7272]  ? swap_cache_get_folio+0x77/0x200
[   82.746243][ T7272]  do_swap_page+0x301/0x2430
[   82.746294][ T7272]  ? css_rstat_updated+0xb7/0x240
[   82.746320][ T7272]  ? __pfx_default_wake_function+0x10/0x10
[   82.746339][ T7272]  handle_mm_fault+0x9a5/0x2c20
[   82.746398][ T7272]  do_user_addr_fault+0x636/0x1090
[   82.746428][ T7272]  ? __flush_smp_call_function_queue+0x643/0x8e0
[   82.746465][ T7272]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   82.746520][ T7272]  exc_page_fault+0x62/0xa0
[   82.746543][ T7272]  asm_exc_page_fault+0x26/0x30
[   82.746611][ T7272] RIP: 0033:0x7ff0b0ab1453
[   82.746625][ T7272] Code: f6 08 00 48 8d 3d f6 f6 08 00 e8 08 49 f6 ff 0f 1f 84 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 <80> 3d fe 70 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 c3 66 2e 0f
[   82.746680][ T7272] RSP: 002b:00007ffcd9bbaf88 EFLAGS: 00010293
[   82.746696][ T7272] RAX: 00000000fffffffa RBX: 00007ff0b0ca5fa0 RCX: 0000000000000000
[   82.746708][ T7272] RDX: 00007ffcd9bbafa0 RSI: 0000000000000000 RDI: 0000000000000000
[   82.746720][ T7272] RBP: 00007ff0b0ca7da0 R08: 00000000294aec2f R09: 7fffffffffffffff
[   82.746741][ T7272] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000014312
[   82.746814][ T7272] R13: 00007ff0b0ca6180 R14: ffffffffffffffff R15: 00007ffcd9bbb0e0
[   82.746833][ T7272]  </TASK>
[   82.746840][ T7272] memory: usage 307200kB, limit 307200kB, failcnt 240
[   82.968132][ T7272] memory+swap: usage 307556kB, limit 9007199254740988kB, failcnt 0
[   82.976055][ T7272] kmem: usage 307068kB, limit 9007199254740988kB, failcnt 0
[   82.983337][ T7272] Memory cgroup stats for /syz0:
[   82.983822][ T7272] cache 65536
[   82.992040][ T7272] rss 0
[   82.994792][ T7272] shmem 65536
[   82.998050][ T7272] mapped_file 0
[   83.001530][ T7272] dirty 0
[   83.004461][ T7272] writeback 0
[   83.007780][ T7272] workingset_refault_anon 11
[   83.012391][ T7272] workingset_refault_file 384
[   83.017041][ T7272] swap 364544
[   83.020357][ T7272] swapcached 0
[   83.023724][ T7272] pgpgin 196451
[   83.027207][ T7272] pgpgout 196434
[   83.030868][ T7272] pgfault 153902
[   83.034390][ T7272] pgmajfault 17
[   83.037863][ T7272] inactive_anon 65536
[   83.041879][ T7272] active_anon 0
[   83.045340][ T7272] inactive_file 4096
[   83.049204][ T7272] active_file 0
[   83.052666][ T7272] unevictable 0
[   83.056116][ T7272] hierarchical_memory_limit 314572800
[   83.061633][ T7272] hierarchical_memsw_limit 9223372036854771712
[   83.067768][ T7272] total_cache 65536
[   83.071752][ T7272] total_rss 0
[   83.075009][ T7272] total_shmem 65536
[   83.078785][ T7272] total_mapped_file 0
[   83.082780][ T7272] total_dirty 0
[   83.086209][ T7272] total_writeback 0
[   83.089984][ T7272] total_workingset_refault_anon 11
[   83.095111][ T7272] total_workingset_refault_file 384
[   83.100299][ T7272] total_swap 364544
[   83.104125][ T7272] total_swapcached 0
[   83.108135][ T7272] total_pgpgin 196451
[   83.112331][ T7272] total_pgpgout 196434
[   83.116405][ T7272] total_pgfault 153902
[   83.120483][ T7272] total_pgmajfault 17
[   83.124499][ T7272] total_inactive_anon 65536
[   83.129067][ T7272] total_active_anon 0
[   83.133046][ T7272] total_inactive_file 4096
[   83.137437][ T7272] total_active_file 0
[   83.141413][ T7272] total_unevictable 0
[   83.145368][ T7272] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1421,pid=7272,uid=0
[   83.159985][ T7272] Memory cgroup out of memory: Killed process 7272 (syz.0.1421) total-vm:93896kB, anon-rss:944kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000
[   83.244701][ T7301] loop3: detected capacity change from 0 to 8192
[   83.252406][   T29] kauditd_printk_skb: 871 callbacks suppressed
[   83.252420][   T29] audit: type=1400 audit(1756026669.984:4906): avc:  denied  { mount } for  pid=7300 comm="syz.3.1431" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   83.306603][ T7273] syz.0.1421 (7273) used greatest stack depth: 7528 bytes left
[   83.308754][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.327533][   T29] audit: type=1400 audit(1756026670.054:4907): avc:  denied  { create } for  pid=7305 comm="syz.0.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   83.352422][   T29] audit: type=1400 audit(1756026670.084:4908): avc:  denied  { write } for  pid=7305 comm="syz.0.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   83.371961][   T29] audit: type=1400 audit(1756026670.084:4909): avc:  denied  { connect } for  pid=7305 comm="syz.0.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   83.391781][   T29] audit: type=1400 audit(1756026670.084:4910): avc:  denied  { name_connect } for  pid=7305 comm="syz.0.1434" dest=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   83.414078][   T29] audit: type=1400 audit(1756026670.084:4911): avc:  denied  { shutdown } for  pid=7305 comm="syz.0.1434" lport=60627 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   83.434987][   T29] audit: type=1400 audit(1756026670.084:4912): avc:  denied  { getopt } for  pid=7305 comm="syz.0.1434" lport=60627 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   83.456211][   T29] audit: type=1400 audit(1756026670.084:4913): avc:  denied  { read write } for  pid=3306 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   83.480673][   T29] audit: type=1400 audit(1756026670.084:4914): avc:  denied  { open } for  pid=3306 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   83.504910][   T29] audit: type=1400 audit(1756026670.084:4915): avc:  denied  { ioctl } for  pid=3306 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=104 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   84.056137][ T7353] loop3: detected capacity change from 0 to 128
[   84.065703][ T7353] msdos: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ'
[   84.275505][ T7366] loop5: detected capacity change from 0 to 8192
[   84.528529][ T7384] loop4: detected capacity change from 0 to 512
[   84.562561][ T7384] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e001c018, mo2=0002]
[   84.640237][ T7384] System zones: 0-2, 18-18, 34-35
[   84.652634][ T7384] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.696171][ T7384] ext4 filesystem being mounted at /243/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.741306][ T7390] Restarting kernel threads ...
[   84.746381][ T7390] Done restarting kernel threads.
[   84.758357][ T7390] loop2: detected capacity change from 0 to 128
[   84.780505][ T7390] FAT-fs (loop2): bogus sectors per cluster 7
[   84.786623][ T7390] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; no bootstrapping code
[   84.795785][ T7390] FAT-fs (loop2): Can't find a valid FAT filesystem
[   84.820632][ T7391] program syz.4.1463 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   84.868352][ T7394] loop9: detected capacity change from 0 to 7
[   84.938778][   T23] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   84.952210][ T7398] loop3: detected capacity change from 0 to 1024
[   84.963103][   T23] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   84.979774][ T7398] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.997154][ T7398] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   85.033706][ T7398] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0102]
[   85.041907][ T7398] System zones: 0-1, 3-36
[   85.047071][ T7398] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.118019][ T7406] nfs4: Bad value for 'source'
[   85.123862][ T7406] __nla_validate_parse: 8 callbacks suppressed
[   85.123876][ T7406] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1471'.
[   85.139304][ T7406] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1471'.
[   85.149211][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.152662][ T7406] bridge0: port 3(vlan0) entered blocking state
[   85.164620][ T7406] bridge0: port 3(vlan0) entered disabled state
[   85.171166][ T7406] vlan0: entered allmulticast mode
[   85.176313][ T7406] bridge0: entered allmulticast mode
[   85.185903][ T7406] vlan0: left allmulticast mode
[   85.190806][ T7406] bridge0: left allmulticast mode
[   85.365572][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.503393][ T7462] validate_nla: 4 callbacks suppressed
[   85.503409][ T7462] netlink: 'syz.5.1478': attribute type 21 has an invalid length.
[   85.516883][ T7462] netlink: 14341 bytes leftover after parsing attributes in process `syz.5.1478'.
[   86.477431][ T7575] netlink: 'syz.0.1486': attribute type 4 has an invalid length.
[   86.505414][ T7575] netlink: 'syz.0.1486': attribute type 4 has an invalid length.
[   86.513371][   T23] lo speed is unknown, defaulting to 1000
[   86.519096][   T23] syz0: Port: 1 Link DOWN
[   86.526119][   T23] lo speed is unknown, defaulting to 1000
[   86.531893][   T23] syz0: Port: 1 Link ACTIVE
[   86.608570][ T7589] FAULT_INJECTION: forcing a failure.
[   86.608570][ T7589] name failslab, interval 1, probability 0, space 0, times 0
[   86.621252][ T7589] CPU: 0 UID: 0 PID: 7589 Comm: syz.0.1492 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.621280][ T7589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   86.621291][ T7589] Call Trace:
[   86.621297][ T7589]  <TASK>
[   86.621304][ T7589]  __dump_stack+0x1d/0x30
[   86.621325][ T7589]  dump_stack_lvl+0xe8/0x140
[   86.621340][ T7589]  dump_stack+0x15/0x1b
[   86.621393][ T7589]  should_fail_ex+0x265/0x280
[   86.621413][ T7589]  ? audit_log_d_path+0x8d/0x150
[   86.621485][ T7589]  should_failslab+0x8c/0xb0
[   86.621504][ T7589]  __kmalloc_cache_noprof+0x4c/0x320
[   86.621567][ T7589]  audit_log_d_path+0x8d/0x150
[   86.621747][ T7589]  audit_log_d_path_exe+0x42/0x70
[   86.621809][ T7589]  audit_log_task+0x1e9/0x250
[   86.621831][ T7589]  audit_seccomp+0x61/0x100
[   86.621910][ T7589]  ? __seccomp_filter+0x68c/0x10d0
[   86.621931][ T7589]  __seccomp_filter+0x69d/0x10d0
[   86.621951][ T7589]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   86.622007][ T7589]  ? vfs_write+0x7e8/0x960
[   86.622024][ T7589]  ? __rcu_read_unlock+0x4f/0x70
[   86.622040][ T7589]  ? __fget_files+0x184/0x1c0
[   86.622065][ T7589]  __secure_computing+0x82/0x150
[   86.622124][ T7589]  syscall_trace_enter+0xcf/0x1e0
[   86.622148][ T7589]  do_syscall_64+0xac/0x200
[   86.622170][ T7589]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   86.622190][ T7589]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   86.622273][ T7589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.622293][ T7589] RIP: 0033:0x7ff0b0a7ebe9
[   86.622308][ T7589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.622323][ T7589] RSP: 002b:00007ff0af4df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[   86.622343][ T7589] RAX: ffffffffffffffda RBX: 00007ff0b0ca5fa0 RCX: 00007ff0b0a7ebe9
[   86.622423][ T7589] RDX: 0000200000000200 RSI: 0000000000000004 RDI: ffffffffffffffff
[   86.622433][ T7589] RBP: 00007ff0af4df090 R08: 0000200000000300 R09: 0000000000000004
[   86.622444][ T7589] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[   86.622454][ T7589] R13: 00007ff0b0ca6038 R14: 00007ff0b0ca5fa0 R15: 00007ffcd9bbae68
[   86.622512][ T7589]  </TASK>
[   86.855832][ T7583] lo speed is unknown, defaulting to 1000
[   86.915551][ T7587] loop5: detected capacity change from 0 to 8192
[   86.954810][ T7593] lo speed is unknown, defaulting to 1000
[   86.997972][ T7596] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1493'.
[   87.119527][ T7604] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   87.119527][ T7604]    program syz.0.1496 not setting count and/or reply_len properly
[   87.137468][ T7602] loop3: detected capacity change from 0 to 4096
[   87.158221][ T7602] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[   87.169585][ T7602] System zones: 0-5
[   87.170200][ T7609] FAULT_INJECTION: forcing a failure.
[   87.170200][ T7609] name failslab, interval 1, probability 0, space 0, times 0
[   87.186127][ T7609] CPU: 0 UID: 0 PID: 7609 Comm: syz.4.1498 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   87.186187][ T7609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   87.186249][ T7609] Call Trace:
[   87.186255][ T7609]  <TASK>
[   87.186263][ T7609]  __dump_stack+0x1d/0x30
[   87.186365][ T7609]  dump_stack_lvl+0xe8/0x140
[   87.186385][ T7609]  dump_stack+0x15/0x1b
[   87.186539][ T7609]  should_fail_ex+0x265/0x280
[   87.186582][ T7609]  should_failslab+0x8c/0xb0
[   87.186607][ T7609]  kmem_cache_alloc_noprof+0x50/0x310
[   87.186632][ T7609]  ? dst_alloc+0xbd/0x100
[   87.186649][ T7609]  dst_alloc+0xbd/0x100
[   87.186666][ T7609]  ip_route_output_key_hash_rcu+0xef5/0x1380
[   87.186773][ T7609]  ip_route_output_key_hash+0x7a/0xb0
[   87.186798][ T7609]  tcp_v4_connect+0x3e2/0xad0
[   87.186862][ T7609]  __inet_stream_connect+0x169/0x7e0
[   87.186881][ T7609]  ? tcp_sendmsg_fastopen+0x172/0x520
[   87.186903][ T7609]  ? should_failslab+0x8c/0xb0
[   87.186924][ T7609]  ? __kmalloc_cache_noprof+0x189/0x320
[   87.187048][ T7609]  tcp_sendmsg_fastopen+0x43a/0x520
[   87.187155][ T7609]  tcp_sendmsg_locked+0x26e1/0x2c00
[   87.187182][ T7609]  ? mntput_no_expire+0x6f/0x460
[   87.187208][ T7609]  ? __rcu_read_unlock+0x4f/0x70
[   87.187245][ T7609]  ? avc_has_perm_noaudit+0x1b1/0x200
[   87.187265][ T7609]  ? avc_has_perm+0xf7/0x180
[   87.187286][ T7609]  ? _raw_spin_unlock_bh+0x36/0x40
[   87.187317][ T7609]  ? __pfx_tcp_sendmsg+0x10/0x10
[   87.187341][ T7609]  tcp_sendmsg+0x2f/0x50
[   87.187365][ T7609]  inet_sendmsg+0x76/0xd0
[   87.187381][ T7609]  __sock_sendmsg+0x102/0x180
[   87.187448][ T7609]  __sys_sendto+0x268/0x330
[   87.187472][ T7609]  __x64_sys_sendto+0x76/0x90
[   87.187491][ T7609]  x64_sys_call+0x2d05/0x2ff0
[   87.187512][ T7609]  do_syscall_64+0xd2/0x200
[   87.187577][ T7609]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   87.187595][ T7609]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   87.187620][ T7609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.187646][ T7609] RIP: 0033:0x7fc21a5debe9
[   87.187659][ T7609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.187672][ T7609] RSP: 002b:00007fc21903f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   87.187689][ T7609] RAX: ffffffffffffffda RBX: 00007fc21a805fa0 RCX: 00007fc21a5debe9
[   87.187703][ T7609] RDX: ffffffffffffff58 RSI: 0000200000000140 RDI: 0000000000000004
[   87.187716][ T7609] RBP: 00007fc21903f090 R08: 0000200000000100 R09: 0000000000000010
[   87.187729][ T7609] R10: 0000000020008005 R11: 0000000000000246 R12: 0000000000000001
[   87.187776][ T7609] R13: 00007fc21a806038 R14: 00007fc21a805fa0 R15: 00007ffd1022b558
[   87.187791][ T7609]  </TASK>
[   87.468908][ T7602] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.524727][ T7616] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1501'.
[   87.576227][ T7625] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[   87.581028][ T7618] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   87.581028][ T7618]    program syz.0.1503 not setting count and/or reply_len properly
[   87.582754][ T7625] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   87.606989][ T7625] vhci_hcd vhci_hcd.0: Device attached
[   87.623042][ T7625] loop4: detected capacity change from 0 to 512
[   87.630007][ T7625] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   87.680831][ T7625] EXT4-fs (loop4): 1 truncate cleaned up
[   87.687828][ T7625] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.755338][ T7632] netlink: 'syz.0.1505': attribute type 27 has an invalid length.
[   87.772541][ T7632] 0ªî{X¹¦: left allmulticast mode
[   87.815163][ T7625] EXT4-fs (loop4): shut down requested (0)
[   87.834757][ T7632] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.842250][ T7632] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.860509][ T3383] usb 9-1: new low-speed USB device number 3 using vhci_hcd
[   87.876810][ T7626] vhci_hcd: connection reset by peer
[   87.885142][   T41] vhci_hcd: stop threads
[   87.889410][   T41] vhci_hcd: release socket
[   87.893969][   T41] vhci_hcd: disconnect device
[   87.936070][ T7632] wg2: left promiscuous mode
[   87.941065][ T7632] wg2: left allmulticast mode
[   88.023781][ T7632] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   88.036393][ T7632] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   88.045218][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.097974][    T9] lo speed is unknown, defaulting to 1000
[   88.103839][    T9] syz0: Port: 1 Link DOWN
[   88.108235][ T5093] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.117476][ T5093] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.126498][ T5093] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.155907][ T5093] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.195916][ T7649] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1512'.
[   88.206599][ T7649] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1512'.
[   88.215735][ T7650] lo speed is unknown, defaulting to 1000
[   88.221782][ T7650] lo speed is unknown, defaulting to 1000
[   88.227681][ T7650] lo speed is unknown, defaulting to 1000
[   88.234877][ T7650] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   88.262614][   T29] kauditd_printk_skb: 561 callbacks suppressed
[   88.262629][   T29] audit: type=1400 audit(1756026674.994:5477): avc:  denied  { ioctl } for  pid=7645 comm="syz.5.1510" path="socket:[18092]" dev="sockfs" ino=18092 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   88.302994][ T7650] lo speed is unknown, defaulting to 1000
[   88.321295][ T7652] loop3: detected capacity change from 0 to 2048
[   88.338131][ T7650] lo speed is unknown, defaulting to 1000
[   88.344241][ T7650] lo speed is unknown, defaulting to 1000
[   88.357526][ T7652]  loop3: p1 < > p4
[   88.361885][ T7650] lo speed is unknown, defaulting to 1000
[   88.368440][ T7650] lo speed is unknown, defaulting to 1000
[   88.374859][ T7652] loop3: p4 size 8388608 extends beyond EOD, truncated
[   88.406366][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.418012][ T7659] netlink: 'syz.2.1515': attribute type 4 has an invalid length.
[   88.432991][ T7659] netlink: 'syz.2.1515': attribute type 4 has an invalid length.
[   88.460403][   T29] audit: type=1400 audit(1756026675.184:5478): avc:  denied  { unlink } for  pid=3306 comm="syz-executor" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 dev="tmpfs" ino=1350 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   88.503539][ T7663] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   88.503539][ T7663]    program syz.4.1516 not setting count and/or reply_len properly
[   88.543786][   T29] audit: type=1400 audit(1756026675.274:5479): avc:  denied  { ioctl } for  pid=7666 comm="syz.4.1519" path="socket:[18115]" dev="sockfs" ino=18115 ioctlcmd=0x89a0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   88.579677][ T7667] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1519'.
[   88.588815][ T7667] IPVS: Error joining to the multicast group
[   88.590676][ T7672] loop2: detected capacity change from 0 to 128
[   88.615849][ T7650] 9pnet_fd: Insufficient options for proto=fd
[   88.629252][ T7678] syz.4.1521: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   88.643919][ T7678] CPU: 0 UID: 0 PID: 7678 Comm: syz.4.1521 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   88.643944][ T7678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   88.643956][ T7678] Call Trace:
[   88.643962][ T7678]  <TASK>
[   88.644005][ T7678]  __dump_stack+0x1d/0x30
[   88.644025][ T7678]  dump_stack_lvl+0xe8/0x140
[   88.644041][ T7678]  dump_stack+0x15/0x1b
[   88.644055][ T7678]  warn_alloc+0x12b/0x1a0
[   88.644131][ T7678]  __vmalloc_node_range_noprof+0x9c/0xe00
[   88.644161][ T7678]  ? __futex_wait+0x1ff/0x260
[   88.644187][ T7678]  ? __pfx_futex_wake_mark+0x10/0x10
[   88.644243][ T7678]  ? __rcu_read_unlock+0x4f/0x70
[   88.644264][ T7678]  ? avc_has_perm_noaudit+0x1b1/0x200
[   88.644286][ T7678]  ? should_fail_ex+0x30/0x280
[   88.644302][ T7678]  ? xskq_create+0x36/0xe0
[   88.644405][ T7678]  vmalloc_user_noprof+0x7d/0xb0
[   88.644434][ T7678]  ? xskq_create+0x80/0xe0
[   88.644462][ T7678]  xskq_create+0x80/0xe0
[   88.644515][ T7678]  xsk_init_queue+0x95/0xf0
[   88.644545][ T7678]  xsk_setsockopt+0x477/0x640
[   88.644587][ T7678]  ? __pfx_xsk_setsockopt+0x10/0x10
[   88.644609][ T7678]  __sys_setsockopt+0x184/0x200
[   88.644631][ T7678]  __x64_sys_setsockopt+0x64/0x80
[   88.644653][ T7678]  x64_sys_call+0x20ec/0x2ff0
[   88.644674][ T7678]  do_syscall_64+0xd2/0x200
[   88.644737][ T7678]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   88.644762][ T7678]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   88.644846][ T7678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.644868][ T7678] RIP: 0033:0x7fc21a5debe9
[   88.644948][ T7678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.644971][ T7678] RSP: 002b:00007fc21903f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   88.645003][ T7678] RAX: ffffffffffffffda RBX: 00007fc21a805fa0 RCX: 00007fc21a5debe9
[   88.645014][ T7678] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004
[   88.645027][ T7678] RBP: 00007fc21a661e19 R08: 0000000000000004 R09: 0000000000000000
[   88.645040][ T7678] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[   88.645053][ T7678] R13: 00007fc21a806038 R14: 00007fc21a805fa0 R15: 00007ffd1022b558
[   88.645069][ T7678]  </TASK>
[   88.645080][ T7678] Mem-Info:
[   88.682568][ T7677] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   88.682568][ T7677]    program syz.2.1522 not setting count and/or reply_len properly
[   88.684294][ T7678] active_anon:5652 inactive_anon:216 isolated_anon:0
[   88.684294][ T7678]  active_file:9493 inactive_file:12473 isolated_file:0
[   88.684294][ T7678]  unevictable:0 dirty:217 writeback:0
[   88.684294][ T7678]  slab_reclaimable:3267 slab_unreclaimable:14781
[   88.684294][ T7678]  mapped:29291 shmem:503 pagetables:1406
[   88.684294][ T7678]  sec_pagetables:0 bounce:0
[   88.684294][ T7678]  kernel_misc_reclaimable:0
[   88.684294][ T7678]  free:1804555 free_pcp:90135 free_cma:0
[   88.762195][ T7679] SELinux: failed to load policy
[   88.766372][ T7678] Node 0 active_anon:22724kB inactive_anon:864kB active_file:37972kB inactive_file:49892kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117048kB dirty:868kB writeback:0kB shmem:2012kB kernel_stack:4288kB pagetables:5508kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   88.894759][ T7682] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1523'.
[   88.928645][ T7678] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   88.928720][ T7678] lowmem_reserve[]: 0 2883 7862 7862
[   88.928745][ T7678] Node 0 DMA32 free:2949196kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952828kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB
[   88.933808][ T7682] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1523'.
[   88.935745][   T29] audit: type=1326 audit(1756026675.304:5480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7670 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   88.961169][ T7678] lowmem_reserve[]: 0
[   88.970002][   T29] audit: type=1326 audit(1756026675.304:5481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7670 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   88.998491][ T7678]  0 4978 4978
[   88.998511][ T7678] Node 0 Normal free:4253468kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24580kB inactive_anon:864kB active_file:37972kB inactive_file:49892kB unevictable:0kB writepending:868kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:354976kB local_pcp:105984kB free_cma:0kB
[   89.003819][   T29] audit: type=1400 audit(1756026675.304:5482): avc:  denied  { bind } for  pid=7666 comm="syz.4.1519" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   89.003844][   T29] audit: type=1326 audit(1756026675.304:5483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7670 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   89.033997][ T7678] lowmem_reserve[]:
[   89.042833][   T29] audit: type=1326 audit(1756026675.304:5484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7670 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   89.042854][   T29] audit: type=1326 audit(1756026675.304:5485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7670 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   89.042874][   T29] audit: type=1326 audit(1756026675.304:5486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7670 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   89.066212][ T7678]  0 0 0 0
[   89.249411][ T7678] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   89.262247][ T7678] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 3*16kB (M) 2*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949196kB
[   89.278356][ T7678] Node 0 Normal: 504*4kB (UME) 263*8kB (UM) 55*16kB (UME) 34*32kB (UME) 42*64kB (UME) 47*128kB (UME) 24*256kB (UME) 22*512kB (UME) 99*1024kB (UME) 34*2048kB (UM) 991*4096kB (UM) = 4262344kB
[   89.297452][ T7678] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   89.306839][ T7678] 26914 total pagecache pages
[   89.311531][ T7678] 18 pages in swap cache
[   89.315759][ T7678] Free swap  = 124808kB
[   89.319897][ T7678] Total swap = 124996kB
[   89.324074][ T7678] 2097051 pages RAM
[   89.327861][ T7678] 0 pages HighMem/MovableOnly
[   89.332533][ T7678] 80444 pages reserved
[   89.421861][ T7696] netlink: 'syz.2.1528': attribute type 4 has an invalid length.
[   89.436673][ T7696] netlink: 'syz.2.1528': attribute type 4 has an invalid length.
[   89.494997][ T7698] loop3: detected capacity change from 0 to 764
[   89.502422][ T7698] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   89.525067][ T7698] Symlink component flag not implemented
[   89.541938][ T7698] Symlink component flag not implemented (7)
[   89.588776][ T7718] FAULT_INJECTION: forcing a failure.
[   89.588776][ T7718] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.601947][ T7718] CPU: 0 UID: 0 PID: 7718 Comm: syz.2.1534 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   89.601972][ T7718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   89.601984][ T7718] Call Trace:
[   89.601990][ T7718]  <TASK>
[   89.602048][ T7718]  __dump_stack+0x1d/0x30
[   89.602154][ T7718]  dump_stack_lvl+0xe8/0x140
[   89.602173][ T7718]  dump_stack+0x15/0x1b
[   89.602189][ T7718]  should_fail_ex+0x265/0x280
[   89.602208][ T7718]  should_fail+0xb/0x20
[   89.602221][ T7718]  should_fail_usercopy+0x1a/0x20
[   89.602240][ T7718]  _copy_from_user+0x1c/0xb0
[   89.602343][ T7718]  kstrtouint_from_user+0x69/0xf0
[   89.602440][ T7718]  ? 0xffffffff81000000
[   89.602453][ T7718]  ? selinux_file_permission+0x1e4/0x320
[   89.602474][ T7718]  proc_fail_nth_write+0x50/0x160
[   89.602498][ T7718]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   89.602523][ T7718]  vfs_write+0x269/0x960
[   89.602585][ T7718]  ? vfs_read+0x4e6/0x770
[   89.602610][ T7718]  ? __rcu_read_unlock+0x4f/0x70
[   89.602699][ T7718]  ? __fget_files+0x184/0x1c0
[   89.602777][ T7718]  ksys_write+0xda/0x1a0
[   89.602800][ T7718]  __x64_sys_write+0x40/0x50
[   89.602821][ T7718]  x64_sys_call+0x27fe/0x2ff0
[   89.602842][ T7718]  do_syscall_64+0xd2/0x200
[   89.603030][ T7718]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   89.603054][ T7718]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   89.603086][ T7718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.603107][ T7718] RIP: 0033:0x7fef8ddbd69f
[   89.603150][ T7718] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   89.603168][ T7718] RSP: 002b:00007fef8c806030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   89.603188][ T7718] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fef8ddbd69f
[   89.603228][ T7718] RDX: 0000000000000001 RSI: 00007fef8c8060a0 RDI: 0000000000000004
[   89.603241][ T7718] RBP: 00007fef8c806090 R08: 0000000000000000 R09: 0000000000000000
[   89.603254][ T7718] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   89.603275][ T7718] R13: 00007fef8dfe6128 R14: 00007fef8dfe6090 R15: 00007ffcc717bc98
[   89.603295][ T7718]  </TASK>
[   89.825313][ T7721] loop4: detected capacity change from 0 to 512
[   89.832718][ T7717] loop5: detected capacity change from 0 to 2048
[   89.843993][ T7726] netlink: 'syz.2.1541': attribute type 4 has an invalid length.
[   89.871450][ T7726] netlink: 'syz.2.1541': attribute type 4 has an invalid length.
[   89.898239][ T7721] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.912480][ T7717]  loop5: p1 < > p4
[   89.917017][ T7717] loop5: p4 size 8388608 extends beyond EOD, truncated
[   89.937419][ T7721] ext4 filesystem being mounted at /255/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.979464][ T7748] FAULT_INJECTION: forcing a failure.
[   89.979464][ T7748] name failslab, interval 1, probability 0, space 0, times 0
[   89.992142][ T7748] CPU: 1 UID: 0 PID: 7748 Comm: syz.5.1547 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   89.992170][ T7748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   89.992182][ T7748] Call Trace:
[   89.992188][ T7748]  <TASK>
[   89.992194][ T7748]  __dump_stack+0x1d/0x30
[   89.992215][ T7748]  dump_stack_lvl+0xe8/0x140
[   89.992259][ T7748]  dump_stack+0x15/0x1b
[   89.992275][ T7748]  should_fail_ex+0x265/0x280
[   89.992295][ T7748]  should_failslab+0x8c/0xb0
[   89.992317][ T7748]  kmem_cache_alloc_noprof+0x50/0x310
[   89.992342][ T7748]  ? security_file_alloc+0x32/0x100
[   89.992379][ T7748]  security_file_alloc+0x32/0x100
[   89.992405][ T7748]  init_file+0x5c/0x1d0
[   89.992428][ T7748]  alloc_empty_file+0x8b/0x200
[   89.992454][ T7748]  path_openat+0x68/0x2170
[   89.992496][ T7748]  ? _parse_integer_limit+0x170/0x190
[   89.992518][ T7748]  ? kstrtoull+0x111/0x140
[   89.992589][ T7748]  ? kstrtouint+0x76/0xc0
[   89.992608][ T7748]  do_filp_open+0x109/0x230
[   89.992633][ T7748]  do_sys_openat2+0xa6/0x110
[   89.992662][ T7748]  __x64_sys_openat+0xf2/0x120
[   89.992742][ T7748]  x64_sys_call+0x2e9c/0x2ff0
[   89.992763][ T7748]  do_syscall_64+0xd2/0x200
[   89.992869][ T7748]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   89.992891][ T7748]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   89.992914][ T7748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.992950][ T7748] RIP: 0033:0x7f8127dcebe9
[   89.992965][ T7748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.992981][ T7748] RSP: 002b:00007f812682f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   89.992996][ T7748] RAX: ffffffffffffffda RBX: 00007f8127ff5fa0 RCX: 00007f8127dcebe9
[   89.993020][ T7748] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[   89.993092][ T7748] RBP: 00007f812682f090 R08: 0000000000000000 R09: 0000000000000000
[   89.993105][ T7748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.993117][ T7748] R13: 00007f8127ff6038 R14: 00007f8127ff5fa0 R15: 00007ffc0902c108
[   89.993132][ T7748]  </TASK>
[   90.212539][ T7742] __nla_validate_parse: 2 callbacks suppressed
[   90.212607][ T7742] netlink: 276 bytes leftover after parsing attributes in process `syz.0.1545'.
[   90.274865][ T7753] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1549'.
[   90.311652][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.321152][ T7753] hsr_slave_0: left promiscuous mode
[   90.329679][ T7757] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1548'.
[   90.338835][ T7753] hsr_slave_1: left promiscuous mode
[   90.363978][ T7756] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1551'.
[   90.497240][ T7776] loop5: detected capacity change from 0 to 512
[   90.511187][ T7776] EXT4-fs: Ignoring removed oldalloc option
[   90.537883][ T7776] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.555952][ T7776] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1558: bg 0: block 217: padding at end of block bitmap is not set
[   90.570744][ T7776] EXT4-fs (loop5): Remounting filesystem read-only
[   90.593859][ T6969] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.609917][ T7792] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1563'.
[   90.635160][ T7794] loop5: detected capacity change from 0 to 512
[   90.652095][ T7794] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.669376][ T7794] EXT4-fs (loop5): shut down requested (0)
[   90.714876][ T7802] siw: device registration error -23
[   90.746733][ T7808] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1569'.
[   90.772044][ T6969] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.778533][ T7810] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1570'.
[   90.792227][ T7811] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   90.857190][ T7823] validate_nla: 2 callbacks suppressed
[   90.857205][ T7823] netlink: 'syz.3.1574': attribute type 4 has an invalid length.
[   90.871522][ T3411] lo speed is unknown, defaulting to 1000
[   90.877231][ T3411] syz2: Port: 1 Link DOWN
[   90.883244][ T7823] netlink: 'syz.3.1574': attribute type 4 has an invalid length.
[   90.892215][   T10] lo speed is unknown, defaulting to 1000
[   90.897944][   T10] syz2: Port: 1 Link ACTIVE
[   91.124857][ T7838] FAULT_INJECTION: forcing a failure.
[   91.124857][ T7838] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.137983][ T7838] CPU: 1 UID: 0 PID: 7838 Comm: syz.3.1582 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.138007][ T7838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   91.138017][ T7838] Call Trace:
[   91.138023][ T7838]  <TASK>
[   91.138058][ T7838]  __dump_stack+0x1d/0x30
[   91.138080][ T7838]  dump_stack_lvl+0xe8/0x140
[   91.138171][ T7838]  dump_stack+0x15/0x1b
[   91.138233][ T7838]  should_fail_ex+0x265/0x280
[   91.138251][ T7838]  should_fail+0xb/0x20
[   91.138265][ T7838]  should_fail_usercopy+0x1a/0x20
[   91.138287][ T7838]  _copy_to_user+0x20/0xa0
[   91.138314][ T7838]  simple_read_from_buffer+0xb5/0x130
[   91.138356][ T7838]  proc_fail_nth_read+0x10e/0x150
[   91.138383][ T7838]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   91.138405][ T7838]  vfs_read+0x1a8/0x770
[   91.138447][ T7838]  ? __rcu_read_unlock+0x4f/0x70
[   91.138467][ T7838]  ? __fget_files+0x184/0x1c0
[   91.138494][ T7838]  ksys_read+0xda/0x1a0
[   91.138512][ T7838]  __x64_sys_read+0x40/0x50
[   91.138592][ T7838]  x64_sys_call+0x27bc/0x2ff0
[   91.138613][ T7838]  do_syscall_64+0xd2/0x200
[   91.138645][ T7838]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.138728][ T7838]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   91.138826][ T7838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.138913][ T7838] RIP: 0033:0x7f08ff65d5fc
[   91.138926][ T7838] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   91.138940][ T7838] RSP: 002b:00007f08fe0bf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   91.138992][ T7838] RAX: ffffffffffffffda RBX: 00007f08ff885fa0 RCX: 00007f08ff65d5fc
[   91.139004][ T7838] RDX: 000000000000000f RSI: 00007f08fe0bf0a0 RDI: 0000000000000004
[   91.139017][ T7838] RBP: 00007f08fe0bf090 R08: 0000000000000000 R09: 0000000000000000
[   91.139029][ T7838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.139099][ T7838] R13: 00007f08ff886038 R14: 00007f08ff885fa0 R15: 00007fff4b82c8b8
[   91.139116][ T7838]  </TASK>
[   91.350236][ T7840] bridge1: entered promiscuous mode
[   91.356730][ T7840] process 'syz.0.1581' launched './file0' with NULL argv: empty string added
[   91.401523][ T7842] program syz.4.1584 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   91.433699][ T7848] FAULT_INJECTION: forcing a failure.
[   91.433699][ T7848] name failslab, interval 1, probability 0, space 0, times 0
[   91.446537][ T7848] CPU: 1 UID: 0 PID: 7848 Comm: syz.4.1586 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.446562][ T7848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   91.446604][ T7848] Call Trace:
[   91.446611][ T7848]  <TASK>
[   91.446618][ T7848]  __dump_stack+0x1d/0x30
[   91.446639][ T7848]  dump_stack_lvl+0xe8/0x140
[   91.446659][ T7848]  dump_stack+0x15/0x1b
[   91.446673][ T7848]  should_fail_ex+0x265/0x280
[   91.446695][ T7848]  should_failslab+0x8c/0xb0
[   91.446777][ T7848]  __kmalloc_noprof+0xa5/0x3e0
[   91.446808][ T7848]  ? bpf_test_init+0xa9/0x160
[   91.446870][ T7848]  bpf_test_init+0xa9/0x160
[   91.446886][ T7848]  bpf_prog_test_run_nf+0x186/0x560
[   91.446903][ T7848]  ? __rcu_read_unlock+0x4f/0x70
[   91.446928][ T7848]  ? __pfx_bpf_prog_test_run_nf+0x10/0x10
[   91.447006][ T7848]  bpf_prog_test_run+0x22a/0x390
[   91.447031][ T7848]  __sys_bpf+0x4b9/0x7b0
[   91.447060][ T7848]  __x64_sys_bpf+0x41/0x50
[   91.447080][ T7848]  x64_sys_call+0x2aea/0x2ff0
[   91.447100][ T7848]  do_syscall_64+0xd2/0x200
[   91.447217][ T7848]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.447258][ T7848]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   91.447283][ T7848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.447304][ T7848] RIP: 0033:0x7fc21a5debe9
[   91.447320][ T7848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.447337][ T7848] RSP: 002b:00007fc21903f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   91.447372][ T7848] RAX: ffffffffffffffda RBX: 00007fc21a805fa0 RCX: 00007fc21a5debe9
[   91.447384][ T7848] RDX: 0000000000000050 RSI: 0000200000000580 RDI: 000000000000000a
[   91.447473][ T7848] RBP: 00007fc21903f090 R08: 0000000000000000 R09: 0000000000000000
[   91.447483][ T7848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.447493][ T7848] R13: 00007fc21a806038 R14: 00007fc21a805fa0 R15: 00007ffd1022b558
[   91.447512][ T7848]  </TASK>
[   91.656792][ T7850] netlink: 'syz.3.1587': attribute type 4 has an invalid length.
[   91.673994][ T7850] netlink: 'syz.3.1587': attribute type 4 has an invalid length.
[   91.684054][ T3390] lo speed is unknown, defaulting to 1000
[   91.689777][ T3390] syz2: Port: 1 Link DOWN
[   91.696249][ T3411] lo speed is unknown, defaulting to 1000
[   91.702127][ T3411] syz2: Port: 1 Link ACTIVE
[   91.777384][ T7856] netlink: 'syz.3.1590': attribute type 1 has an invalid length.
[   91.794809][ T7865] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1591'.
[   91.805884][ T7867] loop3: detected capacity change from 0 to 2048
[   91.831453][ T7867]  loop3: p1 < > p4
[   91.838369][ T7867] loop3: p4 size 8388608 extends beyond EOD, truncated
[   91.847003][ T7867] FAULT_INJECTION: forcing a failure.
[   91.847003][ T7867] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.860086][ T7867] CPU: 0 UID: 0 PID: 7867 Comm: syz.3.1592 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.860212][ T7867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   91.860224][ T7867] Call Trace:
[   91.860232][ T7867]  <TASK>
[   91.860240][ T7867]  __dump_stack+0x1d/0x30
[   91.860261][ T7867]  dump_stack_lvl+0xe8/0x140
[   91.860295][ T7867]  dump_stack+0x15/0x1b
[   91.860311][ T7867]  should_fail_ex+0x265/0x280
[   91.860346][ T7867]  should_fail+0xb/0x20
[   91.860363][ T7867]  should_fail_usercopy+0x1a/0x20
[   91.860385][ T7867]  _copy_to_user+0x20/0xa0
[   91.860412][ T7867]  simple_read_from_buffer+0xb5/0x130
[   91.860509][ T7867]  proc_fail_nth_read+0x10e/0x150
[   91.860535][ T7867]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   91.860567][ T7867]  vfs_read+0x1a8/0x770
[   91.860587][ T7867]  ? __rcu_read_unlock+0x4f/0x70
[   91.860680][ T7867]  ? __fget_files+0x184/0x1c0
[   91.860702][ T7867]  ksys_read+0xda/0x1a0
[   91.860790][ T7867]  __x64_sys_read+0x40/0x50
[   91.860807][ T7867]  x64_sys_call+0x27bc/0x2ff0
[   91.860865][ T7867]  do_syscall_64+0xd2/0x200
[   91.860891][ T7867]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.860995][ T7867]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   91.861019][ T7867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.861084][ T7867] RIP: 0033:0x7f08ff65d5fc
[   91.861110][ T7867] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   91.861150][ T7867] RSP: 002b:00007f08fe0bf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   91.861166][ T7867] RAX: ffffffffffffffda RBX: 00007f08ff885fa0 RCX: 00007f08ff65d5fc
[   91.861176][ T7867] RDX: 000000000000000f RSI: 00007f08fe0bf0a0 RDI: 0000000000000004
[   91.861189][ T7867] RBP: 00007f08fe0bf090 R08: 0000000000000000 R09: 0000000000000000
[   91.861201][ T7867] R10: 000000000000fecc R11: 0000000000000246 R12: 0000000000000001
[   91.861213][ T7867] R13: 00007f08ff886038 R14: 00007f08ff885fa0 R15: 00007fff4b82c8b8
[   91.861232][ T7867]  </TASK>
[   91.879152][ T7865] loop5: detected capacity change from 0 to 8192
[   91.956371][ T7872] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1589'.
[   92.048745][ T7874] bond_slave_0: entered promiscuous mode
[   92.080247][ T7874] bond_slave_1: entered promiscuous mode
[   92.173628][ T7874] macvlan2: entered allmulticast mode
[   92.179053][ T7874] bond0: entered allmulticast mode
[   92.184197][ T7874] bond_slave_0: entered allmulticast mode
[   92.189917][ T7874] bond_slave_1: entered allmulticast mode
[   92.227060][ T7874] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   92.247610][ T7874] bridge0: port 3(macvlan2) entered blocking state
[   92.254212][ T7874] bridge0: port 3(macvlan2) entered disabled state
[   92.278381][ T7874] macvlan2: entered promiscuous mode
[   92.283717][ T7874] bond0: entered promiscuous mode
[   92.296516][ T7874] bridge0: port 3(macvlan2) entered blocking state
[   92.303103][ T7874] bridge0: port 3(macvlan2) entered forwarding state
[   92.394840][ T7894] netlink: 'syz.4.1599': attribute type 1 has an invalid length.
[   92.409961][ T7901] loop2: detected capacity change from 0 to 512
[   92.410737][ T7894] 8021q: adding VLAN 0 to HW filter on device bond2
[   92.426968][ T7894] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1599'.
[   92.432078][ T7901] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.451354][ T7894] bond2 (unregistering): Released all slaves
[   92.489689][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.727383][ T7915] loop5: detected capacity change from 0 to 512
[   92.743632][ T7915] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   92.761583][ T7915] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.1604: invalid indirect mapped block 4294967295 (level 0)
[   92.776166][ T7915] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.1604: invalid indirect mapped block 4294967295 (level 1)
[   92.790861][ T7915] EXT4-fs (loop5): 1 orphan inode deleted
[   92.796601][ T7915] EXT4-fs (loop5): 1 truncate cleaned up
[   92.804190][ T7915] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.817733][ T7915] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.1604: iget: bad extra_isize 46 (inode size 256)
[   92.890260][ T6969] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.921360][ T3383] usb 9-1: enqueue for inactive port 0
[   92.922501][ T7919] loop3: detected capacity change from 0 to 2048
[   92.932369][ T3383] usb 9-1: enqueue for inactive port 0
[   92.942496][ T7921] loop5: detected capacity change from 0 to 2048
[   92.970898][ T7921]  loop5: p1 < > p4
[   92.975162][ T7921] loop5: p4 size 8388608 extends beyond EOD, truncated
[   92.982207][ T7919]  loop3: p1 < > p4
[   92.990544][ T7919] loop3: p4 size 8388608 extends beyond EOD, truncated
[   93.010647][ T7923] loop5: detected capacity change from 0 to 164
[   93.022122][ T3383] vhci_hcd: vhci_device speed not set
[   93.027629][ T7923] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   93.046899][ T7923] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   93.062877][ T7923] Symlink component flag not implemented
[   93.068534][ T7923] Symlink component flag not implemented
[   93.085362][ T7923] Symlink component flag not implemented (7)
[   93.091410][ T7923] Symlink component flag not implemented (116)
[   93.183168][ T7930] FAULT_INJECTION: forcing a failure.
[   93.183168][ T7930] name failslab, interval 1, probability 0, space 0, times 0
[   93.195863][ T7930] CPU: 1 UID: 0 PID: 7930 Comm: syz.5.1610 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   93.195963][ T7930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   93.195973][ T7930] Call Trace:
[   93.195980][ T7930]  <TASK>
[   93.195988][ T7930]  __dump_stack+0x1d/0x30
[   93.196009][ T7930]  dump_stack_lvl+0xe8/0x140
[   93.196027][ T7930]  dump_stack+0x15/0x1b
[   93.196039][ T7930]  should_fail_ex+0x265/0x280
[   93.196124][ T7930]  should_failslab+0x8c/0xb0
[   93.196153][ T7930]  kmem_cache_alloc_noprof+0x50/0x310
[   93.196177][ T7930]  ? security_inode_alloc+0x37/0x100
[   93.196279][ T7930]  security_inode_alloc+0x37/0x100
[   93.196302][ T7930]  inode_init_always_gfp+0x4b7/0x500
[   93.196324][ T7930]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   93.196345][ T7930]  alloc_inode+0x58/0x170
[   93.196431][ T7930]  new_inode+0x1d/0xe0
[   93.196452][ T7930]  shmem_get_inode+0x244/0x750
[   93.196474][ T7930]  __shmem_file_setup+0x113/0x210
[   93.196528][ T7930]  shmem_file_setup+0x3b/0x50
[   93.196587][ T7930]  __se_sys_memfd_create+0x2c3/0x590
[   93.196616][ T7930]  __x64_sys_memfd_create+0x31/0x40
[   93.196656][ T7930]  x64_sys_call+0x2abe/0x2ff0
[   93.196750][ T7930]  do_syscall_64+0xd2/0x200
[   93.196775][ T7930]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.196798][ T7930]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   93.196822][ T7930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.196842][ T7930] RIP: 0033:0x7f8127dcebe9
[   93.196856][ T7930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.196872][ T7930] RSP: 002b:00007f812682ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   93.196946][ T7930] RAX: ffffffffffffffda RBX: 0000000000000a2f RCX: 00007f8127dcebe9
[   93.196958][ T7930] RDX: 00007f812682eef0 RSI: 0000000000000000 RDI: 00007f8127e527e8
[   93.196970][ T7930] RBP: 0000200000001580 R08: 00007f812682ebb7 R09: 00007f812682ee40
[   93.196982][ T7930] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[   93.196994][ T7930] R13: 00007f812682eef0 R14: 00007f812682eeb0 R15: 0000200000000140
[   93.197057][ T7930]  </TASK>
[   93.296031][   T29] kauditd_printk_skb: 262 callbacks suppressed
[   93.296045][   T29] audit: type=1400 audit(93.277:5745): avc:  denied  { create } for  pid=7940 comm="syz.4.1615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   93.296873][   T29] audit: type=1400 audit(93.277:5746): avc:  denied  { bind } for  pid=7940 comm="syz.4.1615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   93.297178][   T29] audit: type=1400 audit(93.277:5747): avc:  denied  { ioctl } for  pid=7940 comm="syz.4.1615" path="socket:[19574]" dev="sockfs" ino=19574 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   93.321651][   T29] audit: type=1400 audit(93.307:5748): avc:  denied  { unmount } for  pid=7936 comm="syz.5.1613" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   93.562300][   T29] audit: type=1400 audit(93.547:5749): avc:  denied  { create } for  pid=7955 comm="syz.2.1618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   93.581469][   T29] audit: type=1400 audit(93.547:5750): avc:  denied  { write } for  pid=7955 comm="syz.2.1618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   93.689709][   T29] audit: type=1400 audit(93.667:5751): avc:  denied  { add_name } for  pid=7958 comm="syz.0.1619" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   93.713616][   T29] audit: type=1400 audit(93.667:5752): avc:  denied  { create } for  pid=7958 comm="syz.0.1619" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   93.733490][   T29] audit: type=1400 audit(93.667:5753): avc:  denied  { associate } for  pid=7958 comm="syz.0.1619" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   93.758222][   T29] audit: type=1400 audit(93.737:5754): avc:  denied  { map } for  pid=7961 comm="syz.2.1621" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   93.848369][ T7975] netlink: 'syz.5.1625': attribute type 4 has an invalid length.
[   93.866355][ T7975] netlink: 'syz.5.1625': attribute type 4 has an invalid length.
[   93.893288][ T7978] netlink: 'syz.4.1626': attribute type 1 has an invalid length.
[   93.906486][ T7978] 8021q: adding VLAN 0 to HW filter on device bond2
[   93.923523][ T7978] bond2 (unregistering): Released all slaves
[   93.996956][ T7985] siw: device registration error -23
[   94.033023][ T7985] loop4: detected capacity change from 0 to 2048
[   94.061107][ T7985]  loop4: p1 < > p4
[   94.065830][ T7985] loop4: p4 size 8388608 extends beyond EOD, truncated
[   94.080240][ T7996] loop2: detected capacity change from 0 to 164
[   94.087476][ T7996] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[   94.101918][ T7985] 9pnet_fd: Insufficient options for proto=fd
[   94.108796][ T7996] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[   94.125922][ T7996] iso9660: Corrupted directory entry in block 4 of inode 1792
[   94.166433][ T8001] serio: Serial port ptm0
[   94.186886][ T8007] loop3: detected capacity change from 0 to 256
[   94.197968][ T8010] syzkaller1: entered promiscuous mode
[   94.203852][ T8010] syzkaller1: entered allmulticast mode
[   94.252643][ T8016] netlink: 'syz.3.1643': attribute type 1 has an invalid length.
[   94.267326][ T8016] 8021q: adding VLAN 0 to HW filter on device bond2
[   94.294739][ T8016] bond2 (unregistering): Released all slaves
[   94.341081][ T8026] 9pnet_fd: Insufficient options for proto=fd
[   94.379988][ T8030] 8021q: adding VLAN 0 to HW filter on device bond2
[   94.457719][ T8030] bond2 (unregistering): Released all slaves
[   94.544160][ T8053] $Hÿ: renamed from bond0 (while UP)
[   94.553732][ T8053] $Hÿ: entered promiscuous mode
[   94.558764][ T8053] bond_slave_0: entered promiscuous mode
[   94.565127][ T8053] bond_slave_1: entered promiscuous mode
[   94.810215][ T8089] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   94.827348][ T8091] loop2: detected capacity change from 0 to 512
[   94.841966][ T8091] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.1671: iget: bad extended attribute block 1
[   94.856754][ T8091] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1671: couldn't read orphan inode 15 (err -117)
[   94.877754][ T8095] 0ªî{X¹¦: left allmulticast mode
[   94.883536][ T8095] 0ªî{X¹¦: refused to change device tx_queue_len
[   94.893822][ T8095] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   94.918748][ T8099] loop2: detected capacity change from 0 to 1024
[   94.926450][ T8099] EXT4-fs: Mount option(s) incompatible with ext2
[   94.941373][ T8099] loop2: detected capacity change from 0 to 1024
[   94.972083][ T8099] FAULT_INJECTION: forcing a failure.
[   94.972083][ T8099] name failslab, interval 1, probability 0, space 0, times 0
[   94.984887][ T8099] CPU: 0 UID: 0 PID: 8099 Comm: syz.2.1676 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.984992][ T8099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   94.985003][ T8099] Call Trace:
[   94.985009][ T8099]  <TASK>
[   94.985015][ T8099]  __dump_stack+0x1d/0x30
[   94.985033][ T8099]  dump_stack_lvl+0xe8/0x140
[   94.985049][ T8099]  dump_stack+0x15/0x1b
[   94.985132][ T8099]  should_fail_ex+0x265/0x280
[   94.985152][ T8099]  should_failslab+0x8c/0xb0
[   94.985232][ T8099]  __kvmalloc_node_noprof+0x123/0x4e0
[   94.985259][ T8099]  ? nf_tables_newset+0xdde/0x14e0
[   94.985328][ T8099]  nf_tables_newset+0xdde/0x14e0
[   94.985360][ T8099]  nfnetlink_rcv+0xb96/0x1690
[   94.985420][ T8099]  netlink_unicast+0x5bd/0x690
[   94.985471][ T8099]  netlink_sendmsg+0x58b/0x6b0
[   94.985490][ T8099]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.985509][ T8099]  __sock_sendmsg+0x145/0x180
[   94.985627][ T8099]  ____sys_sendmsg+0x31e/0x4e0
[   94.985658][ T8099]  ___sys_sendmsg+0x17b/0x1d0
[   94.985689][ T8099]  __x64_sys_sendmsg+0xd4/0x160
[   94.985759][ T8099]  x64_sys_call+0x191e/0x2ff0
[   94.985785][ T8099]  do_syscall_64+0xd2/0x200
[   94.985809][ T8099]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.985833][ T8099]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   94.985860][ T8099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.985882][ T8099] RIP: 0033:0x7fef8ddbebe9
[   94.985895][ T8099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.985909][ T8099] RSP: 002b:00007fef8c827038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.985999][ T8099] RAX: ffffffffffffffda RBX: 00007fef8dfe5fa0 RCX: 00007fef8ddbebe9
[   94.986012][ T8099] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 000000000000000a
[   94.986025][ T8099] RBP: 00007fef8c827090 R08: 0000000000000000 R09: 0000000000000000
[   94.986037][ T8099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   94.986050][ T8099] R13: 00007fef8dfe6038 R14: 00007fef8dfe5fa0 R15: 00007ffcc717bc98
[   94.986131][ T8099]  </TASK>
[   95.225919][ T8110] SELinux:  Context system_u:object_r:selinux_config_t:s0 is not valid (left unmapped).
[   95.420123][ T8128] veth0_vlan: entered allmulticast mode
[   95.441271][ T8130] __nla_validate_parse: 13 callbacks suppressed
[   95.441287][ T8130] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1686'.
[   95.496252][ T8134] FAULT_INJECTION: forcing a failure.
[   95.496252][ T8134] name failslab, interval 1, probability 0, space 0, times 0
[   95.509107][ T8134] CPU: 1 UID: 0 PID: 8134 Comm: syz.4.1688 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   95.509136][ T8134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   95.509146][ T8134] Call Trace:
[   95.509152][ T8134]  <TASK>
[   95.509159][ T8134]  __dump_stack+0x1d/0x30
[   95.509229][ T8134]  dump_stack_lvl+0xe8/0x140
[   95.509272][ T8134]  dump_stack+0x15/0x1b
[   95.509288][ T8134]  should_fail_ex+0x265/0x280
[   95.509309][ T8134]  should_failslab+0x8c/0xb0
[   95.509330][ T8134]  kmem_cache_alloc_node_noprof+0x57/0x320
[   95.509406][ T8134]  ? __alloc_skb+0x101/0x320
[   95.509432][ T8134]  __alloc_skb+0x101/0x320
[   95.509463][ T8134]  netlink_alloc_large_skb+0xba/0xf0
[   95.509517][ T8134]  netlink_sendmsg+0x3cf/0x6b0
[   95.509536][ T8134]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.509558][ T8134]  __sock_sendmsg+0x145/0x180
[   95.509632][ T8134]  ____sys_sendmsg+0x31e/0x4e0
[   95.509655][ T8134]  ___sys_sendmsg+0x17b/0x1d0
[   95.509689][ T8134]  __x64_sys_sendmsg+0xd4/0x160
[   95.509736][ T8134]  x64_sys_call+0x191e/0x2ff0
[   95.509755][ T8134]  do_syscall_64+0xd2/0x200
[   95.509777][ T8134]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.509860][ T8134]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   95.509884][ T8134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.509905][ T8134] RIP: 0033:0x7fc21a5debe9
[   95.509920][ T8134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.509934][ T8134] RSP: 002b:00007fc21903f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.509968][ T8134] RAX: ffffffffffffffda RBX: 00007fc21a805fa0 RCX: 00007fc21a5debe9
[   95.509981][ T8134] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[   95.509993][ T8134] RBP: 00007fc21903f090 R08: 0000000000000000 R09: 0000000000000000
[   95.510005][ T8134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.510016][ T8134] R13: 00007fc21a806038 R14: 00007fc21a805fa0 R15: 00007ffd1022b558
[   95.510034][ T8134]  </TASK>
[   95.934247][ T8157] validate_nla: 4 callbacks suppressed
[   95.934263][ T8157] netlink: 'syz.5.1696': attribute type 1 has an invalid length.
[   95.963633][ T8157] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.984075][ T8157] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1696'.
[   96.004337][ T8157] bond0 (unregistering): Released all slaves
[   96.134657][ T8169] netlink: 'syz.2.1700': attribute type 4 has an invalid length.
[   96.171171][ T8169] netlink: 'syz.2.1700': attribute type 4 has an invalid length.
[   96.179728][ T8171] lo speed is unknown, defaulting to 1000
[   96.189210][ T8171] lo speed is unknown, defaulting to 1000
[   96.465536][ T8195] netlink: 'syz.2.1710': attribute type 4 has an invalid length.
[   96.506086][ T8195] netlink: 'syz.2.1710': attribute type 4 has an invalid length.
[   96.670162][ T8210] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1717'.
[   96.731392][ T8213] 9p: Unknown access argument 00000000000000000000:›8%B{J4: -22
[   96.789900][ T8218] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1718'.
[   96.808067][ T8217] loop2: detected capacity change from 0 to 2048
[   96.843936][ T8220] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   96.843936][ T8220]    program syz.0.1720 not setting count and/or reply_len properly
[   96.891562][ T8222] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1721'.
[   96.900501][ T8222] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1721'.
[   96.923813][ T8217] EXT4-fs mount: 2 callbacks suppressed
[   96.923828][ T8217] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.051137][ T3310] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   97.054573][ T8238] FAULT_INJECTION: forcing a failure.
[   97.054573][ T8238] name failslab, interval 1, probability 0, space 0, times 0
[   97.078256][ T8238] CPU: 0 UID: 0 PID: 8238 Comm: syz.0.1722 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   97.078281][ T8238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   97.078291][ T8238] Call Trace:
[   97.078297][ T8238]  <TASK>
[   97.078304][ T8238]  __dump_stack+0x1d/0x30
[   97.078429][ T8238]  dump_stack_lvl+0xe8/0x140
[   97.078524][ T8238]  dump_stack+0x15/0x1b
[   97.078540][ T8238]  should_fail_ex+0x265/0x280
[   97.078557][ T8238]  should_failslab+0x8c/0xb0
[   97.078595][ T3310] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   97.078578][ T8238]  kmem_cache_alloc_noprof+0x50/0x310
[   97.078635][ T8238]  ? audit_log_start+0x365/0x6c0
[   97.078718][ T8238]  audit_log_start+0x365/0x6c0
[   97.078810][ T8238]  audit_seccomp+0x48/0x100
[   97.078885][ T8238]  ? __seccomp_filter+0x68c/0x10d0
[   97.078906][ T8238]  __seccomp_filter+0x69d/0x10d0
[   97.078926][ T8238]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   97.078955][ T8238]  ? vfs_write+0x7e8/0x960
[   97.079017][ T8238]  ? __rcu_read_unlock+0x4f/0x70
[   97.079037][ T8238]  ? __fget_files+0x184/0x1c0
[   97.079061][ T8238]  __secure_computing+0x82/0x150
[   97.079121][ T8238]  syscall_trace_enter+0xcf/0x1e0
[   97.079143][ T8238]  do_syscall_64+0xac/0x200
[   97.079212][ T8238]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.079234][ T8238]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.079260][ T8238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.079279][ T8238] RIP: 0033:0x7ff0b0a7ebe9
[   97.079294][ T8238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.079350][ T8238] RSP: 002b:00007ff0af4be038 EFLAGS: 00000246 ORIG_RAX: 00000000000001cd
[   97.079368][ T8238] RAX: ffffffffffffffda RBX: 00007ff0b0ca6090 RCX: 00007ff0b0a7ebe9
[   97.079428][ T8238] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000200000000000
[   97.079440][ T8238] RBP: 00007ff0af4be090 R08: 0000000000000000 R09: 0000000000000000
[   97.079452][ T8238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.079464][ T8238] R13: 00007ff0b0ca6128 R14: 00007ff0b0ca6090 R15: 00007ffcd9bbae68
[   97.079481][ T8238]  </TASK>
[   97.164170][ T8245] 9pnet_fd: Insufficient options for proto=fd
[   97.174899][ T8247] netlink: 'syz.3.1729': attribute type 4 has an invalid length.
[   97.243381][ T8250] netlink: 'syz.3.1729': attribute type 4 has an invalid length.
[   97.277845][ T8240] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1726'.
[   97.326473][   T23] lo speed is unknown, defaulting to 1000
[   97.326997][ T3310] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.332293][   T23] syz2: Port: 1 Link DOWN
[   97.333721][   T23] lo speed is unknown, defaulting to 1000
[   97.351363][   T23] syz2: Port: 1 Link ACTIVE
[   97.390110][ T8240] loop4: detected capacity change from 0 to 8192
[   97.512613][ T8271] loop5: detected capacity change from 0 to 256
[   97.541646][ T8273] netlink: 'syz.5.1739': attribute type 4 has an invalid length.
[   97.553873][ T8273] netlink: 'syz.5.1739': attribute type 4 has an invalid length.
[   97.574204][ T8274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1737'.
[   97.588638][ T8274] macsec1: entered promiscuous mode
[   97.594042][ T8274] veth1_to_hsr: entered promiscuous mode
[   97.599861][ T8274] macsec1: entered allmulticast mode
[   97.605192][ T8274] veth1_to_hsr: entered allmulticast mode
[   97.621700][ T8274] veth1_to_hsr: left allmulticast mode
[   97.627191][ T8274] veth1_to_hsr: left promiscuous mode
[   97.758285][ T8283] batman_adv: batadv0: Adding interface: dummy0
[   97.764862][ T8283] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.790325][ T8283] batman_adv: batadv0: Interface activated: dummy0
[   97.800221][ T8283] batadv0: mtu less than device minimum
[   97.806150][ T8283] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   97.816763][ T8283] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   97.827496][ T8283] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   97.838133][ T8283] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   97.848866][ T8283] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   97.859492][ T8283] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   97.870112][ T8283] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   97.880960][ T8283] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   97.951079][ T8291] FAULT_INJECTION: forcing a failure.
[   97.951079][ T8291] name failslab, interval 1, probability 0, space 0, times 0
[   97.963801][ T8291] CPU: 1 UID: 0 PID: 8291 Comm: syz.4.1744 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   97.963895][ T8291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   97.963905][ T8291] Call Trace:
[   97.963910][ T8291]  <TASK>
[   97.963916][ T8291]  __dump_stack+0x1d/0x30
[   97.963935][ T8291]  dump_stack_lvl+0xe8/0x140
[   97.964076][ T8291]  dump_stack+0x15/0x1b
[   97.964135][ T8291]  should_fail_ex+0x265/0x280
[   97.964156][ T8291]  should_failslab+0x8c/0xb0
[   97.964178][ T8291]  __kmalloc_noprof+0xa5/0x3e0
[   97.964227][ T8291]  ? process_preds+0x30a/0x2bb0
[   97.964247][ T8291]  process_preds+0x30a/0x2bb0
[   97.964264][ T8291]  ? terminate_walk+0x27f/0x2a0
[   97.964289][ T8291]  ? path_openat+0x1bf8/0x2170
[   97.964364][ T8291]  ? avc_has_perm_noaudit+0x1b1/0x200
[   97.964457][ T8291]  ? should_fail_ex+0xdb/0x280
[   97.964476][ T8291]  ? ftrace_profile_set_filter+0xc2/0x1b0
[   97.964571][ T8291]  ? should_failslab+0x8c/0xb0
[   97.964654][ T8291]  ? __kmalloc_cache_noprof+0x189/0x320
[   97.964759][ T8291]  ftrace_profile_set_filter+0xff/0x1b0
[   97.964789][ T8291]  perf_ioctl+0x7b3/0x12e0
[   97.964815][ T8291]  ? ioctl_has_perm+0x289/0x2a0
[   97.964956][ T8291]  ? do_vfs_ioctl+0x866/0xe10
[   97.964972][ T8291]  ? selinux_file_ioctl+0x308/0x3a0
[   97.965047][ T8291]  ? __fget_files+0x184/0x1c0
[   97.965069][ T8291]  ? __pfx_perf_ioctl+0x10/0x10
[   97.965147][ T8291]  __se_sys_ioctl+0xcb/0x140
[   97.965173][ T8291]  __x64_sys_ioctl+0x43/0x50
[   97.965268][ T8291]  x64_sys_call+0x1816/0x2ff0
[   97.965288][ T8291]  do_syscall_64+0xd2/0x200
[   97.965313][ T8291]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.965334][ T8291]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   97.965375][ T8291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.965394][ T8291] RIP: 0033:0x7fc21a5debe9
[   97.965408][ T8291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.965424][ T8291] RSP: 002b:00007fc21903f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.965443][ T8291] RAX: ffffffffffffffda RBX: 00007fc21a805fa0 RCX: 00007fc21a5debe9
[   97.965454][ T8291] RDX: 0000200000000340 RSI: 0000000040082406 RDI: 0000000000000003
[   97.965531][ T8291] RBP: 00007fc21903f090 R08: 0000000000000000 R09: 0000000000000000
[   97.965541][ T8291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.965613][ T8291] R13: 00007fc21a806038 R14: 00007fc21a805fa0 R15: 00007ffd1022b558
[   97.965629][ T8291]  </TASK>
[   98.228676][ T8293] netlink: 'syz.0.1745': attribute type 10 has an invalid length.
[   98.289213][ T8308] program syz.4.1749 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   98.300804][   T29] kauditd_printk_skb: 533 callbacks suppressed
[   98.300819][   T29] audit: type=1400 audit(98.287:6286): avc:  denied  { connect } for  pid=8305 comm="syz.4.1749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   98.326993][   T29] audit: type=1400 audit(98.287:6287): avc:  denied  { setopt } for  pid=8305 comm="syz.4.1749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   98.345800][   T29] audit: type=1400 audit(98.287:6288): avc:  denied  { ioctl } for  pid=8305 comm="syz.4.1749" path="socket:[21015]" dev="sockfs" ino=21015 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   98.373025][ T8314] FAULT_INJECTION: forcing a failure.
[   98.373025][ T8314] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.373049][ T8314] CPU: 1 UID: 0 PID: 8314 Comm: syz.2.1752 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   98.373183][ T8314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   98.373195][ T8314] Call Trace:
[   98.373201][ T8314]  <TASK>
[   98.373207][ T8314]  __dump_stack+0x1d/0x30
[   98.373286][ T8314]  dump_stack_lvl+0xe8/0x140
[   98.373303][ T8314]  dump_stack+0x15/0x1b
[   98.373378][ T8314]  should_fail_ex+0x265/0x280
[   98.373395][ T8314]  should_fail+0xb/0x20
[   98.373409][ T8314]  should_fail_usercopy+0x1a/0x20
[   98.373435][ T8314]  _copy_from_iter+0xd2/0xe80
[   98.373527][ T8314]  ? __build_skb_around+0x1a0/0x200
[   98.373557][ T8314]  ? __alloc_skb+0x223/0x320
[   98.373582][ T8314]  netlink_sendmsg+0x471/0x6b0
[   98.373604][ T8314]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.373690][ T8314]  __sock_sendmsg+0x145/0x180
[   98.373727][ T8314]  ____sys_sendmsg+0x31e/0x4e0
[   98.373747][ T8314]  ___sys_sendmsg+0x17b/0x1d0
[   98.373818][ T8314]  __x64_sys_sendmsg+0xd4/0x160
[   98.373870][ T8314]  x64_sys_call+0x191e/0x2ff0
[   98.373886][ T8314]  do_syscall_64+0xd2/0x200
[   98.373913][ T8314]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.373934][ T8314]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   98.374011][ T8314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.374028][ T8314] RIP: 0033:0x7fef8ddbebe9
[   98.374040][ T8314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.374056][ T8314] RSP: 002b:00007fef8c827038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   98.374075][ T8314] RAX: ffffffffffffffda RBX: 00007fef8dfe5fa0 RCX: 00007fef8ddbebe9
[   98.374110][ T8314] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006
[   98.374121][ T8314] RBP: 00007fef8c827090 R08: 0000000000000000 R09: 0000000000000000
[   98.374131][ T8314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.374142][ T8314] R13: 00007fef8dfe6038 R14: 00007fef8dfe5fa0 R15: 00007ffcc717bc98
[   98.374177][ T8314]  </TASK>
[   98.397159][ T8313] loop4: detected capacity change from 0 to 2048
[   98.419663][   T29] audit: type=1400 audit(98.397:6289): avc:  denied  { mount } for  pid=8312 comm="syz.0.1753" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   98.419846][ T8315] 9pnet_fd: Insufficient options for proto=fd
[   98.459210][ T8307] loop5: detected capacity change from 0 to 1024
[   98.660024][   T29] audit: type=1326 audit(98.637:6290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8318 comm="syz.2.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   98.682864][   T29] audit: type=1326 audit(98.637:6291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8318 comm="syz.2.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   98.746131][   T29] audit: type=1326 audit(98.667:6292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8318 comm="syz.2.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   98.768899][   T29] audit: type=1326 audit(98.667:6293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8318 comm="syz.2.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   98.791726][   T29] audit: type=1326 audit(98.667:6294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8318 comm="syz.2.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   98.814627][   T29] audit: type=1326 audit(98.667:6295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8318 comm="syz.2.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef8ddbebe9 code=0x7ffc0000
[   98.873841][ T8307] ==================================================================
[   98.881939][ T8307] BUG: KCSAN: data-race in shmem_fallocate / shmem_fault
[   98.888958][ T8307] 
[   98.891274][ T8307] write to 0xffff88811aa5f440 of 8 bytes by task 8311 on cpu 0:
[   98.898887][ T8307]  shmem_fallocate+0x221/0x840
[   98.903638][ T8307]  vfs_fallocate+0x3b3/0x400
[   98.908216][ T8307]  madvise_vma_behavior+0x192d/0x1cf0
[   98.913581][ T8307]  madvise_do_behavior+0x5b7/0x970
[   98.918717][ T8307]  do_madvise+0x10e/0x190
[   98.923057][ T8307]  __x64_sys_madvise+0x64/0x80
[   98.927813][ T8307]  x64_sys_call+0x1f1a/0x2ff0
[   98.932477][ T8307]  do_syscall_64+0xd2/0x200
[   98.936966][ T8307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.942848][ T8307] 
[   98.945152][ T8307] read to 0xffff88811aa5f440 of 8 bytes by task 8307 on cpu 1:
[   98.952673][ T8307]  shmem_fault+0x90/0x250
[   98.956992][ T8307]  __do_fault+0xb9/0x200
[   98.961230][ T8307]  handle_mm_fault+0xf78/0x2c20
[   98.966080][ T8307]  __get_user_pages+0x102e/0x1fa0
[   98.971100][ T8307]  __mm_populate+0x243/0x3a0
[   98.975675][ T8307]  vm_mmap_pgoff+0x232/0x2e0
[   98.980250][ T8307]  ksys_mmap_pgoff+0xc2/0x310
[   98.984914][ T8307]  x64_sys_call+0x14a3/0x2ff0
[   98.989576][ T8307]  do_syscall_64+0xd2/0x200
[   98.994068][ T8307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.999945][ T8307] 
[   99.002289][ T8307] value changed: 0x0000000000000000 -> 0xffffc900017d7b58
[   99.009372][ T8307] 
[   99.011676][ T8307] Reported by Kernel Concurrency Sanitizer on:
[   99.017807][ T8307] CPU: 1 UID: 0 PID: 8307 Comm: syz.5.1750 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   99.027510][ T8307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   99.037545][ T8307] ==================================================================
[   99.103039][ T8336] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1761'.
[   99.114542][ T8336] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1761'.