last executing test programs:

5.791662197s ago: executing program 3 (id=1924):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0xc810}, 0x40800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000", @ANYRES32], 0x4c}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x206, &(0x7f0000000200)=<r4=>0x0)
r5 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
io_submit(r4, 0x2, &(0x7f0000000140)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x5}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x5, 0x48f, r5, 0x0, 0x0, 0x0, 0x0, 0x0, r5}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000f00)='kfree\x00', r3}, 0x18)

5.677592178s ago: executing program 3 (id=1925):
r0 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xf71, 0x0, 0x1, 0x10000000}, 0x0, 0x200000000000000, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000001c0)='cpu&\"\"\nt\x00')

5.625714559s ago: executing program 3 (id=1927):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000004, 0x3b071, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58"}, 0x28)
sendmsg$inet(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000240)="6e37cff5b582e082d58cb52ae25a3ca48e8d5284721b4b722d1fd011fc3144e4ceb18b32f825ada6335ca5c677147ab3296581b6b5b819d56f4aa3fe1aaf904aa07b7b748ab54c9b47531624c0ca3cc3e9246587e7cea8af062e15c1c27d8e9d9328114f2bda697decbedc50cc278f543faa13098717d9f379121225b179faeebe79be6a82f1ff403a3bc7990b1cfee9e5a1aaf11b32facecc76bc0ad86f4fa184dd6e451992a564475498a4e85e9484c9a357c0806000"/193, 0xc1}, {&(0x7f0000000340)="5fdbd61342a1560054f74cee82024cacdf79b6be94f99a7aea5b7678644cc1ef33880d4a59cad1fd0852b05064b02335eb6064c24f1ad325e0325bc473c3aeaf6709e5227bca1f7ba283d381d4f64e34fa77c5cac5d0bcf72850aaa9ea7f9144a0e108ae41f51262011dd0a3eb6eaf00da010b18a79f6917d0c25efbf1c56feb59cbcb63f4683c026aa7aa1d65bea9ba31", 0x91}, {0x0}, {&(0x7f0000000c00)="0f1d547dfd011eee5ee96e9f1947841b6080ffadffd0f2ba53588a463cb088900d7ea28302b894feb895cebb0e04004c681955c3a39a1e5ebde1638c8f408cbb197ede5a6779e4582b685db9abb1184d1e4bf53bb5eafcc7d265002aeead4852d157cfb83a10f405c72c51bd99d99ea7f702c9424dfc11f8cfffbd0387c5e7777aa1bf37cbffb95d0daf9ff4df9c2c6ce90807958457888cee2c24153247fda131cdd82b6d71b5cfcf3c09284da02b89e15b78d02e5a0000000000000000000000000000000087a3d04636ad0ce503b63a2efa4a64d8a79bb76f8e92ef18ee30a77c023d2583fa41a3608cccb44cd2c96d0d5df100c4cedb5f85", 0xfa}, {&(0x7f0000000980)="7a60507430110d45fba18e434184c81c9a10404af273af02537863cd4f9b455ba771ca5222198ae07333ef0d2beff796d017427138340fffb1528610600c9b212beee90a7941df2f1e545c3e1f567bedd52b39b7b43f9d229a356cc43023e2eb30577ca2725e6c1ce2e4557d4150b4b68d31203360ee37b0f67dce3d0fa468aed602dc9f641bbacbeac908a860f4d02f22946a5a73f0bd6896b5fb16e75d3437356e3e8307c6d07b767649101165270eb5c82bc6cd3d2c5954f370361578736b68b2d8d891071b5ad1e7ede7372c18df066960ba60b27a4a33fe21f9fb144b71ece5b7c8bc9e290e57eee0a20324adc1f5b03b3dc2ce98624d662686e4065d563bb9ff2e2e5bc7a14c9a90aa35df90f90088d60566db3faf21", 0x119}, {&(0x7f0000001700)="e3fbc9f7e155a6e294f68078cb808c435b48612e93b0d69d1f21fd5564a9f18f996475fb64e12884979b5882a07d51ec37cab390561644521d18773068ad0fc0f6f8df2bb545c05fbfda35eefcf88a020063a2bf6468b302b9831678e59677adb2ec28d0caf29931cf5993e1ce3ba4cf655cf53218d9887589289e133b54050621892724d74ce07d912407878f2a4ec7a10be378467499f110fe42cfa93c4883db8d2c5155a0d94b828405a9de0e8ffae65c255df6ee1e807dd8fa8d384184f735fbc4e62d27f288c6c9c94477590c7ff4eb93131ebb0d6d5dfa82dbafd6a6bd0cc56bc8d7af7e4246389c34a239b98ec85073c76da59b1fe73f14c72c5fa25e77ce2d5849ad97c74e15826752d1d571e6d9377fe1dd1c794795216f2614d25d9a2a019c3f88b59dc971df962e0250e89263a6c3cbaa9f2b0c5d83cffd423c89b83783109d05b53831ba44e31971b5a5444e816b19e16ad69106d8d7339ed0b5707218728ea071db4f59aea059410e48dc0c210eb84552eaa5ff6aa127c9dc3312a6e0bd4eb3eac8bf7b9c4e158fcc69d371246d807fbeabcfb33e9268025d3dd4cdfbdb0e178cdb63493251915b8fcf933b9ac872818fc255fcc6e4d9fcd7cc6e5071928e7f1a5738321897b0d277f0bb661ea6d25d7f6f2b38273561593d62fc363cc77de0352ea0bee8b98ca55474fa1c69d476adb25ae2ab5357008d03c236294544f79039057a5b30d130c2149e755f2b61907e1cd54a56dc53e3c8471e81f83f5e8d97a5474015d24ec97a074394afa27408a73b8e765b79faf100ea3dd0c98fbfa3d113ffe56c0ffd1a30415e82b34cce8289eb6d01ed59fe6a6b0c99a00e4563c0c0c4fecd127fa357c0e12bfed2a1ac23643d91fd4daf12494bd0a8ac520886efe0caea86fe820b1e79b614fec63737d4930508e037ac05fb254fc362b39cd9b341df7d8504a13b8af2055ea1778c6043c119465f79c118e8080941bcbc0c65ba0cb25e1be8de94207dcb3d2863828a6b17f5a37fd64553ecb6d99879e38af6f3b2da109433c0b75faf20de6ee0ae823b17d1462de38d91f6d5292f02276dbf744ff835dee75532659087e91e5c873b321511b7dd74e86813b4ba4a99394559898206e29f149a53acf0483c0a150c5d1a9a050341c3f1822470381408ff787a2486ea81c6128f1b33ab8fb38e4491fd643ef1fb3efa333b5dbc8fb92daf0b957c19513a838355abcf40ddf272d88e2740dc390b94ee82a5b72a1e7c55ff6ee034d8010702dce3de159a34620b5216d3308e0cd64709cd7f4d5b026f4b81d7d43d8acb36c2251ac576b0ca9411e41eb6ba1d1871845ddcd4d95aa876d0baea1a00b59d68a00e191b59f751e54edecbc4aa0df7585e868a055efdb1dee40921d13d55dfb51f1b245ae2b91fad099e510b75b25daac3d2c529b9bdecf5ab6abcbc99c8f2358f60341eec86a4bd6a9cf0df4004124e31a4cc2e2e3c5cf53a90ee16bb4c6c49e9f50c993a8aa575b0b8e018b608f2321bc64afbace952457246dc8a3e4fc9a6c12a7d7d2779e4333072d4ef27d6e0cc2d1a6990a8376dc5dcd488888d9e436b566ecc63fe715b051859119b1399ef9c905fd63874175e5eeab2361bbfe6247921663c4c20bf6db22bf87477886f6778627bd6d5deffd7042c9b12b9a5448ef2425607e7b08fb984239750595e29f8cc241b238531824a6ba35747df767f1ce58403013394ba85a74871660d7e3e479ab54f2163662a9ffd385764bba475f87d56e191a87e1512afa51b41f664425dc0eccb202080327c8160a677054d5430e2af640d4f1bbf1c8e6d38ca007db30e52ae51781d27f5c760797601abecf3622e370f39edacfa7a8559bd1a5a2db1f0eb202f49f84f14231f593baed4ca821886654fbc735350a8e75b9e31493f200bbfb3824cce202f218c216310bb9d9e5621e03fd6df18b8bbf43f5eb29a1e1a7b8eb12bb28228bc536973f70f50b6c4e9663c12e861bc58d376b2a47298fd72f12e8af2970a806db26649be9876f7963fcdec769265a44048e6332e2dcd73b0637b5079c7f3c50e74bc43317f87bcb08bb0d307a9b85eb236dba7b7529be680454a76992d36fd9a8dab504f2a954ab14b40872460df0480845e307df07e80307920e5079196d14bc68e657f5d322265c6b4408b39e6a9c435ed485752cbb51a1bae60c86dd11579db163f453bacb9e34bc1b4c11498ea5dd95e8e7b8e57af0c66100745892cb16ec12dbdaa462487273bdb582a05376797c2732be2dc63e094442556be6ea8faf70e12834b7e724d516e3d6480b07b0b7c255b1c1079cb0809e84017ecd8116abe2d6cad207669a2104c9754fb265f6c7b01c5af50814d9f7f6bab90ba9010daa18c04e886939a6fde3e1e49f3823f41ee338f3ad24625143b01963bb9da90d60045604045ca4066634cf4da26b13b0a246d5f6e7a4d3e6de02aac171053c978cb6562d31b2eda0a4df9a8c54d6f0c35d59fba466208d0d9d8a38e968f0c116ebe05a7f681d74fa778fc9d3b098cc3181bb66ae6ac5ed3b13f4a4ab741bfcea12f6b7e5faf64d109fdb5d1fe812cd3fbb477146da300e021b161a1a2456993adfc0c7e7acf71f39a0dcc53dc27660a5e2ef022d334af9478b70aeb40667a20f6842630acf5e25a16efe6f377cedc969ec158878985f76a65af80a54c9d6d5d7585017f18376aa67cf8f5086f60e527268ddd87a75bf440fabb97b273d2a5d12c343c27e67968225d3575f4fa4c2de3618388e7a21acfd2ba7a9df2a195c2a36f627a55f34a8de492f584bef2dfe95ae2f1fd1f8ca9daf85d8de0567eca0303574667bfff7210224b42180646b32b4cfc7c839b5d58f07ae83ce978ded9006619a5900428f4b051b6a539d6234e4aff0bf34c1602fc52d18dd8fa9b65341a843cef1e5160fa1d80d80a1236b14a4b524f472c6b2bb8296e8960c76398394a916df1e9c503256e14325b3dfc6a4ef123132db25a6dbe375525bc56a13067d2f93f6b4b767a4c24e52c716f87fec09875329d47bce4a0f10f7ad897cdc432b04eb1713466613657ba4fe490faa78f1ab3e309fc4ef98c9696e7bb9b32ee7f7c683697efdd78090d68efa86709c3dd49b7a25bccb368f527db6f950c33208c1c2428b702725211cd2094be97656d1695edacab73cfae2403b176fea2a4345b82f9a77946f945eb1555fa233d30d8cc6a836e02d721500f4cb1ae4f2a9e9ae0220a8b1ac5771e9c99dead7877bbbe04ee3b68b0e149deb9cbb09717e57ea163b5ad4cffcd73c83e06773fed4775e8a3a2fbaee8062ea42a72e9e63bde2d648c55984bf80d79da38eeff0e43a62a6c68122235fb8879d114932c19d951bfd3b9f56a20b069bbe630d7530c8fa203000418114489238d3648ee5350abd01eecd0ca952a049bc9e8b89ca6868f453bcda45462af52137ad0f4e354c6ce5e606b9a2a288036e524b403ebc5860a8ed0e282f8337321d855579900918f1f545cec1df3389e96d39a8ffe94e934f71f922a8af2cca5ce04a0e0af87532114d7cfd014938ee3b51ad3b4d64a918ffda6fe9975563e9159ed189e161849922109b799fa29a0f963fd244f3371cf3995f1446e6d9b9da87ebb5b39c10bfc59036bc248a2c859974a86f3e2d1015ea61bd6d75e8abe979f4a1e5a1ca23763041f44c53feca6f94215a806a0b54cbe2bfe4225e190d85115ce936ad1cab3d63bf7bb84046cce2cc8c5ffb16d82664ad152b0740e1db9005d6dc76cb73902642b072b07371a89540162da838754c9c75e63e18169372219dc576fc781122725064df2dd741736c1549918179f3e0815af04cac9ae5dbe3d55329053e2eb581181dcabbf37b47c379ebe9852a27b7e2d02fea7531d", 0xac9}], 0x6}, 0x40)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
recvfrom$inet6(r0, &(0x7f0000000100)=""/19, 0xfffffffffffffd0c, 0x4, 0x0, 0x0)

4.81878239s ago: executing program 3 (id=1938):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000006c0)={[{@noquota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@noauto_da_alloc}, {@dioread_lock}]}, 0x3, 0x4e1, &(0x7f0000000740)="$eJzs3d9LXNkdAPDvHTWaxFTT9iENNA1tigltZjQ2ifQhtVDap0DT9N1aHUUcHXHGJEoohv4BhdJftE996kuhz6VQ8ieUQmD3fVmWXcJukn3Yh92dZWbubIwZfxHHUefzgeM998fc7/co9zhnzmVuAB3rYkSMR0RXRFyJiIF0eyYtsV4v1eOeP3s4VS1JVCp3P0wiSbc1zpWky9Ppy/oi4hc/i/h18nrc0ura/GShkF9O13PlhaVcaXXt6tzC5Gx+Nr84PjpyY+zm2PWx4X1r662fvPen3/3jp7f++/3770x8cPk31bT6030b27Eb67s8rt70ntrvoqE7Ipb3EuwQ60rb09PuRAAA2JXqe/yvRsS3I+LFX9udDQAAANAKlR/1x6dJRAUAAAA4tjK1e2CTTDa9F6A/Mplstn4P79fjVKZQLJW/N1NcWZyu3ys7GD2ZmblCfji9V3gwepLq+kit/nL92qb10Yg4GxF/GDhZW89OFQvT7f7wAwAAADrE6U3j/48H6uN/AAAA4JgZbHcCAAAAQMsZ/wMAAMDxt+X4P+k+2EQAAACAVvj57dvVUmk8/3r63urKfPHe1el8aT67sDKVnSouL2Vni8XZ2nf2Lex0vkKxuPSDWFx5kCvnS+VcaXVtYqG4slieqD3XeyLvOdEAAABw8M5+6/HbSUSs//BkrVSdSPftYqw+3trsgFbK7O3wpFV5AAevq90JAG3jBl/oXObjgR0G9n/ctL7Hjw0AAIDDYOgbbzT/bz4QjjADeehc5v+hc5n/h85l/h86XO/Oh/RtteN/+5wLAADQMv21kmSy6Vxgf2Qy2WzEmdpjAXqSmblCfjgivhIRbw309FbXR9qdNAAAAAAAAAAAAAAAAAAAAAAAAAAcMZVKEhUAAADgWIvIvJ+kD/IfGrjUv/nzgRPJJwO1ZUTc/9vdPz+YLJeXR6rbP/pye/kv6fZrjS0AAABAOzXG6Y1xPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsp+fPHk41ykHGffrjiBhsFr87+mrLvn8PRMSpF0l0b3hdEhFd+xB//VFEnHs1/noaYbCWWj2LzfEzEXGyRfFjl/FP70N86GSPq/3PePX669l0/WXiYm3Z/PrrTsubenpxq/4v0+j/av1cs/7vzPan7mtUzj/5V27L+I8iznc3738a8ZM37H9/9cu1ta32Vf4eMbTD/59qrFx5YSlXWl27OrcwOZufzS+Ojo7cGLs5dn1sODczV8inP5vG+P03//P5du0/1TR+vf/drv2XXj9db7MYnz158Oxr28S//J3mf/9z28Sv/u6/m/4fqO4fatTX6/WNLvzz/xe2a//0Fu3f6e9/eauTbnLlzm/f3eWhAMABKK2uzU8WCvnlo1GJqL8rPyz5bKycOBxpqByhSlfLQ9xJL/Q9v7y9/RIAALD/Xr7pb3cmAAAAAAAAAAAAAAAAAAAA0Lla/j1nva9+s0Bf+5oKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCtLwIAAP//iB3PCg==")
fsopen(0x0, 0x0)
syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x0, 0x3, 0x8002ae}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x109880})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x2000005, r4}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setgid(0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000006300)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000390000000000000000000000850000004100000085000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r7, r6, 0x25, 0x2}, 0x14)
syz_emit_ethernet(0xe, &(0x7f0000001800)=ANY=[], 0x0)

4.516635785s ago: executing program 3 (id=1945):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000000)={[{@errors_remount}, {@nobh}]}, 0x3, 0x519, &(0x7f0000001300)="$eJzs3c9vI1cdAPDvTOJtsptiFxAqlSgVLcpWsHbS0DZCCMoFTpWAcl9C4kRR7DiKnbKJKkjFf4CQQOLEiQsSfwBS1QN/AKpUCS6IAwIEQrCFA+JHB9ke041jJ6k2yezGn4/04vdmxvN9byy/+eGXmQAm1lMR8VJETEXEsxFRzqeneYrDfuou987d11a7KYkse+WvSST5tMG6uuXpiLiRv20mIr725YhvJsfjtvcPtlYajfpuXq51mju19v7Brc3mykZ9o769tLT4wvKLy88vL2S5+2pnZZD5yZc+/8anv/W723+++e1utT73kSjFUDvOU7/ppd62GOhuo92LCFaAqbw9paIrAgDAmXSP8T8YEZ/oHf+XY6p3NDdkqoiaAQAAAOcl+8Jc/CeJyAAAAIArK42IuUjSaj4WYC7S9Fp+beDDcT1ttNqdT6239rbXuvMiKlFK1zcb9YV8rHAlSkm3vJiPsR2UnxsqL0XEYxHx/fJsr1xdbTXWCr72AQAAAJPixtD5/z/KaS9/uhH/JwAAAAA8uCpjCwAAAMBV4ZQfAAAArr7h8/83CqoHAAAAcCG+8vLL3ZQNnn+99ur+3lbr1Vtr9fZWtbm3Wl1t7e5UN1qtjd49+5qnra/Rau18Jrb37tQ69Xan1t4/uN1s7W13bm8eeQQ2AAAAcIke+/ibv04i4vCzs70U+X0AAY74Q9EVAM7TVNEVAArjLt4wuUpFVwAoXHLKfIN3AADg4Tf/0eO//w+e/+/aAFxtxvoAwOSZjtmiqwAUpGQEIEy0NCI+0M8+Mm6Zsb////KsUbIs4q3yvVNcXwQAgMs110tJWs3PA+YiTavViEcj0kqUkvXNRn0hPz/4Vbn0SLe82HtncuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgL8uSyAAAAIArLSL9U9K7m3/EfPmZueHrA9eSf5bjj3nhR6/84M5Kp7O72J3+t96zvK5FROeH+fTnxj4+DAAAADhvyeHYWf3z9Px18VJrBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAEeOfua6uDdJlx//LFiKiMij8dM73XmShFxPW/JzF9z/uSiJg6h/iHr0fE46PiJ/FulmWVvBbD8dOImL3g+JXephkf/8Y5xIdJ9ma3/3lp1Pcvjad6r6O/f9N5ul/j+780j/x4r58b1f89emxtzZExnnj7Z7Wx8V+PeGJ6dP8z6H+TMfGfPra2f2dZdjzGN75+cDAufvbjiPmR+5/kSKxap7lTa+8f3NpsrmzUN+rbS0uLLyy/uPz88kJtfbNRz/+OjPG9j/383ZPaf31E/N/+pt//ntT+Z8atdMh/375z90P9bGlU/JtPj9z/zsSY+Gm+7/tknu/Onx/kD/v5ez3507eePKn9a2O2/2mf/80ztv/Zr37392dcFAC4BO39g62VRqO+e0Jm5gzLPIyZX8w8ENV4n5nsO/1P7oRlysXV8F9nXrh7tPrelEGrCt+8RzLZpcWaigekyf/PFNotAQAAF+C9g/6iawIAAAAAAAAAAAAAAAAAAACT6zJuJzYc87CYpgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnOh/AQAA///uxuBB")
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)

4.059107421s ago: executing program 3 (id=1966):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000280)=@framed={{}, [@printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x18)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r4)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

3.236367403s ago: executing program 4 (id=1961):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000500000000000000", @ANYRES32, @ANYBLOB="bfd59c1900"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001380)={r0, &(0x7f00000004c0)}, 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r1, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000008085000000040000009582750bf45c6d9a4198f96ba25090fd65b15d1ea4bb07ff5b03b5f437ee5630c33ae9210c43fe541e86ad3fc2743805c48722f24466ee47495ea5015eb7368cf3b26705413bf9d8b70c4f007cc71e10052946d14a7e9ebbac066b161d99d088bdbceb3e54a4766fb2a393db74f147b37eb15156a6dd3175e01effa8c22032bd3f5fef657f56df8133f6b5b7a0e5fca655a2547497665d035bf2023c066fa8cfaf9bda56b7c29c413a104fbb8eb05543"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0xf2cccc7fae7881b8, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='ext4_da_update_reserve_space\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
dup2(r5, r4)
flock(r2, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r6 = inotify_init1(0x800)
unshare(0x22020600)
fcntl$setsig(r6, 0xa, 0xe)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000540)='/sys/power/reserved_size', 0x80001, 0xd1)
writev(r8, &(0x7f0000000940)=[{&(0x7f00000006c0)='\x00', 0x1}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2.984564567s ago: executing program 1 (id=1965):
r0 = syz_open_dev$sg(0x0, 0x0, 0x802)
setregid(0xffffffffffffffff, 0x0)
read(r0, 0x0, 0x0)

2.880902708s ago: executing program 1 (id=1967):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x1, 0x4, 0x17fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xd, 0x0, &(0x7f0000000000)="219a53f271a76d2608004c6588", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

2.644868702s ago: executing program 1 (id=1969):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f0000000f40)=ANY=[@ANYBLOB="61124d00000000006113500000000000bf2000000000000007000000150400003d0301000000000095000f00000000006926000000000000bf67000000000000450700000fff07003506000002000000170600000ee50014bf250000000000005d670000000000006507000006000000070500004c0001000f75000000000000bf54000000000000070400000400f9ff2d4401000000000095000000000000000500000000000000950007000000000001722fabb733a0e757c7c45402000000a2d23da04d1ffc187f9955911aa1a2ba7ba030c7267c2de00435fd253cc0f0d9b2c3127c46b0f4f95345de3188f0d808398d09ee4dc258d726eae098804de25df627a64ab8efde50fd7f1d58d67e684c45e506598bae66ea1a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07e8a4b6e6155cecc13a5ddf4157f2bfab7201112a30274101fceee66eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a44dd9ff4ae730ae9d0ae42d8814a8c96f101df7da839bcdd7b7c33c8cfe74d599543ac604d8dd42fc66cdb79cd09ceeedce1e69f11967919f82b0276c90420d08897ee8514b43533f07132589a0a37110fd8571b1e69251bba35cd06c8bd430aafbecfd33757b7dc4803123e9107e5cceaec2a391f9b9b577295ac3864f6c1e30e6190a055953e18bedd1859acdd15af7209d15950f9195b401e74f8b5210e28d46dde2658b4695d9ac9ce7cbefc164a5454fc4da6104db281e18a8992b9f8c82b895da647e6ea4cb622314c5c48abfd620adf7757c23a31a619edcfb45a402c5fced05e5274e08a313d6c5fdd0a8d36b1a268056e6f7e9a6daa5632cda5ad2a9ebfac980c7db63137c226f71b7eb70c174d885232e522aad0f13b0e5b43d837d040f813d0115387e36f092d9aaafe7afc637d3d107451f4854613cfd43ac63ad6141ddb0311b8c96fef49af414e49be7c23b2e8eb686fbcdd2dab4cbdb02e30e4e1a6c25b2791facac56e4c5dc036c8d80e5c7c206d24603be75850927e02fd4eea168681498d1170478408c43bb90d9df3964b64fee41745f6785419ac8de8788398e3653f34970988866043136ada4771bf8d96eeb0f565d626a3e9089"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x253, 0x10, &(0x7f0000000000), 0x19f, 0x0, 0xffffffffffffffff, 0xffffffffffffff74, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setns(r3, 0x24020000)
syz_clone(0xf5982500, 0x0, 0x0, 0x0, 0x0, 0x0)
fstat(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0xee01, <r5=>0xee00}}, './file0\x00'})
getgroups(0x6, &(0x7f00000000c0)=[0xee00, 0xffffffffffffffff, <r6=>0xffffffffffffffff, 0xee01, 0xee01, 0xee01])
setresgid(r4, r5, r6)

2.365784426s ago: executing program 4 (id=1971):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.300386897s ago: executing program 4 (id=1972):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x14, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}}, @NFT_MSG_DELFLOWTABLE={0x48, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip6erspan0\x00'}]}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14, 0x10}}, 0xa4}}, 0x0)

2.299752777s ago: executing program 4 (id=1973):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_config_ext={0x100000000}, 0x2, 0xffffffff, 0x2, 0x9, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c0000000000000000000000000000000000000000000000bec6e1037c7485f148f6eca36df78bbd", @ANYRES32=0x0], 0x30}], 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x20, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x2}, 0x18)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000002000000000000000000009500000000000000"], &(0x7f0000000340)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x8882, 0x0)
preadv(r5, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/161, 0xa1}], 0x1, 0x7f, 0x5)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdnI=', @ANYRESHEX=r6, @ANYBLOB=',\x00'])
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r5, 0x942e, 0x0)
ioctl$USBDEVFS_ALLOW_SUSPEND(r5, 0x5522)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x406, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)="a0", 0x0}, 0x31)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='rss_stat\x00', r7}, 0x10)
syz_io_uring_setup(0x2e3b, &(0x7f0000000080)={0x0, 0x482b, 0x10100, 0x1}, &(0x7f0000000140), &(0x7f0000000300))
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x7}}, {{@in=@dev={0xac, 0x14, 0x14, 0x1d}, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r9}, 0x10)
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
socket$inet6_mptcp(0xa, 0x1, 0x106)

2.03872785s ago: executing program 4 (id=1974):
syslog(0x3, &(0x7f00000000c0)=""/196, 0xc4)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Lu1cUB/CbgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS+hTa2qUtpvTH57OEe8+59+TyfQL/a/HwU7PZjIUQmom/f/r7s/xEsXdqbHomhFiYDyHkv/n610os6vjt1otoXYrWxUSmdnA7/nrWcdf3UE0dxaP6ZTyEH0IIS0/HyX/7Nr5857nr5MbmSmFrLbf4WFh/Hl4YyPds55d3Rw6z5dnu7Fz0YV3GWzM/VRs9uW+WXvbaB9uqtUbmJupLxz5nPv+tP+e/31WpVxqT/aerQ+nO+lV5J8r9Tf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnO89dJzc2Vwpba7nFx8L68/DCQL5nO7+8O3KYLc92Z+fi732X8dbMT9VGT+6bpZe99sG2aq2RuYn60rEPR7/78XP+Ei30bfhj/vtdlXqlMdl/ujqU7qxflXei3N8+5g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8JfyE8XeqbHpmRBiYT6EMB7vOP5lv5l4r8eivovotxTtFxOZ2sHt+OtZx13fQzV1NJUIIfG7e5eejpNftfIh/CM/BwAA//8514ZQ")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x1)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/if_inet6\x00')
preadv(r1, &(0x7f0000000a00)=[{&(0x7f0000000680)=""/161, 0xa1}, {&(0x7f00000000c0)=""/31, 0x1f}], 0x2, 0x3d1, 0x1ff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat(r0, &(0x7f0000000600)='./file1\x00', 0x801, 0x4)
pwritev2(r2, 0x0, 0x0, 0xe7b, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x10000, 0x1}, 0x8002, 0x0, 0x1003, 0x2, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r4, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r6, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2)

1.872301393s ago: executing program 1 (id=1976):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x200000})
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
chmod(&(0x7f00000004c0)='./file0\x00', 0x24)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10400}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @remote}, @IFLA_BR_AGEING_TIME={0x8, 0x9}]}}}]}, 0x48}}, 0x0)

1.663956626s ago: executing program 0 (id=1978):
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
write$char_usb(r0, &(0x7f0000000700)="bb29f8845892bf8c719c41adfc1d5c707408e28783ff10a79ab51ae50b5573d06ca15e57406bcf4d4f0afcfae14509e7888e128aed6c21db5de3fc4601cfc4a44ef15f5aa37a048e7e07dc2396e520", 0x4f)
syz_emit_ethernet(0x32, &(0x7f0000000600)=ANY=[@ANYBLOB="ffffffffffff0000000000008800450000240000000000119078ac1400080100104e42001090780200000000000000"], 0x0) (async)
syz_emit_ethernet(0x32, &(0x7f0000000600)=ANY=[@ANYBLOB="ffffffffffff0000000000008800450000240000000000119078ac1400080100104e42001090780200000000000000"], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x20, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000280)='kfree\x00', r1, 0x0, 0x8}, 0x69)
r2 = socket$inet(0x2, 0x4000000805, 0x0)
listen(r2, 0x7) (async)
listen(r2, 0x7)
sendmmsg$inet_sctp(r2, &(0x7f0000000480)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@sndrcv={0x30, 0x84, 0x1, {0x9, 0x6, 0x4001, 0x8, 0x2000000a, 0x8f, 0x80800000, 0x9a1}}], 0x30, 0x2004c850}], 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
r3 = getpid()
syz_pidfd_open(r3, 0x0)
umount2(&(0x7f0000000040)='.\x00', 0x2) (async)
umount2(&(0x7f0000000040)='.\x00', 0x2)

1.525666908s ago: executing program 0 (id=1979):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close(0xffffffffffffffff)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r0, 0x81ff)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x3, @empty, 'veth1_to_team\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x100000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x20000e8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000e00)=@newtaction={0x488, 0x30, 0x12f, 0x3c, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xa4f, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x10, 0xfffffffd, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x1, 0x8000000, 0x0, 0x0, 0x11, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x100000, 0xb2e4, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x85fc, 0x100, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x2, 0x934, 0x7, 0x0, 0x7, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10000000, 0x0, 0x7, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2000, 0x0, 0x0, 0x7, 0x3, 0x8, 0xffffffff, 0x20000, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xffff3bac, 0xd, 0x2, 0x2000, 0x3, 0x0, 0x3, 0x0, 0xffffffd1, 0x480000, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9a3, 0x0, 0x6, 0x7ff, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x713b, 0x0, 0x0, 0x0, 0xffff, 0x1000000, 0xffffffff, 0x2, 0xfffffffd, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce2, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x2000000, 0xfffffff9, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x10000000, 0x7, 0xff, 0x0, 0x7]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x1, 0x0, 0x0, 0x0, {0x3, 0x2, 0x0, 0x0, 0x3, 0x6}, {0x0, 0xf6c5d7a4e5a498ca, 0x1000, 0x8}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x0, 0x3}}}}]}]}, 0x488}, 0x1, 0x0, 0x0, 0x4044840}, 0x44004)
connect$pppoe(r2, &(0x7f0000000100)={0x18, 0x0, {0x11ff, @broadcast, 'bond_slave_1\x00'}}, 0x1e)
r5 = socket$kcm(0x10, 0x2, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x102, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff050005001200", 0x2e}], 0x1}, 0x40880)

1.492885159s ago: executing program 2 (id=1980):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000000)={[{@errors_remount}, {@nobh}]}, 0x3, 0x519, &(0x7f0000001300)="$eJzs3c9vI1cdAPDvTOJtsptiFxAqlSgVLcpWsHbS0DZCCMoFTpWAcl9C4kRR7DiKnbKJKkjFf4CQQOLEiQsSfwBS1QN/AKpUCS6IAwIEQrCFA+JHB9ke041jJ6k2yezGn4/04vdmxvN9byy/+eGXmQAm1lMR8VJETEXEsxFRzqeneYrDfuou987d11a7KYkse+WvSST5tMG6uuXpiLiRv20mIr725YhvJsfjtvcPtlYajfpuXq51mju19v7Brc3mykZ9o769tLT4wvKLy88vL2S5+2pnZZD5yZc+/8anv/W723+++e1utT73kSjFUDvOU7/ppd62GOhuo92LCFaAqbw9paIrAgDAmXSP8T8YEZ/oHf+XY6p3NDdkqoiaAQAAAOcl+8Jc/CeJyAAAAIArK42IuUjSaj4WYC7S9Fp+beDDcT1ttNqdT6239rbXuvMiKlFK1zcb9YV8rHAlSkm3vJiPsR2UnxsqL0XEYxHx/fJsr1xdbTXWCr72AQAAAJPixtD5/z/KaS9/uhH/JwAAAAA8uCpjCwAAAMBV4ZQfAAAArr7h8/83CqoHAAAAcCG+8vLL3ZQNnn+99ur+3lbr1Vtr9fZWtbm3Wl1t7e5UN1qtjd49+5qnra/Rau18Jrb37tQ69Xan1t4/uN1s7W13bm8eeQQ2AAAAcIke+/ibv04i4vCzs70U+X0AAY74Q9EVAM7TVNEVAArjLt4wuUpFVwAoXHLKfIN3AADg4Tf/0eO//w+e/+/aAFxtxvoAwOSZjtmiqwAUpGQEIEy0NCI+0M8+Mm6Zsb////KsUbIs4q3yvVNcXwQAgMs110tJWs3PA+YiTavViEcj0kqUkvXNRn0hPz/4Vbn0SLe82HtncuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgL8uSyAAAAIArLSL9U9K7m3/EfPmZueHrA9eSf5bjj3nhR6/84M5Kp7O72J3+t96zvK5FROeH+fTnxj4+DAAAADhvyeHYWf3z9Px18VJrBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAEeOfua6uDdJlx//LFiKiMij8dM73XmShFxPW/JzF9z/uSiJg6h/iHr0fE46PiJ/FulmWVvBbD8dOImL3g+JXephkf/8Y5xIdJ9ma3/3lp1Pcvjad6r6O/f9N5ul/j+780j/x4r58b1f89emxtzZExnnj7Z7Wx8V+PeGJ6dP8z6H+TMfGfPra2f2dZdjzGN75+cDAufvbjiPmR+5/kSKxap7lTa+8f3NpsrmzUN+rbS0uLLyy/uPz88kJtfbNRz/+OjPG9j/383ZPaf31E/N/+pt//ntT+Z8atdMh/375z90P9bGlU/JtPj9z/zsSY+Gm+7/tknu/Onx/kD/v5ez3507eePKn9a2O2/2mf/80ztv/Zr37392dcFAC4BO39g62VRqO+e0Jm5gzLPIyZX8w8ENV4n5nsO/1P7oRlysXV8F9nXrh7tPrelEGrCt+8RzLZpcWaigekyf/PFNotAQAAF+C9g/6iawIAAAAAAAAAAAAAAAAAAACT6zJuJzYc87CYpgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnOh/AQAA///uxuBB")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)

1.304058501s ago: executing program 1 (id=1981):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000500000000000000", @ANYRES32, @ANYBLOB="bfd59c1900"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001380)={r0, &(0x7f00000004c0)}, 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r1, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000008085000000040000009582750bf45c6d9a4198f96ba25090fd65b15d1ea4bb07ff5b03b5f437ee5630c33ae9210c43fe541e86ad3fc2743805c48722f24466ee47495ea5015eb7368cf3b26705413bf9d8b70c4f007cc71e10052946d14a7e9ebbac066b161d99d088bdbceb3e54a4766fb2a393db74f147b37eb15156a6dd3175e01effa8c22032bd3f5fef657f56df8133f6b5b7a0e5fca655a2547497665d035bf2023c066fa8cfaf9bda56b7c29c413a104fbb8eb05543"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0xf2cccc7fae7881b8, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='ext4_da_update_reserve_space\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
dup2(r5, r4)
flock(r2, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r6 = inotify_init1(0x800)
unshare(0x22020600)
fcntl$setsig(r6, 0xa, 0xe)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000540)='/sys/power/reserved_size', 0x80001, 0xd1)
writev(r8, &(0x7f0000000940)=[{&(0x7f00000006c0)='\x00', 0x1}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.159547083s ago: executing program 0 (id=1982):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.107254274s ago: executing program 0 (id=1983):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x200, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYRESHEX=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
rt_sigpending(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
syz_clone(0x24304000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x6, 0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372"], 0xfc}}, 0x40)
r8 = fsmount(r5, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r10, &(0x7f0000000900)={&(0x7f0000000500)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000000880)=[{&(0x7f0000000540)="e8691a913b", 0x2ec0}, {0x0, 0x2900}], 0x2, &(0x7f00000008c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @rand_addr=0x64010101}}}], 0x38}, 0x0)
openat$cgroup_subtree(r8, &(0x7f0000000100), 0x2, 0x0)

992.408215ms ago: executing program 2 (id=1984):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, 0x18)
r2 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xff}, 0x7}, 0x1c)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)

584.853072ms ago: executing program 2 (id=1985):
setregid(0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)

384.204405ms ago: executing program 2 (id=1986):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xff}, 0x7}, 0x1c)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)

281.254996ms ago: executing program 4 (id=1987):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = syz_io_uring_setup(0xe43, &(0x7f0000000380)={0x0, 0x5f39, 0x0, 0x3, 0xfffffffd}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r4, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000300)=[{0x64, 0x11, 0x73, 0xfffff035}, {0x3, 0x2, 0x1, 0x7}, {0x800, 0xa, 0x3, 0x2000}]}, 0x10)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r7, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f00000004c0)=0x27)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r6, 0x84, 0x78, &(0x7f0000000040)=r8, 0x4)
r9 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad6}, &(0x7f0000000240)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_PERSONALITY(r9, 0x9, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r12, 0x0, 0xd348}, 0x18)
sync()
sync()
syz_io_uring_submit(r10, r11, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000480)='\x00', &(0x7f0000000500)='./file0\x00', 0xffffffffffffffff, 0x0, 0xb61ffb9c4993b648})
syz_io_uring_submit(r2, r3, &(0x7f0000000240)=@IORING_OP_TEE={0x21, 0x19, 0x0, @fd_index=0x6, 0x0, 0x0, 0xc, 0xe, 0x0, {0x0, r5, r7}})
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r13}, 0x10)
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001cc0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69", @ANYRESHEX=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r14}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='+}[@\x00')

272.230366ms ago: executing program 2 (id=1988):
perf_event_open(&(0x7f0000000800)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001400090525bd7000fddbdf25021fdfcb", @ANYRES32=r2, @ANYBLOB="08000a00010000000800040064010100080002000a01010208000800c003"], 0x48}}, 0x4000)
perf_event_open(&(0x7f0000000800)={0x5, 0x14, 0x4, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x1c003, 0x0, 0x9, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x7, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x61]}}, 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_clone(0x200c8000, 0x0, 0x0, 0x0, 0x0, 0x0)

125.519138ms ago: executing program 0 (id=1989):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0xc810}, 0x40800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000", @ANYRES32], 0x4c}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x206, &(0x7f0000000200)=<r4=>0x0)
r5 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
io_submit(r4, 0x2, &(0x7f0000000140)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x5}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x5, 0x48f, r5, 0x0, 0x0, 0x0, 0x0, 0x0, r5}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000f00)='kfree\x00', r3}, 0x18)

80.093699ms ago: executing program 1 (id=1990):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close(0xffffffffffffffff)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r0, 0x81ff)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x3, @empty, 'veth1_to_team\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x100000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x20000e8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000e00)=@newtaction={0x488, 0x30, 0x12f, 0x3c, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xa4f, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x10, 0xfffffffd, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xb4, 0x0, 0x0, 0x1, 0x8000000, 0x0, 0x0, 0x11, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x100000, 0xb2e4, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x85fc, 0x100, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x2, 0x934, 0x7, 0x0, 0x7, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10000000, 0x0, 0x7, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2000, 0x0, 0x0, 0x7, 0x3, 0x8, 0xffffffff, 0x20000, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xffff3bac, 0xd, 0x2, 0x2000, 0x3, 0x0, 0x3, 0x0, 0xffffffd1, 0x480000, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9a3, 0x0, 0x6, 0x7ff, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x713b, 0x0, 0x0, 0x0, 0xffff, 0x1000000, 0xffffffff, 0x2, 0xfffffffd, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce2, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x2000000, 0xfffffff9, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x10000000, 0x7, 0xff, 0x0, 0x7]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x1, 0x0, 0x0, 0x0, {0x3, 0x2, 0x0, 0x0, 0x3, 0x6}, {0x0, 0xf6c5d7a4e5a498ca, 0x1000, 0x8}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x0, 0x3}}}}]}]}, 0x488}, 0x1, 0x0, 0x0, 0x4044840}, 0x44004)
connect$pppoe(r2, &(0x7f0000000100)={0x18, 0x0, {0x11ff, @broadcast, 'bond_slave_1\x00'}}, 0x1e)
r5 = socket$kcm(0x10, 0x2, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x102, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff050005001200", 0x2e}], 0x1}, 0x40880)

47.388979ms ago: executing program 2 (id=1991):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000773400"/24], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
capget(&(0x7f0000000000)={0x20071026}, 0x0)
mmap(&(0x7f0000e22000/0x14000)=nil, 0x14000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f000000c000/0x4000)=nil, 0x4000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000048000/0x1000)=nil, 0x1000, 0x6, 0x31, 0xffffffffffffffff, 0x0)
futex(&(0x7f000000cffc)=0x4, 0xb, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r4 = memfd_secret(0x0)
cachestat(r4, &(0x7f0000000000)={0x2, 0x7fff}, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, 0x0, 0x0)
close(r6)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
getpgid(0x0)

0s ago: executing program 0 (id=1992):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1a, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xf, 0x6, &(0x7f0000000a40)=ANY=[@ANYRES8=r0], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f0000000780)=""/203, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0xfffffd67, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xf58b91e153ce044b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0xb)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x40000}}, 0x10)
listen(r4, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r5, &(0x7f0000002300)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0xfffffffffffffe87}, 0x0)
sendmsg$tipc(r5, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
accept4(r4, 0x0, 0x0, 0x400000000000800)
open_tree(r1, &(0x7f0000000000)='./file0\x00', 0x800)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x88000, 0x0, 0x0, 0x0, &(0x7f0000000340))
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='nr_inodes=1'])
chdir(&(0x7f0000000300)='./file0\x00')
lsetxattr$security_selinux(&(0x7f0000000080)='.\x00', &(0x7f00000000c0), &(0x7f0000000100)='system_u:object_r:systemd_logger_exec_t:s0\x00', 0x2b, 0x0)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0xe, 0x20000000000003b3, &(0x7f0000000400)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r8}, &(0x7f00000006c0), &(0x7f0000000700)=r7}, 0x20)
sendmsg$inet(r6, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r10}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

_skb+0x101/0x320
[  101.990102][ T6675]  ? audit_log_start+0x365/0x6c0
[  101.990175][ T6675]  audit_log_start+0x380/0x6c0
[  101.990260][ T6675]  audit_seccomp+0x48/0x100
[  101.990284][ T6675]  ? __seccomp_filter+0x68c/0x10d0
[  101.990350][ T6675]  __seccomp_filter+0x69d/0x10d0
[  101.990406][ T6675]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  101.990425][ T6675]  ? vfs_write+0x75e/0x8e0
[  101.990440][ T6675]  ? __rcu_read_unlock+0x4f/0x70
[  101.990460][ T6675]  ? __fget_files+0x184/0x1c0
[  101.990482][ T6675]  __secure_computing+0x82/0x150
[  101.990541][ T6675]  syscall_trace_enter+0xcf/0x1e0
[  101.990563][ T6675]  do_syscall_64+0xac/0x200
[  101.990663][ T6675]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  101.990686][ T6675]  ? clear_bhb_loop+0x40/0x90
[  101.990705][ T6675]  ? clear_bhb_loop+0x40/0x90
[  101.990724][ T6675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.990743][ T6675] RIP: 0033:0x7f30ad12e969
[  101.990781][ T6675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.990806][ T6675] RSP: 002b:00007f30ab797038 EFLAGS: 00000246 ORIG_RAX: 0000000000000121
[  101.990831][ T6675] RAX: ffffffffffffffda RBX: 00007f30ad355fa0 RCX: 00007f30ad12e969
[  101.990963][ T6675] RDX: 0000000000000008 RSI: 0000200000000300 RDI: ffffffffffffffff
[  101.990974][ T6675] RBP: 00007f30ab797090 R08: 0000000000000000 R09: 0000000000000000
[  101.990985][ T6675] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  101.990995][ T6675] R13: 0000000000000000 R14: 00007f30ad355fa0 R15: 00007ffc0849f048
[  101.991018][ T6675]  </TASK>
[  102.289980][ T6672] loop3: detected capacity change from 0 to 512
[  102.306289][ T6672] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  102.353930][ T6672] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.373709][ T6672] ext4 filesystem being mounted at /273/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.390520][ T6672] EXT4-fs error (device loop3): __ext4_new_inode:1279: comm syz.3.1290: failed to insert inode 16: doubly allocated?
[  102.574289][ T6693] loop0: detected capacity change from 0 to 1024
[  102.582629][ T6693] ext4: Unknown parameter 'uid>00000000000000000000'
[  102.751999][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.063603][ T6711] loop4: detected capacity change from 0 to 128
[  103.076415][ T6711] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  103.203176][ T6727] xt_connbytes: Forcing CT accounting to be enabled
[  103.214450][ T6727] set match dimension is over the limit!
[  103.244809][ T6727] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1318'.
[  103.365631][   T29] kauditd_printk_skb: 105 callbacks suppressed
[  103.365651][   T29] audit: type=1326 audit(1748719960.977:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6736 comm="syz.4.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50b1ace969 code=0x7ffc0000
[  103.398609][   T29] audit: type=1326 audit(1748719960.977:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6736 comm="syz.4.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f50b1ace969 code=0x7ffc0000
[  103.426612][   T29] audit: type=1326 audit(1748719960.977:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6736 comm="syz.4.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50b1ace969 code=0x7ffc0000
[  103.426646][   T29] audit: type=1326 audit(1748719960.977:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6736 comm="syz.4.1322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50b1ace969 code=0x7ffc0000
[  103.466289][   T29] audit: type=1326 audit(1748719960.987:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6739 comm="syz.0.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad12e969 code=0x7ffc0000
[  103.466452][   T29] audit: type=1326 audit(1748719960.987:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6739 comm="syz.0.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad12e969 code=0x7ffc0000
[  103.466488][   T29] audit: type=1326 audit(1748719960.987:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6739 comm="syz.0.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30ad12e969 code=0x7ffc0000
[  103.466604][   T29] audit: type=1326 audit(1748719960.987:1170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6739 comm="syz.0.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad12e969 code=0x7ffc0000
[  103.466638][   T29] audit: type=1326 audit(1748719960.987:1171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6739 comm="syz.0.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ad12e969 code=0x7ffc0000
[  103.466667][   T29] audit: type=1326 audit(1748719960.987:1172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6739 comm="syz.0.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f30ad12e969 code=0x7ffc0000
[  103.720895][    C0] vcan0: j1939_tp_rxtimer: 0xffff8881191d2800: rx timeout, send abort
[  103.857388][ T6760] loop1: detected capacity change from 0 to 1024
[  103.866008][ T6760] ext4: Unknown parameter 'uid>00000000000000000000'
[  103.961156][ T6759] loop4: detected capacity change from 0 to 512
[  104.070397][ T6759] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.168225][ T6759] ext4 filesystem being mounted at /286/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.230391][    C0] vcan0: j1939_tp_rxtimer: 0xffff8881191d2800: abort rx timeout. Force session deactivation
[  104.493368][ T6777] loop0: detected capacity change from 0 to 2048
[  104.553770][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.616165][ T6781] cgroup: No subsys list or none specified
[  104.624684][ T3308] Alternate GPT is invalid, using primary GPT.
[  104.631719][ T3308]  loop0: p2 p3 p7
[  104.673630][ T6777] Alternate GPT is invalid, using primary GPT.
[  104.681868][ T6777]  loop0: p2 p3 p7
[  104.795730][ T6796] FAULT_INJECTION: forcing a failure.
[  104.795730][ T6796] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.810248][ T6796] CPU: 1 UID: 0 PID: 6796 Comm: syz.1.1344 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  104.810335][ T6796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.810376][ T6796] Call Trace:
[  104.810383][ T6796]  <TASK>
[  104.810391][ T6796]  __dump_stack+0x1d/0x30
[  104.810413][ T6796]  dump_stack_lvl+0xe8/0x140
[  104.810517][ T6796]  dump_stack+0x15/0x1b
[  104.810539][ T6796]  should_fail_ex+0x265/0x280
[  104.810581][ T6796]  should_fail+0xb/0x20
[  104.810620][ T6796]  should_fail_usercopy+0x1a/0x20
[  104.810709][ T6796]  _copy_from_user+0x1c/0xb0
[  104.810738][ T6796]  ucma_get_event+0x77/0x3e0
[  104.810778][ T6796]  ? kstrtouint_from_user+0x9f/0xf0
[  104.810890][ T6796]  ? should_fail_ex+0xdb/0x280
[  104.810924][ T6796]  ucma_write+0x1b3/0x250
[  104.811025][ T6796]  ? __pfx_ucma_write+0x10/0x10
[  104.811062][ T6796]  vfs_write+0x266/0x8e0
[  104.811081][ T6796]  ? __rcu_read_unlock+0x4f/0x70
[  104.811102][ T6796]  ? __fget_files+0x184/0x1c0
[  104.811204][ T6796]  ksys_write+0xda/0x1a0
[  104.811227][ T6796]  __x64_sys_write+0x40/0x50
[  104.811246][ T6796]  x64_sys_call+0x2cdd/0x2fb0
[  104.811323][ T6796]  do_syscall_64+0xd2/0x200
[  104.811354][ T6796]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.811387][ T6796]  ? clear_bhb_loop+0x40/0x90
[  104.811415][ T6796]  ? clear_bhb_loop+0x40/0x90
[  104.811466][ T6796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.811487][ T6796] RIP: 0033:0x7fd5d472e969
[  104.811502][ T6796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.811571][ T6796] RSP: 002b:00007fd5d2d97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  104.811594][ T6796] RAX: ffffffffffffffda RBX: 00007fd5d4955fa0 RCX: 00007fd5d472e969
[  104.811611][ T6796] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000003
[  104.811627][ T6796] RBP: 00007fd5d2d97090 R08: 0000000000000000 R09: 0000000000000000
[  104.811643][ T6796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.811681][ T6796] R13: 0000000000000000 R14: 00007fd5d4955fa0 R15: 00007ffe6c10e558
[  104.811705][ T6796]  </TASK>
[  105.180946][ T6802] loop4: detected capacity change from 0 to 2048
[  105.210953][ T6802] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.225798][ T6802] ext4 filesystem being mounted at /290/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.475224][ T6819] loop2: detected capacity change from 0 to 1024
[  105.484958][ T6819] ext4: Unknown parameter 'uid>00000000000000000000'
[  105.623672][ T6821] loop1: detected capacity change from 0 to 2048
[  105.836540][ T6821] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.856626][ T6826] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1347: bg 0: block 345: padding at end of block bitmap is not set
[  105.857465][ T6823] openvswitch: netlink: Message has 6 unknown bytes.
[  105.879522][ T6821] ext4 filesystem being mounted at /323/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.907057][ T6823] loop0: detected capacity change from 0 to 2048
[  105.937356][ T6823] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.988510][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.086440][ T6834] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1353: bg 0: block 345: padding at end of block bitmap is not set
[  106.105549][ T6835] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  106.131241][ T6835] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  106.144802][ T6835] EXT4-fs (loop0): This should not happen!! Data will be lost
[  106.144802][ T6835] 
[  106.155084][ T6835] EXT4-fs (loop0): Total free blocks count 0
[  106.162092][ T6835] EXT4-fs (loop0): Free/Dirty block details
[  106.168485][ T6835] EXT4-fs (loop0): free_blocks=66060288
[  106.174524][ T6835] EXT4-fs (loop0): dirty_blocks=16
[  106.180147][ T6835] EXT4-fs (loop0): Block reservation details
[  106.187450][ T6835] EXT4-fs (loop0): i_reserved_data_blocks=1
[  106.239286][ T6835] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  106.352540][ T6854] loop4: detected capacity change from 0 to 256
[  106.401277][ T6855] loop3: detected capacity change from 0 to 2048
[  106.410274][ T6856] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000005)
[  106.422698][ T6856] FAT-fs (loop4): Filesystem has been set read-only
[  106.469391][ T3323] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000005)
[  106.484644][ T3308] Alternate GPT is invalid, using primary GPT.
[  106.492297][ T3308]  loop3: p2 p3 p7
[  106.504533][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.531980][ T6855] Alternate GPT is invalid, using primary GPT.
[  106.540488][ T6855]  loop3: p2 p3 p7
[  106.613934][ T6868] FAULT_INJECTION: forcing a failure.
[  106.613934][ T6868] name failslab, interval 1, probability 0, space 0, times 0
[  106.627801][ T6868] CPU: 0 UID: 0 PID: 6868 Comm: syz.1.1368 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  106.627829][ T6868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.627842][ T6868] Call Trace:
[  106.627848][ T6868]  <TASK>
[  106.627857][ T6868]  __dump_stack+0x1d/0x30
[  106.627879][ T6868]  dump_stack_lvl+0xe8/0x140
[  106.627902][ T6868]  dump_stack+0x15/0x1b
[  106.627973][ T6868]  should_fail_ex+0x265/0x280
[  106.628017][ T6868]  should_failslab+0x8c/0xb0
[  106.628048][ T6868]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  106.628085][ T6868]  ? __d_alloc+0x3d/0x350
[  106.628200][ T6868]  __d_alloc+0x3d/0x350
[  106.628260][ T6868]  d_alloc_pseudo+0x1e/0x80
[  106.628295][ T6868]  alloc_file_pseudo+0x71/0x160
[  106.628334][ T6868]  anon_inode_getfd+0xc1/0x150
[  106.628361][ T6868]  bpf_map_new_fd+0x52/0x70
[  106.628385][ T6868]  map_create+0xb5a/0xb90
[  106.628509][ T6868]  ? security_bpf+0x2b/0x90
[  106.628600][ T6868]  __sys_bpf+0x5ab/0x790
[  106.628695][ T6868]  __x64_sys_bpf+0x41/0x50
[  106.628724][ T6868]  x64_sys_call+0x2478/0x2fb0
[  106.628759][ T6868]  do_syscall_64+0xd2/0x200
[  106.628794][ T6868]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  106.628872][ T6868]  ? clear_bhb_loop+0x40/0x90
[  106.628941][ T6868]  ? clear_bhb_loop+0x40/0x90
[  106.628966][ T6868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.628994][ T6868] RIP: 0033:0x7fd5d472e969
[  106.629060][ T6868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.629084][ T6868] RSP: 002b:00007fd5d2d97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  106.629102][ T6868] RAX: ffffffffffffffda RBX: 00007fd5d4955fa0 RCX: 00007fd5d472e969
[  106.629115][ T6868] RDX: 0000000000000048 RSI: 0000200000000140 RDI: 0100000000000000
[  106.629127][ T6868] RBP: 00007fd5d2d97090 R08: 0000000000000000 R09: 0000000000000000
[  106.629150][ T6868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.629166][ T6868] R13: 0000000000000000 R14: 00007fd5d4955fa0 R15: 00007ffe6c10e558
[  106.629191][ T6868]  </TASK>
[  107.047883][ T6875] loop4: detected capacity change from 0 to 1024
[  107.056035][ T6875] ext4: Unknown parameter 'uid>00000000000000000000'
[  107.067346][ T6874] loop1: detected capacity change from 0 to 1024
[  107.097969][ T6874] EXT4-fs: Ignoring removed bh option
[  107.189559][ T6874] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  107.326973][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  107.395037][ T6880] loop2: detected capacity change from 0 to 1024
[  107.420685][ T6880] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  107.435095][ T6880] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  107.452310][ T6880] JBD2: no valid journal superblock found
[  107.458750][ T6880] EXT4-fs (loop2): Could not load journal inode
[  107.655451][ T6900] FAULT_INJECTION: forcing a failure.
[  107.655451][ T6900] name failslab, interval 1, probability 0, space 0, times 0
[  107.669339][ T6900] CPU: 1 UID: 0 PID: 6900 Comm: syz.4.1382 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  107.669375][ T6900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.669391][ T6900] Call Trace:
[  107.669400][ T6900]  <TASK>
[  107.669464][ T6900]  __dump_stack+0x1d/0x30
[  107.669486][ T6900]  dump_stack_lvl+0xe8/0x140
[  107.669506][ T6900]  dump_stack+0x15/0x1b
[  107.669526][ T6900]  should_fail_ex+0x265/0x280
[  107.669569][ T6900]  should_failslab+0x8c/0xb0
[  107.669642][ T6900]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  107.669676][ T6900]  ? sidtab_sid2str_get+0xa0/0x130
[  107.669704][ T6900]  kmemdup_noprof+0x2b/0x70
[  107.669737][ T6900]  sidtab_sid2str_get+0xa0/0x130
[  107.669770][ T6900]  security_sid_to_context_core+0x1eb/0x2e0
[  107.669805][ T6900]  security_sid_to_context+0x27/0x40
[  107.669839][ T6900]  avc_audit_post_callback+0x9d/0x520
[  107.669873][ T6900]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  107.669924][ T6900]  common_lsm_audit+0x1b8/0x230
[  107.670016][ T6900]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  107.670053][ T6900]  slow_avc_audit+0x104/0x140
[  107.670160][ T6900]  avc_has_extended_perms+0x6d0/0x940
[  107.670274][ T6900]  ioctl_has_perm+0x257/0x2a0
[  107.670312][ T6900]  selinux_file_ioctl+0x2e3/0x370
[  107.670342][ T6900]  ? __fget_files+0x184/0x1c0
[  107.670365][ T6900]  security_file_ioctl+0x48/0x90
[  107.670392][ T6900]  __se_sys_ioctl+0x47/0x140
[  107.670484][ T6900]  __x64_sys_ioctl+0x43/0x50
[  107.670517][ T6900]  x64_sys_call+0x19a8/0x2fb0
[  107.670558][ T6900]  do_syscall_64+0xd2/0x200
[  107.670610][ T6900]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.670644][ T6900]  ? clear_bhb_loop+0x40/0x90
[  107.670672][ T6900]  ? clear_bhb_loop+0x40/0x90
[  107.670701][ T6900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.670740][ T6900] RIP: 0033:0x7f50b1ace969
[  107.670761][ T6900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.670849][ T6900] RSP: 002b:00007f50b0137038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  107.670873][ T6900] RAX: ffffffffffffffda RBX: 00007f50b1cf5fa0 RCX: 00007f50b1ace969
[  107.670889][ T6900] RDX: 0000200000000080 RSI: 00000000c0109207 RDI: 0000000000000005
[  107.670904][ T6900] RBP: 00007f50b0137090 R08: 0000000000000000 R09: 0000000000000000
[  107.670928][ T6900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.671016][ T6900] R13: 0000000000000000 R14: 00007f50b1cf5fa0 R15: 00007ffd3800f578
[  107.671035][ T6900]  </TASK>
[  107.674293][ T6902] loop1: detected capacity change from 0 to 512
[  107.721565][ T6904] loop2: detected capacity change from 0 to 8192
[  107.732904][ T6902] EXT4-fs: Ignoring removed nobh option
[  107.950553][ T6912] loop4: detected capacity change from 0 to 256
[  108.029566][ T6902] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1381: corrupted inode contents
[  108.044846][ T6902] EXT4-fs (loop1): Remounting filesystem read-only
[  108.073479][ T6902] EXT4-fs (loop1): 1 truncate cleaned up
[  108.086431][ T6902] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.104631][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  108.117546][   T37] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  108.136857][ T6902] ext4 filesystem being mounted at /328/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.150188][   T37] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  108.209633][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.449924][   T29] kauditd_printk_skb: 168 callbacks suppressed
[  108.449981][   T29] audit: type=1400 audit(1748719966.067:1335): avc:  denied  { name_bind } for  pid=6939 comm="syz.4.1399" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  108.505846][   T29] audit: type=1400 audit(1748719966.077:1336): avc:  denied  { shutdown } for  pid=6941 comm="syz.3.1400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  108.527200][   T29] audit: type=1400 audit(1748719966.077:1337): avc:  denied  { write } for  pid=6941 comm="syz.3.1400" lport=49150 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  108.677152][ T6943] sctp: [Deprecated]: syz.3.1400 (pid 6943) Use of int in max_burst socket option deprecated.
[  108.677152][ T6943] Use struct sctp_assoc_value instead
[  108.712649][ T6947] syzkaller0: entered promiscuous mode
[  108.718904][ T6947] syzkaller0: entered allmulticast mode
[  108.730089][   T29] audit: type=1400 audit(1748719966.297:1338): avc:  denied  { setopt } for  pid=6941 comm="syz.3.1400" lport=49150 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  108.785494][ T6940] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  108.800249][   T29] audit: type=1400 audit(1748719966.397:1339): avc:  denied  { bind } for  pid=6939 comm="syz.4.1399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  108.806300][ T6940] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  108.821900][   T29] audit: type=1400 audit(1748719966.397:1340): avc:  denied  { ioctl } for  pid=6939 comm="syz.4.1399" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  108.917536][ T6959] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1403'.
[  108.928456][ T6959] IPVS: Error joining to the multicast group
[  108.943043][ T6940] loop4: detected capacity change from 0 to 256
[  108.962295][ T6958] loop3: detected capacity change from 0 to 256
[  108.998855][ T6960] FAULT_INJECTION: forcing a failure.
[  108.998855][ T6960] name failslab, interval 1, probability 0, space 0, times 0
[  109.012952][ T6960] CPU: 1 UID: 0 PID: 6960 Comm: syz.2.1404 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  109.013024][ T6960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.013037][ T6960] Call Trace:
[  109.013044][ T6960]  <TASK>
[  109.013051][ T6960]  __dump_stack+0x1d/0x30
[  109.013076][ T6960]  dump_stack_lvl+0xe8/0x140
[  109.013102][ T6960]  dump_stack+0x15/0x1b
[  109.013124][ T6960]  should_fail_ex+0x265/0x280
[  109.013170][ T6960]  should_failslab+0x8c/0xb0
[  109.013193][ T6960]  kmem_cache_alloc_noprof+0x50/0x310
[  109.013226][ T6960]  ? audit_log_start+0x365/0x6c0
[  109.013305][ T6960]  audit_log_start+0x365/0x6c0
[  109.013385][ T6960]  audit_seccomp+0x48/0x100
[  109.013421][ T6960]  ? __seccomp_filter+0x68c/0x10d0
[  109.013452][ T6960]  __seccomp_filter+0x69d/0x10d0
[  109.013480][ T6960]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  109.013578][ T6960]  ? vfs_write+0x75e/0x8e0
[  109.013640][ T6960]  __secure_computing+0x82/0x150
[  109.013665][ T6960]  syscall_trace_enter+0xcf/0x1e0
[  109.013690][ T6960]  do_syscall_64+0xac/0x200
[  109.013767][ T6960]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.013793][ T6960]  ? clear_bhb_loop+0x40/0x90
[  109.013816][ T6960]  ? clear_bhb_loop+0x40/0x90
[  109.013840][ T6960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.013933][ T6960] RIP: 0033:0x7f3fabc9e969
[  109.013948][ T6960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.013968][ T6960] RSP: 002b:00007f3faa307038 EFLAGS: 00000246 ORIG_RAX: 000000000000007d
[  109.013992][ T6960] RAX: ffffffffffffffda RBX: 00007f3fabec5fa0 RCX: 00007f3fabc9e969
[  109.014008][ T6960] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  109.014025][ T6960] RBP: 00007f3faa307090 R08: 0000000000000000 R09: 0000000000000000
[  109.014058][ T6960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.014073][ T6960] R13: 0000000000000000 R14: 00007f3fabec5fa0 R15: 00007ffdb6344228
[  109.014131][ T6960]  </TASK>
[  109.014138][ T6960] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[  109.254983][ T6960] audit: out of memory in audit_log_start
[  109.308826][   T29] audit: type=1326 audit(1748719966.517:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.4.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50b1ace969 code=0x7ffc0000
[  109.338268][   T29] audit: type=1326 audit(1748719966.517:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.4.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50b1ace969 code=0x7ffc0000
[  109.796251][ T6968] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1405'.
[  109.833350][ T6968] IPVS: Error joining to the multicast group
[  110.498970][ T6985] siw: device registration error -23
[  110.662046][ T6990] loop2: detected capacity change from 0 to 256
[  110.898475][ T6990] FAULT_INJECTION: forcing a failure.
[  110.898475][ T6990] name failslab, interval 1, probability 0, space 0, times 0
[  110.912501][ T6990] CPU: 0 UID: 0 PID: 6990 Comm: syz.2.1414 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  110.912529][ T6990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.912545][ T6990] Call Trace:
[  110.912566][ T6990]  <TASK>
[  110.912577][ T6990]  __dump_stack+0x1d/0x30
[  110.912606][ T6990]  dump_stack_lvl+0xe8/0x140
[  110.912632][ T6990]  dump_stack+0x15/0x1b
[  110.912654][ T6990]  should_fail_ex+0x265/0x280
[  110.912689][ T6990]  should_failslab+0x8c/0xb0
[  110.912715][ T6990]  kmem_cache_alloc_noprof+0x50/0x310
[  110.912772][ T6990]  ? vfat_add_entry+0x17d/0x1b90
[  110.912801][ T6990]  vfat_add_entry+0x17d/0x1b90
[  110.912830][ T6990]  ? fat_alloc_new_dir+0x4fb/0x530
[  110.912860][ T6990]  vfat_mkdir+0xca/0x1f0
[  110.913012][ T6990]  vfs_mkdir+0x213/0x340
[  110.913054][ T6990]  do_mkdirat+0x132/0x3f0
[  110.913139][ T6990]  __x64_sys_mkdir+0x42/0x50
[  110.913244][ T6990]  x64_sys_call+0x2289/0x2fb0
[  110.913266][ T6990]  do_syscall_64+0xd2/0x200
[  110.913322][ T6990]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.913348][ T6990]  ? clear_bhb_loop+0x40/0x90
[  110.913420][ T6990]  ? clear_bhb_loop+0x40/0x90
[  110.913449][ T6990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.913477][ T6990] RIP: 0033:0x7f3fabc9e969
[  110.913497][ T6990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.913522][ T6990] RSP: 002b:00007f3faa307038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  110.913555][ T6990] RAX: ffffffffffffffda RBX: 00007f3fabec5fa0 RCX: 00007f3fabc9e969
[  110.913569][ T6990] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  110.913581][ T6990] RBP: 00007f3faa307090 R08: 0000000000000000 R09: 0000000000000000
[  110.913593][ T6990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.913619][ T6990] R13: 0000000000000000 R14: 00007f3fabec5fa0 R15: 00007ffdb6344228
[  110.913641][ T6990]  </TASK>
[  111.311876][ T7005] hsr0: entered promiscuous mode
[  111.503940][ T7017] kernel profiling enabled (shift: 17)
[  111.507913][ T7021] vlan2: entered allmulticast mode
[  111.516050][ T7021] $H�: entered allmulticast mode
[  111.524976][ T7021] bond_slave_0: entered allmulticast mode
[  111.532012][ T7021] bond_slave_1: entered allmulticast mode
[  111.539191][ T7021] $H�: (slave vlan2): Opening slave failed
[  111.571730][ T7023] loop4: detected capacity change from 0 to 512
[  111.588067][ T7023] EXT4-fs: Ignoring removed nobh option
[  111.609229][ T7025] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1432'.
[  111.624023][ T7025] loop2: detected capacity change from 0 to 512
[  111.638775][ T7025] msdos: Unknown parameter '�'
[  111.662322][ T7023] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.1430: corrupted inode contents
[  111.697950][ T7023] EXT4-fs (loop4): Remounting filesystem read-only
[  111.705342][ T7023] EXT4-fs (loop4): 1 truncate cleaned up
[  111.712025][ T7023] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.726048][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  111.726550][ T7023] ext4 filesystem being mounted at /312/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.738968][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  111.767985][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  111.803524][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.862972][ T7046] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1436'.
[  112.084927][ T7064] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[  112.449864][ T7074] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1441'.
[  112.603793][ T7084] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1445'.
[  112.964050][ T7128] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1457'.
[  113.080319][ T7132] 9pnet_fd: Insufficient options for proto=fd
[  113.254262][ T7137] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1460'.
[  113.508207][ T7142] loop2: detected capacity change from 0 to 1024
[  113.516124][ T7142] EXT4-fs: Ignoring removed orlov option
[  113.523950][ T7142] EXT4-fs: Ignoring removed nomblk_io_submit option
[  113.547500][ T7142] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.565285][   T29] kauditd_printk_skb: 248 callbacks suppressed
[  113.565304][   T29] audit: type=1400 audit(1748722018.174:1585): avc:  denied  { add_name } for  pid=7141 comm="syz.2.1462" name="cpu.stat" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  113.599982][   T29] audit: type=1400 audit(1748722018.174:1586): avc:  denied  { create } for  pid=7141 comm="syz.2.1462" name="cpu.stat" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  113.627141][   T29] audit: type=1400 audit(1748722018.194:1587): avc:  denied  { read append open } for  pid=7141 comm="syz.2.1462" path="/258/file1/cpu.stat" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  113.655739][   T29] audit: type=1400 audit(1748722018.194:1588): avc:  denied  { map } for  pid=7141 comm="syz.2.1462" path="/258/file1/cpu.stat" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  113.683259][   T29] audit: type=1400 audit(1748722018.194:1589): avc:  denied  { execute } for  pid=7141 comm="syz.2.1462" path="/258/file1/cpu.stat" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  113.698806][ T7146] syzkaller0: entered promiscuous mode
[  113.716375][ T7146] syzkaller0: entered allmulticast mode
[  113.730133][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.914082][    C1] vcan0: j1939_tp_rxtimer: 0xffff888119104a00: rx timeout, send abort
[  113.972020][   T29] audit: type=1400 audit(1748722018.564:1590): avc:  denied  { read } for  pid=7155 comm="syz.2.1466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  113.999420][ T7157] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1464'.
[  114.010894][ T7157] IPVS: Error joining to the multicast group
[  114.313746][   T29] audit: type=1400 audit(1748722018.924:1591): avc:  denied  { read } for  pid=2988 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  114.338057][   T29] audit: type=1400 audit(1748722018.924:1592): avc:  denied  { search } for  pid=2988 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  114.362250][   T29] audit: type=1400 audit(1748722018.924:1593): avc:  denied  { append } for  pid=2988 comm="syslogd" name="messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  114.387447][   T29] audit: type=1400 audit(1748722018.924:1594): avc:  denied  { open } for  pid=2988 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  114.423026][    C1] vcan0: j1939_tp_rxtimer: 0xffff888119104a00: abort rx timeout. Force session deactivation
[  114.470882][ T7162] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1467'.
[  114.482532][ T7162] IPVS: Error joining to the multicast group
[  114.913916][ T7167] loop1: detected capacity change from 0 to 512
[  114.925878][ T7167] EXT4-fs: Ignoring removed oldalloc option
[  114.933365][ T7167] EXT4-fs: Ignoring removed nobh option
[  114.983801][ T7171] loop4: detected capacity change from 0 to 128
[  114.991147][ T7171] vfat: Unknown parameter ''
[  115.099152][ T7167] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1469: iget: bad extended attribute block 1
[  115.115437][ T7167] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1469: couldn't read orphan inode 15 (err -117)
[  115.146083][ T7167] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.238254][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.324831][ T7186] loop1: detected capacity change from 0 to 512
[  115.357650][ T7186] EXT4-fs: Ignoring removed nobh option
[  115.381613][ T7186] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1475: corrupted inode contents
[  115.441014][ T7186] EXT4-fs (loop1): Remounting filesystem read-only
[  115.465699][ T7186] EXT4-fs (loop1): 1 truncate cleaned up
[  115.485742][ T7186] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.485983][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  115.511684][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  115.535672][ T7186] ext4 filesystem being mounted at /336/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.559423][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  115.594738][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.705654][ T7204] FAULT_INJECTION: forcing a failure.
[  115.705654][ T7204] name failslab, interval 1, probability 0, space 0, times 0
[  115.719588][ T7204] CPU: 0 UID: 0 PID: 7204 Comm: syz.1.1482 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  115.719618][ T7204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.719634][ T7204] Call Trace:
[  115.719643][ T7204]  <TASK>
[  115.719654][ T7204]  __dump_stack+0x1d/0x30
[  115.719688][ T7204]  dump_stack_lvl+0xe8/0x140
[  115.719714][ T7204]  dump_stack+0x15/0x1b
[  115.719867][ T7204]  should_fail_ex+0x265/0x280
[  115.719910][ T7204]  should_failslab+0x8c/0xb0
[  115.719936][ T7204]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  115.720026][ T7204]  ? sidtab_sid2str_get+0xa0/0x130
[  115.720060][ T7204]  kmemdup_noprof+0x2b/0x70
[  115.720095][ T7204]  sidtab_sid2str_get+0xa0/0x130
[  115.720126][ T7204]  security_sid_to_context_core+0x1eb/0x2e0
[  115.720152][ T7204]  security_sid_to_context+0x27/0x40
[  115.720195][ T7204]  selinux_lsmprop_to_secctx+0x67/0xf0
[  115.720261][ T7204]  security_lsmprop_to_secctx+0x43/0x80
[  115.720326][ T7204]  audit_log_task_context+0x77/0x190
[  115.720375][ T7204]  audit_log_task+0xf4/0x250
[  115.720411][ T7204]  audit_seccomp+0x61/0x100
[  115.720482][ T7204]  ? __seccomp_filter+0x68c/0x10d0
[  115.720567][ T7204]  __seccomp_filter+0x69d/0x10d0
[  115.720639][ T7204]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  115.720667][ T7204]  ? vfs_write+0x75e/0x8e0
[  115.720719][ T7204]  __secure_computing+0x82/0x150
[  115.720741][ T7204]  syscall_trace_enter+0xcf/0x1e0
[  115.720766][ T7204]  do_syscall_64+0xac/0x200
[  115.720801][ T7204]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.720853][ T7204]  ? clear_bhb_loop+0x40/0x90
[  115.720875][ T7204]  ? clear_bhb_loop+0x40/0x90
[  115.720897][ T7204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.720918][ T7204] RIP: 0033:0x7fd5d472e969
[  115.720940][ T7204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.720965][ T7204] RSP: 002b:00007fd5d2d97038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  115.720989][ T7204] RAX: ffffffffffffffda RBX: 00007fd5d4955fa0 RCX: 00007fd5d472e969
[  115.721003][ T7204] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  115.721016][ T7204] RBP: 00007fd5d2d97090 R08: 0000000000000000 R09: 0000000000000000
[  115.721028][ T7204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.721040][ T7204] R13: 0000000000000000 R14: 00007fd5d4955fa0 R15: 00007ffe6c10e558
[  115.721059][ T7204]  </TASK>
[  116.090315][ T7208] loop1: detected capacity change from 0 to 4096
[  116.115923][ T7208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.155029][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.303942][ T7220] loop4: detected capacity change from 0 to 1024
[  116.330859][ T7220] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.351756][ T7220] FAULT_INJECTION: forcing a failure.
[  116.351756][ T7220] name failslab, interval 1, probability 0, space 0, times 0
[  116.367850][ T7220] CPU: 1 UID: 0 PID: 7220 Comm: syz.4.1486 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  116.367924][ T7220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.367939][ T7220] Call Trace:
[  116.367948][ T7220]  <TASK>
[  116.367959][ T7220]  __dump_stack+0x1d/0x30
[  116.367983][ T7220]  dump_stack_lvl+0xe8/0x140
[  116.368002][ T7220]  dump_stack+0x15/0x1b
[  116.368098][ T7220]  should_fail_ex+0x265/0x280
[  116.368137][ T7220]  should_failslab+0x8c/0xb0
[  116.368168][ T7220]  __kmalloc_noprof+0xa5/0x3e0
[  116.368203][ T7220]  ? iter_file_splice_write+0xfe/0x970
[  116.368300][ T7220]  iter_file_splice_write+0xfe/0x970
[  116.368401][ T7220]  ? save_fpregs_to_fpstate+0x100/0x160
[  116.368456][ T7220]  ? _raw_spin_unlock+0x26/0x50
[  116.368536][ T7220]  ? __schedule+0x6a8/0xb30
[  116.368571][ T7220]  ? __cond_resched+0x4e/0x90
[  116.368611][ T7220]  ? __pfx_iter_file_splice_write+0x10/0x10
[  116.368643][ T7220]  direct_splice_actor+0x153/0x2a0
[  116.368697][ T7220]  splice_direct_to_actor+0x30f/0x680
[  116.368839][ T7220]  ? __pfx_direct_splice_actor+0x10/0x10
[  116.368921][ T7220]  do_splice_direct+0xda/0x150
[  116.368952][ T7220]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  116.368996][ T7220]  vfs_copy_file_range+0x978/0xf30
[  116.369092][ T7220]  __se_sys_copy_file_range+0x269/0x3b0
[  116.369138][ T7220]  __x64_sys_copy_file_range+0x78/0x90
[  116.369173][ T7220]  x64_sys_call+0x8c6/0x2fb0
[  116.369200][ T7220]  do_syscall_64+0xd2/0x200
[  116.369254][ T7220]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.369289][ T7220]  ? clear_bhb_loop+0x40/0x90
[  116.369318][ T7220]  ? clear_bhb_loop+0x40/0x90
[  116.369346][ T7220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.369445][ T7220] RIP: 0033:0x7f50b1ace969
[  116.369463][ T7220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.369489][ T7220] RSP: 002b:00007f50b0116038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[  116.369513][ T7220] RAX: ffffffffffffffda RBX: 00007f50b1cf6080 RCX: 00007f50b1ace969
[  116.369530][ T7220] RDX: 000000000000000b RSI: 0000000000000000 RDI: 000000000000000b
[  116.369542][ T7220] RBP: 00007f50b0116090 R08: 0000000000000101 R09: 0000000000000000
[  116.369554][ T7220] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000002
[  116.369622][ T7220] R13: 0000000000000000 R14: 00007f50b1cf6080 R15: 00007ffd3800f578
[  116.369647][ T7220]  </TASK>
[  116.830519][ T7240] loop2: detected capacity change from 0 to 256
[  116.844041][ T7240] netlink: 'syz.2.1496': attribute type 13 has an invalid length.
[  116.854029][ T7240] FAULT_INJECTION: forcing a failure.
[  116.854029][ T7240] name failslab, interval 1, probability 0, space 0, times 0
[  116.871447][ T7240] CPU: 0 UID: 0 PID: 7240 Comm: syz.2.1496 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  116.871480][ T7240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.871497][ T7240] Call Trace:
[  116.871505][ T7240]  <TASK>
[  116.871515][ T7240]  __dump_stack+0x1d/0x30
[  116.871564][ T7240]  dump_stack_lvl+0xe8/0x140
[  116.871584][ T7240]  dump_stack+0x15/0x1b
[  116.871601][ T7240]  should_fail_ex+0x265/0x280
[  116.871640][ T7240]  ? ib_dispatch_event+0x37/0x190
[  116.871661][ T7240]  should_failslab+0x8c/0xb0
[  116.871752][ T7240]  __kmalloc_cache_noprof+0x4c/0x320
[  116.871793][ T7240]  ib_dispatch_event+0x37/0x190
[  116.871817][ T7240]  ib_dispatch_port_state_event+0x183/0x1b0
[  116.871854][ T7240]  ib_netdevice_event+0x4d9/0x5f0
[  116.871963][ T7240]  ? nh_netdev_event+0x104/0x3b0
[  116.871999][ T7240]  ? __pfx_ib_netdevice_event+0x10/0x10
[  116.872080][ T7240]  raw_notifier_call_chain+0x6c/0x1b0
[  116.872122][ T7240]  ? call_netdevice_notifiers_info+0x9c/0x100
[  116.872224][ T7240]  call_netdevice_notifiers_info+0xae/0x100
[  116.872265][ T7240]  __dev_notify_flags+0xff/0x1a0
[  116.872295][ T7240]  netif_change_flags+0xac/0xd0
[  116.872317][ T7240]  do_setlink+0x9d2/0x2810
[  116.872400][ T7240]  ? save_fpregs_to_fpstate+0x100/0x160
[  116.872431][ T7240]  ? _raw_spin_unlock+0x26/0x50
[  116.872466][ T7240]  ? finish_task_switch+0xad/0x2b0
[  116.872523][ T7240]  ? __schedule+0x6a8/0xb30
[  116.872689][ T7240]  rtnl_newlink+0xd8b/0x12d0
[  116.872730][ T7240]  ? xas_load+0x413/0x430
[  116.872757][ T7240]  ? __rcu_read_unlock+0x34/0x70
[  116.872832][ T7240]  ? bpf_trace_run3+0x12c/0x1d0
[  116.872858][ T7240]  ? __memcg_slab_free_hook+0x11e/0x240
[  116.872913][ T7240]  ? __kfree_skb+0x109/0x150
[  116.872978][ T7240]  ? __rcu_read_unlock+0x4f/0x70
[  116.873001][ T7240]  ? avc_has_perm_noaudit+0x1b1/0x200
[  116.873083][ T7240]  ? selinux_capable+0x1f9/0x270
[  116.873129][ T7240]  ? security_capable+0x83/0x90
[  116.873163][ T7240]  ? ns_capable+0x7d/0xb0
[  116.873188][ T7240]  ? __pfx_rtnl_newlink+0x10/0x10
[  116.873276][ T7240]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  116.873397][ T7240]  netlink_rcv_skb+0x123/0x220
[  116.873446][ T7240]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  116.873483][ T7240]  rtnetlink_rcv+0x1c/0x30
[  116.873511][ T7240]  netlink_unicast+0x59e/0x670
[  116.873567][ T7240]  netlink_sendmsg+0x58b/0x6b0
[  116.873606][ T7240]  ? __pfx_netlink_sendmsg+0x10/0x10
[  116.873651][ T7240]  __sock_sendmsg+0x142/0x180
[  116.873686][ T7240]  ____sys_sendmsg+0x31e/0x4e0
[  116.873741][ T7240]  ___sys_sendmsg+0x17b/0x1d0
[  116.873781][ T7240]  __x64_sys_sendmsg+0xd4/0x160
[  116.873844][ T7240]  x64_sys_call+0x2999/0x2fb0
[  116.873904][ T7240]  do_syscall_64+0xd2/0x200
[  116.873932][ T7240]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.873967][ T7240]  ? clear_bhb_loop+0x40/0x90
[  116.873993][ T7240]  ? clear_bhb_loop+0x40/0x90
[  116.874053][ T7240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.874075][ T7240] RIP: 0033:0x7f3fabc9e969
[  116.874091][ T7240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.874112][ T7240] RSP: 002b:00007f3faa307038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  116.874135][ T7240] RAX: ffffffffffffffda RBX: 00007f3fabec5fa0 RCX: 00007f3fabc9e969
[  116.874209][ T7240] RDX: 0000000000008004 RSI: 0000200000000180 RDI: 0000000000000009
[  116.874234][ T7240] RBP: 00007f3faa307090 R08: 0000000000000000 R09: 0000000000000000
[  116.874251][ T7240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  116.874285][ T7240] R13: 0000000000000000 R14: 00007f3fabec5fa0 R15: 00007ffdb6344228
[  116.874308][ T7240]  </TASK>
[  117.352190][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.405493][ T7240] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.413308][ T7240] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.441517][ T7245] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7245 comm=syz.4.1498
[  117.505533][ T7240] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  117.524816][ T7240] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  117.550704][ T7242] FAULT_INJECTION: forcing a failure.
[  117.550704][ T7242] name failslab, interval 1, probability 0, space 0, times 0
[  117.568517][ T7242] CPU: 1 UID: 0 PID: 7242 Comm: syz.0.1497 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  117.568547][ T7242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  117.568614][ T7242] Call Trace:
[  117.568624][ T7242]  <TASK>
[  117.568635][ T7242]  __dump_stack+0x1d/0x30
[  117.568712][ T7242]  dump_stack_lvl+0xe8/0x140
[  117.568734][ T7242]  dump_stack+0x15/0x1b
[  117.568751][ T7242]  should_fail_ex+0x265/0x280
[  117.568791][ T7242]  ? tcp_md5_do_add+0xce/0x1c0
[  117.568896][ T7242]  should_failslab+0x8c/0xb0
[  117.568920][ T7242]  __kmalloc_cache_noprof+0x4c/0x320
[  117.568970][ T7242]  tcp_md5_do_add+0xce/0x1c0
[  117.568997][ T7242]  tcp_v6_parse_md5_keys+0x429/0x450
[  117.569119][ T7242]  do_tcp_setsockopt+0xf24/0x1670
[  117.569156][ T7242]  ? selinux_socket_setsockopt+0x1ad/0x1e0
[  117.569205][ T7242]  tcp_setsockopt+0x51/0xb0
[  117.569236][ T7242]  sock_common_setsockopt+0x66/0x80
[  117.569362][ T7242]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  117.569404][ T7242]  __sys_setsockopt+0x184/0x200
[  117.569430][ T7242]  __x64_sys_setsockopt+0x64/0x80
[  117.569504][ T7242]  x64_sys_call+0x2bd5/0x2fb0
[  117.569527][ T7242]  do_syscall_64+0xd2/0x200
[  117.569555][ T7242]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  117.569584][ T7242]  ? clear_bhb_loop+0x40/0x90
[  117.569686][ T7242]  ? clear_bhb_loop+0x40/0x90
[  117.569715][ T7242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.569738][ T7242] RIP: 0033:0x7f30ad12e969
[  117.569754][ T7242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.569845][ T7242] RSP: 002b:00007f30ab797038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  117.569871][ T7242] RAX: ffffffffffffffda RBX: 00007f30ad355fa0 RCX: 00007f30ad12e969
[  117.569888][ T7242] RDX: 2000000000000020 RSI: 0000000000000006 RDI: 0000000000000003
[  117.569905][ T7242] RBP: 00007f30ab797090 R08: 000000001959cc36 R09: 0000000000000000
[  117.569919][ T7242] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  117.570005][ T7242] R13: 0000000000000000 R14: 00007f30ad355fa0 R15: 00007ffc0849f048
[  117.570025][ T7242]  </TASK>
[  117.848528][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881191c7c00: rx timeout, send abort
[  117.883675][ T7240] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  117.895516][ T7240] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  117.906027][ T7240] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  117.918059][ T7240] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  117.996341][ T7253] loop4: detected capacity change from 0 to 1024
[  118.004750][ T7253] ext4: Unknown parameter 'uid>00000000000000000000'
[  118.021470][ T7253] siw: device registration error -23
[  118.358409][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881191c7c00: abort rx timeout. Force session deactivation
[  118.466697][ T7263] loop3: detected capacity change from 0 to 764
[  118.633624][   T29] kauditd_printk_skb: 103 callbacks suppressed
[  118.633642][   T29] audit: type=1400 audit(1748722023.244:1691): avc:  denied  { name_bind } for  pid=7273 comm="syz.1.1509" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  118.671677][ T7272] loop0: detected capacity change from 0 to 512
[  118.680929][ T7272] EXT4-fs: Ignoring removed nobh option
[  118.700941][   T29] audit: type=1400 audit(1748722023.244:1692): avc:  denied  { node_bind } for  pid=7273 comm="syz.1.1509" saddr=224.0.0.1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  118.725046][   T29] audit: type=1400 audit(1748722023.284:1693): avc:  denied  { create } for  pid=7273 comm="syz.1.1509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  118.746100][   T29] audit: type=1400 audit(1748722023.284:1694): avc:  denied  { ioctl } for  pid=7273 comm="syz.1.1509" path="socket:[17482]" dev="sockfs" ino=17482 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  118.773627][   T29] audit: type=1400 audit(1748722023.284:1695): avc:  denied  { write } for  pid=7273 comm="syz.1.1509" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  118.793653][   T29] audit: type=1400 audit(1748722023.284:1696): avc:  denied  { read } for  pid=7273 comm="syz.1.1509" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  118.818728][   T29] audit: type=1400 audit(1748722023.314:1697): avc:  denied  { mount } for  pid=7275 comm="syz.4.1510" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  118.857889][ T7272] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.1508: corrupted inode contents
[  118.871282][ T7272] EXT4-fs (loop0): Remounting filesystem read-only
[  118.872876][   T29] audit: type=1400 audit(1748722023.494:1698): avc:  denied  { mounton } for  pid=7275 comm="syz.4.1510" path="/324/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  118.892947][ T7272] EXT4-fs (loop0): 1 truncate cleaned up
[  118.920415][   T51] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  118.934915][   T51] Quota error (device loop0): write_blk: dquota write failed
[  118.935397][ T7272] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.944863][   T51] Quota error (device loop0): remove_free_dqentry: Can't write block (5) with free entries
[  118.960136][ T7272] ext4 filesystem being mounted at /251/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.973202][   T51] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  118.976638][   T51] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  119.038667][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.143903][ T7290] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1515'.
[  119.224230][ T7292] loop0: detected capacity change from 0 to 1024
[  119.232093][ T7292] ext4: Unknown parameter 'uid>00000000000000000000'
[  119.387464][ T7309] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1523'.
[  119.455826][ T7312] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2579 sclass=netlink_route_socket pid=7312 comm=syz.4.1523
[  119.545284][ T7319] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  119.556999][ T7319] SELinux: failed to load policy
[  119.566549][ T7319] sg_write: process 808 (syz.1.1527) changed security contexts after opening file descriptor, this is not allowed.
[  119.586923][ T7319] loop1: detected capacity change from 0 to 1024
[  119.705477][ T7330] FAULT_INJECTION: forcing a failure.
[  119.705477][ T7330] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  119.724203][ T7330] CPU: 0 UID: 0 PID: 7330 Comm: syz.1.1532 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  119.724243][ T7330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  119.724262][ T7330] Call Trace:
[  119.724270][ T7330]  <TASK>
[  119.724280][ T7330]  __dump_stack+0x1d/0x30
[  119.724305][ T7330]  dump_stack_lvl+0xe8/0x140
[  119.724404][ T7330]  dump_stack+0x15/0x1b
[  119.724426][ T7330]  should_fail_ex+0x265/0x280
[  119.724468][ T7330]  should_fail_alloc_page+0xf2/0x100
[  119.724509][ T7330]  __alloc_frozen_pages_noprof+0xff/0x360
[  119.724551][ T7330]  alloc_pages_mpol+0xb3/0x250
[  119.724583][ T7330]  alloc_pages_noprof+0x90/0x130
[  119.724679][ T7330]  get_zeroed_page_noprof+0x1a/0x40
[  119.724723][ T7330]  uart_startup+0x184/0x930
[  119.724752][ T7330]  ? univ8250_config_port+0x2e7/0x380
[  119.724863][ T7330]  uart_ioctl+0xc43/0xe40
[  119.724951][ T7330]  ? do_vfs_ioctl+0x9df/0x11d0
[  119.725051][ T7330]  ? tty_jobctrl_ioctl+0x29e/0x810
[  119.725085][ T7330]  tty_ioctl+0x7de/0xb80
[  119.725126][ T7330]  ? __pfx_tty_ioctl+0x10/0x10
[  119.725210][ T7330]  __se_sys_ioctl+0xcb/0x140
[  119.725250][ T7330]  __x64_sys_ioctl+0x43/0x50
[  119.725288][ T7330]  x64_sys_call+0x19a8/0x2fb0
[  119.725312][ T7330]  do_syscall_64+0xd2/0x200
[  119.725383][ T7330]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.725484][ T7330]  ? clear_bhb_loop+0x40/0x90
[  119.725507][ T7330]  ? clear_bhb_loop+0x40/0x90
[  119.725531][ T7330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.725617][ T7330] RIP: 0033:0x7fd5d472e969
[  119.725633][ T7330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.725706][ T7330] RSP: 002b:00007fd5d2d97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  119.725784][ T7330] RAX: ffffffffffffffda RBX: 00007fd5d4955fa0 RCX: 00007fd5d472e969
[  119.725798][ T7330] RDX: 0000000000000000 RSI: 0000000000005453 RDI: 0000000000000003
[  119.725811][ T7330] RBP: 00007fd5d2d97090 R08: 0000000000000000 R09: 0000000000000000
[  119.725824][ T7330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.725837][ T7330] R13: 0000000000000000 R14: 00007fd5d4955fa0 R15: 00007ffe6c10e558
[  119.725858][ T7330]  </TASK>
[  120.351936][ T7364] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1548'.
[  120.410200][ T7372] 9pnet_fd: Insufficient options for proto=fd
[  120.460392][ T7371] random: crng reseeded on system resumption
[  120.545711][ T7379] loop1: detected capacity change from 0 to 1024
[  120.558267][ T7379] ext4: Unknown parameter 'uid>00000000000000000000'
[  120.571650][ T7373] siw: device registration error -23
[  120.631630][ T7371] loop4: detected capacity change from 0 to 512
[  120.654548][ T7380] syzkaller0: entered promiscuous mode
[  120.654548][ T7371] EXT4-fs: test_dummy_encryption option not supported
[  120.669674][ T7380] syzkaller0: entered allmulticast mode
[  120.682556][ T7385] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7385 comm=syz.2.1555
[  120.852547][ T7396] loop3: detected capacity change from 0 to 512
[  120.871263][ T7396] EXT4-fs: Ignoring removed nobh option
[  120.890131][ T7396] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1560: corrupted inode contents
[  120.904796][ T7396] EXT4-fs (loop3): Remounting filesystem read-only
[  120.914832][ T7396] EXT4-fs (loop3): 1 truncate cleaned up
[  120.922719][ T7396] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.937470][ T7396] ext4 filesystem being mounted at /326/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.950407][ T3351] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  120.961402][ T3351] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  120.987993][ T3351] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  121.020892][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.294941][ T7410] loop3: detected capacity change from 0 to 1990
[  121.322969][ T7412] syzkaller0: entered allmulticast mode
[  121.340168][ T7412] syzkaller0 (unregistering): left allmulticast mode
[  121.394882][ T7417] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7417 comm=syz.4.1567
[  121.609299][ T7426] loop1: detected capacity change from 0 to 512
[  121.646058][ T7426] EXT4-fs: Ignoring removed nobh option
[  121.687416][ T7426] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1571: corrupted inode contents
[  121.730710][ T7426] EXT4-fs (loop1): Remounting filesystem read-only
[  121.762020][ T7426] EXT4-fs (loop1): 1 truncate cleaned up
[  121.776479][ T3433] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  121.789473][ T3433] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  121.831968][ T7426] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.863763][ T3433] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  121.911732][ T7426] ext4 filesystem being mounted at /359/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.982842][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.195719][ T7450] loop2: detected capacity change from 0 to 1024
[  122.204967][ T7450] ext4: Unknown parameter 'uid>00000000000000000000'
[  122.254883][ T7454] loop1: detected capacity change from 0 to 2048
[  122.287712][ T7454] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.320848][ T7454] ext4 filesystem being mounted at /361/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.350287][ T7454] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1583'.
[  122.606558][ T7462] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1583: bg 0: block 345: padding at end of block bitmap is not set
[  122.773533][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.869878][ T7475] loop3: detected capacity change from 0 to 2048
[  122.983840][ T7475] Alternate GPT is invalid, using primary GPT.
[  122.992069][ T7475]  loop3: p2 p3 p7
[  123.084051][ T7493] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1599'.
[  123.217866][ T7498] loop4: detected capacity change from 0 to 1024
[  123.250871][ T7498] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.273641][ T7498] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  123.288601][ T7498] EXT4-fs (loop4): This should not happen!! Data will be lost
[  123.288601][ T7498] 
[  123.299422][ T7498] EXT4-fs (loop4): Total free blocks count 0
[  123.306041][ T7498] EXT4-fs (loop4): Free/Dirty block details
[  123.312187][ T7498] EXT4-fs (loop4): free_blocks=0
[  123.317880][ T7498] EXT4-fs (loop4): dirty_blocks=0
[  123.324621][ T7498] EXT4-fs (loop4): Block reservation details
[  123.332941][ T7498] EXT4-fs (loop4): i_reserved_data_blocks=0
[  123.557212][ T7521] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  123.571877][ T7521] SELinux: failed to load policy
[  123.586471][ T7521] loop0: detected capacity change from 0 to 1024
[  123.689843][   T29] kauditd_printk_skb: 199 callbacks suppressed
[  123.689861][   T29] audit: type=1400 audit(1748722028.304:1882): avc:  denied  { read } for  pid=7526 comm="syz.0.1611" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  123.730985][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  123.744399][   T29] audit: type=1400 audit(1748722028.354:1883): avc:  denied  { write } for  pid=7526 comm="syz.0.1611" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  123.769500][ T7530] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1612'.
[  123.977958][   T29] audit: type=1400 audit(1748722028.594:1884): avc:  denied  { read write } for  pid=7544 comm="syz.2.1619" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  124.010596][   T29] audit: type=1400 audit(1748722028.594:1885): avc:  denied  { open } for  pid=7544 comm="syz.2.1619" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  124.039828][   T29] audit: type=1400 audit(1748722028.634:1886): avc:  denied  { ioctl } for  pid=7544 comm="syz.2.1619" path="socket:[17260]" dev="sockfs" ino=17260 ioctlcmd=0x942a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  124.072547][ T7548] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1614'.
[  124.082562][ T7548] IPVS: Error joining to the multicast group
[  124.209397][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.819712][ T7596] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  124.857077][ T7596] SELinux: failed to load policy
[  125.053583][   T29] audit: type=1326 audit(1748722029.664:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7607 comm="syz.4.1648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50b1ace969 code=0x7ffc0000
[  125.085737][ T7609] loop0: detected capacity change from 0 to 1024
[  125.092783][ T7609] ext4: Unknown parameter 'uid>00000000000000000000'
[  125.124033][   T29] audit: type=1326 audit(1748722029.724:1888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7607 comm="syz.4.1648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f50b1ace969 code=0x7ffc0000
[  125.153624][   T29] audit: type=1326 audit(1748722029.724:1889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7607 comm="syz.4.1648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50b1ace969 code=0x7ffc0000
[  125.180711][   T29] audit: type=1326 audit(1748722029.724:1890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7607 comm="syz.4.1648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50b1ace969 code=0x7ffc0000
[  125.361893][   T29] audit: type=1400 audit(1748722029.964:1891): avc:  denied  { create } for  pid=7616 comm="syz.2.1651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  125.588117][ T7638] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  125.638703][ T7646] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1652'.
[  125.654059][ T7646] IPVS: Error joining to the multicast group
[  126.185157][ T7665] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7665 comm=syz.0.1662
[  126.238121][ T7669] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1663'.
[  126.249162][ T7669] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1663'.
[  126.271828][ T7668] loop0: detected capacity change from 0 to 2048
[  126.298969][ T7668] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.359450][ T7668] ext4 filesystem being mounted at /277/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.416346][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.492214][ T7686] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  126.681120][ T7715] loop0: detected capacity change from 0 to 512
[  126.681499][ T7710] lo speed is unknown, defaulting to 1000
[  126.693697][ T7715] EXT4-fs: Ignoring removed nobh option
[  126.724466][ T7719] loop3: detected capacity change from 0 to 128
[  126.732963][ T7720] FAULT_INJECTION: forcing a failure.
[  126.732963][ T7720] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.749138][ T7720] CPU: 1 UID: 0 PID: 7720 Comm: syz.2.1679 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  126.749346][ T7720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  126.749362][ T7720] Call Trace:
[  126.749370][ T7720]  <TASK>
[  126.749379][ T7720]  __dump_stack+0x1d/0x30
[  126.749407][ T7720]  dump_stack_lvl+0xe8/0x140
[  126.749453][ T7720]  dump_stack+0x15/0x1b
[  126.749471][ T7720]  should_fail_ex+0x265/0x280
[  126.749574][ T7720]  should_fail+0xb/0x20
[  126.749607][ T7720]  should_fail_usercopy+0x1a/0x20
[  126.749631][ T7720]  _copy_from_iter+0xcf/0xe40
[  126.749657][ T7720]  ? __build_skb_around+0x1a0/0x200
[  126.749690][ T7720]  ? __alloc_skb+0x223/0x320
[  126.749797][ T7720]  netlink_sendmsg+0x471/0x6b0
[  126.749831][ T7720]  ? __pfx_netlink_sendmsg+0x10/0x10
[  126.749897][ T7720]  __sock_sendmsg+0x142/0x180
[  126.749985][ T7720]  ____sys_sendmsg+0x31e/0x4e0
[  126.750025][ T7720]  ___sys_sendmsg+0x17b/0x1d0
[  126.750071][ T7720]  __x64_sys_sendmsg+0xd4/0x160
[  126.750181][ T7720]  x64_sys_call+0x2999/0x2fb0
[  126.750204][ T7720]  do_syscall_64+0xd2/0x200
[  126.750233][ T7720]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  126.750271][ T7720]  ? clear_bhb_loop+0x40/0x90
[  126.750349][ T7720]  ? clear_bhb_loop+0x40/0x90
[  126.750425][ T7720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.750449][ T7720] RIP: 0033:0x7f3fabc9e969
[  126.750466][ T7720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.750486][ T7720] RSP: 002b:00007f3faa2e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  126.750514][ T7720] RAX: ffffffffffffffda RBX: 00007f3fabec6080 RCX: 00007f3fabc9e969
[  126.750594][ T7720] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000006
[  126.750608][ T7720] RBP: 00007f3faa2e6090 R08: 0000000000000000 R09: 0000000000000000
[  126.750621][ T7720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.750682][ T7720] R13: 0000000000000000 R14: 00007f3fabec6080 R15: 00007ffdb6344228
[  126.750704][ T7720]  </TASK>
[  127.010771][ T7715] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.1678: corrupted inode contents
[  127.045825][ T7715] EXT4-fs (loop0): Remounting filesystem read-only
[  127.058390][ T7724] loop4: detected capacity change from 0 to 2048
[  127.069498][ T7715] EXT4-fs (loop0): 1 truncate cleaned up
[  127.077437][ T7715] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.091582][ T7715] ext4 filesystem being mounted at /280/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.093690][ T3351] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  127.115115][ T3351] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  127.141146][ T7724] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.159016][ T7724] ext4 filesystem being mounted at /363/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.172878][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.183030][ T7718] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7718 comm=syz.1.1681
[  127.198038][ T7728] loop3: detected capacity change from 0 to 128
[  127.222274][ T3351] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  127.258051][ T7728] ������: renamed from vlan0 (while UP)
[  127.264739][ T7728] FAULT_INJECTION: forcing a failure.
[  127.264739][ T7728] name failslab, interval 1, probability 0, space 0, times 0
[  127.279688][ T7728] CPU: 1 UID: 0 PID: 7728 Comm: syz.3.1684 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  127.279718][ T7728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.279730][ T7728] Call Trace:
[  127.279738][ T7728]  <TASK>
[  127.279747][ T7728]  __dump_stack+0x1d/0x30
[  127.279775][ T7728]  dump_stack_lvl+0xe8/0x140
[  127.279800][ T7728]  dump_stack+0x15/0x1b
[  127.279865][ T7728]  should_fail_ex+0x265/0x280
[  127.279908][ T7728]  should_failslab+0x8c/0xb0
[  127.279931][ T7728]  __kmalloc_noprof+0xa5/0x3e0
[  127.279962][ T7728]  ? kobject_get_path+0x92/0x1c0
[  127.280005][ T7728]  kobject_get_path+0x92/0x1c0
[  127.280107][ T7728]  kobject_rename+0x106/0x350
[  127.280148][ T7728]  ? sysfs_rename_link_ns+0x106/0x120
[  127.280224][ T7728]  device_rename+0x11f/0x180
[  127.280259][ T7728]  netif_change_name+0x1eb/0x6b0
[  127.280351][ T7728]  dev_change_name+0xc0/0x170
[  127.280392][ T7728]  dev_ifsioc+0x302/0xaa0
[  127.280421][ T7728]  dev_ioctl+0x4a7/0x960
[  127.280511][ T7728]  sock_do_ioctl+0x197/0x220
[  127.280545][ T7728]  sock_ioctl+0x41b/0x610
[  127.280580][ T7728]  ? __pfx_sock_ioctl+0x10/0x10
[  127.280615][ T7728]  __se_sys_ioctl+0xcb/0x140
[  127.280718][ T7728]  __x64_sys_ioctl+0x43/0x50
[  127.280790][ T7728]  x64_sys_call+0x19a8/0x2fb0
[  127.280813][ T7728]  do_syscall_64+0xd2/0x200
[  127.280839][ T7728]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  127.280899][ T7728]  ? clear_bhb_loop+0x40/0x90
[  127.280921][ T7728]  ? clear_bhb_loop+0x40/0x90
[  127.280965][ T7728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.281055][ T7728] RIP: 0033:0x7f48d20ee969
[  127.281149][ T7728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.281167][ T7728] RSP: 002b:00007f48d0757038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  127.281191][ T7728] RAX: ffffffffffffffda RBX: 00007f48d2315fa0 RCX: 00007f48d20ee969
[  127.281217][ T7728] RDX: 0000200000000000 RSI: 0000000000008923 RDI: 0000000000000008
[  127.281233][ T7728] RBP: 00007f48d0757090 R08: 0000000000000000 R09: 0000000000000000
[  127.281289][ T7728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.281301][ T7728] R13: 0000000000000000 R14: 00007f48d2315fa0 R15: 00007ffd5dd00938
[  127.281322][ T7728]  </TASK>
[  127.737275][ T7738] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1683: bg 0: block 345: padding at end of block bitmap is not set
[  127.796749][ T7747] lo speed is unknown, defaulting to 1000
[  127.932457][ T7757] loop2: detected capacity change from 0 to 512
[  127.959914][ T7757] EXT4-fs: Ignoring removed nobh option
[  128.044959][ T7762] loop3: detected capacity change from 0 to 1024
[  128.053281][ T7762] ext4: Unknown parameter 'uid>00000000000000000000'
[  128.077151][ T7762] siw: device registration error -23
[  128.158987][ T7764] netlink: 'syz.0.1697': attribute type 1 has an invalid length.
[  128.230836][ T7764] bond0: entered promiscuous mode
[  128.236695][ T7764] bond0: entered allmulticast mode
[  128.359333][ T7767] geneve2: entered allmulticast mode
[  128.397075][ T7757] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #3: comm syz.2.1694: corrupted inode contents
[  128.425136][ T7757] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #3: comm syz.2.1694: mark_inode_dirty error
[  128.435231][ T7767] bond0: (slave geneve2): making interface the new active one
[  128.449726][ T7767] geneve2: entered promiscuous mode
[  128.464906][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.477855][ T7757] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #3: comm syz.2.1694: corrupted inode contents
[  128.491385][ T7757] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.1694: mark_inode_dirty error
[  128.505982][ T7767] bond0: (slave geneve2): Enslaving as an active interface with an up link
[  128.536759][ T7757] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.1694: Failed to acquire dquot type 0
[  128.611174][ T7773] loop1: detected capacity change from 0 to 2048
[  128.629486][ T7757] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1694: corrupted inode contents
[  128.655163][ T7757] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #16: comm syz.2.1694: mark_inode_dirty error
[  128.669626][ T7757] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1694: corrupted inode contents
[  128.683589][ T7757] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.1694: mark_inode_dirty error
[  128.699330][ T7757] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1694: corrupted inode contents
[  128.717810][ T3308] Alternate GPT is invalid, using primary GPT.
[  128.725083][ T3308]  loop1: p2 p3 p7
[  128.730281][ T7757] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  128.786862][ T7757] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1694: corrupted inode contents
[  128.800963][ T7757] EXT4-fs error (device loop2): ext4_truncate:4597: inode #16: comm syz.2.1694: mark_inode_dirty error
[  128.817682][ T7757] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  128.828298][ T7757] EXT4-fs (loop2): 1 truncate cleaned up
[  128.835160][ T7757] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.851626][ T7757] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.885293][   T29] kauditd_printk_skb: 52 callbacks suppressed
[  128.885318][   T29] audit: type=1400 audit(1748722033.494:1936): avc:  denied  { connect } for  pid=7750 comm="syz.2.1694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  128.920420][   T29] audit: type=1400 audit(1748722033.534:1937): avc:  denied  { setopt } for  pid=7750 comm="syz.2.1694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  128.946755][   T29] audit: type=1400 audit(1748722033.534:1938): avc:  denied  { bind } for  pid=7750 comm="syz.2.1694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  128.951610][ T7777] loop4: detected capacity change from 0 to 512
[  128.971212][   T29] audit: type=1400 audit(1748722033.534:1939): avc:  denied  { write } for  pid=7750 comm="syz.2.1694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  129.001331][   T29] audit: type=1400 audit(1748722033.534:1940): avc:  denied  { read } for  pid=7750 comm="syz.2.1694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  129.046272][ T7785] loop0: detected capacity change from 0 to 1024
[  129.054037][ T7785] ext4: Unknown parameter 'uid>00000000000000000000'
[  129.078087][ T7785] siw: device registration error -23
[  129.097185][ T7777] EXT4-fs: Ignoring removed nobh option
[  129.243684][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.260183][ T7777] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.1701: corrupted inode contents
[  129.299548][ T7773] Alternate GPT is invalid, using primary GPT.
[  129.308191][ T7773]  loop1: p2 p3 p7
[  129.326010][ T7777] EXT4-fs (loop4): Remounting filesystem read-only
[  129.365903][ T7777] EXT4-fs (loop4): 1 truncate cleaned up
[  129.427362][ T7777] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.463963][ T3351] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  129.465726][ T7777] ext4 filesystem being mounted at /365/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.478870][ T3351] Quota error (device loop4): write_blk: dquota write failed
[  129.478893][ T3351] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries
[  129.513009][ T3351] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  129.525590][ T3351] Quota error (device loop4): write_blk: dquota write failed
[  129.534309][ T3351] Quota error (device loop4): free_dqentry: Can't move quota data block (5) to free list
[  129.551381][ T3351] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  129.563254][ T3351] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  129.675417][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.707087][ T7795] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  129.745295][ T7799] 9pnet_fd: Insufficient options for proto=fd
[  129.756643][ T7795] SELinux: failed to load policy
[  129.841438][ T7809] FAULT_INJECTION: forcing a failure.
[  129.841438][ T7809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.858245][ T7809] CPU: 0 UID: 0 PID: 7809 Comm: syz.0.1712 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  129.858399][ T7809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  129.858416][ T7809] Call Trace:
[  129.858425][ T7809]  <TASK>
[  129.858482][ T7809]  __dump_stack+0x1d/0x30
[  129.858505][ T7809]  dump_stack_lvl+0xe8/0x140
[  129.858594][ T7809]  dump_stack+0x15/0x1b
[  129.858618][ T7809]  should_fail_ex+0x265/0x280
[  129.858706][ T7809]  should_fail+0xb/0x20
[  129.858789][ T7809]  should_fail_usercopy+0x1a/0x20
[  129.858814][ T7809]  _copy_from_user+0x1c/0xb0
[  129.858844][ T7809]  __sys_bind+0x106/0x2a0
[  129.858878][ T7809]  __x64_sys_bind+0x3f/0x50
[  129.858913][ T7809]  x64_sys_call+0x2086/0x2fb0
[  129.858941][ T7809]  do_syscall_64+0xd2/0x200
[  129.859030][ T7809]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.859070][ T7809]  ? clear_bhb_loop+0x40/0x90
[  129.859118][ T7809]  ? clear_bhb_loop+0x40/0x90
[  129.859181][ T7809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.859212][ T7809] RIP: 0033:0x7f30ad12e969
[  129.859231][ T7809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.859257][ T7809] RSP: 002b:00007f30ab797038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  129.859291][ T7809] RAX: ffffffffffffffda RBX: 00007f30ad355fa0 RCX: 00007f30ad12e969
[  129.859308][ T7809] RDX: 0000000000000067 RSI: 0000200000000100 RDI: 0000000000000003
[  129.859338][ T7809] RBP: 00007f30ab797090 R08: 0000000000000000 R09: 0000000000000000
[  129.859353][ T7809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.859368][ T7809] R13: 0000000000000000 R14: 00007f30ad355fa0 R15: 00007ffc0849f048
[  129.859390][ T7809]  </TASK>
[  130.108106][ T7811] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  130.130008][ T7811] SELinux: failed to load policy
[  130.288306][ T7820] loop2: detected capacity change from 0 to 512
[  130.317470][ T7820] EXT4-fs: Ignoring removed nobh option
[  130.373579][ T7824] loop1: detected capacity change from 0 to 1024
[  130.381822][ T7824] ext4: Unknown parameter 'uid>00000000000000000000'
[  130.394624][ T7824] siw: device registration error -23
[  130.427007][ T7820] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1717: corrupted inode contents
[  130.456872][ T7820] EXT4-fs (loop2): Remounting filesystem read-only
[  130.467906][ T7820] EXT4-fs (loop2): 1 truncate cleaned up
[  130.474952][ T7820] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.496515][ T7831] loop3: detected capacity change from 0 to 1830
[  130.507561][ T7820] ext4 filesystem being mounted at /314/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.558666][ T7834] loop4: detected capacity change from 0 to 2048
[  130.570129][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.596306][   T37] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  130.608299][   T37] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  130.622312][ T7834] Alternate GPT is invalid, using primary GPT.
[  130.630031][ T7834]  loop4: p2 p3 p7
[  130.632338][   T37] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  130.791636][ T7841] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7841 comm=syz.2.1720
[  131.170469][ T7860] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  131.209479][ T7860] SELinux: failed to load policy
[  131.346735][ T7872] loop1: detected capacity change from 0 to 512
[  131.355885][ T7872] EXT4-fs: Ignoring removed nobh option
[  131.418441][ T7872] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1733: corrupted inode contents
[  131.436376][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.446457][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.455637][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.469660][ T7873] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1731'.
[  131.471781][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.480574][ T7873] IPVS: Error joining to the multicast group
[  131.489387][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.508474][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.517277][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.526710][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.536810][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.546861][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.559312][ T7872] EXT4-fs (loop1): Remounting filesystem read-only
[  131.559343][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.576036][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.578197][ T7872] EXT4-fs (loop1): 1 truncate cleaned up
[  131.587559][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.629743][ T5391] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  131.641819][ T7878] syzkaller0: entered promiscuous mode
[  131.643479][ T5391] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  131.649774][ T7878] syzkaller0: entered allmulticast mode
[  131.686371][ T7872] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.741268][ T5391] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  131.749106][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.764781][ T7872] ext4 filesystem being mounted at /385/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.766043][   T10] hid-generic 0006:0000:0000.0001: unknown main item tag 0x0
[  131.803843][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.811552][   T10] hid-generic 0006:0000:0000.0001: hidraw0: VIRTUAL HID vffffff.00 Device [syz0] on syz1
[  131.827755][ T7885] Q�6��\b��Y�4��: renamed from lo
[  131.913138][ T7886] fido_id[7886]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  132.250179][ T7905] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  132.279323][ T7905] SELinux: failed to load policy
[  132.413026][ T7916] loop1: detected capacity change from 0 to 512
[  132.424431][ T7916] EXT4-fs: Ignoring removed nobh option
[  132.475472][ T7916] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1748: corrupted inode contents
[  132.499627][ T7916] EXT4-fs (loop1): Remounting filesystem read-only
[  132.519563][ T7916] EXT4-fs (loop1): 1 truncate cleaned up
[  132.535717][ T3433] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  132.549639][ T3433] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  132.565946][ T7916] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.599153][ T3433] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  132.617090][ T7916] ext4 filesystem being mounted at /389/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.656390][ T7941] loop3: detected capacity change from 0 to 512
[  132.669483][ T7941] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  132.679362][ T7941] EXT4-fs (loop3): invalid journal inode
[  132.686683][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.687216][ T7941] EXT4-fs (loop3): can't get journal size
[  132.708669][ T7941] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002]
[  132.718215][ T7941] System zones: 1-12, 13-13
[  132.724455][ T7941] EXT4-fs (loop3): 1 truncate cleaned up
[  132.753755][ T7941] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.914686][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.966097][ T7951] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1751'.
[  132.977409][ T7951] IPVS: Error joining to the multicast group
[  133.297771][ T7961] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  133.313498][ T7961] SELinux: failed to load policy
[  133.432811][ T7967] lo speed is unknown, defaulting to 1000
[  133.479510][ T7968] loop0: detected capacity change from 0 to 512
[  133.587039][ T7967] loop0: detected capacity change from 0 to 2048
[  133.681927][ T7967]  loop0: p1 < > p4
[  133.698104][ T7967] loop0: p4 size 8388608 extends beyond EOD, truncated
[  133.824455][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  133.836428][ T5743] udevd[5743]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  133.873283][ T7975] netlink: 'syz.4.1763': attribute type 27 has an invalid length.
[  133.919563][ T7975] bond0: left promiscuous mode
[  133.925155][ T7975] bond_slave_0: left promiscuous mode
[  133.933020][ T7975] bond_slave_1: left promiscuous mode
[  133.943551][ T7978] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7978 comm=syz.3.1765
[  133.983361][ T7975] bond1: left promiscuous mode
[  133.992487][ T7975] bond1: left allmulticast mode
[  134.038019][ T7980] loop0: detected capacity change from 0 to 1024
[  134.050268][ T7982] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7982 comm=syz.3.1766
[  134.087559][ T7979] 8021q: adding VLAN 0 to HW filter on device bond0
[  134.121767][ T7980] ext4: Unknown parameter 'uid>00000000000000000000'
[  134.155345][ T7975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1763'.
[  134.165342][ T7975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1763'.
[  134.167405][ T7979] 8021q: adding VLAN 0 to HW filter on device team0
[  134.201393][ T7975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1763'.
[  134.278437][   T29] kauditd_printk_skb: 119 callbacks suppressed
[  134.278455][   T29] audit: type=1400 audit(1748722038.894:2041): avc:  denied  { override_creds } for  pid=7973 comm="syz.4.1763" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  134.515897][ T7979] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  134.632513][ T7975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1763'.
[  134.636358][ T7970] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1762'.
[  134.644178][ T7975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1763'.
[  134.716279][ T7970] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  134.750248][ T7997] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  134.771756][ T7997] SELinux: failed to load policy
[  134.778340][ T7975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1763'.
[  134.798361][ T7999] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  134.821428][ T7999] SELinux: failed to load policy
[  134.897322][ T8009] loop0: detected capacity change from 0 to 512
[  134.903326][ T8011] loop3: detected capacity change from 0 to 512
[  134.915371][ T8009] EXT4-fs: Ignoring removed nobh option
[  134.921513][ T8011] EXT4-fs: Ignoring removed nobh option
[  134.989542][ T8009] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.1775: corrupted inode contents
[  135.021112][ T8009] EXT4-fs (loop0): Remounting filesystem read-only
[  135.032157][ T8009] EXT4-fs (loop0): 1 truncate cleaned up
[  135.041787][ T8011] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1776: corrupted inode contents
[  135.042878][ T8009] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.073633][ T3351] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  135.074736][ T8009] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.085632][ T3351] Quota error (device loop0): write_blk: dquota write failed
[  135.110051][ T3351] Quota error (device loop0): remove_free_dqentry: Can't write block (5) with free entries
[  135.123479][ T3351] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  135.137522][ T3351] Quota error (device loop0): write_blk: dquota write failed
[  135.146671][ T3351] Quota error (device loop0): free_dqentry: Can't move quota data block (5) to free list
[  135.161448][ T3351] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  135.174294][ T3351] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  135.184901][ T3351] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  135.189287][ T8011] EXT4-fs (loop3): Remounting filesystem read-only
[  135.213757][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.237237][ T8011] EXT4-fs (loop3): 1 truncate cleaned up
[  135.244575][ T5391] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  135.254338][ T8011] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.257849][ T5391] Quota error (device loop3): write_blk: dquota write failed
[  135.273097][ T8011] ext4 filesystem being mounted at /376/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.281459][ T5391] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[  135.308773][ T5391] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  135.321388][ T5391] Quota error (device loop3): write_blk: dquota write failed
[  135.355959][ T5391] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  135.382108][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.494731][ T8046] 9pnet_fd: Insufficient options for proto=fd
[  135.551906][ T8054] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  135.566030][ T8053] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8053 comm=syz.3.1795
[  135.617266][ T8054] SELinux: failed to load policy
[  135.631603][ T8063] loop1: detected capacity change from 0 to 512
[  135.656114][ T8063] EXT4-fs: Ignoring removed nobh option
[  135.713260][ T8070] loop3: detected capacity change from 0 to 512
[  135.733997][ T8063] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1798: corrupted inode contents
[  135.736896][ T8070] EXT4-fs: Ignoring removed nobh option
[  135.753238][ T8063] EXT4-fs (loop1): Remounting filesystem read-only
[  135.768688][ T8063] EXT4-fs (loop1): 1 truncate cleaned up
[  135.787503][ T3433] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  135.793795][ T8081] sctp: [Deprecated]: syz.2.1806 (pid 8081) Use of int in maxseg socket option.
[  135.793795][ T8081] Use struct sctp_assoc_value instead
[  135.800899][ T3433] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  135.836023][ T3433] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  135.840970][ T8063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.872564][ T8084] 8021q: VLANs not supported on vxcan1
[  135.883755][ T8063] ext4 filesystem being mounted at /396/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.884633][ T8070] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1800: corrupted inode contents
[  135.923378][ T8070] EXT4-fs (loop3): Remounting filesystem read-only
[  135.932462][ T8070] EXT4-fs (loop3): 1 truncate cleaned up
[  135.942744][ T8070] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.958063][ T5391] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  135.963034][ T8088] 9pnet_fd: Insufficient options for proto=fd
[  135.970033][ T5391] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  135.992262][ T8070] ext4 filesystem being mounted at /380/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.008019][ T5391] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  136.024908][ T8091] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1809'.
[  136.043330][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.065798][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.138333][ T8097] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8097 comm=syz.4.1813
[  136.174629][ T8103] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  136.181295][ T8105] loop3: detected capacity change from 0 to 256
[  136.208094][ T8103] SELinux: failed to load policy
[  136.216330][ T8107] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  136.236835][ T8107] SELinux: failed to load policy
[  136.254915][ T8105] netlink: 'syz.3.1815': attribute type 13 has an invalid length.
[  136.312732][ T8113] loop1: detected capacity change from 0 to 512
[  136.376432][ T8113] EXT4-fs: Ignoring removed nobh option
[  136.426264][ T8105] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.428528][ T8113] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #16: comm syz.1.1820: corrupted inode contents
[  136.434981][ T8105] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.469514][ T8113] EXT4-fs (loop1): Remounting filesystem read-only
[  136.478971][ T8113] EXT4-fs (loop1): 1 truncate cleaned up
[  136.490225][ T8113] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.504174][ T8113] ext4 filesystem being mounted at /399/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.518334][   T51] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  136.530734][   T51] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  136.545095][   T51] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  136.559129][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.591204][ T8105] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  136.613671][ T8105] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  136.669294][ T8105] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  136.683312][ T8105] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  136.694399][ T8105] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  136.705942][ T8105] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  136.728729][ T8138] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  136.741459][ T8138] SELinux: failed to load policy
[  136.753845][ T8130] 8021q: VLANs not supported on vxcan0
[  136.782520][ T8140] tmpfs: Bad value for 'mpol'
[  137.012988][ T8151] loop4: detected capacity change from 0 to 2048
[  137.030293][ T8152] loop0: detected capacity change from 0 to 512
[  137.040641][ T8152] EXT4-fs: Ignoring removed nobh option
[  137.072693][ T5743] Alternate GPT is invalid, using primary GPT.
[  137.080368][ T5743]  loop4: p2 p3 p7
[  137.143745][ T8159] loop2: detected capacity change from 0 to 1024
[  137.154241][ T8159] ext4: Unknown parameter 'uid>00000000000000000000'
[  137.263068][ T8164] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  137.298526][ T8152] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.1836: corrupted inode contents
[  137.399479][ T8164] SELinux: failed to load policy
[  137.510512][ T8152] EXT4-fs (loop0): Remounting filesystem read-only
[  137.575274][ T8152] EXT4-fs (loop0): 1 truncate cleaned up
[  137.586351][ T5391] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  137.603062][ T5391] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  137.622744][ T5391] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  137.646610][ T8152] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.663526][ T8175] loop3: detected capacity change from 0 to 512
[  137.674333][ T8151] Alternate GPT is invalid, using primary GPT.
[  137.682736][ T8151]  loop4: p2 p3 p7
[  137.685033][ T8152] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.725948][ T8175] EXT4-fs: Ignoring removed nobh option
[  137.773865][ T8179] __nla_validate_parse: 2 callbacks suppressed
[  137.773885][ T8179] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1841'.
[  137.801992][ T8175] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1840: corrupted inode contents
[  137.844582][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.875611][ T8175] EXT4-fs (loop3): Remounting filesystem read-only
[  137.896356][ T8175] EXT4-fs (loop3): 1 truncate cleaned up
[  137.899818][ T8184] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1842'.
[  137.906949][ T8175] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.924608][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  137.933696][ T8175] ext4 filesystem being mounted at /385/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.944374][   T12] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  137.970763][   T12] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  138.000916][ T8187] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  138.025060][ T8187] SELinux: failed to load policy
[  138.032580][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.109583][ T8195] loop3: detected capacity change from 0 to 512
[  138.126182][ T8195] EXT4-fs: Ignoring removed nobh option
[  138.175291][ T8199] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8199 comm=syz.0.1849
[  138.248805][ T8195] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1847: corrupted inode contents
[  138.264299][ T8195] EXT4-fs (loop3): Remounting filesystem read-only
[  138.273075][ T8195] EXT4-fs (loop3): 1 truncate cleaned up
[  138.283093][ T8195] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.293792][ T8205] 9pnet_fd: Insufficient options for proto=fd
[  138.298095][ T8195] ext4 filesystem being mounted at /387/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.304383][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  138.330075][   T51] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  138.362875][   T51] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  138.381156][ T8212] loop2: detected capacity change from 0 to 512
[  138.390191][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.411177][ T8212] EXT4-fs: Ignoring removed nobh option
[  138.438469][ T8215] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1857'.
[  138.452853][ T8212] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1854: corrupted inode contents
[  138.467656][ T8212] EXT4-fs (loop2): Remounting filesystem read-only
[  138.475130][ T8212] EXT4-fs (loop2): 1 truncate cleaned up
[  138.484090][ T8212] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.499290][ T3351] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  138.505810][ T8212] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.513634][ T3351] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  138.539151][ T3351] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  138.573060][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.815377][ T8250] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  138.830471][ T8250] SELinux: failed to load policy
[  138.868819][ T8256] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8256 comm=syz.0.1874
[  138.930606][ T8254] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  139.118234][ T8252] bond0: entered promiscuous mode
[  139.125721][ T8252] bond_slave_0: entered promiscuous mode
[  139.133060][ T8252] bond_slave_1: entered promiscuous mode
[  139.234737][ T8291] FAULT_INJECTION: forcing a failure.
[  139.234737][ T8291] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.249692][ T8291] CPU: 1 UID: 0 PID: 8291 Comm: syz.4.1891 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  139.249798][ T8291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  139.249815][ T8291] Call Trace:
[  139.249823][ T8291]  <TASK>
[  139.249834][ T8291]  __dump_stack+0x1d/0x30
[  139.249900][ T8291]  dump_stack_lvl+0xe8/0x140
[  139.250004][ T8291]  dump_stack+0x15/0x1b
[  139.250027][ T8291]  should_fail_ex+0x265/0x280
[  139.250069][ T8291]  should_fail+0xb/0x20
[  139.250181][ T8291]  should_fail_usercopy+0x1a/0x20
[  139.250206][ T8291]  strncpy_from_user+0x25/0x230
[  139.250242][ T8291]  ? kmem_cache_alloc_noprof+0x186/0x310
[  139.250348][ T8291]  ? getname_flags+0x80/0x3b0
[  139.250382][ T8291]  getname_flags+0xae/0x3b0
[  139.250414][ T8291]  __x64_sys_rename+0x33/0x70
[  139.250440][ T8291]  x64_sys_call+0x2aee/0x2fb0
[  139.250467][ T8291]  do_syscall_64+0xd2/0x200
[  139.250552][ T8291]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  139.250588][ T8291]  ? clear_bhb_loop+0x40/0x90
[  139.250617][ T8291]  ? clear_bhb_loop+0x40/0x90
[  139.250691][ T8291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.250721][ T8291] RIP: 0033:0x7f50b1ace969
[  139.250740][ T8291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.250767][ T8291] RSP: 002b:00007f50b0137038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  139.250864][ T8291] RAX: ffffffffffffffda RBX: 00007f50b1cf5fa0 RCX: 00007f50b1ace969
[  139.250881][ T8291] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000200000000000
[  139.250898][ T8291] RBP: 00007f50b0137090 R08: 0000000000000000 R09: 0000000000000000
[  139.250914][ T8291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.250931][ T8291] R13: 0000000000000000 R14: 00007f50b1cf5fa0 R15: 00007ffd3800f578
[  139.250955][ T8291]  </TASK>
[  139.510321][ T8294] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8294 comm=syz.0.1890
[  139.567033][   T29] kauditd_printk_skb: 126 callbacks suppressed
[  139.567052][   T29] audit: type=1400 audit(1748722044.184:2123): avc:  denied  { ioctl } for  pid=8289 comm="syz.2.1889" path="socket:[20157]" dev="sockfs" ino=20157 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  139.763620][ T8309] loop4: detected capacity change from 0 to 2048
[  139.837839][   T29] audit: type=1326 audit(1748722044.454:2124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8320 comm="syz.0.1903" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f30ad12e969 code=0x0
[  139.871129][ T3308] Alternate GPT is invalid, using primary GPT.
[  139.878594][ T3308]  loop4: p2 p3 p7
[  139.904562][ T8309] Alternate GPT is invalid, using primary GPT.
[  139.912397][ T8309]  loop4: p2 p3 p7
[  139.921188][ T8323] loop3: detected capacity change from 0 to 512
[  139.944917][ T8323] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  139.984438][   T29] audit: type=1400 audit(1748722044.594:2125): avc:  denied  { write } for  pid=8299 comm="syz.4.1894" name="loop4p3" dev="devtmpfs" ino=1354 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  140.060027][ T8323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.061916][ T8331] FAULT_INJECTION: forcing a failure.
[  140.061916][ T8331] name failslab, interval 1, probability 0, space 0, times 0
[  140.093305][ T8331] CPU: 1 UID: 0 PID: 8331 Comm: syz.1.1907 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  140.093333][ T8331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  140.093347][ T8331] Call Trace:
[  140.093354][ T8331]  <TASK>
[  140.093362][ T8331]  __dump_stack+0x1d/0x30
[  140.093425][ T8331]  dump_stack_lvl+0xe8/0x140
[  140.093470][ T8331]  dump_stack+0x15/0x1b
[  140.093488][ T8331]  should_fail_ex+0x265/0x280
[  140.093528][ T8331]  ? vlan_vid_add+0xbf/0x4c0
[  140.093618][ T8331]  should_failslab+0x8c/0xb0
[  140.093648][ T8331]  __kmalloc_cache_noprof+0x4c/0x320
[  140.093686][ T8331]  vlan_vid_add+0xbf/0x4c0
[  140.093788][ T8331]  ? bcmp+0x2e/0x90
[  140.093822][ T8331]  ? rb_erase+0x206/0x680
[  140.093854][ T8331]  register_vlan_dev+0x65/0x480
[  140.093880][ T8331]  ? vlan_changelink+0x29f/0x2e0
[  140.093975][ T8331]  vlan_newlink+0x32a/0x370
[  140.094081][ T8331]  ? __pfx_vlan_newlink+0x10/0x10
[  140.094116][ T8331]  rtnl_newlink_create+0x1b9/0x620
[  140.094155][ T8331]  ? security_capable+0x83/0x90
[  140.094287][ T8331]  ? netlink_ns_capable+0x86/0xa0
[  140.094310][ T8331]  rtnl_newlink+0xf29/0x12d0
[  140.094361][ T8331]  ? bpf_trace_run3+0x12c/0x1d0
[  140.094462][ T8331]  ? css_rstat_updated+0xcd/0x5b0
[  140.094499][ T8331]  ? __memcg_slab_free_hook+0x11e/0x240
[  140.094545][ T8331]  ? __kfree_skb+0x109/0x150
[  140.094576][ T8331]  ? __rcu_read_unlock+0x4f/0x70
[  140.094637][ T8331]  ? avc_has_perm_noaudit+0x1b1/0x200
[  140.094719][ T8331]  ? selinux_capable+0x1f9/0x270
[  140.094838][ T8331]  ? security_capable+0x83/0x90
[  140.094901][ T8331]  ? ns_capable+0x7d/0xb0
[  140.094924][ T8331]  ? __pfx_rtnl_newlink+0x10/0x10
[  140.094965][ T8331]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  140.095071][ T8331]  netlink_rcv_skb+0x123/0x220
[  140.095105][ T8331]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  140.095156][ T8331]  rtnetlink_rcv+0x1c/0x30
[  140.095195][ T8331]  netlink_unicast+0x59e/0x670
[  140.095293][ T8331]  netlink_sendmsg+0x58b/0x6b0
[  140.095329][ T8331]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.095402][ T8331]  __sock_sendmsg+0x142/0x180
[  140.095513][ T8331]  ____sys_sendmsg+0x31e/0x4e0
[  140.095549][ T8331]  ___sys_sendmsg+0x17b/0x1d0
[  140.095601][ T8331]  __x64_sys_sendmsg+0xd4/0x160
[  140.095707][ T8331]  x64_sys_call+0x2999/0x2fb0
[  140.095736][ T8331]  do_syscall_64+0xd2/0x200
[  140.095763][ T8331]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  140.095859][ T8331]  ? clear_bhb_loop+0x40/0x90
[  140.095887][ T8331]  ? clear_bhb_loop+0x40/0x90
[  140.095917][ T8331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.095945][ T8331] RIP: 0033:0x7fd5d472e969
[  140.095961][ T8331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.096060][ T8331] RSP: 002b:00007fd5d2d97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  140.096080][ T8331] RAX: ffffffffffffffda RBX: 00007fd5d4955fa0 RCX: 00007fd5d472e969
[  140.096116][ T8331] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000d
[  140.096129][ T8331] RBP: 00007fd5d2d97090 R08: 0000000000000000 R09: 0000000000000000
[  140.096171][ T8331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  140.096187][ T8331] R13: 0000000000000000 R14: 00007fd5d4955fa0 R15: 00007ffe6c10e558
[  140.096214][ T8331]  </TASK>
[  140.104598][ T8323] ext4 filesystem being mounted at /392/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.185727][   T29] audit: type=1400 audit(1748722044.594:2126): avc:  denied  { open } for  pid=8299 comm="syz.4.1894" path="/dev/loop4p3" dev="devtmpfs" ino=1354 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  140.542957][   T29] audit: type=1400 audit(1748722045.134:2127): avc:  denied  { read } for  pid=8321 comm="iou-wrk-8336" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  140.575661][   T29] audit: type=1400 audit(1748722045.134:2128): avc:  denied  { open } for  pid=8321 comm="iou-wrk-8336" path="/392/file1/file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  140.710773][ T8352] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1910'.
[  140.777897][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.903855][   T29] audit: type=1326 audit(1748722045.514:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8359 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5d472e969 code=0x7ffc0000
[  140.931670][   T29] audit: type=1326 audit(1748722045.514:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8359 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5d472e969 code=0x7ffc0000
[  140.985885][   T29] audit: type=1326 audit(1748722045.584:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8359 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd5d472e969 code=0x7ffc0000
[  141.011820][   T29] audit: type=1326 audit(1748722045.584:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8359 comm="syz.1.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5d472e969 code=0x7ffc0000
[  141.159366][ T8375] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  141.170557][ T8375] SELinux: failed to load policy
[  141.250738][ T8378] loop0: detected capacity change from 0 to 2048
[  141.311088][ T8380] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1921'.
[  141.361112][ T8378] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.494640][ T8388] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1924'.
[  141.522658][ T8389] loop4: detected capacity change from 0 to 2048
[  141.569548][ T3308] Alternate GPT is invalid, using primary GPT.
[  141.577514][ T3308]  loop4: p2 p3 p7
[  141.591387][ T8389] Alternate GPT is invalid, using primary GPT.
[  141.598256][ T8389]  loop4: p2 p3 p7
[  141.874732][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.962747][ T8397] FAULT_INJECTION: forcing a failure.
[  141.962747][ T8397] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.978221][ T8397] CPU: 0 UID: 0 PID: 8397 Comm: syz.2.1926 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  141.978301][ T8397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  141.978314][ T8397] Call Trace:
[  141.978321][ T8397]  <TASK>
[  141.978332][ T8397]  __dump_stack+0x1d/0x30
[  141.978423][ T8397]  dump_stack_lvl+0xe8/0x140
[  141.978450][ T8397]  dump_stack+0x15/0x1b
[  141.978497][ T8397]  should_fail_ex+0x265/0x280
[  141.978579][ T8397]  should_fail+0xb/0x20
[  141.978609][ T8397]  should_fail_usercopy+0x1a/0x20
[  141.978634][ T8397]  strncpy_from_user+0x25/0x230
[  141.978661][ T8397]  ? kmem_cache_alloc_noprof+0x186/0x310
[  141.978763][ T8397]  ? getname_flags+0x80/0x3b0
[  141.978820][ T8397]  getname_flags+0xae/0x3b0
[  141.978869][ T8397]  user_path_at+0x28/0x130
[  141.978926][ T8397]  __se_sys_quotactl+0xb6/0x670
[  141.978965][ T8397]  __x64_sys_quotactl+0x55/0x70
[  141.979001][ T8397]  x64_sys_call+0x2886/0x2fb0
[  141.979027][ T8397]  do_syscall_64+0xd2/0x200
[  141.979086][ T8397]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.979127][ T8397]  ? clear_bhb_loop+0x40/0x90
[  141.979156][ T8397]  ? clear_bhb_loop+0x40/0x90
[  141.979244][ T8397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.979273][ T8397] RIP: 0033:0x7f3fabc9e969
[  141.979294][ T8397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.979396][ T8397] RSP: 002b:00007f3faa307038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  141.979416][ T8397] RAX: ffffffffffffffda RBX: 00007f3fabec5fa0 RCX: 00007f3fabc9e969
[  141.979431][ T8397] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffff80000202
[  141.979447][ T8397] RBP: 00007f3faa307090 R08: 0000000000000000 R09: 0000000000000000
[  141.979462][ T8397] R10: 0000200000004540 R11: 0000000000000246 R12: 0000000000000001
[  141.979560][ T8397] R13: 0000000000000000 R14: 00007f3fabec5fa0 R15: 00007ffdb6344228
[  141.979580][ T8397]  </TASK>
[  142.297148][ T8400] 9pnet_fd: Insufficient options for proto=fd
[  142.352290][ T8407] SELinux:  policydb magic number 0x88c does not match expected magic number 0xf97cff8c
[  142.389326][ T8407] SELinux: failed to load policy
[  142.397603][ T8410] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1934'.
[  142.410921][ T8412] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1935'.
[  142.446190][ T8415] loop0: detected capacity change from 0 to 1024
[  142.470424][ T8415] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  142.492237][ T8415] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1936'.
[  142.508069][ T8418] loop3: detected capacity change from 0 to 512
[  142.520556][ T8419] netlink: 'syz.1.1937': attribute type 21 has an invalid length.
[  142.540262][ T8418] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  142.572431][ T8421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1940'.
[  142.617651][ T8418] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.644714][ T8418] ext4 filesystem being mounted at /400/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  142.724364][ T8436] loop0: detected capacity change from 0 to 2048
[  142.751970][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.786803][ T8440] 9pnet_fd: Insufficient options for proto=fd
[  142.801970][ T5743] Alternate GPT is invalid, using primary GPT.
[  142.809862][ T5743]  loop0: p2 p3 p7
[  142.824379][ T8442] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8442 comm=syz.1.1948
[  142.839867][ T8444] loop3: detected capacity change from 0 to 512
[  142.850342][ T8436] Alternate GPT is invalid, using primary GPT.
[  142.851230][ T8444] EXT4-fs: Ignoring removed nobh option
[  142.859175][ T8436]  loop0: p2 p3 p7
[  142.907431][ T8448] __nla_validate_parse: 1 callbacks suppressed
[  142.907447][ T8448] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1950'.
[  142.915437][ T8444] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.1945: corrupted inode contents
[  143.039987][ T8444] EXT4-fs (loop3): Remounting filesystem read-only
[  143.060629][ T8444] EXT4-fs (loop3): 1 truncate cleaned up
[  143.067819][ T8444] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.086968][ T3433] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  143.099449][ T3433] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  143.099778][ T8444] ext4 filesystem being mounted at /401/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.128660][ T3433] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  143.209086][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.269733][ T8466] loop1: detected capacity change from 0 to 512
[  143.293269][ T8466] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  143.385612][ T8466] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.399118][ T8466] ext4 filesystem being mounted at /433/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.539955][ T8473] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1957'.
[  143.549735][ T8473] IPVS: Error joining to the multicast group
[  143.718009][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.932932][ T8482] 9pnet_fd: Insufficient options for proto=fd
[  143.938341][ T8478] syzkaller0: entered promiscuous mode
[  143.946010][ T8478] syzkaller0: entered allmulticast mode
[  143.974698][ T8480] lo speed is unknown, defaulting to 1000
[  144.274945][ T8496] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1964'.
[  144.296363][ T8497] loop0: detected capacity change from 0 to 2048
[  144.330924][ T8497] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.499599][ T8506] loop2: detected capacity change from 0 to 512
[  144.553732][ T8506] EXT4-fs: Ignoring removed nobh option
[  144.617533][ T8506] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1968: corrupted inode contents
[  144.636064][ T8506] EXT4-fs (loop2): Remounting filesystem read-only
[  144.653493][ T8506] EXT4-fs (loop2): 1 truncate cleaned up
[  144.667745][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  144.681529][   T12] __quota_error: 43 callbacks suppressed
[  144.681604][   T12] Quota error (device loop2): write_blk: dquota write failed
[  144.700732][   T12] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  144.714186][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  144.730781][   T12] Quota error (device loop2): write_blk: dquota write failed
[  144.739196][   T12] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  144.776073][ T8506] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.810448][ T8506] ext4 filesystem being mounted at /371/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.824137][ T8511] lo speed is unknown, defaulting to 1000
[  144.855469][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.872128][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  144.889648][   T12] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  144.937089][   T12] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  144.992586][ T8518] 9pnet_fd: Insufficient options for proto=fd
[  145.154467][ T8521] loop2: detected capacity change from 0 to 512
[  145.295185][ T8488] syz.0.1962 (8488) used greatest stack depth: 5936 bytes left
[  145.316402][ T8521] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  145.458519][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.471709][ T8521] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.495690][ T8521] ext4 filesystem being mounted at /372/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.529550][ T8524] loop4: detected capacity change from 0 to 2048
[  145.537060][   T29] audit: type=1400 audit(1748722050.154:2170): avc:  denied  { create } for  pid=8525 comm="syz.1.1976" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  145.635907][   T29] audit: type=1400 audit(1748722050.184:2171): avc:  denied  { mounton } for  pid=8525 comm="syz.1.1976" path="/438/file0" dev="tmpfs" ino=2315 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  145.666602][   T29] audit: type=1400 audit(1748722050.214:2172): avc:  denied  { mount } for  pid=8525 comm="syz.1.1976" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  145.692621][   T29] audit: type=1400 audit(1748722050.214:2173): avc:  denied  { setattr } for  pid=8525 comm="syz.1.1976" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  145.790477][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.849655][ T8541] loop2: detected capacity change from 0 to 512
[  145.859446][ T3308] Alternate GPT is invalid, using primary GPT.
[  145.866552][ T3308]  loop4: p2 p3 p7
[  145.872724][ T8541] EXT4-fs: Ignoring removed nobh option
[  145.924363][ T8524] loop_reread_partitions: partition scan of loop4 () failed (rc=-16)
[  145.938668][ T8541] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #16: comm syz.2.1980: corrupted inode contents
[  145.957674][ T8541] EXT4-fs (loop2): Remounting filesystem read-only
[  146.001786][ T8541] EXT4-fs (loop2): 1 truncate cleaned up
[  146.016642][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  146.031190][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  146.078483][ T8541] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.109085][ T3006] Alternate GPT is invalid, using primary GPT.
[  146.115804][ T3006]  loop4: p2 p3 p7
[  146.156543][ T8541] ext4 filesystem being mounted at /373/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.195707][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  146.288943][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.088902][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  147.113510][ T5743] udevd[5743]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  147.117571][ T5745] udevd[5745]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[  147.140606][ T8567] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1988'.
[  147.173609][ T8574] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1989'.
[  147.355739][ T8580] ==================================================================
[  147.365651][ T8580] BUG: KCSAN: data-race in atime_needs_update / inode_update_timestamps
[  147.376461][ T8580] 
[  147.380310][ T8580] write to 0xffff88811a9d5264 of 4 bytes by task 8583 on cpu 0:
[  147.389814][ T8580]  inode_update_timestamps+0x147/0x270
[  147.397130][ T8580]  file_update_time+0x20e/0x2b0
[  147.402792][ T8580]  shmem_file_write_iter+0x9c/0xf0
[  147.409952][ T8580]  iter_file_splice_write+0x5f2/0x970
[  147.417031][ T8580]  direct_splice_actor+0x153/0x2a0
[  147.424622][ T8580]  splice_direct_to_actor+0x30f/0x680
[  147.431121][ T8580]  do_splice_direct+0xda/0x150
[  147.439014][ T8580]  do_sendfile+0x380/0x650
[  147.444964][ T8580]  __x64_sys_sendfile64+0x105/0x150
[  147.451207][ T8580]  x64_sys_call+0xb39/0x2fb0
[  147.456285][ T8580]  do_syscall_64+0xd2/0x200
[  147.461995][ T8580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.469259][ T8580] 
[  147.472505][ T8580] read to 0xffff88811a9d5264 of 4 bytes by task 8580 on cpu 1:
[  147.484833][ T8580]  atime_needs_update+0x2a8/0x3e0
[  147.491660][ T8580]  touch_atime+0x4a/0x340
[  147.496615][ T8580]  shmem_file_splice_read+0x5b1/0x600
[  147.503476][ T8580]  splice_direct_to_actor+0x26f/0x680
[  147.509405][ T8580]  do_splice_direct+0xda/0x150
[  147.515265][ T8580]  do_sendfile+0x380/0x650
[  147.520082][ T8580]  __x64_sys_sendfile64+0x105/0x150
[  147.525663][ T8580]  x64_sys_call+0xb39/0x2fb0
[  147.530482][ T8580]  do_syscall_64+0xd2/0x200
[  147.535367][ T8580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.541834][ T8580] 
[  147.546014][ T8580] value changed: 0x397c46d7 -> 0x3a14dd57
[  147.554392][ T8580] 
[  147.556909][ T8580] Reported by Kernel Concurrency Sanitizer on:
[  147.565778][ T8580] CPU: 1 UID: 0 PID: 8580 Comm: syz.0.1992 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(voluntary) 
[  147.583135][ T8580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  147.604504][ T8580] ==================================================================
[  147.730232][ T8586] SELinux:  Context system_u:object_r:systemd_logger_exec_t:s0 is not valid (left unmapped).