last executing test programs:

2.94023978s ago: executing program 4 (id=394):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x4, 0x0, 0x7ffc1ffa}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
ioprio_get$uid(0x3, 0xffffffffffffffff)

2.870100186s ago: executing program 4 (id=399):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x13, 0xc, &(0x7f0000001140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff}, 0x0)
io_setup(0x9, &(0x7f0000000240)=<r4=>0x0)
r5 = eventfd2(0x7, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000140)={0x7, &(0x7f0000000100)=[{0x2, 0x9, 0x8, 0x7}, {0xfec2, 0x3, 0x4, 0x876a}, {0xc, 0x5, 0x3, 0x2}, {0x8, 0x1, 0x3, 0x4}, {0x7, 0xc, 0x6, 0x7}, {0x6, 0x4, 0xbf, 0x4}, {0x401, 0x7f, 0xff, 0x45}]})
io_submit(r4, 0x1, &(0x7f0000000380)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xff45, r3, &(0x7f0000000080)="d1", 0x1, 0x7, 0x0, 0x5, r5}])
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r6, 0xffffffffffffffff, 0x0)

2.552047584s ago: executing program 3 (id=410):
syz_io_uring_setup(0x1104, &(0x7f00000004c0)={0x0, 0xfffffffd, 0x1000, 0xfffffffe, 0x1cb}, &(0x7f00000003c0), &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd60f7d8ff000c3c00fe8000000000000000000b00000000aaff02000000000000000000000000000100000000000c907841000000"], 0x0)

2.518257857s ago: executing program 3 (id=411):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x4, 0x0, 0x7ffc1ffa}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
ioprio_get$uid(0x3, 0xffffffffffffffff)

2.474793091s ago: executing program 3 (id=413):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r2 = dup(r1)
write$UHID_INPUT(r2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r3, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r4, 0x0, 0x4)
sendmsg$tipc(r4, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
accept4(r3, 0x0, 0x0, 0x400000000000000)

2.435940425s ago: executing program 3 (id=415):
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x53, 0x1, 0x0, 0x0, 0x0, 0x7ff3, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x0, @perf_bp={0x0, 0x3}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x4, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0)
r1 = gettid()
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRESOCT], 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="180780000000008a4958a1be55ce000085100000030000001800000000000000000000000000000095000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x101102, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r5}, &(0x7f00000003c0), &(0x7f0000000400)=r4}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009a7900"/28], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r6}, 0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4002}, [@call={0x85, 0x0, 0x0, 0x28}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6cab2ea5}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000040)="40d174b28bf781c274386d178550", 0x0, 0x1200801, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r8}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))

1.928110269s ago: executing program 4 (id=421):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd60f7d8ff000c3c00fe8000000000000000000b00000000aaff02000000000000000000000000000100000000000c907841000000"], 0x0)

1.907162161s ago: executing program 4 (id=422):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0xc)
r1 = socket(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f00000000c0)='illinois', 0x8)
bind$inet6(r5, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r5, &(0x7f0000000300)="a6", 0x1, 0x20000045, &(0x7f0000000140)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
write$P9_RMKNOD(r5, &(0x7f0000000280)={0x14, 0x13, 0x2, {0x4, 0x2}}, 0xfffffe5c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x2800008, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="4100e886", @ANYRES16=0x0, @ANYBLOB="000127bd7000fcdbdf25440000000c00990009000000160000000a0024000006e092120300000400bf000a001800030303030303000008000c006400000008000d000900000008006b000900000004002380"], 0x58}, 0x1, 0x0, 0x0, 0x2004c081}, 0x4008040)
r7 = inotify_init1(0x80000)
inotify_add_watch(r7, &(0x7f0000000000)='./file0/bus\x00', 0x104000015)
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4)
pipe2$9p(&(0x7f0000000200), 0x2800)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)

1.301419275s ago: executing program 3 (id=432):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x13, 0xc, &(0x7f0000001140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff}, 0x0)
io_setup(0x9, &(0x7f0000000240)=<r4=>0x0)
r5 = eventfd2(0x7, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000140)={0x7, &(0x7f0000000100)=[{0x2, 0x9, 0x8, 0x7}, {0xfec2, 0x3, 0x4, 0x876a}, {0xc, 0x5, 0x3, 0x2}, {0x8, 0x1, 0x3, 0x4}, {0x7, 0xc, 0x6, 0x7}, {0x6, 0x4, 0xbf, 0x4}, {0x401, 0x7f, 0xff, 0x45}]})
io_submit(r4, 0x1, &(0x7f0000000380)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xff45, r3, &(0x7f0000000080)="d1", 0x1, 0x7, 0x0, 0x5, r5}])
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r6, 0xffffffffffffffff, 0x0)

1.170043537s ago: executing program 2 (id=436):
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
lchown(&(0x7f0000000680)='./file0\x00', 0x0, 0xee01)

1.169699196s ago: executing program 2 (id=437):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000001000080000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000000c0)={[{@delalloc}, {@data_err_abort}, {@delalloc}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@abort}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r2, 0x20, 0x0, 0x8000)

1.02729209s ago: executing program 2 (id=440):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x100a01, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESHEX, @ANYRES32=r0], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x9, 0x7, &(0x7f0000000700)=ANY=[@ANYBLOB="18f37a9cb3c419000000bebd118b11e6b6bc88000000000000db1de788000000", @ANYRES32=r2, @ANYBLOB="000000000000008500000086000080950000bf00000000005000"], &(0x7f00000004c0)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000680)='kmem_cache_free\x00', r3}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000000240)=""/132)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x9, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r7, @ANYRESHEX=r3], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='kfree\x00', r8, 0x0, 0x5}, 0x18)
r9 = socket$packet(0x11, 0x3, 0x300)
close(r9)
r10 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
pread64(r10, &(0x7f0000000080)=""/196, 0xc4, 0x3)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000030605000000000000050000000000060500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
poll(&(0x7f0000000580)=[{r5, 0x22a}, {r8}, {r4, 0x4520}, {0xffffffffffffffff, 0x180}], 0x4, 0xc)
socket(0x28, 0x5, 0x0)
perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xc}, 0x119310, 0x1, 0x1, 0x4, 0x8, 0x20005, 0x1b, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
setrlimit(0x40000000000008, &(0x7f0000000000))
ioctl$EVIOCGPROP(r10, 0x40047438, &(0x7f0000000840)=""/242)

905.59522ms ago: executing program 0 (id=442):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000000085000000720000"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r0, 0x0, 0x4804}, 0x18)
process_vm_writev(0x0, &(0x7f0000000500)=[{0x0}, {0xffffffffffffffff}, {0xfffffffffffffffc}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0, 0x0, 0x0) (fail_nth: 2)

679.03445ms ago: executing program 1 (id=443):
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2fffffffd}, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
close(0xffffffffffffffff)

586.942308ms ago: executing program 1 (id=444):
socket$key(0xf, 0x3, 0x2)
fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f0000000140)='++\xae\x00', &(0x7f0000000180)='./file0\x00', 0xffffffffffffff9c) (async)
prctl$PR_SET_NAME(0xf, &(0x7f0000000200)='gtp\x00\xe4\xaa\xae\xdf~2\xa6X\x14\x92\xdarV\xf4U\xf7\xa2\xc3l\x1b@\xaf\xf9\xc9\xa9#\xf0S\xd9=q\xd6\x14\xedt\xc8!W\xe9@\xeb\x7f~\tB0EE\x9a:\xb7\xff\xc1\xfc\x9a\x1f\xf2\xfb\x19\xda#x\xc5F\x1c~\x8c\xe1\xdf\xdc\x01k\f\xde0~\x95\r\xa2\x80\b4M\x14\xe7\xd0\t`n!g\x14\xe6\xd1\xc2\xd3\x88\xf8cVtd\xbeY\xa5\xe7\x16sD\x96}7\n\x88e\x00\xf0\xff\xff\xf0\xcb\x94\xb4S\x00\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x8000000004) (async)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4) (async)
bind$inet(r4, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
r6 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x4, 0x0, @val=@netkit={@void, @value=r0}}, 0x1c)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000014c0)={r6, r0, 0x4, r0}, 0x10) (async)
bind$inet(r5, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10) (async)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c100000000100ffffffff", 0x58}], 0x1) (async)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000016c0)=ANY=[@ANYBLOB="3c00000010000104000080000000000000000000", @ANYRES32=0x0, @ANYBLOB="01480000195301001c00128009000100626f6e64000000000c00028005000e00080000009306f5976b242b115e8c11040000005737527e7731cfac1b1c5eaf984bf1ced3046a3e33049e03857b217607b26178900a75395c7001b829c2695ceaaeb710fbdcdfba707a401ee743cb35b70c420028646d2fe974226e29e82f97e59ff30e67b6875c77f99fd4bbf304c15d7094a5afd54c50dc8aad81a36a4a322cadfebc1d8994d7aaec8570e667b3fb6668d60c479c2b6663d89d25124fe1d2bcba2073ee11f50826bc36d71c5f6b9820faede37cfb3d4115160e5d1f7c00d5fe14ec1d20287681ffd76151079f9c90009b32a6e8c680"], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20008810)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) (async)
io_setup(0x80000000, &(0x7f00000000c0)) (async)
sendmsg$nl_xfrm(r1, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="d3e701e6bb567f71a483ef68c2dc9752105028af4f3de5bee88d794b2f53459c71b7830db490c017064950b185b31299", @ANYRES16=r1], 0x138}, 0x1, 0x0, 0x0, 0x28672d6ebaefccea}, 0x4040011) (async)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r9, 0x26, &(0x7f0000000040)={0x1, 0x1, 0x400000000, 0x10000000000008}) (async)
fcntl$lock(r9, 0x25, &(0x7f00000000c0)={0x1, 0x0, 0x5, 0x345})
fcntl$lock(r9, 0x25, &(0x7f0000000580)={0x0, 0x1, 0x10000400000007, 0x2000730})
epoll_create1(0x0)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000018c0)=ANY=[@ANYBLOB="380100001874eea677e5e27fc3bb15d469c1e15732bb20e97d7fc8662a0f358b090000006c", @ANYBLOB="2dab7666b26be80fad040234e1387ae596b28d9c464d7f137deccdef04b48544aed1394d14982f6b308232a5d3fb85506eaa075e7957e643f666d82ae7210bace58037b5ac938c176003b3fb0ff19f62e148d8ae8e4effce8fd1462de784fbbaadd107f4a5f03bd8da66c14063e7189a5aa17e201d0e7ff80a71c69b2378bfc6ba351cc91212a34e6456a881a1320c96015a1af2a4c2f9f7efe212b648c1e25b00e3d785358d4c66f16554f31c080979212d67", @ANYRES8=r8], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

586.047588ms ago: executing program 1 (id=445):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x17, 0x2000000000000242, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

561.23012ms ago: executing program 1 (id=446):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x11c167, 0x0, 0xfffffffa, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x17, 0x2000000000000242, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r3}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])

547.863012ms ago: executing program 0 (id=447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x12, &(0x7f0000000200)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xa}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}], &(0x7f0000000300)='syzkaller\x00', 0xffffffff, 0x77, &(0x7f0000000340)=""/119, 0x41000, 0x31, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000500)={0x5, 0x0, 0x7, 0x61}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000540)=[{0x0, 0x1, 0x9, 0x8}, {0x4, 0x3, 0x1, 0x6}, {0x5, 0x3, 0x2, 0x6}, {0x2, 0x5, 0xb, 0x9}, {0x0, 0x2, 0x4, 0x2}, {0x2, 0x2, 0xb, 0x5}, {0x1, 0x4, 0xa, 0x5}, {0x4, 0x3, 0x2}], 0x10, 0xb709}, 0x94)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b00"/13], 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x9, <r5=>0x0}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c50000181100", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000740)={0x0, r4}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="9227db4cb24eec8dd5075a9bf5c6027f058158961476815b0c05bbc69d5450857adacf1a2e4dc2eeb5b0e61c000bafe2bdfa04c273fb777ad8f04bc8df43c8a8e8e23a13bdb31159f5190688c98ece39b2da72e5a808683e4333b1dda9c35a6a917d81b925514f8d9595b2ee52e597471399906e9c67748db3e0986b9bf9962b035cafa7cc8ddd", @ANYBLOB="3499c957230f9c7cb01f9232163ebfdab39ee87cf307245a364122390432701a7dfe56dd5ff6169ed21c8431c0607356252d1dbe32a6d231400c3d8f329b557c140c0e7bc2cba339f942c04ed12c09c35e19bd55927b6145a8211e6547d4f0c5110a6a50873e47a50ce1f3219bf7f6213bf54e7ad5dd15678dca655bcc79accc986064c07c69351c98229b3e6e2f29f6a89f6b7f0992aa61ebb8d2055b65ffe887c85d77d80dcc3ed3ef335a8344fa9fa6bfdc3715a14707c691d1064dd20f7a0f16346df80d683440c75743c7ba74630dda9b1c102e705e3f5f7b559bda8609dc333483f51506413fda", @ANYRES16=r2, @ANYRES32=r6], &(0x7f0000000180)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r9}, 0x10)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r10, 0x0)
r11 = syz_genetlink_get_family_id$devlink(&(0x7f00000006c0), r8)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000700)={&(0x7f00000008c0)={0xfc, r11, 0x300, 0x7, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@pci={{0x8}, {0x11}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}}]}, 0xfc}, 0x1, 0x0, 0x0, 0x84}, 0x20004000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0xa39ad000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r12)
sendmsg$ETHTOOL_MSG_STRSET_GET(r12, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000004c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r13, @ANYBLOB="010027bd7000ffdbdf25010000000c0001800800", @ANYRES16=r2], 0x20}, 0x1, 0x0, 0x0, 0x24000000}, 0x50)

491.530466ms ago: executing program 2 (id=448):
prctl$PR_SET_NAME(0xf, &(0x7f0000000980)='\xff\x00\x00\x00\x00\x00\x000`\x14\x99\x06\xc0\x7fs\x00\t\x14\x17\xc3\xf5\xc9\v\x85\xe7\x00\x00\x18\x88\x06\x94\x98\xa9\xe7\x1c\x8a\x89\xdc\xcc\xf7L\xbd%\xc3!\x0e\x91S\xb2~8\"\xe2\xed\xbf\x12\x1a\\6p\'p\xef\x1a\n\x99\x12\xe8\'\x1c\x97M\xa5N\xd9\xbeV&\x1c2K?\x95\xd9\"\xbe\x050+\xca\xea\'\xe9)\xfe\xeb\x9c\xb5\xa0F`\xe4D\x10F\x831\xec\\v\xf0\xab_M\b\x03\xc3\n\x89\x01E`\xd35Q2\xecZz\xdc\x065p\x1c\x8f\x9b\x99IGXO\x00\x00\v\xed\xb0\xc5\xd4\xc7,\x1a\xb3}CMOO\x8a\xa8kh\x7f\x05c\xfc\xebb\xc8\xa2\xa9\xbf\xb3\x9b\xafE\xbd\xc5\xdc\xde\xbe_')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000a40)='kfree\x00', r0, 0x0, 0x2}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

491.116867ms ago: executing program 0 (id=449):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x4, 0x0, 0x7ffc1ffa}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
ioprio_get$uid(0x3, 0xffffffffffffffff)

490.426677ms ago: executing program 2 (id=450):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2a0405e, &(0x7f0000000000), 0x1, 0x464, &(0x7f0000000740)="$eJzs201sFFUcAPD/TD+UL1sJfgFKFY3Ej5YWRA5eNJp40MRED3isbSGVhRpaEyFE0Rg8GhLvxoMHE04ePenFqCejV/VsSIjhAnpaM7sz7HbZLdtN2126v18y8N7M27733zdv9828nQD61lj2TxKxPSL+iIiRanZ5gbHqfzeunZ/599r5mSTK5Tf/SSrlrl87P1MULV63rcgMRqSfJrGnSb2LZ8+dnC6V5s7k+YmlU+9NLJ499+z8qekTcyfmTk8dPXr40OTzR6aeW5M4s7iu7/5wYe9Dr7596fWZY5fe+flyUsTfEEc7Bm5fZGylg0+Uy6upruftqEsng11sCKsyUB2mMVQZ/yMxELXOG4lXPulq44B1VS6Xy/e3Pny5UgDYpBJDHPpU8UWfXf8W2wZNPXrC1RerF0BZ3DfyrXpkMNK8zFDD9e1aGouIYxf++zLbovE+xJZ1qhQA6GvfZ/OfZ5rN/9Kovy90T76GMhoR90bEzog4EhG7IuK+iErZByLiwVXW37hIcuv8M73SUWBtyuZ/L+RrW8vnf8XsL0YH8tyOSvxDyfH50tzB7D35bV+1xHxpbnKFOn54+ffPWx2rn/9lW1Z/MRfM23Fl8K7lr5mdXpruOOAGVz+O2D3YLP7k5kpAEhHDEbG7wzrmn/pmb6tjLeIfbusPr8E6U/mriCer/X8h8vi/rRyprYImK69PTtwdpbmDE8VZcatffr34Rqv6b9//6yvr/61Nz/8i/r9Gk/r12sXq3q9XcQZe/POzlteUnZ7/w8lby/Z9ML20dGYyYjh5rZIfrd8/1VBuqlY+i//A/ubjf2fU3ok9EZGdxA9HxCMRsS9v+6NRTh6LiP0rxP/TS4+/23n86yuLf3bF/o+G/q8lhqNxT/PEwMkfv1tW6ehq4s/6/3AldSDf087nXzvtqp3NAAAAsLmlEbE9knT8ZjpNx8erv+HfFVvT0sLi0tPHF94/PVt9RmA0htLiTtdI3f3QyfyyvshP5b8tLvKH8vvGXwxsqeTHZxZKs90OHvrcthbjP/N3Gw+5AHe4xnW0rV1qB7DxPK8J/cv4h/5l/EP/ajL+PXoGfaLZ9/9HXWgHsPEaxn/zZb+8kIkBbC6u/6F/Gf/Qv4x/6EuLW+L2D8nfiYnhW/akEdEDDdssiUh7ohk9nkiSnmhGB4lufzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsjf8DAAD//wuY5j8=")
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]})
brk(0x101)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x80)
lseek(r4, 0x1, 0x4)
getdents(r4, 0x0, 0x58)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2a0405e, &(0x7f0000000000), 0x1, 0x464, &(0x7f0000000740)="$eJzs201sFFUcAPD/TD+UL1sJfgFKFY3Ej5YWRA5eNJp40MRED3isbSGVhRpaEyFE0Rg8GhLvxoMHE04ePenFqCejV/VsSIjhAnpaM7sz7HbZLdtN2126v18y8N7M27733zdv9828nQD61lj2TxKxPSL+iIiRanZ5gbHqfzeunZ/599r5mSTK5Tf/SSrlrl87P1MULV63rcgMRqSfJrGnSb2LZ8+dnC6V5s7k+YmlU+9NLJ499+z8qekTcyfmTk8dPXr40OTzR6aeW5M4s7iu7/5wYe9Dr7596fWZY5fe+flyUsTfEEc7Bm5fZGylg0+Uy6upruftqEsng11sCKsyUB2mMVQZ/yMxELXOG4lXPulq44B1VS6Xy/e3Pny5UgDYpBJDHPpU8UWfXf8W2wZNPXrC1RerF0BZ3DfyrXpkMNK8zFDD9e1aGouIYxf++zLbovE+xJZ1qhQA6GvfZ/OfZ5rN/9Kovy90T76GMhoR90bEzog4EhG7IuK+iErZByLiwVXW37hIcuv8M73SUWBtyuZ/L+RrW8vnf8XsL0YH8tyOSvxDyfH50tzB7D35bV+1xHxpbnKFOn54+ffPWx2rn/9lW1Z/MRfM23Fl8K7lr5mdXpruOOAGVz+O2D3YLP7k5kpAEhHDEbG7wzrmn/pmb6tjLeIfbusPr8E6U/mriCer/X8h8vi/rRyprYImK69PTtwdpbmDE8VZcatffr34Rqv6b9//6yvr/61Nz/8i/r9Gk/r12sXq3q9XcQZe/POzlteUnZ7/w8lby/Z9ML20dGYyYjh5rZIfrd8/1VBuqlY+i//A/ubjf2fU3ok9EZGdxA9HxCMRsS9v+6NRTh6LiP0rxP/TS4+/23n86yuLf3bF/o+G/q8lhqNxT/PEwMkfv1tW6ehq4s/6/3AldSDf087nXzvtqp3NAAAAsLmlEbE9knT8ZjpNx8erv+HfFVvT0sLi0tPHF94/PVt9RmA0htLiTtdI3f3QyfyyvshP5b8tLvKH8vvGXwxsqeTHZxZKs90OHvrcthbjP/N3Gw+5AHe4xnW0rV1qB7DxPK8J/cv4h/5l/EP/ajL+PXoGfaLZ9/9HXWgHsPEaxn/zZb+8kIkBbC6u/6F/Gf/Qv4x/6EuLW+L2D8nfiYnhW/akEdEDDdssiUh7ohk9nkiSnmhGB4lufzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsjf8DAAD//wuY5j8=") (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]}) (async)
brk(0x101) (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x80) (async)
lseek(r4, 0x1, 0x4) (async)
getdents(r4, 0x0, 0x58) (async)

487.280197ms ago: executing program 1 (id=451):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast1, @local, @local}, 0xc)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1, @local}, 0xffffffffffffff3a)
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)
write$cgroup_type(r3, &(0x7f00000009c0), 0xd4ba0ff)
unlink(&(0x7f0000000100)='./file0/file1\x00')

413.342814ms ago: executing program 0 (id=452):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6bf}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
syz_emit_ethernet(0x4a, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000000001010400000000141a000002000010240001801400018008000100e000000108000200e00000010c00028005000100000000001800028014000180080001"], 0x50}}, 0x0)
flistxattr(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a1b000000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140004"], 0xa4}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0300000000000000000001"], 0x122}}, 0x0)

262.860327ms ago: executing program 4 (id=453):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd60f7d8ff000c3c00fe8000000000000000000b00000000aaff02000000000000000000000000000100000000000c907841000000"], 0x0)

161.491276ms ago: executing program 0 (id=454):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x200000000000005d, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710445000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

129.034169ms ago: executing program 4 (id=455):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040)=<r1=>0xffffffffffffffff, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = pidfd_getfd(r1, r1, 0x0)
setns(r2, 0x64000080)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000700)='signal_generate\x00', r5}, 0x18)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$kcm(r2, &(0x7f0000000640)={&(0x7f0000000300)=@nl=@kern={0x10, 0x0, 0x0, 0x80}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000380)="863ceba07c386fc88360fface1ffb008396d87f467b5776ea9a51137ab5d262c60cfd02db70f1b86370236ea769233630bd94e393e92846e7d97074c84bd8d2738f07337b25429e8e47be6211342d6b9228a6c2cdc818991806095c06573bd11231e17b70627c119538d30d7f1963cb8d259690c9b814e55d953fbda8b72413876d75e5976fae52e5843", 0x8a}], 0x1, &(0x7f0000000440)=[{0xe0, 0x103, 0x7fffffff, "b1587ca811883a327e8fc0d6f3f2dfbc6312567778da3d430d0aafb1e4fdcbb92c25dbc70aeee6b2c6d8213d1f0df8a7a36499c1f3e695218bf88d6339fbf440a059afd9f5fba8f593bba47986e515d2f3a6b6295a15d23fba8d5396633e44e84d316e4a0e24260b1e215da60ea5a58004ff52bef669386be72b1c348df2b079f1e24c40870d15709f6e4e1201ce1762b780626fa537f5059c635e055a59d2ee930a657f6ef849ffd1a7cd84f1e1e8da4aa2275d951b50d6bdf7e7c90a76ff55daa01f3ec040c7c172"}, {0x108, 0x103, 0x1, "9322d607bfe22af33aae8b4400b783e071fc0df48ed338d3875adae899700886247df00e88063c3516920b25bfeb7741fe3583ab6ea12d4b3445fcfdc76083d8f2be1ca506894707f8bbc163a0875a072bc24a15f75ce5c7515f4a398adfcad0451c1ea670413bf716e9844494c9af1b4b81711c08fc9f5d711f7e1af9c34669d64877d8e5c2cb4eebe1c80871cacd8dd3b2f0b31da9afc95990e8d77ab54c82c8ff1ea50f3da2f96b46ceddca2575bd81e5081117065204fd8f3f427a428625aa252806765445c99e8b0c211ac33db21bff9e9ebdc889e8441dc7eb8a111da73288f69031329f416dc9fe038c2124e0e76d20a18cc25d74"}], 0x1e8}, 0x20000094)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r3}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
r6 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200), 0x8882, 0x0)
fcntl$setlease(r6, 0x400, 0x1)
fremovexattr(r6, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r7 = socket(0x10, 0x80003, 0x0)
write(r7, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
close_range(r7, r7, 0x0)

120.20788ms ago: executing program 3 (id=456):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b000000000000000000000000800000000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
keyctl$KEYCTL_MOVE(0x4, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$fou(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r4, &(0x7f00000041c0)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x1, @private1, 0x3}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000300)="14", 0x1}], 0x1}}, {{&(0x7f0000001980)={0xa, 0x4e24, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}, 0x1c, &(0x7f0000001b40)=[{&(0x7f00000019c0)="c6", 0x1}], 0x1}}], 0x2, 0x200040c0)
shutdown(r4, 0x1)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000001f40)={0x0, 0x7}, 0x8)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00"], 0x38}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x39}}, 0x8010)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newtfilter={0x88, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x4}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffff8, 0xfff, 0x0, 0x200, 0xa}, 0x3}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x88}, 0x1, 0x0, 0x0, 0x20000004}, 0x24000000)
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xffde}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r10, {0xe, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x4}, @TCA_FLOWER_KEY_ENC_OPTS={0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r12=>0x0})
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, &(0x7f0000000a00)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000a80)={0x140, 0x0, 0x10, 0x70bd26, 0x25dfdbfd, {}, [@HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x140}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r5}, 0x9)
cachestat(0xffffffffffffffff, 0x0, 0x0, 0x0)

73.801124ms ago: executing program 1 (id=457):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000040)={@loopback, 0x19, r0})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r1, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000900)={0x34, 0x5, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0x3}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x40400c0}, 0x4000890)

10.853009ms ago: executing program 0 (id=458):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000400), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r2, &(0x7f0000002280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b0050000000000002900000036"], 0x5b0}, 0x20008001)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4054}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x7ffffffe, 0x5}}]}}}]}, 0x40}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000016c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x840e, &(0x7f00000003c0)={[{@discard}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}]}, 0x3, 0x43a, &(0x7f0000001100)="$eJzs28tvG1UXAPAzfrRfX19CVR59AIGCqHgkTVpKF2xAILEACQkWZRmStCp1G9QEiVYRBITKCqFK7BFLJP4CVrBBwAqJLexRpQpl08LKaOyZxHYcNzFOnOLfT5r23plr3XM8c+07c+MABtZI+k8SsTcifouIoXq1ucFI/b/bSwtTfy0tTCVRrb7xZ1Jrd2tpYSpvmr9uT14pRRQ+SeJwm37nrly9MFmpzFzO6mPzF98dm7ty9ZnzFyfPzZybuTRx+vTJE+PPnZp4tid5pnndOvTB7JGDr7x1/bWpM9ff/umbJM+/JY8eGel08PFqtcfd9de+hnJS6mMgbEixPkyjXBv/Q1GMlZM3FC9/3NfggE1VrVar9619eLEK/Icl0e8IgP7Iv+jT+99826Kpx7Zw84X6DVCa9+1sqx8pRSFrU265v+2lkYg4s/j3l+kWm/McAgCgyXfp/OfpdvO/QjQ+F/p/toYyHBH3RMT+iDgVEQci4t6IWtv7I+KBDfbfukiyev5TuNFVYuuUzv+ez9a2mud/+ewvhotZbV8t/3Jy9nxl5nj2nhyL8s60Pt6hj+9f+vXztY41zv/SLe0/nwtmcdwo7Wx+zfTk/GRziN27+VHEoVK7/JPllYAkIg5GxKEu+zj/5NdH1jp25/w76ME6U/WriCfq538xWvLPJZ3XJ8f+F5WZ42P5VbHaz79ce32t/v9V/j2Qnv/dba//5fyHk8b12rmN93Ht90/XvKfp9vrfkbzZtO/9yfn5y+MRO5JX60E37p9oaTex0j7N/9jR9uN/f6y8E4cjIr2IH4yIhyLi4Sz2RyLi0Yg42iH/H1987J3u899caf7TGzr/K4Ud0bqnfaF44Ydvmzod3kj+6fk/WSsdy/Ysf/51sJ64uruaAQAA4O5TiIi9kRRGl8uFwuho/W/4D8TuQmV2bv6ps7PvXZqu/0ZgOMqF/EnXUMPz0PHstj6vT7TUT2TPjb8o7qrVR6dmK9P9Th4G3J4otR3/qT+K/Y4O2HR+rwWDy/iHwWX8w+Ay/mFwtRn/u/oRB7D12n3/f9iHOICt1zL+LfvBAHH/D4PL+IfBZfzDQJrbFXf+kbyCwqpCFLZFGOssfFbeFmHcRYV+fzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xj8BAAD//3g65pw=")
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000003800)=@newtaction={0x48, 0x31, 0x1, 0xfffffffd, 0x25dfdbfb, {0x0, 0x0, 0x11}, [{0x34, 0x1, [@m_police={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x3, {0x1}}, {0xc}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000006c0)=@framed, &(0x7f0000000300)='GPL\x00'}, 0x94)

0s ago: executing program 2 (id=459):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100004, 0x2, 0xfffffffc, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x2000)
ioctl$SG_GET_VERSION_NUM(r2, 0x2284, &(0x7f0000000440))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f785000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000800), 0x400, 0x0)
r5 = dup(r4)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x0, 0x5, 0xfffffffd})
writev(r6, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000014001080800418e00000d04fcff", 0x58}], 0x1)
ioctl$GIO_UNISCRNMAP(r5, 0x43403d0e, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000ac0)='kmem_cache_free\x00', r3}, 0x10)
ioprio_set$uid(0x0, 0x0, 0x6000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_io_uring_setup(0x2fcc, &(0x7f0000000140)={0x0, 0xaee2, 0x20000, 0x3fffff, 0x1f1}, &(0x7f0000000000), &(0x7f0000000300))
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
r9 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r9, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x47813, 0x3, 0x2, 0x81, 0x1ff, 0x2, 0xfffe}, 0x1c)
recvmsg$unix(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.188' (ED25519) to the list of known hosts.
[   33.880928][   T29] audit: type=1400 audit(1767463385.717:62): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   33.903934][   T29] audit: type=1400 audit(1767463385.747:63): avc:  denied  { mount } for  pid=3302 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   33.906099][ T3302] cgroup: Unknown subsys name 'net'
[   33.931718][   T29] audit: type=1400 audit(1767463385.777:64): avc:  denied  { unmount } for  pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   34.093232][ T3302] cgroup: Unknown subsys name 'cpuset'
[   34.099364][ T3302] cgroup: Unknown subsys name 'rlimit'
[   34.250268][   T29] audit: type=1400 audit(1767463386.087:65): avc:  denied  { setattr } for  pid=3302 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   34.283009][   T29] audit: type=1400 audit(1767463386.097:66): avc:  denied  { create } for  pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   34.303542][   T29] audit: type=1400 audit(1767463386.097:67): avc:  denied  { write } for  pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   34.323938][   T29] audit: type=1400 audit(1767463386.097:68): avc:  denied  { read } for  pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   34.339852][ T3306] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   34.344245][   T29] audit: type=1400 audit(1767463386.117:69): avc:  denied  { read } for  pid=3041 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   34.373643][   T29] audit: type=1400 audit(1767463386.117:70): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   34.398507][   T29] audit: type=1400 audit(1767463386.117:71): avc:  denied  { mount } for  pid=3302 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   34.419913][ T3302] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   35.678295][ T3319] chnl_net:caif_netlink_parms(): no params data found
[   35.754290][ T3313] chnl_net:caif_netlink_parms(): no params data found
[   35.763134][ T3312] chnl_net:caif_netlink_parms(): no params data found
[   35.786588][ T3319] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.793743][ T3319] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.800991][ T3319] bridge_slave_0: entered allmulticast mode
[   35.807651][ T3319] bridge_slave_0: entered promiscuous mode
[   35.817906][ T3319] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.825067][ T3319] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.832342][ T3319] bridge_slave_1: entered allmulticast mode
[   35.838914][ T3319] bridge_slave_1: entered promiscuous mode
[   35.874338][ T3317] chnl_net:caif_netlink_parms(): no params data found
[   35.905353][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.925974][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.958620][ T3316] chnl_net:caif_netlink_parms(): no params data found
[   35.989346][ T3312] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.996493][ T3312] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.003879][ T3312] bridge_slave_0: entered allmulticast mode
[   36.010142][ T3312] bridge_slave_0: entered promiscuous mode
[   36.016823][ T3313] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.023958][ T3313] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.031102][ T3313] bridge_slave_0: entered allmulticast mode
[   36.037531][ T3313] bridge_slave_0: entered promiscuous mode
[   36.044961][ T3319] team0: Port device team_slave_0 added
[   36.063723][ T3312] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.070911][ T3312] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.078204][ T3312] bridge_slave_1: entered allmulticast mode
[   36.084541][ T3312] bridge_slave_1: entered promiscuous mode
[   36.090830][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.097985][ T3313] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.105239][ T3313] bridge_slave_1: entered allmulticast mode
[   36.111492][ T3313] bridge_slave_1: entered promiscuous mode
[   36.118695][ T3319] team0: Port device team_slave_1 added
[   36.129506][ T3317] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.136587][ T3317] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.143807][ T3317] bridge_slave_0: entered allmulticast mode
[   36.150354][ T3317] bridge_slave_0: entered promiscuous mode
[   36.173531][ T3317] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.180624][ T3317] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.187758][ T3317] bridge_slave_1: entered allmulticast mode
[   36.194182][ T3317] bridge_slave_1: entered promiscuous mode
[   36.222908][ T3312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.233181][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.242675][ T3319] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.249635][ T3319] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.275696][ T3319] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.294213][ T3312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.304181][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.318734][ T3319] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.325822][ T3319] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.351763][ T3319] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.368041][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.395793][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.410443][ T3313] team0: Port device team_slave_0 added
[   36.417066][ T3316] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.424165][ T3316] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.431560][ T3316] bridge_slave_0: entered allmulticast mode
[   36.438132][ T3316] bridge_slave_0: entered promiscuous mode
[   36.450004][ T3312] team0: Port device team_slave_0 added
[   36.456390][ T3313] team0: Port device team_slave_1 added
[   36.462923][ T3312] team0: Port device team_slave_1 added
[   36.469397][ T3316] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.476541][ T3316] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.483743][ T3316] bridge_slave_1: entered allmulticast mode
[   36.490146][ T3316] bridge_slave_1: entered promiscuous mode
[   36.521189][ T3317] team0: Port device team_slave_0 added
[   36.527709][ T3317] team0: Port device team_slave_1 added
[   36.557762][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.564739][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.590731][ T3313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.601880][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.608849][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.634872][ T3312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.647496][ T3319] hsr_slave_0: entered promiscuous mode
[   36.653554][ T3319] hsr_slave_1: entered promiscuous mode
[   36.660518][ T3316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.680280][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.687274][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.713256][ T3313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.724254][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.731195][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.757227][ T3312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.771810][ T3316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.781169][ T3317] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.788154][ T3317] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.814048][ T3317] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.834973][ T3317] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.842025][ T3317] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.867978][ T3317] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.905226][ T3316] team0: Port device team_slave_0 added
[   36.926786][ T3316] team0: Port device team_slave_1 added
[   36.935456][ T3313] hsr_slave_0: entered promiscuous mode
[   36.941494][ T3313] hsr_slave_1: entered promiscuous mode
[   36.947546][ T3313] debugfs: 'hsr0' already exists in 'hsr'
[   36.953283][ T3313] Cannot create hsr debugfs directory
[   36.963420][ T3312] hsr_slave_0: entered promiscuous mode
[   36.969648][ T3312] hsr_slave_1: entered promiscuous mode
[   36.975686][ T3312] debugfs: 'hsr0' already exists in 'hsr'
[   36.981403][ T3312] Cannot create hsr debugfs directory
[   37.012848][ T3317] hsr_slave_0: entered promiscuous mode
[   37.018783][ T3317] hsr_slave_1: entered promiscuous mode
[   37.024731][ T3317] debugfs: 'hsr0' already exists in 'hsr'
[   37.030548][ T3317] Cannot create hsr debugfs directory
[   37.036413][ T3316] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.043470][ T3316] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   37.069421][ T3316] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.094086][ T3316] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.101070][ T3316] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   37.127066][ T3316] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.213289][ T3316] hsr_slave_0: entered promiscuous mode
[   37.219325][ T3316] hsr_slave_1: entered promiscuous mode
[   37.225221][ T3316] debugfs: 'hsr0' already exists in 'hsr'
[   37.230932][ T3316] Cannot create hsr debugfs directory
[   37.337295][ T3319] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   37.350431][ T3319] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   37.364393][ T3319] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   37.377315][ T3319] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   37.400790][ T3313] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   37.415913][ T3313] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   37.436989][ T3312] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   37.446069][ T3313] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   37.455544][ T3312] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   37.465525][ T3313] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   37.474861][ T3312] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   37.490262][ T3312] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   37.527691][ T3317] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   37.537995][ T3317] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   37.555750][ T3317] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   37.573899][ T3317] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   37.592893][ T3316] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   37.604358][ T3316] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   37.614631][ T3316] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   37.624024][ T3316] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   37.634311][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.672074][ T3319] 8021q: adding VLAN 0 to HW filter on device team0
[   37.692494][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.699640][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.709816][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.730787][ T3312] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.739897][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.747018][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.778038][ T3313] 8021q: adding VLAN 0 to HW filter on device team0
[   37.789139][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.804602][ T3312] 8021q: adding VLAN 0 to HW filter on device team0
[   37.820442][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.827528][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.839283][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.846497][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.859503][ T3316] 8021q: adding VLAN 0 to HW filter on device team0
[   37.867471][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.874517][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.889463][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.896647][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.908921][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.916140][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.932154][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.939428][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.965423][ T3312] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   37.975849][ T3312] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   38.011067][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.043710][ T3317] 8021q: adding VLAN 0 to HW filter on device team0
[   38.069517][ T3312] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.082217][ T3319] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.101302][  T826] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.108480][  T826] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.133661][  T826] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.140850][  T826] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.156958][ T3313] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.177735][ T3317] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   38.188194][ T3317] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   38.284762][ T3312] veth0_vlan: entered promiscuous mode
[   38.316287][ T3312] veth1_vlan: entered promiscuous mode
[   38.325782][ T3316] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.343746][ T3317] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.356630][ T3313] veth0_vlan: entered promiscuous mode
[   38.373640][ T3313] veth1_vlan: entered promiscuous mode
[   38.391302][ T3312] veth0_macvtap: entered promiscuous mode
[   38.413034][ T3312] veth1_macvtap: entered promiscuous mode
[   38.433346][ T3313] veth0_macvtap: entered promiscuous mode
[   38.454277][ T3313] veth1_macvtap: entered promiscuous mode
[   38.476370][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.494348][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.511269][ T3319] veth0_vlan: entered promiscuous mode
[   38.523616][ T3448] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.541076][ T3319] veth1_vlan: entered promiscuous mode
[   38.547744][ T3448] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.561993][ T3448] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.571687][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.584786][ T3448] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.593806][ T3316] veth0_vlan: entered promiscuous mode
[   38.601217][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.608821][ T3317] veth0_vlan: entered promiscuous mode
[   38.626858][   T37] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.636005][ T3316] veth1_vlan: entered promiscuous mode
[   38.643507][   T37] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.654645][   T37] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.669296][ T3319] veth0_macvtap: entered promiscuous mode
[   38.683691][   T37] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.685212][ T3312] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   38.694953][ T3319] veth1_macvtap: entered promiscuous mode
[   38.714235][ T3317] veth1_vlan: entered promiscuous mode
[   38.736339][ T3316] veth0_macvtap: entered promiscuous mode
[   38.751477][ T3317] veth0_macvtap: entered promiscuous mode
[   38.762044][ T3316] veth1_macvtap: entered promiscuous mode
[   38.777428][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.785336][ T3317] veth1_macvtap: entered promiscuous mode
[   38.797110][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.823292][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.841295][ T3317] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.849807][ T3493] loop3: detected capacity change from 0 to 128
[   38.868785][ T3439] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.880510][ T3439] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.890316][ T3492] capability: warning: `syz.1.2' uses deprecated v2 capabilities in a way that may be insecure
[   38.903766][   T29] kauditd_printk_skb: 44 callbacks suppressed
[   38.903781][   T29] audit: type=1400 audit(1767463390.747:116): avc:  denied  { create } for  pid=3491 comm="syz.3.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   38.932240][ T3439] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.940254][   T29] audit: type=1400 audit(1767463390.777:117): avc:  denied  { setopt } for  pid=3491 comm="syz.3.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   38.960113][   T29] audit: type=1400 audit(1767463390.777:118): avc:  denied  { ioctl } for  pid=3490 comm="syz.1.2" path="/dev/ptp0" dev="devtmpfs" ino=247 ioctlcmd=0x3d0e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   38.984687][   T29] audit: type=1400 audit(1767463390.777:119): avc:  denied  { allowed } for  pid=3490 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   39.003737][   T29] audit: type=1400 audit(1767463390.777:120): avc:  denied  { create } for  pid=3490 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   39.022930][   T29] audit: type=1400 audit(1767463390.777:121): avc:  denied  { setopt } for  pid=3490 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   39.042181][   T29] audit: type=1400 audit(1767463390.777:122): avc:  denied  { read } for  pid=3490 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   39.062897][   T29] audit: type=1400 audit(1767463390.777:123): avc:  denied  { getopt } for  pid=3491 comm="syz.3.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   39.065040][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.082049][   T29] audit: type=1326 audit(1767463390.827:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3491 comm="syz.3.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd57eecf749 code=0x7ffc0000
[   39.082084][   T29] audit: type=1326 audit(1767463390.847:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3491 comm="syz.3.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fd57eecf749 code=0x7ffc0000
[   39.137523][ T3439] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.171286][ T3439] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.184175][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.201199][ T3439] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.260679][ T3439] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.274956][ T3502] netlink: 300 bytes leftover after parsing attributes in process `�'.
[   39.289267][ T3439] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.322689][ T3439] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.324245][ T3507] loop3: detected capacity change from 0 to 512
[   39.365771][ T3439] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.376525][ T3511] netlink: 'syz.0.1': attribute type 2 has an invalid length.
[   39.384198][ T3511] netlink: 'syz.0.1': attribute type 2 has an invalid length.
[   39.388410][ T3439] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.391964][ T3511] netlink: 'syz.0.1': attribute type 2 has an invalid length.
[   39.402481][ T3439] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.418140][ T3518] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1'.
[   39.428125][ T3507] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.442760][ T3507] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.482215][ T3511] Zero length message leads to an empty skb
[   39.492368][ T3507] netlink: 176 bytes leftover after parsing attributes in process `syz.3.7'.
[   39.558520][ T3524] loop4: detected capacity change from 0 to 512
[   39.602141][ T3534] loop0: detected capacity change from 0 to 512
[   39.609962][ T3524] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.648004][ T3524] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.659339][ T3534] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.12: error while reading EA inode 32 err=-116
[   39.682148][ T3534] EXT4-fs (loop0): Remounting filesystem read-only
[   39.702530][ T3524] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.8: bg 0: block 18: invalid block bitmap
[   39.708304][ T3541] netlink: 'syz.1.14': attribute type 1 has an invalid length.
[   39.730901][ T3534] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   39.744032][ T3534] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   39.754997][ T3534] EXT4-fs (loop0): 1 orphan inode deleted
[   39.761171][ T3534] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.849197][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.889336][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.908455][    C1] hrtimer: interrupt took 50922 ns
[   39.962557][ T3550] mmap: syz.2.18 (3550) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   40.017093][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.064987][ T3559] loop4: detected capacity change from 0 to 4096
[   40.074949][ T3561] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   40.094068][ T3559] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.107826][ T3561] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   40.158687][ T3569] loop2: detected capacity change from 0 to 256
[   40.171132][ T3567] loop3: detected capacity change from 0 to 1024
[   40.183149][ T3569] msdos: Unknown parameter 'nxy�odots'
[   40.206115][ T3567] =======================================================
[   40.206115][ T3567] WARNING: The mand mount option has been deprecated and
[   40.206115][ T3567]          and is ignored by this kernel. Remove the mand
[   40.206115][ T3567]          option from the mount to silence this warning.
[   40.206115][ T3567] =======================================================
[   40.244150][ T3569] loop2: detected capacity change from 0 to 1024
[   40.274079][ T3569] EXT4-fs: Ignoring removed bh option
[   40.309488][ T3569] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.334626][ T3569] sg_write: data in/out 64380/1 bytes for SCSI command 0x1c-- guessing data in;
[   40.334626][ T3569]    program syz.2.25 not setting count and/or reply_len properly
[   40.373272][ T3567] EXT4-fs: Ignoring removed bh option
[   40.385306][ T3569] capability: warning: `syz.2.25' uses 32-bit capabilities (legacy support in use)
[   40.391802][ T3567] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.396085][ T3569] program syz.2.25 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   40.430755][ T3569] syz.2.25 (3569) used greatest stack depth: 10024 bytes left
[   40.447483][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.734096][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.934942][ T3588] loop1: detected capacity change from 0 to 512
[   40.959986][ T3588] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.025067][ T3588] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.040460][ T3596] netlink: 'syz.2.32': attribute type 2 has an invalid length.
[   41.043814][ T3588] EXT4-fs error (device loop1): ext4_lookup:1785: inode #12: comm syz.1.30: iget: bad i_size value: 2533274857506816
[   41.048588][ T3596] netlink: 'syz.2.32': attribute type 2 has an invalid length.
[   41.068013][ T3596] netlink: 'syz.2.32': attribute type 2 has an invalid length.
[   41.078517][ T3588] EXT4-fs error (device loop1): ext4_lookup:1785: inode #12: comm syz.1.30: iget: bad i_size value: 2533274857506816
[   41.093033][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.112307][ T3596] netlink: 24 bytes leftover after parsing attributes in process `syz.2.32'.
[   41.131381][ T3598] loop0: detected capacity change from 0 to 512
[   41.179570][ T3598] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.215085][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.232849][ T3598] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.288769][ T3598] netlink: 176 bytes leftover after parsing attributes in process `syz.0.33'.
[   41.351002][ T3614] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.372710][ T3614] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.394656][ T3614] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.39: bg 0: block 18: invalid block bitmap
[   41.423043][ T3619] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   41.430180][ T3616] process 'syz.1.37' launched './file0' with NULL argv: empty string added
[   41.464728][ T3619] vhci_hcd vhci_hcd.2: invalid port number 96
[   41.465289][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.471044][ T3619] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   41.546114][ T3631] netlink: 'syz.2.44': attribute type 1 has an invalid length.
[   41.678442][ T3636] EXT4-fs: Ignoring removed bh option
[   41.721630][ T3636] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.758312][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.776040][ T3645] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   41.823870][ T3649] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.48: error while reading EA inode 32 err=-116
[   41.852880][ T3649] EXT4-fs (loop1): Remounting filesystem read-only
[   41.859454][ T3649] EXT4-fs warning (device loop1): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   41.870139][ T3649] EXT4-fs (loop1): 1 orphan inode deleted
[   41.876454][ T3649] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.924446][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.955330][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.996283][ T3658] netlink: 'syz.1.49': attribute type 2 has an invalid length.
[   41.996533][ T3660] netlink: 8 bytes leftover after parsing attributes in process `syz.0.52'.
[   42.004157][ T3658] netlink: 'syz.1.49': attribute type 2 has an invalid length.
[   42.012678][ T3660] netlink: 40 bytes leftover after parsing attributes in process `syz.0.52'.
[   42.044523][ T3658] netlink: 24 bytes leftover after parsing attributes in process `syz.1.49'.
[   42.208093][ T3667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.380877][ T3676] EXT4-fs: Ignoring removed bh option
[   42.422964][ T3676] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.442322][ T3684] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   42.455182][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.478559][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.543181][ T3690] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.61: error while reading EA inode 32 err=-116
[   42.568475][ T3690] EXT4-fs (loop2): Remounting filesystem read-only
[   42.582660][ T3690] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   42.602889][ T3690] EXT4-fs (loop2): 1 orphan inode deleted
[   42.622158][ T3690] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.644189][ T3695] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.695039][ T3695] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.706991][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.751151][ T3695] netlink: 176 bytes leftover after parsing attributes in process `syz.1.63'.
[   42.792814][ T3702] FAULT_INJECTION: forcing a failure.
[   42.792814][ T3702] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   42.806038][ T3702] CPU: 0 UID: 0 PID: 3702 Comm: syz.4.65 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   42.806064][ T3702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   42.806111][ T3702] Call Trace:
[   42.806119][ T3702]  <TASK>
[   42.806127][ T3702]  __dump_stack+0x1d/0x30
[   42.806153][ T3702]  dump_stack_lvl+0x95/0xd0
[   42.806174][ T3702]  dump_stack+0x15/0x1b
[   42.806249][ T3702]  should_fail_ex+0x265/0x280
[   42.806272][ T3702]  should_fail+0xb/0x20
[   42.806293][ T3702]  should_fail_usercopy+0x1a/0x20
[   42.806323][ T3702]  _copy_from_user+0x1c/0xb0
[   42.806399][ T3702]  __sys_bind+0x106/0x2a0
[   42.806433][ T3702]  __x64_sys_bind+0x3f/0x50
[   42.806460][ T3702]  x64_sys_call+0x2ceb/0x3000
[   42.806536][ T3702]  do_syscall_64+0xca/0x2b0
[   42.806628][ T3702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.806648][ T3702] RIP: 0033:0x7f38f55af749
[   42.806663][ T3702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.806763][ T3702] RSP: 002b:00007f38f4017038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[   42.806788][ T3702] RAX: ffffffffffffffda RBX: 00007f38f5805fa0 RCX: 00007f38f55af749
[   42.806804][ T3702] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000006
[   42.806820][ T3702] RBP: 00007f38f4017090 R08: 0000000000000000 R09: 0000000000000000
[   42.806836][ T3702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.806851][ T3702] R13: 00007f38f5806038 R14: 00007f38f5805fa0 R15: 00007ffc8c2e4b68
[   42.806873][ T3702]  </TASK>
[   43.003397][ T3705] 8021q: adding VLAN 0 to HW filter on device bond1
[   43.067144][ T3714] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.102273][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.235478][ T3727] EXT4-fs: dax option not supported
[   43.335131][ T3732] EXT4-fs: Ignoring removed bh option
[   43.358679][ T3732] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.380330][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.405362][ T3741] EXT4-fs: Ignoring removed bh option
[   43.426696][ T3741] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.445580][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.489680][ T3749] EXT4-fs: inline encryption not supported
[   43.497705][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.549509][ T3749] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.572385][ T3761] 9pnet_virtio: no channels available for device 

[   43.627312][ T3764] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   43.665064][ T3768] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.86: Allocating blocks 385-513 which overlap fs metadata
[   43.723535][ T3779] EXT4-fs: Ignoring removed bh option
[   43.743995][ T3779] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.767825][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.815983][ T3785] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.828696][ T3785] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.843637][ T3785] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.97: bg 0: block 18: invalid block bitmap
[   43.871064][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.901104][ T3789] serio: Serial port ttyS3
[   44.018684][   T29] kauditd_printk_skb: 294 callbacks suppressed
[   44.018701][   T29] audit: type=1400 audit(1767463395.847:420): avc:  denied  { nlmsg_write } for  pid=3793 comm="syz.1.100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[   44.117886][   T29] audit: type=1400 audit(1767463395.957:421): avc:  denied  { create } for  pid=3801 comm="syz.1.104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[   44.145456][   T29] audit: type=1400 audit(1767463395.987:422): avc:  denied  { bind } for  pid=3801 comm="syz.1.104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[   44.179819][   T29] audit: type=1400 audit(1767463395.987:423): avc:  denied  { setopt } for  pid=3801 comm="syz.1.104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[   44.200335][   T29] audit: type=1400 audit(1767463395.987:424): avc:  denied  { write } for  pid=3801 comm="syz.1.104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[   44.220705][   T29] audit: type=1326 audit(1767463395.987:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3801 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85b83f749 code=0x7ffc0000
[   44.244023][   T29] audit: type=1326 audit(1767463395.987:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3801 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85b83f749 code=0x7ffc0000
[   44.267894][   T29] audit: type=1326 audit(1767463395.987:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3801 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fe85b83f749 code=0x7ffc0000
[   44.291492][   T29] audit: type=1326 audit(1767463396.017:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3801 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe85b83f749 code=0x7ffc0000
[   44.314808][   T29] audit: type=1326 audit(1767463396.017:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3801 comm="syz.1.104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe85b83f749 code=0x7ffc0000
[   44.385312][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.425537][ T3818] set_capacity_and_notify: 15 callbacks suppressed
[   44.425573][ T3818] loop4: detected capacity change from 0 to 512
[   44.445880][ T3818] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.459279][ T3818] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.471265][ T3818] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.108: bg 0: block 18: invalid block bitmap
[   44.524049][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.607603][ T3824] FAULT_INJECTION: forcing a failure.
[   44.607603][ T3824] name failslab, interval 1, probability 0, space 0, times 1
[   44.620301][ T3824] CPU: 0 UID: 0 PID: 3824 Comm: syz.1.113 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   44.620404][ T3824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   44.620419][ T3824] Call Trace:
[   44.620425][ T3824]  <TASK>
[   44.620434][ T3824]  __dump_stack+0x1d/0x30
[   44.620462][ T3824]  dump_stack_lvl+0x95/0xd0
[   44.620531][ T3824]  dump_stack+0x15/0x1b
[   44.620554][ T3824]  should_fail_ex+0x265/0x280
[   44.620581][ T3824]  should_failslab+0x8c/0xb0
[   44.620603][ T3824]  kmem_cache_alloc_node_noprof+0x6b/0x4c0
[   44.620669][ T3824]  ? __alloc_skb+0x2ff/0x4b0
[   44.620697][ T3824]  __alloc_skb+0x2ff/0x4b0
[   44.620718][ T3824]  ? __alloc_skb+0x228/0x4b0
[   44.620769][ T3824]  audit_log_start+0x3a0/0x720
[   44.620843][ T3824]  ? kstrtouint+0x76/0xc0
[   44.620886][ T3824]  audit_seccomp+0x48/0x100
[   44.620919][ T3824]  ? __seccomp_filter+0x832/0x1260
[   44.620981][ T3824]  __seccomp_filter+0x843/0x1260
[   44.621031][ T3824]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   44.621063][ T3824]  ? vfs_write+0x7e8/0x960
[   44.621085][ T3824]  __secure_computing+0x82/0x150
[   44.621158][ T3824]  syscall_trace_enter+0xcf/0x1e0
[   44.621186][ T3824]  do_syscall_64+0xa4/0x2b0
[   44.621226][ T3824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.621248][ T3824] RIP: 0033:0x7fe85b83f749
[   44.621262][ T3824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.621382][ T3824] RSP: 002b:00007fe85a2a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c4
[   44.621399][ T3824] RAX: ffffffffffffffda RBX: 00007fe85ba95fa0 RCX: 00007fe85b83f749
[   44.621410][ T3824] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[   44.621421][ T3824] RBP: 00007fe85a2a7090 R08: 0000000000000000 R09: 0000000000000000
[   44.621436][ T3824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.621458][ T3824] R13: 00007fe85ba96038 R14: 00007fe85ba95fa0 R15: 00007fff4cdcdb38
[   44.621480][ T3824]  </TASK>
[   44.862598][ T3835] IPv6: NLM_F_CREATE should be specified when creating new route
[   44.927299][ T3842] loop3: detected capacity change from 0 to 128
[   44.977929][ T3847] loop2: detected capacity change from 0 to 4096
[   44.994547][ T3845] netlink: 8 bytes leftover after parsing attributes in process `syz.0.116'.
[   45.010758][ T3852] netlink: 3 bytes leftover after parsing attributes in process `{/}\'.
[   45.010761][ T3851] netlink: 3 bytes leftover after parsing attributes in process `{/}\'.
[   45.010815][ T3851] 0�X���: renamed from caif0
[   45.034108][ T3845] loop0: detected capacity change from 0 to 512
[   45.039287][ T3848] loop1: detected capacity change from 0 to 1024
[   45.054126][ T3848] EXT4-fs (loop1): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[   45.064076][ T3851] 0�X���: entered allmulticast mode
[   45.069318][ T3851] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[   45.083876][ T3847] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.086503][ T3852] 1�X���: renamed from 
60�X���
[   45.099672][ T3845] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.116: error while reading EA inode 32 err=-116
[   45.115768][ T3848] EXT4-fs error (device loop1): ext4_map_blocks:783: inode #3: block 2: comm syz.1.119: lblock 2 mapped to illegal pblock 2 (length 1)
[   45.130134][ T3848] EXT4-fs error (device loop1): ext4_map_blocks:783: inode #3: block 48: comm syz.1.119: lblock 0 mapped to illegal pblock 48 (length 1)
[   45.148370][ T3852] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[   45.166087][ T3845] EXT4-fs (loop0): Remounting filesystem read-only
[   45.176016][ T3845] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   45.190996][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.200211][ T3848] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.119: Failed to acquire dquot type 0
[   45.203218][ T3845] EXT4-fs (loop0): 1 orphan inode deleted
[   45.238830][ T3848] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   45.244722][ T3845] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.285354][ T3845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.321213][ T3848] EXT4-fs error (device loop1): ext4_evict_inode:253: inode #11: comm syz.1.119: mark_inode_dirty error
[   45.341959][ T3848] EXT4-fs warning (device loop1): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[   45.352872][ T3848] EXT4-fs (loop1): 1 orphan inode deleted
[   45.372585][ T3439] EXT4-fs error (device loop1): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1)
[   45.394533][ T3439] EXT4-fs error (device loop1): ext4_release_dquot:7022: comm kworker/u8:10: Failed to release dquot type 0
[   45.398641][ T3848] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.428834][ T3871] loop0: detected capacity change from 0 to 512
[   45.442902][ T3876] FAULT_INJECTION: forcing a failure.
[   45.442902][ T3876] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   45.456159][ T3876] CPU: 0 UID: 0 PID: 3876 Comm: syz.3.133 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   45.456208][ T3876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   45.456276][ T3876] Call Trace:
[   45.456283][ T3876]  <TASK>
[   45.456292][ T3876]  __dump_stack+0x1d/0x30
[   45.456319][ T3876]  dump_stack_lvl+0x95/0xd0
[   45.456345][ T3876]  dump_stack+0x15/0x1b
[   45.456370][ T3876]  should_fail_ex+0x265/0x280
[   45.456400][ T3876]  should_fail+0xb/0x20
[   45.456427][ T3876]  should_fail_usercopy+0x1a/0x20
[   45.456459][ T3876]  _copy_from_user+0x1c/0xb0
[   45.456486][ T3876]  __copy_msghdr+0x244/0x300
[   45.456531][ T3876]  ___sys_sendmsg+0x109/0x1d0
[   45.456583][ T3876]  __x64_sys_sendmsg+0xd4/0x160
[   45.456622][ T3876]  x64_sys_call+0x17ba/0x3000
[   45.456680][ T3876]  do_syscall_64+0xca/0x2b0
[   45.456715][ T3876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.456754][ T3876] RIP: 0033:0x7fd57eecf749
[   45.456772][ T3876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.456790][ T3876] RSP: 002b:00007fd57d937038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   45.456809][ T3876] RAX: ffffffffffffffda RBX: 00007fd57f125fa0 RCX: 00007fd57eecf749
[   45.456822][ T3876] RDX: 0000000000008084 RSI: 0000200000000080 RDI: 0000000000000003
[   45.456836][ T3876] RBP: 00007fd57d937090 R08: 0000000000000000 R09: 0000000000000000
[   45.456852][ T3876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.456866][ T3876] R13: 00007fd57f126038 R14: 00007fd57f125fa0 R15: 00007fffe290d538
[   45.456971][ T3876]  </TASK>
[   45.629036][ T3871] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.130: error while reading EA inode 32 err=-116
[   45.662718][ T3871] EXT4-fs (loop0): Remounting filesystem read-only
[   45.669396][ T3871] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   45.679789][ T3871] EXT4-fs (loop0): 1 orphan inode deleted
[   45.686118][ T3871] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.875609][ T3313] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.885300][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.901868][ T3313] EXT4-fs error (device loop1): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[   45.932066][ T3313] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   45.969259][ T3313] EXT4-fs error (device loop1): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[   46.185929][ T3912] SELinux:  Context system_u:object_r:modules_dep_t:s0 is not valid (left unmapped).
[   46.275822][ T3914] netlink: 20 bytes leftover after parsing attributes in process `syz.4.147'.
[   46.335242][ T3925] loop4: detected capacity change from 0 to 512
[   46.354154][ T3925] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.386099][ T3925] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.398011][ T3911] netlink: 5 bytes leftover after parsing attributes in process `syz.2.146'.
[   46.400452][ T3925] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.152: bg 0: block 18: invalid block bitmap
[   46.424103][ T3911] 0��{X��: renamed from gretap0 (while UP)
[   46.431904][ T3911] 0��{X��: entered allmulticast mode
[   46.438314][ T3911] A link change request failed with some changes committed already. Interface 
30��{X�� may have been left with an inconsistent configuration, please check.
[   46.459000][ T3911] validate_nla: 3 callbacks suppressed
[   46.459013][ T3911] netlink: 'syz.2.146': attribute type 13 has an invalid length.
[   46.476453][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.498457][ T3936] FAULT_INJECTION: forcing a failure.
[   46.498457][ T3936] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   46.512097][ T3936] CPU: 0 UID: 0 PID: 3936 Comm: syz.0.154 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   46.512124][ T3936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   46.512135][ T3936] Call Trace:
[   46.512140][ T3936]  <TASK>
[   46.512146][ T3936]  __dump_stack+0x1d/0x30
[   46.512221][ T3936]  dump_stack_lvl+0x95/0xd0
[   46.512245][ T3936]  dump_stack+0x15/0x1b
[   46.512323][ T3936]  should_fail_ex+0x265/0x280
[   46.512349][ T3936]  should_fail+0xb/0x20
[   46.512412][ T3936]  should_fail_usercopy+0x1a/0x20
[   46.512439][ T3936]  _copy_from_user+0x1c/0xb0
[   46.512467][ T3936]  simple_transaction_get+0xe2/0x130
[   46.512566][ T3936]  selinux_transaction_write+0x9d/0x110
[   46.512590][ T3936]  ? __pfx_selinux_transaction_write+0x10/0x10
[   46.512614][ T3936]  vfs_write+0x269/0x960
[   46.512681][ T3936]  ? __rcu_read_unlock+0x4f/0x70
[   46.512700][ T3936]  ? __fget_files+0x184/0x1c0
[   46.512725][ T3936]  ? mutex_lock+0x58/0x90
[   46.512791][ T3936]  ksys_write+0xda/0x1a0
[   46.512817][ T3936]  __x64_sys_write+0x40/0x50
[   46.512838][ T3936]  x64_sys_call+0x2847/0x3000
[   46.512877][ T3936]  do_syscall_64+0xca/0x2b0
[   46.512916][ T3936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.512938][ T3936] RIP: 0033:0x7f16c873f749
[   46.512954][ T3936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.512974][ T3936] RSP: 002b:00007f16c719f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   46.513009][ T3936] RAX: ffffffffffffffda RBX: 00007f16c8995fa0 RCX: 00007f16c873f749
[   46.513021][ T3936] RDX: 000000000000001d RSI: 0000200000000340 RDI: 0000000000000006
[   46.513034][ T3936] RBP: 00007f16c719f090 R08: 0000000000000000 R09: 0000000000000000
[   46.513048][ T3936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.513061][ T3936] R13: 00007f16c8996038 R14: 00007f16c8995fa0 R15: 00007ffecd436b68
[   46.513083][ T3936]  </TASK>
[   46.719202][ T3911] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   46.801017][ T3942] loop0: detected capacity change from 0 to 1024
[   46.828286][ T3942] EXT4-fs: Ignoring removed bh option
[   46.860421][ T3942] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.895844][ T3945] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   46.925425][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.004764][ T3960] loop3: detected capacity change from 0 to 4096
[   47.011714][ T3960] EXT4-fs: Ignoring removed nomblk_io_submit option
[   47.021945][ T3960] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.074259][ T3966] netlink: 'syz.4.166': attribute type 10 has an invalid length.
[   47.082027][ T3966] netlink: 32 bytes leftover after parsing attributes in process `syz.4.166'.
[   47.103355][ T3972] netlink: 76 bytes leftover after parsing attributes in process `syz.1.169'.
[   47.114299][ T3972] netlink: 12 bytes leftover after parsing attributes in process `GPL'.
[   47.123500][ T3973] 9p: Bad value for 'source'
[   47.151947][ T3966] ipvlan2: entered promiscuous mode
[   47.166259][ T3966] lo speed is unknown, defaulting to 1000
[   47.172158][ T3966] lo speed is unknown, defaulting to 1000
[   47.178193][ T3966] lo speed is unknown, defaulting to 1000
[   47.190004][ T3966] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   47.197950][ T3966] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   47.209364][ T3966] lo speed is unknown, defaulting to 1000
[   47.215448][ T3966] lo speed is unknown, defaulting to 1000
[   47.221719][ T3966] lo speed is unknown, defaulting to 1000
[   47.228366][ T3966] lo speed is unknown, defaulting to 1000
[   47.234673][ T3966] lo speed is unknown, defaulting to 1000
[   47.252447][ T3977] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[   47.280627][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.303410][ T3981] loop0: detected capacity change from 0 to 512
[   47.328239][ T3981] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.342239][ T3981] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.355192][ T3981] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.172: bg 0: block 18: invalid block bitmap
[   47.397698][ T3986] ------------[ cut here ]------------
[   47.403263][ T3986] EA inode 11 i_nlink=2
[   47.403318][ T3986] WARNING: fs/ext4/xattr.c:1058 at ext4_xattr_inode_update_ref+0x2e6/0x320, CPU#0: syz.2.174/3986
[   47.418136][ T3986] Modules linked in:
[   47.422062][ T3986] CPU: 0 UID: 0 PID: 3986 Comm: syz.2.174 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   47.431765][ T3986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   47.441877][ T3986] RIP: 0010:ext4_xattr_inode_update_ref+0x305/0x320
[   47.448615][ T3986] Code: d1 e2 9c ff 4c 8d 2d 2a f0 20 05 49 8d 7e 40 e8 d1 6b b8 ff 49 8b 6e 40 4c 89 e7 e8 e5 66 b8 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 2b ff ff ff e8 7c ac ba 03 66 66 66 2e 0f 1f 84
[   47.468343][ T3986] RSP: 0018:ffffc9000143f778 EFLAGS: 00010246
[   47.474466][ T3986] RAX: ffff888109e3ab90 RBX: ffff88811b481348 RCX: ffffffff81bb1d9b
[   47.482501][ T3986] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff86dc0db0
[   47.490550][ T3986] RBP: 000000000000000b R08: 000188811b4812fb R09: 0000000000000000
[   47.498690][ T3986] R10: ffffc9000143f6a8 R11: 0001c9000143f6a8 R12: ffff88811b4812f8
[   47.506726][ T3986] R13: ffffffff86dc0db0 R14: ffff88811b4812b0 R15: 0000000000000001
[   47.514754][ T3986] FS:  00007f899623f6c0(0000) GS:ffff8882aedc5000(0000) knlGS:0000000000000000
[   47.523824][ T3986] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   47.530418][ T3986] CR2: 000055557b4c14a8 CR3: 000000011bd7c000 CR4: 00000000003506f0
[   47.538481][ T3986] Call Trace:
[   47.541776][ T3986]  <TASK>
[   47.544787][ T3986]  ext4_xattr_inode_dec_ref_all+0x57c/0x870
[   47.550766][ T3986]  ? errseq_check+0x2c/0x50
[   47.555330][ T3986]  ext4_xattr_delete_inode+0x6b7/0x790
[   47.560886][ T3986]  ? ext4_truncate+0x92b/0xae0
[   47.565742][ T3986]  ext4_evict_inode+0xa20/0xd40
[   47.570658][ T3986]  ? __pfx_ext4_evict_inode+0x10/0x10
[   47.576152][ T3986]  evict+0x2af/0x510
[   47.580175][ T3986]  ? __dquot_initialize+0x146/0x7c0
[   47.585547][ T3986]  iput+0x4bd/0x650
[   47.589376][ T3986]  ext4_process_orphan+0x1a9/0x1c0
[   47.594575][ T3986]  ext4_orphan_cleanup+0x6a8/0xa00
[   47.599755][ T3986]  ext4_fill_super+0x3411/0x37a0
[   47.604801][ T3986]  ? set_blocksize+0x1a8/0x310
[   47.609605][ T3986]  ? sb_set_blocksize+0xfc/0x170
[   47.614747][ T3986]  ? setup_bdev_super+0x30e/0x370
[   47.619809][ T3986]  ? __pfx_ext4_fill_super+0x10/0x10
[   47.625149][ T3986]  get_tree_bdev_flags+0x291/0x300
[   47.630410][ T3986]  ? __pfx_ext4_fill_super+0x10/0x10
[   47.635848][ T3986]  get_tree_bdev+0x1f/0x30
[   47.640358][ T3986]  ext4_get_tree+0x1c/0x30
[   47.644950][ T3986]  vfs_get_tree+0x57/0x1d0
[   47.649454][ T3986]  do_new_mount+0x24d/0x6a0
[   47.654017][ T3986]  path_mount+0x4ab/0xb80
[   47.658394][ T3986]  ? user_path_at+0xbf/0x130
[   47.663120][ T3986]  __se_sys_mount+0x28c/0x2e0
[   47.667908][ T3986]  __x64_sys_mount+0x67/0x80
[   47.672623][ T3986]  x64_sys_call+0x2cca/0x3000
[   47.677397][ T3986]  do_syscall_64+0xca/0x2b0
[   47.682012][ T3986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.688005][ T3986] RIP: 0033:0x7f89977e0eea
[   47.692460][ T3986] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.712219][ T3986] RSP: 002b:00007f899623ee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   47.720747][ T3986] RAX: ffffffffffffffda RBX: 00007f899623eef0 RCX: 00007f89977e0eea
[   47.728772][ T3986] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f899623eeb0
[   47.736889][ T3986] RBP: 0000200000000180 R08: 00007f899623eef0 R09: 0000000000800718
[   47.744935][ T3986] R10: 0000000000800718 R11: 0000000000000246 R12: 00002000000001c0
[   47.752963][ T3986] R13: 00007f899623eeb0 R14: 000000000000047f R15: 0000200000000200
[   47.760964][ T3986]  </TASK>
[   47.764122][ T3986] ---[ end trace 0000000000000000 ]---
[   47.769870][ T3986] EXT4-fs (loop2): 1 orphan inode deleted
[   47.771958][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.776645][ T3986] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.809153][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.819142][ T3994] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.177: error while reading EA inode 32 err=-116
[   47.841021][ T3994] EXT4-fs (loop4): Remounting filesystem read-only
[   47.848754][ T3994] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   47.859672][ T3994] EXT4-fs (loop4): 1 orphan inode deleted
[   47.900934][ T3994] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.028444][ T3319] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.114931][ T4016] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.126750][ T4016] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.186: bg 0: block 18: invalid block bitmap
[   48.192233][ T4022] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   48.464889][ T4051] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.476815][ T4052] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   48.486403][ T4051] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.199: bg 0: block 18: invalid block bitmap
[   48.645112][ T4068] EXT4-fs: Ignoring removed bh option
[   48.821199][ T4087] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.212: error while reading EA inode 32 err=-116
[   48.854514][ T4087] EXT4-fs (loop3): Remounting filesystem read-only
[   48.861340][ T4087] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   48.872674][ T4087] EXT4-fs (loop3): 1 orphan inode deleted
[   48.970320][ T4092] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.038304][ T4092] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.215: bg 0: block 18: invalid block bitmap
[   49.067806][ T4111] syz.1.221 uses obsolete (PF_INET,SOCK_PACKET)
[   49.292588][ T4129] netlink: 80 bytes leftover after parsing attributes in process `syz.4.227'.
[   49.316558][ T4128] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.229: error while reading EA inode 32 err=-116
[   49.362723][ T4128] EXT4-fs (loop3): Remounting filesystem read-only
[   49.372021][ T4128] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   49.383096][ T4128] EXT4-fs (loop3): 1 orphan inode deleted
[   49.435877][ T4136] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.231: error while reading EA inode 32 err=-116
[   49.460409][   T29] kauditd_printk_skb: 211 callbacks suppressed
[   49.460422][   T29] audit: type=1326 audit(1767463401.297:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4137 comm="syz.1.234" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe85b83f749 code=0x0
[   49.493839][ T4142] set_capacity_and_notify: 17 callbacks suppressed
[   49.493851][ T4142] loop4: detected capacity change from 0 to 512
[   49.514891][ T4136] EXT4-fs (loop0): Remounting filesystem read-only
[   49.524350][ T4136] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   49.535011][ T4136] EXT4-fs (loop0): 1 orphan inode deleted
[   49.557349][ T4142] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.587995][   T29] audit: type=1326 audit(1767463401.427:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4156 comm="syz.2.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89977df749 code=0x7ffc0000
[   49.608588][ T4142] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.233: bg 0: block 18: invalid block bitmap
[   49.612210][   T29] audit: type=1326 audit(1767463401.447:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4156 comm="syz.2.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89977df749 code=0x7ffc0000
[   49.646848][   T29] audit: type=1326 audit(1767463401.447:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4156 comm="syz.2.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89977df749 code=0x7ffc0000
[   49.670095][   T29] audit: type=1326 audit(1767463401.447:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4156 comm="syz.2.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89977df749 code=0x7ffc0000
[   49.694305][   T29] audit: type=1326 audit(1767463401.537:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4156 comm="syz.2.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89977df749 code=0x7ffc0000
[   49.717600][   T29] audit: type=1326 audit(1767463401.537:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4156 comm="syz.2.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89977df749 code=0x7ffc0000
[   49.741003][   T29] audit: type=1326 audit(1767463401.537:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4156 comm="syz.2.236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89977df749 code=0x7ffc0000
[   49.821427][ T4168] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   49.871771][ T4167] loop4: detected capacity change from 0 to 4096
[   49.919692][   T29] audit: type=1326 audit(1767463401.757:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4173 comm="syz.4.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38f55af749 code=0x7ffc0000
[   49.951916][   T29] audit: type=1326 audit(1767463401.757:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4173 comm="syz.4.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38f55af749 code=0x7ffc0000
[   50.065739][ T4182] xt_hashlimit: max too large, truncated to 1048576
[   50.071850][ T4174] infiniband syz1: set active
[   50.077503][ T4174] infiniband syz1: added bond0
[   50.078124][ T4182] xt_CT: You must specify a L4 protocol and not use inversions on it
[   50.101093][ T4184] loop0: detected capacity change from 0 to 512
[   50.113738][ T4174] RDS/IB: syz1: added
[   50.120083][ T4174] smc: adding ib device syz1 with port count 1
[   50.130729][ T4184] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.246: error while reading EA inode 32 err=-116
[   50.143886][ T4184] EXT4-fs (loop0): Remounting filesystem read-only
[   50.150425][ T4184] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   50.161190][ T4184] EXT4-fs (loop0): 1 orphan inode deleted
[   50.172359][ T4174] smc:    ib device syz1 port 1 has no pnetid
[   50.192433][ T4188] SELinux:  Context � is not valid (left unmapped).
[   50.229245][ T4188] loop2: detected capacity change from 0 to 1024
[   50.244791][ T4188] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   50.257895][ T4188] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   50.271002][ T4188] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   50.281917][ T4188] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   50.300265][ T4194] 9p: Bad value for 'rfdno'
[   50.309587][ T4195] loop3: detected capacity change from 0 to 1024
[   50.317441][ T4195] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   50.329503][ T4188] JBD2: no valid journal superblock found
[   50.335425][ T4188] EXT4-fs (loop2): Could not load journal inode
[   50.468634][ T4206] loop3: detected capacity change from 0 to 4096
[   50.668757][ T4226] loop1: detected capacity change from 0 to 512
[   50.680697][ T4226] EXT4-fs (loop1): orphan cleanup on readonly fs
[   50.703519][ T4226] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #15: comm syz.1.257: corrupted inode contents
[   50.752041][ T4226] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[   50.768726][ T4226] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #15: comm syz.1.257: corrupted inode contents
[   50.799562][ T4226] EXT4-fs error (device loop1): ext4_evict_inode:301: inode #15: comm syz.1.257: mark_inode_dirty error
[   50.811285][ T4226] EXT4-fs (loop1): 1 orphan inode deleted
[   50.941965][ T3496] IPVS: starting estimator thread 0...
[   50.969654][ T4248] loop3: detected capacity change from 0 to 512
[   50.982245][ T4248] EXT4-fs (loop3): 1 orphan inode deleted
[   51.004061][ T4249] loop4: detected capacity change from 0 to 4096
[   51.032494][ T4245] IPVS: using max 2016 ests per chain, 100800 per kthread
[   51.060624][ T4255] loop3: detected capacity change from 0 to 1024
[   51.074512][ T4257] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   51.083262][ T4257] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   51.093724][ T4255] EXT4-fs: Ignoring removed bh option
[   51.106253][ T4257] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.271: Allocating blocks 41-42 which overlap fs metadata
[   51.120484][ T4257] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.271: Allocating blocks 41-42 which overlap fs metadata
[   51.137641][ T4257] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.271: Failed to acquire dquot type 1
[   51.154571][ T4257] EXT4-fs error (device loop0): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   51.174954][ T4257] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.271: corrupted inode contents
[   51.195544][ T4257] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #12: comm syz.0.271: mark_inode_dirty error
[   51.210050][ T4257] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.271: corrupted inode contents
[   51.223169][ T4257] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.271: mark_inode_dirty error
[   51.234682][ T4257] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.271: corrupted inode contents
[   51.247054][ T4257] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[   51.255851][ T4257] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.271: corrupted inode contents
[   51.268090][ T4257] EXT4-fs error (device loop0): ext4_truncate:4635: inode #12: comm syz.0.271: mark_inode_dirty error
[   51.279740][ T4257] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[   51.290205][ T4257] EXT4-fs (loop0): 1 truncate cleaned up
[   51.394887][ T4257] syz.0.271 (4257) used greatest stack depth: 9952 bytes left
[   51.564344][ T4287] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.279: error while reading EA inode 32 err=-116
[   51.594611][ T4294] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.280: error while reading EA inode 32 err=-116
[   51.617035][ T4287] EXT4-fs (loop0): Remounting filesystem read-only
[   51.621471][ T4294] EXT4-fs (loop4): Remounting filesystem read-only
[   51.639996][ T4287] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   51.652584][ T4287] EXT4-fs (loop0): 1 orphan inode deleted
[   51.709850][ T4294] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   51.720187][ T4294] EXT4-fs (loop4): 1 orphan inode deleted
[   51.874510][ T4308] EXT4-fs: Ignoring removed bh option
[   51.991167][ T4324] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   52.128845][ T4340] IPVS: set_ctl: invalid protocol: 8 172.20.20.187:20000
[   52.136518][ T4335] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.293: error while reading EA inode 32 err=-116
[   52.151239][ T4338] netlink: '': attribute type 10 has an invalid length.
[   52.172827][ T4338] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   52.211282][ T4335] EXT4-fs (loop2): Remounting filesystem read-only
[   52.273727][ T4345] netlink: 'syz.4.295': attribute type 10 has an invalid length.
[   52.293017][ T4335] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   52.293497][ T4345] syz_tun: entered promiscuous mode
[   52.303436][ T4335] EXT4-fs (loop2): 1 orphan inode deleted
[   52.315385][ T4345] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   52.371722][ T4352] FAULT_INJECTION: forcing a failure.
[   52.371722][ T4352] name failslab, interval 1, probability 0, space 0, times 0
[   52.384408][ T4352] CPU: 0 UID: 0 PID: 4352 Comm: syz.3.300 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   52.384524][ T4352] Tainted: [W]=WARN
[   52.384532][ T4352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   52.384546][ T4352] Call Trace:
[   52.384552][ T4352]  <TASK>
[   52.384559][ T4352]  __dump_stack+0x1d/0x30
[   52.384601][ T4352]  dump_stack_lvl+0x95/0xd0
[   52.384624][ T4352]  dump_stack+0x15/0x1b
[   52.384685][ T4352]  should_fail_ex+0x265/0x280
[   52.384713][ T4352]  should_failslab+0x8c/0xb0
[   52.384739][ T4352]  __kmalloc_cache_noprof+0x65/0x4c0
[   52.384768][ T4352]  ? nft_trans_table_add+0x36/0x190
[   52.384794][ T4352]  nft_trans_table_add+0x36/0x190
[   52.384853][ T4352]  nf_tables_newtable+0x955/0xea0
[   52.384934][ T4352]  nfnetlink_rcv+0xbc9/0x16c0
[   52.385002][ T4352]  netlink_unicast+0x5c0/0x690
[   52.385041][ T4352]  netlink_sendmsg+0x58b/0x6b0
[   52.385116][ T4352]  ? __pfx_netlink_sendmsg+0x10/0x10
[   52.385216][ T4352]  __sock_sendmsg+0x145/0x180
[   52.385239][ T4352]  ____sys_sendmsg+0x31e/0x4a0
[   52.385287][ T4352]  ___sys_sendmsg+0x17b/0x1d0
[   52.385385][ T4352]  __x64_sys_sendmsg+0xd4/0x160
[   52.385422][ T4352]  x64_sys_call+0x17ba/0x3000
[   52.385447][ T4352]  do_syscall_64+0xca/0x2b0
[   52.385490][ T4352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.385543][ T4352] RIP: 0033:0x7fd57eecf749
[   52.385562][ T4352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.385586][ T4352] RSP: 002b:00007fd57d937038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.385610][ T4352] RAX: ffffffffffffffda RBX: 00007fd57f125fa0 RCX: 00007fd57eecf749
[   52.385624][ T4352] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   52.385682][ T4352] RBP: 00007fd57d937090 R08: 0000000000000000 R09: 0000000000000000
[   52.385695][ T4352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   52.385706][ T4352] R13: 00007fd57f126038 R14: 00007fd57f125fa0 R15: 00007fffe290d538
[   52.385725][ T4352]  </TASK>
[   52.654452][ T4350] EXT4-fs: Ignoring removed bh option
[   52.774678][ T4374] netlink: 256 bytes leftover after parsing attributes in process `syz.1.307'.
[   52.783812][ T4374] netlink: 72 bytes leftover after parsing attributes in process `syz.1.307'.
[   52.813796][ T4373] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.979774][ T4391] FAULT_INJECTION: forcing a failure.
[   52.979774][ T4391] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.992977][ T4391] CPU: 1 UID: 0 PID: 4391 Comm: syz.2.311 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   52.993016][ T4391] Tainted: [W]=WARN
[   52.993023][ T4391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   52.993112][ T4391] Call Trace:
[   52.993117][ T4391]  <TASK>
[   52.993123][ T4391]  __dump_stack+0x1d/0x30
[   52.993223][ T4391]  dump_stack_lvl+0x95/0xd0
[   52.993317][ T4391]  dump_stack+0x15/0x1b
[   52.993337][ T4391]  should_fail_ex+0x265/0x280
[   52.993363][ T4391]  should_fail+0xb/0x20
[   52.993436][ T4391]  should_fail_usercopy+0x1a/0x20
[   52.993459][ T4391]  _copy_from_user+0x1c/0xb0
[   52.993482][ T4391]  sctp_setsockopt+0x154/0xe30
[   52.993514][ T4391]  sock_common_setsockopt+0x69/0x80
[   52.993587][ T4391]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   52.993610][ T4391]  __sys_setsockopt+0x184/0x200
[   52.993638][ T4391]  __x64_sys_setsockopt+0x64/0x80
[   52.993665][ T4391]  x64_sys_call+0x21d5/0x3000
[   52.993700][ T4391]  do_syscall_64+0xca/0x2b0
[   52.993729][ T4391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.993837][ T4391] RIP: 0033:0x7f89977df749
[   52.993853][ T4391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.993873][ T4391] RSP: 002b:00007f899623f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   52.993894][ T4391] RAX: ffffffffffffffda RBX: 00007f8997a35fa0 RCX: 00007f89977df749
[   52.993908][ T4391] RDX: 0000000000000079 RSI: 0000000000000084 RDI: 0000000000000003
[   52.993921][ T4391] RBP: 00007f899623f090 R08: 0000000000000008 R09: 0000000000000000
[   52.993933][ T4391] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[   52.993985][ T4391] R13: 00007f8997a36038 R14: 00007f8997a35fa0 R15: 00007ffcbe26f268
[   52.994006][ T4391]  </TASK>
[   53.183414][ T4393] netlink: 12 bytes leftover after parsing attributes in process `syz.1.312'.
[   53.264640][ T4404] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.315: error while reading EA inode 32 err=-116
[   53.290191][ T4404] EXT4-fs (loop2): Remounting filesystem read-only
[   53.302565][ T4404] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   53.312782][ T4404] EXT4-fs (loop2): 1 orphan inode deleted
[   53.386700][ T4409] EXT4-fs: Ignoring removed bh option
[   53.445531][ T4419] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.473819][ T4419] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.321: bg 0: block 18: invalid block bitmap
[   53.512829][ T4429] FAULT_INJECTION: forcing a failure.
[   53.512829][ T4429] name failslab, interval 1, probability 0, space 0, times 0
[   53.525557][ T4429] CPU: 0 UID: 0 PID: 4429 Comm: syz.1.324 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   53.525659][ T4429] Tainted: [W]=WARN
[   53.525668][ T4429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   53.525694][ T4429] Call Trace:
[   53.525703][ T4429]  <TASK>
[   53.525754][ T4429]  __dump_stack+0x1d/0x30
[   53.525785][ T4429]  dump_stack_lvl+0x95/0xd0
[   53.525893][ T4429]  dump_stack+0x15/0x1b
[   53.525914][ T4429]  should_fail_ex+0x265/0x280
[   53.525940][ T4429]  should_failslab+0x8c/0xb0
[   53.525965][ T4429]  kmem_cache_alloc_node_noprof+0x6b/0x4c0
[   53.526060][ T4429]  ? __alloc_skb+0x2ff/0x4b0
[   53.526156][ T4429]  __alloc_skb+0x2ff/0x4b0
[   53.526206][ T4429]  ? __alloc_skb+0x228/0x4b0
[   53.526236][ T4429]  audit_log_start+0x3a0/0x720
[   53.526280][ T4429]  ? kstrtouint+0x76/0xc0
[   53.526304][ T4429]  audit_seccomp+0x48/0x100
[   53.526336][ T4429]  ? __seccomp_filter+0x832/0x1260
[   53.526420][ T4429]  __seccomp_filter+0x843/0x1260
[   53.526456][ T4429]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   53.526568][ T4429]  ? vfs_write+0x7e8/0x960
[   53.526594][ T4429]  __secure_computing+0x82/0x150
[   53.526629][ T4429]  syscall_trace_enter+0xcf/0x1e0
[   53.526661][ T4429]  do_syscall_64+0xa4/0x2b0
[   53.526762][ T4429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.526790][ T4429] RIP: 0033:0x7fe85b83f749
[   53.526808][ T4429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.526828][ T4429] RSP: 002b:00007fe85a2a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[   53.526852][ T4429] RAX: ffffffffffffffda RBX: 00007fe85ba95fa0 RCX: 00007fe85b83f749
[   53.526917][ T4429] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[   53.526933][ T4429] RBP: 00007fe85a2a7090 R08: 0000000000000000 R09: 0000000000000000
[   53.526949][ T4429] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001
[   53.526964][ T4429] R13: 00007fe85ba96038 R14: 00007fe85ba95fa0 R15: 00007fff4cdcdb38
[   53.527056][ T4429]  </TASK>
[   53.888968][ T4448] can0: slcan on ptm0.
[   53.956281][ T4457] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.332: error while reading EA inode 32 err=-116
[   53.983906][ T4457] EXT4-fs (loop0): Remounting filesystem read-only
[   53.990522][ T4457] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   54.000759][ T4457] EXT4-fs (loop0): 1 orphan inode deleted
[   54.006593][ T4447] can0 (unregistered): slcan off ptm0.
[   54.119620][ T4473] xt_TPROXY: Can be used only with -p tcp or -p udp
[   54.138279][ T4478] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   54.278428][ T4493] program syz.0.339 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   54.395402][ T4507] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   54.462595][   T29] kauditd_printk_skb: 432 callbacks suppressed
[   54.462609][   T29] audit: type=1326 audit(1767463406.297:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4510 comm="syz.4.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f38f55af749 code=0x7ffc0000
[   54.483674][ T4511] lo speed is unknown, defaulting to 1000
[   54.503886][ T4516] FAULT_INJECTION: forcing a failure.
[   54.503886][ T4516] name failslab, interval 1, probability 0, space 0, times 0
[   54.516665][   T29] audit: type=1326 audit(1767463406.327:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4510 comm="syz.4.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38f55af749 code=0x7ffc0000
[   54.516710][ T4516] CPU: 0 UID: 0 PID: 4516 Comm: syz.1.346 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   54.516750][ T4516] Tainted: [W]=WARN
[   54.516757][ T4516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   54.516769][ T4516] Call Trace:
[   54.516776][ T4516]  <TASK>
[   54.516785][ T4516]  __dump_stack+0x1d/0x30
[   54.516918][ T4516]  dump_stack_lvl+0x95/0xd0
[   54.517004][ T4516]  dump_stack+0x15/0x1b
[   54.517074][ T4516]  should_fail_ex+0x265/0x280
[   54.517181][ T4516]  should_failslab+0x8c/0xb0
[   54.517331][ T4516]  kmem_cache_alloc_noprof+0x69/0x4b0
[   54.517446][ T4516]  ? security_inode_alloc+0x37/0x100
[   54.517548][ T4516]  security_inode_alloc+0x37/0x100
[   54.517619][ T4516]  inode_init_always_gfp+0x4b7/0x500
[   54.517699][ T4516]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[   54.517778][ T4516]  alloc_inode+0x58/0x170
[   54.517857][ T4516]  new_inode+0x1d/0xe0
[   54.517942][ T4516]  __debugfs_create_file+0x97/0x2b0
[   54.518013][ T4516]  debugfs_create_file_full+0x3f/0x60
[   54.518093][ T4516]  ? __pfx_ipgre_tunnel_setup+0x10/0x10
[   54.518172][ T4516]  ref_tracker_dir_debugfs+0x100/0x210
[   54.518275][ T4516]  alloc_netdev_mqs+0x1a7/0xa40
[   54.518419][ T4516]  ? sized_strscpy+0x157/0x1a0
[   54.518518][ T4516]  __ip_tunnel_create+0x2a0/0x420
[   54.518606][ T4516]  ? ip_tunnel_find+0x2b5/0x300
[   54.518705][ T4516]  ip_tunnel_ctl+0x38f/0x750
[   54.518793][ T4516]  ipgre_tunnel_ctl+0x22f/0x560
[   54.518904][ T4516]  ip_tunnel_siocdevprivate+0x77/0xe0
[   54.518997][ T4516]  dev_ifsioc+0x8f8/0xaa0
[   54.519094][ T4516]  dev_ioctl+0x78d/0x960
[   54.519184][ T4516]  sock_ioctl+0x593/0x610
[   54.519355][ T4516]  ? __pfx_sock_ioctl+0x10/0x10
[   54.519480][ T4516]  __se_sys_ioctl+0xce/0x140
[   54.519574][ T4516]  __x64_sys_ioctl+0x43/0x50
[   54.519668][ T4516]  x64_sys_call+0x14b0/0x3000
[   54.519761][ T4516]  do_syscall_64+0xca/0x2b0
[   54.519978][ T4516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.520042][ T4516] RIP: 0033:0x7fe85b83f749
[   54.520156][ T4516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.520204][ T4516] RSP: 002b:00007fe85a2a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   54.520249][ T4516] RAX: ffffffffffffffda RBX: 00007fe85ba95fa0 RCX: 00007fe85b83f749
[   54.520292][ T4516] RDX: 0000200000000280 RSI: 00000000000089f1 RDI: 0000000000000005
[   54.520340][ T4516] RBP: 00007fe85a2a7090 R08: 0000000000000000 R09: 0000000000000000
[   54.520377][ T4516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.520416][ T4516] R13: 00007fe85ba96038 R14: 00007fe85ba95fa0 R15: 00007fff4cdcdb38
[   54.520472][ T4516]  </TASK>
[   54.520501][ T4516] debugfs: out of free dentries, can not create file 'netdev@ffff88811cd0a558'
[   54.540193][   T29] audit: type=1326 audit(1767463406.327:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4510 comm="syz.4.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f38f55af749 code=0x7ffc0000
[   54.565441][ T4498] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   54.568604][   T29] audit: type=1400 audit(1767463406.327:1075): avc:  denied  { write } for  pid=4510 comm="syz.4.344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   54.582697][ T4498] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   54.588822][ T4513] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.345: error while reading EA inode 32 err=-116
[   54.590851][ T4517] netlink: 'syz.4.344': attribute type 4 has an invalid length.
[   54.594392][ T4513] EXT4-fs (loop3): Remounting filesystem read-only
[   54.607618][ T4511] lo speed is unknown, defaulting to 1000
[   54.610611][ T4513] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   54.657980][ T4511] lo speed is unknown, defaulting to 1000
[   54.663055][   T29] audit: type=1400 audit(1767463406.397:1076): avc:  denied  { read write } for  pid=4496 comm="syz.0.340" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   54.690578][ T4517] netlink: 'syz.4.344': attribute type 4 has an invalid length.
[   54.694461][   T29] audit: type=1400 audit(1767463406.397:1077): avc:  denied  { open } for  pid=4496 comm="syz.0.340" path="/dev/raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   54.699032][ T4513] EXT4-fs (loop3): 1 orphan inode deleted
[   54.703743][   T29] audit: type=1400 audit(1767463406.397:1078): avc:  denied  { ioctl } for  pid=4496 comm="syz.0.340" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   55.005770][   T29] audit: type=1400 audit(1767463406.447:1079): avc:  denied  { read write } for  pid=4496 comm="syz.0.340" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   55.023234][ T4511] infiniband syz2: set active
[   55.029986][   T29] audit: type=1400 audit(1767463406.447:1080): avc:  denied  { open } for  pid=4496 comm="syz.0.340" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   55.034638][ T4511] infiniband syz2: added lo
[   55.061271][   T29] audit: type=1400 audit(1767463406.577:1081): avc:  denied  { write } for  pid=4518 comm="syz.1.347" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   55.065302][   T10] lo speed is unknown, defaulting to 1000
[   55.130997][ T4511] RDS/IB: syz2: added
[   55.136833][ T4511] smc: adding ib device syz2 with port count 1
[   55.143227][ T4511] smc:    ib device syz2 port 1 has no pnetid
[   55.149404][ T4527] lo speed is unknown, defaulting to 1000
[   55.155662][ T4511] lo speed is unknown, defaulting to 1000
[   55.224963][ T4538] set_capacity_and_notify: 17 callbacks suppressed
[   55.224977][ T4538] loop1: detected capacity change from 0 to 128
[   55.252771][ T4511] lo speed is unknown, defaulting to 1000
[   55.344313][ T4511] lo speed is unknown, defaulting to 1000
[   55.399610][ T4511] lo speed is unknown, defaulting to 1000
[   55.461684][ T4547] loop1: detected capacity change from 0 to 1024
[   55.476733][ T4547] EXT4-fs: Ignoring removed bh option
[   55.497497][ T4534] lo speed is unknown, defaulting to 1000
[   55.618667][ T4563] netlink: 'syz.0.363': attribute type 10 has an invalid length.
[   55.626531][ T4563] netlink: 40 bytes leftover after parsing attributes in process `syz.0.363'.
[   55.640847][ T4511] lo speed is unknown, defaulting to 1000
[   55.652611][ T4563] dummy0: entered promiscuous mode
[   55.660633][ T4563] bridge0: port 3(dummy0) entered blocking state
[   55.667069][ T4563] bridge0: port 3(dummy0) entered disabled state
[   55.674764][ T4563] dummy0: entered allmulticast mode
[   55.680935][ T4563] bridge0: port 3(dummy0) entered blocking state
[   55.687423][ T4563] bridge0: port 3(dummy0) entered forwarding state
[   55.786593][ T4578] loop4: detected capacity change from 0 to 128
[   56.000653][ T4599] loop4: detected capacity change from 0 to 512
[   56.012689][ T4599] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.375: error while reading EA inode 32 err=-116
[   56.025400][ T4599] EXT4-fs (loop4): Remounting filesystem read-only
[   56.032359][ T4599] EXT4-fs warning (device loop4): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   56.043867][ T4599] EXT4-fs (loop4): 1 orphan inode deleted
[   56.152789][ T4616] loop0: detected capacity change from 0 to 1024
[   56.224660][ T4624] loop4: detected capacity change from 0 to 128
[   56.240701][ T4604] loop1: detected capacity change from 0 to 8192
[   56.247757][ T4624] vfat: Unknown parameter '18446744073709551615��������0177777777777777777777701777777777777777777777���V.:�S��BY�g��}��j3��u�Sv!A���FaS�gʧW�Y����{?�UhW:��1�H��сL�
"�^��'v�)"LA���kPF��������z%�@W�‹�A��𞪒�з�ȉjX�Iۅ_}'
[   56.301400][ T4624] loop4: detected capacity change from 0 to 512
[   56.315434][ T4604]  loop1: p1[EZD] p2 p3 p4
[   56.333165][ T4604] loop1: p3 start 117772289 is beyond EOD, truncated
[   56.339899][ T4604] loop1: p4 size 262144 extends beyond EOD, truncated
[   56.350930][ T4632] loop0: detected capacity change from 0 to 128
[   56.370366][ T4624] journal_path: Lookup failure for './file0'
[   56.376486][ T4624] EXT4-fs: error: could not find journal device path
[   56.512659][ T4640] FAULT_INJECTION: forcing a failure.
[   56.512659][ T4640] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.525776][ T4640] CPU: 0 UID: 0 PID: 4640 Comm: syz.4.388 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   56.525807][ T4640] Tainted: [W]=WARN
[   56.525877][ T4640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   56.525891][ T4640] Call Trace:
[   56.525899][ T4640]  <TASK>
[   56.525907][ T4640]  __dump_stack+0x1d/0x30
[   56.525933][ T4640]  dump_stack_lvl+0x95/0xd0
[   56.525952][ T4640]  dump_stack+0x15/0x1b
[   56.525974][ T4640]  should_fail_ex+0x265/0x280
[   56.526059][ T4640]  should_fail+0xb/0x20
[   56.526139][ T4640]  should_fail_usercopy+0x1a/0x20
[   56.526166][ T4640]  _copy_from_user+0x1c/0xb0
[   56.526215][ T4640]  __copy_msghdr+0x244/0x300
[   56.526333][ T4640]  ___sys_sendmsg+0x109/0x1d0
[   56.526389][ T4640]  __x64_sys_sendmsg+0xd4/0x160
[   56.526432][ T4640]  x64_sys_call+0x17ba/0x3000
[   56.526468][ T4640]  do_syscall_64+0xca/0x2b0
[   56.526513][ T4640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.526540][ T4640] RIP: 0033:0x7f38f55af749
[   56.526559][ T4640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.526581][ T4640] RSP: 002b:00007f38f4017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.526625][ T4640] RAX: ffffffffffffffda RBX: 00007f38f5805fa0 RCX: 00007f38f55af749
[   56.526641][ T4640] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000006
[   56.526656][ T4640] RBP: 00007f38f4017090 R08: 0000000000000000 R09: 0000000000000000
[   56.526704][ T4640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.526720][ T4640] R13: 00007f38f5806038 R14: 00007f38f5805fa0 R15: 00007ffc8c2e4b68
[   56.526745][ T4640]  </TASK>
[   56.709057][ T4642] FAULT_INJECTION: forcing a failure.
[   56.709057][ T4642] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.722322][ T4642] CPU: 1 UID: 0 PID: 4642 Comm: syz.2.389 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   56.722355][ T4642] Tainted: [W]=WARN
[   56.722409][ T4642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   56.722498][ T4642] Call Trace:
[   56.722505][ T4642]  <TASK>
[   56.722538][ T4642]  __dump_stack+0x1d/0x30
[   56.722564][ T4642]  dump_stack_lvl+0x95/0xd0
[   56.722585][ T4642]  dump_stack+0x15/0x1b
[   56.722680][ T4642]  should_fail_ex+0x265/0x280
[   56.722713][ T4642]  should_fail+0xb/0x20
[   56.722752][ T4642]  should_fail_usercopy+0x1a/0x20
[   56.722778][ T4642]  _copy_from_iter+0xcf/0xe70
[   56.722840][ T4642]  ? __alloc_skb+0x396/0x4b0
[   56.722860][ T4642]  ? __alloc_skb+0x228/0x4b0
[   56.722884][ T4642]  netlink_sendmsg+0x471/0x6b0
[   56.722922][ T4642]  ? __pfx_netlink_sendmsg+0x10/0x10
[   56.722988][ T4642]  __sock_sendmsg+0x145/0x180
[   56.723023][ T4642]  sock_write_iter+0x1a7/0x1f0
[   56.723062][ T4642]  ? __pfx_sock_write_iter+0x10/0x10
[   56.723093][ T4642]  vfs_write+0x52a/0x960
[   56.723209][ T4642]  ksys_write+0xda/0x1a0
[   56.723229][ T4642]  __x64_sys_write+0x40/0x50
[   56.723245][ T4642]  x64_sys_call+0x2847/0x3000
[   56.723265][ T4642]  do_syscall_64+0xca/0x2b0
[   56.723352][ T4642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.723378][ T4642] RIP: 0033:0x7f89977df749
[   56.723394][ T4642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.723412][ T4642] RSP: 002b:00007f899623f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   56.723429][ T4642] RAX: ffffffffffffffda RBX: 00007f8997a35fa0 RCX: 00007f89977df749
[   56.723440][ T4642] RDX: 0000000000000024 RSI: 0000200000000040 RDI: 0000000000000005
[   56.723475][ T4642] RBP: 00007f899623f090 R08: 0000000000000000 R09: 0000000000000000
[   56.723487][ T4642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.723501][ T4642] R13: 00007f8997a36038 R14: 00007f8997a35fa0 R15: 00007ffcbe26f268
[   56.723523][ T4642]  </TASK>
[   56.972489][ T4647] loop0: detected capacity change from 0 to 1024
[   56.983469][ T4647] EXT4-fs: Ignoring removed bh option
[   57.006583][ T4648] EXT4-fs: Ignoring removed bh option
[   57.200164][ T4674] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   57.221009][ T4659] lo speed is unknown, defaulting to 1000
[   57.291068][ T4679] wireguard0: entered promiscuous mode
[   57.296631][ T4679] wireguard0: entered allmulticast mode
[   57.305516][ T4684] netlink: 'syz.1.406': attribute type 1 has an invalid length.
[   57.313636][ T4684] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5127 sclass=netlink_route_socket pid=4684 comm=syz.1.406
[   57.346314][ T4684] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1014 sclass=netlink_route_socket pid=4684 comm=syz.1.406
[   57.399355][ T4692] EXT4-fs: Ignoring removed bh option
[   57.523640][ T4708] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[   57.674150][ T4713] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   57.799941][ T4717] Driver unsupported XDP return value 0 on prog  (id 350) dev N/A, expect packet loss!
[   58.199927][ T4728] EXT4-fs: Ignoring removed bh option
[   58.292961][ T4735] FAULT_INJECTION: forcing a failure.
[   58.292961][ T4735] name failslab, interval 1, probability 0, space 0, times 0
[   58.305706][ T4735] CPU: 0 UID: 0 PID: 4735 Comm: syz.2.425 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   58.305735][ T4735] Tainted: [W]=WARN
[   58.305760][ T4735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   58.305777][ T4735] Call Trace:
[   58.305784][ T4735]  <TASK>
[   58.305792][ T4735]  __dump_stack+0x1d/0x30
[   58.305826][ T4735]  dump_stack_lvl+0x95/0xd0
[   58.305848][ T4735]  dump_stack+0x15/0x1b
[   58.305897][ T4735]  should_fail_ex+0x265/0x280
[   58.305917][ T4735]  should_failslab+0x8c/0xb0
[   58.305935][ T4735]  kmem_cache_alloc_noprof+0x69/0x4b0
[   58.305956][ T4735]  ? security_inode_alloc+0x37/0x100
[   58.305975][ T4735]  security_inode_alloc+0x37/0x100
[   58.306027][ T4735]  inode_init_always_gfp+0x4b7/0x500
[   58.306128][ T4735]  ? __pfx_sock_alloc_inode+0x10/0x10
[   58.306149][ T4735]  alloc_inode+0x58/0x170
[   58.306170][ T4735]  do_accept+0xa0/0x3a0
[   58.306208][ T4735]  ? _raw_spin_lock+0x52/0xa0
[   58.306325][ T4735]  __sys_accept4+0xbe/0x170
[   58.306355][ T4735]  __x64_sys_accept4+0x51/0x60
[   58.306448][ T4735]  x64_sys_call+0x2b3e/0x3000
[   58.306529][ T4735]  do_syscall_64+0xca/0x2b0
[   58.306568][ T4735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.306595][ T4735] RIP: 0033:0x7f89977df749
[   58.306614][ T4735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.306631][ T4735] RSP: 002b:00007f899623f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[   58.306655][ T4735] RAX: ffffffffffffffda RBX: 00007f8997a35fa0 RCX: 00007f89977df749
[   58.306751][ T4735] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008
[   58.306767][ T4735] RBP: 00007f899623f090 R08: 0000000000000000 R09: 0000000000000000
[   58.306782][ T4735] R10: 0400000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.306798][ T4735] R13: 00007f8997a36038 R14: 00007f8997a35fa0 R15: 00007ffcbe26f268
[   58.306823][ T4735]  </TASK>
[   58.622146][ T4745] tipc: Started in network mode
[   58.627228][ T4745] tipc: Node identity 4, cluster identity 4711
[   58.633448][ T4745] tipc: Node number set to 4
[   58.800036][ T4764] EXT4-fs: Ignoring removed bh option
[   58.815256][ T4753] lo speed is unknown, defaulting to 1000
[   59.038831][ T4778] FAULT_INJECTION: forcing a failure.
[   59.038831][ T4778] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.052020][ T4778] CPU: 0 UID: 0 PID: 4778 Comm: syz.0.442 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   59.052117][ T4778] Tainted: [W]=WARN
[   59.052124][ T4778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   59.052136][ T4778] Call Trace:
[   59.052143][ T4778]  <TASK>
[   59.052151][ T4778]  __dump_stack+0x1d/0x30
[   59.052175][ T4778]  dump_stack_lvl+0x95/0xd0
[   59.052219][ T4778]  dump_stack+0x15/0x1b
[   59.052367][ T4778]  should_fail_ex+0x265/0x280
[   59.052396][ T4778]  should_fail+0xb/0x20
[   59.052466][ T4778]  should_fail_usercopy+0x1a/0x20
[   59.052491][ T4778]  _copy_to_user+0x20/0xa0
[   59.052515][ T4778]  simple_read_from_buffer+0xb5/0x130
[   59.052608][ T4778]  proc_fail_nth_read+0x10e/0x150
[   59.052722][ T4778]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   59.052753][ T4778]  vfs_read+0x1a8/0x770
[   59.052773][ T4778]  ? __rcu_read_unlock+0x4f/0x70
[   59.052795][ T4778]  ? __fget_files+0x184/0x1c0
[   59.052866][ T4778]  ? mutex_lock+0x58/0x90
[   59.052966][ T4778]  ksys_read+0xda/0x1a0
[   59.052985][ T4778]  __x64_sys_read+0x40/0x50
[   59.053061][ T4778]  x64_sys_call+0x2889/0x3000
[   59.053100][ T4778]  do_syscall_64+0xca/0x2b0
[   59.053133][ T4778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.053155][ T4778] RIP: 0033:0x7f16c873e15c
[   59.053169][ T4778] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   59.053187][ T4778] RSP: 002b:00007f16c719f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   59.053243][ T4778] RAX: ffffffffffffffda RBX: 00007f16c8995fa0 RCX: 00007f16c873e15c
[   59.053255][ T4778] RDX: 000000000000000f RSI: 00007f16c719f0a0 RDI: 0000000000000003
[   59.053267][ T4778] RBP: 00007f16c719f090 R08: 0000000000000000 R09: 0000000000000000
[   59.053279][ T4778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.053290][ T4778] R13: 00007f16c8996038 R14: 00007f16c8995fa0 R15: 00007ffecd436b68
[   59.053368][ T4778]  </TASK>
[   59.474052][   T29] kauditd_printk_skb: 619 callbacks suppressed
[   59.474071][   T29] audit: type=1326 audit(1767463411.317:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4797 comm="syz.2.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89977df749 code=0x7ffc0000
[   59.482550][ T4798] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   59.542690][   T29] audit: type=1326 audit(1767463411.317:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4797 comm="syz.2.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f89977df749 code=0x7ffc0000
[   59.566164][   T29] audit: type=1326 audit(1767463411.317:1703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4797 comm="syz.2.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f89977df783 code=0x7ffc0000
[   59.589475][   T29] audit: type=1326 audit(1767463411.317:1704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4797 comm="syz.2.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f89977de1ff code=0x7ffc0000
[   59.612713][   T29] audit: type=1326 audit(1767463411.317:1705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4797 comm="syz.2.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f89977df7d7 code=0x7ffc0000
[   59.636099][   T29] audit: type=1326 audit(1767463411.317:1706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4797 comm="syz.2.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f89977ddf90 code=0x7ffc0000
[   59.659526][   T29] audit: type=1326 audit(1767463411.317:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4797 comm="syz.2.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f89977df34b code=0x7ffc0000
[   59.682851][   T29] audit: type=1326 audit(1767463411.317:1708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4797 comm="syz.2.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f89977de3aa code=0x7ffc0000
[   59.706360][   T29] audit: type=1326 audit(1767463411.317:1709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4797 comm="syz.2.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f89977de3aa code=0x7ffc0000
[   59.729639][   T29] audit: type=1326 audit(1767463411.317:1710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4797 comm="syz.2.450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f89977dde97 code=0x7ffc0000
[   59.756607][ T4798] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.450: inode has both inline data and extents flags
[   59.788174][ T4798] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.450: couldn't read orphan inode 15 (err -117)
[   59.853387][ T4810] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.456: error while reading EA inode 32 err=-116
[   59.867550][ T4810] EXT4-fs (loop3): Remounting filesystem read-only
[   59.874618][ T4810] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   59.885778][ T4810] EXT4-fs (loop3): 1 orphan inode deleted
[   59.928653][ T4819] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   59.948652][ T4316] ==================================================================
[   59.956792][ T4316] BUG: KCSAN: data-race in dont_mount / lookup_fast
[   59.963417][ T4316] 
[   59.965770][ T4316] read-write to 0xffff88811b5d0900 of 4 bytes by task 3760 on cpu 0:
[   59.973853][ T4316]  dont_mount+0x2a/0x40
[   59.978039][ T4316]  vfs_rename+0xa05/0xad0
[   59.982398][ T4316]  do_renameat2+0x383/0x810
[   59.986949][ T4316]  __x64_sys_rename+0x58/0x70
[   59.991633][ T4316]  x64_sys_call+0x24e/0x3000
[   59.996254][ T4316]  do_syscall_64+0xca/0x2b0
[   60.000795][ T4316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.006711][ T4316] 
[   60.009046][ T4316] read to 0xffff88811b5d0900 of 4 bytes by task 4316 on cpu 1:
[   60.016604][ T4316]  lookup_fast+0xf0/0x320
[   60.020956][ T4316]  path_lookupat+0x15c/0x500
[   60.025574][ T4316]  filename_lookup+0x147/0x340
[   60.030361][ T4316]  user_path_at+0x3e/0x130
[   60.034815][ T4316]  do_utimes+0xd9/0x210
[   60.038994][ T4316]  __x64_sys_utimensat+0xc4/0x170
[   60.044064][ T4316]  x64_sys_call+0x278c/0x3000
[   60.048761][ T4316]  do_syscall_64+0xca/0x2b0
[   60.053294][ T4316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.059215][ T4316] 
[   60.061544][ T4316] value changed: 0x00300080 -> 0x00000180
[   60.067265][ T4316] 
[   60.069610][ T4316] Reported by Kernel Concurrency Sanitizer on:
[   60.075768][ T4316] CPU: 1 UID: 0 PID: 4316 Comm: udevd Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   60.086635][ T4316] Tainted: [W]=WARN
[   60.090461][ T4316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   60.100530][ T4316] ==================================================================
[   60.129671][ T4819] EXT4-fs (loop0): 1 truncate cleaned up
[   60.137123][ T4819] netlink: 'syz.0.458': attribute type 3 has an invalid length.